"-Synchronized-Data."

2025-05-08 11:37:04 +00:00 · 2022-02-07 19:01:18 +00:00 · 2022-02-07 19:01:18 +00:00 · cf7fb37903
commit cf7fb37903
parent 2304148ee7
5 changed files with 46 additions and 8 deletions
--- a/2021/33xxx/CVE-2021-33430.json
+++ b/2021/33xxx/CVE-2021-33430.json
@ -34,7 +34,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "A Buffer Overflow vulnerability exists in NumPy 1.9.x in the PyArray_NewFromDescr_int function of ctors.c when specifying arrays of large dimensions (over 32) from Python code, which could let a malicious user cause a Denial of Service."
+                "value": "** DISPUTED ** A Buffer Overflow vulnerability exists in NumPy 1.9.x in the PyArray_NewFromDescr_int function of ctors.c when specifying arrays of large dimensions (over 32) from Python code, which could let a malicious user cause a Denial of Service. NOTE: The vendor does not agree this is a vulneraility; In (very limited) circumstances a user may be able provoke the buffer overflow, the user is most likely already privileged to at least provoke denial of service by exhausting memory. Triggering this further requires the use of uncommon API (complicated structured dtypes), which is very unlikely to be available to an unprivileged user."
            }
        ]
    },
--- a/2021/41xxx/CVE-2021-41496.json
+++ b/2021/41xxx/CVE-2021-41496.json
@ -34,7 +34,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "Buffer overflow in the array_from_pyobj function of fortranobject.c in NumPy < 1.19, which allows attackers to conduct a Denial of Service attacks by carefully constructing an array with negative values."
+                "value": "** DISPUTED ** Buffer overflow in the array_from_pyobj function of fortranobject.c in NumPy < 1.19, which allows attackers to conduct a Denial of Service attacks by carefully constructing an array with negative values. NOTE: The vendor does not agree this is a vulnerability; the negative dimensions can only be created by an already privileged user (or internally)."
            }
        ]
    },
--- a/2022/0xxx/CVE-2022-0514.json
+++ b/2022/0xxx/CVE-2022-0514.json
@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2022-0514",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}
--- a/2022/0xxx/CVE-2022-0515.json
+++ b/2022/0xxx/CVE-2022-0515.json
@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2022-0515",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}
--- a/2022/22xxx/CVE-2022-22931.json
+++ b/2022/22xxx/CVE-2022-22931.json
@ -33,7 +33,7 @@
    "credit": [
        {
            "lang": "eng",
-            "value": "These issues were discovered and reported by GHSL team member Jaroslav Lobačevski"
+            "value": "These issues were discovered and reported by GHSL team member Jaroslav Loba\u010devski"
        }
    ],
    "data_format": "MITRE",
@ -43,7 +43,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "Fix of CVE-2021-40525 do not prepend delimiters upon valid directory validations.\n\nAffected implementations include:\n - maildir mailbox store\n - Sieve file repository\n\nThis enables a user to access other users data stores (limited to user names being prefixed by the value of the username being used)."
+                "value": "Fix of CVE-2021-40525 do not prepend delimiters upon valid directory validations. Affected implementations include: - maildir mailbox store - Sieve file repository This enables a user to access other users data stores (limited to user names being prefixed by the value of the username being used)."
            }
        ]
    },
@ -70,12 +70,14 @@
    "references": {
        "reference_data": [
            {
-                "refsource": "CONFIRM",
-                "url": "https://lists.apache.org/thread/bp8yql4wws56jlh0vxoowj7foothsmpr"
+                "refsource": "MISC",
+                "url": "https://lists.apache.org/thread/bp8yql4wws56jlh0vxoowj7foothsmpr",
+                "name": "https://lists.apache.org/thread/bp8yql4wws56jlh0vxoowj7foothsmpr"
            },
            {
-                "refsource": "CONFIRM",
-                "url": "https://www.openwall.com/lists/oss-security/2022/02/07/1"
+                "refsource": "MISC",
+                "url": "https://www.openwall.com/lists/oss-security/2022/02/07/1",
+                "name": "https://www.openwall.com/lists/oss-security/2022/02/07/1"
            }
        ]
    },