"-Synchronized-Data."

2025-08-04 08:44:25 +00:00 · 2022-05-06 21:01:47 +00:00 · 2022-05-06 21:01:47 +00:00 · ddcbd4592a
commit ddcbd4592a
parent 38cf583a2d
3 changed files with 24 additions and 17 deletions
--- a/2021/23xxx/CVE-2021-23592.json
+++ b/2021/23xxx/CVE-2021-23592.json
@ -48,16 +48,19 @@
    "references": {
        "reference_data": [
            {
-                "refsource": "CONFIRM",
-                "url": "https://snyk.io/vuln/SNYK-PHP-TOPTHINKFRAMEWORK-2385695"
+                "refsource": "MISC",
+                "url": "https://snyk.io/vuln/SNYK-PHP-TOPTHINKFRAMEWORK-2385695",
+                "name": "https://snyk.io/vuln/SNYK-PHP-TOPTHINKFRAMEWORK-2385695"
            },
            {
-                "refsource": "CONFIRM",
-                "url": "https://github.com/top-think/framework/releases/tag/v6.0.12"
+                "refsource": "MISC",
+                "url": "https://github.com/top-think/framework/releases/tag/v6.0.12",
+                "name": "https://github.com/top-think/framework/releases/tag/v6.0.12"
            },
            {
-                "refsource": "CONFIRM",
-                "url": "https://github.com/top-think/framework/commit/d3b5aeae94bc71bae97977d05cd12c3e0550905c"
+                "refsource": "MISC",
+                "url": "https://github.com/top-think/framework/commit/d3b5aeae94bc71bae97977d05cd12c3e0550905c",
+                "name": "https://github.com/top-think/framework/commit/d3b5aeae94bc71bae97977d05cd12c3e0550905c"
            }
        ]
    },
@ -65,7 +68,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "The package topthink/framework before 6.0.12 are vulnerable to Deserialization of Untrusted Data due to insecure unserialize method in the Driver class.\n"
+                "value": "The package topthink/framework before 6.0.12 are vulnerable to Deserialization of Untrusted Data due to insecure unserialize method in the Driver class."
            }
        ]
    },
--- a/2021/23xxx/CVE-2021-23792.json
+++ b/2021/23xxx/CVE-2021-23792.json
@ -48,12 +48,14 @@
    "references": {
        "reference_data": [
            {
-                "refsource": "CONFIRM",
-                "url": "https://snyk.io/vuln/SNYK-JAVA-COMTWELVEMONKEYSIMAGEIO-2316763"
+                "refsource": "MISC",
+                "url": "https://snyk.io/vuln/SNYK-JAVA-COMTWELVEMONKEYSIMAGEIO-2316763",
+                "name": "https://snyk.io/vuln/SNYK-JAVA-COMTWELVEMONKEYSIMAGEIO-2316763"
            },
            {
-                "refsource": "CONFIRM",
-                "url": "https://github.com/haraldk/TwelveMonkeys/commit/da4efe98bf09e1cce91b7633cb251958a200fc80"
+                "refsource": "MISC",
+                "url": "https://github.com/haraldk/TwelveMonkeys/commit/da4efe98bf09e1cce91b7633cb251958a200fc80",
+                "name": "https://github.com/haraldk/TwelveMonkeys/commit/da4efe98bf09e1cce91b7633cb251958a200fc80"
            }
        ]
    },
@ -61,7 +63,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "The package com.twelvemonkeys.imageio:imageio-metadata before 3.7.1 are vulnerable to XML External Entity (XXE) Injection due to an insecurely initialized XML parser for reading XMP Metadata. An attacker can exploit this vulnerability if they are able to supply a file (e.g. when an online profile picture is processed) with a malicious XMP segment. If the XMP metadata of the uploaded image is parsed, then the XXE vulnerability is triggered.\n"
+                "value": "The package com.twelvemonkeys.imageio:imageio-metadata before 3.7.1 are vulnerable to XML External Entity (XXE) Injection due to an insecurely initialized XML parser for reading XMP Metadata. An attacker can exploit this vulnerability if they are able to supply a file (e.g. when an online profile picture is processed) with a malicious XMP segment. If the XMP metadata of the uploaded image is parsed, then the XXE vulnerability is triggered."
            }
        ]
    },
--- a/2022/25xxx/CVE-2022-25324.json
+++ b/2022/25xxx/CVE-2022-25324.json
@ -48,12 +48,14 @@
    "references": {
        "reference_data": [
            {
-                "refsource": "CONFIRM",
-                "url": "https://snyk.io/vuln/SNYK-JS-BIGNUM-2388581"
+                "refsource": "MISC",
+                "url": "https://snyk.io/vuln/SNYK-JS-BIGNUM-2388581",
+                "name": "https://snyk.io/vuln/SNYK-JS-BIGNUM-2388581"
            },
            {
-                "refsource": "CONFIRM",
-                "url": "https://github.com/justmoon/node-bignum/blob/ef2e02533e598d6df8421000033c4753cde89ee2/index.js%23L111"
+                "refsource": "MISC",
+                "url": "https://github.com/justmoon/node-bignum/blob/ef2e02533e598d6df8421000033c4753cde89ee2/index.js%23L111",
+                "name": "https://github.com/justmoon/node-bignum/blob/ef2e02533e598d6df8421000033c4753cde89ee2/index.js%23L111"
            }
        ]
    },
@ -61,7 +63,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "All versions of package bignum are vulnerable to Denial of Service (DoS) due to a type-check exception in V8, when verifying the type of the second argument to the\r\n.powm function, V8 will crash regardless of Node try/catch blocks.\r\n\r\n"
+                "value": "All versions of package bignum are vulnerable to Denial of Service (DoS) due to a type-check exception in V8, when verifying the type of the second argument to the .powm function, V8 will crash regardless of Node try/catch blocks."
            }
        ]
    },