"-Synchronized-Data."

2025-08-04 08:44:25 +00:00 · 2021-07-13 16:00:50 +00:00 · 2021-07-13 16:00:50 +00:00 · e9fbacf33d
commit e9fbacf33d
parent cb20bc4daf
4 changed files with 23 additions and 62 deletions
--- a/2021/21xxx/CVE-2021-21417.json
+++ b/2021/21xxx/CVE-2021-21417.json
@ -74,10 +74,20 @@
                "refsource": "MISC",
                "url": "https://github.com/FluidSynth/fluidsynth/issues/808"
            },
+            {
+                "refsource": "MISC",
+                "name": "https://github.com/FluidSynth/fluidsynth/pull/810",
+                "url": "https://github.com/FluidSynth/fluidsynth/pull/810"
+            },
            {
                "name": "https://github.com/FluidSynth/fluidsynth/security/advisories/GHSA-6fcq-pxhc-jxc9",
                "refsource": "CONFIRM",
                "url": "https://github.com/FluidSynth/fluidsynth/security/advisories/GHSA-6fcq-pxhc-jxc9"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[debian-lts-announce] 20210629 [SECURITY] [DLA 2697-1] fluidsynth security update",
+                "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00027.html"
            }
        ]
    },
--- a/2021/21xxx/CVE-2021-21513.json
+++ b/2021/21xxx/CVE-2021-21513.json
@ -62,6 +62,11 @@
    },
    "references": {
        "reference_data": [
+            {
+                "refsource": "MISC",
+                "name": "https://www.tenable.com/security/research/tra-2021-07",
+                "url": "https://www.tenable.com/security/research/tra-2021-07"
+            },
            {
                "refsource": "MISC",
                "url": "https://www.dell.com/support/kbdoc/en-us/000183670/dsa-2021-040-dell-emc-openmanage-server-administrator-omsa-security-update-for-multiple-vulnerabilities",
--- a/2021/26xxx/CVE-2021-26580.json
+++ b/2021/26xxx/CVE-2021-26580.json
@ -55,7 +55,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "A potential security vulnerability has been identified in HPE iLO Amplifier Pack. The vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS). HPE has provided the following software update to resolve the vulnerability in HPE iLO Amplifier Pack: HPE iLO Amplifier Pack 1.80 or later."
+                "value": "A potential security vulnerability has been identified in HPE iLO Amplifier Pack. The vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS). HPE has provided the following software update to resolve the vulnerability in HPE iLO Amplifier Pack: HPE iLO Amplifier Pack 1.95 or later."
            }
        ]
    }
--- a/2021/28xxx/CVE-2021-28421.json
+++ b/2021/28xxx/CVE-2021-28421.json
@ -1,71 +1,17 @@
 {
-    "CVE_data_meta": {
-        "ASSIGNER": "cve@mitre.org",
-        "ID": "CVE-2021-28421",
-        "STATE": "PUBLIC"
-    },
-    "affects": {
-        "vendor": {
-            "vendor_data": [
-                {
-                    "product": {
-                        "product_data": [
-                            {
-                                "product_name": "n/a",
-                                "version": {
-                                    "version_data": [
-                                        {
-                                            "version_value": "n/a"
-                                        }
-                                    ]
-                                }
-                            }
-                        ]
-                    },
-                    "vendor_name": "n/a"
-                }
-            ]
-        }
-    },
-    "data_format": "MITRE",
    "data_type": "CVE",
+    "data_format": "MITRE",
    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2021-28421",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "REJECT"
+    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "FluidSynth 2.1.7 contains a use after free vulnerability in sfloader/fluid_sffile.c that can result in arbitrary code execution or a denial of service (DoS) if a malicious soundfont2 file is loaded into a fluidsynth library."
-            }
-        ]
-    },
-    "problemtype": {
-        "problemtype_data": [
-            {
-                "description": [
-                    {
-                        "lang": "eng",
-                        "value": "n/a"
-                    }
-                ]
-            }
-        ]
-    },
-    "references": {
-        "reference_data": [
-            {
-                "url": "https://github.com/FluidSynth/fluidsynth/issues/808",
-                "refsource": "MISC",
-                "name": "https://github.com/FluidSynth/fluidsynth/issues/808"
-            },
-            {
-                "refsource": "MISC",
-                "name": "https://github.com/FluidSynth/fluidsynth/pull/810",
-                "url": "https://github.com/FluidSynth/fluidsynth/pull/810"
-            },
-            {
-                "refsource": "MLIST",
-                "name": "[debian-lts-announce] 20210629 [SECURITY] [DLA 2697-1] fluidsynth security update",
-                "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00027.html"
+                "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-21417. Reason: This candidate is a duplicate of CVE-2021-21417. Notes: All CVE users should reference CVE-2021-21417 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
            }
        ]
    }