diff --git a/2010/1xxx/CVE-2010-1870.json b/2010/1xxx/CVE-2010-1870.json index d9b29a4dac1..a2c0ae2cdcc 100644 --- a/2010/1xxx/CVE-2010-1870.json +++ b/2010/1xxx/CVE-2010-1870.json @@ -106,6 +106,11 @@ "refsource": "FULLDISC", "name": "20201020 LISTSERV Maestro Remote Code Execution Vulnerability", "url": "http://seclists.org/fulldisclosure/2020/Oct/23" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/159643/LISTSERV-Maestro-9.0-8-Remote-Code-Execution.html", + "url": "http://packetstormsecurity.com/files/159643/LISTSERV-Maestro-9.0-8-Remote-Code-Execution.html" } ] } diff --git a/2013/2xxx/CVE-2013-2251.json b/2013/2xxx/CVE-2013-2251.json index 9fa799c8fe7..66d176be253 100644 --- a/2013/2xxx/CVE-2013-2251.json +++ b/2013/2xxx/CVE-2013-2251.json @@ -126,6 +126,11 @@ "name": "[oss-security] 20140114 Re: CVE Request: Apache Archiva Remote Command Execution 0day", "refsource": "MLIST", "url": "http://seclists.org/oss-sec/2014/q1/89" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/159629/Apache-Struts-2-Remote-Code-Execution.html", + "url": "http://packetstormsecurity.com/files/159629/Apache-Struts-2-Remote-Code-Execution.html" } ] } diff --git a/2013/7xxx/CVE-2013-7285.json b/2013/7xxx/CVE-2013-7285.json index 8def3931183..9c83e7e7d97 100644 --- a/2013/7xxx/CVE-2013-7285.json +++ b/2013/7xxx/CVE-2013-7285.json @@ -67,16 +67,6 @@ "name": "[xstream-user] 20130718 Re: Is it possible to unregister the DynamicProxyConverter using the SpringOXM wrapper", "url": "https://www.mail-archive.com/user@xstream.codehaus.org/msg00607.html" }, - { - "refsource": "MISC", - "name": "http://blog.diniscruz.com/2013/12/xstream-remote-code-execution-exploit.html", - "url": "http://blog.diniscruz.com/2013/12/xstream-remote-code-execution-exploit.html" - }, - { - "refsource": "CONFIRM", - "name": "https://x-stream.github.io/CVE-2013-7285.html", - "url": "https://x-stream.github.io/CVE-2013-7285.html" - }, { "refsource": "MLIST", "name": "[activemq-issues] 20190718 [jira] [Updated] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework) and xstream-1.4.10.jar", @@ -88,7 +78,19 @@ "url": "https://lists.apache.org/thread.html/6d3d34adcf3dfc48e36342aa1f18ce3c20bb8e4c458a97508d5bfed1@%3Cissues.activemq.apache.org%3E" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "refsource": "MISC", + "name": "http://blog.diniscruz.com/2013/12/xstream-remote-code-execution-exploit.html", + "url": "http://blog.diniscruz.com/2013/12/xstream-remote-code-execution-exploit.html" + }, + { + "refsource": "CONFIRM", + "name": "https://x-stream.github.io/CVE-2013-7285.html", + "url": "https://x-stream.github.io/CVE-2013-7285.html" + }, + { + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] } diff --git a/2015/1xxx/CVE-2015-1832.json b/2015/1xxx/CVE-2015-1832.json index 7401cc0e5a7..e88afb8abdf 100644 --- a/2015/1xxx/CVE-2015-1832.json +++ b/2015/1xxx/CVE-2015-1832.json @@ -52,41 +52,16 @@ }, "references": { "reference_data": [ - { - "name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", - "refsource": "CONFIRM", - "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" - }, - { - "name": "https://issues.apache.org/jira/browse/DERBY-6807", - "refsource": "CONFIRM", - "url": "https://issues.apache.org/jira/browse/DERBY-6807" - }, - { - "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21990100", - "refsource": "CONFIRM", - "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21990100" - }, { "name": "93132", "refsource": "BID", "url": "http://www.securityfocus.com/bid/93132" }, - { - "name": "https://svn.apache.org/viewvc?view=revision&revision=1691461", - "refsource": "CONFIRM", - "url": "https://svn.apache.org/viewvc?view=revision&revision=1691461" - }, { "refsource": "MLIST", "name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report", "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E" }, - { - "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", - "refsource": "MISC", - "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" - }, { "refsource": "MLIST", "name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities", @@ -113,7 +88,34 @@ "name": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", + "refsource": "CONFIRM", + "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" + }, + { + "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", + "refsource": "MISC", + "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html" + }, + { + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, + { + "name": "https://issues.apache.org/jira/browse/DERBY-6807", + "refsource": "CONFIRM", + "url": "https://issues.apache.org/jira/browse/DERBY-6807" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21990100", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21990100" + }, + { + "name": "https://svn.apache.org/viewvc?view=revision&revision=1691461", + "refsource": "CONFIRM", + "url": "https://svn.apache.org/viewvc?view=revision&revision=1691461" } ] } diff --git a/2017/11xxx/CVE-2017-11317.json b/2017/11xxx/CVE-2017-11317.json index 5556591921f..c518e5055c4 100644 --- a/2017/11xxx/CVE-2017-11317.json +++ b/2017/11xxx/CVE-2017-11317.json @@ -66,6 +66,11 @@ "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0006", "refsource": "CONFIRM", "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0006" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/159653/Telerik-UI-ASP.NET-AJAX-RadAsyncUpload-Deserialization.html", + "url": "http://packetstormsecurity.com/files/159653/Telerik-UI-ASP.NET-AJAX-RadAsyncUpload-Deserialization.html" } ] } diff --git a/2019/10xxx/CVE-2019-10692.json b/2019/10xxx/CVE-2019-10692.json index 186859ea7a7..15499b4a630 100644 --- a/2019/10xxx/CVE-2019-10692.json +++ b/2019/10xxx/CVE-2019-10692.json @@ -66,6 +66,11 @@ "refsource": "MISC", "name": "http://www.rapid7.com/db/modules/auxiliary/admin/http/wp_google_maps_sqli", "url": "http://www.rapid7.com/db/modules/auxiliary/admin/http/wp_google_maps_sqli" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/159640/WordPress-Rest-Google-Maps-SQL-Injection.html", + "url": "http://packetstormsecurity.com/files/159640/WordPress-Rest-Google-Maps-SQL-Injection.html" } ] } diff --git a/2019/18xxx/CVE-2019-18935.json b/2019/18xxx/CVE-2019-18935.json index 36145f63ee8..c34b2dd473d 100644 --- a/2019/18xxx/CVE-2019-18935.json +++ b/2019/18xxx/CVE-2019-18935.json @@ -91,6 +91,11 @@ "refsource": "MISC", "name": "https://www.telerik.com/support/whats-new/aspnet-ajax/release-history/ui-for-asp-net-ajax-r1-2020-(version-2020-1-114)", "url": "https://www.telerik.com/support/whats-new/aspnet-ajax/release-history/ui-for-asp-net-ajax-r1-2020-(version-2020-1-114)" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/159653/Telerik-UI-ASP.NET-AJAX-RadAsyncUpload-Deserialization.html", + "url": "http://packetstormsecurity.com/files/159653/Telerik-UI-ASP.NET-AJAX-RadAsyncUpload-Deserialization.html" } ] } diff --git a/2020/11xxx/CVE-2020-11022.json b/2020/11xxx/CVE-2020-11022.json index 347a64aae2c..65a6b3af253 100644 --- a/2020/11xxx/CVE-2020-11022.json +++ b/2020/11xxx/CVE-2020-11022.json @@ -155,7 +155,9 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SAPQVX3XDNPGFT26QAQ6AJIXZZBZ4CD4/" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/11xxx/CVE-2020-11023.json b/2020/11xxx/CVE-2020-11023.json index 72a6a64c81a..dcca5b04946 100644 --- a/2020/11xxx/CVE-2020-11023.json +++ b/2020/11xxx/CVE-2020-11023.json @@ -235,7 +235,9 @@ "url": "https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/11xxx/CVE-2020-11080.json b/2020/11xxx/CVE-2020-11080.json index 8501b67e146..92de8424f1e 100644 --- a/2020/11xxx/CVE-2020-11080.json +++ b/2020/11xxx/CVE-2020-11080.json @@ -105,7 +105,9 @@ "url": "https://github.com/nghttp2/nghttp2/commit/f8da73bd042f810f34d19f9eae02b46d870af394" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/11xxx/CVE-2020-11111.json b/2020/11xxx/CVE-2020-11111.json index 7ab02118886..563b9b4bba5 100644 --- a/2020/11xxx/CVE-2020-11111.json +++ b/2020/11xxx/CVE-2020-11111.json @@ -78,7 +78,9 @@ "name": "https://github.com/FasterXML/jackson-databind/issues/2664" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] } diff --git a/2020/11xxx/CVE-2020-11112.json b/2020/11xxx/CVE-2020-11112.json index ea4c27eaae9..8a5920c07d7 100644 --- a/2020/11xxx/CVE-2020-11112.json +++ b/2020/11xxx/CVE-2020-11112.json @@ -78,7 +78,9 @@ "name": "https://github.com/FasterXML/jackson-databind/issues/2666" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] } diff --git a/2020/11xxx/CVE-2020-11113.json b/2020/11xxx/CVE-2020-11113.json index f1de36c5902..f0842ce6453 100644 --- a/2020/11xxx/CVE-2020-11113.json +++ b/2020/11xxx/CVE-2020-11113.json @@ -78,7 +78,9 @@ "name": "https://github.com/FasterXML/jackson-databind/issues/2670" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] } diff --git a/2020/11xxx/CVE-2020-11619.json b/2020/11xxx/CVE-2020-11619.json index 05a38101380..5a59a5d67aa 100644 --- a/2020/11xxx/CVE-2020-11619.json +++ b/2020/11xxx/CVE-2020-11619.json @@ -83,7 +83,9 @@ "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] } diff --git a/2020/11xxx/CVE-2020-11620.json b/2020/11xxx/CVE-2020-11620.json index bd294303639..df5ebac65bc 100644 --- a/2020/11xxx/CVE-2020-11620.json +++ b/2020/11xxx/CVE-2020-11620.json @@ -83,7 +83,9 @@ "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] } diff --git a/2020/11xxx/CVE-2020-11655.json b/2020/11xxx/CVE-2020-11655.json index 