From dd7c6fa004c072ff98e6b1e42792df090f7a2054 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 29 Jun 2021 12:00:59 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2021/22xxx/CVE-2021-22545.json | 7 +- 2021/23xxx/CVE-2021-23400.json | 22 +-- 2021/27xxx/CVE-2021-27577.json | 9 +- 2021/28xxx/CVE-2021-28690.json | 271 +++++++++++++++++---------------- 2021/28xxx/CVE-2021-28691.json | 231 ++++++++++++++-------------- 2021/32xxx/CVE-2021-32565.json | 9 +- 2021/34xxx/CVE-2021-34549.json | 61 +++++++- 2021/34xxx/CVE-2021-34550.json | 61 +++++++- 2021/35xxx/CVE-2021-35936.json | 18 +++ 2021/3xxx/CVE-2021-3628.json | 18 +++ 10 files changed, 427 insertions(+), 280 deletions(-) create mode 100644 2021/35xxx/CVE-2021-35936.json create mode 100644 2021/3xxx/CVE-2021-3628.json diff --git a/2021/22xxx/CVE-2021-22545.json b/2021/22xxx/CVE-2021-22545.json index 109bb5c353c..1111221e17b 100644 --- a/2021/22xxx/CVE-2021-22545.json +++ b/2021/22xxx/CVE-2021-22545.json @@ -81,12 +81,13 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://www.zynamics.com/bindiff/manual/index.html#nyyyy7" + "refsource": "MISC", + "url": "https://www.zynamics.com/bindiff/manual/index.html#nyyyy7", + "name": "https://www.zynamics.com/bindiff/manual/index.html#nyyyy7" } ] }, "source": { "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2021/23xxx/CVE-2021-23400.json b/2021/23xxx/CVE-2021-23400.json index e68502409bb..a26e643434f 100644 --- a/2021/23xxx/CVE-2021-23400.json +++ b/2021/23xxx/CVE-2021-23400.json @@ -48,20 +48,24 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://snyk.io/vuln/SNYK-JS-NODEMAILER-1296415" + "refsource": "MISC", + "url": "https://snyk.io/vuln/SNYK-JS-NODEMAILER-1296415", + "name": "https://snyk.io/vuln/SNYK-JS-NODEMAILER-1296415" }, { - "refsource": "CONFIRM", - "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1314737" + "refsource": "MISC", + "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1314737", + "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1314737" }, { - "refsource": "CONFIRM", - "url": "https://github.com/nodemailer/nodemailer/issues/1289" + "refsource": "MISC", + "url": "https://github.com/nodemailer/nodemailer/issues/1289", + "name": "https://github.com/nodemailer/nodemailer/issues/1289" }, { - "refsource": "CONFIRM", - "url": "https://github.com/nodemailer/nodemailer/commit/7e02648cc8cd863f5085bad3cd09087bccf84b9f" + "refsource": "MISC", + "url": "https://github.com/nodemailer/nodemailer/commit/7e02648cc8cd863f5085bad3cd09087bccf84b9f", + "name": "https://github.com/nodemailer/nodemailer/commit/7e02648cc8cd863f5085bad3cd09087bccf84b9f" } ] }, @@ -69,7 +73,7 @@ "description_data": [ { "lang": "eng", - "value": "The package nodemailer before 6.6.1 are vulnerable to HTTP Header Injection if unsanitized user input that may contain newlines and carriage returns is passed into an address object.\r\n\r\n" + "value": "The package nodemailer before 6.6.1 are vulnerable to HTTP Header Injection if unsanitized user input that may contain newlines and carriage returns is passed into an address object." } ] }, diff --git a/2021/27xxx/CVE-2021-27577.json b/2021/27xxx/CVE-2021-27577.json index ceb4249897c..1564032fbc6 100644 --- a/2021/27xxx/CVE-2021-27577.json +++ b/2021/27xxx/CVE-2021-27577.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "Incorrect handling of url fragment vulnerability of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1." + "value": "Incorrect handling of url fragment vulnerability of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1." } ] }, @@ -61,12 +61,13 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://lists.apache.org/thread.html/ra1a41ff92a70d25bf576d7da2590575e8ff430393a3f4a0c34de4277%40%3Cusers.trafficserver.apache.org%3E" + "refsource": "MISC", + "url": "https://lists.apache.org/thread.html/ra1a41ff92a70d25bf576d7da2590575e8ff430393a3f4a0c34de4277%40%3Cusers.trafficserver.apache.org%3E", + "name": "https://lists.apache.org/thread.html/ra1a41ff92a70d25bf576d7da2590575e8ff430393a3f4a0c34de4277%40%3Cusers.trafficserver.apache.org%3E" } ] }, "source": { "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2021/28xxx/CVE-2021-28690.json b/2021/28xxx/CVE-2021-28690.json index ff7536960ca..fba9dca3708 100644 --- a/2021/28xxx/CVE-2021-28690.json +++ b/2021/28xxx/CVE-2021-28690.json @@ -1,136 +1,139 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@xenproject.org", - "ID" : "CVE-2021-28690" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "xen", - "version" : { - "version_data" : [ - { - "version_affected" : "?