admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-05 10:18:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-02-13T19:00:46.575167+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-02-13 19:04:13 +00:00
parent 087533d190
commit 6086612163
643 changed files with 4596 additions and 2363 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2006/CVE-2006-200xx/CVE-2006-20001.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2006-20001",
"sourceIdentifier": "security@apache.org",
"published": "2023-01-17T20:15:11.177",
"lastModified": "2024-11-21T00:10:19.017",
"lastModified": "2025-02-13T17:15:21.913",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash.\n\nThis issue affects Apache HTTP Server 2.4.54 and earlier.\n"
"value": "A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the process to crash.\n\nThis issue affects Apache HTTP Server 2.4.54 and earlier."
},
{
"lang": "es",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

4
CVE-2009/CVE-2009-39xx/CVE-2009-3953.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2009-3953",
"sourceIdentifier": "psirt@adobe.com",
"published": "2010-01-13T19:30:00.343",
"lastModified": "2025-02-04T22:15:27.290",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:42:44.203",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2009/CVE-2009-43xx/CVE-2009-4324.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2009-4324",
"sourceIdentifier": "psirt@adobe.com",
"published": "2009-12-15T02:30:00.217",
"lastModified": "2025-02-04T22:15:28.593",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:42:36.340",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2010/CVE-2010-01xx/CVE-2010-0188.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2010-0188",
"sourceIdentifier": "psirt@adobe.com",
"published": "2010-02-22T13:00:02.127",
"lastModified": "2025-02-04T22:15:28.837",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:42:25.483",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2010/CVE-2010-12xx/CVE-2010-1297.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2010-1297",
"sourceIdentifier": "psirt@adobe.com",
"published": "2010-06-08T18:30:10.007",
"lastModified": "2025-02-04T22:15:29.047",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:41:30.857",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2010/CVE-2010-28xx/CVE-2010-2861.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2010-2861",
"sourceIdentifier": "psirt@adobe.com",
"published": "2010-08-11T18:47:51.157",
"lastModified": "2025-02-04T22:15:29.403",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:48:07.167",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2010/CVE-2010-28xx/CVE-2010-2883.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2010-2883",
"sourceIdentifier": "psirt@adobe.com",
"published": "2010-09-09T22:00:02.250",
"lastModified": "2025-02-04T22:15:29.593",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:51:59.370",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2011/CVE-2011-06xx/CVE-2011-0609.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2011-0609",
"sourceIdentifier": "psirt@adobe.com",
"published": "2011-03-15T17:55:03.827",
"lastModified": "2025-02-04T22:15:29.810",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:51:50.737",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2011/CVE-2011-24xx/CVE-2011-2462.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2011-2462",
"sourceIdentifier": "psirt@adobe.com",
"published": "2011-12-07T19:55:01.673",
"lastModified": "2025-02-04T22:15:30.067",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:51:36.290",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

24
CVE-2012/CVE-2012-07xx/CVE-2012-0767.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2012-0767",
"sourceIdentifier": "psirt@adobe.com",
"published": "2012-02-16T19:55:01.303",
"lastModified": "2025-02-04T22:15:30.307",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:51:31.297",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -17,6 +17,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",

4
CVE-2012/CVE-2012-50xx/CVE-2012-5054.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2012-5054",
"sourceIdentifier": "psirt@adobe.com",
"published": "2012-09-24T17:55:07.217",
"lastModified": "2025-02-04T22:15:30.830",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:50:47.980",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2013/CVE-2013-06xx/CVE-2013-0625.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2013-0625",
"sourceIdentifier": "psirt@adobe.com",
"published": "2013-01-09T01:55:00.803",
"lastModified": "2025-02-04T22:15:31.053",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:50:32.023",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2013/CVE-2013-06xx/CVE-2013-0629.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2013-0629",
"sourceIdentifier": "psirt@adobe.com",
"published": "2013-01-09T01:55:03.553",
"lastModified": "2025-02-04T22:15:31.243",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:50:25.650",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2013/CVE-2013-06xx/CVE-2013-0631.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2013-0631",
"sourceIdentifier": "psirt@adobe.com",
"published": "2013-01-09T01:55:03.617",
"lastModified": "2025-02-04T22:15:31.413",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:50:21.110",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2013/CVE-2013-06xx/CVE-2013-0632.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2013-0632",
"sourceIdentifier": "psirt@adobe.com",
"published": "2013-01-17T00:55:01.200",
"lastModified": "2025-02-04T22:15:31.570",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:50:17.683",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2013/CVE-2013-06xx/CVE-2013-0640.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2013-0640",
"sourceIdentifier": "psirt@adobe.com",
"published": "2013-02-14T01:55:02.023",
"lastModified": "2025-02-04T22:15:31.740",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:50:14.423",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2013/CVE-2013-06xx/CVE-2013-0641.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2013-0641",
"sourceIdentifier": "psirt@adobe.com",
"published": "2013-02-14T01:55:02.070",
"lastModified": "2025-02-04T22:15:31.950",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:50:08.887",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2013/CVE-2013-27xx/CVE-2013-2729.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2013-2729",
"sourceIdentifier": "psirt@adobe.com",
"published": "2013-05-16T11:45:31.263",
"lastModified": "2025-02-04T22:15:32.137",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:49:47.220",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2014/CVE-2014-05xx/CVE-2014-0546.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-0546",
"sourceIdentifier": "psirt@adobe.com",
"published": "2014-08-12T21:55:06.460",
"lastModified": "2025-02-04T23:15:07.950",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:28:10.877",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2014/CVE-2014-91xx/CVE-2014-9163.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-9163",
"sourceIdentifier": "psirt@adobe.com",
"published": "2014-12-10T21:59:35.163",
"lastModified": "2025-02-10T21:15:11.940",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:41:21.397",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

