admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-04-23 16:00:47 +00:00
parent 62639b87c2
commit 3dd4727271
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
22 changed files with 197 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
2017/15xxx/CVE-2017-15716.json
View File

@ -1,17 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-15716",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2017-15716",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none."
}
]
}

5
2018/16xxx/CVE-2018-16877.json
View File

@ -58,6 +58,11 @@
"refsource": "UBUNTU",
"name": "USN-3952-1",
"url": "https://usn.ubuntu.com/3952-1/"
},
{
"refsource": "BID",
"name": "108042",
"url": "http://www.securityfocus.com/bid/108042"
}
]
},

88
2019/0xxx/CVE-2019-0223.json
View File

@ -1,17 +1,91 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0223",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0223",
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache Software Foundation",
"product": {
"product_data": [
{
"product_name": "Apache Qpid Proton",
"version": {
"version_data": [
{
"version_value": "0.9 to 0.27.0"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Man-in-the-middle Attack"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[qpid-dev] 20190423 [jira] [Updated] (PROTON-2014) [CVE-2019-0223] TLS Man in the Middle Vulnerability",
"url": "https://lists.apache.org/thread.html/49c83f0acce5ceaeffca51714ec2ba0f0199bcb8f99167181bba441b@%3Cdev.qpid.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[qpid-dev] 20190423 [SECURITY] CVE-2019-0223: Apache Qpid Proton TLS Man in the Middle Vulnerability",
"url": "https://lists.apache.org/thread.html/3adb2f020f705b4fd453982992a68cd10f9d5ac728b699efdb73c1f5@%3Cdev.qpid.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190423 [SECURITY] CVE-2019-0223: Apache Qpid Proton TLS Man in the Middle Vulnerability",
"url": "http://www.openwall.com/lists/oss-security/2019/04/23/4"
},
{
"refsource": "MLIST",
"name": "[announce] 20190423 [SECURITY] CVE-2019-0223: Apache Qpid Proton TLS Man in the Middle Vulnerability",
"url": "https://lists.apache.org/thread.html/d9c9a882a292e2defaed1f954528c916fb64497ce57db652727e39b0@%3Cannounce.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[SECURITY] CVE-2019-0223: Apache Qpid Proton TLS Man in the Middle Vulnerability",
"url": "https://lists.apache.org/thread.html/008ee5e78e5a090e1fcc5f6617f425e4e51d59f03d3eda2dd006df9f@%3Cusers.qpid.apache.org%3E"
},
{
"refsource": "MISC",
"name": "https://issues.apache.org/jira/browse/PROTON-2014?page=com.atlassian.jira.plugin.system.issuetabpanels%3Aall-tabpanel",
"url": "https://issues.apache.org/jira/browse/PROTON-2014?page=com.atlassian.jira.plugin.system.issuetabpanels%3Aall-tabpanel"
},
{
"refsource": "MLIST",
"name": "qpid-commits] 20190423 [qpid-site] branch asf-site updated: update site content for CVE-2019-0223",
"url": "https://lists.apache.org/thread.html/914424e4d798a340f523b6169aaf39b626971d9bb00fcdeb1d5d6c0d@%3Ccommits.qpid.apache.org%3E"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "While investigating bug PROTON-2014, we discovered that under some circumstances Apache Qpid Proton versions 0.9 to 0.27.0 (C library and its language bindings) can connect to a peer anonymously using TLS *even when configured to verify the peer certificate* while used with OpenSSL versions before 1.1.0. This means that an undetected man in the middle attack could be constructed if an attacker can arrange to intercept TLS traffic."
}
]
}

5
2019/10xxx/CVE-2019-10893.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/152437/centoswp098email-xss.txt",
"url": "https://packetstormsecurity.com/files/152437/centoswp098email-xss.txt"
},
{
"refsource": "BID",
"name": "108035",
"url": "http://www.securityfocus.com/bid/108035"
}
]
}

