admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-08-23 20:00:43 +00:00
parent 40e79f254f
commit d2e62c5444
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
10 changed files with 460 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
2020/35xxx/CVE-2020-35511.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-35511",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "pngcheck",
"version": {
"version_data": [
{
"version_value": "pngcheck-2.4.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-126"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://www.libpng.org/pub/png/apps/pngcheck.html",
"url": "http://www.libpng.org/pub/png/apps/pngcheck.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A global buffer overflow was discovered in pngcheck function in pngcheck-2.4.0(5 patches applied) via a crafted png file."
}
]
}

4
2020/35xxx/CVE-2020-35515.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2020-35515",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

4
2020/35xxx/CVE-2020-35516.json
View File

@ -5,13 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2020-35516",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
]
}

65
2021/3xxx/CVE-2021-3917.json
View File

@ -4,14 +4,73 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3917",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "coreos-installer",
"version": {
"version_data": [
{
"version_value": "Fixed in coreos-installer 0.10.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-276 - Incorrect Default Permissions"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/coreos/fedora-coreos-tracker/issues/889",
"url": "https://github.com/coreos/fedora-coreos-tracker/issues/889"
},
{
"refsource": "MISC",
"name": "https://github.com/coreos/coreos-installer/commit/2a36405339c87b16ed6c76e91ad5b76638fbdb0c",
"url": "https://github.com/coreos/coreos-installer/commit/2a36405339c87b16ed6c76e91ad5b76638fbdb0c"
},
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2018478",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2018478"
},
{
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3917",
"url": "https://access.redhat.com/security/cve/CVE-2021-3917"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in the coreos-installer, where it writes the Ignition config to the target system with world-readable access permissions. This flaw allows a local attacker to have read access to potentially sensitive data. The highest threat from this vulnerability is to confidentiality."
}
]
}

65
2021/3xxx/CVE-2021-3975.json
View File

@ -4,14 +4,73 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3975",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "libvirt",
"version": {
"version_data": [
{
"version_value": "Fixed in libvirt v7.1.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416 - Use After Free"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2024326",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024326"
},
{
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3975",
"url": "https://access.redhat.com/security/cve/CVE-2021-3975"
},
{
"refsource": "MISC",
"name": "https://ubuntu.com/security/CVE-2021-3975",
"url": "https://ubuntu.com/security/CVE-2021-3975"
},
{
"refsource": "MISC",
"name": "https://github.com/libvirt/libvirt/commit/1ac703a7d0789e46833f4013a3876c2e3af18ec7",
"url": "https://github.com/libvirt/libvirt/commit/1ac703a7d0789e46833f4013a3876c2e3af18ec7"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash."
}
]
}

65
2021/3xxx/CVE-2021-3995.json
View File

@ -4,14 +4,73 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3995",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "util-linux",
"version": {
"version_data": [
{
"version_value": "Fixed in util-linux v2.37.3"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-552 - Files or Directories Accessible to External Parties"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes",
"url": "https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes"
},
{
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2022/01/24/2",
"url": "https://www.openwall.com/lists/oss-security/2022/01/24/2"
},
{
"refsource": "MISC",
"name": "https://github.com/util-linux/util-linux/commit/57202f5713afa2af20ffbb6ab5331481d0396f8d",
"url": "https://github.com/util-linux/util-linux/commit/57202f5713afa2af20ffbb6ab5331481d0396f8d"
},
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2024631https://access.redhat.com/security/cve/CVE-2021-3995",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024631https://access.redhat.com/security/cve/CVE-2021-3995"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows an unprivileged local attacker to unmount FUSE filesystems that belong to certain other users who have a UID that is a prefix of the UID of the attacker in its string form. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems."
}
]
}

70
2021/3xxx/CVE-2021-3996.json
View File

@ -4,14 +4,78 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3996",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "util-linux",
"version": {
"version_data": [
{
"version_value": "Fixed in util-linux v2.37.3"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-552 - Files or Directories Accessible to External Parties"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes",
"url": "https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes"
},
{
"refsource": "MISC",
"name": "https://github.com/util-linux/util-linux/commit/166e87368ae88bf31112a30e078cceae637f4cdb",
"url": "https://github.com/util-linux/util-linux/commit/166e87368ae88bf31112a30e078cceae637f4cdb"
},
{
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2022/01/24/2",
"url": "https://www.openwall.com/lists/oss-security/2022/01/24/2"
},
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2024628",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024628"
},
{
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3996",
"url": "https://access.redhat.com/security/cve/CVE-2021-3996"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows a local user on a vulnerable system to unmount other users' filesystems that are either world-writable themselves (like /tmp) or mounted in a world-writable directory. An attacker may use this flaw to cause a denial of service to applications that use the affected filesystems."
}
]
}

65
2021/3xxx/CVE-2021-3997.json
View File

@ -4,14 +4,73 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-3997",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "systemd",
"version": {
"version_data": [
{
"version_value": "Fixed in v251-rc1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-674 - Uncontrolled Recursion"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2024639",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024639"
},
{
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2022/01/10/2",
"url": "https://www.openwall.com/lists/oss-security/2022/01/10/2"
},
{
"refsource": "MISC",
"name": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1",
"url": "https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1"
},
{
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2021-3997",
"url": "https://access.redhat.com/security/cve/CVE-2021-3997"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in systemd. An uncontrolled recursion in systemd-tmpfiles may lead to a denial of service at boot time when too many nested directories are created in /tmp."
}
]
}

50
2022/2xxx/CVE-2022-2938.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-2938",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "kernel 5.17"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-416"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a06247c6804f1a7c86a2e5398a4c1f1db1471848",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a06247c6804f1a7c86a2e5398a4c1f1db1471848"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could allow an attacker to crash the system or have other memory-corruption side effects."
}
]
}

50
2022/31xxx/CVE-2022-31676.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-31676",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@vmware.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "VMware Tools",
"version": {
"version_data": [
{
"version_value": "VMware Tools (12.0.0, 11.x.y and 10.x.y)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Local privilege escalation vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.vmware.com/security/advisories/VMSA-2022-0024.html",
"url": "https://www.vmware.com/security/advisories/VMSA-2022-0024.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine."
}
]
}