91
CVE-2015/CVE-2015-03xx/CVE-2015-0310.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-0310",
"sourceIdentifier": "psirt@adobe.com",
"published": "2015-01-23T21:59:00.050",
"lastModified": "2025-02-10T21:15:12.143",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:29:41.523",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -75,7 +75,7 @@
"description": [
{
"lang": "en",
"value": "CWE-264"
"value": "NVD-CWE-noinfo"
}
]
},
@ -101,8 +101,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"versionEndIncluding": "11.2.202.429",
"matchCriteriaId": "F9EFC697-FC54-4ECA-8870-831327DA8089"
"versionEndExcluding": "11.2.202.438",
"matchCriteriaId": "A3250AAE-8FFF-46C7-90F8-83311190B62B"
}
]
},
@ -129,68 +129,15 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"versionEndIncluding": "13.0.0.260",
"matchCriteriaId": "39D587BE-3F2C-44E3-8280-4A2FED199632"
"versionEndExcluding": "13.0.0.262",
"matchCriteriaId": "F341C34C-ECE4-4AD1-B900-7D22257AF3E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:14.0.0.125:*:*:*:*:*:*:*",
"matchCriteriaId": "D5D7202D-56DF-400B-9F09-E7D9938222D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:14.0.0.145:*:*:*:*:*:*:*",
"matchCriteriaId": "4D4F0D21-A64B-46C1-9591-96529661DF0B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:14.0.0.176:*:*:*:*:*:*:*",
"matchCriteriaId": "86961019-3B81-458E-949F-A2F006EA55FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:14.0.0.179:*:*:*:*:*:*:*",
"matchCriteriaId": "25895BE9-71FD-4DE7-90FC-0199470A8738"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.152:*:*:*:*:*:*:*",
"matchCriteriaId": "4D55A950-7D48-413C-AD43-6AC64FBE790C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.167:*:*:*:*:*:*:*",
"matchCriteriaId": "F1A22B74-453D-4A8A-B79A-2B3143A0D995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.189:*:*:*:*:*:*:*",
"matchCriteriaId": "3FE4B077-67D1-4B25-976E-715FB6B2A1D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.223:*:*:*:*:*:*:*",
"matchCriteriaId": "BFC91B68-6B35-47BD-BC02-3F836E772CF3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.239:*:*:*:*:*:*:*",
"matchCriteriaId": "A3BE6004-C30A-46E2-9F25-785E12BBF640"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:15.0.0.246:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE8E51F-7A32-41A4-B03A-73E52EB64C04"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:16.0.0.235:*:*:*:*:*:*:*",
"matchCriteriaId": "3E13E927-A77C-4681-AFDE-A5A14093234D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:flash_player:16.0.0.257:*:*:*:*:*:*:*",
"matchCriteriaId": "27629FF0-5EB9-476F-B5B3-115F663AB65E"
"criteria": "cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "16.0.0.287",
"matchCriteriaId": "4C7976C4-087A-4252-A255-1436DEAA1D06"
}
]
},
@ -261,14 +208,18 @@
"url": "http://www.securityfocus.com/bid/72261",
"source": "psirt@adobe.com",
"tags": [
"Broken Link"
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1031609",
"source": "psirt@adobe.com",
"tags": [
"Broken Link"
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
@ -318,14 +269,18 @@
"url": "http://www.securityfocus.com/bid/72261",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1031609",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
}
]

