Merge branch 'CVE-2016-8625' of https://github.com/RedHatProductSecurity/cvelist into RedHatProductSecurity-CVE-2016-8625

2025-06-12 02:05:39 +00:00 · 2018-07-31 19:16:01 -04:00 · 2018-07-31 19:16:01 -04:00 · 1042b03122
commit 1042b03122
parent bc80e3975b c08d4f1163
1 changed files with 78 additions and 16 deletions
--- a/2016/8xxx/CVE-2016-8625.json
+++ b/2016/8xxx/CVE-2016-8625.json
@ -1,18 +1,80 @@
 {
-   "CVE_data_meta" : {
-      "ASSIGNER" : "cve@mitre.org",
-      "ID" : "CVE-2016-8625",
-      "STATE" : "RESERVED"
-   },
-   "data_format" : "MITRE",
-   "data_type" : "CVE",
-   "data_version" : "4.0",
-   "description" : {
-      "description_data" : [
-         {
-            "lang" : "eng",
-            "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided."
-         }
-      ]
-   }
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2016-8625",
+        "ASSIGNER": "psampaio@redhat.com"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "The Curl Project",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "curl",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "7.51.0"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-20"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8625",
+                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8625",
+                "refsource": "CONFIRM"
+            },
+            {
+                "url": "https://curl.haxx.se/docs/adv_20161102K.html"
+            }
+        ]
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "curl before version 7.51.0 uses outdated IDNA 2003 standard to handle International Domain Names and this may lead users to potentially and unknowingly issue network transfer requests to the wrong host"
+            }
+        ]
+    },
+    "impact": {
+        "cvss": [
+            [
+                {
+                    "vectorString": "5.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
+                    "version": "3.0"
+                }
+            ],
+            [
+                {
+                    "vectorString": "4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N",
+                    "version": "2.0"
+                }
+            ]
+        ]
+    }
 }