admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-09-21 11:00:59 +00:00
parent ec27b62e54
commit f1bfede62a
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
10 changed files with 158 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
2021/26xxx/CVE-2021-26333.json
View File

@ -1,18 +1,83 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@amd.com",
"DATE_PUBLIC": "2021-09-14T19:30:00.000Z",
"ID": "CVE-2021-26333",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "AMD Chipset Driver Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PSP Driver",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "PSP Driver",
"version_value": "5.17.0.0"
}
]
}
}
]
},
"vendor_name": "AMD"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An information disclosure vulnerability exists in AMD Platform Security Processor (PSP) chipset driver. The discretionary access control list (DACL) may allow low privileged users to open a handle and send requests to the driver resulting in a potential data leak from uninitialized physical pages."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "FULLDISC",
"name": "20210917 AMD Chipset Driver Information Disclosure Vulnerability [CVE-2021-26333]",
"url": "http://seclists.org/fulldisclosure/2021/Sep/24"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/164202/AMD-Chipset-Driver-Information-Disclosure-Memory-Leak.html",
"url": "http://packetstormsecurity.com/files/164202/AMD-Chipset-Driver-Information-Disclosure-Memory-Leak.html"
},
{
"refsource": "MISC",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1009",
"name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1009"
}
]
},
"source": {
"advisory": "AMD-SB-1009",
"discovery": "EXTERNAL"
}
}

5
2021/28xxx/CVE-2021-28694.json
View File

@ -167,6 +167,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2021-d68ed12e46",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZCNPSRPGFCQRYE2BI4D4Q4SCE56ANV2/"
},
{
"refsource": "DEBIAN",
"name": "DSA-4977",
"url": "https://www.debian.org/security/2021/dsa-4977"
}
]
},

5
2021/28xxx/CVE-2021-28695.json
View File

@ -167,6 +167,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2021-d68ed12e46",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZCNPSRPGFCQRYE2BI4D4Q4SCE56ANV2/"
},
{
"refsource": "DEBIAN",
"name": "DSA-4977",
"url": "https://www.debian.org/security/2021/dsa-4977"
}
]
},

5
2021/28xxx/CVE-2021-28696.json
View File

@ -167,6 +167,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2021-d68ed12e46",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZCNPSRPGFCQRYE2BI4D4Q4SCE56ANV2/"
},
{
"refsource": "DEBIAN",
"name": "DSA-4977",
"url": "https://www.debian.org/security/2021/dsa-4977"
}
]
},

5
2021/28xxx/CVE-2021-28697.json
View File

@ -150,6 +150,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2021-d68ed12e46",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZCNPSRPGFCQRYE2BI4D4Q4SCE56ANV2/"
},
{
"refsource": "DEBIAN",
"name": "DSA-4977",
"url": "https://www.debian.org/security/2021/dsa-4977"
}
]
},

5
2021/28xxx/CVE-2021-28698.json
View File

@ -156,6 +156,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2021-d68ed12e46",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZCNPSRPGFCQRYE2BI4D4Q4SCE56ANV2/"
},
{
"refsource": "DEBIAN",
"name": "DSA-4977",
"url": "https://www.debian.org/security/2021/dsa-4977"
}
]
},

5
2021/28xxx/CVE-2021-28699.json
View File

@ -111,6 +111,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2021-d68ed12e46",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZCNPSRPGFCQRYE2BI4D4Q4SCE56ANV2/"
},
{
"refsource": "DEBIAN",
"name": "DSA-4977",
"url": "https://www.debian.org/security/2021/dsa-4977"
}
]
},

5
2021/28xxx/CVE-2021-28700.json
View File

@ -121,6 +121,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2021-d68ed12e46",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZCNPSRPGFCQRYE2BI4D4Q4SCE56ANV2/"
},
{
"refsource": "DEBIAN",
"name": "DSA-4977",
"url": "https://www.debian.org/security/2021/dsa-4977"
}
]
},

5
2021/28xxx/CVE-2021-28701.json
View File

@ -150,6 +150,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2021-fed53cbc7d",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CEHZLIR5DFYYQBH55AERWHLO54OFU42C/"
},
{
"refsource": "DEBIAN",
"name": "DSA-4977",
"url": "https://www.debian.org/security/2021/dsa-4977"
}
]
},

50
2021/31xxx/CVE-2021-31917.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-31917",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat DataGrid and Infinispan",
"version": {
"version_data": [
{
"version_value": "Red Hat DataGrid 8.x (8.0.0, 8.0.1, 8.1.0 and 8.1.1) and Infinispan (10.0.0 through 12.0.0)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2021-31917",
"url": "https://access.redhat.com/security/cve/cve-2021-31917"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A flaw was found in Red Hat DataGrid 8.x (8.0.0, 8.0.1, 8.1.0 and 8.1.1) and Infinispan (10.0.0 through 12.0.0). An attacker could bypass authentication on all REST endpoints when DIGEST is used as the authentication method. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."
}
]
}