diff --git a/2019/3xxx/CVE-2019-3806.json b/2019/3xxx/CVE-2019-3806.json index 3abd15233f7..8d78b9ca3d6 100644 --- a/2019/3xxx/CVE-2019-3806.json +++ b/2019/3xxx/CVE-2019-3806.json @@ -1,76 +1,77 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2019-3806", - "ASSIGNER": "psampaio@redhat.com" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Power DNS", - "product": { - "product_data": [ - { - "product_name": "pdns-recursor", - "version": { - "version_data": [ - { - "version_value": "versions after 4.1.3 before 4.1.9" - } - ] - } - } - ] - } - } + "CVE_data_meta" : { + "ASSIGNER" : "psampaio@redhat.com", + "ID" : "CVE-2019-3806", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "pdns-recursor", + "version" : { + "version_data" : [ + { + "version_value" : "versions after 4.1.3 before 4.1.9" + } + ] + } + } + ] + }, + "vendor_name" : "Power DNS" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An issue has been found in PowerDNS Recursor versions after 4.1.3 before 4.1.9 where Lua hooks are not properly applied to queries received over TCP in some specific combination of settings, possibly bypassing security policies enforced using Lua." + } + ] + }, + "impact" : { + "cvss" : [ + [ + { + "vectorString" : "5.4/CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:H", + "version" : "3.0" + } + ] + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "CWE-358" + } ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-358" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3806", - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3806", - "refsource": "CONFIRM" - }, - { - "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-01.html", - "name": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-01.html", - "refsource": "CONFIRM" - } - ] - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An issue has been found in PowerDNS Recursor versions after 4.1.3 before 4.1.9 where Lua hooks are not properly applied to queries received over TCP in some specific combination of settings, possibly bypassing security policies enforced using Lua." - } - ] - }, - "impact": { - "cvss": [ - [ - { - "vectorString": "5.4/CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:H", - "version": "3.0" - } - ] - ] - } + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3806", + "refsource" : "CONFIRM", + "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3806" + }, + { + "name" : "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-01.html", + "refsource" : "CONFIRM", + "url" : "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-01.html" + } + ] + } } diff --git a/2019/3xxx/CVE-2019-3807.json b/2019/3xxx/CVE-2019-3807.json index a79972b2f6c..88ad8956260 100644 --- a/2019/3xxx/CVE-2019-3807.json +++ b/2019/3xxx/CVE-2019-3807.json @@ -1,76 +1,77 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2019-3807", - "ASSIGNER": "psampaio@redhat.com" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Power DNS", - "product": { - "product_data": [ - { - "product_name": "pdns-recursor", - "version": { - "version_data": [ - { - "version_value": "versions 4.1.x before 4.1.9" - } - ] - } - } - ] - } - } + "CVE_data_meta" : { + "ASSIGNER" : "psampaio@redhat.com", + "ID" : "CVE-2019-3807", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "pdns-recursor", + "version" : { + "version_data" : [ + { + "version_value" : "versions 4.1.x before 4.1.9" + } + ] + } + } + ] + }, + "vendor_name" : "Power DNS" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An issue has been found in PowerDNS Recursor versions 4.1.x before 4.1.9 where records in the answer section of responses received from authoritative servers with the AA flag not set were not properly validated, allowing an attacker to bypass DNSSEC validation." + } + ] + }, + "impact" : { + "cvss" : [ + [ + { + "vectorString" : "3.7/CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N", + "version" : "3.0" + } + ] + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "CWE-345" + } ] - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-345" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3807", - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3807", - "refsource": "CONFIRM" - }, - { - "url": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-02.html", - "name": "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-02.html", - "refsource": "CONFIRM" - } - ] - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An issue has been found in PowerDNS Recursor versions 4.1.x before 4.1.9 where records in the answer section of responses received from authoritative servers with the AA flag not set were not properly validated, allowing an attacker to bypass DNSSEC validation." - } - ] - }, - "impact": { - "cvss": [ - [ - { - "vectorString": "3.7/CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N", - "version": "3.0" - } - ] - ] - } + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3807", + "refsource" : "CONFIRM", + "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3807" + }, + { + "name" : "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-02.html", + "refsource" : "CONFIRM", + "url" : "https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-02.html" + } + ] + } } diff --git a/2019/7xxx/CVE-2019-7161.json b/2019/7xxx/CVE-2019-7161.json new file mode 100644 index 00000000000..8506575469b --- /dev/null +++ b/2019/7xxx/CVE-2019-7161.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-7161", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2019/7xxx/CVE-2019-7162.json b/2019/7xxx/CVE-2019-7162.json new file mode 100644 index 00000000000..8ffee570c83 --- /dev/null +++ b/2019/7xxx/CVE-2019-7162.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-7162", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2019/7xxx/CVE-2019-7163.json b/2019/7xxx/CVE-2019-7163.json new file mode 100644 index 00000000000..c2a8f0a7c4d --- /dev/null +++ b/2019/7xxx/CVE-2019-7163.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-7163", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2019/7xxx/CVE-2019-7164.json b/2019/7xxx/CVE-2019-7164.json new file mode 100644 index 00000000000..273feaaeb46 --- /dev/null +++ b/2019/7xxx/CVE-2019-7164.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-7164", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2019/7xxx/CVE-2019-7165.json b/2019/7xxx/CVE-2019-7165.json new file mode 100644 index 00000000000..f2c27b251c1 --- /dev/null +++ b/2019/7xxx/CVE-2019-7165.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-7165", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +}