admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 02:32:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-09-19 17:00:56 +00:00
parent 9fbfd14fe7
commit 441d395e54
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
17 changed files with 245 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2013/4xxx/CVE-2013-4786.json
View File

@ -76,6 +76,11 @@
"name": "HPSBHF02981",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=139653661621384&w=2"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190919-0005/",
"url": "https://security.netapp.com/advisory/ntap-20190919-0005/"
}
]
}

5
2018/16xxx/CVE-2018-16487.json
View File

@ -56,6 +56,11 @@
"name": "https://hackerone.com/reports/380873",
"refsource": "MISC",
"url": "https://hackerone.com/reports/380873"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190919-0004/",
"url": "https://security.netapp.com/advisory/ntap-20190919-0004/"
}
]
}

5
2018/3xxx/CVE-2018-3721.json
View File

@ -62,6 +62,11 @@
"name": "https://github.com/lodash/lodash/commit/d8e069cc3410082e44eb18fcf8e7f3d08ebe1d4a",
"refsource": "MISC",
"url": "https://github.com/lodash/lodash/commit/d8e069cc3410082e44eb18fcf8e7f3d08ebe1d4a"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190919-0004/",
"url": "https://security.netapp.com/advisory/ntap-20190919-0004/"
}
]
}

5
2019/1010xxx/CVE-2019-1010266.json
View File

@ -66,6 +66,11 @@
"refsource": "CONFIRM",
"name": "https://github.com/lodash/lodash/wiki/Changelog",
"url": "https://github.com/lodash/lodash/wiki/Changelog"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190919-0004/",
"url": "https://security.netapp.com/advisory/ntap-20190919-0004/"
}
]
}

5
2019/11xxx/CVE-2019-11245.json
View File

@ -90,6 +90,11 @@
"name": "https://github.com/kubernetes/kubernetes/issues/78308",
"refsource": "CONFIRM",
"url": "https://github.com/kubernetes/kubernetes/issues/78308"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190919-0003/",
"url": "https://security.netapp.com/advisory/ntap-20190919-0003/"
}
]
},

5
2019/11xxx/CVE-2019-11246.json
View File

@ -130,6 +130,11 @@
"name": "[ANNOUNCE] Incomplete fixes for CVE-2019-1002101, kubectl cp potential directory traversal - CVE-2019-11246",
"refsource": "MLIST",
"url": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/NLs2TGbfPdo"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190919-0003/",
"url": "https://security.netapp.com/advisory/ntap-20190919-0003/"
}
]
},

5
2019/11xxx/CVE-2019-11247.json
View File

@ -120,6 +120,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:2690",
"url": "https://access.redhat.com/errata/RHSA-2019:2690"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190919-0003/",
"url": "https://security.netapp.com/advisory/ntap-20190919-0003/"
}
]
},

5
2019/11xxx/CVE-2019-11248.json
View File

@ -130,6 +130,11 @@
"name": "CVE-2019-11248: /debug/pprof exposed on kubelet's healthz port",
"refsource": "MLIST",
"url": "https://groups.google.com/d/msg/kubernetes-security-announce/pKELclHIov8/BEDtRELACQAJ"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190919-0003/",
"url": "https://security.netapp.com/advisory/ntap-20190919-0003/"
}
]
},

5
2019/11xxx/CVE-2019-11249.json
View File

@ -133,6 +133,11 @@
"name": "https://github.com/kubernetes/kubernetes/issues/80984",
"refsource": "CONFIRM",
"url": "https://github.com/kubernetes/kubernetes/issues/80984"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190919-0003/",
"url": "https://security.netapp.com/advisory/ntap-20190919-0003/"
}
]
},

5
2019/11xxx/CVE-2019-11250.json
View File

@ -81,6 +81,11 @@
"name": "https://github.com/kubernetes/kubernetes/issues/81114",
"refsource": "CONFIRM",
"url": "https://github.com/kubernetes/kubernetes/issues/81114"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190919-0003/",
"url": "https://security.netapp.com/advisory/ntap-20190919-0003/"
}
]
},

5
2019/11xxx/CVE-2019-11358.json
View File

@ -246,6 +246,11 @@
"refsource": "REDHAT",
"name": "RHSA-2019:2587",
"url": "https://access.redhat.com/errata/RHSA-2019:2587"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190919-0001/",
"url": "https://security.netapp.com/advisory/ntap-20190919-0001/"
}
]
}

72
2019/15xxx/CVE-2019-15032.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15032",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Pydio 6.0.8 mishandles error reporting when a directory allows unauthenticated uploads, and the remote-upload option is used with the http://localhost:22 URL. The attacker can obtain sensitive information such as the name of the user who created that directory and other internal server information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://sourceforge.net/projects/ajaxplorer/files/pydio/stable-channel/",
"refsource": "MISC",
"name": "https://sourceforge.net/projects/ajaxplorer/files/pydio/stable-channel/"
},
{
"url": "https://pydio.com",
"refsource": "MISC",
"name": "https://pydio.com"
},
{
"refsource": "MISC",
"name": "https://heitorgouvea.me/2019/09/17/CVE-2019-15032",
"url": "https://heitorgouvea.me/2019/09/17/CVE-2019-15032"
}
]
}
}