504224a6bbc..bbe527e4be2 100644 --- a/2020/11xxx/CVE-2020-11655.json +++ b/2020/11xxx/CVE-2020-11655.json @@ -98,7 +98,9 @@ "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] } diff --git a/2020/11xxx/CVE-2020-11656.json b/2020/11xxx/CVE-2020-11656.json index dbcfdbf9902..c37f507997c 100644 --- a/2020/11xxx/CVE-2020-11656.json +++ b/2020/11xxx/CVE-2020-11656.json @@ -83,7 +83,9 @@ "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] } diff --git a/2020/11xxx/CVE-2020-11971.json b/2020/11xxx/CVE-2020-11971.json index 5c7f56d174c..2973d68ea52 100644 --- a/2020/11xxx/CVE-2020-11971.json +++ b/2020/11xxx/CVE-2020-11971.json @@ -44,11 +44,6 @@ }, "references": { "reference_data": [ - { - "refsource": "MISC", - "name": "https://camel.apache.org/security/CVE-2020-11971.html", - "url": "https://camel.apache.org/security/CVE-2020-11971.html" - }, { "refsource": "MLIST", "name": "[oss-security] 20200514 [SECURITY] New security advisory CVE-2020-11971 released for Apache Camel", @@ -85,7 +80,14 @@ "url": "https://lists.apache.org/thread.html/r8988311eb2481fd8a87e69cf17ffb8dc81bfeba5503021537f72db0a@%3Cissues.activemq.apache.org%3E" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, + { + "refsource": "MISC", + "name": "https://camel.apache.org/security/CVE-2020-11971.html", + "url": "https://camel.apache.org/security/CVE-2020-11971.html" } ] }, diff --git a/2020/11xxx/CVE-2020-11972.json b/2020/11xxx/CVE-2020-11972.json index d6b0effc401..a1b0d3d2465 100644 --- a/2020/11xxx/CVE-2020-11972.json +++ b/2020/11xxx/CVE-2020-11972.json @@ -44,11 +44,6 @@ }, "references": { "reference_data": [ - { - "refsource": "MISC", - "name": "https://camel.apache.org/security/CVE-2020-11972.html", - "url": "https://camel.apache.org/security/CVE-2020-11972.html" - }, { "refsource": "MLIST", "name": "[oss-security] 20200514 [SECURITY] New security advisory CVE-2020-11972 released for Apache Camel", @@ -60,7 +55,14 @@ "url": "http://www.openwall.com/lists/oss-security/2020/05/14/10" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, + { + "refsource": "MISC", + "name": "https://camel.apache.org/security/CVE-2020-11972.html", + "url": "https://camel.apache.org/security/CVE-2020-11972.html" } ] }, diff --git a/2020/11xxx/CVE-2020-11973.json b/2020/11xxx/CVE-2020-11973.json index d44fd1b1f7f..7d07b03552e 100644 --- a/2020/11xxx/CVE-2020-11973.json +++ b/2020/11xxx/CVE-2020-11973.json @@ -44,18 +44,20 @@ }, "references": { "reference_data": [ - { - "refsource": "MISC", - "name": "https://camel.apache.org/security/CVE-2020-11973.html", - "url": "https://camel.apache.org/security/CVE-2020-11973.html" - }, { "refsource": "MLIST", "name": "[oss-security] 20200514 [SECURITY] New security advisory CVE-2020-11973 released for Apache Camel", "url": "http://www.openwall.com/lists/oss-security/2020/05/14/9" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, + { + "refsource": "MISC", + "name": "https://camel.apache.org/security/CVE-2020-11973.html", + "url": "https://camel.apache.org/security/CVE-2020-11973.html" } ] }, diff --git a/2020/11xxx/CVE-2020-11984.json b/2020/11xxx/CVE-2020-11984.json index 31bd0385a3c..6b2ddbefc6a 100644 --- a/2020/11xxx/CVE-2020-11984.json +++ b/2020/11xxx/CVE-2020-11984.json @@ -89,11 +89,6 @@ "name": "[httpd-dev] 20200811 Re: Which version fixed the CVE-2020-9490, CVE-2020-11984 and CVE-2020-11993 vulnerabilities?", "url": "https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672@%3Cdev.httpd.apache.org%3E" }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20200814-0005/", - "url": "https://security.netapp.com/advisory/ntap-20200814-0005/" - }, { "refsource": "MLIST", "name": "[oss-security] 20200817 Re: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow", @@ -114,11 +109,6 @@ "name": "openSUSE-SU-2020:1293", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00071.html" }, - { - "refsource": "MISC", - "name": "http://packetstormsecurity.com/files/159009/Apache2-mod_proxy_uwsgi-Incorrect-Request-Handling.html", - "url": "http://packetstormsecurity.com/files/159009/Apache2-mod_proxy_uwsgi-Incorrect-Request-Handling.html" - }, { "refsource": "FEDORA", "name": "FEDORA-2020-189a1e6c3e", @@ -140,7 +130,19 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/A2RN46PRBJE7E7OPD4YZX5SVWV5QKGV5/" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20200814-0005/", + "url": "https://security.netapp.com/advisory/ntap-20200814-0005/" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/159009/Apache2-mod_proxy_uwsgi-Incorrect-Request-Handling.html", + "url": "http://packetstormsecurity.com/files/159009/Apache2-mod_proxy_uwsgi-Incorrect-Request-Handling.html" } ] }, diff --git a/2020/11xxx/CVE-2020-11993.json b/2020/11xxx/CVE-2020-11993.json index b884546989b..34b623a6f7f 100644 --- a/2020/11xxx/CVE-2020-11993.json +++ b/2020/11xxx/CVE-2020-11993.json @@ -69,11 +69,6 @@ "name": "[httpd-dev] 20200811 Re: Which version fixed the CVE-2020-9490, CVE-2020-11984 and CVE-2020-11993 vulnerabilities?", "url": "https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672@%3Cdev.httpd.apache.org%3E" }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20200814-0005/", - "url": "https://security.netapp.com/advisory/ntap-20200814-0005/" - }, { "refsource": "UBUNTU", "name": "USN-4458-1", @@ -105,7 +100,14 @@ "url": "https://www.debian.org/security/2020/dsa-4757" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20200814-0005/", + "url": "https://security.netapp.com/advisory/ntap-20200814-0005/" } ] }, diff --git a/2020/11xxx/CVE-2020-11996.json b/2020/11xxx/CVE-2020-11996.json index eaa293c0d76..1fe9f851adb 100644 --- a/2020/11xxx/CVE-2020-11996.json +++ b/2020/11xxx/CVE-2020-11996.json @@ -120,11 +120,6 @@ "name": "[ofbiz-notifications] 20200703 [jira] [Commented] (OFBIZ-11848) Upgrade Tomcat from 9.0.34 to 9.0.36 (CVE-2020-11996)", "url": "https://lists.apache.org/thread.html/r3ea96d8f36dd404acce83df8aeb22a9e807d6c13ca9c5dec72f872cd@%3Cnotifications.ofbiz.apache.org%3E" }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20200709-0002/", - "url": "https://security.netapp.com/advisory/ntap-20200709-0002/" - }, { "refsource": "MLIST", "name": "[debian-lts-announce] 20200712 [SECURITY] [DLA 2279-1] tomcat8 security update", @@ -151,7 +146,14 @@ "url": "https://lists.apache.org/thread.html/r2529016c311ce9485e6f173446d469600fdfbb94dccadfcd9dfdac79@%3Cusers.tomcat.apache.org%3E" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20200709-0002/", + "url": "https://security.netapp.com/advisory/ntap-20200709-0002/" } ] }, diff --git a/2020/12xxx/CVE-2020-12243.json b/2020/12xxx/CVE-2020-12243.json index f4ecbd02fdf..6afc22f0116 100644 --- a/2020/12xxx/CVE-2020-12243.json +++ b/2020/12xxx/CVE-2020-12243.json @@ -52,21 +52,6 @@ }, "references": { "reference_data": [ - { - "url": "https://bugs.openldap.org/show_bug.cgi?id=9202", - "refsource": "MISC", - "name": "https://bugs.openldap.org/show_bug.cgi?id=9202" - }, - { - "refsource": "CONFIRM", - "name": "https://git.openldap.org/openldap/openldap/-/blob/OPENLDAP_REL_ENG_2_4/CHANGES", - "url": "https://git.openldap.org/openldap/openldap/-/blob/OPENLDAP_REL_ENG_2_4/CHANGES" - }, - { - "refsource": "CONFIRM", - "name": "https://git.openldap.org/openldap/openldap/-/commit/98464c11df8247d6a11b52e294ba5dd4f0380440", - "url": "https://git.openldap.org/openldap/openldap/-/commit/98464c11df8247d6a11b52e294ba5dd4f0380440" - }, { "refsource": "DEBIAN", "name": "DSA-4666", @@ -82,11 +67,6 @@ "name": "USN-4352-2", "url": "https://usn.ubuntu.com/4352-2/" }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20200511-0003/", - "url": "https://security.netapp.com/advisory/ntap-20200511-0003/" - }, { "refsource": "SUSE", "name": "openSUSE-SU-2020:0647", @@ -97,13 +77,35 @@ "name": "USN-4352-1", "url": "https://usn.ubuntu.com/4352-1/" }, + { + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, + { + "url": "https://bugs.openldap.org/show_bug.cgi?id=9202", + "refsource": "MISC", + "name": "https://bugs.openldap.org/show_bug.cgi?id=9202" + }, + { + "refsource": "CONFIRM", + "name": "https://git.openldap.org/openldap/openldap/-/blob/OPENLDAP_REL_ENG_2_4/CHANGES", + "url": "https://git.openldap.org/openldap/openldap/-/blob/OPENLDAP_REL_ENG_2_4/CHANGES" + }, + { + "refsource": "CONFIRM", + "name": "https://git.openldap.org/openldap/openldap/-/commit/98464c11df8247d6a11b52e294ba5dd4f0380440", + "url": "https://git.openldap.org/openldap/openldap/-/commit/98464c11df8247d6a11b52e294ba5dd4f0380440" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20200511-0003/", + "url": "https://security.netapp.com/advisory/ntap-20200511-0003/" + }, { "refsource": "CONFIRM", "name": "https://support.apple.com/kb/HT211289", "url": "https://support.apple.com/kb/HT211289" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] } diff --git a/2020/12xxx/CVE-2020-12723.json b/2020/12xxx/CVE-2020-12723.json index 96dd9a1d76c..69b441a7ae8 100644 --- a/2020/12xxx/CVE-2020-12723.json +++ b/2020/12xxx/CVE-2020-12723.json @@ -52,36 +52,6 @@ }, "references": { "reference_data": [ - { - "url": "https://github.com/Perl/perl5/issues/16947", - "refsource": "MISC", - "name": "https://github.com/Perl/perl5/issues/16947" - }, - { - "url": "https://github.com/Perl/perl5/issues/17743", - "refsource": "MISC", - "name": "https://github.com/Perl/perl5/issues/17743" - }, - { - "refsource": "CONFIRM", - "name": "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3", - "url": "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3" - }, - { - "refsource": "CONFIRM", - "name": "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod", - "url": "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod" - }, - { - "refsource": "CONFIRM", - "name": "https://github.com/perl/perl5/commit/66bbb51b93253a3f87d11c2695cfb7bdb782184a", - "url": "https://github.com/perl/perl5/commit/66bbb51b93253a3f87d11c2695cfb7bdb782184a" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20200611-0001/", - "url": "https://security.netapp.com/advisory/ntap-20200611-0001/" - }, { "refsource": "GENTOO", "name": "GLSA-202006-03", @@ -98,7 +68,39 @@ "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00044.