4
CVE-2017/CVE-2017-112xx/CVE-2017-11292.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-11292",
"sourceIdentifier": "psirt@adobe.com",
"published": "2017-10-22T19:29:00.237",
"lastModified": "2025-02-04T22:15:36.720",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:41:13.177",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2018/CVE-2018-159xx/CVE-2018-15961.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-15961",
"sourceIdentifier": "psirt@adobe.com",
"published": "2018-09-25T13:29:01.567",
"lastModified": "2025-02-04T16:15:30.740",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:42:54.987",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

6
CVE-2018/CVE-2018-159xx/CVE-2018-15982.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-15982",
"sourceIdentifier": "psirt@adobe.com",
"published": "2019-01-18T17:29:01.573",
"lastModified": "2025-02-04T22:15:37.217",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:40:13.383",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -290,6 +290,7 @@
"url": "http://www.securityfocus.com/bid/106116",
"source": "psirt@adobe.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
@ -322,6 +323,7 @@
"url": "http://www.securityfocus.com/bid/106116",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]

4
CVE-2018/CVE-2018-48xx/CVE-2018-4878.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-4878",
"sourceIdentifier": "psirt@adobe.com",
"published": "2018-02-06T21:29:00.347",
"lastModified": "2025-02-04T22:15:37.427",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:38:59.347",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2018/CVE-2018-49xx/CVE-2018-4939.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-4939",
"sourceIdentifier": "psirt@adobe.com",
"published": "2018-05-19T17:29:01.480",
"lastModified": "2025-02-04T16:15:31.183",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:42:50.200",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2018/CVE-2018-49xx/CVE-2018-4990.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-4990",
"sourceIdentifier": "psirt@adobe.com",
"published": "2018-07-09T19:29:03.327",
"lastModified": "2025-02-04T22:15:37.670",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:27:43.490",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2018/CVE-2018-50xx/CVE-2018-5002.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-5002",
"sourceIdentifier": "psirt@adobe.com",
"published": "2018-07-09T19:29:03.750",
"lastModified": "2025-02-04T22:15:37.887",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:26:55.093",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

32
CVE-2020/CVE-2020-192xx/CVE-2020-19277.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-19277",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-04T15:15:07.537",
"lastModified": "2024-11-21T05:09:04.550",
"lastModified": "2025-02-13T17:15:25.290",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2020/CVE-2020-210xx/CVE-2020-21060.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-21060",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-04T15:15:08.113",
"lastModified": "2024-11-21T05:12:24.903",
"lastModified": "2025-02-13T17:15:25.607",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-89"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [

32
CVE-2020/CVE-2020-214xx/CVE-2020-21487.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-21487",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-04T15:15:08.147",
"lastModified": "2024-11-21T05:12:36.763",
"lastModified": "2025-02-13T17:15:25.783",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 6.0
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2020/CVE-2020-215xx/CVE-2020-21514.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-21514",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-04T15:15:08.187",
"lastModified": "2024-11-21T05:12:38.313",
"lastModified": "2025-02-13T17:15:25.980",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
@ -45,6 +65,16 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [

22
CVE-2020/CVE-2020-225xx/CVE-2020-22533.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-22533",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-04T15:15:08.227",
"lastModified": "2024-11-21T05:13:17.600",
"lastModified": "2025-02-13T17:15:26.140",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},

32
CVE-2020/CVE-2020-232xx/CVE-2020-23257.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-23257",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-04T15:15:08.263",
"lastModified": "2024-11-21T05:13:40.957",
"lastModified": "2025-02-13T17:15:26.383",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-120"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [

32
CVE-2020/CVE-2020-232xx/CVE-2020-23258.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-23258",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-04T15:15:08.303",
"lastModified": "2024-11-21T05:13:41.093",
"lastModified": "2025-02-13T17:15:26.553",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -32,6 +32,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -45,6 +65,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

4
CVE-2021/CVE-2021-210xx/CVE-2021-21017.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-21017",
"sourceIdentifier": "psirt@adobe.com",
"published": "2021-02-11T20:15:13.997",
"lastModified": "2024-11-21T05:47:24.613",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:30:38.340",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-257xx/CVE-2021-25736.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2021-25736",
"sourceIdentifier": "jordan@liggitt.net",
"published": "2023-10-30T03:15:07.653",
"lastModified": "2024-11-21T05:55:19.167",
"lastModified": "2025-02-13T17:15:28.237",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Kube-proxy\n on Windows can unintentionally forward traffic to local processes \nlistening on the same port (\u201cspec.ports[*].port\u201d) as a LoadBalancer \nService when the LoadBalancer controller\n does not set the \u201cstatus.loadBalancer.ingress[].ip\u201d field. Clusters \nwhere the LoadBalancer controller sets the \n\u201cstatus.loadBalancer.ingress[].ip\u201d field are unaffected.\n\n"
"value": "Kube-proxy\n on Windows can unintentionally forward traffic to local processes \nlistening on the same port (\u201cspec.ports[*].port\u201d) as a LoadBalancer \nService when the LoadBalancer controller\n does not set the \u201cstatus.loadBalancer.ingress[].ip\u201d field. Clusters \nwhere the LoadBalancer controller sets the \n\u201cstatus.loadBalancer.ingress[].ip\u201d field are unaffected."
},
{
"lang": "es",

