admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-02-13 04:01:32 +00:00
parent a7d350d2a5
commit 56761d165b
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
36 changed files with 1381 additions and 1810 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
2012/4xxx/CVE-2012-4420.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4420",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "java-1.7.0-openjdk",
"product": {
"product_data": [
{
"product_name": "java-1.7.0-openjdk",
"version": {
"version_data": [
{
"version_value": "1.7.0_04 to 1.7.0_10"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,12 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "java-1.7.0-openjdk",
"product": {
"product_data": [
{
"product_name": "java-1.7.0-openjdk",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.7.0_04 to 1.7.0_10"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4420",
"url": "http://www.openwall.com/lists/oss-security/2012/09/13/3",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4420"
"name": "http://www.openwall.com/lists/oss-security/2012/09/13/3"
},
{
"url": "http://www.securityfocus.com/bid/55538",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55538"
},
{
"url": "https://access.redhat.com/security/cve/cve-2012-4420",
@ -63,29 +69,24 @@
"name": "https://access.redhat.com/security/cve/cve-2012-4420"
},
{
"url": "https://bugs.java.com/bugdatabase/view_bug.do?bug_id=7196857",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78693",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78693"
"name": "https://bugs.java.com/bugdatabase/view_bug.do?bug_id=7196857"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4420",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/13/3",
"url": "http://www.openwall.com/lists/oss-security/2012/09/13/3"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4420"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78693",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55538",
"url": "http://www.securityfocus.com/bid/55538"
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78693"
},
{
"url": "https://www.openwall.com/lists/oss-security/2012/09/12/4",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2012/09/12/4",
"url": "https://www.openwall.com/lists/oss-security/2012/09/12/4"
},
{
"refsource": "MISC",
"name": "https://bugs.java.com/bugdatabase/view_bug.do?bug_id=7196857",
"url": "https://bugs.java.com/bugdatabase/view_bug.do?bug_id=7196857"
"name": "https://www.openwall.com/lists/oss-security/2012/09/12/4"
}
]
}

97
2012/4xxx/CVE-2012-4424.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4424",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,42 +27,66 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "USN-1991-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1991-1"
"url": "https://security.gentoo.org/glsa/201503-04",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "MDVSA-2013:284",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=14547",
"refsource": "MISC",
"name": "http://sourceware.org/bugzilla/show_bug.cgi?id=14547"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=858238",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858238"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"name": "http://sourceware.org/bugzilla/show_bug.cgi?id=14547",
"refsource": "CONFIRM",
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=14547"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"name": "[oss-security] 20130913 CVE Request -- glibc: strcoll() integer overflow leading to buffer overflow + another alloca() stack overflow issue (upstream #14547 && #14552)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/13/16"
"url": "http://www.ubuntu.com/usn/USN-1991-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"name": "GLSA-201503-04",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-04"
"url": "http://www.openwall.com/lists/oss-security/2012/09/13/16",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/13/16"
},
{
"name": "MDVSA-2013:283",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=858238",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=858238"
}
]
}

133
2012/4xxx/CVE-2012-4425.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4425",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "libgio, when used in setuid or other privileged programs in spice-gtk and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: it could be argued that this is a vulnerability in the applications that do not cleanse environment variables, not in libgio itself."
"value": "libgio, when used in setuid or other privileged programs in spice-gtk and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: it could be argued that this is a vulnerability in the applications that do not cleanse environment variables, not in libgio itself."
}
]
},
@ -50,52 +27,76 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2012:1284",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1284.html"
},
{
"name": "[oss-security] 20120912 libdbus CVE-2012-3524 fix",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/12/6"
},
{
"name": "[spice-devel] 20120914 [spice-gtk] usb-acl-helper: Clear environment",
"refsource": "MLIST",
"url": "http://www.spinics.net/lists/spice-devel/msg01940.html"
},
{
"name": "[oss-security] 20120917 Re: libdbus CVE-2012-3524 fix",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/17/2"
},
{
"name": "[scm-commits] 20120914 [spice-gtk/f18] Add patch fixing CVE 2012-4425",
"refsource": "MLIST",
"url": "http://permalink.gmane.org/gmane.linux.redhat.fedora.extras.cvs/853051"
},
{
"name": "21323",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/21323"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=857283",
"url": "http://www.exploit-db.com/exploits/21323",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=857283"
"name": "http://www.exploit-db.com/exploits/21323"
},
{
"name": "[oss-security] 20120914 Re: libdbus CVE-2012-3524 fix",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/14/2"
"url": "http://www.openwall.com/lists/oss-security/2012/09/12/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/12/6"
},
{
"name": "55555",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55555"
"url": "http://www.openwall.com/lists/oss-security/2012/09/14/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/14/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/09/17/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/17/2"
},
{
"url": "http://permalink.gmane.org/gmane.linux.redhat.fedora.extras.cvs/853051",
"refsource": "MISC",
"name": "http://permalink.gmane.org/gmane.linux.redhat.fedora.extras.cvs/853051"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2012-1284.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1284.html"
},
{
"url": "http://www.securityfocus.com/bid/55555",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55555"
},
{
"url": "http://www.spinics.net/lists/spice-devel/msg01940.html",
"refsource": "MISC",
"name": "http://www.spinics.net/lists/spice-devel/msg01940.html"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=857283",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=857283"
}
]
}

