admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-02-13 00:02:11 +00:00
parent 630dbf7fce
commit 22aed84e85
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
100 changed files with 4334 additions and 8804 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
2012/0xxx/CVE-2012-0792.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-0792",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://git.moodle.org/gw?p=moodle.git;a=commit;h=36b0ddeed45d0751508dcd9fa50f17fda43bae54",
"refsource": "CONFIRM",
"url": "http://git.moodle.org/gw?p=moodle.git;a=commit;h=36b0ddeed45d0751508dcd9fa50f17fda43bae54"
"url": "http://www.debian.org/security/2012/dsa-2421",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2421"
},
{
"name": "http://moodle.org/mod/forum/discuss.php?d=194009",
"refsource": "CONFIRM",
"url": "http://moodle.org/mod/forum/discuss.php?d=194009"
"url": "http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=36b0ddeed45d0751508dcd9fa50f17fda43bae54",
"refsource": "MISC",
"name": "http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=36b0ddeed45d0751508dcd9fa50f17fda43bae54"
},
{
"name": "DSA-2421",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2421"
"url": "http://moodle.org/mod/forum/discuss.php?d=194009",
"refsource": "MISC",
"name": "http://moodle.org/mod/forum/discuss.php?d=194009"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=783532",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=783532"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=783532",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=783532"
}
]
}

73
2012/0xxx/CVE-2012-0801.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-0801",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://git.moodle.org/gw?p=moodle.git;a=commit;h=51070abc78b9e1db1db9a44855e8623b22bebd48",
"refsource": "CONFIRM",
"url": "http://git.moodle.org/gw?p=moodle.git;a=commit;h=51070abc78b9e1db1db9a44855e8623b22bebd48"
"url": "http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=51070abc78b9e1db1db9a44855e8623b22bebd48",
"refsource": "MISC",
"name": "http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=51070abc78b9e1db1db9a44855e8623b22bebd48"
},
{
"name": "http://moodle.org/mod/forum/discuss.php?d=194020",
"refsource": "CONFIRM",
"url": "http://moodle.org/mod/forum/discuss.php?d=194020"
"url": "http://moodle.org/mod/forum/discuss.php?d=194020",
"refsource": "MISC",
"name": "http://moodle.org/mod/forum/discuss.php?d=194020"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=783532",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=783532"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=783532",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=783532"
}
]
}

145
2012/0xxx/CVE-2012-0831.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-0831",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,82 +27,106 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "USN-1358-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1358-1"
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"
},
{
"name": "SUSE-SU-2012:0411",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html"
"url": "http://support.apple.com/kb/HT5501",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT5501"
},
{
"name": "55078",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55078"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html"
},
{
"name": "http://svn.php.net/viewvc?view=revision&revision=323016",
"refsource": "CONFIRM",
"url": "http://svn.php.net/viewvc?view=revision&revision=323016"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
},
{
"name": "openSUSE-SU-2012:0426",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html"
"url": "http://secunia.com/advisories/48668",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48668"
},
{
"name": "SUSE-SU-2012:0472",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00001.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080037.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080037.html"
},
{
"name": "48668",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48668"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080041.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080041.html"
},
{
"name": "APPLE-SA-2012-09-19-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00001.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00001.html"
},
{
"name": "RHSA-2013:1307",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1307.html"
"url": "http://rhn.redhat.com/errata/RHSA-2013-1307.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1307.html"
},
{
"name": "http://support.apple.com/kb/HT5501",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5501"
"url": "http://secunia.com/advisories/55078",
"refsource": "MISC",
"name": "http://secunia.com/advisories/55078"
},
{
"name": "FEDORA-2012-6907",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080041.html"
"url": "http://svn.php.net/viewvc?view=revision&revision=323016",
"refsource": "MISC",
"name": "http://svn.php.net/viewvc?view=revision&revision=323016"
},
{
"name": "https://launchpadlibrarian.net/92454212/php5_5.3.2-1ubuntu4.13.diff.gz",
"refsource": "CONFIRM",
"url": "https://launchpadlibrarian.net/92454212/php5_5.3.2-1ubuntu4.13.diff.gz"
"url": "http://www.securityfocus.com/bid/51954",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/51954"
},
{
"name": "php-magicquotesgpc-sec-bypass(73125)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73125"
"url": "http://www.ubuntu.com/usn/USN-1358-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1358-1"
},
{
"name": "51954",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/51954"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73125",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73125"
},
{
"name": "FEDORA-2012-6911",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080037.html"
"url": "https://launchpadlibrarian.net/92454212/php5_5.3.2-1ubuntu4.13.diff.gz",
"refsource": "MISC",
"name": "https://launchpadlibrarian.net/92454212/php5_5.3.2-1ubuntu4.13.diff.gz"
}
]
}

73
2012/0xxx/CVE-2012-0841.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2012-0841 libxml2: hash table collisions CPU usage DoS"
"value": "libxml2 before 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Inefficient Algorithmic Complexity",
"cweId": "CWE-407"
"value": "n/a"
}
]
}
@ -32,31 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.6.26-2.1.15.el5_8.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.7.6-4.el6_2.4",
"version_affected": "!"
},
{
"version_value": "0:2.7.6-6.el6_3",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -164,55 +148,10 @@
"refsource": "MISC",
"name": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:0324",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:0324"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0217",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0217"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-0841",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-0841"
},
{
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_0841_denial_of",
"refsource": "MISC",
"name": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_0841_denial_of"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=787067",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=787067"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}

78
2012/0xxx/CVE-2012-0861.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2012-0861 rhev: vds_installer is prone to MITM when downloading 2nd stage installer"
"value": "The vds_installer in Red Hat Enterprise Virtualization Manager (RHEV-M) before 3.1, when adding a host, uses the -k curl parameter when downloading deployUtil.py and vds_bootstrap.py, which prevents SSL certificates from being validated and allows remote attackers to execute arbitrary Python code via a man-in-the-middle attack."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Certificate Validation",
"cweId": "CWE-295"
"value": "n/a"
}
]
}
@ -32,31 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "RHEV 3.X Hypervisor and Agents for RHEL-6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:4.9.6-44.0.el6_3",
"version_affected": "!"
},
{
"version_value": "0:6.3-20121121.0.el6_3",
"version_affected": "!"
}
]
}
},
{
"product_name": "RHEV Manager version 3.0",
"version": {
"version_data": [
{
"version_value": "0:3.1.0-32",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -84,71 +68,21 @@
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1027838"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1506",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1506"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2012-1508.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1508.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1508",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1508"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2012-1505.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1505.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1505",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1505"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-0861",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-0861"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=790754",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=790754"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80544",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80544"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}
}

85
2012/0xxx/CVE-2012-0871.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-0871",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "SUSE-SA:2012:001",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00030.html"
"url": "http://cgit.freedesktop.org/systemd/systemd/commit/?id=fc3c1c6e091ea16ad5600b145201ec535bbb5d7c",
"refsource": "MISC",
"name": "http://cgit.freedesktop.org/systemd/systemd/commit/?id=fc3c1c6e091ea16ad5600b145201ec535bbb5d7c"
},
{
"name": "http://cgit.freedesktop.org/systemd/systemd/commit/?id=fc3c1c6e091ea16ad5600b145201ec535bbb5d7c",
"refsource": "CONFIRM",
"url": "http://cgit.freedesktop.org/systemd/systemd/commit/?id=fc3c1c6e091ea16ad5600b145201ec535bbb5d7c"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00030.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-02/msg00030.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=795853",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=795853"
"url": "http://www.osvdb.org/79768",
"refsource": "MISC",
"name": "http://www.osvdb.org/79768"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=747154",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=747154"
"url": "https://bugzilla.novell.com/show_bug.cgi?id=747154",
"refsource": "MISC",
"name": "https://bugzilla.novell.com/show_bug.cgi?id=747154"
},
{
"name": "79768",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/79768"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=795853",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=795853"
}
]
}

151
2012/0xxx/CVE-2012-0881.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-0881",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,62 +27,86 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[j-users] 20180503 [ANNOUNCEMENT]: Apache Xerces-J 2.12.0 now available",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73@%3Cj-users.xerces.apache.org%3E"
},
{
"name": "[oss-security] 20140708 Summer bug cleaning - some Hash DoS stuff",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/07/08/11"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities",
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "https://issues.apache.org/jira/browse/XERCESJ-1685",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/XERCESJ-1685"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=787104",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=787104"
},
{
"url": "https://www.oracle.com//security-alerts/cpujul2021.html",
"refsource": "MISC",
"name": "https://www.oracle.com//security-alerts/cpujul2021.html"
},
{
"refsource": "MLIST",
"name": "[hadoop-common-issues] 20210928 [GitHub] [hadoop] warrenzhu25 opened a new pull request #3496: HADOOP-17941. Update xerces to 2.12",
"url": "https://lists.apache.org/thread.html/rea7b831dceeb2a2fa817be6f63b08722042e3647fb2d47c144370a56@%3Ccommon-issues.hadoop.apache.org%3E"
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E"
},
{
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E"
},
{
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E"
},
{
"url": "http://www.openwall.com/lists/oss-security/2014/07/08/11",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/07/08/11"
},
{
"url": "https://issues.apache.org/jira/browse/XERCESJ-1685",
"refsource": "MISC",
"name": "https://issues.apache.org/jira/browse/XERCESJ-1685"
},
{
"url": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E"
},
{
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E"
},
{
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E"
},
{
"url": "https://lists.apache.org/thread.html/rea7b831dceeb2a2fa817be6f63b08722042e3647fb2d47c144370a56%40%3Ccommon-issues.hadoop.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rea7b831dceeb2a2fa817be6f63b08722042e3647fb2d47c144370a56%40%3Ccommon-issues.hadoop.apache.org%3E"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=787104",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=787104"
}
]
}

95
2012/0xxx/CVE-2012-0882.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-0882",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE."
"value": "Buffer overflow in yaSSL, as used in MySQL 5.5.20 and possibly other versions including 5.5.x before 5.5.22 and 5.1.x before 5.1.62, allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VulnDisco Pack Professional 9.17. NOTE: as of 20120224, this disclosure has no actionable information. However, because the module author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. NOTE: due to lack of details, it is not clear whether this issue is a duplicate of CVE-2012-0492 or another CVE."
}
]
},
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[Canvas] 20120223 VulnDisco MySQL 0day",
"refsource": "MLIST",
"url": "https://lists.immunityinc.com/pipermail/canvas/2012-February/000014.html"
},
{
"name": "[Canvas] 20120207 VulnDisco Pack Professional 9.17",
"refsource": "MLIST",
"url": "https://lists.immunityinc.com/pipermail/canvas/2012-February/000011.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=789141",
"url": "http://www.openwall.com/lists/oss-security/2012/02/24/2",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=789141"
"name": "http://www.openwall.com/lists/oss-security/2012/02/24/2"
},
{
"name": "[oss-security] 20120224 Re: MySQL 0-day - does it need a CVE?",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/02/24/2"
},
{
"name": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_0882buffer_overflow_vulnerability",
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_0882buffer_overflow_vulnerability",
"refsource": "MISC",
"url": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_0882buffer_overflow_vulnerability"
"name": "https://blogs.oracle.com/sunsecurity/entry/cve_2012_0882buffer_overflow_vulnerability"
},
{
"url": "https://lists.immunityinc.com/pipermail/canvas/2012-February/000011.html",
"refsource": "MISC",
"name": "https://lists.immunityinc.com/pipermail/canvas/2012-February/000011.html"
},
{
"url": "https://lists.immunityinc.com/pipermail/canvas/2012-February/000014.html",
"refsource": "MISC",
"name": "https://lists.immunityinc.com/pipermail/canvas/2012-February/000014.html"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=789141",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=789141"
}
]
}

79
2012/1xxx/CVE-2012-1101.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1101",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "systemd",
"product": {
"product_data": [
{
"product_name": "systemd",
"version": {
"version_data": [
{
"version_value": "37-1"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "systemd",
"product": {
"product_data": [
{
"product_name": "systemd",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "37-1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2012/03/05/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/05/4"
},
{
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662029",
"refsource": "MISC",
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662029"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1101",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1101"
},
{
"url": "https://cgit.freedesktop.org/systemd/systemd/commit/?id=9a46fc3b9014de1bf0ed1f3004a536b08a19ebb3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/05/4",
"url": "http://www.openwall.com/lists/oss-security/2012/03/05/4"
},
{
"refsource": "CONFIRM",
"name": "https://cgit.freedesktop.org/systemd/systemd/commit/?id=9a46fc3b9014de1bf0ed1f3004a536b08a19ebb3",
"url": "https://cgit.freedesktop.org/systemd/systemd/commit/?id=9a46fc3b9014de1bf0ed1f3004a536b08a19ebb3"
},
{
"refsource": "MISC",
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662029",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662029"
"name": "https://cgit.freedesktop.org/systemd/systemd/commit/?id=9a46fc3b9014de1bf0ed1f3004a536b08a19ebb3"
}
]
}

121
2012/1xxx/CVE-2012-1121.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1121",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,62 +27,86 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "52313",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52313"
"url": "http://secunia.com/advisories/51199",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51199"
},
{
"name": "https://github.com/mantisbt/mantisbt/commit/9443258724e84cb388aa1865b775beaecd80596d",
"refsource": "CONFIRM",
"url": "https://github.com/mantisbt/mantisbt/commit/9443258724e84cb388aa1865b775beaecd80596d"
"url": "http://security.gentoo.org/glsa/glsa-201211-01.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201211-01.xml"
},
{
"name": "FEDORA-2012-18299",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html"
},
{
"name": "GLSA-201211-01",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201211-01.xml"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html"
},
{
"name": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=140",
"refsource": "CONFIRM",
"url": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=140"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html"
},
{
"name": "http://www.mantisbt.org/bugs/view.php?id=13561",
"refsource": "CONFIRM",
"url": "http://www.mantisbt.org/bugs/view.php?id=13561"
"url": "http://secunia.com/advisories/48258",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48258"
},
{
"name": "51199",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51199"
"url": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=140",
"refsource": "MISC",
"name": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=140"
},
{
"name": "FEDORA-2012-18294",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html"
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/06/9"
},
{
"name": "[oss-security] 20120306 Re: CVE request: mantisbt before 1.2.9",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/9"
"url": "http://www.securityfocus.com/bid/52313",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/52313"
},
{
"name": "FEDORA-2012-18273",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html"
"url": "http://www.mantisbt.org/bugs/view.php?id=13561",
"refsource": "MISC",
"name": "http://www.mantisbt.org/bugs/view.php?id=13561"
},
{
"name": "48258",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48258"
"url": "https://github.com/mantisbt/mantisbt/commit/9443258724e84cb388aa1865b775beaecd80596d",
"refsource": "MISC",
"name": "https://github.com/mantisbt/mantisbt/commit/9443258724e84cb388aa1865b775beaecd80596d"
}
]
}

133
2012/1xxx/CVE-2012-1122.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1122",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,72 +27,96 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "52313",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52313"
"url": "http://secunia.com/advisories/51199",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51199"
},
{
"name": "FEDORA-2012-18299",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html"
"url": "http://security.gentoo.org/glsa/glsa-201211-01.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201211-01.xml"
},
{
"name": "DSA-2500",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2500"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html"
},
{
"name": "GLSA-201211-01",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201211-01.xml"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html"
},
{
"name": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=140",
"refsource": "CONFIRM",
"url": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=140"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html"
},
{
"name": "49572",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49572"
"url": "http://secunia.com/advisories/48258",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48258"
},
{
"name": "51199",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51199"
"url": "http://secunia.com/advisories/49572",
"refsource": "MISC",
"name": "http://secunia.com/advisories/49572"
},
{
"name": "https://github.com/mantisbt/mantisbt/commit/0da3f7ace233208eb3c8d628cc2fd6e56d83839f",
"refsource": "CONFIRM",
"url": "https://github.com/mantisbt/mantisbt/commit/0da3f7ace233208eb3c8d628cc2fd6e56d83839f"
"url": "http://www.debian.org/security/2012/dsa-2500",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2500"
},
{
"name": "FEDORA-2012-18294",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html"
"url": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=140",
"refsource": "MISC",
"name": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=140"
},
{
"name": "http://www.mantisbt.org/bugs/view.php?id=13748",
"refsource": "CONFIRM",
"url": "http://www.mantisbt.org/bugs/view.php?id=13748"
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/06/9"
},
{
"name": "[oss-security] 20120306 Re: CVE request: mantisbt before 1.2.9",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/06/9"
"url": "http://www.securityfocus.com/bid/52313",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/52313"
},
{
"name": "FEDORA-2012-18273",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html"
"url": "http://www.mantisbt.org/bugs/view.php?id=13748",
"refsource": "MISC",
"name": "http://www.mantisbt.org/bugs/view.php?id=13748"
},
{
"name": "48258",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48258"
"url": "https://github.com/mantisbt/mantisbt/commit/0da3f7ace233208eb3c8d628cc2fd6e56d83839f",
"refsource": "MISC",
"name": "https://github.com/mantisbt/mantisbt/commit/0da3f7ace233208eb3c8d628cc2fd6e56d83839f"
}
]
}

59
2012/1xxx/CVE-2012-1131.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2012-1131 freetype: incorrect type cast allowing input sanity check bypass in ft_smooth_render_generic() (#35604)"
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via vectors related to the cell table of a font."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.2.1-31.el5_8.1",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.3.11-6.el6_2.9",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -175,46 +163,11 @@
"refsource": "MISC",
"name": "http://secunia.com/advisories/48918"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:0467",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:0467"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-1131",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-1131"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800589",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=800589"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}
}

