Skip to content
This repository was archived by the owner on Jun 10, 2025. It is now read-only.

Commit 7489b35

Browse files
cve-teamcve-team
committed
"-Synchronized-Data."
1 parent b4e3d24 commit 7489b35

25 files changed

+999
-90
lines changed

2020/22xxx/CVE-2020-22984.json

Lines changed: 65 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,76 @@
11
{
2-
"data_type": "CVE",
3-
"data_format": "MITRE",
4-
"data_version": "4.0",
52
"CVE_data_meta": {
6-
"ID": "CVE-2020-22984",
73
"ASSIGNER": "[email protected]",
8-
"STATE": "RESERVED"
4+
"ID": "CVE-2020-22984",
5+
"STATE": "PUBLIC"
96
},
7+
"affects": {
8+
"vendor": {
9+
"vendor_data": [
10+
{
11+
"product": {
12+
"product_data": [
13+
{
14+
"product_name": "n/a",
15+
"version": {
16+
"version_data": [
17+
{
18+
"version_value": "n/a"
19+
}
20+
]
21+
}
22+
}
23+
]
24+
},
25+
"vendor_name": "n/a"
26+
}
27+
]
28+
}
29+
},
30+
"data_format": "MITRE",
31+
"data_type": "CVE",
32+
"data_version": "4.0",
1033
"description": {
1134
"description_data": [
1235
{
1336
"lang": "eng",
14-
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
37+
"value": "Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via key parameter to the getGoogleExtraConfig task."
38+
}
39+
]
40+
},
41+
"problemtype": {
42+
"problemtype_data": [
43+
{
44+
"description": [
45+
{
46+
"lang": "eng",
47+
"value": "n/a"
48+
}
49+
]
50+
}
51+
]
52+
},
53+
"references": {
54+
"reference_data": [
55+
{
56+
"url": "http://microstrategy.com",
57+
"refsource": "MISC",
58+
"name": "http://microstrategy.com"
59+
},
60+
{
61+
"url": "http://www.yourcompany.com:8080/MicroStrategy/servlet/taskProc",
62+
"refsource": "MISC",
63+
"name": "http://www.yourcompany.com:8080/MicroStrategy/servlet/taskProc"
64+
},
65+
{
66+
"url": "https://www.microstrategy.com/us/report-a-security-vulnerability",
67+
"refsource": "MISC",
68+
"name": "https://www.microstrategy.com/us/report-a-security-vulnerability"
69+
},
70+
{
71+
"refsource": "MISC",
72+
"name": "https://medium.com/@win3zz/simple-story-of-some-complicated-xss-on-facebook-8a9c0d80969d",
73+
"url": "https://medium.com/@win3zz/simple-story-of-some-complicated-xss-on-facebook-8a9c0d80969d"
1574
}
1675
]
1776
}

2020/22xxx/CVE-2020-22985.json

Lines changed: 65 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,76 @@
11
{
2-
"data_type": "CVE",
3-
"data_format": "MITRE",
4-
"data_version": "4.0",
52
"CVE_data_meta": {
6-
"ID": "CVE-2020-22985",
73
"ASSIGNER": "[email protected]",
8-
"STATE": "RESERVED"
4+
"ID": "CVE-2020-22985",
5+
"STATE": "PUBLIC"
96
},
7+
"affects": {
8+
"vendor": {
9+
"vendor_data": [
10+
{
11+
"product": {
12+
"product_data": [
13+
{
14+
"product_name": "n/a",
15+
"version": {
16+
"version_data": [
17+
{
18+
"version_value": "n/a"
19+
}
20+
]
21+
}
22+
}
23+
]
24+
},
25+
"vendor_name": "n/a"
26+
}
27+
]
28+
}
29+
},
30+
"data_format": "MITRE",
31+
"data_type": "CVE",
32+
"data_version": "4.0",
1033
"description": {
1134
"description_data": [
1235
{
1336
"lang": "eng",
14-
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
37+
"value": "Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the key parameter to the getESRIExtraConfig task."
38+
}
39+
]
40+
},
41+
"problemtype": {
42+
"problemtype_data": [
43+
{
44+
"description": [
45+
{
46+
"lang": "eng",
47+
"value": "n/a"
48+
}
49+
]
50+
}
51+
]
52+
},
53+
"references": {
54+
"reference_data": [
55+
{
56+
"url": "http://microstrategy.com",
57+
"refsource": "MISC",
58+
"name": "http://microstrategy.com"
59+
},
60+
{
61+
"url": "http://www.yourcompany.com:8080/MicroStrategy/servlet/taskProc",
62+
"refsource": "MISC",
63+
"name": "http://www.yourcompany.com:8080/MicroStrategy/servlet/taskProc"
64+
},
65+
{
66+
"url": "https://www.microstrategy.com/us/report-a-security-vulnerability",
67+
"refsource": "MISC",
68+
"name": "https://www.microstrategy.com/us/report-a-security-vulnerability"
69+
},
70+
{
71+
"refsource": "MISC",
72+
"name": "https://medium.com/@win3zz/simple-story-of-some-complicated-xss-on-facebook-8a9c0d80969d",
73+
"url": "https://medium.com/@win3zz/simple-story-of-some-complicated-xss-on-facebook-8a9c0d80969d"
1574
}
1675
]
1776
}

