"-Synchronized-Data."

2025-06-19 17:32:41 +00:00 · 2020-01-02 22:01:03 +00:00 · 2020-01-02 22:01:03 +00:00 · fce1728a19
commit fce1728a19
parent 31e0214b3c
2 changed files with 70 additions and 3 deletions
--- a/2014/6xxx/CVE-2014-6275.json
+++ b/2014/6xxx/CVE-2014-6275.json
@ -1,8 +1,31 @@
 {
    "CVE_data_meta": {
-        "ASSIGNER": "cve@mitre.org",
+        "ASSIGNER": "security@debian.org",
        "ID": "CVE-2014-6275",
-        "STATE": "RESERVED"
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Red Hat",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "FusionForge",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "before 5.3.2"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
@ -11,7 +34,33 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "FusionForge before 5.3.2 use scripts that run under the shared Apache user, which is also used by project homepages by default. If project webpages are hosted on the same server than FusionForge, it can allow users to incorrectly access on-disk private data in FusionForge."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "Other"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://security-tracker.debian.org/tracker/CVE-2014-6275",
+                "refsource": "MISC",
+                "name": "https://security-tracker.debian.org/tracker/CVE-2014-6275"
+            },
+            {
+                "url": "http://lists.fusionforge.org/pipermail/fusionforge-general/2014-September/002824.html",
+                "refsource": "MISC",
+                "name": "http://lists.fusionforge.org/pipermail/fusionforge-general/2014-September/002824.html"
            }
        ]
    }
--- a/2020/5xxx/CVE-2020-5304.json
+++ b/2020/5xxx/CVE-2020-5304.json
@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2020-5304",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}