59
2012/1xxx/CVE-2012-1132.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2012-1132 freetype: heap buffer over-read in Type1 parser parse_subrs() (#35606)"
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted dictionary data in a Type 1 font."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read",
"cweId": "CWE-125"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.2.1-31.el5_8.1",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.3.11-6.el6_2.9",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -175,46 +163,11 @@
"refsource": "MISC",
"name": "http://secunia.com/advisories/48918"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:0467",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:0467"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-1132",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-1132"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800590",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=800590"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}
}

59
2012/1xxx/CVE-2012-1141.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2012-1141 freetype: BDF parser _bdf_list_split() fails to properly initialize field array (#35658)"
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted ASCII string in a BDF font."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read",
"cweId": "CWE-125"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.2.1-31.el5_8.1",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.3.11-6.el6_2.9",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -175,46 +163,11 @@
"refsource": "MISC",
"name": "http://secunia.com/advisories/48918"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:0467",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:0467"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-1141",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-1141"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800602",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=800602"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}
}

59
2012/1xxx/CVE-2012-1142.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2012-1142 freetype: incorrect computation of number of glyphs in FNT_Face_Init() for FNT/FON files (#35659)"
"value": "FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outline data in a font."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write",
"cweId": "CWE-787"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.2.1-31.el5_8.1",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.3.11-6.el6_2.9",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -175,11 +163,6 @@
"refsource": "MISC",
"name": "http://secunia.com/advisories/48918"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:0467",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:0467"
},
{
"url": "http://secunia.com/advisories/48300",
"refsource": "MISC",
@ -190,41 +173,11 @@
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2428"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-1142",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-1142"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=800604",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=800604"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}
}

165
2012/1xxx/CVE-2012-1151.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1151",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,82 +27,106 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120309 Re: CVE Request -- libdbd-pg-perl / perl-DBD-Pg && libyaml-libyaml-perl / perl-YAML-LibYAML: Multiple format string flaws",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/10/4"
},
{
"name": "MDVSA-2012:112",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:112"
},
{
"name": "dbdpg-pgwarn-format-string(73854)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73854"
},
{
"name": "48307",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48307"
},
{
"name": "RHSA-2012:1116",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1116.html"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661536",
"url": "http://www.openwall.com/lists/oss-security/2012/03/09/6",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661536"
"name": "http://www.openwall.com/lists/oss-security/2012/03/09/6"
},
{
"name": "http://cpansearch.perl.org/src/TURNSTEP/DBD-Pg-2.19.1/Changes",
"refsource": "CONFIRM",
"url": "http://cpansearch.perl.org/src/TURNSTEP/DBD-Pg-2.19.1/Changes"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=801733",
"url": "http://www.openwall.com/lists/oss-security/2012/03/10/4",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=801733"
"name": "http://www.openwall.com/lists/oss-security/2012/03/10/4"
},
{
"name": "[oss-security] 20120309 CVE Request -- libdbd-pg-perl / perl-DBD-Pg && libyaml-libyaml-perl / perl-YAML-LibYAML: Multiple format string flaws",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/09/6"
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661536",
"refsource": "MISC",
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661536"
},
{
"name": "48319",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48319"
"url": "http://cpansearch.perl.org/src/TURNSTEP/DBD-Pg-2.19.1/Changes",
"refsource": "MISC",
"name": "http://cpansearch.perl.org/src/TURNSTEP/DBD-Pg-2.19.1/Changes"
},
{
"name": "dbdpg-dbdstprepare-format-string(73855)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73855"
"url": "http://rhn.redhat.com/errata/RHSA-2012-1116.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1116.html"
},
{
"name": "GLSA-201204-08",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201204-08.xml"
"url": "http://secunia.com/advisories/48307",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48307"
},
{
"name": "DSA-2431",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2431"
"url": "http://secunia.com/advisories/48319",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48319"
},
{
"name": "48824",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48824"
"url": "http://secunia.com/advisories/48824",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48824"
},
{
"name": "https://rt.cpan.org/Public/Bug/Display.html?id=75642",
"refsource": "CONFIRM",
"url": "https://rt.cpan.org/Public/Bug/Display.html?id=75642"
"url": "http://security.gentoo.org/glsa/glsa-201204-08.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201204-08.xml"
},
{
"url": "http://www.debian.org/security/2012/dsa-2431",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2431"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:112",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:112"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73854",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73854"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73855",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73855"
},
{
"url": "https://rt.cpan.org/Public/Bug/Display.html?id=75642",
"refsource": "MISC",
"name": "https://rt.cpan.org/Public/Bug/Display.html?id=75642"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=801733",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=801733"
}
]
}

191
2012/1xxx/CVE-2012-1152.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1152",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,87 +27,111 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120309 Re: CVE Request -- libdbd-pg-perl / perl-DBD-Pg && libyaml-libyaml-perl / perl-YAML-LibYAML: Multiple format string flaws",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/10/4"
},
{
"name": "openSUSE-SU-2012:1000",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00029.html"
},
{
"name": "FEDORA-2012-4997",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077004.html"
},
{
"name": "48317",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48317"
},
{
"name": "FEDORA-2012-5035",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077023.html"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661548",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661548",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661548"
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661548"
},
{
"name": "openSUSE-SU-2015:0319",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00078.html"
},
{
"name": "52381",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52381"
},
{
"name": "yaml-load-format-string(73856)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73856"
},
{
"name": "50277",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50277"
},
{
"name": "[oss-security] 20120309 CVE Request -- libdbd-pg-perl / perl-DBD-Pg && libyaml-libyaml-perl / perl-YAML-LibYAML: Multiple format string flaws",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/09/6"
},
{
"name": "FEDORA-2012-4871",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077782.html"
},
{
"name": "https://rt.cpan.org/Public/Bug/Display.html?id=75365",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077004.html",
"refsource": "MISC",
"url": "https://rt.cpan.org/Public/Bug/Display.html?id=75365"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077004.html"
},
{
"name": "https://rt.cpan.org/Public/Bug/Display.html?id=46507",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077023.html",
"refsource": "MISC",
"url": "https://rt.cpan.org/Public/Bug/Display.html?id=46507"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077023.html"
},
{
"name": "DSA-2432",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2432"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=801738",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077782.html",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=801738"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077782.html"
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00029.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2012-08/msg00029.html"
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00078.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00078.html"
},
{
"url": "http://secunia.com/advisories/48317",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48317"
},
{
"url": "http://secunia.com/advisories/50277",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50277"
},
{
"url": "http://www.debian.org/security/2012/dsa-2432",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2432"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/03/09/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/09/6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/03/10/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/10/4"
},
{
"url": "http://www.securityfocus.com/bid/52381",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/52381"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73856",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73856"
},
{
"url": "https://rt.cpan.org/Public/Bug/Display.html?id=46507",
"refsource": "MISC",
"name": "https://rt.cpan.org/Public/Bug/Display.html?id=46507"
},
{
"url": "https://rt.cpan.org/Public/Bug/Display.html?id=75365",
"refsource": "MISC",
"name": "https://rt.cpan.org/Public/Bug/Display.html?id=75365"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=801738",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=801738"
}
]
}

92
2012/1xxx/CVE-2012-1161.json
View File

@ -1,38 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1161",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Moodle",
"product": {
"product_data": [
{
"product_name": "Moodle",
"version": {
"version_data": [
{
"version_value": "2.2 to 2.2.1+"
},
{
"version_value": "2.1 to 2.1.4+"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -53,17 +27,45 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Moodle",
"product": {
"product_data": [
{
"product_name": "Moodle",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.2 to 2.2.1+"
},
{
"version_affected": "=",
"version_value": "2.1 to 2.1.4+"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078209.html"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html",
@ -71,14 +73,14 @@
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078210.html"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1161",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2012-1161"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1161",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1161"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081047.html"
},
{
"url": "https://access.redhat.com/security/cve/cve-2012-1161",
@ -86,19 +88,19 @@
"name": "https://access.redhat.com/security/cve/cve-2012-1161"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1161",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-April/077635.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1161"
},
{
"url": "https://moodle.org/mod/forum/discuss.php?d=198630",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080712.html"
"name": "https://moodle.org/mod/forum/discuss.php?d=198630"
},
{
"refsource": "CONFIRM",
"name": "https://moodle.org/mod/forum/discuss.php?d=198630",
"url": "https://moodle.org/mod/forum/discuss.php?d=198630"
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1161",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2012-1161"
}
]
}

85
2012/1xxx/CVE-2012-1171.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1171",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=802591",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=802591"
},
{
"name": "https://github.com/php/php-src/blob/master/ext/libxml/tests/bug61367-write.phpt",
"refsource": "CONFIRM",
"url": "https://github.com/php/php-src/blob/master/ext/libxml/tests/bug61367-write.phpt"
},
{
"name": "https://bugs.php.net/bug.php?id=61367",
"url": "https://bugs.php.net/bug.php?id=61367",
"refsource": "MISC",
"url": "https://bugs.php.net/bug.php?id=61367"
"name": "https://bugs.php.net/bug.php?id=61367"
},
{
"name": "https://github.com/php/php-src/blob/master/ext/libxml/tests/bug61367-read.phpt",
"refsource": "CONFIRM",
"url": "https://github.com/php/php-src/blob/master/ext/libxml/tests/bug61367-read.phpt"
"url": "https://github.com/php/php-src/blob/master/ext/libxml/tests/bug61367-read.phpt",
"refsource": "MISC",
"name": "https://github.com/php/php-src/blob/master/ext/libxml/tests/bug61367-read.phpt"
},
{
"url": "https://github.com/php/php-src/blob/master/ext/libxml/tests/bug61367-write.phpt",
"refsource": "MISC",
"name": "https://github.com/php/php-src/blob/master/ext/libxml/tests/bug61367-write.phpt"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=802591",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=802591"
}
]
}

97
2012/1xxx/CVE-2012-1181.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1181",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,42 +27,66 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120315 Re: CVE-request: apache's mod-fcgid does not respect configured FcgidMaxProcessesPerClass in VirtualHost",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/16/2"
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=615814",
"refsource": "MISC",
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=615814"
},
{
"name": "apache-modfcgid-dos(74181)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74181"
"url": "http://www.debian.org/security/2012/dsa-2436",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2436"
},
{
"name": "DSA-2436",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2436"
"url": "http://www.openwall.com/lists/oss-security/2012/03/15/10",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/15/10"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=615814",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=615814"
"url": "http://www.openwall.com/lists/oss-security/2012/03/16/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/16/2"
},
{
"name": "52565",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52565"
"url": "http://www.securityfocus.com/bid/52565",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/52565"
},
{
"name": "https://issues.apache.org/bugzilla/show_bug.cgi?id=49902",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=49902"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74181",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74181"
},
{
"name": "[oss-security] 20120315 CVE-request: apache's mod-fcgid does not respect configured FcgidMaxProcessesPerClass in VirtualHost",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/15/10"
"url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=49902",
"refsource": "MISC",
"name": "https://issues.apache.org/bugzilla/show_bug.cgi?id=49902"
}
]
}

65
2012/1xxx/CVE-2012-1572.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1572",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "keystone",
"product": {
"product_data": [
{
"product_name": "Keystone",
"version": {
"version_data": [
{
"version_value": "2014.1.3"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,17 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "keystone",
"product": {
"product_data": [
{
"product_name": "Keystone",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2014.1.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1572",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2012-1572"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1572",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1572"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1572",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2012-1572"
}
]
}

103
2012/1xxx/CVE-2012-1581.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1581",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.wikimedia.org/show_bug.cgi?id=35078",
"refsource": "CONFIRM",
"url": "https://bugzilla.wikimedia.org/show_bug.cgi?id=35078"
"url": "http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-March/000109.html",
"refsource": "MISC",
"name": "http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-March/000109.html"
},
{
"name": "[oss-security] 20120323 CVEs for MediaWiki security and maintenance release 1.18.2",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/24/1"
"url": "http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-March/000110.html",
"refsource": "MISC",
"name": "http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-March/000110.html"
},
{
"name": "[MediaWiki-announce] 20120322 MediaWiki security and maintenance release 1.18.2",
"refsource": "MLIST",
"url": "http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-March/000110.html"
"url": "http://secunia.com/advisories/48504",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48504"
},
{
"name": "48504",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48504"
"url": "http://www.openwall.com/lists/oss-security/2012/03/22/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/22/9"
},
{
"name": "mediawiki-random-numbers-sec-bypass(78910)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78910"
"url": "http://www.openwall.com/lists/oss-security/2012/03/24/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/24/1"
},
{
"name": "[MediaWiki-announce] 20120322 MediaWiki security and maintenance release 1.17.3",
"refsource": "MLIST",
"url": "http://lists.wikimedia.org/pipermail/mediawiki-announce/2012-March/000109.html"
"url": "http://www.securityfocus.com/bid/52689",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/52689"
},
{
"name": "[oss-security] 20120322 MediaWiki security and maintenance release 1.18.2",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/22/9"
"url": "https://bugzilla.wikimedia.org/show_bug.cgi?id=35078",
"refsource": "MISC",
"name": "https://bugzilla.wikimedia.org/show_bug.cgi?id=35078"
},
{
"name": "52689",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52689"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78910",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78910"
}
]
}

91
2012/1xxx/CVE-2012-1592.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1592",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "libstruts1.2-java",
"version": {
"version_data": [
{
"version_value": "1.2-"
}
]
}
}
]
},
"vendor_name": "libstruts1.2-java"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,17 +27,36 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "libstruts1.2-java",
"product": {
"product_data": [
{
"product_name": "libstruts1.2-java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.2-"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1592",
"url": "http://www.openwall.com/lists/oss-security/2012/03/28/12",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2012-1592"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1592",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1592"
"name": "http://www.openwall.com/lists/oss-security/2012/03/28/12"
},
{
"url": "https://access.redhat.com/security/cve/cve-2012-1592",
@ -68,24 +64,29 @@
"name": "https://access.redhat.com/security/cve/cve-2012-1592"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1592",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/28/12",
"url": "http://www.openwall.com/lists/oss-security/2012/03/28/12"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1592"
},
{
"refsource": "MLIST",
"name": "[struts-issues] 20200122 [jira] [Created] (WW-5055) Fix for security vulnerability CVE-2012-1592 identified in the National Vulnerability Database",
"url": "https://lists.apache.org/thread.html/r348ed455a140273c40b974f0615dee692f7c9b26c6de2118b4280ef2@%3Cissues.struts.apache.org%3E"
"url": "https://lists.apache.org/thread.html/r348ed455a140273c40b974f0615dee692f7c9b26c6de2118b4280ef2%40%3Cissues.struts.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r348ed455a140273c40b974f0615dee692f7c9b26c6de2118b4280ef2%40%3Cissues.struts.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[struts-issues] 20200123 [jira] [Closed] (WW-5055) Fix for security vulnerability CVE-2012-1592 identified in the National Vulnerability Database",
"url": "https://lists.apache.org/thread.html/r93c4e3f6cb138cd117c739714f07e47af547183ba099ba46be2b2a5b@%3Cissues.struts.apache.org%3E"
"url": "https://lists.apache.org/thread.html/r593ebb2f4c95b064e6901fd273eff256c493db952bdb484395948ffc%40%3Cissues.struts.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r593ebb2f4c95b064e6901fd273eff256c493db952bdb484395948ffc%40%3Cissues.struts.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[struts-issues] 20200903 [jira] [Commented] (WW-5055) Fix for security vulnerability CVE-2012-1592 identified in the National Vulnerability Database",
"url": "https://lists.apache.org/thread.html/r593ebb2f4c95b064e6901fd273eff256c493db952bdb484395948ffc@%3Cissues.struts.apache.org%3E"
"url": "https://lists.apache.org/thread.html/r93c4e3f6cb138cd117c739714f07e47af547183ba099ba46be2b2a5b%40%3Cissues.struts.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r93c4e3f6cb138cd117c739714f07e47af547183ba099ba46be2b2a5b%40%3Cissues.struts.apache.org%3E"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2012-1592",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2012-1592"
}
]
}

121
2012/1xxx/CVE-2012-1601.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1601",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,62 +27,86 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://github.com/torvalds/linux/commit/9c895160d25a76c21b65bad141b08e8d4f99afef",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/9c895160d25a76c21b65bad141b08e8d4f99afef"
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"
},
{
"name": "SUSE-SU-2012:1679",
"refsource": "SUSE",
"url": "https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html"
"url": "http://rhn.redhat.com/errata/RHSA-2012-0571.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-0571.html"
},
{
"name": "DSA-2469",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2469"
"url": "http://www.debian.org/security/2012/dsa-2469",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2469"
},
{
"name": "[oss-security] 20120329 Re: CVE request -- kernel: kvm: irqchip_in_kernel() and vcpu->arch.apic inconsistency",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/30/1"
"url": "https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html",
"refsource": "MISC",
"name": "https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html"
},
{
"name": "RHSA-2012:0571",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0571.html"
"url": "http://rhn.redhat.com/errata/RHSA-2012-0676.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-0676.html"
},
{
"name": "1026897",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026897"
"url": "http://secunia.com/advisories/49928",
"refsource": "MISC",
"name": "http://secunia.com/advisories/49928"
},
{
"name": "openSUSE-SU-2013:0925",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.6",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.6"
},
{
"name": "49928",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49928"
"url": "http://www.openwall.com/lists/oss-security/2012/03/30/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/03/30/1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=808199",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=808199"
"url": "http://www.securitytracker.com/id?1026897",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1026897"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.6",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.6"
"url": "https://github.com/torvalds/linux/commit/9c895160d25a76c21b65bad141b08e8d4f99afef",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/9c895160d25a76c21b65bad141b08e8d4f99afef"
},
{
"name": "RHSA-2012:0676",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0676.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=808199",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=808199"
}
]
}