85
2012/4xxx/CVE-2012-4426.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4426",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120910 Re: CVE request - mcrypt buffer overflow flaw",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/10/5"
"url": "http://www.openwall.com/lists/oss-security/2012/09/06/8",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/06/8"
},
{
"name": "[oss-security] 20120906 Re: CVE request - mcrypt buffer overflow flaw",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/06/9"
"url": "http://www.openwall.com/lists/oss-security/2012/09/06/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/06/9"
},
{
"name": "[oss-security] 20120913 Re: CVE request - mcrypt buffer overflow flaw",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/13/22"
"url": "http://www.openwall.com/lists/oss-security/2012/09/10/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/10/5"
},
{
"name": "55557",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55557"
"url": "http://www.openwall.com/lists/oss-security/2012/09/13/22",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/13/22"
},
{
"name": "[oss-security] 20120906 Re: CVE request - mcrypt buffer overflow flaw",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/06/8"
"url": "http://www.securityfocus.com/bid/55557",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55557"
}
]
}

93
2012/4xxx/CVE-2012-4427.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4427",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,42 +27,66 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=779473",
"url": "http://www.openwall.com/lists/oss-security/2012/09/08/1",
"refsource": "MISC",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=779473"
"name": "http://www.openwall.com/lists/oss-security/2012/09/08/1"
},
{
"name": "https://bugzilla.gnome.org/show_bug.cgi?id=684215",
"url": "http://www.openwall.com/lists/oss-security/2012/09/13/19",
"refsource": "MISC",
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=684215"
"name": "http://www.openwall.com/lists/oss-security/2012/09/13/19"
},
{
"name": "[oss-security] 20120913 Re: note on gnome shell extensions",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/13/19"
"url": "http://www.openwall.com/lists/oss-security/2012/09/13/26",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/13/26"
},
{
"name": "[oss-security] 20120909 note on gnome shell extensions",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/08/1"
"url": "http://www.openwall.com/lists/oss-security/2012/09/18/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/18/3"
},
{
"name": "[oss-security] 20120918 Re: Re: note on gnome shell extensions",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/18/3"
"url": "http://www.securityfocus.com/bid/55556",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55556"
},
{
"name": "[oss-security] 20120913 Re: Re: note on gnome shell extensions",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/13/26"
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=684215",
"refsource": "MISC",
"name": "https://bugzilla.gnome.org/show_bug.cgi?id=684215"
},
{
"name": "55556",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55556"
"url": "https://bugzilla.novell.com/show_bug.cgi?id=779473",
"refsource": "MISC",
"name": "https://bugzilla.novell.com/show_bug.cgi?id=779473"
}
]
}

