CVEProject
diff --git a/‎2020/35xxx/CVE-2020-35633.json
Lines changed: 47 additions & 3 deletions b/‎2020/35xxx/CVE-2020-35633.json
Lines changed: 47 additions & 3 deletions
diff --git a/‎2020/35xxx/CVE-2020-35634.json
Lines changed: 47 additions & 3 deletions b/‎2020/35xxx/CVE-2020-35634.json
Lines changed: 47 additions & 3 deletions
diff --git a/‎2020/35xxx/CVE-2020-35635.json
Lines changed: 47 additions & 3 deletions b/‎2020/35xxx/CVE-2020-35635.json
Lines changed: 47 additions & 3 deletions
diff --git a/‎2020/35xxx/CVE-2020-35636.json
Lines changed: 3 additions & 18 deletions b/‎2020/35xxx/CVE-2020-35636.json
Lines changed: 3 additions & 18 deletions
diff --git a/‎2021/21xxx/CVE-2021-21774.json
Lines changed: 2 additions & 2 deletions b/‎2021/21xxx/CVE-2021-21774.json
Lines changed: 2 additions & 2 deletions
diff --git a/‎2021/22xxx/CVE-2021-22022.json
Lines changed: 47 additions & 3 deletions b/‎2021/22xxx/CVE-2021-22022.json
Lines changed: 47 additions & 3 deletions
diff --git a/‎2021/22xxx/CVE-2021-22023.json
Lines changed: 47 additions & 3 deletions b/‎2021/22xxx/CVE-2021-22023.json
Lines changed: 47 additions & 3 deletions
@@ -4,14 +4,58 @@
     "data_version": "4.0",
     "CVE_data_meta": {
         "ID": "CVE-2020-35633",
-        "ASSIGNER": "[email protected]",
-        "STATE": "RESERVED"
+        "ASSIGNER": "[email protected]",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "n/a",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "CGAL Project",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "CGAL Project libcgal CGAL-5.1.1"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "remote code execution"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "refsource": "MISC",
+                "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225",
+                "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"
+            }
+        ]
     },
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() store_sm_boundary_item() Edge_of.A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger this vulnerability."
             }
         ]
     }
 
@@ -4,14 +4,58 @@
     "data_version": "4.0",
     "CVE_data_meta": {
         "ID": "CVE-2020-35634",
-        "ASSIGNER": "[email protected]",
-        "STATE": "RESERVED"
+        "ASSIGNER": "[email protected]",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "n/a",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "CGAL Project",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "CGAL Project libcgal CGAL-5.1.1"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "remote code execution"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "refsource": "MISC",
+                "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225",
+                "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"
+            }
+        ]
     },
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() sfh->boundary_entry_objects Sloop_of. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger this vulnerability."
             }
         ]
     }
 
@@ -4,14 +4,58 @@
     "data_version": "4.0",
     "CVE_data_meta": {
         "ID": "CVE-2020-35635",
-        "ASSIGNER": "[email protected]",
-        "STATE": "RESERVED"
+        "ASSIGNER": "[email protected]",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "n/a",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "CGAL Project",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "CGAL Project libcgal CGAL-5.1.1"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "remote code execution"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "refsource": "MISC",
+                "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225",
+                "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"
+            }
+        ]
     },
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1 in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() store_sm_boundary_item() Sloop_of OOB read. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger this vulnerability."
             }
         ]
     }
 
@@ -15,7 +15,7 @@
                     "product": {
                         "product_data": [
                             {
-                                "product_name": "CGAL",
+                                "product_name": "CGAL Project",
                                 "version": {
                                     "version_data": [
                                         {
@@ -36,7 +36,7 @@
                 "description": [
                     {
                         "lang": "eng",
-                        "value": "code execution"
+                        "value": "remote code execution"
                     }
                 ]
             }
@@ -48,29 +48,14 @@
                 "refsource": "MISC",
                 "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225",
                 "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"
-            },
-            {
-                "refsource": "FEDORA",
-                "name": "FEDORA-2021-0d42c7cb33",
-                "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/E4J344OKKDLPRN422OYRR46HDEN6MM6P/"
-            },
-            {
-                "refsource": "FEDORA",
-                "name": "FEDORA-2021-9de542ab4c",
-                "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/NB5SF5OJR2DSV7CC6U7FVW5VJSJO5EKV/"
-            },
-            {
-                "refsource": "MLIST",
-                "name": "[debian-lts-announce] 20210505 [SECURITY] [DLA 2649-1] cgal security update",
-                "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00002.html"
             }
         ]
     },
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() sfh->volume(). An attacker can provide malicious input to trigger this vulnerability."
+                "value": "A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1 in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() sfh->volume() OOB read. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger this vulnerability."
             }
         ]
     }
 
@@ -5,13 +5,13 @@
     "CVE_data_meta": {
         "ID": "CVE-2021-21774",
         "ASSIGNER": "[email protected]",
-        "STATE": "RESERVED"
+        "STATE": "REJECT"
     },
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-21773. Reason: This candidate is a reservation duplicate of CVE-2021-21773. Notes: All CVE users should reference CVE-2021-21773 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
             }
         ]
     }
 
