From 20cc00daf27049fed1f6302a860b4b67c6c86379 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 23 Oct 2019 18:01:03 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2002/2xxx/CVE-2002-2439.json | 65 ++++++++++++++++++++++++++++++++-- 2014/2xxx/CVE-2014-2304.json | 48 +++++++++++++++++++++++-- 2018/4xxx/CVE-2018-4277.json | 32 ++++++++--------- 2019/18xxx/CVE-2019-18350.json | 62 ++++++++++++++++++++++++++++++++ 4 files changed, 186 insertions(+), 21 deletions(-) create mode 100644 2019/18xxx/CVE-2019-18350.json diff --git a/2002/2xxx/CVE-2002-2439.json b/2002/2xxx/CVE-2002-2439.json index 9248a9b9e45..2ff5dd814c8 100644 --- a/2002/2xxx/CVE-2002-2439.json +++ b/2002/2xxx/CVE-2002-2439.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2002-2439", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "GNU", + "product": { + "product_data": [ + { + "product_name": "gcc", + "version": { + "version_data": [ + { + "version_value": "4.8.0" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,43 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Integer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://security-tracker.debian.org/tracker/CVE-2002-2439", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2002-2439" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2002-2439", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2002-2439" + }, + { + "url": "https://access.redhat.com/security/cve/cve-2002-2439", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/cve-2002-2439" + }, + { + "refsource": "CONFIRM", + "name": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=19351", + "url": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=19351" } ] } diff --git a/2014/2xxx/CVE-2014-2304.json b/2014/2xxx/CVE-2014-2304.json index 7b6ce4c5cfd..075d5631f2c 100644 --- a/2014/2xxx/CVE-2014-2304.json +++ b/2014/2xxx/CVE-2014-2304.json @@ -2,7 +2,7 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-2304", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +11,51 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in version 0.90 of the Open Floodlight SDN controller software could result in a denial of service attack and crashing of the controller service. This effect is the result of a flaw in OpenFlow protocol processing, where specific malformed and mistimed FEATURES_REPLY messages cause the controller service to not delete switch and port data from its internal tracking structures." + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://dovernetworks.com/wp-content/uploads/2014/03/OpenFloodlight-03052014.pdf", + "url": "http://dovernetworks.com/wp-content/uploads/2014/03/OpenFloodlight-03052014.pdf" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] } ] } diff --git a/2018/4xxx/CVE-2018-4277.json b/2018/4xxx/CVE-2018-4277.json index 0d5f567a3d5..818da58aaac 100644 --- a/2018/4xxx/CVE-2018-4277.json +++ b/2018/4xxx/CVE-2018-4277.json @@ -53,34 +53,34 @@ "references": { "reference_data": [ { - "name": "https://support.apple.com/HT208938,", - "refsource": "MISC", - "url": "https://support.apple.com/HT208938," + "refsource": "CONFIRM", + "name": "https://support.apple.com/HT208854", + "url": "https://support.apple.com/HT208854" }, { - "name": "https://support.apple.com/HT208854,", - "refsource": "MISC", - "url": "https://support.apple.com/HT208854," + "refsource": "CONFIRM", + "name": "https://support.apple.com/HT208935", + "url": "https://support.apple.com/HT208935" }, { "name": "https://support.apple.com/HT208937", "refsource": "CONFIRM", "url": "https://support.apple.com/HT208937" }, - { - "name": "https://support.apple.com/HT208936,", - "refsource": "MISC", - "url": "https://support.apple.com/HT208936," - }, - { - "name": "https://support.apple.com/HT208935,", - "refsource": "MISC", - "url": "https://support.apple.com/HT208935," - }, { "name": "1041232", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041232" + }, + { + "refsource": "CONFIRM", + "name": "https://support.apple.com/HT208936", + "url": "https://support.apple.com/HT208936" + }, + { + "refsource": "CONFIRM", + "name": "https://support.apple.com/HT208938", + "url": "https://support.apple.com/HT208938" } ] } diff --git a/2019/18xxx/CVE-2019-18350.json b/2019/18xxx/CVE-2019-18350.json new file mode 100644 index 00000000000..ac78ce47b74 --- /dev/null +++ b/2019/18xxx/CVE-2019-18350.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-18350", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Ant Design Pro 4.0.0, reflected XSS in the user/login redirect GET parameter affects the authorization component, leading to execution of JavaScript code in the login after-action script." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/ant-design/ant-design-pro/pull/5461", + "refsource": "MISC", + "name": "https://github.com/ant-design/ant-design-pro/pull/5461" + } + ] + } +} \ No newline at end of file