CIS Processed auto-status updates 2021-11-26

repository/definitions/inventory/oval_org.cisecurity_def_9064.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="inventory" id="oval:org.cisecurity:def:9064" version="3">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="inventory" id="oval:org.cisecurity:def:9064" version="4">
   <metadata>
     <title>Microsoft Windows 10 Version 21H1 (x86) is installed</title>
     <affected family="windows">
@@ -11,8 +11,9 @@
           <contributor organization="JovalCM.com">David Ries</contributor>
         </submitted>
         <status_change date="2021-11-12T12:59:56.686Z">DRAFT</status_change>
+        <status_change date="2021-11-26T16:05:05.810Z">INTERIM</status_change>
       </dates>
-      <status>DRAFT</status>
+      <status>INTERIM</status>
       <min_schema_version>5.10</min_schema_version>
     </oval_repository>
   </metadata>

repository/definitions/inventory/oval_org.cisecurity_def_9073.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="inventory" id="oval:org.cisecurity:def:9073" version="3">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="inventory" id="oval:org.cisecurity:def:9073" version="4">
   <metadata>
     <title>Microsoft Windows 10 Version 2004 (x64) is installed</title>
     <affected family="windows">
@@ -11,8 +11,9 @@
           <contributor organization="JovalCM.com">David Ries</contributor>
         </submitted>
         <status_change date="2021-11-12T12:59:56.686Z">DRAFT</status_change>
+        <status_change date="2021-11-26T16:05:05.810Z">INTERIM</status_change>
       </dates>
-      <status>DRAFT</status>
+      <status>INTERIM</status>
       <min_schema_version>5.10</min_schema_version>
     </oval_repository>
   </metadata>

repository/definitions/inventory/oval_org.cisecurity_def_9075.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="inventory" id="oval:org.cisecurity:def:9075" version="3">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="inventory" id="oval:org.cisecurity:def:9075" version="4">
   <metadata>
     <title>Microsoft Windows 10 Version 2004 (x86) is installed</title>
     <affected family="windows">
@@ -11,8 +11,9 @@
           <contributor organization="JovalCM.com">David Ries</contributor>
         </submitted>
         <status_change date="2021-11-12T12:59:56.686Z">DRAFT</status_change>
+        <status_change date="2021-11-26T16:05:05.810Z">INTERIM</status_change>
       </dates>
-      <status>DRAFT</status>
+      <status>INTERIM</status>
       <min_schema_version>5.10</min_schema_version>
     </oval_repository>
   </metadata>

repository/definitions/inventory/oval_org.cisecurity_def_9082.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="inventory" id="oval:org.cisecurity:def:9082" version="3">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="inventory" id="oval:org.cisecurity:def:9082" version="4">
   <metadata>
     <title>Microsoft Windows 10 Version 20H2 (x86) is installed</title>
     <affected family="windows">
@@ -11,8 +11,9 @@
           <contributor organization="JovalCM.com">David Ries</contributor>
         </submitted>
         <status_change date="2021-11-12T12:59:56.686Z">DRAFT</status_change>
+        <status_change date="2021-11-26T16:05:05.810Z">INTERIM</status_change>
       </dates>
-      <status>DRAFT</status>
+      <status>INTERIM</status>
       <min_schema_version>5.10</min_schema_version>
     </oval_repository>
   </metadata>

repository/definitions/inventory/oval_org.cisecurity_def_9085.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="inventory" id="oval:org.cisecurity:def:9085" version="3">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="inventory" id="oval:org.cisecurity:def:9085" version="4">
   <metadata>
     <title>Microsoft Windows 10 Version 21H1 (x64) is installed</title>
     <affected family="windows">
@@ -11,8 +11,9 @@
           <contributor organization="JovalCM.com">David Ries</contributor>
         </submitted>
         <status_change date="2021-11-12T12:59:56.686Z">DRAFT</status_change>
+        <status_change date="2021-11-26T16:05:05.810Z">INTERIM</status_change>
       </dates>
-      <status>DRAFT</status>
+      <status>INTERIM</status>
       <min_schema_version>5.10</min_schema_version>
     </oval_repository>
   </metadata>

