"-Synchronized-Data."

2025-08-04 08:44:25 +00:00 · 2021-04-23 00:00:58 +00:00 · 2021-04-23 00:00:58 +00:00 · d3aea0b810
commit d3aea0b810
parent d0b19647a8
11 changed files with 205 additions and 0 deletions
--- a/2020/12xxx/CVE-2020-12695.json
+++ b/2020/12xxx/CVE-2020-12695.json
@ -131,6 +131,11 @@
                "refsource": "MLIST",
                "name": "[debian-lts-announce] 20201210 [SECURITY] [DLA 2489-1] minidlna security update",
                "url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00017.html"
+            },
+            {
+                "refsource": "DEBIAN",
+                "name": "DSA-4898",
+                "url": "https://www.debian.org/security/2021/dsa-4898"
            }
        ]
    }
--- a/2020/17xxx/CVE-2020-17521.json
+++ b/2020/17xxx/CVE-2020-17521.json
@ -72,6 +72,16 @@
                "refsource": "CONFIRM",
                "name": "https://security.netapp.com/advisory/ntap-20201218-0006/",
                "url": "https://security.netapp.com/advisory/ntap-20201218-0006/"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[atlas-dev] 20210422 [jira] [Created] (ATLAS-4257) Atlas - Upgrade groovy to 2.4.21+, 2.5.14+, 3.0.7+, or 4.0.0-alpha-2+ due to CVE-2020-17521",
+                "url": "https://lists.apache.org/thread.html/rea63a4666ba245d2892471307772a2d8ce0f0741f341d6576625c1b3@%3Cdev.atlas.apache.org%3E"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[atlas-dev] 20210422 [jira] [Updated] (ATLAS-4257) Atlas - Upgrade groovy to 2.4.21+, 2.5.14+, 3.0.7+, or 4.0.0-alpha-2+ due to CVE-2020-17521",
+                "url": "https://lists.apache.org/thread.html/r4b2f13c302eec98838ff7475253091fb9b75bc1038016ba00ebf6c08@%3Cdev.atlas.apache.org%3E"
            }
        ]
    },
--- a/2021/0xxx/CVE-2021-0326.json
+++ b/2021/0xxx/CVE-2021-0326.json
@ -63,6 +63,11 @@
                "refsource": "FEDORA",
                "name": "FEDORA-2021-defe51d282",
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VOSA6DZUDLVOCYJNNXD6V3MRBVLCXZFH/"
+            },
+            {
+                "refsource": "DEBIAN",
+                "name": "DSA-4898",
+                "url": "https://www.debian.org/security/2021/dsa-4898"
            }
        ]
    },
--- a/2021/27xxx/CVE-2021-27803.json
+++ b/2021/27xxx/CVE-2021-27803.json
@ -91,6 +91,11 @@
                "refsource": "FEDORA",
                "name": "FEDORA-2021-9b00febe54",
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEHS2CFGH3KCSNPHBHNGN5SGV6QPMLZ4/"
+            },
+            {
+                "refsource": "DEBIAN",
+                "name": "DSA-4898",
+                "url": "https://www.debian.org/security/2021/dsa-4898"
            }
        ]
    }
--- a/2021/31xxx/CVE-2021-31591.json
+++ b/2021/31xxx/CVE-2021-31591.json
@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2021-31591",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}
--- a/2021/31xxx/CVE-2021-31592.json
+++ b/2021/31xxx/CVE-2021-31592.json
@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2021-31592",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}
--- a/2021/31xxx/CVE-2021-31593.json
+++ b/2021/31xxx/CVE-2021-31593.json
@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2021-31593",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}
--- a/2021/31xxx/CVE-2021-31594.json
+++ b/2021/31xxx/CVE-2021-31594.json
@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2021-31594",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}
--- a/2021/31xxx/CVE-2021-31595.json
+++ b/2021/31xxx/CVE-2021-31595.json
@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2021-31595",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}
--- a/2021/31xxx/CVE-2021-31596.json
+++ b/2021/31xxx/CVE-2021-31596.json
@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2021-31596",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}
--- a/2021/31xxx/CVE-2021-31597.json
+++ b/2021/31xxx/CVE-2021-31597.json
@ -0,0 +1,72 @@
+{
+    "CVE_data_meta": {
+        "ASSIGNER": "cve@mitre.org",
+        "ID": "CVE-2021-31597",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "The xmlhttprequest-ssl package before 1.6.1 for Node.js disables SSL certificate validation by default, because rejectUnauthorized (when the property exists but is undefined) is considered to be false within the https.request function of Node.js. In other words, no certificate is ever rejected."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://people.kingsds.network/wesgarland/xmlhttprequest-ssl-vuln.txt",
+                "refsource": "MISC",
+                "name": "https://people.kingsds.network/wesgarland/xmlhttprequest-ssl-vuln.txt"
+            },
+            {
+                "url": "https://github.com/mjwwit/node-XMLHttpRequest/compare/v1.6.0...1.6.1",
+                "refsource": "MISC",
+                "name": "https://github.com/mjwwit/node-XMLHttpRequest/compare/v1.6.0...1.6.1"
+            },
+            {
+                "url": "https://github.com/mjwwit/node-XMLHttpRequest/commit/bf53329b61ca6afc5d28f6b8d2dc2e3ca740a9b2",
+                "refsource": "MISC",
+                "name": "https://github.com/mjwwit/node-XMLHttpRequest/commit/bf53329b61ca6afc5d28f6b8d2dc2e3ca740a9b2"
+            }
+        ]
+    }
+}