123
2012/2xxx/CVE-2012-2091.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2091",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,52 +27,76 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "48780",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48780"
},
{
"name": "FEDORA-2012-8615",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082017.html"
},
{
"name": "[oss-security] 20120410 Re: CVE Request: FlightGear and Simgear Multiple vulnerabilities",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/10/13"
},
{
"name": "FEDORA-2012-8650",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082002.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=811617",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081997.html",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=811617"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081997.html"
},
{
"name": "GLSA-201603-12",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-12"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082002.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082002.html"
},
{
"name": "[Flightgear-devel] 20120320 Re: Flightgear and Simgear multiple format string vulnerabilities",
"refsource": "MLIST",
"url": "http://sourceforge.net/mailarchive/message.php?msg_id=29012174"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082017.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082017.html"
},
{
"name": "FEDORA-2012-8647",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081997.html"
"url": "http://secunia.com/advisories/48780",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48780"
},
{
"name": "[Flightgear-devel] 20120309 Flightgear and Simgear multiple format string vulnerabilities",
"refsource": "MLIST",
"url": "http://sourceforge.net/mailarchive/message.php?msg_id=28957051"
"url": "http://sourceforge.net/mailarchive/message.php?msg_id=28957051",
"refsource": "MISC",
"name": "http://sourceforge.net/mailarchive/message.php?msg_id=28957051"
},
{
"url": "http://sourceforge.net/mailarchive/message.php?msg_id=29012174",
"refsource": "MISC",
"name": "http://sourceforge.net/mailarchive/message.php?msg_id=29012174"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/04/10/13",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/04/10/13"
},
{
"url": "https://security.gentoo.org/glsa/201603-12",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201603-12"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=811617",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=811617"
}
]
}

127
2012/2xxx/CVE-2012-2101.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2101",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,67 +27,91 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://github.com/openstack/nova/commit/1f644d210557b1254f7c7b39424b09a45329ade7",
"refsource": "CONFIRM",
"url": "https://github.com/openstack/nova/commit/1f644d210557b1254f7c7b39424b09a45329ade7"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079434.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079434.html"
},
{
"name": "81641",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/81641"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079551.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079551.html"
},
{
"name": "https://github.com/openstack/nova/commit/8c8735a73afb16d5856f0aa6088e9ae406c52beb",
"refsource": "CONFIRM",
"url": "https://github.com/openstack/nova/commit/8c8735a73afb16d5856f0aa6088e9ae406c52beb"
"url": "http://secunia.com/advisories/49034",
"refsource": "MISC",
"name": "http://secunia.com/advisories/49034"
},
{
"name": "USN-1438-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-1438-1"
"url": "http://secunia.com/advisories/49048",
"refsource": "MISC",
"name": "http://secunia.com/advisories/49048"
},
{
"name": "[openstack] 20120419 [OSSA 2012-005] No quota enforced on security group rules",
"refsource": "MLIST",
"url": "https://lists.launchpad.net/openstack/msg10268.html"
"url": "http://ubuntu.com/usn/usn-1438-1",
"refsource": "MISC",
"name": "http://ubuntu.com/usn/usn-1438-1"
},
{
"name": "nova-quotas-dos(75243)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75243"
"url": "http://www.osvdb.org/81641",
"refsource": "MISC",
"name": "http://www.osvdb.org/81641"
},
{
"name": "FEDORA-2012-6365",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079434.html"
"url": "https://bugs.launchpad.net/nova/+bug/969545",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/nova/+bug/969545"
},
{
"name": "https://github.com/openstack/nova/commit/a67db4586f70ed881d65e80035b2a25be195ce64",
"refsource": "CONFIRM",
"url": "https://github.com/openstack/nova/commit/a67db4586f70ed881d65e80035b2a25be195ce64"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75243",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75243"
},
{
"name": "FEDORA-2012-6273",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079551.html"
"url": "https://github.com/openstack/nova/commit/1f644d210557b1254f7c7b39424b09a45329ade7",
"refsource": "MISC",
"name": "https://github.com/openstack/nova/commit/1f644d210557b1254f7c7b39424b09a45329ade7"
},
{
"name": "49048",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49048"
"url": "https://github.com/openstack/nova/commit/8c8735a73afb16d5856f0aa6088e9ae406c52beb",
"refsource": "MISC",
"name": "https://github.com/openstack/nova/commit/8c8735a73afb16d5856f0aa6088e9ae406c52beb"
},
{
"name": "https://bugs.launchpad.net/nova/+bug/969545",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/nova/+bug/969545"
"url": "https://github.com/openstack/nova/commit/a67db4586f70ed881d65e80035b2a25be195ce64",
"refsource": "MISC",
"name": "https://github.com/openstack/nova/commit/a67db4586f70ed881d65e80035b2a25be195ce64"
},
{
"name": "49034",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49034"
"url": "https://lists.launchpad.net/openstack/msg10268.html",
"refsource": "MISC",
"name": "https://lists.launchpad.net/openstack/msg10268.html"
}
]
}

186
2012/2xxx/CVE-2012-2111.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2111",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,117 +27,136 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "USN-1434-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1434-1"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079662.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079662.html"
},
{
"name": "81648",
"refsource": "OSVDB",
"url": "http://osvdb.org/81648"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079670.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079670.html"
},
{
"name": "SUSE-SU-2012:0591",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00003.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079677.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079677.html"
},
{
"name": "MDVSA-2012:067",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:067"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00023.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00023.html"
},
{
"name": "48996",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48996"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00001.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00001.html"
},
{
"name": "FEDORA-2012-6981",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079662.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00003.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00003.html"
},
{
"name": "49017",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49017"
"url": "http://marc.info/?l=bugtraq&m=134323086902585&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=134323086902585&w=2"
},
{
"name": "1026988",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026988"
"url": "http://osvdb.org/81648",
"refsource": "MISC",
"name": "http://osvdb.org/81648"
},
{
"name": "HPSBUX02789",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=134323086902585&w=2"
"url": "http://rhn.redhat.com/errata/RHSA-2012-0533.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-0533.html"
},
{
"name": "http://www.samba.org/samba/security/CVE-2012-2111",
"refsource": "CONFIRM",
"url": "http://www.samba.org/samba/security/CVE-2012-2111"
"url": "http://secunia.com/advisories/48976",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48976"
},
{
"name": "48976",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48976"
"url": "http://secunia.com/advisories/48984",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48984"
},
{
"name": "openSUSE-SU-2012:0583",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00001.html"
"url": "http://secunia.com/advisories/48996",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48996"
},
{
"name": "FEDORA-2012-6999",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079670.html"
"url": "http://secunia.com/advisories/48999",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48999"
},
{
"name": "49030",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49030"
"url": "http://secunia.com/advisories/49017",
"refsource": "MISC",
"name": "http://secunia.com/advisories/49017"
},
{
"name": "FEDORA-2012-7006",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079677.html"
"url": "http://secunia.com/advisories/49030",
"refsource": "MISC",
"name": "http://secunia.com/advisories/49030"
},
{
"name": "http://www.collax.com/produkte/AllinOne-server-for-small-businesses#id2565578",
"refsource": "CONFIRM",
"url": "http://www.collax.com/produkte/AllinOne-server-for-small-businesses#id2565578"
"url": "http://www.collax.com/produkte/AllinOne-server-for-small-businesses#id2565578",
"refsource": "MISC",
"name": "http://www.collax.com/produkte/AllinOne-server-for-small-businesses#id2565578"
},
{
"name": "48984",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48984"
"url": "http://www.debian.org/security/2012/dsa-2463",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2463"
},
{
"name": "48999",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48999"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:067",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:067"
},
{
"name": "SUSE-SU-2012:0573",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00023.html"
"url": "http://www.samba.org/samba/security/CVE-2012-2111",
"refsource": "MISC",
"name": "http://www.samba.org/samba/security/CVE-2012-2111"
},
{
"name": "DSA-2463",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2463"
"url": "http://www.securitytracker.com/id?1026988",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1026988"
},
{
"name": "SSRT100824",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=134323086902585&w=2"
},
{
"name": "RHSA-2012:0533",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0533.html"
"url": "http://www.ubuntu.com/usn/USN-1434-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1434-1"
}
]
}

121
2012/2xxx/CVE-2012-2121.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2121",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,62 +27,86 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "50732",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50732"
"url": "http://www.ubuntu.com/usn/USN-2036-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2036-1"
},
{
"name": "RHSA-2012:0743",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0743.html"
"url": "http://www.ubuntu.com/usn/USN-2037-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2037-1"
},
{
"name": "1027083",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027083"
"url": "http://secunia.com/advisories/50732",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50732"
},
{
"name": "[oss-security] 20120419 Re: CVE request -- kernel: kvm: device assignment page leak",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/19/16"
"url": "http://www.ubuntu.com/usn/USN-1577-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1577-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=814149",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=814149"
"url": "http://rhn.redhat.com/errata/RHSA-2012-0743.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-0743.html"
},
{
"name": "https://github.com/torvalds/linux/commit/09ca8e1173bcb12e2a449698c9ae3b86a8a10195",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/09ca8e1173bcb12e2a449698c9ae3b86a8a10195"
"url": "http://rhn.redhat.com/errata/RHSA-2012-0676.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-0676.html"
},
{
"name": "USN-1577-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1577-1"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.4",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.4"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.4",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.4"
"url": "http://www.openwall.com/lists/oss-security/2012/04/19/16",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/04/19/16"
},
{
"name": "USN-2036-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2036-1"
"url": "http://www.securitytracker.com/id?1027083",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1027083"
},
{
"name": "USN-2037-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2037-1"
"url": "https://github.com/torvalds/linux/commit/09ca8e1173bcb12e2a449698c9ae3b86a8a10195",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/09ca8e1173bcb12e2a449698c9ae3b86a8a10195"
},
{
"name": "RHSA-2012:0676",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0676.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=814149",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=814149"
}
]
}

97
2012/2xxx/CVE-2012-2132.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2132",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,42 +27,66 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120424 Re: CVE Request: libsoup 2.32.2 sets ssl trusted flag despite no verification",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/24/13"
"url": "http://www.openwall.com/lists/oss-security/2012/04/24/13",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/04/24/13"
},
{
"name": "53232",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53232"
"url": "http://www.openwall.com/lists/oss-security/2012/04/24/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/04/24/3"
},
{
"name": "[oss-security] 20120424 CVE Request: libsoup 2.32.2 sets ssl trusted flag despite no verification",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/24/3"
"url": "http://www.openwall.com/lists/oss-security/2012/04/30/7",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/04/30/7"
},
{
"name": "[oss-security] 20120430 Re: CVE Request: libsoup 2.32.2 sets ssl trusted flag despite no verification",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/30/7"
"url": "http://www.openwall.com/lists/oss-security/2012/05/02/8",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/05/02/8"
},
{
"name": "libsoup-ssl-poofing(75167)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75167"
"url": "http://www.securityfocus.com/bid/53232",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/53232"
},
{
"name": "[oss-security] 20120502 Re: CVE Request: libsoup 2.32.2 sets ssl trusted flag despite no verification",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/05/02/8"
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=666280",
"refsource": "MISC",
"name": "https://bugzilla.gnome.org/show_bug.cgi?id=666280"
},
{
"name": "https://bugzilla.gnome.org/show_bug.cgi?id=666280",
"refsource": "CONFIRM",
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=666280"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75167",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75167"
}
]
}

161
2012/2xxx/CVE-2012-2141.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2141",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,67 +27,91 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120426 Re: CVE Request -- net-snmp: Array index error, leading to out-of heap-based buffer read (snmpd crash)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/26/3"
},
{
"name": "RHSA-2013:0124",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0124.html"
},
{
"name": "netsnmp-snmpget-dos(75169)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75169"
},
{
"name": "1026984",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026984"
},
{
"name": "59974",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59974"
},
{
"name": "http://support.citrix.com/article/CTX139049",
"refsource": "CONFIRM",
"url": "http://support.citrix.com/article/CTX139049"
},
{
"name": "[oss-security] 20120426 CVE Request -- net-snmp: Array index error, leading to out-of heap-based buffer read (snmpd crash)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/04/26/2"
},
{
"name": "GLSA-201409-02",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-201409-02.xml"
},
{
"name": "53258",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53258"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=815813",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0124.html",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=815813"
"name": "http://rhn.redhat.com/errata/RHSA-2013-0124.html"
},
{
"name": "53255",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53255"
"url": "http://secunia.com/advisories/48938",
"refsource": "MISC",
"name": "http://secunia.com/advisories/48938"
},
{
"name": "48938",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48938"
"url": "http://secunia.com/advisories/59974",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59974"
},
{
"url": "http://support.citrix.com/article/CTX139049",
"refsource": "MISC",
"name": "http://support.citrix.com/article/CTX139049"
},
{
"url": "http://www.gentoo.org/security/en/glsa/glsa-201409-02.xml",
"refsource": "MISC",
"name": "http://www.gentoo.org/security/en/glsa/glsa-201409-02.xml"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/04/26/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/04/26/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/04/26/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/04/26/3"
},
{
"url": "http://www.securityfocus.com/bid/53255",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/53255"
},
{
"url": "http://www.securityfocus.com/bid/53258",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/53258"
},
{
"url": "http://www.securitytracker.com/id?1026984",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1026984"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75169",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75169"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=815813",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=815813"
}
]
}

33
2012/2xxx/CVE-2012-2142.json
View File

@ -1,12 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2142",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -39,6 +39,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "before 0.21.4"
}
]
@ -53,34 +54,34 @@
"references": {
"reference_data": [
{
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=71bad47ed6a36d825b0d08992c8db56845c71e40",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/08/09/6",
"url": "http://www.openwall.com/lists/oss-security/2013/08/09/6"
"name": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=71bad47ed6a36d825b0d08992c8db56845c71e40"
},
{
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/NEWS?id=2bc48d5369f1dbecfc4db2878f33bdeb80d8d90f",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/08/09/5",
"url": "http://www.openwall.com/lists/oss-security/2013/08/09/5"
"name": "http://cgit.freedesktop.org/poppler/poppler/commit/NEWS?id=2bc48d5369f1dbecfc4db2878f33bdeb80d8d90f"
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00049.html",
"refsource": "MISC",
"name": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=71bad47ed6a36d825b0d08992c8db56845c71e40",
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=71bad47ed6a36d825b0d08992c8db56845c71e40"
"name": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00049.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/08/09/5",
"refsource": "MISC",
"name": "http://cgit.freedesktop.org/poppler/poppler/commit/NEWS?id=2bc48d5369f1dbecfc4db2878f33bdeb80d8d90f",
"url": "http://cgit.freedesktop.org/poppler/poppler/commit/NEWS?id=2bc48d5369f1dbecfc4db2878f33bdeb80d8d90f"
"name": "http://www.openwall.com/lists/oss-security/2013/08/09/5"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/08/09/6",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=789936",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=789936"
"name": "http://www.openwall.com/lists/oss-security/2013/08/09/6"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=789936",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00049.html",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00049.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=789936"
}
]
}

207
2012/2xxx/CVE-2012-2311.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2311",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823."
"value": "sapi/cgi/cgi_main.c in PHP before 5.3.13 and 5.4.x before 5.4.3, when configured as a CGI script (aka php-cgi), does not properly handle query strings that contain a %3D sequence but no = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain php_getopt for the 'd' case. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1823."
}
]
},
@ -50,102 +27,116 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "SSRT100856",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=134012830914727&w=2"
},
{
"name": "SUSE-SU-2012:0604",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html"
},
{
"name": "1027022",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027022"
},
{
"name": "openSUSE-SU-2012:0590",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html"
},
{
"name": "https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff-fix-check.patch&revision=1336093719&display=1",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff-fix-check.patch&revision=1336093719&display=1"
},
{
"name": "49014",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49014"
},
{
"name": "SUSE-SU-2012:0598",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html"
},
{
"name": "https://bugs.php.net/bug.php?id=61910",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=61910"
},
{
"name": "http://www.php.net/archive/2012.php#id2012-05-08-1",
"refsource": "CONFIRM",
"url": "http://www.php.net/archive/2012.php#id2012-05-08-1"
},
{
"name": "APPLE-SA-2012-09-19-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"
},
{
"name": "http://support.apple.com/kb/HT5501",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5501"
},
{
"name": "SSRT100992",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
},
{
"name": "http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/",
"url": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html",
"refsource": "MISC",
"url": "http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/"
"name": "http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html"
},
{
"name": "VU#520827",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/520827"
"url": "http://support.apple.com/kb/HT5501",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT5501"
},
{
"name": "HPSBUX02791",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=134012830914727&w=2"
"url": "http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/",
"refsource": "MISC",
"name": "http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/"
},
{
"name": "DSA-2465",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2465"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html"
},
{
"name": "49085",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49085"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html"
},
{
"name": "HPSBMU02900",
"refsource": "HP",
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html"
},
{
"name": "http://www.php.net/ChangeLog-5.php#5.4.3",
"refsource": "CONFIRM",
"url": "http://www.php.net/ChangeLog-5.php#5.4.3"
"url": "http://marc.info/?l=bugtraq&m=134012830914727&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=134012830914727&w=2"
},
{
"url": "http://secunia.com/advisories/49014",
"refsource": "MISC",
"name": "http://secunia.com/advisories/49014"
},
{
"url": "http://secunia.com/advisories/49085",
"refsource": "MISC",
"name": "http://secunia.com/advisories/49085"
},
{
"url": "http://www.debian.org/security/2012/dsa-2465",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2465"
},
{
"url": "http://www.kb.cert.org/vuls/id/520827",
"refsource": "MISC",
"name": "http://www.kb.cert.org/vuls/id/520827"
},
{
"url": "http://www.php.net/ChangeLog-5.php#5.4.3",
"refsource": "MISC",
"name": "http://www.php.net/ChangeLog-5.php#5.4.3"
},
{
"url": "http://www.php.net/archive/2012.php#id2012-05-08-1",
"refsource": "MISC",
"name": "http://www.php.net/archive/2012.php#id2012-05-08-1"
},
{
"url": "http://www.securitytracker.com/id?1027022",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1027022"
},
{
"url": "https://bugs.php.net/bug.php?id=61910",
"refsource": "MISC",
"name": "https://bugs.php.net/bug.php?id=61910"
},
{
"url": "https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff-fix-check.patch&revision=1336093719&display=1",
"refsource": "MISC",
"name": "https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff-fix-check.patch&revision=1336093719&display=1"
},
{
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862",
"refsource": "MISC",
"name": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862"
}
]
}