repository/definitions/inventory/oval_org.cisecurity_def_9091.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="inventory" id="oval:org.cisecurity:def:9091" version="3">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="inventory" id="oval:org.cisecurity:def:9091" version="4">
   <metadata>
     <title>Microsoft Windows 10 Version 20H2 (x64) is installed</title>
     <affected family="windows">
@@ -11,8 +11,9 @@
           <contributor organization="JovalCM.com">David Ries</contributor>
         </submitted>
         <status_change date="2021-11-12T12:59:56.686Z">DRAFT</status_change>
+        <status_change date="2021-11-26T16:05:05.810Z">INTERIM</status_change>
       </dates>
-      <status>DRAFT</status>
+      <status>INTERIM</status>
       <min_schema_version>5.10</min_schema_version>
     </oval_repository>
   </metadata>

repository/definitions/vulnerability/oval_org.cisecurity_def_9024.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9024" version="4">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9024" version="5">
   <metadata>
     <title>Firefox incorrectly treated an inline list-item element as a block element, resulting in an out of bounds read or memory corruption, and a potentially exploitable crash.</title>
     <affected family="windows">
@@ -25,8 +25,9 @@
         </submitted>
         <status_change date="2021-10-29T12:31:48.791Z">DRAFT</status_change>
         <status_change date="2021-11-12T12:59:56.686Z">INTERIM</status_change>
+        <status_change date="2021-11-26T16:05:05.810Z">ACCEPTED</status_change>
       </dates>
-      <status>INTERIM</status>
+      <status>ACCEPTED</status>
       <min_schema_version>5.10</min_schema_version>
     </oval_repository>
   </metadata>

repository/definitions/vulnerability/oval_org.cisecurity_def_9025.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9025" version="4">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9025" version="5">
   <metadata>
     <title>Uninitialized memory in a canvas object could have caused an incorrect free() leading to memory corruption and a potentially exploitable crash.</title>
     <affected family="windows">
@@ -25,8 +25,9 @@
         </submitted>
         <status_change date="2021-10-29T12:31:48.791Z">DRAFT</status_change>
         <status_change date="2021-11-12T12:59:56.686Z">INTERIM</status_change>
+        <status_change date="2021-11-26T16:05:05.810Z">ACCEPTED</status_change>
       </dates>
-      <status>INTERIM</status>
+      <status>ACCEPTED</status>
       <min_schema_version>5.10</min_schema_version>
     </oval_repository>
   </metadata>

repository/definitions/vulnerability/oval_org.cisecurity_def_9026.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9026" version="4">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9026" version="5">
   <metadata>
     <title>A use-after-free vulnerability in media channels could have led to memory corruption and a potentially exploitable crash.</title>
     <affected family="windows">
@@ -25,8 +25,9 @@
         </submitted>
         <status_change date="2021-10-29T12:31:48.791Z">DRAFT</status_change>
         <status_change date="2021-11-12T12:59:56.686Z">INTERIM</status_change>
+        <status_change date="2021-11-26T16:05:05.810Z">ACCEPTED</status_change>
       </dates>
-      <status>INTERIM</status>
+      <status>ACCEPTED</status>
       <min_schema_version>5.10</min_schema_version>
     </oval_repository>
   </metadata>

repository/definitions/vulnerability/oval_org.cisecurity_def_9027.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9027" version="4">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9027" version="5">
   <metadata>
     <title>Mozilla developers reported memory safety bugs present in Firefox 90 and Firefox ESR 78.</title>
     <affected family="windows">
@@ -25,8 +25,9 @@
         </submitted>
         <status_change date="2021-10-29T12:31:48.791Z">DRAFT</status_change>
         <status_change date="2021-11-12T12:59:56.686Z">INTERIM</status_change>
+        <status_change date="2021-11-26T16:05:05.810Z">ACCEPTED</status_change>
       </dates>
-      <status>INTERIM</status>
+      <status>ACCEPTED</status>
       <min_schema_version>5.10</min_schema_version>
     </oval_repository>
   </metadata>

