diff --git a/2020/27xxx/CVE-2020-27216.json b/2020/27xxx/CVE-2020-27216.json index 1c053e291b5..1e726080086 100644 --- a/2020/27xxx/CVE-2020-27216.json +++ b/2020/27xxx/CVE-2020-27216.json @@ -75,7 +75,12 @@ "name": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-g3wg-6mcf-8jj6#advisory-comment-63053", "refsource": "CONFIRM", "url": "https://github.com/eclipse/jetty.project/security/advisories/GHSA-g3wg-6mcf-8jj6#advisory-comment-63053" + }, + { + "refsource": "MLIST", + "name": "[shiro-commits] 20201104 [GitHub] [shiro] coheigea opened a new pull request #262: Update Jetty to 9.4.33.v20201020 to fix CVE-2020-27216", + "url": "https://lists.apache.org/thread.html/re08b03cd1754b32f342664eead415af48092c630c8e3e0deba862a26@%3Ccommits.shiro.apache.org%3E" } ] } -} +} \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27981.json b/2020/27xxx/CVE-2020-27981.json index 1fbab816b07..c144a36f346 100644 --- a/2020/27xxx/CVE-2020-27981.json +++ b/2020/27xxx/CVE-2020-27981.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-27981", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-27981", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "An XSS vulnerability in the auto-complete function of the description field (for new or edited transactions) in Firefly III before 5.4.5 allows the user to execute JavaScript via suggested transaction titles. NOTE: this is exploitable only in a non-default configuration where Content Security Policy headers are disabled." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/firefly-iii/firefly-iii/issues/3990", - "refsource": "MISC", - "name": "https://github.com/firefly-iii/firefly-iii/issues/3990" - }, - { - "url": "https://github.com/firefly-iii/firefly-iii/compare/5.4.4...5.4.5", - "refsource": "MISC", - "name": "https://github.com/firefly-iii/firefly-iii/compare/5.4.4...5.4.5" + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." } ] } diff --git a/2020/2xxx/CVE-2020-2299.json b/2020/2xxx/CVE-2020-2299.json index 4c8aaaff890..f3638594035 100644 --- a/2020/2xxx/CVE-2020-2299.json +++ b/2020/2xxx/CVE-2020-2299.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2020-2299", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2020/2xxx/CVE-2020-2300.json b/2020/2xxx/CVE-2020-2300.json index ade52a18d12..44b0c4974fe 100644 --- a/2020/2xxx/CVE-2020-2300.json +++ b/2020/2xxx/CVE-2020-2300.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2020-2300", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2020/2xxx/CVE-2020-2301.json b/2020/2xxx/CVE-2020-2301.json index 0174b067c37..b9905e9d2fc 100644 --- a/2020/2xxx/CVE-2020-2301.json +++ b/2020/2xxx/CVE-2020-2301.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2020-2301", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2020/2xxx/CVE-2020-2302.json b/2020/2xxx/CVE-2020-2302.json index f419ac839f3..b52b9648f47 100644 --- a/2020/2xxx/CVE-2020-2302.json +++ b/2020/2xxx/CVE-2020-2302.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2020-2302", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2020/2xxx/CVE-2020-2303.json b/2020/2xxx/CVE-2020-2303.json index 1032781e106..4d9b8a9f61c 100644 --- a/2020/2xxx/CVE-2020-2303.json +++ b/2020/2xxx/CVE-2020-2303.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2020-2303", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2020/2xxx/CVE-2020-2304.json b/2020/2xxx/CVE-2020-2304.json index 9faa987257e..e5afcf85434 100644 --- a/2020/2xxx/CVE-2020-2304.json +++ b/2020/2xxx/CVE-2020-2304.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2020-2304", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2020/2xxx/CVE-2020-2305.json b/2020/2xxx/CVE-2020-2305.json index 452ad6713af..a0b6145f322 100644 --- a/2020/2xxx/CVE-2020-2305.json +++ b/2020/2xxx/CVE-2020-2305.