"-Synchronized-Data."

2025-06-19 17:32:41 +00:00 · 2020-01-17 19:01:17 +00:00 · 2020-01-17 19:01:17 +00:00 · dac7f3de17
commit dac7f3de17
parent b62647ad8a
24 changed files with 111 additions and 15 deletions
--- a/2007/6xxx/CVE-2007-6070.json
+++ b/2007/6xxx/CVE-2007-6070.json
@ -1,17 +1,17 @@
 {
    "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2007-6070",
        "STATE": "RESERVED"
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_format": "MITRE",
    "data_version": "4.0",
    "CVE_data_meta": {
        "ID": "CVE-2007-6070",
        "ASSIGNER": "cve@mitre.org",
        "STATE": "REJECT"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-1382. Reason: This candidate is a reservation duplicate of CVE-2008-1382. Notes: All CVE users should reference CVE-2008-1382 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
            }
        ]
    }
--- a/2019/19xxx/CVE-2019-19339.json
+++ b/2019/19xxx/CVE-2019-19339.json
@ -4,7 +4,8 @@
    "data_version": "4.0",
    "CVE_data_meta": {
        "ID": "CVE-2019-19339",
-        "ASSIGNER": "msiddiqu@redhat.com"
+        "ASSIGNER": "secalert@redhat.com",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2019/20xxx/CVE-2019-20009.json
+++ b/2019/20xxx/CVE-2019-20009.json
@ -66,6 +66,11 @@
                "url": "https://github.com/LibreDWG/libredwg/issues/176#issue-541977765",
                "refsource": "MISC",
                "name": "https://github.com/LibreDWG/libredwg/issues/176#issue-541977765"
            },
            {
                "refsource": "SUSE",
                "name": "openSUSE-SU-2020:0068",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html"
            }
        ]
    }
--- a/2019/20xxx/CVE-2019-20010.json
+++ b/2019/20xxx/CVE-2019-20010.json
@ -61,6 +61,11 @@
                "url": "https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643383",
                "refsource": "MISC",
                "name": "https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643383"
            },
            {
                "refsource": "SUSE",
                "name": "openSUSE-SU-2020:0068",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html"
            }
        ]
    }
--- a/2019/20xxx/CVE-2019-20011.json
+++ b/2019/20xxx/CVE-2019-20011.json
@ -61,6 +61,11 @@
                "url": "https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643439",
                "refsource": "MISC",
                "name": "https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643439"
            },
            {
                "refsource": "SUSE",
                "name": "openSUSE-SU-2020:0068",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html"
            }
        ]
    }
--- a/2019/20xxx/CVE-2019-20012.json
+++ b/2019/20xxx/CVE-2019-20012.json
@ -61,6 +61,11 @@
                "url": "https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643088",
                "refsource": "MISC",
                "name": "https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643088"
            },
            {
                "refsource": "SUSE",
                "name": "openSUSE-SU-2020:0068",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html"
            }
        ]
    }
--- a/2019/20xxx/CVE-2019-20013.json
+++ b/2019/20xxx/CVE-2019-20013.json
@ -66,6 +66,11 @@
                "url": "https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643060",
                "refsource": "MISC",
                "name": "https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643060"
            },
            {
                "refsource": "SUSE",
                "name": "openSUSE-SU-2020:0068",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html"
            }
        ]
    }
--- a/2019/20xxx/CVE-2019-20014.json
+++ b/2019/20xxx/CVE-2019-20014.json
@ -66,6 +66,11 @@
                "url": "https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643172",
                "refsource": "MISC",
                "name": "https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643172"
            },
            {
                "refsource": "SUSE",
                "name": "openSUSE-SU-2020:0068",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html"
            }
        ]
    }
--- a/2019/20xxx/CVE-2019-20015.json
+++ b/2019/20xxx/CVE-2019-20015.json
@ -61,6 +61,11 @@
                "url": "https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643028",
                "refsource": "MISC",
                "name": "https://github.com/LibreDWG/libredwg/issues/176#issuecomment-568643028"
            },
            {
                "refsource": "SUSE",
                "name": "openSUSE-SU-2020:0068",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html"
            }
        ]
    }
--- a/2019/9xxx/CVE-2019-9770.json
+++ b/2019/9xxx/CVE-2019-9770.json
@ -66,6 +66,11 @@
                "refsource": "BID",
                "name": "107447",
                "url": "http://www.securityfocus.com/bid/107447"
            },
            {
                "refsource": "SUSE",
                "name": "openSUSE-SU-2020:0068",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html"
            }
        ]
    }
--- a/2019/9xxx/CVE-2019-9771.json
+++ b/2019/9xxx/CVE-2019-9771.json
@ -66,6 +66,11 @@
                "refsource": "BID",
                "name": "107447",
                "url": "http://www.securityfocus.com/bid/107447"
            },
            {
                "refsource": "SUSE",
                "name": "openSUSE-SU-2020:0068",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html"
            }
        ]
    }
--- a/2019/9xxx/CVE-2019-9772.json
+++ b/2019/9xxx/CVE-2019-9772.json
@ -66,6 +66,11 @@
                "refsource": "BID",