4
CVE-2021/CVE-2021-285xx/CVE-2021-28550.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-28550",
"sourceIdentifier": "psirt@adobe.com",
"published": "2021-09-02T17:15:08.500",
"lastModified": "2024-11-21T05:59:49.857",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:30:34.487",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

4
CVE-2021/CVE-2021-320xx/CVE-2021-32050.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2021-32050",
"sourceIdentifier": "cna@mongodb.com",
"published": "2023-08-29T16:15:08.423",
"lastModified": "2024-11-21T06:06:45.880",
"lastModified": "2025-02-13T17:15:29.377",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Some MongoDB Drivers may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain security-sensitive data when specific authentication-related commands are executed.\n\nWithout due care, an application may inadvertently expose this sensitive information, e.g., by writing it to a log file. This issue only arises if an application enables the command listener feature (this is not enabled by default).\n\nThis issue affects the MongoDB C Driver 1.0.0 prior to 1.17.7, MongoDB PHP Driver 1.0.0 prior to 1.9.2, MongoDB Swift Driver 1.0.0 prior to 1.1.1, MongoDB Node.js Driver 3.6 prior to 3.6.10, MongoDB Node.js Driver 4.0 prior to 4.17.0 and MongoDB Node.js Driver 5.0 prior to 5.8.0. This issue also affects users of the MongoDB C++ Driver dependent on the C driver 1.0.0 prior to 1.17.7 (C++ driver prior to 3.7.0).\n\n"
"value": "Some MongoDB Drivers may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain security-sensitive data when specific authentication-related commands are executed.\n\nWithout due care, an application may inadvertently expose this sensitive information, e.g., by writing it to a log file. This issue only arises if an application enables the command listener feature (this is not enabled by default).\n\nThis issue affects the MongoDB C Driver 1.0.0 prior to 1.17.7, MongoDB PHP Driver 1.0.0 prior to 1.9.2, MongoDB Swift Driver 1.0.0 prior to 1.1.1, MongoDB Node.js Driver 3.6 prior to 3.6.10, MongoDB Node.js Driver 4.0 prior to 4.17.0 and MongoDB Node.js Driver 5.0 prior to 5.8.0. This issue also affects users of the MongoDB C++ Driver dependent on the C driver 1.0.0 prior to 1.17.7 (C++ driver prior to 3.7.0)."
}
],
"metrics": {

