From dfd0c74708352eddec106b8d38056dd896acd6c5 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Tue, 26 Jul 2022 13:58:43 +0000
Subject: [PATCH] Auto Generated CVE annotations [Tue Jul 26 13:58:43 UTC 2022]
 :robot:

---
 cves/2018/CVE-2018-1335.yaml  | 2 +-
 cves/2018/CVE-2018-16059.yaml | 1 +
 cves/2022/CVE-2022-28079.yaml | 1 -
 cves/2022/CVE-2022-29014.yaml | 1 +
 4 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/cves/2018/CVE-2018-1335.yaml b/cves/2018/CVE-2018-1335.yaml
index 095694550c..7214f503f8 100644
--- a/cves/2018/CVE-2018-1335.yaml
+++ b/cves/2018/CVE-2018-1335.yaml
@@ -5,13 +5,13 @@ info:
   author: pikpikcu
   severity: high
   description: Apache Tika versions 1.7 to 1.17 allow clients to send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server. This vulnerability only affects those running tika-server on a server that is open to untrusted clients.
-  remediation: Upgrade to Tika 1.18.
   reference:
     - https://rhinosecuritylabs.com/application-security/exploiting-cve-2018-1335-apache-tika/
     - https://www.exploit-db.com/exploits/47208
     - https://lists.apache.org/thread.html/b3ed4432380af767effd4c6f27665cc7b2686acccbefeb9f55851dca@%3Cdev.tika.apache.org%3E
     - http://web.archive.org/web/20210516175956/https://www.securityfocus.com/bid/104001
     - https://nvd.nist.gov/vuln/detail/CVE-2018-1335
+  remediation: Upgrade to Tika 1.18.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.1
diff --git a/cves/2018/CVE-2018-16059.yaml b/cves/2018/CVE-2018-16059.yaml
index b4d05a1fb5..1502baf4b0 100644
--- a/cves/2018/CVE-2018-16059.yaml
+++ b/cves/2018/CVE-2018-16059.yaml
@@ -9,6 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/45342
     - https://ics-cert.us-cert.gov/advisories/ICSA-19-073-03
     - https://nvd.nist.gov/vuln/detail/CVE-2018-16059
+    - https://www.exploit-db.com/exploits/45342/
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
diff --git a/cves/2022/CVE-2022-28079.yaml b/cves/2022/CVE-2022-28079.yaml
index 54b0078cdc..c1b122ba24 100644
--- a/cves/2022/CVE-2022-28079.yaml
+++ b/cves/2022/CVE-2022-28079.yaml
@@ -11,7 +11,6 @@ info:
     - https://download.code-projects.org/details/1c3b87e5-f6a6-46dd-9b5f-19c39667866f
     - https://nvd.nist.gov/vuln/detail/CVE-2022-28079
     - https://code-projects.org/college-management-system-in-php-with-source-code/
-    - https://nvd.nist.gov/vuln/detail/CVE-2022-28079
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
diff --git a/cves/2022/CVE-2022-29014.yaml b/cves/2022/CVE-2022-29014.yaml
index f6982af5aa..517632fe3e 100644
--- a/cves/2022/CVE-2022-29014.yaml
+++ b/cves/2022/CVE-2022-29014.yaml
@@ -8,6 +8,7 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/50864
     - https://nvd.nist.gov/vuln/detail/CVE-2022-29014
+    - https://www2.razer.com/ap-en/desktops-and-networking/razer-sila
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5