5
2019/11xxx/CVE-2019-11068.json
View File

@ -71,6 +71,11 @@
"refsource": "MLIST",
"name": "[oss-security] 20190422 Nokogiri security update v1.10.3",
"url": "http://www.openwall.com/lists/oss-security/2019/04/22/1"
},
{
"refsource": "UBUNTU",
"name": "USN-3947-1",
"url": "https://usn.ubuntu.com/3947-1/"
}
]
}

5
2019/11xxx/CVE-2019-11338.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/FFmpeg/FFmpeg/commit/54655623a82632e7624714d7b2a3e039dc5faa7e",
"refsource": "MISC",
"name": "https://github.com/FFmpeg/FFmpeg/commit/54655623a82632e7624714d7b2a3e039dc5faa7e"
},
{
"refsource": "BID",
"name": "108034",
"url": "http://www.securityfocus.com/bid/108034"
}
]
}

5
2019/11xxx/CVE-2019-11339.json
View File

@ -61,6 +61,11 @@
"url": "https://github.com/FFmpeg/FFmpeg/commit/1f686d023b95219db933394a7704ad9aa5f01cbb",
"refsource": "MISC",
"name": "https://github.com/FFmpeg/FFmpeg/commit/1f686d023b95219db933394a7704ad9aa5f01cbb"
},
{
"refsource": "BID",
"name": "108037",
"url": "http://www.securityfocus.com/bid/108037"
}
]
}

5
2019/11xxx/CVE-2019-11446.json
View File

@ -52,6 +52,11 @@
},
"references": {
"reference_data": [
{
"refsource": "EXPLOIT-DB",
"name": "46691",
"url": "https://www.exploit-db.com/exploits/46691/"
},
{
"url": "https://www.exploit-db.com/exploits/46691",
"refsource": "MISC",

5
2019/6xxx/CVE-2019-6133.json
View File

@ -141,6 +141,11 @@
"refsource": "UBUNTU",
"name": "USN-3934-1",
"url": "https://usn.ubuntu.com/3934-1/"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:0832",
"url": "https://access.redhat.com/errata/RHSA-2019:0832"
}
]
}

5
2019/6xxx/CVE-2019-6974.json
View File

@ -151,6 +151,11 @@
"refsource": "CONFIRM",
"name": "https://support.f5.com/csp/article/K11186236",
"url": "https://support.f5.com/csp/article/K11186236"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:0833",
"url": "https://access.redhat.com/errata/RHSA-2019:0833"
}
]
}

5
2019/7xxx/CVE-2019-7221.json
View File

@ -136,6 +136,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190404-0002/",
"url": "https://security.netapp.com/advisory/ntap-20190404-0002/"
},
{
"refsource": "REDHAT",
"name": "RHSA-2019:0833",
"url": "https://access.redhat.com/errata/RHSA-2019:0833"
}
]
}

14
2019/7xxx/CVE-2019-7303.json
View File

@ -43,7 +43,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert characters into a terminal on a 64-bit host. The seccomp rules were generated to match 64-bit ioctl(2) commands on a 64-bit platform; however, the Linux kernel only uses the lower 32 bits to determine which ioctl(2) commands to run.\nThis issue affects:\nCanonical snapd versions prior to 2.37.4."
"value": "A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert characters into a terminal on a 64-bit host. The seccomp rules were generated to match 64-bit ioctl(2) commands on a 64-bit platform; however, the Linux kernel only uses the lower 32 bits to determine which ioctl(2) commands to run. This issue affects: Canonical snapd versions prior to 2.37.4."
}
]
},
@ -81,12 +81,14 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://usn.ubuntu.com/3917-1/"
"refsource": "MISC",
"url": "https://usn.ubuntu.com/3917-1/",
"name": "https://usn.ubuntu.com/3917-1/"
},
{
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46594"
"refsource": "MISC",
"url": "https://www.exploit-db.com/exploits/46594",
"name": "https://www.exploit-db.com/exploits/46594"
}
]
},
@ -96,4 +98,4 @@
],
"discovery": "EXTERNAL"
}
}
}