2
CVE-2021/CVE-2021-330xx/CVE-2021-33072.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33072",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:08.440",
"lastModified": "2024-12-12T00:40:27.423",
"lastModified": "2025-02-13T17:15:29.570",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-330xx/CVE-2021-33084.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33084",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:08.510",
"lastModified": "2024-12-12T00:40:28.363",
"lastModified": "2025-02-13T17:15:29.630",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-330xx/CVE-2021-33085.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33085",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:08.550",
"lastModified": "2024-12-12T00:40:28.413",
"lastModified": "2025-02-13T17:15:29.670",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-330xx/CVE-2021-33099.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33099",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:08.590",
"lastModified": "2024-12-12T00:40:29.050",
"lastModified": "2025-02-13T17:15:29.710",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33100.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33100",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:08.633",
"lastModified": "2024-12-12T00:40:29.093",
"lastModified": "2025-02-13T17:15:29.753",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33102.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33102",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:08.673",
"lastModified": "2024-12-12T00:40:29.180",
"lastModified": "2025-02-13T17:15:29.797",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33109.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33109",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:08.707",
"lastModified": "2024-12-12T00:40:29.483",
"lastModified": "2025-02-13T17:15:29.840",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33111.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33111",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:08.743",
"lastModified": "2024-12-12T00:40:29.577",
"lastModified": "2025-02-13T17:15:29.887",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33112.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33112",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:08.787",
"lastModified": "2024-12-12T00:40:29.623",
"lastModified": "2025-02-13T17:15:29.930",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33116.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33116",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:08.827",
"lastModified": "2024-12-12T00:40:29.797",
"lastModified": "2025-02-13T17:15:29.967",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33121.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33121",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:08.867",
"lastModified": "2024-12-12T00:40:30.010",
"lastModified": "2025-02-13T17:15:30.007",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33125.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33125",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:08.907",
"lastModified": "2024-12-12T00:40:30.187",
"lastModified": "2025-02-13T17:15:30.047",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33127.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33127",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:08.943",
"lastModified": "2024-12-12T00:40:30.280",
"lastModified": "2025-02-13T17:15:30.090",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33131.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33131",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:08.980",
"lastModified": "2024-12-12T00:40:30.450",
"lastModified": "2025-02-13T17:15:30.130",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33132.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33132",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:09.023",
"lastModified": "2024-12-12T00:40:30.493",
"lastModified": "2025-02-13T17:15:30.177",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33133.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33133",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:09.063",
"lastModified": "2024-12-12T00:40:30.537",
"lastModified": "2025-02-13T17:15:30.223",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33134.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33134",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:09.100",
"lastModified": "2024-12-12T00:40:30.580",
"lastModified": "2025-02-13T17:15:30.263",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33136.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33136",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:09.140",
"lastModified": "2024-12-12T00:40:30.667",
"lastModified": "2025-02-13T17:15:30.310",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33138.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33138",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:09.180",
"lastModified": "2024-12-12T00:40:30.757",
"lastModified": "2025-02-13T17:15:30.353",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33140.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33140",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:09.223",
"lastModified": "2024-12-12T00:40:30.857",
"lastModified": "2025-02-13T17:15:30.397",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33143.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33143",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:09.333",
"lastModified": "2024-12-12T00:40:31.017",
"lastModified": "2025-02-13T17:15:30.443",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33144.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33144",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:09.373",
"lastModified": "2024-12-12T00:40:31.070",
"lastModified": "2025-02-13T17:15:30.483",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33148.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33148",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:09.480",
"lastModified": "2024-12-12T00:40:31.263",
"lastModified": "2025-02-13T17:15:30.530",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33151.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33151",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:09.520",
"lastModified": "2024-12-12T00:40:31.397",
"lastModified": "2025-02-13T17:15:30.577",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33152.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33152",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:09.560",
"lastModified": "2024-12-12T00:40:31.433",
"lastModified": "2025-02-13T17:15:30.620",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33153.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33153",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:09.600",
"lastModified": "2024-12-12T00:40:31.477",
"lastModified": "2025-02-13T17:15:30.657",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33154.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33154",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:09.637",
"lastModified": "2024-12-12T00:40:31.520",
"lastModified": "2025-02-13T17:15:30.703",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33156.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33156",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:09.677",
"lastModified": "2024-12-12T00:40:31.597",
"lastModified": "2025-02-13T17:15:30.750",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33160.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33160",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:09.793",
"lastModified": "2024-12-12T00:40:31.770",
"lastModified": "2025-02-13T17:15:30.797",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33163.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33163",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:09.913",
"lastModified": "2024-12-12T00:40:31.917",
"lastModified": "2025-02-13T17:15:30.837",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33165.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33165",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:09.953",
"lastModified": "2024-12-12T00:40:32.010",
"lastModified": "2025-02-13T17:15:30.880",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-331xx/CVE-2021-33167.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-33167",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:09.993",
"lastModified": "2024-12-12T00:40:32.090",
"lastModified": "2025-02-13T17:15:30.923",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

4
CVE-2021/CVE-2021-336xx/CVE-2021-33630.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2021-33630",
"sourceIdentifier": "securities@openeuler.org",
"published": "2024-01-18T15:15:08.653",
"lastModified": "2024-11-21T06:09:13.920",
"lastModified": "2025-02-13T17:15:31.020",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NULL Pointer Dereference vulnerability in openEuler kernel on Linux (network modules) allows Pointer Manipulation. This vulnerability is associated with program files net/sched/sch_cbs.C.\n\nThis issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3.\n\n"
"value": "NULL Pointer Dereference vulnerability in openEuler kernel on Linux (network modules) allows Pointer Manipulation. This vulnerability is associated with program files net/sched/sch_cbs.C.\n\nThis issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3."
},
{
"lang": "es",

4
CVE-2021/CVE-2021-336xx/CVE-2021-33631.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2021-33631",
"sourceIdentifier": "securities@openeuler.org",
"published": "2024-01-18T15:15:08.860",
"lastModified": "2024-11-21T06:09:14.110",
"lastModified": "2025-02-13T17:15:31.193",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0.\n\n"
"value": "Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0."
},
{
"lang": "es",

