admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-11-12 20:01:53 +00:00
parent d17710d55d
commit 1ebe8a3183
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
26 changed files with 361 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
2010/2xxx/CVE-2010-2488.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-2488",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "znc",
"product": {
"product_data": [
{
"product_name": "znc",
"version": {
"version_data": [
{
"version_value": "before 0.092"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "NULL pointer dereference vulnerability in ZNC before 0.092 caused by traffic stats when there are unauthenticated connections."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "null pointer deref"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2010-2488",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2010-2488"
},
{
"url": "https://access.redhat.com/security/cve/cve-2010-2488",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2010-2488"
},
{
"refsource": "MISC",
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584929",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584929"
},
{
"refsource": "CONFIRM",
"name": "https://wiki.znc.in/ChangeLog/0.092",
"url": "https://wiki.znc.in/ChangeLog/0.092"
}
]
}

60
2010/3xxx/CVE-2010-3438.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3438",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "libpoe-component-irc-perl",
"product": {
"product_data": [
{
"product_name": "libpoe-component-irc-perl",
"version": {
"version_data": [
{
"version_value": "before v6.32"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. This can be used to execute arbitrary IRC commands by passing an argument such as \"some text\\rQUIT\" to the 'privmsg' handler, which would cause the client to disconnect from the server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "stripping of CR/LF allows arbitrary IRC command execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2010-3438",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2010-3438"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3438",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3438"
},
{
"refsource": "MISC",
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=581194",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=581194"
}
]
}

65
2010/3xxx/CVE-2010-3439.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2010-3439",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "alien-arena",
"product": {
"product_data": [
{
"product_name": "alien-arena",
"version": {
"version_data": [
{
"version_value": "7.33"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "It is possible to cause a DoS condition by causing the server to crash in alien-arena 7.33 by supplying various invalid parameters to the download command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service - Malformed Input"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2010-3439",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2010-3439"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3439",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-3439"
},
{
"url": "https://access.redhat.com/security/cve/cve-2010-3439",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2010-3439"
},
{
"refsource": "MISC",
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575621",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575621"
}
]
}

55
2011/2xxx/CVE-2011-2335.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "security@google.com",
"ID": "CVE-2011-2335",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Chrome",
"version": {
"version_data": [
{
"version_value": "before Blink M12"
}
]
}
}
]
},
"vendor_name": "Google"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A double-free vulnerability exists in WebKit in Google Chrome before Blink M12 in the WebCore::CSSSelector function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "double free"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bugs.chromium.org/p/chromium/issues/detail?id=81351",
"refsource": "MISC",
"name": "https://bugs.chromium.org/p/chromium/issues/detail?id=81351"
},
{
"refsource": "MISC",
"name": "https://trac.webkit.org/changeset/80155/webkit",
"url": "https://trac.webkit.org/changeset/80155/webkit"
}
]
}

10
2012/0xxx/CVE-2012-0881.json
View File

@ -72,6 +72,11 @@
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=787104"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities",
@ -81,6 +86,11 @@
"refsource": "MLIST",
"name": "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"
}
]
}

5
2013/4xxx/CVE-2013-4002.json
View File

@ -281,6 +281,11 @@
"name": "ibm-java-cve20134002-dos(85260)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85260"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
}
]
}

10
2014/0xxx/CVE-2014-0114.json
View File

@ -382,6 +382,11 @@
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58851"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[infra-devnull] 20190329 [GitHub] [pulsar] massakam opened pull request #3938: Upgrade third party libraries with security vulnerabilities",
@ -611,6 +616,11 @@
"refsource": "MLIST",
"name": "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"
}
]
}

5
2016/1000xxx/CVE-2016-1000031.json
View File

@ -107,6 +107,11 @@
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/d66657323fd25e437face5e84899c8ca404ccd187e81c3f2fa8b6080@%3Cannounce.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
},
{
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",