63
2012/2xxx/CVE-2012-2312.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2312",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "JBoss AS 7",
"product": {
"product_data": [
{
"product_name": "JBoss",
"version": {
"version_data": [
{
"version_value": "AS 7 Community Release"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,12 +27,36 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "JBoss AS 7",
"product": {
"product_data": [
{
"product_name": "JBoss",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "AS 7 Community Release"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2012-2312",
"url": "https://access.redhat.com/security/cve/cve-2012-2312",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2012-2312"
"name": "https://access.redhat.com/security/cve/cve-2012-2312"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2312",
@ -63,9 +64,9 @@
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2312"
},
{
"url": "https://access.redhat.com/security/cve/cve-2012-2312",
"url": "https://security-tracker.debian.org/tracker/CVE-2012-2312",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2012-2312"
"name": "https://security-tracker.debian.org/tracker/CVE-2012-2312"
}
]
}

79
2014/0xxx/CVE-2014-0036.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0036",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "FEDORA-2014-3573",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-March/130148.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-March/130148.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-March/130148.html"
},
{
"name": "FEDORA-2014-3526",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-March/130180.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-March/130180.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-March/130180.html"
},
{
"name": "[oss-security] 20140306 CVE-2014-0036 rubygem-rbovirt: unsafe use of rest-client",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q1/509"
"url": "http://seclists.org/oss-sec/2014/q1/509",
"refsource": "MISC",
"name": "http://seclists.org/oss-sec/2014/q1/509"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1058595",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1058595"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1058595",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1058595"
}
]
}

85
2014/0xxx/CVE-2014-0055.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0055",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0328",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0328.html"
"url": "http://secunia.com/advisories/59386",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59386"
},
{
"name": "59386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59386"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0328.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0328.html"
},
{
"name": "66441",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66441"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0339.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0339.html"
},
{
"name": "RHSA-2014:0339",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0339.html"
"url": "http://www.securityfocus.com/bid/66441",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/66441"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1062577",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1062577"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1062577",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1062577"
}
]
}

53
2014/0xxx/CVE-2014-0056.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-0056 openstack-neutron: insufficient authorization checks when creating ports"
"value": "The l3-agent in OpenStack Neutron 2012.2 before 2013.2.3 does not check the tenant id when creating ports, which allows remote authenticated users to plug ports into the routers of arbitrary tenants via the device id in a port-create command."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Authorization",
"cweId": "CWE-285"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "OpenStack 4 for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2013.2.3-7.el6ost",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -69,50 +68,10 @@
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2194-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0516",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0516"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0056",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0056"
},
{
"url": "https://bugs.launchpad.net/neutron/+bug/1243327",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/neutron/+bug/1243327"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1063141",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1063141"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
}
]
}

116
2014/0xxx/CVE-2014-0064.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-0064 postgresql: integer overflows leading to buffer overflows"
"value": "Multiple integer overflows in the path_in and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, which trigger a buffer overflow. NOTE: this identifier has been SPLIT due to different affected versions; use CVE-2014-2669 for the hstore vector."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Integer Overflow or Wraparound",
"cweId": "CWE-190"
"value": "n/a"
}
]
}
@ -32,65 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "CloudForms Management Engine 5.x",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:5.2.3.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:9.2.7-1.1.el6",
"version_affected": "!"
},
{
"version_value": "0:9.0r2-4.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.2.13-6.el6cf",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:8.4.20-1.el5_10",
"version_affected": "!"
},
{
"version_value": "0:8.1.23-10.el5_10",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:8.4.20-1.el6_5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Software Collections for RHEL-6",
"version": {
"version_data": [
{
"version_value": "0:9.2.7-1.1.el6",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -183,26 +133,6 @@
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2120-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0211",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0211"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0221",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0221"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0249",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0249"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0469",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0469"
},
{
"url": "https://support.apple.com/kb/HT6536",
"refsource": "MISC",
@ -219,44 +149,14 @@
"name": "http://www.securityfocus.com/bid/65725"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0064",
"url": "https://github.com/postgres/postgres/commit/31400a673325147e1205326008e32135a78b4d8a",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0064"
"name": "https://github.com/postgres/postgres/commit/31400a673325147e1205326008e32135a78b4d8a"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065230",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1065230"
},
{
"url": "https://github.com/postgres/postgres/commit/31400a673325147e1205326008e32135a78b4d8a",
"refsource": "MISC",
"name": "https://github.com/postgres/postgres/commit/31400a673325147e1205326008e32135a78b4d8a"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
]
}

157
2014/0xxx/CVE-2014-0065.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0065",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,92 +27,116 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0211",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0211.html"
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705",
"refsource": "MISC",
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"
},
{
"name": "RHSA-2014:0221",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0221.html"
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "http://support.apple.com/kb/HT6448",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6448"
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html",
"refsource": "MISC",
"name": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
},
{
"name": "RHSA-2014:0469",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0469.html"
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html"
},
{
"name": "APPLE-SA-2014-10-16-3",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html"
},
{
"name": "http://wiki.postgresql.org/wiki/20140220securityrelease",
"refsource": "CONFIRM",
"url": "http://wiki.postgresql.org/wiki/20140220securityrelease"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0211.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0211.html"
},
{
"name": "DSA-2864",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2864"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0221.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0221.html"
},
{
"name": "65731",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65731"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0249.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0249.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0469.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0469.html"
},
{
"name": "RHSA-2014:0249",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0249.html"
"url": "http://support.apple.com/kb/HT6448",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT6448"
},
{
"name": "http://www.postgresql.org/about/news/1506/",
"refsource": "CONFIRM",
"url": "http://www.postgresql.org/about/news/1506/"
"url": "http://wiki.postgresql.org/wiki/20140220securityrelease",
"refsource": "MISC",
"name": "http://wiki.postgresql.org/wiki/20140220securityrelease"
},
{
"name": "USN-2120-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2120-1"
"url": "http://www.debian.org/security/2014/dsa-2864",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-2864"
},
{
"name": "https://support.apple.com/kb/HT6536",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT6536"
"url": "http://www.debian.org/security/2014/dsa-2865",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-2865"
},
{
"name": "DSA-2865",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2865"
"url": "http://www.postgresql.org/about/news/1506/",
"refsource": "MISC",
"name": "http://www.postgresql.org/about/news/1506/"
},
{
"name": "openSUSE-SU-2014:0345",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html"
"url": "http://www.ubuntu.com/usn/USN-2120-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2120-1"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"
"url": "https://support.apple.com/kb/HT6536",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT6536"
},
{
"name": "openSUSE-SU-2014:0368",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html"
"url": "http://www.securityfocus.com/bid/65731",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/65731"
}
]
}

117
2014/0xxx/CVE-2014-0066.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-0066 postgresql: NULL pointer dereference"
"value": "The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly check the return value of the crypt library function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
"value": "n/a"
}
]
}
@ -32,65 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "CloudForms Management Engine 5.x",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:5.2.3.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:9.2.7-1.1.el6",
"version_affected": "!"
},
{
"version_value": "0:9.0r2-4.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.2.13-6.el6cf",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5",
"version": {
"version_data": [
{
"version_value": "0:8.4.20-1.el5_10",
"version_affected": "!"
},
{
"version_value": "0:8.1.23-10.el5_10",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:8.4.20-1.el6_5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Software Collections for RHEL-6",
"version": {
"version_data": [
{
"version_value": "0:9.2.7-1.1.el6",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -178,65 +128,10 @@
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2120-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0211",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0211"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0221",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0221"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0249",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0249"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0469",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0469"
},
{
"url": "https://support.apple.com/kb/HT6536",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT6536"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0066",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0066"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065236",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1065236"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
}
]
}

75
2014/0xxx/CVE-2014-0074.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0074",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "20140303 [Announce] Apache Shiro 1.2.3 Released - Security Advisory",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Mar/22"
},
{
"name": "https://issues.apache.org/jira/browse/SHIRO-460",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1351.html",
"refsource": "MISC",
"url": "https://issues.apache.org/jira/browse/SHIRO-460"
"name": "http://rhn.redhat.com/errata/RHSA-2014-1351.html"
},
{
"name": "RHSA-2014:1351",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1351.html"
"url": "http://seclists.org/fulldisclosure/2014/Mar/22",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2014/Mar/22"
},
{
"url": "https://issues.apache.org/jira/browse/SHIRO-460",
"refsource": "MISC",
"name": "https://issues.apache.org/jira/browse/SHIRO-460"
}
]
}

694
2014/0xxx/CVE-2014-0076.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0076",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,332 +27,351 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://www.novell.com/support/kb/doc.php?id=7015300",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/kb/doc.php?id=7015300"
},
{
"name": "59264",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59264"
},
{
"name": "59454",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59454"
},
{
"name": "66363",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66363"
},
{
"name": "58492",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58492"
},
{
"name": "http://www.novell.com/support/kb/doc.php?id=7015264",
"refsource": "CONFIRM",
"url": "http://www.novell.com/support/kb/doc.php?id=7015264"
},
{
"name": "https://bugs.gentoo.org/show_bug.cgi?id=505278",
"refsource": "CONFIRM",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=505278"
},
{
"name": "59445",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59445"
},
{
"name": "HPSBUX03046",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=140266410314613&w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092"
},
{
"name": "http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=2198be3483259de374f91e57d247d0fc667aef29",
"refsource": "CONFIRM",
"url": "http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=2198be3483259de374f91e57d247d0fc667aef29"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946"
},
{
"name": "HPSBOV03047",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=140317760000786&w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
},
{
"name": "HPSBMU03074",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=140621259019789&w=2"
},
{
"name": "59300",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59300"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0165.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0165.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
},
{
"name": "openSUSE-SU-2014:0480",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-04/msg00007.html"
},
{
"name": "59495",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59495"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
},
{
"name": "openSUSE-SU-2016:0640",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"name": "59655",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59655"
},
{
"name": "59374",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59374"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "HPSBMU03057",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=140389274407904&w=2"
},
{
"name": "58939",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58939"
},
{
"name": "SSRT101590",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=140266410314613&w=2"
},
{
"name": "59514",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59514"
},
{
"name": "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10075",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10075"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
},
{
"name": "59438",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59438"
},
{
"name": "HPSBGN03050",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=140482916501310&w=2"
},
{
"name": "58727",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58727"
},
{
"name": "http://www.openssl.org/news/secadv_20140605.txt",
"refsource": "CONFIRM",
"url": "http://www.openssl.org/news/secadv_20140605.txt"
},
{
"name": "http://support.apple.com/kb/HT6443",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6443"
},
{
"name": "USN-2165-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2165-1"
},
{
"name": "HPSBMU03076",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=140904544427729&w=2"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629"
},
{
"name": "MDVSA-2014:067",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:067"
},
{
"name": "HPSBMU03062",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=140752315422991&w=2"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=869945",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=869945"
},
{
"name": "59040",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59040"
},
{
"name": "HPSBMU03056",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=140389355508263&w=2"
},
{
"name": "59175",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59175"
},
{
"name": "HPSBMU03051",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=140448122410568&w=2"
},
{
"name": "59413",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59413"
},
{
"name": "59721",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59721"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
},
{
"name": "MDVSA-2015:062",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
},
{
"name": "59450",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59450"
},
{
"name": "59364",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59364"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676424",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676424"
},
{
"name": "60571",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60571"
},
{
"name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
},
{
"name": "59162",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59162"
},
{
"name": "59490",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59490"
},
{
"name": "http://eprint.iacr.org/2014/140",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "MISC",
"url": "http://eprint.iacr.org/2014/140"
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
},
{
"url": "http://support.apple.com/kb/HT6443",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT6443"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"url": "http://advisories.mageia.org/MGASA-2014-0165.html",
"refsource": "MISC",
"name": "http://advisories.mageia.org/MGASA-2014-0165.html"
},
{
"url": "http://eprint.iacr.org/2014/140",
"refsource": "MISC",
"name": "http://eprint.iacr.org/2014/140"
},
{
"url": "http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=2198be3483259de374f91e57d247d0fc667aef29",
"refsource": "MISC",
"name": "http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=2198be3483259de374f91e57d247d0fc667aef29"
},
{
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629",
"refsource": "MISC",
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629"
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2014-04/msg00007.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2014-04/msg00007.html"
},
{
"url": "http://marc.info/?l=bugtraq&m=140266410314613&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=140266410314613&w=2"
},
{
"url": "http://marc.info/?l=bugtraq&m=140317760000786&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=140317760000786&w=2"
},
{
"url": "http://marc.info/?l=bugtraq&m=140389274407904&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=140389274407904&w=2"
},
{
"url": "http://marc.info/?l=bugtraq&m=140389355508263&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=140389355508263&w=2"
},
{
"url": "http://marc.info/?l=bugtraq&m=140448122410568&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=140448122410568&w=2"
},
{
"url": "http://marc.info/?l=bugtraq&m=140482916501310&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=140482916501310&w=2"
},
{
"url": "http://marc.info/?l=bugtraq&m=140621259019789&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=140621259019789&w=2"
},
{
"url": "http://marc.info/?l=bugtraq&m=140752315422991&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=140752315422991&w=2"
},
{
"url": "http://marc.info/?l=bugtraq&m=140904544427729&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=140904544427729&w=2"
},
{
"url": "http://secunia.com/advisories/58492",
"refsource": "MISC",
"name": "http://secunia.com/advisories/58492"
},
{
"url": "http://secunia.com/advisories/58727",
"refsource": "MISC",
"name": "http://secunia.com/advisories/58727"
},
{
"url": "http://secunia.com/advisories/58939",
"refsource": "MISC",
"name": "http://secunia.com/advisories/58939"
},
{
"url": "http://secunia.com/advisories/59040",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59040"
},
{
"url": "http://secunia.com/advisories/59162",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59162"
},
{
"url": "http://secunia.com/advisories/59175",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59175"
},
{
"url": "http://secunia.com/advisories/59264",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59264"
},
{
"url": "http://secunia.com/advisories/59300",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59300"
},
{
"url": "http://secunia.com/advisories/59364",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59364"
},
{
"url": "http://secunia.com/advisories/59374",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59374"
},
{
"url": "http://secunia.com/advisories/59413",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59413"
},
{
"url": "http://secunia.com/advisories/59438",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59438"
},
{
"url": "http://secunia.com/advisories/59445",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59445"
},
{
"url": "http://secunia.com/advisories/59450",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59450"
},
{
"url": "http://secunia.com/advisories/59454",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59454"
},
{
"url": "http://secunia.com/advisories/59490",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59490"
},
{
"url": "http://secunia.com/advisories/59495",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59495"
},
{
"url": "http://secunia.com/advisories/59514",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59514"
},
{
"url": "http://secunia.com/advisories/59655",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59655"
},
{
"url": "http://secunia.com/advisories/59721",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59721"
},
{
"url": "http://secunia.com/advisories/60571",
"refsource": "MISC",
"name": "http://secunia.com/advisories/60571"
},
{
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl",
"refsource": "MISC",
"name": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841",
"refsource": "MISC",
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843",
"refsource": "MISC",
"name": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137",
"refsource": "MISC",
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035",
"refsource": "MISC",
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062",
"refsource": "MISC",
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092",
"refsource": "MISC",
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419",
"refsource": "MISC",
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676424",
"refsource": "MISC",
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676424"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501",
"refsource": "MISC",
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655",
"refsource": "MISC",
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695",
"refsource": "MISC",
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
},
{
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828",
"refsource": "MISC",
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
},
{
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm",
"refsource": "MISC",
"name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:067",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:067"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
},
{
"url": "http://www.novell.com/support/kb/doc.php?id=7015264",
"refsource": "MISC",
"name": "http://www.novell.com/support/kb/doc.php?id=7015264"
},
{
"url": "http://www.novell.com/support/kb/doc.php?id=7015300",
"refsource": "MISC",
"name": "http://www.novell.com/support/kb/doc.php?id=7015300"
},
{
"url": "http://www.openssl.org/news/secadv_20140605.txt",
"refsource": "MISC",
"name": "http://www.openssl.org/news/secadv_20140605.txt"
},
{
"url": "http://www.securityfocus.com/bid/66363",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/66363"
},
{
"url": "http://www.ubuntu.com/usn/USN-2165-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2165-1"
},
{
"url": "https://bugs.gentoo.org/show_bug.cgi?id=505278",
"refsource": "MISC",
"name": "https://bugs.gentoo.org/show_bug.cgi?id=505278"
},
{
"url": "https://bugzilla.novell.com/show_bug.cgi?id=869945",
"refsource": "MISC",
"name": "https://bugzilla.novell.com/show_bug.cgi?id=869945"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946",
"refsource": "MISC",
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946"
},
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10075",
"refsource": "MISC",
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10075"
}
]
}

981
2014/0xxx/CVE-2014-0084.json
View File

File diff suppressed because it is too large Load Diff

61
2014/0xxx/CVE-2014-0085.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0085",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,12 +27,36 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0085",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0085"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0085",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0085"
}
]
}