<", - "version_value" : "4.12" - }, - { - "version_affected" : ">=", - "version_value" : "4.13.x" - }, - { - "version_affected" : "!>", - "version_value" : "xen-unstable" - } - ] - } - }, - { - "product_name" : "xen", - "version" : { - "version_data" : [ - { - "version_value" : "4.12.x" - } - ] - } - }, - { - "product_name" : "xen", - "version" : { - "version_data" : [ - { - "version_value" : "4.11.x" - } - ] - } - } - ] - }, - "vendor_name" : "Xen" + "CVE_data_meta": { + "ASSIGNER": "security@xen.org", + "ID": "CVE-2021-28690", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "xen", + "version": { + "version_data": [ + { + "version_affected": "?<", + "version_value": "4.12" + }, + { + "version_affected": ">=", + "version_value": "4.13.x" + }, + { + "version_affected": "!>", + "version_value": "xen-unstable" + } + ] + } + }, + { + "product_name": "xen", + "version": { + "version_data": [ + { + "version_value": "4.12.x" + } + ] + } + }, + { + "product_name": "xen", + "version": { + "version_data": [ + { + "version_value": "4.11.x" + } + ] + } + } + ] + }, + "vendor_name": "Xen" + } + ] + } + }, + "configuration": { + "configuration_data": { + "description": { + "description_data": [ + { + "lang": "eng", + "value": "See XSA-305 for details of susceptibility to TAA.\n\nOnly systems which are susceptible to TAA and have the XSA-305 fix are\nvulnerable. Only systems which support S3 suspend/resume are vulnerable.\n\nThe vulnerability is only exposed if S3 suspend/resume is used." + } + ] } - ] - } - }, - "configuration" : { - "configuration_data" : { - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "See XSA-305 for details of susceptibility to TAA.\n\nOnly systems which are susceptible to TAA and have the XSA-305 fix are\nvulnerable. Only systems which support S3 suspend/resume are vulnerable.\n\nThe vulnerability is only exposed if S3 suspend/resume is used." - } - ] - } - } - }, - "credit" : { - "credit_data" : { - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "This issue was discovered by Andrew Cooper of Citrix." - } - ] - } - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "x86: TSX Async Abort protections not restored after S3\n\nThis issue relates to the TSX Async Abort speculative security vulnerability.\nPlease see https://xenbits.xen.org/xsa/advisory-305.html for details.\n\nMitigating TAA by disabling TSX (the default and preferred option) requires\nselecting a non-default setting in MSR_TSX_CTRL. This setting isn't restored\nafter S3 suspend." - } - ] - }, - "impact" : { - "impact_data" : { - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "After using S3 suspend at least once, CPU0 remains vulnerable to TAA.\n\nThis is an information leak. For full details of the impact, see\nXSA-305." - } - ] - } - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "unknown" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://xenbits.xenproject.org/xsa/advisory-377.txt" - } - ] - }, - "workaround" : { - "workaround_data" : { - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Not using S3 suspend/resume avoids the vulnerability." - } - ] - } - } - } -} + } + }, + "credit": { + "credit_data": { + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This issue was discovered by Andrew Cooper of Citrix." + } + ] + } + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "x86: TSX Async Abort protections not restored after S3 This issue relates to the TSX Async Abort speculative security vulnerability. Please see https://xenbits.xen.org/xsa/advisory-305.html for details. Mitigating TAA by disabling TSX (the default and preferred option) requires selecting a non-default setting in MSR_TSX_CTRL. This setting isn't restored after S3 suspend." + } + ] + }, + "impact": { + "impact_data": { + "description": { + "description_data": [ + { + "lang": "eng", + "value": "After using S3 suspend at least once, CPU0 remains vulnerable to TAA.