diff --git a/2010/0xxx/CVE-2010-0296.json b/2010/0xxx/CVE-2010-0296.json index 1443b27ae56..10725b030f6 100644 --- a/2010/0xxx/CVE-2010-0296.json +++ b/2010/0xxx/CVE-2010-0296.json @@ -156,6 +156,11 @@ "refsource": "BUGTRAQ", "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "url": "https://seclists.org/bugtraq/2019/Jun/14" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html", + "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" } ] } diff --git a/2010/3xxx/CVE-2010-3856.json b/2010/3xxx/CVE-2010-3856.json index 90d6e8c3a2b..071612daa8a 100644 --- a/2010/3xxx/CVE-2010-3856.json +++ b/2010/3xxx/CVE-2010-3856.json @@ -146,6 +146,11 @@ "refsource": "BUGTRAQ", "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "url": "https://seclists.org/bugtraq/2019/Jun/14" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html", + "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" } ] } diff --git a/2011/2xxx/CVE-2011-2716.json b/2011/2xxx/CVE-2011-2716.json index 947127aca0d..9776742d17f 100644 --- a/2011/2xxx/CVE-2011-2716.json +++ b/2011/2xxx/CVE-2011-2716.json @@ -101,6 +101,11 @@ "refsource": "BUGTRAQ", "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "url": "https://seclists.org/bugtraq/2019/Jun/14" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html", + "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" } ] } diff --git a/2011/5xxx/CVE-2011-5325.json b/2011/5xxx/CVE-2011-5325.json index 84ef075dbe1..ddc5e46c895 100644 --- a/2011/5xxx/CVE-2011-5325.json +++ b/2011/5xxx/CVE-2011-5325.json @@ -81,6 +81,11 @@ "refsource": "BUGTRAQ", "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "url": "https://seclists.org/bugtraq/2019/Jun/14" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html", + "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" } ] } diff --git a/2012/4xxx/CVE-2012-4412.json b/2012/4xxx/CVE-2012-4412.json index 0d3790ee360..2b4dc4ae5fb 100644 --- a/2012/4xxx/CVE-2012-4412.json +++ b/2012/4xxx/CVE-2012-4412.json @@ -101,6 +101,11 @@ "refsource": "BUGTRAQ", "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "url": "https://seclists.org/bugtraq/2019/Jun/14" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html", + "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" } ] } diff --git a/2013/1xxx/CVE-2013-1813.json b/2013/1xxx/CVE-2013-1813.json index c8914b7f26d..589cf403397 100644 --- a/2013/1xxx/CVE-2013-1813.json +++ b/2013/1xxx/CVE-2013-1813.json @@ -86,6 +86,11 @@ "refsource": "BUGTRAQ", "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "url": "https://seclists.org/bugtraq/2019/Jun/14" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html", + "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" } ] } diff --git a/2014/4xxx/CVE-2014-4043.json b/2014/4xxx/CVE-2014-4043.json index 0f3c3da55e4..5125d7426e7 100644 --- a/2014/4xxx/CVE-2014-4043.json +++ b/2014/4xxx/CVE-2014-4043.json @@ -111,6 +111,11 @@ "refsource": "BUGTRAQ", "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "url": "https://seclists.org/bugtraq/2019/Jun/14" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html", + "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" } ] } diff --git a/2014/9xxx/CVE-2014-9402.json b/2014/9xxx/CVE-2014-9402.json index 14290205366..c098f8fe269 100644 --- a/2014/9xxx/CVE-2014-9402.json +++ b/2014/9xxx/CVE-2014-9402.json @@ -101,6 +101,11 @@ "refsource": "BUGTRAQ", "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "url": "https://seclists.org/bugtraq/2019/Jun/14" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html", + "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" } ] } diff --git a/2014/9xxx/CVE-2014-9761.json b/2014/9xxx/CVE-2014-9761.json index 06ef74711a3..d814deb6a46 100644 --- a/2014/9xxx/CVE-2014-9761.json +++ b/2014/9xxx/CVE-2014-9761.json @@ -141,6 +141,11 @@ "refsource": "BUGTRAQ", "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "url": "https://seclists.org/bugtraq/2019/Jun/14" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html", + "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" } ] } diff --git a/2014/9xxx/CVE-2014-9984.json b/2014/9xxx/CVE-2014-9984.json index f004b59d6b5..c669cbff251 100644 --- a/2014/9xxx/CVE-2014-9984.json +++ b/2014/9xxx/CVE-2014-9984.json @@ -76,6 +76,11 @@ "refsource": "BUGTRAQ", "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "url": "https://seclists.org/bugtraq/2019/Jun/14" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html", + "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" } ] } diff --git a/2015/0xxx/CVE-2015-0235.json b/2015/0xxx/CVE-2015-0235.json index e490b857fc6..42d9e649eb2 100644 --- a/2015/0xxx/CVE-2015-0235.json +++ b/2015/0xxx/CVE-2015-0235.json @@ -471,6 +471,11 @@ "refsource": "BUGTRAQ", "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "url": "https://seclists.org/bugtraq/2019/Jun/14" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html", + "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" } ] } diff --git a/2015/1xxx/CVE-2015-1472.json b/2015/1xxx/CVE-2015-1472.json index 5cf78ea0c8b..f5c7fcdb0d3 100644 --- a/2015/1xxx/CVE-2015-1472.json +++ b/2015/1xxx/CVE-2015-1472.json @@ -101,6 +101,11 @@ "refsource": "BUGTRAQ", "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "url": "https://seclists.org/bugtraq/2019/Jun/14" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html", + "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" } ] } diff --git a/2015/9xxx/CVE-2015-9261.json b/2015/9xxx/CVE-2015-9261.json index 045613f0fd3..456f5aa5bef 100644 --- a/2015/9xxx/CVE-2015-9261.json +++ b/2015/9xxx/CVE-2015-9261.json @@ -86,6 +86,11 @@ "refsource": "BUGTRAQ", "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "url": "https://seclists.org/bugtraq/2019/Jun/14" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html", + "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" } ] } diff --git a/2016/2xxx/CVE-2016-2147.json b/2016/2xxx/CVE-2016-2147.json index 1a7757507c3..d591b812706 100644 --- a/2016/2xxx/CVE-2016-2147.json +++ b/2016/2xxx/CVE-2016-2147.json @@ -91,6 +91,11 @@ "refsource": "BUGTRAQ", "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "url": "https://seclists.org/bugtraq/2019/Jun/14" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html", + "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" } ] } diff --git a/2016/2xxx/CVE-2016-2148.json b/2016/2xxx/CVE-2016-2148.json index 7f232aa7040..9ce4214c2a5 100644 --- a/2016/2xxx/CVE-2016-2148.json +++ b/2016/2xxx/CVE-2016-2148.json @@ -91,6 +91,11 @@ "refsource": "BUGTRAQ", "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "url": "https://seclists.org/bugtraq/2019/Jun/14" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html", + "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" } ] } diff --git a/2016/6xxx/CVE-2016-6301.json b/2016/6xxx/CVE-2016-6301.json index 85df3a2897e..6bd6e51c58a 100644 --- a/2016/6xxx/CVE-2016-6301.json +++ b/2016/6xxx/CVE-2016-6301.json @@ -86,6 +86,11 @@ "refsource": "BUGTRAQ", "name": "20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series", "url": "https://seclists.org/bugtraq/2019/Jun/14" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html", + "url": "http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html" } ] } diff --git a/2018/16xxx/CVE-2018-16471.json b/2018/16xxx/CVE-2018-16471.json index ed3feb912e4..f870f454ef7 100644 --- a/2018/16xxx/CVE-2018-16471.json +++ b/2018/16xxx/CVE-2018-16471.json @@ -61,6 +61,11 @@ "name": "[debian-lts-announce] 20181121 [SECURITY] [DLA 1585-1] ruby-rack security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00022.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1553", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00032.html" } ] } diff --git a/2018/19xxx/CVE-2018-19113.json b/2018/19xxx/CVE-2018-19113.json index 33ec7fb1b28..853be77d4c1 100644 --- a/2018/19xxx/CVE-2018-19113.json +++ b/2018/19xxx/CVE-2018-19113.json @@ -61,6 +61,11 @@ "url": "https://gist.github.com/povlteksttv/8f990e11576e1e90e8fb61acf8646d28", "refsource": "MISC", "name": "https://gist.github.com/povlteksttv/8f990e11576e1e90e8fb61acf8646d28" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153275/Pronestor-Health-Monitoring-Privilege-Escalation.html", + "url": "http://packetstormsecurity.com/files/153275/Pronestor-Health-Monitoring-Privilege-Escalation.html" } ] } diff --git a/2019/10xxx/CVE-2019-10959.json b/2019/10xxx/CVE-2019-10959.json index 037e0ef41b6..1f5d442d7b6 100644 --- a/2019/10xxx/CVE-2019-10959.json +++ b/2019/10xxx/CVE-2019-10959.