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3", + "url": "https://github.com/Perl/perl5/compare/v5.30.2...v5.30.3" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod", + "url": "https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20200611-0001/", + "url": "https://security.netapp.com/advisory/ntap-20200611-0001/" + }, + { + "url": "https://github.com/Perl/perl5/issues/16947", + "refsource": "MISC", + "name": "https://github.com/Perl/perl5/issues/16947" + }, + { + "url": "https://github.com/Perl/perl5/issues/17743", + "refsource": "MISC", + "name": "https://github.com/Perl/perl5/issues/17743" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/perl/perl5/commit/66bbb51b93253a3f87d11c2695cfb7bdb782184a", + "url": "https://github.com/perl/perl5/commit/66bbb51b93253a3f87d11c2695cfb7bdb782184a" } ] } diff --git a/2020/13xxx/CVE-2020-13630.json b/2020/13xxx/CVE-2020-13630.json index 82e46c418c8..65b46b92083 100644 --- a/2020/13xxx/CVE-2020-13630.json +++ b/2020/13xxx/CVE-2020-13630.json @@ -98,7 +98,9 @@ "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] } diff --git a/2020/13xxx/CVE-2020-13631.json b/2020/13xxx/CVE-2020-13631.json index ad234340af3..24caa00d520 100644 --- a/2020/13xxx/CVE-2020-13631.json +++ b/2020/13xxx/CVE-2020-13631.json @@ -93,7 +93,9 @@ "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] } diff --git a/2020/13xxx/CVE-2020-13632.json b/2020/13xxx/CVE-2020-13632.json index 961397d1bb4..db32ffdc74a 100644 --- a/2020/13xxx/CVE-2020-13632.json +++ b/2020/13xxx/CVE-2020-13632.json @@ -98,7 +98,9 @@ "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] } diff --git a/2020/13xxx/CVE-2020-13920.json b/2020/13xxx/CVE-2020-13920.json index 123696da71c..269c9060c7e 100644 --- a/2020/13xxx/CVE-2020-13920.json +++ b/2020/13xxx/CVE-2020-13920.json @@ -55,7 +55,9 @@ "url": "https://lists.debian.org/debian-lts-announce/2020/10/msg00013.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/13xxx/CVE-2020-13934.json b/2020/13xxx/CVE-2020-13934.json index 7add4866196..7ff64636d9c 100644 --- a/2020/13xxx/CVE-2020-13934.json +++ b/2020/13xxx/CVE-2020-13934.json @@ -59,11 +59,6 @@ "name": "[debian-lts-announce] 20200722 [SECURITY] [DLA 2286-1] tomcat8 security update", "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html" }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20200724-0003/", - "url": "https://security.netapp.com/advisory/ntap-20200724-0003/" - }, { "refsource": "SUSE", "name": "openSUSE-SU-2020:1102", @@ -80,7 +75,14 @@ "url": "https://lists.apache.org/thread.html/ra072b1f786e7d139e86f1d1145572e0ff71cef38a96d9c6f5362aac8@%3Cdev.tomcat.apache.org%3E" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20200724-0003/", + "url": "https://security.netapp.com/advisory/ntap-20200724-0003/" } ] }, diff --git a/2020/13xxx/CVE-2020-13935.json b/2020/13xxx/CVE-2020-13935.json index f7948c887e7..e6489844b54 100644 --- a/2020/13xxx/CVE-2020-13935.json +++ b/2020/13xxx/CVE-2020-13935.json @@ -59,11 +59,6 @@ "name": "[debian-lts-announce] 20200722 [SECURITY] [DLA 2286-1] tomcat8 security update", "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00017.html" }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20200724-0003/", - "url": "https://security.netapp.com/advisory/ntap-20200724-0003/" - }, { "refsource": "SUSE", "name": "openSUSE-SU-2020:1102", @@ -79,13 +74,20 @@ "name": "USN-4448-1", "url": "https://usn.ubuntu.com/4448-1/" }, + { + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20200724-0003/", + "url": "https://security.netapp.com/advisory/ntap-20200724-0003/" + }, { "refsource": "CONFIRM", "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10332", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10332" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/14xxx/CVE-2020-14060.json b/2020/14xxx/CVE-2020-14060.json index cd750ad4030..68f2be51a4c 100644 --- a/2020/14xxx/CVE-2020-14060.json +++ b/2020/14xxx/CVE-2020-14060.json @@ -52,28 +52,30 @@ }, "references": { "reference_data": [ - { - "url": "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062", - "refsource": "MISC", - "name": "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062" - }, { "url": "https://github.com/FasterXML/jackson-databind/issues/2688", "refsource": "MISC", "name": "https://github.com/FasterXML/jackson-databind/issues/2688" }, + { + "url": "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062", + "refsource": "MISC", + "name": "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062" + }, { "refsource": "MLIST", "name": "[debian-lts-announce] 20200701 [SECURITY] [DLA 2270-1] jackson-databind security update", "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00001.html" }, + { + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, { "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20200702-0003/", "url": "https://security.netapp.com/advisory/ntap-20200702-0003/" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] } diff --git a/2020/14xxx/CVE-2020-14061.json b/2020/14xxx/CVE-2020-14061.json index d27be752202..8c6f6af881b 100644 --- a/2020/14xxx/CVE-2020-14061.json +++ b/2020/14xxx/CVE-2020-14061.json @@ -67,13 +67,15 @@ "name": "[debian-lts-announce] 20200701 [SECURITY] [DLA 2270-1] jackson-databind security update", "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00001.html" }, + { + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, { "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20200702-0003/", "url": "https://security.netapp.com/advisory/ntap-20200702-0003/" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] } diff --git a/2020/14xxx/CVE-2020-14062.json b/2020/14xxx/CVE-2020-14062.json index a8d4bf532b7..9317eca04d9 100644 --- a/2020/14xxx/CVE-2020-14062.json +++ b/2020/14xxx/CVE-2020-14062.json @@ -67,13 +67,15 @@ "name": "[debian-lts-announce] 20200701 [SECURITY] [DLA 2270-1] jackson-databind security update", "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00001.html" }, + { + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, { "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20200702-0003/", "url": "https://security.netapp.com/advisory/ntap-20200702-0003/" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] } diff --git a/2020/14xxx/CVE-2020-14195.json b/2020/14xxx/CVE-2020-14195.json index 53287953ed1..e5c1c281102 100644 --- a/2020/14xxx/CVE-2020-14195.json +++ b/2020/14xxx/CVE-2020-14195.json @@ -62,13 +62,15 @@ "name": "[debian-lts-announce] 20200701 [SECURITY] [DLA 2270-1] jackson-databind security update", "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00001.html" }, + { + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, { "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20200702-0003/", "url": "https://security.netapp.com/advisory/ntap-20200702-0003/" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] } diff --git a/2020/15xxx/CVE-2020-15157.json b/2020/15xxx/CVE-2020-15157.json index c6ae09630c0..5b64b308017 100644 --- a/2020/15xxx/CVE-2020-15157.json +++ b/2020/15xxx/CVE-2020-15157.json @@ -83,6 +83,11 @@ "refsource": "UBUNTU", "name": "USN-4589-1", "url": "https://usn.ubuntu.com/4589-1/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4589-2", + "url": "https://usn.ubuntu.com/4589-2/" } ] }, diff --git a/2020/15xxx/CVE-2020-15358.json b/2020/15xxx/CVE-2020-15358.json index 04711190650..d8000c3a7ac 100644 --- a/2020/15xxx/CVE-2020-15358.json +++ b/2020/15xxx/CVE-2020-15358.json @@ -67,11 +67,6 @@ "refsource": "MISC", "name": "https://www.sqlite.org/src/info/10fa79d00f8091e5" }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20200709-0001/", - "url": "https://security.netapp.com/advisory/ntap-20200709-0001/" - }, { "refsource": "GENTOO", "name": "GLSA-202007-26", @@ -83,7 +78,14 @@ "url": "https://usn.ubuntu.com/4438-1/" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20200709-0001/", + "url": "https://security.netapp.com/advisory/ntap-20200709-0001/" } ] } diff --git a/2020/15xxx/CVE-2020-15389.json b/2020/15xxx/CVE-2020-15389.json index 1d245cd886c..0e87c6dec2b 100644 --- a/2020/15xxx/CVE-2020-15389.json +++ b/2020/15xxx/CVE-2020-15389.json @@ -57,18 +57,20 @@ "refsource": "MISC", "name": "https://github.com/uclouvain/openjpeg/issues/1261" }, - { - "refsource": "MISC", - "name": "https://pastebin.com/4sDKQ7U8", - "url": "https://pastebin.com/4sDKQ7U8" - }, { "refsource": "MLIST", "name": "[debian-lts-announce] 20200710 [SECURITY] [DLA 2277-1] openjpeg2 security update", "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00008.html" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, + { + "refsource": "MISC", + "name": "https://pastebin.com/4sDKQ7U8", + "url": "https://pastebin.com/4sDKQ7U8" } ] } diff --git a/2020/1xxx/CVE-2020-1730.json b/2020/1xxx/CVE-2020-1730.json index 3ced58c1b78..b3d43ee49ea 100644 --- a/2020/1xxx/CVE-2020-1730.json +++ b/2020/1xxx/CVE-2020-1730.json @@ -47,16 +47,6 @@ }, "references": { "reference_data": [ - { - "url": "https://www.libssh.org/security/advisories/CVE-2020-1730.txt", - "refsource": "MISC", - "name": "https://www.libssh.org/security/advisories/CVE-2020-1730.txt" - }, - { - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1730", - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1730", - "refsource": "CONFIRM" - }, { "refsource": "FEDORA", "name": "FEDORA-2020-5a77f0d68f", @@ -67,18 +57,30 @@ "name": "USN-4327-1", "url": "https://usn.ubuntu.com/4327-1/" }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20200424-0001/", - "url": "https://security.netapp.com/advisory/ntap-20200424-0001/" - }, { "refsource": "FEDORA", "name": "FEDORA-2020-6cad41abb0", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2A7BIFKUYIYKTY7FX4BEWVC2OHS5DPOU/" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, + { + "url": "https://www.libssh.org/security/advisories/CVE-2020-1730.txt", + "refsource": "MISC", + "name": "https://www.libssh.org/security/advisories/CVE-2020-1730.txt" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1730", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1730", + "refsource": "CONFIRM" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20200424-0001/", + "url": "https://security.netapp.com/advisory/ntap-20200424-0001/" } ] }, diff --git a/2020/1xxx/CVE-2020-1935.json b/2020/1xxx/CVE-2020-1935.json index 5f2cb260ae1..4338e0f5056 100644 --- a/2020/1xxx/CVE-2020-1935.json +++ b/2020/1xxx/CVE-2020-1935.json @@ -131,7 +131,9 @@ "url": "https://usn.ubuntu.com/4448-1/" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/1xxx/CVE-2020-1938.json b/2020/1xxx/CVE-2020-1938.json index b8c6242a516..29fdaecf7dd 100644 --- a/2020/1xxx/CVE-2020-1938.json +++ b/2020/1xxx/CVE-2020-1938.json @@ -276,7 +276,9 @@ "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/1xxx/CVE-2020-1941.json b/2020/1xxx/CVE-2020-1941.json index d524f112daf..40728d5c816 100644 --- a/2020/1xxx/CVE-2020-1941.json +++ b/2020/1xxx/CVE-2020-1941.json @@ -60,7 +60,9 @@ "url": "https://lists.apache.org/thread.html/re4672802b0e5ed67c08c9e77057d52138e062f77cc09581b723cf95a@%3Ccommits.activemq.apache.org%3E" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/1xxx/CVE-2020-1945.json b/2020/1xxx/CVE-2020-1945.json index 0923f93cf3a..3306e720d39 100644 --- a/2020/1xxx/CVE-2020-1945.json +++ b/2020/1xxx/CVE-2020-1945.json @@ -215,7 +215,9 @@ "url": "https://lists.apache.org/thread.html/r5e1cdd79f019162f76414708b2092acad0a6703d666d72d717319305@%3Cdev.creadur.apache.org%3E" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/1xxx/CVE-2020-1950.json b/2020/1xxx/CVE-2020-1950.json index 0b59f1a5105..881e737df3b 100644 --- a/2020/1xxx/CVE-2020-1950.json +++ b/2020/1xxx/CVE-2020-1950.json @@ -65,7 +65,9 @@ "url": "https://usn.ubuntu.com/4564-1/" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/1xxx/CVE-2020-1951.json b/2020/1xxx/CVE-2020-1951.json index 4c61270413d..2edf568c662 100644 --- a/2020/1xxx/CVE-2020-1951.json +++ b/2020/1xxx/CVE-2020-1951.json @@ -65,7 +65,9 @@ "url": "https://usn.ubuntu.com/4564-1/" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/1xxx/CVE-2020-1953.json b/2020/1xxx/CVE-2020-1953.json index 036c47e67e1..07ecf845d3a 100644 --- a/2020/1xxx/CVE-2020-1953.json +++ b/2020/1xxx/CVE-2020-1953.json @@ -56,18 +56,20 @@ }, "references": { "reference_data": [ - { - "refsource": "MISC", - "name": "https://lists.apache.org/thread.html/d0e00f2e147a9e9b13a6829133092f349b2882bf6860397368a52600@%3Cannounce.tomcat.apache.org%3E", - "url": "https://lists.apache.org/thread.html/d0e00f2e147a9e9b13a6829133092f349b2882bf6860397368a52600@%3Cannounce.tomcat.apache.org%3E" - }, { "refsource": "MLIST", "name": "[camel-commits] 20200313 [camel] branch camel-3.1.x updated: Update Commons Configuration 2 due to CVE-2020-1953", "url": "https://lists.apache.org/thread.html/rde2186ad6ac0d6ed8d51af7509244adcf1ce0f9a3b7e1d1dd3b64676@%3Ccommits.camel.apache.org%3E" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/d0e00f2e147a9e9b13a6829133092f349b2882bf6860397368a52600@%3Cannounce.tomcat.apache.org%3E", + "url": "https://lists.apache.org/thread.html/d0e00f2e147a9e9b13a6829133092f349b2882bf6860397368a52600@%3Cannounce.tomcat.apache.org%3E" + }, + { + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/1xxx/CVE-2020-1954.json b/2020/1xxx/CVE-2020-1954.json index b8bf33fa103..9acc2898b34 100644 --- a/2020/1xxx/CVE-2020-1954.json +++ b/2020/1xxx/CVE-2020-1954.json @@ -44,13 +44,15 @@ }, "references": { "reference_data": [ + { + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, { "refsource": "MISC", "name": "http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1&modificationDate=1585730169000&api=v2", "url": "http://cxf.apache.org/security-advisories.data/CVE-2020-1954.txt.asc?version=1&modificationDate=1585730169000&api=v2" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/1xxx/CVE-2020-1967.json b/2020/1xxx/CVE-2020-1967.json index d4a1b0d0a0c..7dacc9cca5c 100644 --- a/2020/1xxx/CVE-2020-1967.json +++ b/2020/1xxx/CVE-2020-1967.json @@ -187,13 +187,15 @@ "name": "https://www.tenable.com/security/tns-2020-04", "url": "https://www.tenable.com/security/tns-2020-04" }, + { + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, { "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20200717-0004/", "url": "https://security.netapp.com/advisory/ntap-20200717-0004/" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] } diff --git a/2020/24xxx/CVE-2020-24409.json b/2020/24xxx/CVE-2020-24409.json index 34ebc794788..648de7c2a61 100644 --- a/2020/24xxx/CVE-2020-24409.json +++ b/2020/24xxx/CVE-2020-24409.json @@ -1,18 +1,96 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "DATE_PUBLIC": "2020-10-20T23:00:00.000Z", "ID": "CVE-2020-24409", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Adobe Illustrator PDF File Parsing Out-Of-Bounds Read Vulnerability" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Illustrator", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "24.2" + }, + { + "version_affected": "<=", + "version_value": "None" + }, + { + "version_affected": "<=", + "version_value": "None" + }, + { + "version_affected": "<=", + "version_value": "None" + } + ] + } + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Illustrator version 24.2 (and earlier) is affected by an out-of-bounds read vulnerability when parsing crafted PDF files. This could result in a read past the end of an allocated memory structure, potentially resulting in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit." } ] + }, + "impact": { + "cvss": { + "attackComplexity": "Low", + "attackVector": "Local", + "availabilityImpact": "High", + "baseScore": 7.8, + "baseSeverity": "High", + "confidentialityImpact": "High", + "integrityImpact": "High", + "privilegesRequired": "None", + "scope": "Unchanged", + "userInteraction": "Required", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds Read (CWE-125)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html", + "name": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2020/24xxx/CVE-2020-24410.json b/2020/24xxx/CVE-2020-24410.json index 0e4719a08bd..ac5d629d9f7 100644 --- a/2020/24xxx/CVE-2020-24410.json +++ b/2020/24xxx/CVE-2020-24410.json @@ -1,18 +1,96 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "DATE_PUBLIC": "2020-10-20T23:00:00.000Z", "ID": "CVE-2020-24410", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Adobe Illustrator PDF File Parsing Out-Of-Bounds Read Vulnerability" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Illustrator", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "24.2" + }, + { + "version_affected": "<=", + "version_value": "None" + }, + { + "version_affected": "<=", + "version_value": "None" + }, + { + "version_affected": "<=", + "version_value": "None" + } + ] + } + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Illustrator version 24.2 (and earlier) is affected by an out-of-bounds read vulnerability when parsing crafted PDF files. This could result in a read past the end of an allocated memory structure, potentially resulting in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit." } ] + }, + "impact": { + "cvss": { + "attackComplexity": "Low", + "attackVector": "Local", + "availabilityImpact": "High", + "baseScore": 7.8, + "baseSeverity": "High", + "confidentialityImpact": "High", + "integrityImpact": "High", + "privilegesRequired": "None", + "scope": "Unchanged", + "userInteraction": "Required", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds Read (CWE-125)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html", + "name": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2020/24xxx/CVE-2020-24411.json b/2020/24xxx/CVE-2020-24411.json index 60f1b71ea2d..bf8d9212a0b 100644 --- a/2020/24xxx/CVE-2020-24411.json +++ b/2020/24xxx/CVE-2020-24411.json @@ -1,18 +1,96 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "DATE_PUBLIC": "2020-10-20T23:00:00.000Z", "ID": "CVE-2020-24411", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Adobe Illustrator PDF File Parsing Out-Of-Bounds Write