2020/22xxx/CVE-2020-22986.json

Lines changed: 70 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,81 @@
11
{
2-
"data_type": "CVE",
3-
"data_format": "MITRE",
4-
"data_version": "4.0",
52
"CVE_data_meta": {
6-
"ID": "CVE-2020-22986",
73
"ASSIGNER": "[email protected]",
8-
"STATE": "RESERVED"
4+
"ID": "CVE-2020-22986",
5+
"STATE": "PUBLIC"
6+
},
7+
"affects": {
8+
"vendor": {
9+
"vendor_data": [
10+
{
11+
"product": {
12+
"product_data": [
13+
{
14+
"product_name": "n/a",
15+
"version": {
16+
"version_data": [
17+
{
18+
"version_value": "n/a"
19+
}
20+
]
21+
}
22+
}
23+
]
24+
},
25+
"vendor_name": "n/a"
26+
}
27+
]
28+
}
929
},
30+
"data_format": "MITRE",
31+
"data_type": "CVE",
32+
"data_version": "4.0",
1033
"description": {
1134
"description_data": [
1235
{
1336
"lang": "eng",
14-
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
37+
"value": "Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the searchString parameter to the wikiScrapper task."
38+
}
39+
]
40+
},
41+
"problemtype": {
42+
"problemtype_data": [
43+
{
44+
"description": [
45+
{
46+
"lang": "eng",
47+
"value": "n/a"
48+
}
49+
]
50+
}
51+
]
52+
},
53+
"references": {
54+
"reference_data": [
55+
{
56+
"url": "http://microstrategy.com",
57+
"refsource": "MISC",
58+
"name": "http://microstrategy.com"
59+
},
60+
{
61+
"url": "http://www.yourcompany.com:8080/MicroStrategy/servlet/taskProc",
62+
"refsource": "MISC",
63+
"name": "http://www.yourcompany.com:8080/MicroStrategy/servlet/taskProc"
64+
},
65+
{
66+
"url": "https://tinyurl.com/",
67+
"refsource": "MISC",
68+
"name": "https://tinyurl.com/"
69+
},
70+
{
71+
"url": "https://www.microstrategy.com/us/report-a-security-vulnerability",
72+
"refsource": "MISC",
73+
"name": "https://www.microstrategy.com/us/report-a-security-vulnerability"
74+
},
75+
{
76+
"refsource": "MISC",
77+
"name": "https://medium.com/@win3zz/simple-story-of-some-complicated-xss-on-facebook-8a9c0d80969d",
78+
"url": "https://medium.com/@win3zz/simple-story-of-some-complicated-xss-on-facebook-8a9c0d80969d"
1579
}
1680
]
1781
}