2
CVE-2021/CVE-2021-374xx/CVE-2021-37405.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-37405",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:10.030",
"lastModified": "2024-12-12T00:42:55.260",
"lastModified": "2025-02-13T17:15:31.433",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-38xx/CVE-2021-3885.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-3885",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:10.070",
"lastModified": "2024-12-12T00:45:16.100",
"lastModified": "2025-02-13T17:15:31.930",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-418xx/CVE-2021-41851.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-41851",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:10.110",
"lastModified": "2024-12-12T00:46:32.390",
"lastModified": "2025-02-13T17:15:32.327",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-418xx/CVE-2021-41852.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-41852",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:10.150",
"lastModified": "2024-12-12T00:46:32.440",
"lastModified": "2025-02-13T17:15:32.460",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-418xx/CVE-2021-41853.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-41853",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:10.190",
"lastModified": "2024-12-12T00:46:32.490",
"lastModified": "2025-02-13T17:15:32.590",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-418xx/CVE-2021-41854.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-41854",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:10.227",
"lastModified": "2024-12-12T00:46:32.533",
"lastModified": "2025-02-13T17:15:32.737",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-418xx/CVE-2021-41855.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-41855",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:10.270",
"lastModified": "2024-12-12T00:46:32.573",
"lastModified": "2025-02-13T17:15:32.787",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-418xx/CVE-2021-41856.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-41856",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:10.310",
"lastModified": "2024-12-12T00:46:32.617",
"lastModified": "2025-02-13T17:15:32.917",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-418xx/CVE-2021-41857.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-41857",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:10.350",
"lastModified": "2024-12-12T00:46:32.663",
"lastModified": "2025-02-13T17:15:33.057",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-418xx/CVE-2021-41858.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-41858",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:10.390",
"lastModified": "2024-12-12T00:46:32.707",
"lastModified": "2025-02-13T17:15:33.190",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-418xx/CVE-2021-41859.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-41859",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:10.430",
"lastModified": "2024-12-12T00:46:32.750",
"lastModified": "2025-02-13T17:15:33.240",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-418xx/CVE-2021-41860.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-41860",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:10.470",
"lastModified": "2024-12-12T00:46:32.800",
"lastModified": "2025-02-13T17:15:33.290",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-433xx/CVE-2021-43351.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-43351",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:10.510",
"lastModified": "2024-12-12T00:47:22.733",
"lastModified": "2025-02-13T17:15:33.340",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

2
CVE-2021/CVE-2021-444xx/CVE-2021-44457.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-44457",
"sourceIdentifier": "secure@intel.com",
"published": "2024-02-23T21:15:10.550",
"lastModified": "2024-12-12T00:48:05.837",
"lastModified": "2025-02-13T17:15:33.477",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [

4
CVE-2021/CVE-2021-467xx/CVE-2021-46748.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2021-46748",
"sourceIdentifier": "psirt@amd.com",
"published": "2023-11-14T19:15:10.267",
"lastModified": "2024-11-21T06:34:37.687",
"lastModified": "2025-02-13T17:15:34.023",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside the bounds of what is permissible to a TA (Trusted Application) resulting in a potential denial of service.\n\n\n\n\n\n\n\n\n\n\n\n\n"
"value": "Insufficient bounds checking in the ASP (AMD Secure Processor) may allow an attacker to access memory outside the bounds of what is permissible to a TA (Trusted Application) resulting in a potential denial of service."
},
{
"lang": "es",

4
CVE-2022/CVE-2022-09xx/CVE-2022-0918.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2022-0918",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-03-16T15:15:16.173",
"lastModified": "2024-11-21T06:39:39.993",
"lastModified": "2025-02-13T17:15:35.437",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection, no bind or other authentication is required. The message triggers a segmentation fault that results in slapd crashing.\n\n"
"value": "A vulnerability was discovered in the 389 Directory Server that allows an unauthenticated attacker with network access to the LDAP port to cause a denial of service. The denial of service is triggered by a single message sent over a TCP connection, no bind or other authentication is required. The message triggers a segmentation fault that results in slapd crashing."
},
{
"lang": "es",

4
CVE-2022/CVE-2022-14xx/CVE-2022-1471.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2022-1471",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2022-12-01T11:15:10.553",
"lastModified": "2024-11-21T06:40:47.313",
"lastModified": "2025-02-13T17:15:35.627",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization.\u00a0Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization. We recommend upgrading to version 2.0 and beyond.\n"
"value": "SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization.\u00a0Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization. We recommend upgrading to version 2.0 and beyond."
},
{
"lang": "es",

