diff --git a/2018/18xxx/CVE-2018-18623.json b/2018/18xxx/CVE-2018-18623.json index 59f314eb5b6..6e704e1c5f4 100644 --- a/2018/18xxx/CVE-2018-18623.json +++ b/2018/18xxx/CVE-2018-18623.json @@ -61,6 +61,16 @@ "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20200608-0008/", "url": "https://security.netapp.com/advisory/ntap-20200608-0008/" + }, + { + "refsource": "MISC", + "name": "https://github.com/grafana/grafana/issues/15293", + "url": "https://github.com/grafana/grafana/issues/15293" + }, + { + "refsource": "MISC", + "name": "https://github.com/grafana/grafana/releases/tag/v6.0.0", + "url": "https://github.com/grafana/grafana/releases/tag/v6.0.0" } ] } diff --git a/2019/10xxx/CVE-2019-10627.json b/2019/10xxx/CVE-2019-10627.json index 248eb7cf489..7efe7609e6b 100644 --- a/2019/10xxx/CVE-2019-10627.json +++ b/2019/10xxx/CVE-2019-10627.json @@ -1,62 +1,67 @@ { - "CVE_data_meta": { - "ASSIGNER": "product-security@qualcomm.com", - "ID": "CVE-2019-10627", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "PostScript and PDF printers that use IPS versions prior to 2019.2", - "version": { - "version_data": [ - { - "version_value": "PostScript and PDF printers that use IPS versions prior to 2019.2" - } - ] - } - } - ] - }, - "vendor_name": "Qualcomm, Inc." - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. in PostScript and PDF printers that use IPS versions prior to 2019.2 in PostScript and PDF printers that use IPS versions prior to 2019.2" - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Buffer overflow vulnerability in the PostScript- and PDF-compatible interpreters" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "ID": "CVE-2019-10627", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "PostScript and PDF printers that use IPS versions prior to 2019.2", + "version": { + "version_data": [ + { + "version_value": "PostScript and PDF printers that use IPS versions prior to 2019.2" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin", - "refsource": "CONFIRM", - "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin" - } - ] - } + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow to buffer overflow vulnerability in PostScript image handling code used by the PostScript- and PDF-compatible interpreters due to incorrect buffer size calculation. in PostScript and PDF printers that use IPS versions prior to 2019.2 in PostScript and PDF printers that use IPS versions prior to 2019.2" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Buffer overflow vulnerability in the PostScript- and PDF-compatible interpreters" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hp.com/us-en/document/c06458150", + "url": "https://support.hp.com/us-en/document/c06458150" + }, + { + "name": "https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin", + "refsource": "CONFIRM", + "url": "https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin" + } + ] + } } \ No newline at end of file diff --git a/2021/4xxx/CVE-2021-4224.json b/2021/4xxx/CVE-2021-4224.json new file mode 100644 index 00000000000..59b1d62f492 --- /dev/null +++ b/2021/4xxx/CVE-2021-4224.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-4224", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/25xxx/CVE-2022-25374.json b/2022/25xxx/CVE-2022-25374.json index 0a60aaec8d6..9bf34ea3dc0 100644 --- a/2022/25xxx/CVE-2022-25374.json +++ b/2022/25xxx/CVE-2022-25374.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-25374", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-25374", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "HashiCorp Terraform Enterprise before 202202-1 inserts Sensitive Information into a Log File." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://discuss.hashicorp.com", + "refsource": "MISC", + "name": "https://discuss.hashicorp.com" + }, + { + "refsource": "MISC", + "name": "https://discuss.hashicorp.com/t/hcsec-2022-06-terraform-enterprise-may-capture-sensitive-data-in-logs/", + "url": "https://discuss.hashicorp.com/t/hcsec-2022-06-terraform-enterprise-may-capture-sensitive-data-in-logs/" } ] }