85
2014/0xxx/CVE-2014-0086.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0086",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0335",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0335.html"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0335.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0335.html"
},
{
"name": "https://issues.jboss.org/browse/RF-13250",
"refsource": "CONFIRM",
"url": "https://issues.jboss.org/browse/RF-13250"
"url": "http://secunia.com/advisories/57053",
"refsource": "MISC",
"name": "http://secunia.com/advisories/57053"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1067268",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1067268"
"url": "https://github.com/pslegr/core-1/commit/8131f15003f5bec73d475d2b724472e4b87d0757",
"refsource": "MISC",
"name": "https://github.com/pslegr/core-1/commit/8131f15003f5bec73d475d2b724472e4b87d0757"
},
{
"name": "https://github.com/pslegr/core-1/commit/8131f15003f5bec73d475d2b724472e4b87d0757",
"refsource": "CONFIRM",
"url": "https://github.com/pslegr/core-1/commit/8131f15003f5bec73d475d2b724472e4b87d0757"
"url": "https://issues.jboss.org/browse/RF-13250",
"refsource": "MISC",
"name": "https://issues.jboss.org/browse/RF-13250"
},
{
"name": "57053",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57053"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1067268",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1067268"
}
]
}

63
2014/0xxx/CVE-2014-0104.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0104",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "fence-agents",
"product": {
"product_data": [
{
"product_name": "fence-agents",
"version": {
"version_data": [
{
"version_value": "before 4.0.17"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,12 +27,36 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "fence-agents",
"product": {
"product_data": [
{
"product_name": "fence-agents",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "before 4.0.17"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2014-0104",
"url": "https://access.redhat.com/security/cve/cve-2014-0104",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2014-0104"
"name": "https://access.redhat.com/security/cve/cve-2014-0104"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0104",
@ -68,9 +69,9 @@
"name": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2014-0104"
},
{
"url": "https://access.redhat.com/security/cve/cve-2014-0104",
"url": "https://security-tracker.debian.org/tracker/CVE-2014-0104",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2014-0104"
"name": "https://security-tracker.debian.org/tracker/CVE-2014-0104"
}
]
}

1155
2014/0xxx/CVE-2014-0114.json
View File

File diff suppressed because it is too large Load Diff

85
2014/0xxx/CVE-2014-0116.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0116",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "67218",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67218"
"url": "http://secunia.com/advisories/59816",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59816"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
"url": "http://struts.apache.org/release/2.3.x/docs/s2-022.html",
"refsource": "MISC",
"name": "http://struts.apache.org/release/2.3.x/docs/s2-022.html"
},
{
"name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm",
"refsource": "CONFIRM",
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm"
"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm",
"refsource": "MISC",
"name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm"
},
{
"name": "http://struts.apache.org/release/2.3.x/docs/s2-022.html",
"refsource": "CONFIRM",
"url": "http://struts.apache.org/release/2.3.x/docs/s2-022.html"
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"
},
{
"name": "59816",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59816"
"url": "http://www.securityfocus.com/bid/67218",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/67218"
}
]
}

73
2014/0xxx/CVE-2014-0124.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0124",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43916",
"refsource": "CONFIRM",
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43916"
"url": "http://openwall.com/lists/oss-security/2014/03/17/1",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2014/03/17/1"
},
{
"name": "[oss-security] 20140317 Moodle security notifications public",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/03/17/1"
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43916",
"refsource": "MISC",
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43916"
},
{
"name": "https://moodle.org/mod/forum/discuss.php?d=256421",
"refsource": "CONFIRM",
"url": "https://moodle.org/mod/forum/discuss.php?d=256421"
"url": "https://moodle.org/mod/forum/discuss.php?d=256421",
"refsource": "MISC",
"name": "https://moodle.org/mod/forum/discuss.php?d=256421"
}
]
}

73
2014/0xxx/CVE-2014-0125.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0125",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://moodle.org/mod/forum/discuss.php?d=256422",
"refsource": "CONFIRM",
"url": "https://moodle.org/mod/forum/discuss.php?d=256422"
"url": "http://openwall.com/lists/oss-security/2014/03/17/1",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2014/03/17/1"
},
{
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-29409",
"refsource": "CONFIRM",
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-29409"
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-29409",
"refsource": "MISC",
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-29409"
},
{
"name": "[oss-security] 20140317 Moodle security notifications public",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/03/17/1"
"url": "https://moodle.org/mod/forum/discuss.php?d=256422",
"refsource": "MISC",
"name": "https://moodle.org/mod/forum/discuss.php?d=256422"
}
]
}

73
2014/0xxx/CVE-2014-0126.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0126",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20140317 Moodle security notifications public",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/03/17/1"
"url": "http://openwall.com/lists/oss-security/2014/03/17/1",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2014/03/17/1"
},
{
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43146",
"refsource": "CONFIRM",
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43146"
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43146",
"refsource": "MISC",
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43146"
},
{
"name": "https://moodle.org/mod/forum/discuss.php?d=256423",
"refsource": "CONFIRM",
"url": "https://moodle.org/mod/forum/discuss.php?d=256423"
"url": "https://moodle.org/mod/forum/discuss.php?d=256423",
"refsource": "MISC",
"name": "https://moodle.org/mod/forum/discuss.php?d=256423"
}
]
}

73
2014/0xxx/CVE-2014-0134.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0134",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/nova/+bug/1221190",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/nova/+bug/1221190"
"url": "http://www.ubuntu.com/usn/USN-2247-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2247-1"
},
{
"name": "[oss-security] 20140327 [OSSA 2014-009] Nova host data leak to vm instance in rescue mode (CVE-2014-0134)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/03/27/6"
"url": "http://www.openwall.com/lists/oss-security/2014/03/27/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/03/27/6"
},
{
"name": "USN-2247-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2247-1"
"url": "https://bugs.launchpad.net/nova/+bug/1221190",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/nova/+bug/1221190"
}
]
}

53
2014/0xxx/CVE-2014-0136.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was found that the get and log methods of the AgentController wrote log messages without sanitizing user input. A remote attacker could use this flaw to insert arbitrary content into the log files written to by AgentController."
"value": "The (1) get and (2) log methods in the AgentController in Red Hat CloudForms 3.0 Management Engine (CFME) 5.x allow remote attackers to insert arbitrary text into log files via unspecified vectors."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Output Neutralization for Logs",
"cweId": "CWE-117"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "CloudForms Management Engine 5.x",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:5.2.5.3-2.el6cf",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -63,46 +62,6 @@
"url": "http://www.securityfocus.com/bid/69233",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/69233"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1037",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1037"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0136",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0136"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1076669",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1076669"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
]
}

115
2014/0xxx/CVE-2014-0144.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-0144 Qemu: block: missing input validation"
"value": "QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arbitrary code on the host with the privileges of the QEMU process."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Input Validation",
"cweId": "CWE-20"
"value": "Buffer Overflow"
}
]
}
@ -32,53 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "OpenStack 3 for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.8",
"version_affected": "!"
}
]
}
},
{
"product_name": "OpenStack 4 for RHEL 6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.8",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.8",
"version_affected": "!"
}
]
}
},
{
"product_name": "RHEV 3.X Hypervisor and Agents for RHEL-6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.8",
"version_affected": "!"
},
{
"version_value": "0:6.5-20140603.2.el6ev",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -101,31 +63,6 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0421.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0674",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0674"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0420",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0420"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0421",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0421"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0434",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0434"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0435",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0435"
},
{
"url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=24342f2cae47d03911e346fe1e520b00dc2818e0",
"refsource": "MISC",
@ -182,50 +119,14 @@
"name": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=f56b9bc3ae20fc93815b34aa022be919941406ce"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0144",
"url": "https://www.vulnerabilitycenter.com/#%21vul=44767",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0144"
"name": "https://www.vulnerabilitycenter.com/#%21vul=44767"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1079240",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1079240"
},
{
"url": "https://www.vulnerabilitycenter.com/#%21vul=44767",
"refsource": "MISC",
"name": "https://www.vulnerabilitycenter.com/#%21vul=44767"
}
]
},
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Fam Zheng (Red Hat), Jeff Cody (Red Hat), Kevin Wolf (Red Hat), and Stefan Hajnoczi (Red Hat)."
}
],
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

105
2014/0xxx/CVE-2014-0145.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-0145 Qemu: prevent possible buffer overflows"
"value": "Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0.0, allow local users to cause a denial of service (crash) or possibly execute arbitrary code via a large (1) L1 table in the qcow2_snapshot_load_tmp in the QCOW 2 block driver (block/qcow2-snapshot.c) or (2) uncompressed chunk, (3) chunk length, or (4) number of sectors in the DMG block driver (block/dmg.c)."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
"value": "n/a"
}
]
}
@ -32,53 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "OpenStack 3 for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.8",
"version_affected": "!"
}
]
}
},
{
"product_name": "OpenStack 4 for RHEL 6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.8",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.8",
"version_affected": "!"
}
]
}
},
{
"product_name": "RHEV 3.X Hypervisor and Agents for RHEL-6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.8",
"version_affected": "!"
},
{
"version_value": "0:6.5-20140603.2.el6ev",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -96,11 +58,6 @@
"refsource": "MISC",
"name": "https://lists.gnu.org/archive/html/qemu-devel/2014-03/msg04994.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0674",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0674"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2014-0420.html",
"refsource": "MISC",
@ -116,26 +73,6 @@
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-3044"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0420",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0420"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0421",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0421"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0434",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0434"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0435",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0435"
},
{
"url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=c05e4667be91b46ab42b5a11babf8e84d476cc6b",
"refsource": "MISC",
@ -156,41 +93,11 @@
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/03/26/8"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0145",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0145"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1078885",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1078885"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}
}

105
2014/0xxx/CVE-2014-0146.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-0146 Qemu: qcow2: NULL dereference in qcow2_open() error path"
"value": "The qcow2_open function in the (block/qcow2.c) in QEMU before 1.7.2 and 2.x before 2.0.0 allows local users to cause a denial of service (NULL pointer dereference) via a crafted image which causes an error, related to the initialization of the snapshot_offset and nb_snapshots fields."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
"value": "n/a"
}
]
}
@ -32,53 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "OpenStack 3 for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.8",
"version_affected": "!"
}
]
}
},
{
"product_name": "OpenStack 4 for RHEL 6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.8",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.8",
"version_affected": "!"
}
]
}
},
{
"product_name": "RHEV 3.X Hypervisor and Agents for RHEL-6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.8",
"version_affected": "!"
},
{
"version_value": "0:6.5-20140603.2.el6ev",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -91,11 +53,6 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2014:0674",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0674"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2014-0420.html",
"refsource": "MISC",
@ -111,26 +68,6 @@
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-3044"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0420",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0420"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0421",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0421"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0434",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0434"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0435",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0435"
},
{
"url": "http://www.openwall.com/lists/oss-security/2014/03/26/8",
"refsource": "MISC",
@ -141,41 +78,11 @@
"refsource": "MISC",
"name": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=11b128f4062dd7f89b14abc8877ff20d41b28be9"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0146",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0146"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1078232",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1078232"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}
}

53
2014/0xxx/CVE-2014-0154.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was found that the oVirt web admin interface did not include the HttpOnly flag when setting session IDs with the Set-Cookie header. This flaw could make it is easier for a remote attacker to hijack an oVirt web admin session by leveraging a cross-site scripting (XSS) vulnerability."
"value": "oVirt Engine before 3.5.0 does not include the HTTPOnly flag in a Set-Cookie header for the session IDs, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Insufficiently Protected Credentials",
"cweId": "CWE-522"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "RHEV Manager version 3.5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:3.5.0-29",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -59,50 +58,10 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0158.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:0158",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0158"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0154",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0154"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077450",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1077450"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1081896",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1081896"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
]
}

75
2014/0xxx/CVE-2014-0155.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0155",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ioapic_deliver function in virt/kvm/ioapic.c in the Linux kernel through 3.14.1 does not properly validate the kvm_irq_delivery_to_apic return value, which allows guest OS users to cause a denial of service (host OS crash) via a crafted entry in the redirection table of an I/O APIC. NOTE: the affected code was moved to the ioapic_service function before the vulnerability was announced."
"value": "The ioapic_deliver function in virt/kvm/ioapic.c in the Linux kernel through 3.14.1 does not properly validate the kvm_irq_delivery_to_apic return value, which allows guest OS users to cause a denial of service (host OS crash) via a crafted entry in the redirection table of an I/O APIC. NOTE: the affected code was moved to the ioapic_service function before the vulnerability was announced."
}
]
},
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=5678de3f15010b9022ee45673f33bcfc71d47b60",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=5678de3f15010b9022ee45673f33bcfc71d47b60"
"url": "http://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=5678de3f15010b9022ee45673f33bcfc71d47b60",
"refsource": "MISC",
"name": "http://git.kernel.org/cgit/virt/kvm/kvm.git/commit/?id=5678de3f15010b9022ee45673f33bcfc71d47b60"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1081589",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1081589"
"url": "http://www.openwall.com/lists/oss-security/2014/04/07/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/04/07/2"
},
{
"name": "[oss-security] 20140407 CVE-2014-0155 -- kernel: kvm: BUG caused by invalid entry in guest ioapic redirection table",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/04/07/2"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1081589",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1081589"
}
]
}

69
2014/0xxx/CVE-2014-0164.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-0164 mcollective: world readable client config"
"value": "openshift-origin-broker-util, as used in Red Hat OpenShift Enterprise 1.2.7 and 2.0.5, uses world-readable permissions for the mcollective client.cfg configuration file, which allows local users to obtain credentials and other sensitive information by reading the file."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Incorrect Permission Assignment for Critical Resource",
"cweId": "CWE-732"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat OpenShift Enterprise 2.0",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:1.17.6.6-1.el6op",
"version_affected": "!"
}
]
}
},
{
"product_name": "RHEL 6 Version of OpenShift Enterprise 1.2",
"version": {
"version_data": [
{
"version_value": "0:1.9.16-1.el6op",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -74,51 +62,6 @@
"url": "http://rhn.redhat.com/errata/RHSA-2014-0461.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0461.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0460",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0460"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0461",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0461"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0164",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0164"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1083847",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1083847"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

67
2014/0xxx/CVE-2014-0174.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0174",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,17 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0858",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0858.html"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0858.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0858.html"
},
{
"name": "RHSA-2014:0859",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0859.html"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0859.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0859.html"
}
]
}

981
2014/0xxx/CVE-2014-0175.json
View File

File diff suppressed because it is too large Load Diff

57
2014/0xxx/CVE-2014-0176.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-0176 CFME: reflected XSS in several places due to missing JavaScript escaping"
"value": "Cross-site scripting (XSS) vulnerability in application/panel_control in CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
"value": "n/a"
}
]
}
@ -32,20 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "CloudForms Management Engine 5.x",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:5.2.4.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.2.13-8.el6cf",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -58,50 +53,10 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2014:0816",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0816"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2014-0816.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0816.html"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0176",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0176"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1086463",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1086463"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
]
}

57
2014/0xxx/CVE-2014-0184.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-0184 CFME: root password is written to evm.log when entered during VM provisioning"
"value": "Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 logs the root password when deploying a VM, which allows local users to obtain sensitive information by reading the evm.log file."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Insufficiently Protected Credentials",
"cweId": "CWE-522"
"value": "n/a"
}
]
}
@ -32,20 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "CloudForms Management Engine 5.x",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:5.2.4.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.2.13-8.el6cf",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -58,50 +53,10 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2014:0816",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0816"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2014-0816.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0816.html"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0184",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0184"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1089131",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1089131"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.9,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
}
]
}

91
2014/0xxx/CVE-2014-0186.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0186",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A certain tomcat7 package for Apache Tomcat 7 in Red Hat Enterprise Linux (RHEL) 7 allows remote attackers to cause a denial of service (CPU consumption) via a crafted request. NOTE: this vulnerability exists because of an unspecified regression."
"value": "A certain tomcat7 package for Apache Tomcat 7 in Red Hat Enterprise Linux (RHEL) 7 allows remote attackers to cause a denial of service (CPU consumption) via a crafted request. NOTE: this vulnerability exists because of an unspecified regression."
}
]
},
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0686",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2014-0686.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1089884",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1089884"
},
{
"name": "108060",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/108060"
},
{
"name": "https://security-tracker.debian.org/tracker/CVE-2014-0186",
"url": "http://www.osvdb.org/108060",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2014-0186"
"name": "http://www.osvdb.org/108060"
},
{
"url": "https://rhn.redhat.com/errata/RHSA-2014-0686.html",
"refsource": "MISC",
"name": "https://rhn.redhat.com/errata/RHSA-2014-0686.html"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2014-0186",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2014-0186"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1089884",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1089884"
}
]
}