@@ -4,14 +4,58 @@
     "data_version": "4.0",
     "CVE_data_meta": {
         "ID": "CVE-2021-22022",
-        "ASSIGNER": "[email protected]",
-        "STATE": "RESERVED"
+        "ASSIGNER": "[email protected]",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "n/a",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "VMware vRealize Operations",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "VMware vRealize Operations (8.x prior to 8.5)"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "Arbitrary file read vulnerability"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "refsource": "MISC",
+                "name": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html",
+                "url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
+            }
+        ]
     },
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "The vRealize Operations Manager API (8.x prior to 8.5) contains an arbitrary file read vulnerability. A malicious actor with administrative access to vRealize Operations Manager API can read any arbitrary file on server leading to information disclosure."
             }
         ]
     }
 
@@ -4,14 +4,58 @@
     "data_version": "4.0",
     "CVE_data_meta": {
         "ID": "CVE-2021-22023",
-        "ASSIGNER": "[email protected]",
-        "STATE": "RESERVED"
+        "ASSIGNER": "[email protected]",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "n/a",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "VMware vRealize Operations",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "VMware vRealize Operations (8.x prior to 8.5)"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "Insecure direct object reference vulnerability"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "refsource": "MISC",
+                "name": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html",
+                "url": "https://www.vmware.com/security/advisories/VMSA-2021-0018.html"
+            }
+        ]
     },
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "The vRealize Operations Manager API (8.x prior to 8.5) has insecure object reference vulnerability. A malicious actor with administrative access to vRealize Operations Manager API may be able to modify other users information leading to an account takeover."
             }
         ]
     }
Original file line number	Diff line number	Diff line change
`@@ -15,7 +15,7 @@`
`15`	`15`	`"product": {`
`16`	`16`	`"product_data": [`
`17`	`17`	`{`
`18`		`- "product_name": "CGAL",`
	`18`	`+ "product_name": "CGAL Project",`
`19`	`19`	`"version": {`
`20`	`20`	`"version_data": [`
`21`	`21`	`{`
`@@ -36,7 +36,7 @@`
`36`	`36`	`"description": [`
`37`	`37`	`{`
`38`	`38`	`"lang": "eng",`
`39`		`- "value": "code execution"`
	`39`	`+ "value": "remote code execution"`
`40`	`40`	`}`
`41`	`41`	`]`
`42`	`42`	`}`
`@@ -48,29 +48,14 @@`
`48`	`48`	`"refsource": "MISC",`
`49`	`49`	`"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225",`
`50`	`50`	`"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"`
`51`		`- },`
`52`		`- {`
`53`		`- "refsource": "FEDORA",`
`54`		`- "name": "FEDORA-2021-0d42c7cb33",`
`55`		`- "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/E4J344OKKDLPRN422OYRR46HDEN6MM6P/"`
`56`		`- },`
`57`		`- {`
`58`		`- "refsource": "FEDORA",`
`59`		`- "name": "FEDORA-2021-9de542ab4c",`
`60`		`- "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/NB5SF5OJR2DSV7CC6U7FVW5VJSJO5EKV/"`
`61`		`- },`
`62`		`- {`
`63`		`- "refsource": "MLIST",`
`64`		`- "name": "[debian-lts-announce] 20210505 [SECURITY] [DLA 2649-1] cgal security update",`
`65`		`- "url": "https://lists.debian.org/debian-lts-announce/2021/05/msg00002.html"`
`66`	`51`	`}`
`67`	`52`	`]`
`68`	`53`	`},`
`69`	`54`	`"description": {`
`70`	`55`	`"description_data": [`
`71`	`56`	`{`
`72`	`57`	`"lang": "eng",`
`73`		`- "value": "A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() sfh->volume(). An attacker can provide malicious input to trigger this vulnerability."`
	`58`	`+ "value": "A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1 in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() sfh->volume() OOB read. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger this vulnerability."`
`74`	`59`	`}`
`75`	`60`	`]`
`76`	`61`	`}`
Original file line number	Diff line number	Diff line change
`@@ -5,13 +5,13 @@`
`5`	`5`	`"CVE_data_meta": {`
`6`	`6`	`"ID": "CVE-2021-21774",`
`7`	`7`	`"ASSIGNER": "[email protected]",`
`8`		`- "STATE": "RESERVED"`
	`8`	`+ "STATE": "REJECT"`
`9`	`9`	`},`
`10`	`10`	`"description": {`
`11`	`11`	`"description_data": [`
`12`	`12`	`{`
`13`	`13`	`"lang": "eng",`
`14`		`- "value": " RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."`
	`14`	`+ "value": " REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-21773. Reason: This candidate is a reservation duplicate of CVE-2021-21773. Notes: All CVE users should reference CVE-2021-21773 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."`
`15`	`15`	`}`
`16`	`16`	`]`
`17`	`17`	`}`