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2020-2305", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2020/2xxx/CVE-2020-2306.json b/2020/2xxx/CVE-2020-2306.json index 9ddadd06d24..712ad3a929f 100644 --- a/2020/2xxx/CVE-2020-2306.json +++ b/2020/2xxx/CVE-2020-2306.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2020-2306", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2020/2xxx/CVE-2020-2307.json b/2020/2xxx/CVE-2020-2307.json index 2e1e6c5064f..faf2771a3c9 100644 --- a/2020/2xxx/CVE-2020-2307.json +++ b/2020/2xxx/CVE-2020-2307.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2020-2307", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2020/2xxx/CVE-2020-2308.json b/2020/2xxx/CVE-2020-2308.json index e86fab4c2fa..83ac9cc25cb 100644 --- a/2020/2xxx/CVE-2020-2308.json +++ b/2020/2xxx/CVE-2020-2308.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2020-2308", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2020/2xxx/CVE-2020-2309.json b/2020/2xxx/CVE-2020-2309.json index a50912d2b45..77de74b16b8 100644 --- a/2020/2xxx/CVE-2020-2309.json +++ b/2020/2xxx/CVE-2020-2309.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2020-2309", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2020/2xxx/CVE-2020-2310.json b/2020/2xxx/CVE-2020-2310.json index 80a4ede150f..7ab61b7305e 100644 --- a/2020/2xxx/CVE-2020-2310.json +++ b/2020/2xxx/CVE-2020-2310.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2020-2310", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2020/2xxx/CVE-2020-2311.json b/2020/2xxx/CVE-2020-2311.json index a563bcad778..e1a5477e668 100644 --- a/2020/2xxx/CVE-2020-2311.json +++ b/2020/2xxx/CVE-2020-2311.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2020-2311", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2020/2xxx/CVE-2020-2312.json b/2020/2xxx/CVE-2020-2312.json index 7547644b3ff..61e0bdb6ceb 100644 --- a/2020/2xxx/CVE-2020-2312.json +++ b/2020/2xxx/CVE-2020-2312.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2020-2312", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2020/2xxx/CVE-2020-2313.json b/2020/2xxx/CVE-2020-2313.json index 43220d0c83a..e7840bd2fe3 100644 --- a/2020/2xxx/CVE-2020-2313.json +++ b/2020/2xxx/CVE-2020-2313.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2020-2313", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2020/2xxx/CVE-2020-2314.json b/2020/2xxx/CVE-2020-2314.json index b852c0e79f8..a03b305d30c 100644 --- a/2020/2xxx/CVE-2020-2314.json +++ b/2020/2xxx/CVE-2020-2314.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2020-2314", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2020/2xxx/CVE-2020-2315.json b/2020/2xxx/CVE-2020-2315.json index 00b568e3f42..3280d1cd6fc 100644 --- a/2020/2xxx/CVE-2020-2315.json +++ b/2020/2xxx/CVE-2020-2315.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2020-2315", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2020/2xxx/CVE-2020-2316.json b/2020/2xxx/CVE-2020-2316.json index a027ddb9c31..3b58562df33 100644 --- a/2020/2xxx/CVE-2020-2316.json +++ b/2020/2xxx/CVE-2020-2316.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2020-2316", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2020/2xxx/CVE-2020-2317.json b/2020/2xxx/CVE-2020-2317.json index 18e7800a47d..03fc96038df 100644 --- a/2020/2xxx/CVE-2020-2317.json +++ b/2020/2xxx/CVE-2020-2317.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2020-2317", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2020/2xxx/CVE-2020-2318.json b/2020/2xxx/CVE-2020-2318.json index e5162ac0ba6..9b6e42abb3e 100644 --- a/2020/2xxx/CVE-2020-2318.json +++ b/2020/2xxx/CVE-2020-2318.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2020-2318", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2020/2xxx/CVE-2020-2319.json b/2020/2xxx/CVE-2020-2319.json index 51654af502a..0d87f1c3704 100644 --- a/2020/2xxx/CVE-2020-2319.json +++ b/2020/2xxx/CVE-2020-2319.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2020-2319", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": {