Vulnerability" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Illustrator", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "24.2" + }, + { + "version_affected": "<=", + "version_value": "None" + }, + { + "version_affected": "<=", + "version_value": "None" + }, + { + "version_affected": "<=", + "version_value": "None" + } + ] + } + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Illustrator version 24.2 (and earlier) is affected by an out-of-bounds write vulnerability when handling crafted PDF files. This could result in a write past the end of an allocated memory structure, potentially resulting in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit." } ] + }, + "impact": { + "cvss": { + "attackComplexity": "Low", + "attackVector": "Local", + "availabilityImpact": "High", + "baseScore": 7.8, + "baseSeverity": "High", + "confidentialityImpact": "High", + "integrityImpact": "High", + "privilegesRequired": "None", + "scope": "Unchanged", + "userInteraction": "Required", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds Write (CWE-787)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html", + "name": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2020/24xxx/CVE-2020-24412.json b/2020/24xxx/CVE-2020-24412.json index 5265182e927..a9a4f58f5f2 100644 --- a/2020/24xxx/CVE-2020-24412.json +++ b/2020/24xxx/CVE-2020-24412.json @@ -1,18 +1,96 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "DATE_PUBLIC": "2020-10-20T23:00:00.000Z", "ID": "CVE-2020-24412", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Adobe Illustrator Memory Corruption Vulnerability" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Illustrator", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "24.1.2" + }, + { + "version_affected": "<=", + "version_value": "None" + }, + { + "version_affected": "<=", + "version_value": "None" + }, + { + "version_affected": "<=", + "version_value": "None" + } + ] + } + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit." } ] + }, + "impact": { + "cvss": { + "attackComplexity": "Low", + "attackVector": "Local", + "availabilityImpact": "High", + "baseScore": 7.8, + "baseSeverity": "High", + "confidentialityImpact": "High", + "integrityImpact": "High", + "privilegesRequired": "None", + "scope": "Unchanged", + "userInteraction": "Required", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Access of Memory Location After End of Buffer (CWE-788)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html", + "name": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2020/24xxx/CVE-2020-24413.json b/2020/24xxx/CVE-2020-24413.json index 9d73e575a34..f8be9007ddc 100644 --- a/2020/24xxx/CVE-2020-24413.json +++ b/2020/24xxx/CVE-2020-24413.json @@ -1,18 +1,96 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "DATE_PUBLIC": "2020-10-20T23:00:00.000Z", "ID": "CVE-2020-24413", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Adobe Illustrator Memory Corruption Vulnerability" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Illustrator", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "24.1.2" + }, + { + "version_affected": "<=", + "version_value": "None" + }, + { + "version_affected": "<=", + "version_value": "None" + }, + { + "version_affected": "<=", + "version_value": "None" + } + ] + } + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit." } ] + }, + "impact": { + "cvss": { + "attackComplexity": "Low", + "attackVector": "Local", + "availabilityImpact": "High", + "baseScore": 7.8, + "baseSeverity": "High", + "confidentialityImpact": "High", + "integrityImpact": "High", + "privilegesRequired": "None", + "scope": "Unchanged", + "userInteraction": "Required", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Access of Memory Location After End of Buffer (CWE-788)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html", + "name": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2020/24xxx/CVE-2020-24414.json b/2020/24xxx/CVE-2020-24414.json index 9960351d7b0..758878d6485 100644 --- a/2020/24xxx/CVE-2020-24414.json +++ b/2020/24xxx/CVE-2020-24414.json @@ -1,18 +1,96 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "DATE_PUBLIC": "2020-10-20T23:00:00.000Z", "ID": "CVE-2020-24414", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Adobe Illustrator Memory Corruption Vulnerability" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Illustrator", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "24.1.2" + }, + { + "version_affected": "<=", + "version_value": "None" + }, + { + "version_affected": "<=", + "version_value": "None" + }, + { + "version_affected": "<=", + "version_value": "None" + } + ] + } + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit." } ] + }, + "impact": { + "cvss": { + "attackComplexity": "Low", + "attackVector": "Local", + "availabilityImpact": "High", + "baseScore": 7.8, + "baseSeverity": "High", + "confidentialityImpact": "High", + "integrityImpact": "High", + "privilegesRequired": "None", + "scope": "Unchanged", + "userInteraction": "Required", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Access of Memory Location After End of Buffer (CWE-788)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html", + "name": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2020/24xxx/CVE-2020-24415.json b/2020/24xxx/CVE-2020-24415.json index d9dbea8b4e0..a3321f78569 100644 --- a/2020/24xxx/CVE-2020-24415.json +++ b/2020/24xxx/CVE-2020-24415.json @@ -1,18 +1,96 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "DATE_PUBLIC": "2020-10-20T23:00:00.000Z", "ID": "CVE-2020-24415", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Adobe Illustrator Memory Corruption Vulnerability" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Illustrator", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "24.1.2" + }, + { + "version_affected": "<=", + "version_value": "None" + }, + { + "version_affected": "<=", + "version_value": "None" + }, + { + "version_affected": "<=", + "version_value": "None" + } + ] + } + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file. This could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploit." } ] + }, + "impact": { + "cvss": { + "attackComplexity": "Low", + "attackVector": "Local", + "availabilityImpact": "High", + "baseScore": 7.8, + "baseSeverity": "High", + "confidentialityImpact": "High", + "integrityImpact": "High", + "privilegesRequired": "None", + "scope": "Unchanged", + "userInteraction": "Required", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Access of Memory Location After End of Buffer (CWE-788)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html", + "name": "https://helpx.adobe.com/security/products/illustrator/apsb20-53.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2020/24xxx/CVE-2020-24416.json b/2020/24xxx/CVE-2020-24416.json index cad35aa03a9..0f05bd01746 100644 --- a/2020/24xxx/CVE-2020-24416.json +++ b/2020/24xxx/CVE-2020-24416.json @@ -1,18 +1,96 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "DATE_PUBLIC": "2020-10-20T23:00:00.000Z", "ID": "CVE-2020-24416", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Blind stored XSS in Marketo Sales insight plugin for SalesForce" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Marketo", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "1.4355" + }, + { + "version_affected": "<=", + "version_value": "None" + }, + { + "version_affected": "<=", + "version_value": "None" + }, + { + "version_affected": "<=", + "version_value": "None" + } + ] + } + } + ] + }, + "vendor_name": "Adobe" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Marketo Sales Insight plugin version 1.4355 (and earlier) is affected by a blind stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field." } ] + }, + "impact": { + "cvss": { + "attackComplexity": "Low", + "attackVector": "Network", + "availabilityImpact": "None", + "baseScore": 7.5, + "baseSeverity": "High", + "confidentialityImpact": "High", + "integrityImpact": "None", + "privilegesRequired": "None", + "scope": "Unchanged", + "userInteraction": "None", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-site Scripting (Stored XSS) (CWE-79)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://helpx.adobe.com/security/products/marketo/apsb20-60.html", + "name": "https://helpx.adobe.com/security/products/marketo/apsb20-60.html" + } + ] + }, + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2020/25xxx/CVE-2020-25157.json b/2020/25xxx/CVE-2020-25157.json index 20032b1a0bc..1c55219afed 100644 --- a/2020/25xxx/CVE-2020-25157.json +++ b/2020/25xxx/CVE-2020-25157.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-25157", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Advantech R-SeeNet", + "version": { + "version_data": [ + { + "version_value": "Versions 1.5.1 through 2.4.10" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "IMPROPER NEUTRALIZATION OF SPECIAL ELEMENTS USE IN AN SQL COMMAND ('SQL INJECTION')" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-289-02", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-289-02" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The R-SeeNet webpage (1.5.1 through 2.4.10) suffers from SQL injection, which allows a remote attacker to invoke queries on the database and retrieve sensitive information." } ] } diff --git a/2020/25xxx/CVE-2020-25270.json b/2020/25xxx/CVE-2020-25270.json index 1d12630a39e..b50548d48bd 100644 --- a/2020/25xxx/CVE-2020-25270.json +++ b/2020/25xxx/CVE-2020-25270.