305
2014/0xxx/CVE-2014-0196.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0196",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,147 +27,171 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "USN-2203-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2203-1"
},
{
"name": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html",
"refsource": "CONFIRM",
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html"
},
{
"name": "106646",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/106646"
},
{
"name": "SUSE-SU-2014:0683",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html"
},
{
"name": "[oss-security] 20140429 CVE-2014-0196: Linux kernel pty layer race condition memory corruption",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/05/05/6"
},
{
"name": "59262",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59262"
},
{
"name": "USN-2204-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2204-1"
},
{
"name": "59218",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59218"
},
{
"name": "USN-2202-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2202-1"
},
{
"name": "33516",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/33516"
},
{
"name": "DSA-2928",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2928"
},
{
"name": "USN-2199-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2199-1"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-0771.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-0771.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232"
},
{
"name": "USN-2197-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2197-1"
},
{
"name": "http://source.android.com/security/bulletin/2016-07-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-07-01.html"
},
{
"name": "RHSA-2014:0512",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0512.html"
},
{
"name": "59599",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59599"
},
{
"name": "DSA-2926",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2926"
},
{
"name": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00"
},
{
"name": "SUSE-SU-2014:0667",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html"
},
{
"name": "http://pastebin.com/raw.php?i=yTSFUBgZ",
"url": "http://linux.oracle.com/errata/ELSA-2014-0771.html",
"refsource": "MISC",
"url": "http://pastebin.com/raw.php?i=yTSFUBgZ"
"name": "http://linux.oracle.com/errata/ELSA-2014-0771.html"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4291086b1f081b869c6d79e5b7441633dc3ace00",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=4291086b1f081b869c6d79e5b7441633dc3ace00"
"url": "http://secunia.com/advisories/59262",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59262"
},
{
"name": "http://bugzilla.novell.com/show_bug.cgi?id=875690",
"refsource": "CONFIRM",
"url": "http://bugzilla.novell.com/show_bug.cgi?id=875690"
"url": "http://secunia.com/advisories/59599",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59599"
},
{
"name": "USN-2198-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2198-1"
"url": "http://www.debian.org/security/2014/dsa-2926",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-2926"
},
{
"name": "USN-2200-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2200-1"
"url": "http://source.android.com/security/bulletin/2016-07-01.html",
"refsource": "MISC",
"name": "http://source.android.com/security/bulletin/2016-07-01.html"
},
{
"name": "USN-2201-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2201-1"
"url": "http://bugzilla.novell.com/show_bug.cgi?id=875690",
"refsource": "MISC",
"name": "http://bugzilla.novell.com/show_bug.cgi?id=875690"
},
{
"name": "USN-2196-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2196-1"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4291086b1f081b869c6d79e5b7441633dc3ace00"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00007.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00012.html"
},
{
"url": "http://pastebin.com/raw.php?i=yTSFUBgZ",
"refsource": "MISC",
"name": "http://pastebin.com/raw.php?i=yTSFUBgZ"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2014-0512.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0512.html"
},
{
"url": "http://secunia.com/advisories/59218",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59218"
},
{
"url": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html",
"refsource": "MISC",
"name": "http://support.f5.com/kb/en-us/solutions/public/15000/300/sol15319.html"
},
{
"url": "http://www.debian.org/security/2014/dsa-2928",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-2928"
},
{
"url": "http://www.exploit-db.com/exploits/33516",
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/33516"
},
{
"url": "http://www.openwall.com/lists/oss-security/2014/05/05/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/05/05/6"
},
{
"url": "http://www.osvdb.org/106646",
"refsource": "MISC",
"name": "http://www.osvdb.org/106646"
},
{
"url": "http://www.ubuntu.com/usn/USN-2196-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2196-1"
},
{
"url": "http://www.ubuntu.com/usn/USN-2197-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2197-1"
},
{
"url": "http://www.ubuntu.com/usn/USN-2198-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2198-1"
},
{
"url": "http://www.ubuntu.com/usn/USN-2199-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2199-1"
},
{
"url": "http://www.ubuntu.com/usn/USN-2200-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2200-1"
},
{
"url": "http://www.ubuntu.com/usn/USN-2201-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2201-1"
},
{
"url": "http://www.ubuntu.com/usn/USN-2202-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2202-1"
},
{
"url": "http://www.ubuntu.com/usn/USN-2203-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2203-1"
},
{
"url": "http://www.ubuntu.com/usn/USN-2204-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2204-1"
},
{
"url": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/4291086b1f081b869c6d79e5b7441633dc3ace00"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1094232"
}
]
}

73
2014/0xxx/CVE-2014-0204.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0204",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/keystone/+bug/1309228",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/keystone/+bug/1309228"
"url": "http://www.openwall.com/lists/oss-security/2014/05/21/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/05/21/3"
},
{
"name": "https://review.openstack.org/#/c/94396/",
"refsource": "CONFIRM",
"url": "https://review.openstack.org/#/c/94396/"
"url": "https://bugs.launchpad.net/keystone/+bug/1309228",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/keystone/+bug/1309228"
},
{
"name": "[oss-security] 20140521 [OSSA 2014-015] Keystone user and group id mismatch (CVE-2014-0204)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/05/21/3"
"url": "https://review.openstack.org/#/c/94396/",
"refsource": "MISC",
"name": "https://review.openstack.org/#/c/94396/"
}
]
}

84
2014/0xxx/CVE-2014-0205.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the way the Linux kernel's futex subsystem handled reference counting when requeuing futexes during futex_wait(). A local, unprivileged user could use this flaw to zero out the reference counter of an inode or an mm struct that backs up the memory area of the futex, which could lead to a use-after-free flaw, resulting in a system crash or, potentially, privilege escalation."
"value": "The futex_wait function in kernel/futex.c in the Linux kernel before 2.6.37 does not properly maintain a certain reference count during requeue operations, which allows local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application that triggers a zero count."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Use After Free",
"cweId": "CWE-416"
"value": "n/a"
}
]
}
@ -32,38 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-431.29.2.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6.2 Advanced Update Support",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-220.56.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6.4 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-358.49.1.el6",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -76,11 +53,6 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2014:1167",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1167"
},
{
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=7ada876a8703f23befbb20a7465a702ee39b1704",
"refsource": "MISC",
@ -102,54 +74,14 @@
"name": "http://rhn.redhat.com/errata/RHSA-2014-1763.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1365",
"url": "https://github.com/torvalds/linux/commit/7ada876a8703f23befbb20a7465a702ee39b1704",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1365"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1763",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1763"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0205",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0205"
"name": "https://github.com/torvalds/linux/commit/7ada876a8703f23befbb20a7465a702ee39b1704"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094455",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1094455"
},
{
"url": "https://github.com/torvalds/linux/commit/7ada876a8703f23befbb20a7465a702ee39b1704",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/7ada876a8703f23befbb20a7465a702ee39b1704"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.9,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

57
2014/3xxx/CVE-2014-3497.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was found that Swift did not escape all HTTP header values, allowing data to be injected into the responses sent from the Swift server. This could lead to cross-site scripting attacks (and possibly other impacts) if a user were tricked into clicking on a malicious URL."
"value": "Cross-site scripting (XSS) vulnerability in OpenStack Swift 1.11.0 through 1.13.1 allows remote attackers to inject arbitrary web script or HTML via the WWW-Authenticate header."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
"value": "n/a"
}
]
}
@ -32,20 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:1.13.1-3.el7ost",
"version_affected": "!"
},
{
"version_value": "0:2.1.0-2.el7ost",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -83,21 +78,6 @@
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2256-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0941",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0941"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-3497",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-3497"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1110809",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1110809"
},
{
"url": "https://review.openstack.org/#/c/101031/",
"refsource": "MISC",
@ -109,30 +89,5 @@
"name": "https://review.openstack.org/#/c/101032/"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
]
}
}

48
2014/3xxx/CVE-2014-3499.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-3499 docker: systemd socket activation results in privilege escalation"
"value": "Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Incorrect Privilege Assignment",
"cweId": "CWE-266"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7 Extras",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:0.11.1-22.el7",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -59,46 +58,11 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0820.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0820",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0820"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-3499",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-3499"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1111687",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1111687"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.2,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}
}

69
2014/3xxx/CVE-2014-3517.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A side-channel timing attack flaw was found in Nova. An attacker could possibly use this flaw to guess valid instance ID signatures, giving them access to details of another instance, by analyzing the response times of requests for instance metadata. This issue only affected configurations that proxy metadata requests via Neutron."
"value": "api/metadata/handler.py in OpenStack Compute (Nova) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2, when proxying metadata requests through Neutron, makes it easier for remote attackers to guess instance ID signatures via a brute-force attack that relies on timing differences in responses to instance metadata requests."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Covert Timing Channel",
"cweId": "CWE-385"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "OpenStack 4 for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2013.2.3-12.el6ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2014.1.1-4.el7ost",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -65,60 +53,15 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2014:1084",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1084"
},
{
"url": "http://www.openwall.com/lists/oss-security/2014/07/17/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/07/17/2"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0940",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0940"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-3517",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-3517"
},
{
"url": "https://bugs.launchpad.net/nova/+bug/1325128",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/nova/+bug/1325128"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1112499",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1112499"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
]
}

61
2014/3xxx/CVE-2014-3518.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3518",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,12 +27,36 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0887",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0887.html"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0887.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0887.html"
}
]
}

68
2014/3xxx/CVE-2014-3537.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was discovered that CUPS allowed certain users to create symbolic links in certain directories under /var/cache/cups/. A local user with the 'lp' group privileges could use this flaw to read the contents of arbitrary files on the system or, potentially, escalate their privileges on the system."
"value": "The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Link Resolution Before File Access ('Link Following')",
"cweId": "CWE-59"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "1:1.4.2-67.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "1:1.6.3-17.el7",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -131,54 +119,14 @@
"name": "http://www.ubuntu.com/usn/USN-2293-1"
},
{
"url": "https://access.redhat.com/errata/RHBA-2015:0386",
"url": "https://support.apple.com/kb/HT6535",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHBA-2015:0386"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1388",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1388"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-3537",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-3537"
"name": "https://support.apple.com/kb/HT6535"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1115576",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1115576"
},
{
"url": "https://support.apple.com/kb/HT6535",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT6535"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:M/Au:S/C:C/I:P/A:N",
"version": "2.0"
}
]
}

67
2014/3xxx/CVE-2014-3539.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3539",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,17 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150206 python-rope: pickle.load of remotely supplied data with no authentication required",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/02/07/1"
"url": "http://www.openwall.com/lists/oss-security/2015/02/07/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/02/07/1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1116485",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1116485"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1116485",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1116485"
}
]
}

101
2014/3xxx/CVE-2014-3558.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3558",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://github.com/victims/victims-cve-db/blob/master/database/java/2014/3558.yaml",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html",
"refsource": "MISC",
"url": "https://github.com/victims/victims-cve-db/blob/master/database/java/2014/3558.yaml"
"name": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
},
{
"name": "https://hibernate.atlassian.net/browse/HV-912",
"refsource": "CONFIRM",
"url": "https://hibernate.atlassian.net/browse/HV-912"
"url": "http://rhn.redhat.com/errata/RHSA-2014-1285.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-1285.html"
},
{
"name": "RHSA-2015:0720",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
"url": "http://rhn.redhat.com/errata/RHSA-2014-1286.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-1286.html"
},
{
"name": "RHSA-2014:1288",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1288.html"
"url": "http://rhn.redhat.com/errata/RHSA-2014-1287.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-1287.html"
},
{
"name": "RHSA-2015:0125",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0125.html"
"url": "http://rhn.redhat.com/errata/RHSA-2014-1288.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-1288.html"
},
{
"name": "RHSA-2014:1285",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1285.html"
"url": "http://rhn.redhat.com/errata/RHSA-2015-0125.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0125.html"
},
{
"name": "RHSA-2014:1286",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1286.html"
"url": "https://github.com/victims/victims-cve-db/blob/master/database/java/2014/3558.yaml",
"refsource": "MISC",
"name": "https://github.com/victims/victims-cve-db/blob/master/database/java/2014/3558.yaml"
},
{
"name": "RHSA-2014:1287",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1287.html"
"url": "https://hibernate.atlassian.net/browse/HV-912",
"refsource": "MISC",
"name": "https://hibernate.atlassian.net/browse/HV-912"
}
]
}

52
2014/3xxx/CVE-2014-3559.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was found that the oVirt storage back end did not wipe memory snapshots when VMs were deleted, even if wipe-after-delete (WAD) was enabled for the VM's disks. A remote attacker with credentials to create a new VM could use this flaw to potentially access the contents of memory snapshots in an uninitialized storage volume, possibly leading to the disclosure of sensitive information."
"value": "The oVirt storage backend in Red Hat Enterprise Virtualization 3.4 does not wipe memory snapshots when deleting a VM, even when wipe-after-delete (WAD) is configured for the VM's disk, which allows remote authenticated users with certain credentials to read portions of the deleted VM's memory and obtain sensitive information via an uninitialized storage volume."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Removal of Sensitive Information Before Storage or Transfer",
"cweId": "CWE-212"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "RHEV Manager version 3.4",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:3.4.0-31",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -65,49 +64,14 @@
"name": "http://www.securitytracker.com/id/1030664"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1002",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95098",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1002"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-3559",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-3559"
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95098"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1121925",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1121925"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95098",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95098"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 3.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
]
}

69
2014/3xxx/CVE-2014-3608.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-3608 openstack-nova: incomplete fix for CVE-2014-2573, Nova VMware driver still leaks rescued images"
"value": "The VMWare driver in OpenStack Compute (Nova) before 2014.1.3 allows remote authenticated users to bypass the quota limit and cause a denial of service (resource consumption) by putting the VM into the rescue state, suspending it, which puts into an ERROR state, and then deleting the image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-2573."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Uncontrolled Resource Consumption",
"cweId": "CWE-400"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2014.1.3-4.el6ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2014.1.3-4.el7ost",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -85,55 +73,10 @@
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/70220"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1781",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1781"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1782",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1782"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-3608",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-3608"
},
{
"url": "https://bugs.launchpad.net/nova/+bug/1338830",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/nova/+bug/1338830"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1148253",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1148253"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
}
]
}

75
2014/3xxx/CVE-2014-3618.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A heap-based buffer overflow flaw was found in procmail's formail utility. A remote attacker could send an email with specially crafted headers that, when processed by formail, could cause procmail to crash or, possibly, execute arbitrary code as the user running formail."
"value": "Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to \"unbalanced quotes.\""
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
"value": "n/a"
}
]
}
@ -32,38 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:3.22-17.1.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:3.22-25.1.el6_5.1",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:3.22-34.el7_0.1",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -136,21 +113,6 @@
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2340-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1172",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1172"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-3618",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-3618"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1137581",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1137581"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95688",
"refsource": "MISC",
@ -162,30 +124,5 @@
"name": "https://support.apple.com/HT205267"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}
}

130
2014/3xxx/CVE-2014-3619.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A denial of service flaw was found in the way the __socket_proto_state_machine() function of glusterfs processed certain fragment headers. A remote attacker could send a specially crafted fragment header that, when processed, would cause the glusterfs process to enter an infinite loop."
"value": "The __socket_proto_state_machine function in GlusterFS 3.5 allows remote attackers to cause a denial of service (infinite loop) via a \"00000000\" fragment header."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Loop with Unreachable Exit Condition ('Infinite Loop')",
"cweId": "CWE-835"
"value": "n/a"
}
]
}
@ -32,93 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Native Client for RHEL 5 for Red Hat Storage",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:3.6.0.42-1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Native Client for RHEL 6 for Red Hat Storage",
"version": {
"version_data": [
{
"version_value": "0:3.6.0.42-1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Common for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:3.6.0.42-1.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Storage 3 for RHEL 6",
"version": {
"version_data": [
{
"version_value": "0:3.6.0.42-1.el6rhs",
"version_affected": "!"
},
{
"version_value": "0:0.1.14-1.el6rhs",
"version_affected": "!"
},
{
"version_value": "0:0.1.4-1.el6rhs",
"version_affected": "!"
},
{
"version_value": "0:0.62-1.el6rhs",
"version_affected": "!"
},
{
"version_value": "0:1.13.1-2.el6ost",
"version_affected": "!"
},
{
"version_value": "0:1.7-3.el6ost",
"version_affected": "!"
},
{
"version_value": "0:1.5.0-10.el6ost",
"version_affected": "!"
},
{
"version_value": "0:2.1.0-2.el6ost",
"version_affected": "!"
},
{
"version_value": "0:3.0.3.4-1.el6rhs",
"version_affected": "!"
},
{
"version_value": "0:3.6.509-169.4.el6rhs",
"version_affected": "!"
},
{
"version_value": "0:1.13.1-2.el6rhs",
"version_affected": "!"
},
{
"version_value": "0:4.14.7.3-1.el6rhs",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -156,51 +78,11 @@
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:211"
},
{
"url": "https://access.redhat.com/errata/RHBA-2015:0038",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHBA-2015:0038"
},
{
"url": "https://access.redhat.com/errata/RHBA-2015:0040",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHBA-2015:0040"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-3619",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-3619"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1138145",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1138145"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}
}

121
2014/3xxx/CVE-2014-3637.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3637",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,62 +27,86 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "USN-2352-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2352-1"
"url": "http://advisories.mageia.org/MGASA-2014-0395.html",
"refsource": "MISC",
"name": "http://advisories.mageia.org/MGASA-2014-0395.html"
},
{
"name": "https://bugs.freedesktop.org/show_bug.cgi?id=80559",
"refsource": "CONFIRM",
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=80559"
"url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00049.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00049.html"
},
{
"name": "openSUSE-SU-2014:1239",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00049.html"
"url": "http://secunia.com/advisories/61378",
"refsource": "MISC",
"name": "http://secunia.com/advisories/61378"
},
{
"name": "61378",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61378"
"url": "http://www.debian.org/security/2014/dsa-3026",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-3026"
},
{
"name": "[oss-security] 20140916 CVE-2014-3635 to 3639: security issues in D-Bus < 1.8.8",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/09/16/9"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:176",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:176"
},
{
"name": "1030864",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030864"
"url": "http://www.openwall.com/lists/oss-security/2014/09/16/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/09/16/9"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0395.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0395.html"
"url": "http://www.securitytracker.com/id/1030864",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1030864"
},
{
"name": "DSA-3026",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3026"
"url": "http://www.ubuntu.com/usn/USN-2352-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2352-1"
},
{
"name": "MDVSA-2015:176",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:176"
"url": "http://www.openwall.com/lists/oss-security/2019/06/24/13",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/06/24/13"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190624 Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz",
"url": "http://www.openwall.com/lists/oss-security/2019/06/24/13"
"url": "http://www.openwall.com/lists/oss-security/2019/06/24/14",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2019/06/24/14"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190624 Re: Thousands of vulnerabilities, almost no CVEs: OSS-Fuzz",
"url": "http://www.openwall.com/lists/oss-security/2019/06/24/14"
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=80559",
"refsource": "MISC",
"name": "https://bugs.freedesktop.org/show_bug.cgi?id=80559"
}
]
}