4
CVE-2022/CVE-2022-21xx/CVE-2022-2196.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2022-2196",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2023-01-09T11:15:10.583",
"lastModified": "2024-11-21T07:00:31.303",
"lastModified": "2025-02-13T17:15:40.357",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks.\u00a0L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB\u00a0after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commit\u00a02e7eab81425a\n"
"value": "A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks.\u00a0L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB\u00a0after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commit\u00a02e7eab81425a"
},
{
"lang": "es",

6
CVE-2022/CVE-2022-235xx/CVE-2022-23513.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2022-23513",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-12-23T00:15:08.747",
"lastModified": "2024-11-21T06:48:43.280",
"lastModified": "2025-02-13T17:15:37.527",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Pi-Hole is a network-wide ad blocking via your own Linux hardware, AdminLTE is a Pi-hole Dashboard for stats and more. In case of an attack, the threat actor will obtain the ability to perform an unauthorized query for blocked domains on `queryads` endpoint. In the case of application, this vulnerability exists because of a lack of validation in code on a root server path:\n`/admin/scripts/pi-hole/phpqueryads.php.` Potential threat actor(s) are able to perform an unauthorized query search in blocked domain lists. This could lead to the disclosure for any victims' personal blacklists. \n"
"value": "Pi-Hole is a network-wide ad blocking via your own Linux hardware, AdminLTE is a Pi-hole Dashboard for stats and more. In case of an attack, the threat actor will obtain the ability to perform an unauthorized query for blocked domains on `queryads` endpoint. In the case of application, this vulnerability exists because of a lack of validation in code on a root server path:\n`/admin/scripts/pi-hole/phpqueryads.php.` Potential threat actor(s) are able to perform an unauthorized query search in blocked domain lists. This could lead to the disclosure for any victims' personal blacklists."
},
{
"lang": "es",
@ -62,7 +62,7 @@
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

4
CVE-2022/CVE-2022-235xx/CVE-2022-23519.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2022-23519",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-12-14T17:15:11.067",
"lastModified": "2024-11-21T06:48:44.103",
"lastModified": "2025-02-13T17:15:37.877",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags in either of the following ways: allow both \"math\" and \"style\" elements, or allow both \"svg\" and \"style\" elements. Code is only impacted if allowed tags are being overridden. . This issue is fixed in version 1.4.4. All users overriding the allowed tags to include \"math\" or \"svg\" and \"style\" should either upgrade or use the following workaround immediately: Remove \"style\" from the overridden allowed tags, or remove \"math\" and \"svg\" from the overridden allowed tags.\n"
"value": "rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags in either of the following ways: allow both \"math\" and \"style\" elements, or allow both \"svg\" and \"style\" elements. Code is only impacted if allowed tags are being overridden. . This issue is fixed in version 1.4.4. All users overriding the allowed tags to include \"math\" or \"svg\" and \"style\" should either upgrade or use the following workaround immediately: Remove \"style\" from the overridden allowed tags, or remove \"math\" and \"svg\" from the overridden allowed tags."
},
{
"lang": "es",

4
CVE-2022/CVE-2022-235xx/CVE-2022-23520.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2022-23520",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-12-14T18:15:17.560",
"lastModified": "2024-11-21T06:48:44.243",
"lastModified": "2025-02-13T17:15:38.020",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, there is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer due to an incomplete fix of CVE-2022-32209. Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags to allow both \"select\" and \"style\" elements. Code is only impacted if allowed tags are being overridden. This issue is patched in version 1.4.4. All users overriding the allowed tags to include both \"select\" and \"style\" should either upgrade or use this workaround: Remove either \"select\" or \"style\" from the overridden allowed tags. NOTE: Code is _not_ impacted if allowed tags are overridden using either the :tags option to the Action View helper method sanitize or the :tags option to the instance method SafeListSanitizer#sanitize.\n"
"value": "rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, there is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer due to an incomplete fix of CVE-2022-32209. Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags to allow both \"select\" and \"style\" elements. Code is only impacted if allowed tags are being overridden. This issue is patched in version 1.4.4. All users overriding the allowed tags to include both \"select\" and \"style\" should either upgrade or use this workaround: Remove either \"select\" or \"style\" from the overridden allowed tags. NOTE: Code is _not_ impacted if allowed tags are overridden using either the :tags option to the Action View helper method sanitize or the :tags option to the instance method SafeListSanitizer#sanitize."
},
{
"lang": "es",