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "https://github.com/Ko-kn3t/CVE-2020-25270", "url": "https://github.com/Ko-kn3t/CVE-2020-25270" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/159614/Hostel-Management-System-2.1-Cross-Site-Scripting.html", + "url": "http://packetstormsecurity.com/files/159614/Hostel-Management-System-2.1-Cross-Site-Scripting.html" } ] } diff --git a/2020/25xxx/CVE-2020-25648.json b/2020/25xxx/CVE-2020-25648.json index e8452a059ae..c56779d39dc 100644 --- a/2020/25xxx/CVE-2020-25648.json +++ b/2020/25xxx/CVE-2020-25648.json @@ -4,14 +4,63 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-25648", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "nss", + "version": { + "version_data": [ + { + "version_value": "nss versions before 3.58" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-770" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1887319", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887319" + }, + { + "refsource": "MISC", + "name": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes", + "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.58_release_notes" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This flaw affects NSS versions before 3.58." } ] } diff --git a/2020/25xxx/CVE-2020-25760.json b/2020/25xxx/CVE-2020-25760.json index 273fdb45b01..24c903f16eb 100644 --- a/2020/25xxx/CVE-2020-25760.json +++ b/2020/25xxx/CVE-2020-25760.json @@ -66,6 +66,11 @@ "refsource": "MISC", "name": "https://packetstormsecurity.com/files/author/15149/", "url": "https://packetstormsecurity.com/files/author/15149/" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/159637/Visitor-Management-System-In-PHP-1.0-SQL-Injection.html", + "url": "http://packetstormsecurity.com/files/159637/Visitor-Management-System-In-PHP-1.0-SQL-Injection.html" } ] } diff --git a/2020/25xxx/CVE-2020-25790.json b/2020/25xxx/CVE-2020-25790.json index 6cbd2522c16..0ae6a517ea4 100644 --- a/2020/25xxx/CVE-2020-25790.json +++ b/2020/25xxx/CVE-2020-25790.json @@ -66,6 +66,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/159503/Typesetter-CMS-5.1-Remote-Code-Execution.html", "url": "http://packetstormsecurity.com/files/159503/Typesetter-CMS-5.1-Remote-Code-Execution.html" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/159615/Typesetter-CMS-5.1-Remote-Code-Execution.html", + "url": "http://packetstormsecurity.com/files/159615/Typesetter-CMS-5.1-Remote-Code-Execution.html" } ] } diff --git a/2020/3xxx/CVE-2020-3235.json b/2020/3xxx/CVE-2020-3235.json index 1b646b3c20e..9f2caf9e6cd 100644 --- a/2020/3xxx/CVE-2020-3235.json +++ b/2020/3xxx/CVE-2020-3235.json @@ -46,7 +46,6 @@ "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " } ], - "impact": { "cvss": { "baseScore": "7.7", @@ -74,7 +73,9 @@ "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-dos-USxSyTk5" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/3xxx/CVE-2020-3909.json b/2020/3xxx/CVE-2020-3909.json index ba71528164c..692eb67b645 100644 --- a/2020/3xxx/CVE-2020-3909.json +++ b/2020/3xxx/CVE-2020-3909.json @@ -147,7 +147,9 @@ "name": "https://support.apple.com/HT211107" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/4xxx/CVE-2020-4051.json b/2020/4xxx/CVE-2020-4051.json index 9d26903ffea..660842acdac 100644 --- a/2020/4xxx/CVE-2020-4051.json +++ b/2020/4xxx/CVE-2020-4051.json @@ -95,7 +95,9 @@ "url": "https://github.com/dojo/dijit/commit/462bdcd60d0333315fe69ab4709c894d78f61301" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/5xxx/CVE-2020-5397.json b/2020/5xxx/CVE-2020-5397.json index 355818e4638..d84e796d7e9 100644 --- a/2020/5xxx/CVE-2020-5397.json +++ b/2020/5xxx/CVE-2020-5397.json @@ -75,7 +75,9 @@ "name": "https://pivotal.io/security/cve-2020-5397" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/5xxx/CVE-2020-5398.json b/2020/5xxx/CVE-2020-5398.json index ffc4acec599..49b9e6ae7c2 100644 --- a/2020/5xxx/CVE-2020-5398.json +++ b/2020/5xxx/CVE-2020-5398.json @@ -230,7 +230,9 @@ "url": "https://lists.apache.org/thread.html/r1c679c43fa4f7846d748a937955c7921436d1b315445978254442163@%3Ccommits.ambari.apache.org%3E" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/5xxx/CVE-2020-5407.json b/2020/5xxx/CVE-2020-5407.json index 1bd96e10cfb..3ffa318d295 100644 --- a/2020/5xxx/CVE-2020-5407.json +++ b/2020/5xxx/CVE-2020-5407.json @@ -64,11 +64,6 @@ }, "references": { "reference_data": [ - { - "refsource": "CONFIRM", - "url": "https://tanzu.vmware.com/security/cve-2020-5407", - "name": "https://tanzu.vmware.com/security/cve-2020-5407" - }, { "refsource": "MLIST", "name": "[servicemix-issues] 20200514 [jira] [Created] (SM-4384) Create OSGi bundles for spring-security 5.3.2.RELEASE + 5.1.10.RELEASE", @@ -85,7 +80,14 @@ "url": "https://lists.apache.org/thread.html/ra19a4e7236877fe12bfb52db07b27ad72d9e7a9f5e27bba7e928e18a@%3Cdev.geode.apache.org%3E" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, + { + "refsource": "CONFIRM", + "url": "https://tanzu.vmware.com/security/cve-2020-5407", + "name": "https://tanzu.vmware.com/security/cve-2020-5407" } ] }, diff --git a/2020/5xxx/CVE-2020-5408.json b/2020/5xxx/CVE-2020-5408.json index d33a5b3b6fe..fe587ce5b75 100644 --- a/2020/5xxx/CVE-2020-5408.json +++ b/2020/5xxx/CVE-2020-5408.json @@ -79,13 +79,15 @@ }, "references": { "reference_data": [ + { + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, { "refsource": "CONFIRM", "url": "https://tanzu.vmware.com/security/cve-2020-5408", "name": "https://tanzu.vmware.com/security/cve-2020-5408" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/5xxx/CVE-2020-5790.json b/2020/5xxx/CVE-2020-5790.json index 1b7eeae46e5..a49d36f757a 100644 --- a/2020/5xxx/CVE-2020-5790.json +++ b/2020/5xxx/CVE-2020-5790.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-5790", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "vulnreport@tenable.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Nagios XI", + "version": { + "version_data": [ + { + "version_value": "5.7.3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-site Request Forgery" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.tenable.com/security/research/tra-2020-58", + "url": "https://www.tenable.com/security/research/tra-2020-58" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross-site request forgery in Nagios XI 5.7.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link." } ] } diff --git a/2020/5xxx/CVE-2020-5791.json b/2020/5xxx/CVE-2020-5791.json index 6a3f13f9e8d..655576c93ee 100644 --- a/2020/5xxx/CVE-2020-5791.json +++ b/2020/5xxx/CVE-2020-5791.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-5791", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "vulnreport@tenable.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Nagios XI", + "version": { + "version_data": [ + { + "version_value": "5.7.3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Authenticated OS Command Injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.tenable.com/security/research/tra-2020-58", + "url": "https://www.tenable.com/security/research/tra-2020-58" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper neutralization of special elements used in an OS command in Nagios XI 5.7.3 allows a remote, authenticated admin user to execute operating system commands with the privileges of the apache user." } ] } diff --git a/2020/5xxx/CVE-2020-5792.json b/2020/5xxx/CVE-2020-5792.json index 130375d9286..df71e22810b 100644 --- a/2020/5xxx/CVE-2020-5792.json +++ b/2020/5xxx/CVE-2020-5792.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-5792", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "vulnreport@tenable.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Nagios XI", + "version": { + "version_data": [ + { + "version_value": "5.7.3" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Authenticated OS Command Argument Injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.tenable.com/security/research/tra-2020-58", + "url": "https://www.tenable.com/security/research/tra-2020-58" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote, authenticated admin user to write to arbitrary files and ultimately execute code with the privileges of the apache user." } ] } diff --git a/2020/7xxx/CVE-2020-7067.json b/2020/7xxx/CVE-2020-7067.json index ed08c590d11..08240fcf18a 100644 --- a/2020/7xxx/CVE-2020-7067.json +++ b/2020/7xxx/CVE-2020-7067.json @@ -90,16 +90,6 @@ }, "references": { "reference_data": [ - { - "name": "https://bugs.php.net/bug.php?id=79465", - "refsource": "CONFIRM", - "url": "https://bugs.php.net/bug.php?id=79465" - }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20200504-0001/", - "url": "https://security.netapp.com/advisory/ntap-20200504-0001/" - }, { "refsource": "DEBIAN", "name": "DSA-4717", @@ -111,7 +101,19 @@ "url": "https://www.debian.org/security/2020/dsa-4719" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, + { + "name": "https://bugs.php.net/bug.php?id=79465", + "refsource": "CONFIRM", + "url": "https://bugs.php.net/bug.php?id=79465" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20200504-0001/", + "url": "https://security.netapp.com/advisory/ntap-20200504-0001/" } ] }, diff --git a/2020/8xxx/CVE-2020-8172.json b/2020/8xxx/CVE-2020-8172.json index 9047c0d1987..fb29a0338c9 100644 --- a/2020/8xxx/CVE-2020-8172.json +++ b/2020/8xxx/CVE-2020-8172.json @@ -65,7 +65,9 @@ "url": "https://security.netapp.com/advisory/ntap-20200625-0002/" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/8xxx/CVE-2020-8174.json