19
2019/7xxx/CVE-2019-7304.json
View File

@ -44,7 +44,7 @@
"description_data": [
{
"lang": "eng",
"value": "Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root.\nThis issue affects:\nCanonical snapd versions prior to 2.37.1."
"value": "Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1."
}
]
},
@ -82,16 +82,19 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://usn.ubuntu.com/3887-1/"
"refsource": "MISC",
"url": "https://usn.ubuntu.com/3887-1/",
"name": "https://usn.ubuntu.com/3887-1/"
},
{
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46361"
"refsource": "MISC",
"url": "https://www.exploit-db.com/exploits/46361",
"name": "https://www.exploit-db.com/exploits/46361"
},
{
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/46362"
"refsource": "MISC",
"url": "https://www.exploit-db.com/exploits/46362",
"name": "https://www.exploit-db.com/exploits/46362"
}
]
},
@ -101,4 +104,4 @@
],
"discovery": "EXTERNAL"
}
}
}

5
2019/8xxx/CVE-2019-8453.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC",
"name": "https://www.zonealarm.com/software/release-history/zafavfw.html#15.4.260.17960",
"url": "https://www.zonealarm.com/software/release-history/zafavfw.html#15.4.260.17960"
},
{
"refsource": "BID",
"name": "108029",
"url": "http://www.securityfocus.com/bid/108029"
}
]
},

5
2019/8xxx/CVE-2019-8455.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC",
"name": "https://www.zonealarm.com/software/release-history/zafavfw.html#15.4.260.17960",
"url": "https://www.zonealarm.com/software/release-history/zafavfw.html#15.4.260.17960"
},
{
"refsource": "BID",
"name": "108029",
"url": "http://www.securityfocus.com/bid/108029"
}
]
},

5
2019/9xxx/CVE-2019-9022.json
View File

@ -76,6 +76,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190331 [SECURITY] [DLA 1741-1] php5 security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html"
},
{
"refsource": "UBUNTU",
"name": "USN-3922-2",
"url": "https://usn.ubuntu.com/3922-2/"
}
]
}

5
2019/9xxx/CVE-2019-9637.json
View File

@ -76,6 +76,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190331 [SECURITY] [DLA 1741-1] php5 security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html"
},
{
"refsource": "UBUNTU",
"name": "USN-3922-2",
"url": "https://usn.ubuntu.com/3922-2/"
}
]
}

5
2019/9xxx/CVE-2019-9638.json
View File

@ -71,6 +71,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190331 [SECURITY] [DLA 1741-1] php5 security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html"
},
{
"refsource": "UBUNTU",
"name": "USN-3922-2",
"url": "https://usn.ubuntu.com/3922-2/"
}
]
}

5
2019/9xxx/CVE-2019-9639.json
View File

@ -71,6 +71,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190331 [SECURITY] [DLA 1741-1] php5 security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html"
},
{
"refsource": "UBUNTU",
"name": "USN-3922-2",
"url": "https://usn.ubuntu.com/3922-2/"
}
]
}

5
2019/9xxx/CVE-2019-9640.json
View File

@ -71,6 +71,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190331 [SECURITY] [DLA 1741-1] php5 security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html"
},
{
"refsource": "UBUNTU",
"name": "USN-3922-2",
"url": "https://usn.ubuntu.com/3922-2/"
}
]
}

5
2019/9xxx/CVE-2019-9641.json
View File

@ -71,6 +71,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190331 [SECURITY] [DLA 1741-1] php5 security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00043.html"
},
{
"refsource": "UBUNTU",
"name": "USN-3922-2",
"url": "https://usn.ubuntu.com/3922-2/"
}
]
}

5
2019/9xxx/CVE-2019-9675.json
View File

@ -61,6 +61,11 @@
"name": "https://bugs.php.net/bug.php?id=77586",
"refsource": "MISC",
"url": "https://bugs.php.net/bug.php?id=77586"
},
{
"refsource": "UBUNTU",
"name": "USN-3922-2",
"url": "https://usn.ubuntu.com/3922-2/"
}
]
}