111
2012/4xxx/CVE-2012-4428.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4428",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "openslp-dfsg",
"product": {
"product_data": [
{
"product_name": "openslp-dfsg",
"version": {
"version_data": [
{
"version_value": "1.2.1"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,12 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "openslp-dfsg",
"product": {
"product_data": [
{
"product_name": "openslp-dfsg",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.2.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2012-4428",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159059.html",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2012-4428"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159059.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/09/13/27",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/13/27"
},
{
"url": "http://www.securityfocus.com/bid/55540",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55540"
},
{
"url": "http://www.ubuntu.com/usn/USN-2730-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2730-1"
},
{
"url": "https://access.redhat.com/security/cve/cve-2012-4428",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2012-4428"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4428",
@ -68,39 +89,19 @@
"name": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-4428"
},
{
"url": "https://access.redhat.com/security/cve/cve-2012-4428",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78732",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2012-4428"
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78732"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2012-4428",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78732",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78732"
"name": "https://security-tracker.debian.org/tracker/CVE-2012-4428"
},
{
"url": "https://security.gentoo.org/glsa/201707-05",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159059.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/159059.html"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/13/27",
"url": "http://www.openwall.com/lists/oss-security/2012/09/13/27"
},
{
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55540",
"url": "http://www.securityfocus.com/bid/55540"
},
{
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2730-1",
"url": "http://www.ubuntu.com/usn/USN-2730-1"
},
{
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201707-05",
"url": "https://security.gentoo.org/glsa/201707-05"
"name": "https://security.gentoo.org/glsa/201707-05"
}
]
}

121
2012/4xxx/CVE-2012-4430.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4430",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,62 +27,86 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://sourceforge.net/projects/bacula/files/bacula/5.2.12/ReleaseNotes/view",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/projects/bacula/files/bacula/5.2.12/ReleaseNotes/view"
"url": "http://secunia.com/advisories/50535",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50535"
},
{
"name": "DSA-2558",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2558"
"url": "http://secunia.com/advisories/50808",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50808"
},
{
"name": "[oss-security] 20120914 Re: Re: CVE request: bacula: Console ACL Bypass",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/15/2"
"url": "http://sourceforge.net/projects/bacula/files/bacula/5.2.12/ReleaseNotes/view",
"refsource": "MISC",
"name": "http://sourceforge.net/projects/bacula/files/bacula/5.2.12/ReleaseNotes/view"
},
{
"name": "MDVSA-2012:166",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:166"
"url": "http://www.bacula.org/en/?page=news",
"refsource": "MISC",
"name": "http://www.bacula.org/en/?page=news"
},
{
"name": "http://www.bacula.org/en/?page=news",
"refsource": "CONFIRM",
"url": "http://www.bacula.org/en/?page=news"
"url": "http://www.bacula.org/git/cgit.cgi/bacula/commit/?id=67debcecd3d530c429e817e1d778e79dcd1db905",
"refsource": "MISC",
"name": "http://www.bacula.org/git/cgit.cgi/bacula/commit/?id=67debcecd3d530c429e817e1d778e79dcd1db905"
},
{
"name": "55505",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55505"
"url": "http://www.debian.org/security/2012/dsa-2558",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2558"
},
{
"name": "50535",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50535"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:166",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:166"
},
{
"name": "http://www.bacula.org/git/cgit.cgi/bacula/commit/?id=67debcecd3d530c429e817e1d778e79dcd1db905",
"refsource": "CONFIRM",
"url": "http://www.bacula.org/git/cgit.cgi/bacula/commit/?id=67debcecd3d530c429e817e1d778e79dcd1db905"
"url": "http://www.openwall.com/lists/oss-security/2012/09/14/11",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/14/11"
},
{
"name": "50808",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50808"
"url": "http://www.openwall.com/lists/oss-security/2012/09/14/12",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/14/12"
},
{
"name": "[oss-security] 20120914 Re: CVE request: bacula: Console ACL Bypass",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/14/12"
"url": "http://www.openwall.com/lists/oss-security/2012/09/15/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/15/2"
},
{
"name": "[oss-security] 20120914 CVE request: bacula: Console ACL Bypass",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/14/11"
"url": "http://www.securityfocus.com/bid/55505",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55505"
}
]
}