72
2019/15xxx/CVE-2019-15033.json Normal file
View File

@ -0,0 +1,72 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15033",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Pydio 6.0.8 allows Authenticated SSRF during a Remote Link Feature download. An attacker can specify an intranet address in the file parameter to index.php, when sending a file to a remote server, as demonstrated by the file=http%3A%2F%2F192.168.1.2 substring."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://sourceforge.net/projects/ajaxplorer/files/pydio/stable-channel/",
"refsource": "MISC",
"name": "https://sourceforge.net/projects/ajaxplorer/files/pydio/stable-channel/"
},
{
"url": "https://pydio.com",
"refsource": "MISC",
"name": "https://pydio.com"
},
{
"refsource": "MISC",
"name": "https://heitorgouvea.me/2019/09/17/CVE-2019-15033",
"url": "https://heitorgouvea.me/2019/09/17/CVE-2019-15033"
}
]
}
}

7
2019/16xxx/CVE-2019-16097.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "core/api/user.go in Harbor 1.7.0 through 1.8.2 allows non-admin users to create admin accounts via the POST /api/users API. This is fixed in 1.9.0-rc1."
"value": "core/api/user.go in Harbor 1.7.0 through 1.8.2 allows non-admin users to create admin accounts via the POST /api/users API. This is fixed in 1.7.6 and 1.8.3."
}
]
},
@ -61,6 +61,11 @@
"url": "https://github.com/goharbor/harbor/compare/v1.8.2...v1.9.0-rc1",
"refsource": "MISC",
"name": "https://github.com/goharbor/harbor/compare/v1.8.2...v1.9.0-rc1"
},
{
"refsource": "MISC",
"name": "https://unit42.paloaltonetworks.com/critical-vulnerability-in-harbor-enables-privilege-escalation-from-zero-to-admin-cve-2019-16097/",
"url": "https://unit42.paloaltonetworks.com/critical-vulnerability-in-harbor-enables-privilege-escalation-from-zero-to-admin-cve-2019-16097/"
}
]
},

5
2019/1xxx/CVE-2019-1547.json
View File

@ -107,6 +107,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/154467/Slackware-Security-Advisory-openssl-Updates.html",
"url": "http://packetstormsecurity.com/files/154467/Slackware-Security-Advisory-openssl-Updates.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190919-0002/",
"url": "https://security.netapp.com/advisory/ntap-20190919-0002/"
}
]
}

55
2019/1xxx/CVE-2019-1549.json
View File

@ -1,11 +1,11 @@
{
"CVE_data_meta": {
"ASSIGNER": "openssl-security@openssl.org",
"DATE_PUBLIC": "2019-09-10",
"ID": "CVE-2019-1549",
"STATE": "PUBLIC",
"ASSIGNER": "openssl-security@openssl.org",
"DATE_PUBLIC": "2019-09-10",
"ID": "CVE-2019-1549",
"STATE": "PUBLIC",
"TITLE": "Fork Protection"
},
},
"affects": {
"vendor": {
"vendor_data": [
@ -13,7 +13,7 @@
"product": {
"product_data": [
{
"product_name": "OpenSSL",
"product_name": "OpenSSL",
"version": {
"version_data": [
{
@ -23,59 +23,64 @@
}
}
]
},
},
"vendor_name": "OpenSSL"
}
]
}
},
},
"credit": [
{
"lang": "eng",
"lang": "eng",
"value": "Matt Caswell"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"lang": "eng",
"value": "OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in the default case. A partial mitigation for this issue is that the output from a high precision timer is mixed into the RNG state so the likelihood of a parent and child process sharing state is significantly reduced. If an application already calls OPENSSL_init_crypto() explicitly using OPENSSL_INIT_ATFORK then this problem does not occur at all. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c)."
}
]
},
},
"impact": [
{
"lang": "eng",
"url": "https://www.openssl.org/policies/secpolicy.html#Low",
"lang": "eng",
"url": "https://www.openssl.org/policies/secpolicy.html#Low",
"value": "Low"
}
],
],
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"lang": "eng",
"value": "Random Number Generation"
}
]
}
]
},
},
"references": {
"reference_data": [
{
"name": "https://www.openssl.org/news/secadv/20190910.txt",
"refsource": "CONFIRM",
"name": "https://www.openssl.org/news/secadv/20190910.txt",
"refsource": "CONFIRM",
"url": "https://www.openssl.org/news/secadv/20190910.txt"
},
},
{
"name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1b0fe00e2704b5e20334a16d3c9099d1ba2ef1be",
"refsource": "CONFIRM",
"name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1b0fe00e2704b5e20334a16d3c9099d1ba2ef1be",
"refsource": "CONFIRM",
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1b0fe00e2704b5e20334a16d3c9099d1ba2ef1be"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190919-0002/",
"url": "https://security.netapp.com/advisory/ntap-20190919-0002/"
}
]
}

5
2019/1xxx/CVE-2019-1563.json
View File

@ -102,6 +102,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/154467/Slackware-Security-Advisory-openssl-Updates.html",
"url": "http://packetstormsecurity.com/files/154467/Slackware-Security-Advisory-openssl-Updates.html"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190919-0002/",
"url": "https://security.netapp.com/advisory/ntap-20190919-0002/"
}
]
}