\n\nThis is an information leak. For full details of the impact, see\nXSA-305." + } + ] + } + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "unknown" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://xenbits.xenproject.org/xsa/advisory-377.txt", + "refsource": "MISC", + "name": "https://xenbits.xenproject.org/xsa/advisory-377.txt" + } + ] + }, + "workaround": { + "workaround_data": { + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Not using S3 suspend/resume avoids the vulnerability." + } + ] + } + } + } +} \ No newline at end of file diff --git a/2021/28xxx/CVE-2021-28691.json b/2021/28xxx/CVE-2021-28691.json index d6f7cb8e87b..384745f1f23 100644 --- a/2021/28xxx/CVE-2021-28691.json +++ b/2021/28xxx/CVE-2021-28691.json @@ -1,116 +1,119 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@xenproject.org", - "ID" : "CVE-2021-28691" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Linux", - "version" : { - "version_data" : [ - { - "version_affected" : "?<", - "version_value" : "4.12" - }, - { - "version_affected" : ">=", - "version_value" : "5.5.0" - }, - { - "version_affected" : "!>", - "version_value" : "5.12.2" - } - ] - } - } - ] - }, - "vendor_name" : "Linux" + "CVE_data_meta": { + "ASSIGNER": "security@xen.org", + "ID": "CVE-2021-28691", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Linux", + "version": { + "version_data": [ + { + "version_affected": "?<", + "version_value": "4.12" + }, + { + "version_affected": ">=", + "version_value": "5.5.0" + }, + { + "version_affected": "!>", + "version_value": "5.12.2" + } + ] + } + } + ] + }, + "vendor_name": "Linux" + } + ] + } + }, + "configuration": { + "configuration_data": { + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Systems using Linux version 5.5 or newer are vulnerable." + } + ] } - ] - } - }, - "configuration" : { - "configuration_data" : { - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Systems using Linux version 5.5 or newer are vulnerable." - } - ] - } - } - }, - "credit" : { - "credit_data" : { - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "This issue was discovered by Michael Brown of iPXE and diagnosed by\nOlivier Benjamin, Michael Kurth and Martin Mazein of AWS." - } - ] - } - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Guest triggered use-after-free in Linux xen-netback\n\nA malicious or buggy network PV frontend can force Linux netback to\ndisable the interface and terminate the receive kernel thread\nassociated with queue 0 in response to the frontend sending a\nmalformed packet.\n\nSuch kernel thread termination will lead to a use-after-free in Linux\nnetback when the backend is destroyed, as the kernel thread associated\nwith queue 0 will have already exited and thus the call to\nkthread_stop will be performed against a stale pointer." - } - ] - }, - "impact" : { - "impact_data" : { - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A malicious or buggy frontend driver can trigger a dom0 crash.\nPrivilege escalation and information leaks cannot be ruled out." - } - ] - } - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "unknown" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://xenbits.xenproject.org/xsa/advisory-374.txt" - } - ] - }, - "workaround" : { - "workaround_data" : { - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "On x86 running only HVM guests with emulated network cards will avoid the\nissue. There's however no option in the upstream toolstack to offer only\nemulated network cards to guests." - } - ] - } - } - } -} + } + }, + "credit": { + "credit_data": { + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This issue was discovered by Michael Brown of iPXE and diagnosed by\nOlivier Benjamin, Michael Kurth and Martin Mazein of AWS." + } + ] + } + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Guest triggered use-after-free in Linux xen-netback A malicious or buggy network PV frontend can force Linux netback to disable the interface and terminate the receive kernel thread associated with queue 0 in response to the frontend sending a malformed packet. Such kernel thread termination will lead to a use-after-free in Linux netback when the backend is destroyed, as the kernel thread associated with queue 0 will have already exited and thus the call to kthread_stop will be performed against a stale pointer." + } + ] + }, + "impact": { + "impact_data": { + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A malicious or buggy frontend driver can trigger a dom0 crash.