121
2012/4xxx/CVE-2012-4437.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4437",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,62 +27,86 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120919 CVE Request Smarty / php-Smarty: XSS in Smarty exception messages",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/19/1"
"url": "http://advisories.mageia.org/MGASA-2014-0468.html",
"refsource": "MISC",
"name": "http://advisories.mageia.org/MGASA-2014-0468.html"
},
{
"name": "FEDORA-2012-14578",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088138.html"
"url": "http://code.google.com/p/smarty-php/source/browse/trunk/distribution/change_log.txt",
"refsource": "MISC",
"name": "http://code.google.com/p/smarty-php/source/browse/trunk/distribution/change_log.txt"
},
{
"name": "http://code.google.com/p/smarty-php/source/browse/trunk/distribution/change_log.txt",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/smarty-php/source/browse/trunk/distribution/change_log.txt"
"url": "http://code.google.com/p/smarty-php/source/detail?r=4658",
"refsource": "MISC",
"name": "http://code.google.com/p/smarty-php/source/detail?r=4658"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0468.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0468.html"
"url": "http://jvn.jp/en/jp/JVN63650108/index.html",
"refsource": "MISC",
"name": "http://jvn.jp/en/jp/JVN63650108/index.html"
},
{
"name": "50589",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50589"
"url": "http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000094.html",
"refsource": "MISC",
"name": "http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000094.html"
},
{
"name": "MDVSA-2014:221",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:221"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088138.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-September/088138.html"
},
{
"name": "JVNDB-2012-000094",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000094.html"
"url": "http://secunia.com/advisories/50589",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50589"
},
{
"name": "JVN#63650108",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN63650108/index.html"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:221",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:221"
},
{
"name": "[oss-security] 20120919 Re: CVE Request Smarty / php-Smarty: XSS in Smarty exception messages",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/3"
"url": "http://www.openwall.com/lists/oss-security/2012/09/19/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/19/1"
},
{
"name": "55506",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55506"
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/20/3"
},
{
"name": "http://code.google.com/p/smarty-php/source/detail?r=4658",
"refsource": "CONFIRM",
"url": "http://code.google.com/p/smarty-php/source/detail?r=4658"
"url": "http://www.securityfocus.com/bid/55506",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55506"
}
]
}

79
2012/4xxx/CVE-2012-4438.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4438",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "jenkins",
"version": {
"version_data": [
{
"version_value": "1.447.2"
}
]
}
}
]
},
"vendor_name": "jenkins"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "jenkins",
"product": {
"product_data": [
{
"product_name": "jenkins",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.447.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "http://www.openwall.com/lists/oss-security/2012/09/21/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/21/2"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4438",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4438"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2012-4438",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2012-4438"
},
{
"url": "https://www.cloudbees.com/jenkins-security-advisory-2012-09-17",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/21/2",
"url": "http://www.openwall.com/lists/oss-security/2012/09/21/2"
},
{
"refsource": "CONFIRM",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4438",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4438"
},
{
"refsource": "MISC",
"name": "https://www.cloudbees.com/jenkins-security-advisory-2012-09-17",
"url": "https://www.cloudbees.com/jenkins-security-advisory-2012-09-17"
"name": "https://www.cloudbees.com/jenkins-security-advisory-2012-09-17"
}
]
}

109
2013/1xxx/CVE-2013-1864.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1864",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,52 +27,76 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "52659",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/52659"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099553.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099553.html"
},
{
"name": "SUSE-SU-2014:0237",
"refsource": "SUSE",
"url": "https://www.suse.com/support/update/announcement/2014/suse-su-20140237-1.html"
"url": "http://osvdb.org/91439",
"refsource": "MISC",
"name": "http://osvdb.org/91439"
},
{
"name": "ptlib-xml-dos(82885)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82885"
"url": "http://seclists.org/oss-sec/2013/q1/674",
"refsource": "MISC",
"name": "http://seclists.org/oss-sec/2013/q1/674"
},
{
"name": "http://www.ekiga.org/news/2013-02-21/ekiga-4.0.1-stable-available",
"refsource": "CONFIRM",
"url": "http://www.ekiga.org/news/2013-02-21/ekiga-4.0.1-stable-available"
"url": "http://secunia.com/advisories/52659",
"refsource": "MISC",
"name": "http://secunia.com/advisories/52659"
},
{
"name": "FEDORA-2013-2998",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099553.html"
"url": "http://sourceforge.net/p/opalvoip/code/28856",
"refsource": "MISC",
"name": "http://sourceforge.net/p/opalvoip/code/28856"
},
{
"name": "91439",
"refsource": "OSVDB",
"url": "http://osvdb.org/91439"
"url": "http://www.ekiga.org/news/2013-02-21/ekiga-4.0.1-stable-available",
"refsource": "MISC",
"name": "http://www.ekiga.org/news/2013-02-21/ekiga-4.0.1-stable-available"
},
{
"name": "[oss-security] 20130315 Re: CVE request: billion laughs flaw in ptlib",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2013/q1/674"
"url": "http://www.securityfocus.com/bid/58520",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/58520"
},
{
"name": "http://sourceforge.net/p/opalvoip/code/28856",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/p/opalvoip/code/28856"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82885",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/82885"
},
{
"name": "58520",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/58520"
"url": "https://www.suse.com/support/update/announcement/2014/suse-su-20140237-1.html",
"refsource": "MISC",
"name": "https://www.suse.com/support/update/announcement/2014/suse-su-20140237-1.html"
}
]
}