5
2016/1000xxx/CVE-2016-1000338.json
View File

@ -76,6 +76,11 @@
"name": "RHSA-2018:2927",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2927"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
}
]
}

5
2016/1000xxx/CVE-2016-1000343.json
View File

@ -81,6 +81,11 @@
"name": "RHSA-2018:2927",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2927"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
}
]
}

5
2016/4xxx/CVE-2016-4434.json
View File

@ -76,6 +76,11 @@
"name": "RHSA-2017:0249",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0249.html"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
}
]
}

5
2017/1000xxx/CVE-2017-1000190.json
View File

@ -59,6 +59,11 @@
"refsource": "CONFIRM",
"url": "https://github.com/ngallagher/simplexml/issues/18"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[lucene-dev] 20190723 [jira] [Updated] (SOLR-13648) vulnerable simple-xml-2.7.1.jar",

5
2017/12xxx/CVE-2017-12626.json
View File

@ -68,6 +68,11 @@
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102879"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
},
{
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"refsource": "MISC",

5
2017/7xxx/CVE-2017-7525.json
View File

@ -249,6 +249,11 @@
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2633"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[lucene-dev] 20190325 [jira] [Closed] (SOLR-13110) CVE-2017-7525 Threat Level 9 Against Solr v7.6. org.codehaus.jackson : jackson-mapper-asl : 1.9.13. .A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, ...",

5
2017/7xxx/CVE-2017-7656.json
View File

@ -89,6 +89,11 @@
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20181014-0001/"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar",

5
2017/7xxx/CVE-2017-7657.json
View File

@ -89,6 +89,11 @@
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20181014-0001/"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:0910",

5
2017/7xxx/CVE-2017-7658.json
View File

@ -99,6 +99,11 @@
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20181014-0001/"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar",

5
2018/1000xxx/CVE-2018-1000180.json
View File

@ -120,6 +120,11 @@
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4233"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
},
{
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",

5
2018/1000xxx/CVE-2018-1000632.json
View File

@ -100,6 +100,11 @@
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:0380"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:1160",

5
2018/11xxx/CVE-2018-11761.json
View File

@ -63,6 +63,11 @@
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/5553e10bba5604117967466618f219c0cae710075819c70cfb3fb421@%3Cdev.tika.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
},
{
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",

5
2018/1xxx/CVE-2018-1308.json
View File

@ -75,6 +75,11 @@
"name": "https://issues.apache.org/jira/browse/SOLR-11971",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/SOLR-11971"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
}
]
}

5
2018/8xxx/CVE-2018-8009.json
View File

@ -71,6 +71,11 @@
"name": "https://hadoop.apache.org/cve_list.html#cve-2018-8009-http-cve-mitre-org-cgi-bin-cvename-cgi-name-cve-2018-8009-zip-slip-impact-on-apache-hadoop",
"refsource": "MISC",
"url": "https://hadoop.apache.org/cve_list.html#cve-2018-8009-http-cve-mitre-org-cgi-bin-cvename-cgi-name-cve-2018-8009-zip-slip-impact-on-apache-hadoop"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
}
]
}

5
2019/15xxx/CVE-2019-15163.json
View File

@ -81,6 +81,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-b92ce3144a",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F/"
},
{
"refsource": "CONFIRM",
"name": "https://support.f5.com/csp/article/K92862401?utm_source=f5support&utm_medium=RSS",
"url": "https://support.f5.com/csp/article/K92862401?utm_source=f5support&utm_medium=RSS"
}
]
}