121
2014/3xxx/CVE-2014-3638.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3638",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,62 +27,86 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "USN-2352-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2352-1"
"url": "http://advisories.mageia.org/MGASA-2014-0395.html",
"refsource": "MISC",
"name": "http://advisories.mageia.org/MGASA-2014-0395.html"
},
{
"name": "openSUSE-SU-2014:1239",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00049.html"
"url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00049.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00049.html"
},
{
"name": "SUSE-SU-2014:1146",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00026.html"
"url": "http://secunia.com/advisories/61378",
"refsource": "MISC",
"name": "http://secunia.com/advisories/61378"
},
{
"name": "61378",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61378"
"url": "http://www.debian.org/security/2014/dsa-3026",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-3026"
},
{
"name": "[oss-security] 20140916 CVE-2014-3635 to 3639: security issues in D-Bus < 1.8.8",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/09/16/9"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:176",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:176"
},
{
"name": "1030864",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030864"
"url": "http://www.openwall.com/lists/oss-security/2014/09/16/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/09/16/9"
},
{
"name": "61431",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61431"
"url": "http://www.securitytracker.com/id/1030864",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1030864"
},
{
"name": "https://bugs.freedesktop.org/show_bug.cgi?id=81053",
"refsource": "CONFIRM",
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=81053"
"url": "http://www.ubuntu.com/usn/USN-2352-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2352-1"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0395.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0395.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00026.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00026.html"
},
{
"name": "DSA-3026",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3026"
"url": "http://secunia.com/advisories/61431",
"refsource": "MISC",
"name": "http://secunia.com/advisories/61431"
},
{
"name": "MDVSA-2015:176",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:176"
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=81053",
"refsource": "MISC",
"name": "https://bugs.freedesktop.org/show_bug.cgi?id=81053"
}
]
}

121
2014/3xxx/CVE-2014-3639.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3639",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,62 +27,86 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "USN-2352-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2352-1"
"url": "http://advisories.mageia.org/MGASA-2014-0395.html",
"refsource": "MISC",
"name": "http://advisories.mageia.org/MGASA-2014-0395.html"
},
{
"name": "openSUSE-SU-2014:1239",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00049.html"
"url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00049.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00049.html"
},
{
"name": "SUSE-SU-2014:1146",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00026.html"
"url": "http://secunia.com/advisories/61378",
"refsource": "MISC",
"name": "http://secunia.com/advisories/61378"
},
{
"name": "61378",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61378"
"url": "http://www.debian.org/security/2014/dsa-3026",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-3026"
},
{
"name": "[oss-security] 20140916 CVE-2014-3635 to 3639: security issues in D-Bus < 1.8.8",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/09/16/9"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:176",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:176"
},
{
"name": "1030864",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030864"
"url": "http://www.openwall.com/lists/oss-security/2014/09/16/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/09/16/9"
},
{
"name": "https://bugs.freedesktop.org/show_bug.cgi?id=80919",
"refsource": "CONFIRM",
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=80919"
"url": "http://www.securitytracker.com/id/1030864",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1030864"
},
{
"name": "61431",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61431"
"url": "http://www.ubuntu.com/usn/USN-2352-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2352-1"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0395.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0395.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00026.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00026.html"
},
{
"name": "DSA-3026",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3026"
"url": "http://secunia.com/advisories/61431",
"refsource": "MISC",
"name": "http://secunia.com/advisories/61431"
},
{
"name": "MDVSA-2015:176",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:176"
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=80919",
"refsource": "MISC",
"name": "https://bugs.freedesktop.org/show_bug.cgi?id=80919"
}
]
}

56
2014/3xxx/CVE-2014-3647.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the way the Linux kernel's KVM subsystem handled non-canonical addresses when emulating instructions that change the RIP (for example, branches or calls). A guest user with access to an I/O or MMIO region could use this flaw to crash the guest."
"value": "arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel through 3.17.2 does not properly perform RIP changes, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Uncaught Exception",
"cweId": "CWE-248"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:3.10.0-327.el7",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -109,21 +108,6 @@
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/70748"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:2152",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2152"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-3647",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-3647"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1144897",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1144897"
},
{
"url": "https://github.com/torvalds/linux/commit/234f3ce485d54017f15cf5e0699cff4100121601",
"refsource": "MISC",
@ -133,31 +117,11 @@
"url": "https://github.com/torvalds/linux/commit/d1442d85cc30ea75f7d399474ca738e0bc96f715",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/d1442d85cc30ea75f7d399474ca738e0bc96f715"
}
]
},
"impact": {
"cvss": [
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:M/Au:S/C:N/I:N/A:C",
"version": "2.0"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1144897",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1144897"
}
]
}

48
2014/3xxx/CVE-2014-3648.json
View File

@ -1,12 +1,33 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-3648",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The simplepush server iterates through the application installations and pushes a notification to the server provided by deviceToken. But this is user controlled. If a bogus applications is registered with bad deviceTokens, one can generate endless exceptions when those endpoints can't be reached or can slow the server down by purposefully wasting it's time with slow endpoints. Similarly, one can provide whatever HTTP end point they want. This turns the server into a DDOS vector or an anonymizer for the posting of malware and so on."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400",
"cweId": "CWE-400"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -19,6 +40,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Jboss Aerogear 1.0.0.final"
}
]
@ -30,32 +52,12 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://issues.redhat.com/browse/AEROGEAR-6091",
"refsource": "MISC",
"name": "https://issues.redhat.com/browse/AEROGEAR-6091",
"url": "https://issues.redhat.com/browse/AEROGEAR-6091"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The simplepush server iterates through the application installations and pushes a notification to the server provided by deviceToken. But this is user controlled. If a bogus applications is registered with bad deviceTokens, one can generate endless exceptions when those endpoints can't be reached or can slow the server down by purposefully wasting it's time with slow endpoints. Similarly, one can provide whatever HTTP end point they want. This turns the server into a DDOS vector or an anonymizer for the posting of malware and so on."
"name": "https://issues.redhat.com/browse/AEROGEAR-6091"
}
]
}

65
2014/3xxx/CVE-2014-3649.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3649",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "JBoss",
"product": {
"product_data": [
{
"product_name": "AeroGear",
"version": {
"version_data": [
{
"version_value": "through 2014-09-19"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,17 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "JBoss",
"product": {
"product_data": [
{
"product_name": "AeroGear",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "through 2014-09-19"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3649",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3649"
},
{
"url": "https://access.redhat.com/security/cve/cve-2014-3649",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2014-3649"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3649",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3649"
}
]
}

69
2014/3xxx/CVE-2014-3657.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A denial of service flaw was found in the way libvirt's virConnectListAllDomains() function computed the number of used domains. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to make any domain operations within libvirt unresponsive."
"value": "The virDomainListPopulate function in conf/domain_conf.c in libvirt before 1.2.9 does not clean up the lock on the list of domains, which allows remote attackers to cause a denial of service (deadlock) via a NULL value in the second parameter in the virConnectListAllDomains API command."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Input Validation",
"cweId": "CWE-20"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:0.10.2-46.el6_6.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:1.1.1-29.el7_0.3",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -85,16 +73,6 @@
"refsource": "MISC",
"name": "http://secunia.com/advisories/60291"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1352",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1352"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1873",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1873"
},
{
"url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=fc22b2e74890873848b43fffae43025d22053669",
"refsource": "MISC",
@ -114,41 +92,6 @@
"url": "http://www.ubuntu.com/usn/USN-2404-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2404-1"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-3657",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-3657"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1145667",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1145667"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 3.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}

372
2014/3xxx/CVE-2014-3667.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-3667 jenkins: plug-in code can be downloaded by anyone with read access (SECURITY-155)"
"value": "Jenkins before 1.583 and LTS before 1.565.3 does not properly prevent downloading of plugins, which allows remote authenticated users with the Overall/READ permission to obtain sensitive information by reading the plugin code."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Authorization",
"cweId": "CWE-285"
"value": "n/a"
}
]
}
@ -32,335 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat OpenShift Enterprise 2.1",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:1.565.3-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.6.40.1-0.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.20.3.5-1.el6op",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat OpenShift Enterprise 3.1",
"version": {
"version_data": [
{
"version_value": "0:3.1.1.6-1.git.0.b57e8bd.el7aos",
"version_affected": "!"
},
{
"version_value": "0:0.18.2-3.gitaf4752e.el7aos",
"version_affected": "!"
},
{
"version_value": "0:1.625.3-2.el7aos",
"version_affected": "!"
},
{
"version_value": "0:0.1.3-2.el7aos",
"version_affected": "!"
},
{
"version_value": "0:0.1.1-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:0.1.0-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:1.3.0-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:0.2.1-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:2.0.0-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:1.0.1-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:1.0.0-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:1.3.1-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:1.8.2-2.el7aos",
"version_affected": "!"
},
{
"version_value": "0:1.0.0-2.el7aos",
"version_affected": "!"
},
{
"version_value": "0:1.4.1-2.el7aos",
"version_affected": "!"
},
{
"version_value": "0:1.4.0-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:2.0.1-2.el7aos",
"version_affected": "!"
},
{
"version_value": "0:0.3.2-2.el7aos",
"version_affected": "!"
},
{
"version_value": "0:0.1.1-2.el7aos",
"version_affected": "!"
},
{
"version_value": "0:3.4.2-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:1.1.0-2.el7aos",
"version_affected": "!"
},
{
"version_value": "0:1.2.0-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:3.0.2-2.el7aos",
"version_affected": "!"
},
{
"version_value": "0:3.3.2-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:0.1.4-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:1.8.1-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:0.3.1-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:2.2.3-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:0.1.3-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:0.3.0-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:5.2.1-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:4.1.2-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:1.1.0-6.el7aos",
"version_affected": "!"
},
{
"version_value": "0:1.0.2-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:2.0.1-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:2.1.0-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:1.0.1-2.el7aos",
"version_affected": "!"
},
{
"version_value": "0:3.0.2-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:3.2.0-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:3.0.1-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:3.1.1-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:3.1.2-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:3.9.1-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:3.0.4-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:3.0.9-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:3.6.1-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:0.1.0-2.el7aos",
"version_affected": "!"
},
{
"version_value": "0:2.3.5-2.el7aos",
"version_affected": "!"
},
{
"version_value": "0:0.5.0-2.el7aos",
"version_affected": "!"
},
{
"version_value": "0:1.8.1-2.el7aos",
"version_affected": "!"
},
{
"version_value": "0:4.0.1-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:0.4.0-5.el7aos",
"version_affected": "!"
},
{
"version_value": "0:2.3.0-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:2.2.0-2.el7aos",
"version_affected": "!"
},
{
"version_value": "0:0.0.11-2.el7aos",
"version_affected": "!"
},
{
"version_value": "0:0.2.0-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:1.1.5-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:1.1.2-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:3.0.1-3.el7aos",
"version_affected": "!"
},
{
"version_value": "0:2.0.0-2.el7aos",
"version_affected": "!"
},
{
"version_value": "0:0.4.2-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:3.0.3-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:5.1.0-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:1.1.5-3.el7aos",
"version_affected": "!"
},
{
"version_value": "0:0.3.3-2.el7aos",
"version_affected": "!"
},
{
"version_value": "0:0.2.1-2.el7aos",
"version_affected": "!"
},
{
"version_value": "0:1.0.2-2.el7aos",
"version_affected": "!"
},
{
"version_value": "0:2.3.4-4.el7aos",
"version_affected": "!"
},
{
"version_value": "0:2.0.0-3.el7aos",
"version_affected": "!"
},
{
"version_value": "0:0.0.3-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:0.6.0-1.el7aos",
"version_affected": "!"
},
{
"version_value": "0:1.1.2-2.el7aos",
"version_affected": "!"
},
{
"version_value": "0:1.0.3-1.el7",
"version_affected": "!"
},
{
"version_value": "0:3.0.35-1.git.0.6a386dd.el7aos",
"version_affected": "!"
},
{
"version_value": "0:2.4.0-1.el7",
"version_affected": "!"
},
{
"version_value": "0:0.5.0-1.el7aos",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -373,11 +53,6 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHBA-2014:1630",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHBA-2014:1630"
},
{
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01",
"refsource": "MISC",
@ -387,41 +62,6 @@
"url": "https://access.redhat.com/errata/RHSA-2016:0070",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2016:0070"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-3667",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-3667"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147770",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1147770"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
]
}

61
2014/3xxx/CVE-2014-3678.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-3678 jenkins: cross-site scripting flaws in the monitoring plug-in (SECURITY-113)"
"value": "Cross-site scripting (XSS) vulnerability in the Monitoring plugin before 1.53.0 for Jenkins allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
"value": "n/a"
}
]
}
@ -32,24 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat OpenShift Enterprise 2.1",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:1.565.3-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:0.6.40.1-0.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.20.3.5-1.el6op",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -62,11 +53,6 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHBA-2014:1630",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHBA-2014:1630"
},
{
"url": "https://wiki.jenkins-ci.org/display/JENKINS/Monitoring",
"refsource": "MISC",
@ -81,41 +67,6 @@
"url": "http://secunia.com/advisories/59122",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59122"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-3678",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-3678"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147760",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1147760"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
]
}

67
2014/3xxx/CVE-2014-3679.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3679",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,17 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://wiki.jenkins-ci.org/display/JENKINS/Monitoring",
"refsource": "CONFIRM",
"url": "https://wiki.jenkins-ci.org/display/JENKINS/Monitoring"
"url": "https://wiki.jenkins-ci.org/display/JENKINS/Monitoring",
"refsource": "MISC",
"name": "https://wiki.jenkins-ci.org/display/JENKINS/Monitoring"
},
{
"name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01",
"refsource": "CONFIRM",
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01"
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01",
"refsource": "MISC",
"name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01"
}
]
}

187
2014/3xxx/CVE-2014-3687.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3687",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,117 +27,141 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://linux.oracle.com/errata/ELSA-2014-3087.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-3087.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
},
{
"name": "SUSE-SU-2015:1489",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
},
{
"name": "HPSBGN03285",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=142722450701342&w=2"
"url": "http://www.debian.org/security/2014/dsa-3060",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-3060"
},
{
"name": "SUSE-SU-2015:0736",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html"
"url": "http://www.ubuntu.com/usn/USN-2417-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2417-1"
},
{
"name": "USN-2418-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2418-1"
"url": "http://www.ubuntu.com/usn/USN-2418-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2418-1"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-3089.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-3089.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html"
},
{
"name": "SUSE-SU-2015:0652",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html"
},
{
"name": "RHSA-2015:0062",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0062.html"
"url": "http://marc.info/?l=bugtraq&m=142722450701342&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=142722450701342&w=2"
},
{
"name": "USN-2417-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2417-1"
"url": "http://marc.info/?l=bugtraq&m=142722544401658&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=142722544401658&w=2"
},
{
"name": "HPSBGN03282",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=142722544401658&w=2"
"url": "http://linux.oracle.com/errata/ELSA-2014-3087.html",
"refsource": "MISC",
"name": "http://linux.oracle.com/errata/ELSA-2014-3087.html"
},
{
"name": "SUSE-SU-2015:0178",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html"
"url": "http://linux.oracle.com/errata/ELSA-2014-3088.html",
"refsource": "MISC",
"name": "http://linux.oracle.com/errata/ELSA-2014-3088.html"
},
{
"name": "https://github.com/torvalds/linux/commit/b69040d8e39f20d5215a03502a8e8b4c6ab78395",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/b69040d8e39f20d5215a03502a8e8b4c6ab78395"
"url": "http://linux.oracle.com/errata/ELSA-2014-3089.html",
"refsource": "MISC",
"name": "http://linux.oracle.com/errata/ELSA-2014-3089.html"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b69040d8e39f20d5215a03502a8e8b4c6ab78395",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b69040d8e39f20d5215a03502a8e8b4c6ab78395"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-3088.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-3088.html"
"url": "http://rhn.redhat.com/errata/RHSA-2015-0062.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0062.html"
},
{
"name": "DSA-3060",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3060"
"url": "http://rhn.redhat.com/errata/RHSA-2015-0115.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0115.html"
},
{
"name": "SUSE-SU-2015:0481",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
"url": "http://secunia.com/advisories/62428",
"refsource": "MISC",
"name": "http://secunia.com/advisories/62428"
},
{
"name": "62428",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62428"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b69040d8e39f20d5215a03502a8e8b4c6ab78395",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b69040d8e39f20d5215a03502a8e8b4c6ab78395"
},
{
"name": "openSUSE-SU-2015:0566",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00035.html"
},
{
"name": "70766",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70766"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1155731",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1155731"
"url": "http://www.securityfocus.com/bid/70766",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/70766"
},
{
"name": "SUSE-SU-2015:0529",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00020.html"
"url": "https://github.com/torvalds/linux/commit/b69040d8e39f20d5215a03502a8e8b4c6ab78395",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/b69040d8e39f20d5215a03502a8e8b4c6ab78395"
},
{
"name": "RHSA-2015:0115",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0115.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1155731",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1155731"
}
]
}

151
2014/3xxx/CVE-2014-3688.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3688",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,87 +27,111 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20141113 Linux kernel: SCTP issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/11/13/8"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
},
{
"name": "HPSBGN03285",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=142722450701342&w=2"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
},
{
"name": "SUSE-SU-2015:0736",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html"
"url": "http://www.debian.org/security/2014/dsa-3060",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-3060"
},
{
"name": "USN-2418-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2418-1"
"url": "http://www.ubuntu.com/usn/USN-2417-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2417-1"
},
{
"name": "SUSE-SU-2015:0652",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html"
"url": "http://www.ubuntu.com/usn/USN-2418-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2418-1"
},
{
"name": "RHSA-2015:0062",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0062.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00000.html"
},
{
"name": "USN-2417-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2417-1"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html"
},
{
"name": "HPSBGN03282",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=142722544401658&w=2"
"url": "http://marc.info/?l=bugtraq&m=142722450701342&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=142722450701342&w=2"
},
{
"name": "DSA-3060",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3060"
"url": "http://marc.info/?l=bugtraq&m=142722544401658&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=142722544401658&w=2"
},
{
"name": "https://github.com/torvalds/linux/commit/26b87c7881006311828bb0ab271a551a62dcceb4",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/26b87c7881006311828bb0ab271a551a62dcceb4"
"url": "http://rhn.redhat.com/errata/RHSA-2015-0062.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0062.html"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=26b87c7881006311828bb0ab271a551a62dcceb4",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=26b87c7881006311828bb0ab271a551a62dcceb4"
"url": "http://rhn.redhat.com/errata/RHSA-2015-0115.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0115.html"
},
{
"name": "SUSE-SU-2015:0481",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00010.html"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26b87c7881006311828bb0ab271a551a62dcceb4",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=26b87c7881006311828bb0ab271a551a62dcceb4"
},
{
"name": "openSUSE-SU-2015:0566",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00025.html"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1155745",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1155745"
"url": "http://www.openwall.com/lists/oss-security/2014/11/13/8",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/11/13/8"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.17.4"
"url": "https://github.com/torvalds/linux/commit/26b87c7881006311828bb0ab271a551a62dcceb4",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/26b87c7881006311828bb0ab271a551a62dcceb4"
},
{
"name": "RHSA-2015:0115",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0115.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1155745",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1155745"
}
]
}

