admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2018/10xxx/CVE-2018-10237.json

192 lines
8.9 KiB
JSON
Raw Normal View History

- Synchronized data.
2018-04-20 01:03:50 -04:00
{
"-Synchronized-Data."
2019-03-18 01:59:32 +00:00
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-10237",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
- Synchronized data.
2018-04-26 17:05:06 -04:00
{
"-Synchronized-Data."
2019-03-18 01:59:32 +00:00
"lang": "eng",
"value": "Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable."
- Synchronized data.
2018-04-26 17:05:06 -04:00
}
"-Synchronized-Data."
2019-03-18 01:59:32 +00:00
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2018:2428",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2428"
},
{
"name": "RHSA-2018:2740",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2740"
},
{
"name": "RHSA-2018:2741",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2741"
},
{
"name": "RHSA-2018:2742",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2742"
},
{
"name": "RHSA-2018:2598",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2598"
},
{
"name": "RHSA-2018:2643",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2643"
},
{
"name": "RHSA-2018:2424",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2424"
},
{
"name": "RHSA-2018:2423",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2423"
},
{
"name": "RHSA-2018:2425",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2425"
},
{
"name": "RHSA-2018:2927",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2927"
},
{
"name": "1041707",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041707"
},
{
"name": "https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion",
"refsource": "CONFIRM",
"url": "https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion"
},
{
"name": "RHSA-2018:2743",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2743"
"-Synchronized-Data."
2019-04-01 21:00:51 +00:00
},
{
"refsource": "MLIST",
"name": "[hadoop-hdfs-dev] 20190401 Update guava to 27.0-jre in hadoop-project",
"url": "https://lists.apache.org/thread.html/cc48fe770c45a74dc3b37ed0817393e0c96701fc49bc431ed922f3cc@%3Chdfs-dev.hadoop.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[hadoop-common-dev] 20190401 Update guava to 27.0-jre in hadoop-project",
"url": "https://lists.apache.org/thread.html/19fa48533bc7ea1accf6b12746a74ed888ae6e49a5cf81ae4f807495@%3Ccommon-dev.hadoop.apache.org%3E"
"-Synchronized-Data."
2019-04-16 18:00:44 +00:00
},
{
"refsource": "MLIST",
"name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E"
"-Synchronized-Data."
2019-05-16 10:00:47 +00:00
},
{
"refsource": "MLIST",
"name": "[activemq-issues] 20190516 [jira] [Created] (AMQ-7208) Security Issue related to Guava 18.0",
"url": "https://lists.apache.org/thread.html/3ddd79c801edd99c0978e83dbe2168ebd36fd42acfa5dac38fb03dd6@%3Cissues.activemq.apache.org%3E"
"-Synchronized-Data."
2019-05-30 10:00:48 +00:00
},
{
"refsource": "MLIST",
"name": "[activemq-gitbox] 20190530 [GitHub] [activemq-artemis] brusdev opened a new pull request #2687: ARTEMIS-2359 Upgrade to Guava 24.1",
"url": "https://lists.apache.org/thread.html/3d5dbdd92ac9ceaef90e40f78599f9109f2f345252e0ac9d98e7e084@%3Cgitbox.activemq.apache.org%3E"
"-Synchronized-Data."
2019-06-12 17:00:54 +00:00
},
{
"refsource": "MLIST",
"name": "[cassandra-commits] 20190612 [jira] [Assigned] (CASSANDRA-14760) CVE-2018-10237 Security vulnerability in 3.11.3",
"url": "https://lists.apache.org/thread.html/33c6bccfeb7adf644d4d79894ca8f09370be6ed4b20632c2e228d085@%3Ccommits.cassandra.apache.org%3E"
"-Synchronized-Data."
2019-08-21 01:00:47 +00:00
},
{
"refsource": "MLIST",
"name": "[activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar",
"url": "https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E"
"-Synchronized-Data."
2019-09-27 03:01:03 +00:00
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:2858",
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
"-Synchronized-Data."
2019-10-17 22:01:04 +00:00
},
{
"refsource": "MLIST",
"name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities",
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E"
"-Synchronized-Data."
2019-10-18 22:01:00 +00:00
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:3149",
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
"-Synchronized-Data."
2019-10-21 15:59:19 +00:00
},
{
"refsource": "MLIST",
"name": "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"
"-Synchronized-Data."
2020-02-07 01:01:11 +00:00
},
{
"refsource": "MLIST",
"name": "[cxf-dev] 20200206 [GitHub] [cxf] davidkarlsen opened a new pull request #638: upgrade guava, CVE-2018-10237",
"url": "https://lists.apache.org/thread.html/r27eb79a87a760335226dbfa6a7b7bffea539a535f8e80c41e482106d@%3Cdev.cxf.apache.org%3E"
"-Synchronized-Data."
2020-02-07 06:01:08 +00:00
},
{
"refsource": "MLIST",
"name": "[cxf-dev] 20200206 [GitHub] [cxf] reta commented on a change in pull request #638: upgrade guava, CVE-2018-10237",
"url": "https://lists.apache.org/thread.html/r95799427b335807a4c54776908125c3e66597b65845ae50096d9278a@%3Cdev.cxf.apache.org%3E"
"-Synchronized-Data."
2019-03-18 01:59:32 +00:00
}
]
}
}
Reference in New Issue Copy Permalink