b/2020/8xxx/CVE-2020-8174.json index de0a3f53038..ba0609ab215 100644 --- a/2020/8xxx/CVE-2020-8174.json +++ b/2020/8xxx/CVE-2020-8174.json @@ -50,7 +50,9 @@ "url": "https://hackerone.com/reports/784186" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/8xxx/CVE-2020-8840.json b/2020/8xxx/CVE-2020-8840.json index 9b2af1c9fa5..2193d7382bc 100644 --- a/2020/8xxx/CVE-2020-8840.json +++ b/2020/8xxx/CVE-2020-8840.json @@ -52,11 +52,6 @@ }, "references": { "reference_data": [ - { - "url": "https://github.com/FasterXML/jackson-databind/issues/2620", - "refsource": "MISC", - "name": "https://github.com/FasterXML/jackson-databind/issues/2620" - }, { "refsource": "MLIST", "name": "[druid-commits] 20200219 [GitHub] [druid] ccaominh opened a new pull request #9379: Suppress CVE-2020-8840 for htrace-core-4.0.1", @@ -162,11 +157,6 @@ "name": "[tomee-dev] 20200316 RE: CVE-2020-8840 on TomEE 8.0.1", "url": "https://lists.apache.org/thread.html/rc068e824654c4b8bd4f2490bec869e29edbfcd5dfe02d47cbf7433b2@%3Cdev.tomee.apache.org%3E" }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20200327-0002/", - "url": "https://security.netapp.com/advisory/ntap-20200327-0002/" - }, { "refsource": "MLIST", "name": "[ranger-dev] 20200330 [jira] [Updated] (RANGER-2770) Upgrade jackson-databind to version 2.10.0 [CVE-2020-8840] - (Ranger)", @@ -187,11 +177,6 @@ "name": "[ranger-dev] 20200408 Review Request 72332: RANGER-2770 : Upgrade jackson-databind to version 2.10.0 [CVE-2020-8840] - (Ranger)", "url": "https://lists.apache.org/thread.html/r2fa8046bd47fb407ca09b5107a80fa6147ba4ebe879caae5c98b7657@%3Cdev.ranger.apache.org%3E" }, - { - "url": "https://www.oracle.com/security-alerts/cpuapr2020.html", - "refsource": "MISC", - "name": "https://www.oracle.com/security-alerts/cpuapr2020.html" - }, { "refsource": "MLIST", "name": "[ranger-dev] 20200415 [jira] [Commented] (RANGER-2770) Upgrade jackson-databind to version 2.10.0 [CVE-2020-8840] - (Ranger)", @@ -253,9 +238,9 @@ "url": "https://lists.apache.org/thread.html/r8e96c340004b7898cad3204ea51280ef6e4b553a684e1452bf1b18b1@%3Cjira.kafka.apache.org%3E" }, { - "refsource": "CONFIRM", - "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-01-fastjason-en", - "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-01-fastjason-en" + "url": "https://www.oracle.com/security-alerts/cpuapr2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuapr2020.html" }, { "refsource": "MLIST", @@ -268,7 +253,24 @@ "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, + { + "url": "https://github.com/FasterXML/jackson-databind/issues/2620", + "refsource": "MISC", + "name": "https://github.com/FasterXML/jackson-databind/issues/2620" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20200327-0002/", + "url": "https://security.netapp.com/advisory/ntap-20200327-0002/" + }, + { + "refsource": "CONFIRM", + "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-01-fastjason-en", + "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200610-01-fastjason-en" } ] } diff --git a/2020/9xxx/CVE-2020-9281.json b/2020/9xxx/CVE-2020-9281.json index 8c8701be1bc..f767905d5b0 100644 --- a/2020/9xxx/CVE-2020-9281.json +++ b/2020/9xxx/CVE-2020-9281.json @@ -52,11 +52,6 @@ }, "references": { "reference_data": [ - { - "url": "https://github.com/ckeditor/ckeditor4", - "refsource": "MISC", - "name": "https://github.com/ckeditor/ckeditor4" - }, { "refsource": "FEDORA", "name": "FEDORA-2020-8d5de93970", @@ -73,7 +68,14 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L322YA73LCV3TO7ORY45WQDAFJVNKXBE/" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, + { + "url": "https://github.com/ckeditor/ckeditor4", + "refsource": "MISC", + "name": "https://github.com/ckeditor/ckeditor4" } ] } diff --git a/2020/9xxx/CVE-2020-9327.json b/2020/9xxx/CVE-2020-9327.json index 615466ac0ec..d8fd5544821 100644 --- a/2020/9xxx/CVE-2020-9327.json +++ b/2020/9xxx/CVE-2020-9327.json @@ -88,7 +88,9 @@ "url": "https://security.netapp.com/advisory/ntap-20200313-0002/" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] } diff --git a/2020/9xxx/CVE-2020-9409.json b/2020/9xxx/CVE-2020-9409.json index 1b1c09ceae2..9a0bbd38e32 100644 --- a/2020/9xxx/CVE-2020-9409.json +++ b/2020/9xxx/CVE-2020-9409.json @@ -99,7 +99,9 @@ "url": "http://www.tibco.com/services/support/advisories" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/9xxx/CVE-2020-9410.json b/2020/9xxx/CVE-2020-9410.json index 229d521ef5c..1385af2bd6c 100644 --- a/2020/9xxx/CVE-2020-9410.json +++ b/2020/9xxx/CVE-2020-9410.json @@ -145,7 +145,9 @@ "url": "http://www.tibco.com/services/support/advisories" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/9xxx/CVE-2020-9417.json b/2020/9xxx/CVE-2020-9417.json index e9604df8f8e..3c6052e6649 100644 --- a/2020/9xxx/CVE-2020-9417.json +++ b/2020/9xxx/CVE-2020-9417.json @@ -1,169 +1,169 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@tibco.com", - "DATE_PUBLIC": "2020-10-20T17:00:00Z", - "ID": "CVE-2020-9417", - "STATE": "PUBLIC", - "TITLE": "TIBCO Foresight SQL Injection" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "TIBCO Foresight Archive and Retrieval System", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_value": "5.1.0" - }, - { - "version_affected": "=", - "version_value": "5.2.0" - } - ] - } - }, - { - "product_name": "TIBCO Foresight Archive and Retrieval System Healthcare Edition", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_value": "5.1.0" - }, - { - "version_affected": "=", - "version_value": "5.2.0" - } - ] - } - }, - { - "product_name": "TIBCO Foresight Operational Monitor", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_value": "5.1.0" - }, - { - "version_affected": "=", - "version_value": "5.2.0" - } - ] - } - }, - { - "product_name": "TIBCO Foresight Operational Monitor Healthcare Edition", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_value": "5.1.0" - }, - { - "version_affected": "=", - "version_value": "5.2.0" - } - ] - } - }, - { - "product_name": "TIBCO Foresight Transaction Insight", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_value": "5.1.0" - }, - { - "version_affected": "=", - "version_value": "5.2.0" - } - ] - } - }, - { - "product_name": "TIBCO Foresight Transaction Insight Healthcare Edition", - "version": { - "version_data": [ - { - "version_affected": "<=", - "version_value": "5.1.0" - }, - { - "version_affected": "=", - "version_value": "5.2.0" - } - ] - } - } - ] - }, - "vendor_name": "TIBCO Software Inc." - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "The Transaction Insight reporting component of TIBCO Software Inc.'s TIBCO Foresight Archive and Retrieval System, TIBCO Foresight Archive and Retrieval System Healthcare Edition, TIBCO Foresight Operational Monitor, TIBCO Foresight Operational Monitor Healthcare Edition, TIBCO Foresight Transaction Insight, and TIBCO Foresight Transaction Insight Healthcare Edition contains a vulnerability that theoretically allows an authenticated attacker to perform SQL injection.\n\nAffected releases are TIBCO Software Inc.'s TIBCO Foresight Archive and Retrieval System: versions 5.1.0 and below, version 5.2.0, TIBCO Foresight Archive and Retrieval System Healthcare Edition: versions 5.1.0 and below, version 5.2.0, TIBCO Foresight Operational Monitor: versions 5.1.0 and below, version 5.2.0, TIBCO Foresight Operational Monitor Healthcare Edition: versions 5.1.0 and below, version 5.2.0, TIBCO Foresight Transaction Insight: versions 5.1.0 and below, version 5.2.0, and TIBCO Foresight Transaction Insight Healthcare Edition: versions 5.1.0 and below, version 5.2.0.\n" - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "LOW", - "baseScore": 7.6, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "The impact of these vulnerabilities includes the theoretical possibility that an authenticated attacker could craft a SQL query that would allow the attacker to create records, and read, update or delete entries in a victim’s account." - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "http://www.tibco.com/services/support/advisories", - "refsource": "CONFIRM", - "url": "http://www.tibco.com/services/support/advisories" - } - ] - }, - "solution": [ - { - "lang": "eng", - "value": "TIBCO has released updated versions of the affected components which address these issues.