103
2014/3xxx/CVE-2014-3689.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3689",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "62144",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62144"
"url": "http://www.ubuntu.com/usn/USN-2409-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2409-1"
},
{
"name": "62143",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/62143"
"url": "http://secunia.com/advisories/60923",
"refsource": "MISC",
"name": "http://secunia.com/advisories/60923"
},
{
"name": "DSA-3067",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3067"
"url": "http://secunia.com/advisories/62143",
"refsource": "MISC",
"name": "http://secunia.com/advisories/62143"
},
{
"name": "[Qemu-devel] 20141015 [PATCH v2 0/5] vmware-vga: fix CVE-2014-3689",
"refsource": "MLIST",
"url": "https://www.mail-archive.com/qemu-devel@nongnu.org/msg261580.html"
"url": "http://secunia.com/advisories/62144",
"refsource": "MISC",
"name": "http://secunia.com/advisories/62144"
},
{
"name": "USN-2409-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2409-1"
"url": "http://www.debian.org/security/2014/dsa-3066",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-3066"
},
{
"name": "60923",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60923"
"url": "http://www.debian.org/security/2014/dsa-3067",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-3067"
},
{
"name": "DSA-3066",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3066"
"url": "http://www.osvdb.org/114397",
"refsource": "MISC",
"name": "http://www.osvdb.org/114397"
},
{
"name": "114397",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/114397"
"url": "https://www.mail-archive.com/qemu-devel%40nongnu.org/msg261580.html",
"refsource": "MISC",
"name": "https://www.mail-archive.com/qemu-devel%40nongnu.org/msg261580.html"
}
]
}

65
2014/3xxx/CVE-2014-3699.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3699",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "eDeploy",
"version": {
"version_data": [
{
"version_value": "through 2014-10-14"
}
]
}
}
]
},
"vendor_name": "eDeploy"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,12 +27,36 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "eDeploy",
"product": {
"product_data": [
{
"product_name": "eDeploy",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "through 2014-10-14"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2014-3699",
"url": "https://access.redhat.com/security/cve/cve-2014-3699",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2014-3699"
"name": "https://access.redhat.com/security/cve/cve-2014-3699"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3699",
@ -63,9 +64,9 @@
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3699"
},
{
"refsource": "REDHAT",
"name": "Red Hat",
"url": "https://access.redhat.com/security/cve/cve-2014-3699"
"url": "https://security-tracker.debian.org/tracker/CVE-2014-3699",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2014-3699"
}
]
}

69
2014/3xxx/CVE-2014-3708.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A denial of service flaw was found in the way OpenStack Compute (nova) looked up VM instances based on an IP address filter. An attacker with sufficient privileges on an OpenStack installation with a large amount of VMs could use this flaw to cause the main nova process to block for an extended amount of time."
"value": "OpenStack Compute (Nova) before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (CPU consumption) via an IP filter in a list active servers API request."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Uncontrolled Resource Consumption",
"cweId": "CWE-400"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2014.1.4-3.el6ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2014.1.4-3.el7ost",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -85,55 +73,10 @@
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/70777"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:0843",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0843"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:0844",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0844"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-3708",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-3708"
},
{
"url": "https://bugs.launchpad.net/nova/+bug/1358583",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/nova/+bug/1358583"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154951",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1154951"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
}
]
}

37
2014/4xxx/CVE-2014-4678.json
View File

@ -1,12 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-4678",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -39,6 +39,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "before 1.6.4"
}
]
@ -53,39 +54,39 @@
"references": {
"reference_data": [
{
"url": "https://github.com/ansible/ansible/commit/5429b85b9f6c2e640074176f36ff05fd5e4d1916",
"refsource": "MISC",
"name": "https://github.com/ansible/ansible/commit/5429b85b9f6c2e640074176f36ff05fd5e4d1916",
"url": "https://github.com/ansible/ansible/commit/5429b85b9f6c2e640074176f36ff05fd5e4d1916"
"name": "https://github.com/ansible/ansible/commit/5429b85b9f6c2e640074176f36ff05fd5e4d1916"
},
{
"url": "https://groups.google.com/forum/message/raw?msg=ansible-announce/ieV1vZvcTXU/5Q93ThkY9rIJ",
"refsource": "MISC",
"name": "https://groups.google.com/forum/message/raw?msg=ansible-announce/ieV1vZvcTXU/5Q93ThkY9rIJ",
"url": "https://groups.google.com/forum/message/raw?msg=ansible-announce/ieV1vZvcTXU/5Q93ThkY9rIJ"
"name": "https://groups.google.com/forum/message/raw?msg=ansible-announce/ieV1vZvcTXU/5Q93ThkY9rIJ"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2014-4678",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2014-4678",
"url": "https://security-tracker.debian.org/tracker/CVE-2014-4678"
"name": "https://security-tracker.debian.org/tracker/CVE-2014-4678"
},
{
"url": "https://www.openwall.com/lists/oss-security/2014/06/26/30",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2014/06/26/30",
"url": "https://www.openwall.com/lists/oss-security/2014/06/26/30"
"name": "https://www.openwall.com/lists/oss-security/2014/06/26/30"
},
{
"url": "https://www.openwall.com/lists/oss-security/2014/07/02/2",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2014/07/02/2",
"url": "https://www.openwall.com/lists/oss-security/2014/07/02/2"
"name": "https://www.openwall.com/lists/oss-security/2014/07/02/2"
},
{
"url": "https://www.rapid7.com/db/vulnerabilities/freebsd-vid-2c493ac8-205e-11e5-a4a5-002590263bf5",
"refsource": "MISC",
"name": "https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2014-4678",
"url": "https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2014-4678"
"name": "https://www.rapid7.com/db/vulnerabilities/freebsd-vid-2c493ac8-205e-11e5-a4a5-002590263bf5"
},
{
"url": "https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2014-4678",
"refsource": "MISC",
"name": "https://www.rapid7.com/db/vulnerabilities/freebsd-vid-2c493ac8-205e-11e5-a4a5-002590263bf5",
"url": "https://www.rapid7.com/db/vulnerabilities/freebsd-vid-2c493ac8-205e-11e5-a4a5-002590263bf5"
"name": "https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2014-4678"
}
]
}

136
2014/5xxx/CVE-2014-5077.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system."
"value": "The sctp_assoc_update function in net/sctp/associola.c in the Linux kernel through 3.15.8, when SCTP authentication is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by starting to establish an association between two endpoints immediately after an exchange of INIT and INIT ACK chunks to establish an earlier association between these endpoints in the opposite direction."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
"value": "n/a"
}
]
}
@ -32,71 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-504.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6.2 Advanced Update Support",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-220.56.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6.4 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-358.51.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6.5 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-431.37.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:3.10.0-123.9.2.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise MRG 2",
"version": {
"version_data": [
{
"version_value": "0:3.10.33-rt32.45.el6rt",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -109,16 +53,6 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2014:1724",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1724"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1392",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1392"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00006.html",
"refsource": "MISC",
@ -134,11 +68,6 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-1763.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1763",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1763"
},
{
"url": "http://www.ubuntu.com/usn/USN-2358-1",
"refsource": "MISC",
@ -219,31 +148,6 @@
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2335-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1083",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1083"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1668",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1668"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1872",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1872"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-5077",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-5077"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1122982",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1122982"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95134",
"refsource": "MISC",
@ -253,31 +157,11 @@
"url": "https://github.com/torvalds/linux/commit/1be9a950c646c9092fb3618197f7b6bfb50e82aa",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/1be9a950c646c9092fb3618197f7b6bfb50e82aa"
}
]
},
"impact": {
"cvss": [
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1122982",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1122982"
}
]
}

124
2014/5xxx/CVE-2014-5119.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "An off-by-one heap-based buffer overflow flaw was found in glibc's internal __gconv_translit_find() function. An attacker able to make an application call the iconv_open() function with a specially crafted argument could possibly use this flaw to execute arbitrary code with the privileges of that application."
"value": "Off-by-one error in the __gconv_translit_find function in gconv_trans.c in GNU C Library (aka glibc) allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via vectors related to the CHARSET environment variable and gconv transliteration modules."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
"value": "n/a"
}
]
}
@ -32,82 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.5-118.el5_10.3",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5.6 Long Life",
"version": {
"version_data": [
{
"version_value": "0:2.5-58.el5_6.5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5.9 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:2.5-107.el5_9.7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.12-1.132.el6_5.4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6.2 Advanced Update Support",
"version": {
"version_data": [
{
"version_value": "0:2.12-1.47.el6_2.13",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6.4 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:2.12-1.107.el6_4.6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:2.17-55.el7_0.1",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -215,26 +148,6 @@
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/69738"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1110",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1110"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1118",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1118"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-5119",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-5119"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1119128",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1119128"
},
{
"url": "https://code.google.com/p/google-security-research/issues/detail?id=96",
"refsource": "MISC",
@ -251,30 +164,5 @@
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=17187"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.9,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}
}

91
2014/5xxx/CVE-2014-5388.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-5388",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,37 +27,61 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[Qemu-devel] 20140820 [PATCH v2] pcihp: fix possible array out of bounds",
"refsource": "MLIST",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2014-08/msg03338.html"
"url": "http://www.ubuntu.com/usn/USN-2409-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2409-1"
},
{
"name": "[oss-security] 20140822 CVE request Qemu: out of bounds memory access",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q3/438"
"url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=fa365d7cd11185237471823a5a33d36765454e16",
"refsource": "MISC",
"name": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=fa365d7cd11185237471823a5a33d36765454e16"
},
{
"name": "[oss-security] 20140822 Re: CVE request Qemu: out of bounds memory access",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q3/440"
"url": "http://seclists.org/oss-sec/2014/q3/438",
"refsource": "MISC",
"name": "http://seclists.org/oss-sec/2014/q3/438"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1132956",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1132956"
"url": "http://seclists.org/oss-sec/2014/q3/440",
"refsource": "MISC",
"name": "http://seclists.org/oss-sec/2014/q3/440"
},
{
"name": "USN-2409-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2409-1"
"url": "https://lists.gnu.org/archive/html/qemu-devel/2014-08/msg03338.html",
"refsource": "MISC",
"name": "https://lists.gnu.org/archive/html/qemu-devel/2014-08/msg03338.html"
},
{
"name": "http://git.qemu.org/?p=qemu.git;a=commit;h=fa365d7cd11185237471823a5a33d36765454e16",
"refsource": "CONFIRM",
"url": "http://git.qemu.org/?p=qemu.git;a=commit;h=fa365d7cd11185237471823a5a33d36765454e16"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1132956",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1132956"
}
]
}

69
2014/7xxx/CVE-2014-7817.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was found that the wordexp() function would perform command substitution even when the WRDE_NOCMD flag was specified. An attacker able to provide specially crafted input to an application using the wordexp() function, and not sanitizing the input correctly, could potentially use this flaw to execute arbitrary commands with the credentials of the user running that application."
"value": "The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing \"$((`...`))\"."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Expected Behavior Violation",
"cweId": "CWE-440"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.12-1.149.el6_6.4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:2.17-55.el7_0.3",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -85,11 +73,6 @@
"refsource": "MISC",
"name": "http://www.debian.org/security/2015/dsa-3142"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:0016",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0016"
},
{
"url": "https://security.gentoo.org/glsa/201602-02",
"refsource": "MISC",
@ -135,21 +118,6 @@
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2432-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:2023",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:2023"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-7817",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-7817"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1157689",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1157689"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98852",
"refsource": "MISC",
@ -171,30 +139,5 @@
"name": "https://sourceware.org/ml/libc-alpha/2014-11/msg00519.html"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 3.6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
]
}
}

138
2014/7xxx/CVE-2014-7819.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-7819 rubygem-sprockets: arbitrary file existence disclosure"
"value": "Multiple directory traversal vulnerabilities in server.rb in Sprockets before 2.0.5, 2.1.x before 2.1.4, 2.2.x before 2.2.3, 2.3.x before 2.3.3, 2.4.x before 2.4.6, 2.5.x before 2.5.1, 2.6.x and 2.7.x before 2.7.1, 2.8.x before 2.8.3, 2.9.x before 2.9.4, 2.10.x before 2.10.2, 2.11.x before 2.11.3, 2.12.x before 2.12.3, and 3.x before 3.0.0.beta.3, as distributed with Ruby on Rails 3.x and 4.x, allow remote attackers to determine the existence of files outside the application root via a ../ (dot dot slash) sequence with (1) double slashes or (2) URL encoding."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Exposure of Sensitive Information to an Unauthorized Actor",
"cweId": "CWE-200"
"value": "n/a"
}
]
}
@ -32,96 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "CloudForms Management Engine 5.4",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:5.4.0.5-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.0-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.12-11.el6cf",
"version_affected": "!"
},
{
"version_value": "0:B.02.16-4.el6cf",
"version_affected": "!"
},
{
"version_value": "0:4.0P1-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:9.2.3-5.el6cf",
"version_affected": "!"
},
{
"version_value": "0:9.0r2-4.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.5.3-7.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.0.1-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.7-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.9.8-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.2.8-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.8.2-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.5.11-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.12.2-9.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.0.13-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.20.2-5.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.11.0-5.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.3.1-9.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.1-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.3.14-1.el6cf",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -154,26 +73,6 @@
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00111.html"
},
{
"url": "https://access.redhat.com/errata/RHBA-2015:1100",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHBA-2015:1100"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-7819",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-7819"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1161527",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1161527"
},
{
"url": "https://groups.google.com/forum/#!topic/rubyonrails-security/doAVp0YaTqY",
"refsource": "MISC",
"name": "https://groups.google.com/forum/#!topic/rubyonrails-security/doAVp0YaTqY"
},
{
"url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/doAVp0YaTqY/aHFngBqNBoAJ",
"refsource": "MISC",
@ -185,30 +84,5 @@
"name": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/wQBeGXqGs3E/JqUMB6fhh3gJ"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
]
}
}

103
2014/7xxx/CVE-2014-7827.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-7827",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2015:0850",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0850.html"
"url": "http://rhn.redhat.com/errata/RHSA-2015-0850.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0850.html"
},
{
"name": "RHSA-2015:0215",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0215.html"
"url": "http://rhn.redhat.com/errata/RHSA-2015-0851.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0851.html"
},
{
"name": "RHSA-2015:0851",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0851.html"
"url": "http://rhn.redhat.com/errata/RHSA-2015-0215.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0215.html"
},
{
"name": "RHSA-2015:0217",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0217.html"
"url": "http://rhn.redhat.com/errata/RHSA-2015-0216.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0216.html"
},
{
"name": "RHSA-2015:0218",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0218.html"
"url": "http://rhn.redhat.com/errata/RHSA-2015-0217.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0217.html"
},
{
"name": "RHSA-2015:0216",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0216.html"
"url": "http://rhn.redhat.com/errata/RHSA-2015-0218.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0218.html"
},
{
"name": "redhat-jboss-cve20147827-sec-bypass(100889)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100889"
"url": "http://www.securitytracker.com/id/1031741",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1031741"
},
{
"name": "1031741",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031741"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100889",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100889"
}
]
}

103
2014/7xxx/CVE-2014-7828.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-7828",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://fedorahosted.org/freeipa/ticket/4690",
"refsource": "CONFIRM",
"url": "https://fedorahosted.org/freeipa/ticket/4690"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143000.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143000.html"
},
{
"name": "http://www.freeipa.org/page/Releases/4.1.1",
"refsource": "CONFIRM",
"url": "http://www.freeipa.org/page/Releases/4.1.1"
"url": "http://www.freeipa.org/page/Releases/4.1.1",
"refsource": "MISC",
"name": "http://www.freeipa.org/page/Releases/4.1.1"
},
{
"name": "[Freeipa-users] 20141105 ATTN: CVE-2014-7828",
"refsource": "MLIST",
"url": "https://www.redhat.com/archives/freeipa-users/2014-November/msg00077.html"
"url": "http://www.securityfocus.com/bid/70932",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/70932"
},
{
"name": "[Freeipa-devel] 20141105 [PATCH 0076] Ensure that a password exists after OTP validation",
"refsource": "MLIST",
"url": "https://www.redhat.com/archives/freeipa-devel/2014-November/msg00068.html"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98500",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98500"
},
{
"name": "freeipa-otp-sec-bypass(98500)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98500"
"url": "https://fedorahosted.org/freeipa/ticket/4690",
"refsource": "MISC",
"name": "https://fedorahosted.org/freeipa/ticket/4690"
},
{
"name": "FEDORA-2014-14427",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/143000.html"
"url": "https://www.redhat.com/archives/freeipa-devel/2014-November/msg00068.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/freeipa-devel/2014-November/msg00068.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1160871",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1160871"
"url": "https://www.redhat.com/archives/freeipa-users/2014-November/msg00077.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/freeipa-users/2014-November/msg00077.html"
},
{
"name": "70932",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/70932"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1160871",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1160871"
}
]
}