mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-05-06 10:41:46 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
6e65ae3d08
commit
2cf3241692
@ -61,6 +61,11 @@
|
||||
"name": "https://github.com/simsong/tcpflow/issues/182",
|
||||
"refsource": "MISC",
|
||||
"url": "https://github.com/simsong/tcpflow/issues/182"
|
||||
},
|
||||
{
|
||||
"refsource": "UBUNTU",
|
||||
"name": "USN-3955-1",
|
||||
"url": "https://usn.ubuntu.com/3955-1/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -66,6 +66,11 @@
|
||||
"refsource": "FEDORA",
|
||||
"name": "FEDORA-2019-2c020ccbd5",
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MN5FW6HKPDP7PI2IVNMFSQVIDSCQ5BOR/"
|
||||
},
|
||||
{
|
||||
"refsource": "UBUNTU",
|
||||
"name": "USN-3955-1",
|
||||
"url": "https://usn.ubuntu.com/3955-1/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,61 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"ID": "CVE-2018-8035",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2018-8035",
|
||||
"ASSIGNER": "security@apache.org",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Apache",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Apache UIMA DUCC",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "Apache UIMA DUCC releases including and prior to 2.2.2"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Information Disclosure"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://uima.apache.org/security_report",
|
||||
"url": "https://uima.apache.org/security_report"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "This vulnerability relates to the user's browser processing of DUCC webpage input data.The javascript comprising Apache UIMA DUCC (<= 2.2.2) which runs in the user's browser does not sufficiently filter user supplied inputs, which may result in unintended execution of user supplied javascript code."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,17 +1,61 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"ID": "CVE-2019-0227",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2019-0227",
|
||||
"ASSIGNER": "security@apache.org",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Apache",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Apache Axis 1.4",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "Apache Axis 1.4"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "SSRF"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://rhinosecuritylabs.com/application-security/cve-2019-0227-expired-domain-rce-apache-axis/",
|
||||
"url": "https://rhinosecuritylabs.com/application-security/cve-2019-0227-expired-domain-rce-apache-axis/"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor to Axis 1.x is Axis2, the latest version is 1.7.9 and is not vulnerable to this issue."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -100,6 +100,11 @@
|
||||
"refsource": "UBUNTU",
|
||||
"name": "USN-3953-1",
|
||||
"url": "https://usn.ubuntu.com/3953-1/"
|
||||
},
|
||||
{
|
||||
"refsource": "UBUNTU",
|
||||
"name": "USN-3953-2",
|
||||
"url": "https://usn.ubuntu.com/3953-2/"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -100,6 +100,11 @@
|
||||
"refsource": "UBUNTU",
|
||||
"name": "USN-3953-1",
|
||||
"url": "https://usn.ubuntu.com/3953-1/"
|
||||
},
|
||||
{
|
||||
"refsource": "UBUNTU",
|
||||
"name": "USN-3953-2",
|
||||
"url": "https://usn.ubuntu.com/3953-2/"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user