2020/22xxx/CVE-2020-22987.json

Lines changed: 65 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,76 @@
11
{
2-
"data_type": "CVE",
3-
"data_format": "MITRE",
4-
"data_version": "4.0",
52
"CVE_data_meta": {
6-
"ID": "CVE-2020-22987",
73
"ASSIGNER": "[email protected]",
8-
"STATE": "RESERVED"
4+
"ID": "CVE-2020-22987",
5+
"STATE": "PUBLIC"
96
},
7+
"affects": {
8+
"vendor": {
9+
"vendor_data": [
10+
{
11+
"product": {
12+
"product_data": [
13+
{
14+
"product_name": "n/a",
15+
"version": {
16+
"version_data": [
17+
{
18+
"version_value": "n/a"
19+
}
20+
]
21+
}
22+
}
23+
]
24+
},
25+
"vendor_name": "n/a"
26+
}
27+
]
28+
}
29+
},
30+
"data_format": "MITRE",
31+
"data_type": "CVE",
32+
"data_version": "4.0",
1033
"description": {
1134
"description_data": [
1235
{
1336
"lang": "eng",
14-
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
37+
"value": "Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the fileToUpload parameter to the uploadFile task."
38+
}
39+
]
40+
},
41+
"problemtype": {
42+
"problemtype_data": [
43+
{
44+
"description": [
45+
{
46+
"lang": "eng",
47+
"value": "n/a"
48+
}
49+
]
50+
}
51+
]
52+
},
53+
"references": {
54+
"reference_data": [
55+
{
56+
"url": "http://microstrategy.com",
57+
"refsource": "MISC",
58+
"name": "http://microstrategy.com"
59+
},
60+
{
61+
"url": "http://www.yourcompany.com:8080/MicroStrategy/servlet/taskProc",
62+
"refsource": "MISC",
63+
"name": "http://www.yourcompany.com:8080/MicroStrategy/servlet/taskProc"
64+
},
65+
{
66+
"url": "https://www.microstrategy.com/us/report-a-security-vulnerability",
67+
"refsource": "MISC",
68+
"name": "https://www.microstrategy.com/us/report-a-security-vulnerability"
69+
},
70+
{
71+
"refsource": "MISC",
72+
"name": "https://medium.com/@win3zz/simple-story-of-some-complicated-xss-on-facebook-8a9c0d80969d",
73+
"url": "https://medium.com/@win3zz/simple-story-of-some-complicated-xss-on-facebook-8a9c0d80969d"
1574
}
1675
]
1776
}

2021/22xxx/CVE-2021-22189.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@
2525
"version_value": ">=13.7.0, <13.7.7"
2626
},
2727
{
28-
"version_value": "<13.6.7"
28+
"version_value": ">=13.6, <13.6.7"
2929
}
3030
]
3131
}

2021/22xxx/CVE-2021-22203.json

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,13 @@
1919
"version": {
2020
"version_data": [
2121
{
22-
"version_value": ">=13.7, <=13.9"
22+
"version_value": ">=13.10, <13.10.1"
23+
},
24+
{
25+
"version_value": ">=13.9, <13.9.5"
26+
},
27+
{
28+
"version_value": ">=13.7.9, <13.8.7"
2329
}
2430
]
2531
}
@@ -65,7 +71,7 @@
6571
"description_data": [
6672
{
6773
"lang": "eng",
68-
"value": "An issue has been discovered in GitLab CE/EE affecting all versions starting with 13.7.9. A specially crafted Wiki page allowed attackers to read arbitrary files on the server."
74+
"value": "An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7.9 before 13.8.7, all versions starting from 13.9 before 13.9.5, and all versions starting from 13.10 before 13.10.1. A specially crafted Wiki page allowed attackers to read arbitrary files on the server."
6975
}
7076
]
7177
},

2021/22xxx/CVE-2021-22218.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@
1919
"version": {
2020
"version_data": [
2121
{
22-
"version_value": ">=10.5, <13.10.5"
22+
"version_value": ">=12.8, <13.10.5"
2323
},
2424
{
2525
"version_value": ">=13.11, <13.11.5"
@@ -71,7 +71,7 @@
7171
"description_data": [
7272
{
7373
"lang": "eng",
74-
"value": "All versions of GitLab CE/EE starting with 12.8 were affected by an issue in the handling of x509 certificates that could be used to spoof author of signed commits."
74+
"value": "All versions of GitLab CE/EE starting from 12.8 before 13.10.5, all versions starting from 13.11 before 13.11.5, and all versions starting from 13.12 before 13.12.2 were affected by an issue in the handling of x509 certificates that could be used to spoof author of signed commits."
7575
}
7676
]
7777
},

0 commit comments

Comments
 (0)