From e3fdb1fdba70eda2e9fe66cf83420b806751d56e Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 21 Jun 2021 16:00:48 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/21xxx/CVE-2020-21130.json | 56 ++++++++++++++++++++++++--- 2020/36xxx/CVE-2020-36390.json | 18 +++++++++ 2020/36xxx/CVE-2020-36391.json | 18 +++++++++ 2020/36xxx/CVE-2020-36392.json | 18 +++++++++ 2020/36xxx/CVE-2020-36393.json | 18 +++++++++ 2021/20xxx/CVE-2021-20248.json | 4 +- 2021/20xxx/CVE-2021-20249.json | 4 +- 2021/29xxx/CVE-2021-29059.json | 71 +++++++++++++++++++++++++++++++--- 2021/29xxx/CVE-2021-29060.json | 71 +++++++++++++++++++++++++++++++--- 9 files changed, 256 insertions(+), 22 deletions(-) create mode 100644 2020/36xxx/CVE-2020-36390.json create mode 100644 2020/36xxx/CVE-2020-36391.json create mode 100644 2020/36xxx/CVE-2020-36392.json create mode 100644 2020/36xxx/CVE-2020-36393.json diff --git a/2020/21xxx/CVE-2020-21130.json b/2020/21xxx/CVE-2020-21130.json index 1740df2ea90..587efec567d 100644 --- a/2020/21xxx/CVE-2020-21130.json +++ b/2020/21xxx/CVE-2020-21130.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-21130", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-21130", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Scripting (XSS) vulnerability in HisiPHP 2.0.8 via the group name in addgroup.html." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/hisiphp/hisiphp/issues/7", + "refsource": "MISC", + "name": "https://github.com/hisiphp/hisiphp/issues/7" } ] } diff --git a/2020/36xxx/CVE-2020-36390.json b/2020/36xxx/CVE-2020-36390.json new file mode 100644 index 00000000000..d3a5bee5138 --- /dev/null +++ b/2020/36xxx/CVE-2020-36390.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-36390", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/36xxx/CVE-2020-36391.json b/2020/36xxx/CVE-2020-36391.json new file mode 100644 index 00000000000..3a3f210a442 --- /dev/null +++ b/2020/36xxx/CVE-2020-36391.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-36391", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/36xxx/CVE-2020-36392.json b/2020/36xxx/CVE-2020-36392.json new file mode 100644 index 00000000000..6a3b475feb9 --- /dev/null +++ b/2020/36xxx/CVE-2020-36392.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-36392", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/36xxx/CVE-2020-36393.json b/2020/36xxx/CVE-2020-36393.json new file mode 100644 index 00000000000..1f5e8ba31b1 --- /dev/null +++ b/2020/36xxx/CVE-2020-36393.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-36393", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/20xxx/CVE-2021-20248.json b/2021/20xxx/CVE-2021-20248.json index 89a7e978bc7..ace4eec81d1 100644 --- a/2021/20xxx/CVE-2021-20248.json +++ b/2021/20xxx/CVE-2021-20248.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2021-20248", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." } ] } diff --git a/2021/20xxx/CVE-2021-20249.json b/2021/20xxx/CVE-2021-20249.json index 82cc2bc681b..554c976635c 100644 --- a/2021/20xxx/CVE-2021-20249.json +++ b/2021/20xxx/CVE-2021-20249.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2021-20249", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." } ] } diff --git a/2021/29xxx/CVE-2021-29059.json b/2021/29xxx/CVE-2021-29059.json index c11021d137a..360253dbf74 100644 --- a/2021/29xxx/CVE-2021-29059.json +++ b/2021/29xxx/CVE-2021-29059.json @@ -1,17 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-29059", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-29059", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was discovered in IS-SVG version 4.3.1 and below where a Regular Expression Denial of Service (ReDOS) occurs if the application is provided and checks a crafted invalid SVG string." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.npmjs.com/package/is-svg", + "refsource": "MISC", + "name": "https://www.npmjs.com/package/is-svg" + }, + { + "url": "https://github.com/yetingli/SaveResults/blob/main/js/is-svg.js", + "refsource": "MISC", + "name": "https://github.com/yetingli/SaveResults/blob/main/js/is-svg.js" + }, + { + "url": "https://github.com/sindresorhus/is-svg/releases/tag/v4.3.0", + "refsource": "MISC", + "name": "https://github.com/sindresorhus/is-svg/releases/tag/v4.3.0" + }, + { + "refsource": "MISC", + "name": "https://github.com/yetingli/PoCs/blob/main/CVE-2021-29059/IS-SVG.md", + "url": "https://github.com/yetingli/PoCs/blob/main/CVE-2021-29059/IS-SVG.md" } ] } diff --git a/2021/29xxx/CVE-2021-29060.json b/2021/29xxx/CVE-2021-29060.json index 523508f45ae..aff3b082e8c 100644 --- a/2021/29xxx/CVE-2021-29060.json +++ b/2021/29xxx/CVE-2021-29060.json @@ -1,17 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-29060", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-29060", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB string." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/yetingli/SaveResults/blob/main/js/color-string.js", + "refsource": "MISC", + "name": "https://github.com/yetingli/SaveResults/blob/main/js/color-string.js" + }, + { + "url": "https://github.com/Qix-/color-string/commit/0789e21284c33d89ebc4ab4ca6f759b9375ac9d3", + "refsource": "MISC", + "name": "https://github.com/Qix-/color-string/commit/0789e21284c33d89ebc4ab4ca6f759b9375ac9d3" + }, + { + "url": "https://www.npmjs.com/package/color-string", + "refsource": "MISC", + "name": "https://www.npmjs.com/package/color-string" + }, + { + "refsource": "MISC", + "name": "https://github.com/yetingli/PoCs/blob/main/CVE-2021-29060/Color-String.md", + "url": "https://github.com/yetingli/PoCs/blob/main/CVE-2021-29060/Color-String.md" } ] }