Skip to content
This repository was archived by the owner on Jun 10, 2025. It is now read-only.

Commit c206de4

Browse files
cve-teamcve-team
committed
"-Synchronized-Data."
1 parent db90ac4 commit c206de4

15 files changed

+518
-43
lines changed

2020/19xxx/CVE-2020-19143.json

Lines changed: 50 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,61 @@
11
{
2-
"data_type": "CVE",
3-
"data_format": "MITRE",
4-
"data_version": "4.0",
52
"CVE_data_meta": {
6-
"ID": "CVE-2020-19143",
73
"ASSIGNER": "[email protected]",
8-
"STATE": "RESERVED"
4+
"ID": "CVE-2020-19143",
5+
"STATE": "PUBLIC"
96
},
7+
"affects": {
8+
"vendor": {
9+
"vendor_data": [
10+
{
11+
"product": {
12+
"product_data": [
13+
{
14+
"product_name": "n/a",
15+
"version": {
16+
"version_data": [
17+
{
18+
"version_value": "n/a"
19+
}
20+
]
21+
}
22+
}
23+
]
24+
},
25+
"vendor_name": "n/a"
26+
}
27+
]
28+
}
29+
},
30+
"data_format": "MITRE",
31+
"data_type": "CVE",
32+
"data_version": "4.0",
1033
"description": {
1134
"description_data": [
1235
{
1336
"lang": "eng",
14-
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
37+
"value": "Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the \"TIFFVGetField\" funtion in the component 'libtiff/tif_dir.c'."
38+
}
39+
]
40+
},
41+
"problemtype": {
42+
"problemtype_data": [
43+
{
44+
"description": [
45+
{
46+
"lang": "eng",
47+
"value": "n/a"
48+
}
49+
]
50+
}
51+
]
52+
},
53+
"references": {
54+
"reference_data": [
55+
{
56+
"url": "http://bugzilla.maptools.org/show_bug.cgi?id=2851",
57+
"refsource": "MISC",
58+
"name": "http://bugzilla.maptools.org/show_bug.cgi?id=2851"
1559
}
1660
]
1761
}

2020/19xxx/CVE-2020-19144.json

Lines changed: 50 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,61 @@
11
{
2-
"data_type": "CVE",
3-
"data_format": "MITRE",
4-
"data_version": "4.0",
52
"CVE_data_meta": {
6-
"ID": "CVE-2020-19144",
73
"ASSIGNER": "[email protected]",
8-
"STATE": "RESERVED"
4+
"ID": "CVE-2020-19144",
5+
"STATE": "PUBLIC"
96
},
7+
"affects": {
8+
"vendor": {
9+
"vendor_data": [
10+
{
11+
"product": {
12+
"product_data": [
13+
{
14+
"product_name": "n/a",
15+
"version": {
16+
"version_data": [
17+
{
18+
"version_value": "n/a"
19+
}
20+
]
21+
}
22+
}
23+
]
24+
},
25+
"vendor_name": "n/a"
26+
}
27+
]
28+
}
29+
},
30+
"data_format": "MITRE",
31+
"data_type": "CVE",
32+
"data_version": "4.0",
1033
"description": {
1134
"description_data": [
1235
{
1336
"lang": "eng",
14-
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
37+
"value": "Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the 'in _TIFFmemcpy' funtion in the component 'tif_unix.c'."
38+
}
39+
]
40+
},
41+
"problemtype": {
42+
"problemtype_data": [
43+
{
44+
"description": [
45+
{
46+
"lang": "eng",
47+
"value": "n/a"
48+
}
49+
]
50+
}
51+
]
52+
},
53+
"references": {
54+
"reference_data": [
55+
{
56+
"url": "http://bugzilla.maptools.org/show_bug.cgi?id=2852",
57+
"refsource": "MISC",
58+
"name": "http://bugzilla.maptools.org/show_bug.cgi?id=2852"
1559
}
1660
]
1761
}

2020/19xxx/CVE-2020-19515.json

Lines changed: 50 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,61 @@
11
{
2-
"data_type": "CVE",
3-
"data_format": "MITRE",
4-
"data_version": "4.0",
52
"CVE_data_meta": {
6-
"ID": "CVE-2020-19515",
73
"ASSIGNER": "[email protected]",
8-
"STATE": "RESERVED"
4+
"ID": "CVE-2020-19515",
5+
"STATE": "PUBLIC"
96
},
7+
"affects": {
8+
"vendor": {
9+
"vendor_data": [
10+
{
11+
"product": {
12+
"product_data": [
13+
{
14+
"product_name": "n/a",
15+
"version": {
16+
"version_data": [
17+
{
18+
"version_value": "n/a"
19+
}
20+
]
21+
}
22+
}
23+
]
24+
},
25+
"vendor_name": "n/a"
26+
}
27+
]
28+
}
29+
},
30+
"data_format": "MITRE",
31+
"data_type": "CVE",
32+
"data_version": "4.0",
1033
"description": {
1134
"description_data": [
1235
{
1336
"lang": "eng",
14-
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
37+
"value": "qdPM V9.1 is vulnerable to Cross Site Scripting (XSS) via qdPM\\install\\modules\\database_config.php."
38+
}
39+
]
40+
},
41+
"problemtype": {
42+
"problemtype_data": [
43+
{
44+
"description": [
45+
{
46+
"lang": "eng",
47+
"value": "n/a"
48+
}
49+
]
50+
}
51+
]
52+
},
53+
"references": {
54+
"reference_data": [
55+
{
56+
"url": "https://topsecalphalab.github.io/CVE/qdPM9.1-Installer-Cross-Site-Scripting",
57+
"refsource": "MISC",
58+
"name": "https://topsecalphalab.github.io/CVE/qdPM9.1-Installer-Cross-Site-Scripting"
1559
}
1660
]
1761
}

