admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-04-02 19:01:20 +00:00
parent b3e90c966d
commit f926a18ba0
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
4 changed files with 73 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
2020/11xxx/CVE-2020-11493.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-11493",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

10
2020/7xxx/CVE-2020-7617.json
View File

@ -86,12 +86,14 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://github.com/rawiroaisen/node-ini-parser/blob/master/index.js#L14"
"refsource": "MISC",
"url": "https://github.com/rawiroaisen/node-ini-parser/blob/master/index.js#L14",
"name": "https://github.com/rawiroaisen/node-ini-parser/blob/master/index.js#L14"
},
{
"refsource": "CONFIRM",
"url": "https://snyk.io/vuln/SNYK-JS-INIPARSER-564122"
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-INIPARSER-564122",
"name": "https://snyk.io/vuln/SNYK-JS-INIPARSER-564122"
}
]
},

32
2020/7xxx/CVE-2020-7942.json
View File

@ -19,7 +19,35 @@
"version": {
"version_data": [
{
"version_value": "6.13.0"
"version_value": "5.5.x prior to 5.5.19"
},
{
"version_value": "Fixed in 5.5.19"
},
{
"version_value": "6.x prior to 6.13.0"
},
{
"version_value": "Fixed in 6.13.0"
}
]
}
},
{
"product_name": "Puppet Agent",
"version": {
"version_data": [
{
"version_value": "5.5.x prior to 5.5.19"
},
{
"version_value": "Fixed in 5.5.19"
},
{
"version_value": "6.x prior to 6.13.0"
},
{
"version_value": "Fixed in 6.13.0"
}
]
}
@ -55,7 +83,7 @@
"description_data": [
{
"lang": "eng",
"value": "Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infrastructure. When a node's catalog falls back to the `default` node, the catalog can be retrieved for a different node by modifying facts for the Puppet run. This issue can be mitigated by setting `strict_hostname_checking = true` in `puppet.conf` on your Puppet master. Puppet 6.13.0 changes the default behavior for strict_hostname_checking from false to true. It is recommended that Puppet Open Source and Puppet Enterprise users that are not upgrading still set strict_hostname_checking to true to ensure secure behavior."
"value": "Previously, Puppet operated on a model that a node with a valid certificate was entitled to all information in the system and that a compromised certificate allowed access to everything in the infrastructure. When a node's catalog falls back to the `default` node, the catalog can be retrieved for a different node by modifying facts for the Puppet run. This issue can be mitigated by setting `strict_hostname_checking = true` in `puppet.conf` on your Puppet master. Puppet 6.13.0 and 5.5.19 changes the default behavior for strict_hostname_checking from false to true. It is recommended that Puppet Open Source and Puppet Enterprise users that are not upgrading still set strict_hostname_checking to true to ensure secure behavior. Affected software versions: Puppet 6.x prior to 6.13.0 Puppet Agent 6.x prior to 6.13.0 Puppet 5.5.x prior to 5.5.19 Puppet Agent 5.5.x prior to 5.5.19 Resolved in: Puppet 6.13.0 Puppet Agent 6.13.0 Puppet 5.5.19 Puppet Agent 5.5.19"
}
]
}

30
2020/8xxx/CVE-2020-8835.json
View File

@ -101,28 +101,34 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.thezdi.com/blog/2020/3/19/pwn2own-2020-day-one-results"
"refsource": "MISC",
"url": "https://www.thezdi.com/blog/2020/3/19/pwn2own-2020-day-one-results",
"name": "https://www.thezdi.com/blog/2020/3/19/pwn2own-2020-day-one-results"
},
{
"refsource": "CONFIRM",
"url": "https://lore.kernel.org/bpf/20200330160324.15259-1-daniel@iogearbox.net/T/"
"refsource": "MISC",
"url": "https://lore.kernel.org/bpf/20200330160324.15259-1-daniel@iogearbox.net/T/",
"name": "https://lore.kernel.org/bpf/20200330160324.15259-1-daniel@iogearbox.net/T/"
},
{
"refsource": "CONFIRM",
"url": "https://www.openwall.com/lists/oss-security/2020/03/30/3"
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2020/03/30/3",
"name": "https://www.openwall.com/lists/oss-security/2020/03/30/3"
},
{
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/usn/usn-4313-1"
"refsource": "MISC",
"url": "https://usn.ubuntu.com/usn/usn-4313-1",
"name": "https://usn.ubuntu.com/usn/usn-4313-1"
},
{
"refsource": "CONFIRM",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=f2d67fec0b43edce8c416101cdc52e71145b5fef"
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=f2d67fec0b43edce8c416101cdc52e71145b5fef",
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=f2d67fec0b43edce8c416101cdc52e71145b5fef"
},
{
"refsource": "CONFIRM",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f2d67fec0b43edce8c416101cdc52e71145b5fef"
"refsource": "MISC",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f2d67fec0b43edce8c416101cdc52e71145b5fef",
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f2d67fec0b43edce8c416101cdc52e71145b5fef"
}
]
},