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-10959", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "BD Alaris Gateway Workstation", + "version": { + "version_data": [ + { + "version_value": "Versions, 1.1.3 Build 10, 1.1.3 MR Build 11, 1.2 Build 15, 1.3.0 Build 14, 1.3.1 Build 13, This does not impact the latest firmware Versions 1.3.2 and 1.6.1, Additionally, the following products using software Version 2.3.6 and below, Alaris GS, Alaris GH, Alaris CC, Alaris TIVA" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "UNRESTRICTED UPLOAD OF FILE WITH DANGEROUS TYPE CWE-434" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-164-01", + "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-164-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "BD Alaris Gateway Workstation Versions, 1.1.3 Build 10, 1.1.3 MR Build 11, 1.2 Build 15, 1.3.0 Build 14, 1.3.1 Build 13, This does not impact the latest firmware Versions 1.3.2 and 1.6.1, Additionally, the following products using software Version 2.3.6 and below, Alaris GS, Alaris GH, Alaris CC, Alaris TIVA, The application does not restrict the upload of malicious files during a firmware update." } ] } diff --git a/2019/10xxx/CVE-2019-10962.json b/2019/10xxx/CVE-2019-10962.json index 15a345b4595..712e341fca2 100644 --- a/2019/10xxx/CVE-2019-10962.json +++ b/2019/10xxx/CVE-2019-10962.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2019-10962", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "BD Alaris Gateway Workstation", + "version": { + "version_data": [ + { + "version_value": "versions 1.0.13,1.1.3 Build 10,1.1.3 MR Build 11,1.1.5,1.1.6" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "IMPROPER ACCESS CONTROL CWE-284" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-164-01", + "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-19-164-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "BD Alaris Gateway versions, 1.0.13,1.1.3 Build 10,1.1.3 MR Build 11,1.1.5, and 1.1.6, The web browser user interface on the Alaris Gateway Workstation does not prevent an attacker with knowledge of the IP address of the Alaris Gateway Workstation terminal to gain access to the status and configuration information of the device." } ] } diff --git a/2019/11xxx/CVE-2019-11080.json b/2019/11xxx/CVE-2019-11080.json index b6cd1afeab9..1f16ff88942 100644 --- a/2019/11xxx/CVE-2019-11080.json +++ b/2019/11xxx/CVE-2019-11080.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "https://github.com/minecrater/exploits/blob/master/Sitecore8xDeserialRCE", "url": "https://github.com/minecrater/exploits/blob/master/Sitecore8xDeserialRCE" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/153274/Sitecore-8.x-Deserialization-Remote-Code-Execution.html", + "url": "http://packetstormsecurity.com/files/153274/Sitecore-8.x-Deserialization-Remote-Code-Execution.html" } ] } diff --git a/2019/12xxx/CVE-2019-12735.json b/2019/12xxx/CVE-2019-12735.json index c6d421bc734..6c959194064 100644 --- a/2019/12xxx/CVE-2019-12735.json +++ b/2019/12xxx/CVE-2019-12735.json @@ -101,6 +101,11 @@ "refsource": "FEDORA", "name": "FEDORA-2019-dcd49378b8", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TRIRBC2YRGKPAWVRMZS4SZTGGCVRVZPR/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1551", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00031.html" } ] } diff --git a/2019/12xxx/CVE-2019-12800.json b/2019/12xxx/CVE-2019-12800.json new file mode 100644 index 00000000000..63a47a8aa94 --- /dev/null +++ b/2019/12xxx/CVE-2019-12800.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-12800", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/12xxx/CVE-2019-12801.json b/2019/12xxx/CVE-2019-12801.json new file mode 100644 index 00000000000..f00a68ba337 --- /dev/null +++ b/2019/12xxx/CVE-2019-12801.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-12801", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/12xxx/CVE-2019-12802.json b/2019/12xxx/CVE-2019-12802.json new file mode 100644 index 00000000000..c42e0061dfb --- /dev/null +++ b/2019/12xxx/CVE-2019-12802.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-12802", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In radare2 through 3.5.1, the rcc_context function of libr/egg/egg_lang.c mishandles changing context. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact (invalid memory access in r_egg_lang_parsechar; invalid free in rcc_pusharg)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/radare/radare2/issues/14296", + "refsource": "MISC", + "name": "https://github.com/radare/radare2/issues/14296" + } + ] + } +} \ No newline at end of file