                "name": "107447",
                "url": "http://www.securityfocus.com/bid/107447"
            },
            {
                "refsource": "SUSE",
                "name": "openSUSE-SU-2020:0068",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html"
            }
        ]
    }
--- a/2019/9xxx/CVE-2019-9773.json
+++ b/2019/9xxx/CVE-2019-9773.json
@ -66,6 +66,11 @@
                "refsource": "BID",
                "name": "107447",
                "url": "http://www.securityfocus.com/bid/107447"
            },
            {
                "refsource": "SUSE",
                "name": "openSUSE-SU-2020:0068",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html"
            }
        ]
    }
--- a/2019/9xxx/CVE-2019-9774.json
+++ b/2019/9xxx/CVE-2019-9774.json
@ -66,6 +66,11 @@
                "refsource": "BID",
                "name": "107447",
                "url": "http://www.securityfocus.com/bid/107447"
            },
            {
                "refsource": "SUSE",
                "name": "openSUSE-SU-2020:0068",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html"
            }
        ]
    }
--- a/2019/9xxx/CVE-2019-9775.json
+++ b/2019/9xxx/CVE-2019-9775.json
@ -66,6 +66,11 @@
                "refsource": "BID",
                "name": "107447",
                "url": "http://www.securityfocus.com/bid/107447"
            },
            {
                "refsource": "SUSE",
                "name": "openSUSE-SU-2020:0068",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html"
            }
        ]
    }
--- a/2019/9xxx/CVE-2019-9776.json
+++ b/2019/9xxx/CVE-2019-9776.json
@ -66,6 +66,11 @@
                "refsource": "BID",
                "name": "107447",
                "url": "http://www.securityfocus.com/bid/107447"
            },
            {
                "refsource": "SUSE",
                "name": "openSUSE-SU-2020:0068",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html"
            }
        ]
    }
--- a/2019/9xxx/CVE-2019-9777.json
+++ b/2019/9xxx/CVE-2019-9777.json
@ -66,6 +66,11 @@
                "refsource": "BID",
                "name": "107447",
                "url": "http://www.securityfocus.com/bid/107447"
            },
            {
                "refsource": "SUSE",
                "name": "openSUSE-SU-2020:0068",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html"
            }
        ]
    }
--- a/2019/9xxx/CVE-2019-9778.json
+++ b/2019/9xxx/CVE-2019-9778.json
@ -66,6 +66,11 @@
                "refsource": "BID",
                "name": "107447",
                "url": "http://www.securityfocus.com/bid/107447"
            },
            {
                "refsource": "SUSE",
                "name": "openSUSE-SU-2020:0068",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html"
            }
        ]
    }
--- a/2019/9xxx/CVE-2019-9779.json
+++ b/2019/9xxx/CVE-2019-9779.json
@ -66,6 +66,11 @@
                "refsource": "BID",
                "name": "107447",
                "url": "http://www.securityfocus.com/bid/107447"
            },
            {
                "refsource": "SUSE",
                "name": "openSUSE-SU-2020:0068",
                "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00033.html"
            }
        ]
    }
--- a/2020/2xxx/CVE-2020-2656.json
+++ b/2020/2xxx/CVE-2020-2656.json
@ -66,6 +66,11 @@
                "refsource": "BUGTRAQ",
                "name": "20200117 CVE-2020-2656 - Low impact information disclosure via Solaris xlock",
                "url": "https://seclists.org/bugtraq/2020/Jan/23"
            },
            {
                "refsource": "MISC",
                "name": "http://packetstormsecurity.com/files/155990/Solaris-xlock-Information-Disclosure.html",
                "url": "http://packetstormsecurity.com/files/155990/Solaris-xlock-Information-Disclosure.html"
            }
        ]
    }
--- a/2020/2xxx/CVE-2020-2696.json
+++ b/2020/2xxx/CVE-2020-2696.json
@ -67,6 +67,11 @@
                "refsource": "BUGTRAQ",
                "name": "20200117 CVE-2020-2696 - Local privilege escalation via CDE dtsession",
                "url": "https://seclists.org/bugtraq/2020/Jan/22"
            },
            {
                "refsource": "MISC",
                "name": "http://packetstormsecurity.com/files/155991/Common-Desktop-Environment-2.3.1-Buffer-Overflow.html",
                "url": "http://packetstormsecurity.com/files/155991/Common-Desktop-Environment-2.3.1-Buffer-Overflow.html"
            }
        ]
    }
--- a/2020/5xxx/CVE-2020-5397.json
+++ b/2020/5xxx/CVE-2020-5397.json
@ -41,7 +41,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module) endpoints.\n\nOnly non-authenticated endpoints are vulnerable because preflight requests should not include credentials and therefore requests should fail authentication. However a notable exception to this are Chrome based browsers when using client certificates for authentication since Chrome sends TLS client certificates in CORS preflight requests in violation of spec requirements. \n\nNo HTTP body can be sent or received as a result of this attack."
+                "value": "Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module) endpoints. Only non-authenticated endpoints are vulnerable because preflight requests should not include credentials and therefore requests should fail authentication. However a notable exception to this are Chrome based browsers when using client certificates for authentication since Chrome sends TLS client certificates in CORS preflight requests in violation of spec requirements. No HTTP body can be sent or received as a result of this attack."
            }
        ]
    },