From f63a9c959475afa9c7adfdc900a8284e058ffa1c Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 19 Sep 2022 17:00:42 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2022/37xxx/CVE-2022-37775.json | 5 +++ 2022/38xxx/CVE-2022-38333.json | 66 ++++++++++++++++++++++++++++++---- 2022/3xxx/CVE-2022-3240.json | 18 ++++++++++ 2022/40xxx/CVE-2022-40468.json | 66 ++++++++++++++++++++++++++++++---- 2022/40xxx/CVE-2022-40978.json | 9 ++--- 2022/40xxx/CVE-2022-40979.json | 18 ++++++++++ 2022/40xxx/CVE-2022-40980.json | 18 ++++++++++ 7 files changed, 184 insertions(+), 16 deletions(-) create mode 100644 2022/3xxx/CVE-2022-3240.json create mode 100644 2022/40xxx/CVE-2022-40979.json create mode 100644 2022/40xxx/CVE-2022-40980.json diff --git a/2022/37xxx/CVE-2022-37775.json b/2022/37xxx/CVE-2022-37775.json index f5eabfc0004..83ca791f579 100644 --- a/2022/37xxx/CVE-2022-37775.json +++ b/2022/37xxx/CVE-2022-37775.json @@ -66,6 +66,11 @@ "refsource": "MISC", "name": "https://cxsecurity.com/issue/WLB-2022090038", "url": "https://cxsecurity.com/issue/WLB-2022090038" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/168410/Genesys-PureConnect-Cross-Site-Scripting.html", + "url": "http://packetstormsecurity.com/files/168410/Genesys-PureConnect-Cross-Site-Scripting.html" } ] } diff --git a/2022/38xxx/CVE-2022-38333.json b/2022/38xxx/CVE-2022-38333.json index 055ec53f64d..4f95c3615c1 100644 --- a/2022/38xxx/CVE-2022-38333.json +++ b/2022/38xxx/CVE-2022-38333.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-38333", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-38333", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Openwrt before v21.02.3 and Openwrt v22.03.0-rc6 were discovered to contain two skip loops in the function header_value(). This vulnerability allows attackers to access sensitive information via a crafted HTTP request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://git.openwrt.org/?p=project/cgi-io.git;a=commit;h=901b0f0463c9d16a8cf5b9ed37118d8484bc9176", + "refsource": "MISC", + "name": "https://git.openwrt.org/?p=project/cgi-io.git;a=commit;h=901b0f0463c9d16a8cf5b9ed37118d8484bc9176" + }, + { + "url": "https://git.openwrt.org/?p=project/cgi-io.git;a=commitdiff;h=901b0f0463c9d16a8cf5b9ed37118d8484bc9176", + "refsource": "MISC", + "name": "https://git.openwrt.org/?p=project/cgi-io.git;a=commitdiff;h=901b0f0463c9d16a8cf5b9ed37118d8484bc9176" + }, + { + "url": "https://git.openwrt.org/?p=project/cgi-io.git;a=patch;h=901b0f0463c9d16a8cf5b9ed37118d8484bc9176", + "refsource": "MISC", + "name": "https://git.openwrt.org/?p=project/cgi-io.git;a=patch;h=901b0f0463c9d16a8cf5b9ed37118d8484bc9176" } ] } diff --git a/2022/3xxx/CVE-2022-3240.json b/2022/3xxx/CVE-2022-3240.json new file mode 100644 index 00000000000..ed0e495e824 --- /dev/null +++ b/2022/3xxx/CVE-2022-3240.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-3240", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/40xxx/CVE-2022-40468.json b/2022/40xxx/CVE-2022-40468.json index 616f71531db..aae89b3f148 100644 --- a/2022/40xxx/CVE-2022-40468.json +++ b/2022/40xxx/CVE-2022-40468.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-40468", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-40468", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Tinyproxy commit 84f203f and earlier does not process HTTP request lines in the process_request() function and is using uninitialized buffers. This vulnerability allows attackers to access sensitive information at system runtime." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/tinyproxy/tinyproxy", + "refsource": "MISC", + "name": "https://github.com/tinyproxy/tinyproxy" + }, + { + "url": "https://github.com/tinyproxy/tinyproxy/blob/84f203fb1c4733608c7283bbe794005a469c4b00/src/reqs.c#L346", + "refsource": "MISC", + "name": "https://github.com/tinyproxy/tinyproxy/blob/84f203fb1c4733608c7283bbe794005a469c4b00/src/reqs.c#L346" + }, + { + "url": "https://github.com/tinyproxy/tinyproxy/issues/457", + "refsource": "MISC", + "name": "https://github.com/tinyproxy/tinyproxy/issues/457" } ] } diff --git a/2022/40xxx/CVE-2022-40978.json b/2022/40xxx/CVE-2022-40978.json index 85921ce0ebc..a46bf0802dd 100644 --- a/2022/40xxx/CVE-2022-40978.json +++ b/2022/40xxx/CVE-2022-40978.json @@ -1,6 +1,6 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@jetbrains.com", + "ASSIGNER": "security@jetbrains.com", "ID": "CVE-2022-40978", "STATE": "PUBLIC" }, @@ -81,8 +81,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://www.jetbrains.com/privacy-security/issues-fixed/" + "refsource": "MISC", + "url": "https://www.jetbrains.com/privacy-security/issues-fixed/", + "name": "https://www.jetbrains.com/privacy-security/issues-fixed/" } ] }, @@ -92,4 +93,4 @@ ], "discovery": "EXTERNAL" } -} +} \ No newline at end of file diff --git a/2022/40xxx/CVE-2022-40979.json b/2022/40xxx/CVE-2022-40979.json new file mode 100644 index 00000000000..d57fc18afdd --- /dev/null +++ b/2022/40xxx/CVE-2022-40979.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-40979", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/40xxx/CVE-2022-40980.json b/2022/40xxx/CVE-2022-40980.json new file mode 100644 index 00000000000..6c656327956 --- /dev/null +++ b/2022/40xxx/CVE-2022-40980.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-40980", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file