{"vulnerability": "cve-2021-3819", "sightings": [{"uuid": "b36927b9-e95c-4af0-b12c-9e3f09d5f69a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-3819", "type": "seen", "source": "https://t.me/cibsecurity/29461", "content": "\u203c CVE-2021-3819 \u203c\n\nfirefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-27T16:35:01.000000Z"}, {"uuid": "7692d16a-2655-449c-9b3a-510ebf8e0e7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38194", "type": "seen", "source": "https://t.me/cibsecurity/26981", "content": "\u203c CVE-2021-38194 \u203c\n\nAn issue was discovered in the ark-r1cs-std crate before 0.3.1 for Rust. It does not enforce any constraints in the FieldVar::mul_by_inverse method. Thus, a prover can produce a proof that is unsound but is nonetheless verified.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-08T12:35:44.000000Z"}, {"uuid": "b5d86189-e3bc-4af5-8744-de6f0b1c5da1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38198", "type": "seen", "source": "https://t.me/cibsecurity/26999", "content": "\u203c CVE-2021-38198 \u203c\n\narch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-09T00:36:05.000000Z"}, {"uuid": "f6371480-f0ee-4177-9fbc-49c5d8d0f08d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38199", "type": "seen", "source": "https://t.me/cibsecurity/26996", "content": "\u203c CVE-2021-38199 \u203c\n\nfs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-09T00:36:02.000000Z"}]}