4
CVE-2022/CVE-2022-235xx/CVE-2022-23540.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2022-23540",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-12-22T19:15:08.967",
"lastModified": "2024-11-21T06:48:46.437",
"lastModified": "2025-02-13T17:15:38.320",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In versions `<=8.5.1` of `jsonwebtoken` library, lack of algorithm definition in the `jwt.verify()` function can lead to signature validation bypass due to defaulting to the `none` algorithm for signature verification. Users are affected if you do not specify algorithms in the `jwt.verify()` function. This issue has been fixed, please update to version 9.0.0 which removes the default support for the none algorithm in the `jwt.verify()` method. There will be no impact, if you update to version 9.0.0 and you don\u2019t need to allow for the `none` algorithm. If you need 'none' algorithm, you have to explicitly specify that in `jwt.verify()` options.\n"
"value": "In versions `<=8.5.1` of `jsonwebtoken` library, lack of algorithm definition in the `jwt.verify()` function can lead to signature validation bypass due to defaulting to the `none` algorithm for signature verification. Users are affected if you do not specify algorithms in the `jwt.verify()` function. This issue has been fixed, please update to version 9.0.0 which removes the default support for the none algorithm in the `jwt.verify()` method. There will be no impact, if you update to version 9.0.0 and you don\u2019t need to allow for the `none` algorithm. If you need 'none' algorithm, you have to explicitly specify that in `jwt.verify()` options."
},
{
"lang": "es",

4
CVE-2022/CVE-2022-238xx/CVE-2022-23854.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2022-23854",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2022-12-23T21:15:09.097",
"lastModified": "2024-11-21T06:49:21.970",
"lastModified": "2025-02-13T17:15:38.600",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "\nAVEVA InTouch Access Anywhere versions 2020 R2 and older are vulnerable to a path traversal exploit that could allow an unauthenticated user with network access to read files on the system outside of the secure gateway web server. \n\n"
"value": "AVEVA InTouch Access Anywhere versions 2020 R2 and older are vulnerable to a path traversal exploit that could allow an unauthenticated user with network access to read files on the system outside of the secure gateway web server."
},
{
"lang": "es",

4
CVE-2022/CVE-2022-240xx/CVE-2022-24086.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-24086",
"sourceIdentifier": "psirt@adobe.com",
"published": "2022-02-16T17:15:13.307",
"lastModified": "2024-11-21T06:49:46.937",
"vulnStatus": "Modified",
"lastModified": "2025-02-13T17:30:31.057",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{

6
CVE-2022/CVE-2022-248xx/CVE-2022-24894.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2022-24894",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-02-03T22:15:10.823",
"lastModified": "2024-11-21T06:51:20.480",
"lastModified": "2025-02-13T17:15:38.807",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony HTTP cache system, acts as a reverse proxy: It caches entire responses (including headers) and returns them to the clients. In a recent change in the `AbstractSessionListener`, the response might contain a `Set-Cookie` header. If the Symfony HTTP cache system is enabled, this response might bill stored and return to the next clients. An attacker can use this vulnerability to retrieve the victim's session. This issue has been patched and is available for branch 4.4.\n"
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The Symfony HTTP cache system, acts as a reverse proxy: It caches entire responses (including headers) and returns them to the clients. In a recent change in the `AbstractSessionListener`, the response might contain a `Set-Cookie` header. If the Symfony HTTP cache system is enabled, this response might bill stored and return to the next clients. An attacker can use this vulnerability to retrieve the victim's session. This issue has been patched and is available for branch 4.4."
}
],
"metrics": {
@ -58,7 +58,7 @@
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

4
CVE-2022/CVE-2022-248xx/CVE-2022-24895.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2022-24895",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-02-03T22:15:11.273",
"lastModified": "2024-11-21T06:51:20.600",
"lastModified": "2025-02-13T17:15:38.940",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. When authenticating users Symfony by default regenerates the session ID upon login, but preserves the rest of session attributes. Because this does not clear CSRF tokens upon login, this might enables same-site attackers to bypass the CSRF protection mechanism by performing an attack similar to a session-fixation. This issue has been fixed in the 4.4 branch. \n\n"
"value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. When authenticating users Symfony by default regenerates the session ID upon login, but preserves the rest of session attributes. Because this does not clear CSRF tokens upon login, this might enables same-site attackers to bypass the CSRF protection mechanism by performing an attack similar to a session-fixation. This issue has been fixed in the 4.4 branch."
}
],
"metrics": {

6
CVE-2022/CVE-2022-251xx/CVE-2022-25147.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2022-25147",
"sourceIdentifier": "security@apache.org",
"published": "2023-01-31T16:15:08.907",
"lastModified": "2024-11-21T06:51:41.640",
"lastModified": "2025-02-13T17:15:39.127",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer.\n\n\n\n\nThis issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions.\n\n"
"value": "Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer.\n\n\n\n\nThis issue affects Apache Portable Runtime Utility (APR-util) 1.6.1 and prior versions."
},
{
"lang": "es",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",

Some files were not shown because too many files have changed in this diff Show More