2021/22xxx/CVE-2021-22239.json

Lines changed: 78 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -4,15 +4,89 @@
44
"data_version": "4.0",
55
"CVE_data_meta": {
66
"ID": "CVE-2021-22239",
7-
"ASSIGNER": "[email protected]",
8-
"STATE": "RESERVED"
7+
"ASSIGNER": "[email protected]",
8+
"STATE": "PUBLIC"
9+
},
10+
"affects": {
11+
"vendor": {
12+
"vendor_data": [
13+
{
14+
"vendor_name": "GitLab",
15+
"product": {
16+
"product_data": [
17+
{
18+
"product_name": "GitLab",
19+
"version": {
20+
"version_data": [
21+
{
22+
"version_value": ">=14.1, <14.1.2"
23+
},
24+
{
25+
"version_value": ">=14.0, <14.0.7"
26+
}
27+
]
28+
}
29+
}
30+
]
31+
}
32+
}
33+
]
34+
}
35+
},
36+
"problemtype": {
37+
"problemtype_data": [
38+
{
39+
"description": [
40+
{
41+
"lang": "eng",
42+
"value": "Improper authentication in GitLab"
43+
}
44+
]
45+
}
46+
]
47+
},
48+
"references": {
49+
"reference_data": [
50+
{
51+
"name": "https://gitlab.com/gitlab-org/gitlab/-/issues/336301",
52+
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/336301",
53+
"refsource": "MISC"
54+
},
55+
{
56+
"name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22239.json",
57+
"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22239.json",
58+
"refsource": "CONFIRM"
59+
}
60+
]
961
},
1062
"description": {
1163
"description_data": [
1264
{
1365
"lang": "eng",
14-
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
66+
"value": "An unauthorized user was able to insert metadata when creating new issue on GitLab CE/EE 14.0 and later."
1567
}
1668
]
17-
}
69+
},
70+
"impact": {
71+
"cvss": {
72+
"vectorString": "AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
73+
"attackComplexity": "LOW",
74+
"attackVector": "NETWORK",
75+
"availabilityImpact": "NONE",
76+
"confidentialityImpact": "NONE",
77+
"integrityImpact": "LOW",
78+
"privilegesRequired": "LOW",
79+
"scope": "CHANGED",
80+
"userInteraction": "NONE",
81+
"version": "3.1",
82+
"baseScore": 4.9,
83+
"baseSeverity": "MEDIUM"
84+
}
85+
},
86+
"credit": [
87+
{
88+
"lang": "eng",
89+
"value": "This vulnerability has been discovered internally by the GitLab team"
90+
}
91+
]
1892
}

2021/38xxx/CVE-2021-38721.json

Lines changed: 55 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,66 @@
11
{
2-
"data_type": "CVE",
3-
"data_format": "MITRE",
4-
"data_version": "4.0",
52
"CVE_data_meta": {
6-
"ID": "CVE-2021-38721",
73
"ASSIGNER": "[email protected]",
8-
"STATE": "RESERVED"
4+
"ID": "CVE-2021-38721",
5+
"STATE": "PUBLIC"
96
},
7+
"affects": {
8+
"vendor": {
9+
"vendor_data": [
10+
{
11+
"product": {
12+
"product_data": [
13+
{
14+
"product_name": "n/a",
15+
"version": {
16+
"version_data": [
17+
{
18+
"version_value": "n/a"
19+
}
20+
]
21+
}
22+
}
23+
]
24+
},
25+
"vendor_name": "n/a"
26+
}
27+
]
28+
}
29+
},
30+
"data_format": "MITRE",
31+
"data_type": "CVE",
32+
"data_version": "4.0",
1033
"description": {
1134
"description_data": [
1235
{
1336
"lang": "eng",
14-
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
37+
"value": "FUEL CMS 1.5.0 login.php contains a cross-site request forgery (CSRF) vulnerability"
38+
}
39+
]
40+
},
41+
"problemtype": {
42+
"problemtype_data": [
43+
{
44+
"description": [
45+
{
46+
"lang": "eng",
47+
"value": "n/a"
48+
}
49+
]
50+
}
51+
]
52+
},
53+
"references": {
54+
"reference_data": [
55+
{
56+
"url": "https://github.com/daylightstudio/FUEL-CMS/issues/584",
57+
"refsource": "MISC",
58+
"name": "https://github.com/daylightstudio/FUEL-CMS/issues/584"
59+
},
60+
{
61+
"url": "https://github.com/daylightstudio/FUEL-CMS/commit/6164cd794674d4d74da39f8b535ff588ab006e33",
62+
"refsource": "MISC",
63+
"name": "https://github.com/daylightstudio/FUEL-CMS/commit/6164cd794674d4d74da39f8b535ff588ab006e33"
1564
}
1665
]
1766
}

0 commit comments

Comments
 (0)