\n\nTIBCO Foresight Archive and Retrieval System versions 5.1.0 and below update to version 5.1.1 or higher\nTIBCO Foresight Archive and Retrieval System version 5.2.0 update to version 5.2.1 or higher\nTIBCO Foresight Archive and Retrieval System Healthcare Edition versions 5.1.0 and below update to version 5.1.1 or higher\nTIBCO Foresight Archive and Retrieval System Healthcare Edition version 5.2.0 update to version 5.2.1 or higher\nTIBCO Foresight Operational Monitor versions 5.1.0 and below update to version 5.1.1 or higher\nTIBCO Foresight Operational Monitor version 5.2.0 update to version 5.2.1 or higher\nTIBCO Foresight Operational Monitor Healthcare Edition versions 5.1.0 and below update to version 5.1.1 or higher\nTIBCO Foresight Operational Monitor Healthcare Edition version 5.2.0 update to version 5.2.1 or higher\nTIBCO Foresight Transaction Insight versions 5.1.0 and below update to version 5.1.1 or higher\nTIBCO Foresight Transaction Insight version 5.2.0 update to version 5.2.1 or higher\nTIBCO Foresight Transaction Insight Healthcare Edition versions 5.1.0 and below update to version 5.1.1 or higher\nTIBCO Foresight Transaction Insight Healthcare Edition version 5.2.0 update to version 5.2.1 or higher" - } - ], - "source": { - "discovery": "INTERNAL" - } -} + "CVE_data_meta": { + "ASSIGNER": "security@tibco.com", + "DATE_PUBLIC": "2020-10-20T17:00:00Z", + "ID": "CVE-2020-9417", + "STATE": "PUBLIC", + "TITLE": "TIBCO Foresight SQL Injection" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "TIBCO Foresight Archive and Retrieval System", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "5.1.0" + }, + { + "version_affected": "=", + "version_value": "5.2.0" + } + ] + } + }, + { + "product_name": "TIBCO Foresight Archive and Retrieval System Healthcare Edition", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "5.1.0" + }, + { + "version_affected": "=", + "version_value": "5.2.0" + } + ] + } + }, + { + "product_name": "TIBCO Foresight Operational Monitor", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "5.1.0" + }, + { + "version_affected": "=", + "version_value": "5.2.0" + } + ] + } + }, + { + "product_name": "TIBCO Foresight Operational Monitor Healthcare Edition", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "5.1.0" + }, + { + "version_affected": "=", + "version_value": "5.2.0" + } + ] + } + }, + { + "product_name": "TIBCO Foresight Transaction Insight", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "5.1.0" + }, + { + "version_affected": "=", + "version_value": "5.2.0" + } + ] + } + }, + { + "product_name": "TIBCO Foresight Transaction Insight Healthcare Edition", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "5.1.0" + }, + { + "version_affected": "=", + "version_value": "5.2.0" + } + ] + } + } + ] + }, + "vendor_name": "TIBCO Software Inc." + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Transaction Insight reporting component of TIBCO Software Inc.'s TIBCO Foresight Archive and Retrieval System, TIBCO Foresight Archive and Retrieval System Healthcare Edition, TIBCO Foresight Operational Monitor, TIBCO Foresight Operational Monitor Healthcare Edition, TIBCO Foresight Transaction Insight, and TIBCO Foresight Transaction Insight Healthcare Edition contains a vulnerability that theoretically allows an authenticated attacker to perform SQL injection. Affected releases are TIBCO Software Inc.'s TIBCO Foresight Archive and Retrieval System: versions 5.1.0 and below, version 5.2.0, TIBCO Foresight Archive and Retrieval System Healthcare Edition: versions 5.1.0 and below, version 5.2.0, TIBCO Foresight Operational Monitor: versions 5.1.0 and below, version 5.2.0, TIBCO Foresight Operational Monitor Healthcare Edition: versions 5.1.0 and below, version 5.2.0, TIBCO Foresight Transaction Insight: versions 5.1.0 and below, version 5.2.0, and TIBCO Foresight Transaction Insight Healthcare Edition: versions 5.1.0 and below, version 5.2.0." + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 7.6, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "The impact of these vulnerabilities includes the theoretical possibility that an authenticated attacker could craft a SQL query that would allow the attacker to create records, and read, update or delete entries in a victim\u2019s account." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.tibco.com/services/support/advisories", + "refsource": "CONFIRM", + "url": "http://www.tibco.com/services/support/advisories" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "TIBCO has released updated versions of the affected components which address these issues.\n\nTIBCO Foresight Archive and Retrieval System versions 5.1.0 and below update to version 5.1.1 or higher\nTIBCO Foresight Archive and Retrieval System version 5.2.0 update to version 5.2.1 or higher\nTIBCO Foresight Archive and Retrieval System Healthcare Edition versions 5.1.0 and below update to version 5.1.1 or higher\nTIBCO Foresight Archive and Retrieval System Healthcare Edition version 5.2.0 update to version 5.2.1 or higher\nTIBCO Foresight Operational Monitor versions 5.1.0 and below update to version 5.1.1 or higher\nTIBCO Foresight Operational Monitor version 5.2.0 update to version 5.2.1 or higher\nTIBCO Foresight Operational Monitor Healthcare Edition versions 5.1.0 and below update to version 5.1.1 or higher\nTIBCO Foresight Operational Monitor Healthcare Edition version 5.2.0 update to version 5.2.1 or higher\nTIBCO Foresight Transaction Insight versions 5.1.0 and below update to version 5.1.1 or higher\nTIBCO Foresight Transaction Insight version 5.2.0 update to version 5.2.1 or higher\nTIBCO Foresight Transaction Insight Healthcare Edition versions 5.1.0 and below update to version 5.1.1 or higher\nTIBCO Foresight Transaction Insight Healthcare Edition version 5.2.0 update to version 5.2.1 or higher" + } + ], + "source": { + "discovery": "INTERNAL" + } +} \ No newline at end of file diff --git a/2020/9xxx/CVE-2020-9484.json b/2020/9xxx/CVE-2020-9484.json index 89e651ddec1..d5be42e9f34 100644 --- a/2020/9xxx/CVE-2020-9484.json +++ b/2020/9xxx/CVE-2020-9484.json @@ -154,13 +154,15 @@ "name": "[tomee-commits] 20201013 [jira] [Commented] (TOMEE-2909) Impact of security vulnerability(CVE-2020-9484) on TOMEE plus (7.0.7)", "url": "https://lists.apache.org/thread.html/rf59c72572b9fee674a5d5cc6afeca4ffc3918a02c354a81cc50b7119@%3Ccommits.tomee.apache.org%3E" }, + { + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, { "refsource": "CONFIRM", "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10332", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10332" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/9xxx/CVE-2020-9488.json b/2020/9xxx/CVE-2020-9488.json index c642cde536f..1284e7c16ac 100644 --- a/2020/9xxx/CVE-2020-9488.json +++ b/2020/9xxx/CVE-2020-9488.json @@ -155,7 +155,9 @@ "url": "https://lists.apache.org/thread.html/r393943de452406f0f6f4b3def9f8d3c071f96323c1f6ed1a098f7fe4@%3Ctorque-dev.db.apache.org%3E" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/9xxx/CVE-2020-9489.json b/2020/9xxx/CVE-2020-9489.json index db7762f9696..8c932e51133 100644 --- a/2020/9xxx/CVE-2020-9489.json +++ b/2020/9xxx/CVE-2020-9489.json @@ -44,13 +44,15 @@ }, "references": { "reference_data": [ + { + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, { "refsource": "MISC", "name": "https://lists.apache.org/thread.html/r4d943777e36ca3aa6305a45da5acccc54ad894f2d5a07186cfa2442c%40%3Cdev.tika.apache.org%3E", "url": "https://lists.apache.org/thread.html/r4d943777e36ca3aa6305a45da5acccc54ad894f2d5a07186cfa2442c%40%3Cdev.tika.apache.org%3E" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }, diff --git a/2020/9xxx/CVE-2020-9490.json b/2020/9xxx/CVE-2020-9490.json index 991301e5f58..fb40cf966d6 100644 --- a/2020/9xxx/CVE-2020-9490.json +++ b/2020/9xxx/CVE-2020-9490.json @@ -69,11 +69,6 @@ "name": "[httpd-dev] 20200811 Re: Which version fixed the CVE-2020-9490, CVE-2020-11984 and CVE-2020-11993 vulnerabilities?", "url": "https://lists.apache.org/thread.html/r623de9b2b2433a87f3f3a15900419fc9c00c77b26936dfea4060f672@%3Cdev.httpd.apache.org%3E" }, - { - "refsource": "CONFIRM", - "name": "https://security.netapp.com/advisory/ntap-20200814-0005/", - "url": "https://security.netapp.com/advisory/ntap-20200814-0005/" - }, { "refsource": "UBUNTU", "name": "USN-4458-1", @@ -105,7 +100,14 @@ "url": "https://www.debian.org/security/2020/dsa-4757" }, { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20200814-0005/", + "url": "https://security.netapp.com/advisory/ntap-20200814-0005/" } ] }, diff --git a/2020/9xxx/CVE-2020-9546.json b/2020/9xxx/CVE-2020-9546.json index ab47f5fe227..8cee134e4da 100644 --- a/2020/9xxx/CVE-2020-9546.json +++ b/2020/9xxx/CVE-2020-9546.json @@ -117,13 +117,15 @@ "name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12", "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" }, + { + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, { "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20200904-0006/", "url": "https://security.netapp.com/advisory/ntap-20200904-0006/" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] } diff --git a/2020/9xxx/CVE-2020-9547.json b/2020/9xxx/CVE-2020-9547.json index d51df176016..66b6b911360 100644 --- a/2020/9xxx/CVE-2020-9547.json +++ b/2020/9xxx/CVE-2020-9547.json @@ -147,13 +147,15 @@ "name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12", "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" }, + { + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, { "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20200904-0006/", "url": "https://security.netapp.com/advisory/ntap-20200904-0006/" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] } diff --git a/2020/9xxx/CVE-2020-9548.json b/2020/9xxx/CVE-2020-9548.json index d2f0f596f23..e4c7d89a5a5 100644 --- a/2020/9xxx/CVE-2020-9548.json +++ b/2020/9xxx/CVE-2020-9548.json @@ -112,13 +112,15 @@ "name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12", "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E" }, + { + "url": "https://www.oracle.com/security-alerts/cpuoct2020.html", + "refsource": "MISC", + "name": "https://www.oracle.com/security-alerts/cpuoct2020.html" + }, { "refsource": "CONFIRM", "name": "https://security.netapp.com/advisory/ntap-20200904-0006/", "url": "https://security.netapp.com/advisory/ntap-20200904-0006/" - }, - { - "url": "https://www.oracle.com/security-alerts/cpuoct2020.html" } ] }