admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-06-17 21:01:53 +00:00
parent c4b1a41ef5
commit df875cf0c6
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
18 changed files with 253 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
2022/21xxx/CVE-2022-21213.json
View File

@ -48,24 +48,29 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JS-MOUT-2342654"
"refsource": "MISC",
"url": "https://github.com/mout/mout/blob/master/src/object/deepFillIn.js",
"name": "https://github.com/mout/mout/blob/master/src/object/deepFillIn.js"
},
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2870622"
"refsource": "MISC",
"url": "https://github.com/mout/mout/blob/master/src/object/deepMixIn.js",
"name": "https://github.com/mout/mout/blob/master/src/object/deepMixIn.js"
},
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-2870623"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-MOUT-2342654",
"name": "https://snyk.io/vuln/SNYK-JS-MOUT-2342654"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/mout/mout/blob/master/src/object/deepFillIn.js"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2870622",
"name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2870622"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/mout/mout/blob/master/src/object/deepMixIn.js"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-2870623",
"name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-2870623"
}
]
},
@ -73,7 +78,7 @@
"description_data": [
{
"lang": "eng",
"value": "This affects all versions of package mout.\n The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well. In both cases, the key used to access the target object recursively is not checked, leading to exploiting this vulnerability.\r\n\r\n**Note:** This vulnerability derives from an incomplete fix of [CVE-2020-7792](https://security.snyk.io/vuln/SNYK-JS-MOUT-1014544).\r\n\r\n\r\n"
"value": "This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well. In both cases, the key used to access the target object recursively is not checked, leading to exploiting this vulnerability. **Note:** This vulnerability derives from an incomplete fix of [CVE-2020-7792](https://security.snyk.io/vuln/SNYK-JS-MOUT-1014544)."
}
]
},

7
2022/22xxx/CVE-2022-22138.json
View File

@ -48,8 +48,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JS-FASTSTRINGSEARCH-2392367"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-FASTSTRINGSEARCH-2392367",
"name": "https://snyk.io/vuln/SNYK-JS-FASTSTRINGSEARCH-2392367"
}
]
},
@ -57,7 +58,7 @@
"description_data": [
{
"lang": "eng",
"value": "All versions of package fast-string-search are vulnerable to Denial of Service (DoS) when computations are incorrect for non-string inputs. One can cause the V8 to attempt reading from non-permitted locations and cause a segmentation fault due to the violation.\r\n\r\n\r\n"
"value": "All versions of package fast-string-search are vulnerable to Denial of Service (DoS) when computations are incorrect for non-string inputs. One can cause the V8 to attempt reading from non-permitted locations and cause a segmentation fault due to the violation."
}
]
},

12
2022/25xxx/CVE-2022-25345.json
View File

@ -48,12 +48,14 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JS-DISCORDJSOPUS-2403100"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-DISCORDJSOPUS-2403100",
"name": "https://snyk.io/vuln/SNYK-JS-DISCORDJSOPUS-2403100"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/discordjs/opus/blob/3ca4341ffdd81cf83cec57045e59e228e6017590/src/node-opus.cc%23L28"
"refsource": "MISC",
"url": "https://github.com/discordjs/opus/blob/3ca4341ffdd81cf83cec57045e59e228e6017590/src/node-opus.cc%23L28",
"name": "https://github.com/discordjs/opus/blob/3ca4341ffdd81cf83cec57045e59e228e6017590/src/node-opus.cc%23L28"
}
]
},
@ -61,7 +63,7 @@
"description_data": [
{
"lang": "eng",
"value": "All versions of package @discordjs/opus are vulnerable to Denial of Service (DoS) when trying to encode using an encoder with zero channels, or a non-initialized buffer. This leads to a hard crash.\r\n\r\n"
"value": "All versions of package @discordjs/opus are vulnerable to Denial of Service (DoS) when trying to encode using an encoder with zero channels, or a non-initialized buffer. This leads to a hard crash."
}
]
},

12
2022/25xxx/CVE-2022-25852.json
View File

@ -66,12 +66,14 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JS-PGNATIVE-2392365"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-PGNATIVE-2392365",
"name": "https://snyk.io/vuln/SNYK-JS-PGNATIVE-2392365"
},
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JS-LIBPQ-2392366"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-LIBPQ-2392366",
"name": "https://snyk.io/vuln/SNYK-JS-LIBPQ-2392366"
}
]
},
@ -79,7 +81,7 @@
"description_data": [
{
"lang": "eng",
"value": "All versions of package pg-native; all versions of package libpq are vulnerable to Denial of Service (DoS) when the addons attempt to cast the second argument to an array and fail. This happens for every non-array argument passed.\r\n\r\n**Note:**\r\npg-native is a mere binding to npm's libpq library, which in turn has the addons and bindings\r\nto the actual C libpq library. This means that problems found in pg-native may transitively impact \r\nnpm's libpq.\r\n\r\n\r\n"
"value": "All versions of package pg-native; all versions of package libpq are vulnerable to Denial of Service (DoS) when the addons attempt to cast the second argument to an array and fail. This happens for every non-array argument passed. **Note:** pg-native is a mere binding to npm's libpq library, which in turn has the addons and bindings to the actual C libpq library. This means that problems found in pg-native may transitively impact npm's libpq."
}
]
},