repository/definitions/vulnerability/oval_org.cisecurity_def_9028.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9028" version="4">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9028" version="5">
   <metadata>
     <title>Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection.</title>
     <affected family="windows">
@@ -25,8 +25,9 @@
         </submitted>
         <status_change date="2021-10-29T12:31:48.791Z">DRAFT</status_change>
         <status_change date="2021-11-12T12:59:56.686Z">INTERIM</status_change>
+        <status_change date="2021-11-26T16:05:05.810Z">ACCEPTED</status_change>
       </dates>
-      <status>INTERIM</status>
+      <status>ACCEPTED</status>
       <min_schema_version>5.10</min_schema_version>
     </oval_repository>
   </metadata>

repository/definitions/vulnerability/oval_org.cisecurity_def_9029.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9029" version="4">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9029" version="5">
   <metadata>
     <title>Mozilla developers and community members reported memory safety bugs present in Firefox 90.</title>
     <affected family="windows">
@@ -23,8 +23,9 @@
         </submitted>
         <status_change date="2021-10-29T12:31:48.791Z">DRAFT</status_change>
         <status_change date="2021-11-12T12:59:56.686Z">INTERIM</status_change>
+        <status_change date="2021-11-26T16:05:05.810Z">ACCEPTED</status_change>
       </dates>
-      <status>INTERIM</status>
+      <status>ACCEPTED</status>
       <min_schema_version>5.10</min_schema_version>
     </oval_repository>
   </metadata>

repository/definitions/vulnerability/oval_org.cisecurity_def_9030.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9030" version="4">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9030" version="5">
   <metadata>
     <title>Mozilla developers reported memory safety bugs present in Firefox 89.</title>
     <affected family="windows">
@@ -23,8 +23,9 @@
         </submitted>
         <status_change date="2021-10-29T12:31:48.791Z">DRAFT</status_change>
         <status_change date="2021-11-12T12:59:56.686Z">INTERIM</status_change>
+        <status_change date="2021-11-26T16:05:05.810Z">ACCEPTED</status_change>
       </dates>
-      <status>INTERIM</status>
+      <status>ACCEPTED</status>
       <min_schema_version>5.10</min_schema_version>
     </oval_repository>
   </metadata>

repository/definitions/vulnerability/oval_org.cisecurity_def_9031.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9031" version="4">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9031" version="5">
   <metadata>
     <title>An issue present in lowering/register allocation could have led to obscure but deterministic register confusion failures in JITted code that would lead to a potentially exploitable crash.</title>
     <affected family="windows">
@@ -24,8 +24,9 @@
         </submitted>
         <status_change date="2021-10-29T12:31:48.791Z">DRAFT</status_change>
         <status_change date="2021-11-12T12:59:56.686Z">INTERIM</status_change>
+        <status_change date="2021-11-26T16:05:05.810Z">ACCEPTED</status_change>
       </dates>
-      <status>INTERIM</status>
+      <status>ACCEPTED</status>
       <min_schema_version>5.10</min_schema_version>
     </oval_repository>
   </metadata>

repository/definitions/vulnerability/oval_org.cisecurity_def_9032.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9032" version="4">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9032" version="5">
   <metadata>
     <title>Due to incorrect JIT optimization, we incorrectly interpreted data from the wrong type of object, resulting in the potential leak of a single bit of memory.</title>
     <affected family="windows">
@@ -24,8 +24,9 @@
         </submitted>
         <status_change date="2021-10-29T12:31:48.791Z">DRAFT</status_change>
         <status_change date="2021-11-12T12:59:56.686Z">INTERIM</status_change>
+        <status_change date="2021-11-26T16:05:05.810Z">ACCEPTED</status_change>
       </dates>
-      <status>INTERIM</status>
+      <status>ACCEPTED</status>
       <min_schema_version>5.10</min_schema_version>
     </oval_repository>
   </metadata>