14
2019/17xxx/CVE-2019-17330.json
View File

@ -53,7 +53,7 @@
"description_data": [
{
"lang": "eng",
"value": "The Web server component of TIBCO Software Inc.'s TIBCO EBX contains multiple vulnerabilities that theoretically allow authenticated users to perform stored cross-site scripting (XSS) attacks, and unauthenticated users to perform reflected cross-site scripting attacks.\n\nAffected releases are TIBCO Software Inc.'s TIBCO EBX: versions up to and including 5.8.1.fixR, versions 5.9.3, 5.9.4, 5.9.5, and 5.9.6.\n"
"value": "The Web server component of TIBCO Software Inc.'s TIBCO EBX contains multiple vulnerabilities that theoretically allow authenticated users to perform stored cross-site scripting (XSS) attacks, and unauthenticated users to perform reflected cross-site scripting attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions up to and including 5.8.1.fixR, versions 5.9.3, 5.9.4, 5.9.5, and 5.9.6."
}
]
},
@ -88,12 +88,14 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.tibco.com/support/advisories/2019/11/tibco-security-advisory-november-12-2019-tibco-ebx-2019-17330"
"refsource": "MISC",
"url": "http://www.tibco.com/services/support/advisories",
"name": "http://www.tibco.com/services/support/advisories"
},
{
"refsource": "CONFIRM",
"url": "http://www.tibco.com/services/support/advisories"
"refsource": "MISC",
"url": "https://www.tibco.com/support/advisories/2019/11/tibco-security-advisory-november-12-2019-tibco-ebx-2019-17330",
"name": "https://www.tibco.com/support/advisories/2019/11/tibco-security-advisory-november-12-2019-tibco-ebx-2019-17330"
}
]
},
@ -106,4 +108,4 @@
"source": {
"discovery": "INTERNAL"
}
}
}

14
2019/17xxx/CVE-2019-17331.json
View File

@ -41,7 +41,7 @@
"description_data": [
{
"lang": "eng",
"value": "The Data Exchange Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks.\n\nAffected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions up to and including 3.20.13, version 4.1.0.\n"
"value": "The Data Exchange Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions up to and including 3.20.13, version 4.1.0."
}
]
},
@ -76,12 +76,14 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.tibco.com/support/advisories/2019/11/tibco-security-advisory-november-12-2019-tibco-ebx-add-on-2019-17331"
"refsource": "MISC",
"url": "http://www.tibco.com/services/support/advisories",
"name": "http://www.tibco.com/services/support/advisories"
},
{
"refsource": "CONFIRM",
"url": "http://www.tibco.com/services/support/advisories"
"refsource": "MISC",
"url": "https://www.tibco.com/support/advisories/2019/11/tibco-security-advisory-november-12-2019-tibco-ebx-add-on-2019-17331",
"name": "https://www.tibco.com/support/advisories/2019/11/tibco-security-advisory-november-12-2019-tibco-ebx-add-on-2019-17331"
}
]
},
@ -94,4 +96,4 @@
"source": {
"discovery": "INTERNAL"
}
}
}

12
2019/17xxx/CVE-2019-17332.json
View File

@ -53,7 +53,7 @@
"description_data": [
{
"lang": "eng",
"value": "The Digital Asset Manager Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks.\n\nAffected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions up to and including 3.20.13, versions 4.1.0, 4.2.0, 4.2.1, and 4.2.2.\n"
"value": "The Digital Asset Manager Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions up to and including 3.20.13, versions 4.1.0, 4.2.0, 4.2.1, and 4.2.2."
}
]
},
@ -88,12 +88,14 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.tibco.com/support/advisories/2019/11/tibco-security-advisory-november-12-2019-tibco-ebx-add-on-2019-17332"
"refsource": "MISC",
"url": "http://www.tibco.com/services/support/advisories",
"name": "http://www.tibco.com/services/support/advisories"
},
{
"refsource": "CONFIRM",
"url": "http://www.tibco.com/services/support/advisories"
"refsource": "MISC",
"url": "https://www.tibco.com/support/advisories/2019/11/tibco-security-advisory-november-12-2019-tibco-ebx-add-on-2019-17332",
"name": "https://www.tibco.com/support/advisories/2019/11/tibco-security-advisory-november-12-2019-tibco-ebx-add-on-2019-17332"
}
]
},