diff --git a/2013/1xxx/CVE-2013-1689.json b/2013/1xxx/CVE-2013-1689.json index af8f8ec7678..2b884b4beac 100644 --- a/2013/1xxx/CVE-2013-1689.json +++ b/2013/1xxx/CVE-2013-1689.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "security@mozilla.org", "ID": "CVE-2013-1689", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Mozilla", + "product": { + "product_data": [ + { + "product_name": "Firefox", + "version": { + "version_data": [ + { + "version_value": "20.0a1" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Mozilla Firefox 20.0a1 and earlier allows remote attackers to cause a denial of service (crash), related to event handling with frames." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Other" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://security-tracker.debian.org/tracker/CVE-2013-1689", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2013-1689" + }, + { + "refsource": "CONFIRM", + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=817219", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=817219" } ] } diff --git a/2016/1000xxx/CVE-2016-1000107.json b/2016/1000xxx/CVE-2016-1000107.json index d3d61947010..bcdb18e2085 100644 --- a/2016/1000xxx/CVE-2016-1000107.json +++ b/2016/1000xxx/CVE-2016-1000107.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-1000107", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,43 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "inets in Erlang possibly 22.1 and earlier follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an \"httpoxy\" issue." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://httpoxy.org/", + "url": "https://httpoxy.org/" + }, + { + "url": "https://security-tracker.debian.org/tracker/CVE-2016-1000107", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2016-1000107" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2016/07/18/6", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2016/07/18/6" + }, + { + "refsource": "MISC", + "name": "https://bugs.erlang.org/browse/ERL-198", + "url": "https://bugs.erlang.org/browse/ERL-198" } ] } diff --git a/2019/14xxx/CVE-2019-14287.json b/2019/14xxx/CVE-2019-14287.json index 98ea10a0134..87617d5ddbb 100644 --- a/2019/14xxx/CVE-2019-14287.json +++ b/2019/14xxx/CVE-2019-14287.json @@ -211,6 +211,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:3941", "url": "https://access.redhat.com/errata/RHSA-2019:3941" + }, + { + "refsource": "REDHAT", + "name": "RHSA-2019:4191", + "url": "https://access.redhat.com/errata/RHSA-2019:4191" } ] } diff --git a/2019/17xxx/CVE-2019-17554.json b/2019/17xxx/CVE-2019-17554.json index 8b15d9ac2fe..cd92c55101d 100644 --- a/2019/17xxx/CVE-2019-17554.json +++ b/2019/17xxx/CVE-2019-17554.json @@ -53,6 +53,11 @@ "refsource": "BUGTRAQ", "name": "20191210 CVE-2019-17554 - Apache Olingo OData 4.0 - XML External Entity Resolution (XXE)", "url": "https://seclists.org/bugtraq/2019/Dec/11" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/155619/Apache-Olingo-OData-4.6.x-XML-Injection.html", + "url": "http://packetstormsecurity.com/files/155619/Apache-Olingo-OData-4.6.x-XML-Injection.html" } ] },