admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2017-11-13 12:04:35 -05:00
parent 744745adb9
commit 098226e5f4
No known key found for this signature in database
GPG Key ID: 3504EC0FB4B2FE56
7 changed files with 125 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
2017/0xxx/CVE-2017-0889.json
View File

@ -54,13 +54,13 @@
"references" : {
"reference_data" : [
{
"url" : "https://github.com/thoughtbot/paperclip/pull/2435"
"url" : "https://hackerone.com/reports/209430"
},
{
"url" : "https://hackerone.com/reports/713"
},
{
"url" : "https://hackerone.com/reports/209430"
"url" : "https://github.com/thoughtbot/paperclip/pull/2435"
}
]
}

12
2017/0xxx/CVE-2017-0904.json
View File

@ -53,12 +53,6 @@
},
"references" : {
"reference_data" : [
{
"url" : "https://github.com/jtdowney/private_address_check/issues/1"
},
{
"url" : "https://github.com/jtdowney/private_address_check/commit/58a0d7fe31de339c0117160567a5b33ad82b46af"
},
{
"url" : "https://edoverflow.com/2017/ruby-resolv-bug/"
},
@ -67,6 +61,12 @@
},
{
"url" : "https://hackerone.com/reports/287835"
},
{
"url" : "https://github.com/jtdowney/private_address_check/commit/58a0d7fe31de339c0117160567a5b33ad82b46af"
},
{
"url" : "https://github.com/jtdowney/private_address_check/issues/1"
}
]
}

6
2017/0xxx/CVE-2017-0905.json
View File

@ -53,14 +53,14 @@
},
"references" : {
"reference_data" : [
{
"url" : "https://hackerone.com/reports/288635"
},
{
"url" : "https://dev.recurly.com/page/ruby-updates"
},
{
"url" : "https://github.com/recurly/recurly-client-ruby/commit/1bb0284d6e668b8b3d31167790ed6db1f6ccc4be"
},
{
"url" : "https://hackerone.com/reports/288635"
}
]
}

6
2017/0xxx/CVE-2017-0906.json
View File

@ -53,14 +53,14 @@
},
"references" : {
"reference_data" : [
{
"url" : "https://hackerone.com/reports/288635"
},
{
"url" : "https://dev.recurly.com/page/python-updates"
},
{
"url" : "https://github.com/recurly/recurly-client-python/commit/049c74699ce93cf126feff06d632ea63fba36742"
},
{
"url" : "https://hackerone.com/reports/288635"
}
]
}

6
2017/0xxx/CVE-2017-0907.json
View File

@ -53,14 +53,14 @@
},
"references" : {
"reference_data" : [
{
"url" : "https://hackerone.com/reports/288635"
},
{
"url" : "https://dev.recurly.com/page/net-updates"
},
{
"url" : "https://github.com/recurly/recurly-client-net/commit/9eef460c0084afd5c24d66220c8b7a381cf9a1f1"
},
{
"url" : "https://hackerone.com/reports/288635"
}
]
}

48
2017/14xxx/CVE-2017-14388.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "security_alert@emc.com",
"ID" : "CVE-2017-14388",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "GrootFS release GrootFS release 0.3.x versions prior to 0.30.0",
"version" : {
"version_data" : [
{
"version_value" : "GrootFS release GrootFS release 0.3.x versions prior to 0.30.0"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,26 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Cloud Foundry Foundation GrootFS release 0.3.x versions prior to 0.30.0 do not validate DiffIDs, allowing specially crafted images to poison the grootfs volume cache. For example, this could allow an attacker to provide an image layer that GrootFS would consider to be the Ubuntu base layer."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Does not validate DiffIDs"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://www.cloudfoundry.org/cve-2017-14388/"
}
]
}

63
2017/16xxx/CVE-2017-16803.json Normal file
View File

@ -0,0 +1,63 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2017-16803",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In libav through 11.11 and 12.x through 12.1, the smacker_decode_tree function in libavcodec/smacker.c does not properly restrict tree recursion, which allows remote attackers to cause a denial of service (bitstream.c:build_table() out-of-bounds read and application crash) via a crafted Smacker stream."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://bugzilla.libav.org/show_bug.cgi?id=1098"
},
{
"url" : "https://github.com/libav/libav/commit/cd4663dc80323ba64989d0c103d51ad3ee0e9c2f"
}
]
}
}