repository/definitions/vulnerability/oval_org.cisecurity_def_9033.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9033" version="2">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9033" version="3">
   <metadata>
     <title>A malicious extension with the 'search' permission could have installed a new search engine whose favicon referenced a cross-origin URL.</title>
     <affected family="windows">

repository/definitions/vulnerability/oval_org.cisecurity_def_9034.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9034" version="2">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9034" version="3">
   <metadata>
     <title>A use-after-free vulnerability was found via testing, and traced to an out-of-date Cairo library.</title>
     <affected family="windows">

repository/definitions/vulnerability/oval_org.cisecurity_def_9035.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9035" version="2">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9035" version="3">
   <metadata>
     <title>When network partitioning was enabled, e.g. as a result of Enhanced Tracking Protection settings, a TLS error page would allow the user to override an error on a domain which had specified HTTP Strict Transport Security (which implies that the error should not be override-able.)</title>
     <affected family="windows">

repository/definitions/vulnerability/oval_org.cisecurity_def_9036.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9036" version="2">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9036" version="3">
   <metadata>
     <title>If an attacker is able to alter specific about:config values (for example malware running on the user's computer), the Devtools remote debugging feature could have been enabled in a way that was unnoticable to the user.</title>
     <affected family="windows">

repository/definitions/vulnerability/oval_org.cisecurity_def_9037.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9037" version="2">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9037" version="3">
   <metadata>
     <title>Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.</title>
     <affected family="windows">

repository/definitions/vulnerability/oval_org.cisecurity_def_9038.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9038" version="2">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9038" version="3">
   <metadata>
     <title>Mozilla developers reported memory safety bugs present in code shared between Firefox and Thunderbird.</title>
     <affected family="windows">

repository/definitions/vulnerability/oval_org.cisecurity_def_9039.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9039" version="2">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9039" version="3">
   <metadata>
     <title>A malicious extension could have opened a popup window lacking an address bar.</title>
     <affected family="windows">

repository/definitions/vulnerability/oval_org.cisecurity_def_9040.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9040" version="2">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9040" version="3">
   <metadata>
     <title>A WebGL framebuffer was not initialized early enough, resulting in memory corruption and an out of bound write.</title>
     <affected family="windows">

repository/definitions/vulnerability/oval_org.cisecurity_def_9041.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9041" version="2">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9041" version="3">
   <metadata>
     <title>By utilizing 3D CSS in conjunction with Javascript, content could have been rendered outside the webpage's viewport, resulting in a spoofing attack that could have been used for phishing or other attacks on a user.</title>
     <affected family="windows">

repository/definitions/vulnerability/oval_org.cisecurity_def_9042.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9042" version="2">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9042" version="3">
   <metadata>
     <title>Through a series of DOM manipulations, a message, over which the attacker had control of the text but not HTML or formatting, could be overlaid on top of another domain (with the new domain correctly shown in the address bar) resulting in possible user confusion.</title>
     <affected family="windows">

repository/definitions/vulnerability/oval_org.cisecurity_def_9043.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9043" version="2">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9043" version="3">
   <metadata>
     <title>When Responsive Design Mode was enabled, it used references to objects that were previously freed.</title>
     <affected family="windows">

repository/definitions/vulnerability/oval_org.cisecurity_def_9044.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9044" version="2">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9044" version="3">
   <metadata>
     <title>Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.</title>
     <affected family="windows">

repository/definitions/vulnerability/oval_org.cisecurity_def_9045.xml

@@ -1,4 +1,4 @@
-<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9045" version="2">
+<definition xmlns="http://oval.mitre.org/XMLSchema/oval-definitions-5" class="vulnerability" id="oval:org.cisecurity:def:9045" version="3">
   <metadata>
     <title>A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash.</title>
     <affected family="windows">