diff --git a/2018/20xxx/CVE-2018-20200.json b/2018/20xxx/CVE-2018-20200.json index 3bb267b1ce7..c61f12d9b8f 100644 --- a/2018/20xxx/CVE-2018-20200.json +++ b/2018/20xxx/CVE-2018-20200.json @@ -86,6 +86,16 @@ "refsource": "MLIST", "name": "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", + "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[flink-user] 20201022 Dependency vulnerabilities with flink 1.11.1 version", + "url": "https://lists.apache.org/thread.html/r0dd7ff197b2e3bdd80a0326587ca3d0c22e10d1dba17c769d6da7d7a@%3Cuser.flink.apache.org%3E" } ] } diff --git a/2018/8xxx/CVE-2018-8023.json b/2018/8xxx/CVE-2018-8023.json index 8c9cbb23a9c..eac200561ed 100644 --- a/2018/8xxx/CVE-2018-8023.json +++ b/2018/8xxx/CVE-2018-8023.json @@ -63,6 +63,11 @@ "name": "[dev] 20180921 CVE-2018-8023: A remote attacker can exploit a vulnerability in the JWT implementation to gain unauthenticated access to Mesos Executor HTTP API.", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/9b9d3f6bd09f3ebd2284b82077033bdc71da550a1c4c010c2494acc3@%3Cdev.mesos.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[flink-user] 20201022 Dependency vulnerabilities with flink 1.11.1 version", + "url": "https://lists.apache.org/thread.html/r0dd7ff197b2e3bdd80a0326587ca3d0c22e10d1dba17c769d6da7d7a@%3Cuser.flink.apache.org%3E" } ] } diff --git a/2020/27xxx/CVE-2020-27638.json b/2020/27xxx/CVE-2020-27638.json new file mode 100644 index 00000000000..765df3d74ef --- /dev/null +++ b/2020/27xxx/CVE-2020-27638.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-27638", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "receive.c in fastd before v21 allows denial of service (assertion failure) when receiving packets with an invalid type code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://fastd.readthedocs.io/en/stable/releases/v21.html", + "refsource": "MISC", + "name": "https://fastd.readthedocs.io/en/stable/releases/v21.html" + }, + { + "url": "https://github.com/NeoRaider/fastd/commit/737925113363b6130879729cdff9ccc46c33eaea", + "refsource": "MISC", + "name": "https://github.com/NeoRaider/fastd/commit/737925113363b6130879729cdff9ccc46c33eaea" + }, + { + "url": "https://bugs.debian.org/972521", + "refsource": "MISC", + "name": "https://bugs.debian.org/972521" + } + ] + } +} \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27639.json b/2020/27xxx/CVE-2020-27639.json new file mode 100644 index 00000000000..b059e06e342 --- /dev/null +++ b/2020/27xxx/CVE-2020-27639.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-27639", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27640.json b/2020/27xxx/CVE-2020-27640.json new file mode 100644 index 00000000000..eb809541c71 --- /dev/null +++ b/2020/27xxx/CVE-2020-27640.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-27640", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27641.json b/2020/27xxx/CVE-2020-27641.json new file mode 100644 index 00000000000..a7d2054f6bc --- /dev/null +++ b/2020/27xxx/CVE-2020-27641.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-27641", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/27xxx/CVE-2020-27642.json b/2020/27xxx/CVE-2020-27642.json new file mode 100644 index 00000000000..63fc432934f --- /dev/null +++ b/2020/27xxx/CVE-2020-27642.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-27642", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A cross-site scripting (XSS) vulnerability exists in the 'merge account' functionality in admins.js in BigBlueButton Greenlight 2.7.6." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/bigbluebutton/greenlight/pull/2214", + "refsource": "MISC", + "name": "https://github.com/bigbluebutton/greenlight/pull/2214" + } + ] + } +} \ No newline at end of file