\nPrivilege escalation and information leaks cannot be ruled out." + } + ] + } + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "unknown" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://xenbits.xenproject.org/xsa/advisory-374.txt", + "refsource": "MISC", + "name": "https://xenbits.xenproject.org/xsa/advisory-374.txt" + } + ] + }, + "workaround": { + "workaround_data": { + "description": { + "description_data": [ + { + "lang": "eng", + "value": "On x86 running only HVM guests with emulated network cards will avoid the\nissue. There's however no option in the upstream toolstack to offer only\nemulated network cards to guests." + } + ] + } + } + } +} \ No newline at end of file diff --git a/2021/32xxx/CVE-2021-32565.json b/2021/32xxx/CVE-2021-32565.json index facb72a2cf7..e01f59917d2 100644 --- a/2021/32xxx/CVE-2021-32565.json +++ b/2021/32xxx/CVE-2021-32565.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "Invalid values in the Content-Length header sent to Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1." + "value": "Invalid values in the Content-Length header sent to Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1." } ] }, @@ -61,12 +61,13 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://lists.apache.org/thread.html/ra1a41ff92a70d25bf576d7da2590575e8ff430393a3f4a0c34de4277%40%3Cusers.trafficserver.apache.org%3E" + "refsource": "MISC", + "url": "https://lists.apache.org/thread.html/ra1a41ff92a70d25bf576d7da2590575e8ff430393a3f4a0c34de4277%40%3Cusers.trafficserver.apache.org%3E", + "name": "https://lists.apache.org/thread.html/ra1a41ff92a70d25bf576d7da2590575e8ff430393a3f4a0c34de4277%40%3Cusers.trafficserver.apache.org%3E" } ] }, "source": { "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34549.json b/2021/34xxx/CVE-2021-34549.json index c2ba5dba725..5ffd546b84a 100644 --- a/2021/34xxx/CVE-2021-34549.json +++ b/2021/34xxx/CVE-2021-34549.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-34549", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-34549", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-005. Hashing is mishandled for certain retrieval of circuit data. Consequently. an attacker can trigger the use of an attacker-chosen circuit ID to cause algorithm inefficiency." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://gitlab.torproject.org/tpo/core/tor/-/issues/40391", + "url": "https://gitlab.torproject.org/tpo/core/tor/-/issues/40391" + }, + { + "refsource": "CONFIRM", + "name": "https://blog.torproject.org/node/2041", + "url": "https://blog.torproject.org/node/2041" } ] } diff --git a/2021/34xxx/CVE-2021-34550.json b/2021/34xxx/CVE-2021-34550.json index 7822cfd61ed..f6cc5304126 100644 --- a/2021/34xxx/CVE-2021-34550.json +++ b/2021/34xxx/CVE-2021-34550.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-34550", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-34550", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Tor before 0.4.6.5, aka TROVE-2021-006. The v3 onion service descriptor parsing allows out-of-bounds memory access, and a client crash, via a crafted onion service descriptor" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://gitlab.torproject.org/tpo/core/tor/-/issues/40392", + "url": "https://gitlab.torproject.org/tpo/core/tor/-/issues/40392" + }, + { + "refsource": "CONFIRM", + "name": "https://blog.torproject.org/node/2041", + "url": "https://blog.torproject.org/node/2041" } ] } diff --git a/2021/35xxx/CVE-2021-35936.json b/2021/35xxx/CVE-2021-35936.json new file mode 100644 index 00000000000..9dabb506257 --- /dev/null +++ b/2021/35xxx/CVE-2021-35936.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-35936", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3628.json b/2021/3xxx/CVE-2021-3628.json new file mode 100644 index 00000000000..ca53e022b15 --- /dev/null +++ b/2021/3xxx/CVE-2021-3628.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3628", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file