17
2022/25xxx/CVE-2022-25856.json
View File

@ -48,16 +48,19 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMARGOPROJARGOEVENTSSENSORSARTIFACTS-2864522"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMARGOPROJARGOEVENTSSENSORSARTIFACTS-2864522",
"name": "https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMARGOPROJARGOEVENTSSENSORSARTIFACTS-2864522"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/argoproj/argo-events/commit/d0f66dbce78bc31923ca057b20fc722aa24ca961"
"refsource": "MISC",
"url": "https://github.com/argoproj/argo-events/commit/d0f66dbce78bc31923ca057b20fc722aa24ca961",
"name": "https://github.com/argoproj/argo-events/commit/d0f66dbce78bc31923ca057b20fc722aa24ca961"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/argoproj/argo-events/issues/1947"
"refsource": "MISC",
"url": "https://github.com/argoproj/argo-events/issues/1947",
"name": "https://github.com/argoproj/argo-events/issues/1947"
}
]
},
@ -65,7 +68,7 @@
"description_data": [
{
"lang": "eng",
"value": "The package github.com/argoproj/argo-events/sensors/artifacts before 1.7.1 are vulnerable to Directory Traversal in the (g *GitArtifactReader).Read() API in git.go. This could allow arbitrary file reads if the GitArtifactReader is provided a pathname containing a symbolic link or an implicit directory name such as ...\n"
"value": "The package github.com/argoproj/argo-events/sensors/artifacts before 1.7.1 are vulnerable to Directory Traversal in the (g *GitArtifactReader).Read() API in git.go. This could allow arbitrary file reads if the GitArtifactReader is provided a pathname containing a symbolic link or an implicit directory name such as ..."
}
]
},

7
2022/25xxx/CVE-2022-25871.json
View File

@ -48,8 +48,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JS-QUERYMEN-2391488"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-QUERYMEN-2391488",
"name": "https://snyk.io/vuln/SNYK-JS-QUERYMEN-2391488"
}
]
},
@ -57,7 +58,7 @@
"description_data": [
{
"lang": "eng",
"value": "All versions of package querymen are vulnerable to Prototype Pollution if the parameters of exported function handler(type, name, fn) can be controlled by users without any sanitization.\r\n\r\nNote: This vulnerability derives from an incomplete fix of [CVE-2020-7600](https://security.snyk.io/vuln/SNYK-JS-QUERYMEN-559867).\r\n\r\n"
"value": "All versions of package querymen are vulnerable to Prototype Pollution if the parameters of exported function handler(type, name, fn) can be controlled by users without any sanitization. Note: This vulnerability derives from an incomplete fix of [CVE-2020-7600](https://security.snyk.io/vuln/SNYK-JS-QUERYMEN-559867)."
}
]
},

12
2022/25xxx/CVE-2022-25872.json
View File

@ -48,12 +48,14 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JS-FASTSTRINGSEARCH-2392368"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-FASTSTRINGSEARCH-2392368",
"name": "https://snyk.io/vuln/SNYK-JS-FASTSTRINGSEARCH-2392368"
},
{
"refsource": "CONFIRM",
"url": "https://github.com/magiclen/node-fast-string-search/blob/c8dd9fc966abc80b327f509e63360f59e0de9fb5/src/fast-string-search.c%23L192"
"refsource": "MISC",
"url": "https://github.com/magiclen/node-fast-string-search/blob/c8dd9fc966abc80b327f509e63360f59e0de9fb5/src/fast-string-search.c%23L192",
"name": "https://github.com/magiclen/node-fast-string-search/blob/c8dd9fc966abc80b327f509e63360f59e0de9fb5/src/fast-string-search.c%23L192"
}
]
},
@ -61,7 +63,7 @@
"description_data": [
{
"lang": "eng",
"value": "All versions of package fast-string-search are vulnerable to Out-of-bounds Read due to incorrect memory freeing and length calculation for any non-string input as the source. This allows the attacker to read previously allocated memory.\r\n\r\n"
"value": "All versions of package fast-string-search are vulnerable to Out-of-bounds Read due to incorrect memory freeing and length calculation for any non-string input as the source. This allows the attacker to read previously allocated memory."
}
]
},

18
2022/26xxx/CVE-2022-26084.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-26084",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/29xxx/CVE-2022-29921.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-29921",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/29xxx/CVE-2022-29924.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-29924",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/2xxx/CVE-2022-2122.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-2122",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/31xxx/CVE-2022-31477.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-31477",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/32xxx/CVE-2022-32233.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32233",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/32xxx/CVE-2022-32762.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32762",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/33xxx/CVE-2022-33141.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-33141",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/33xxx/CVE-2022-33176.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-33176",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/33xxx/CVE-2022-33209.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-33209",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2022/33xxx/CVE-2022-33942.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-33942",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}