48
2013/1xxx/CVE-2013-1872.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2013-1872 Mesa: Memory corruption (OOB read/write) on intel drivers"
"value": "The Intel drivers in Mesa 8.0.x and 9.0.x allow context-dependent attackers to cause a denial of service (reachable assertion and crash) and possibly execute arbitrary code via vectors involving 3d graphics that trigger an out-of-bounds array access, related to the fs_visitor::remove_dead_constants function. NOTE: this issue might be related to CVE-2013-0796."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:9.0-0.8.el6_4.3",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -89,16 +88,6 @@
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1888-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0897",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0897"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-1872",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-1872"
},
{
"url": "https://bugs.freedesktop.org/show_bug.cgi?id=59429",
"refsource": "MISC",
@ -110,30 +99,5 @@
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=923584"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}
}

85
2013/1xxx/CVE-2013-1879.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1879",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2013:1029",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1029.html"
"url": "http://rhn.redhat.com/errata/RHSA-2013-1029.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1029.html"
},
{
"name": "54073",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54073"
"url": "http://secunia.com/advisories/54073",
"refsource": "MISC",
"name": "http://secunia.com/advisories/54073"
},
{
"name": "https://issues.apache.org/jira/browse/AMQ-4397",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/AMQ-4397"
"url": "http://www.securityfocus.com/bid/61142",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/61142"
},
{
"name": "61142",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/61142"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85586",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85586"
},
{
"name": "activemq-cve20131879-xss(85586)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85586"
"url": "https://issues.apache.org/jira/browse/AMQ-4397",
"refsource": "MISC",
"name": "https://issues.apache.org/jira/browse/AMQ-4397"
}
]
}

79
2013/1xxx/CVE-2013-1880.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1880",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "65615",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65615"
"url": "http://rhn.redhat.com/errata/RHSA-2013-1029.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1029.html"
},
{
"name": "RHSA-2013:1029",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1029.html"
"url": "http://www.securityfocus.com/bid/65615",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/65615"
},
{
"name": "https://issues.apache.org/jira/browse/AMQ-4398",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/AMQ-4398"
"url": "https://issues.apache.org/jira/browse/AMQ-4398",
"refsource": "MISC",
"name": "https://issues.apache.org/jira/browse/AMQ-4398"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=924447",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=924447"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=924447",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=924447"
}
]
}

91
2013/1xxx/CVE-2013-1883.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1883",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,37 +27,61 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20130322 Re: CVE request: MantisBT text search query can crash site",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/03/22/2"
"url": "http://www.mantisbt.org/bugs/view.php?id=15573",
"refsource": "MISC",
"name": "http://www.mantisbt.org/bugs/view.php?id=15573"
},
{
"name": "https://github.com/mantisbt/mantisbt/commit/d16988c3ca232a7",
"refsource": "CONFIRM",
"url": "https://github.com/mantisbt/mantisbt/commit/d16988c3ca232a7"
"url": "http://www.openwall.com/lists/oss-security/2013/03/22/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/03/22/2"
},
{
"name": "mantisbt-filterapi-dos(83347)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83347"
"url": "http://www.securityfocus.com/bid/58626",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/58626"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=924340",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=924340"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83347",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83347"
},
{
"name": "http://www.mantisbt.org/bugs/view.php?id=15573",
"refsource": "CONFIRM",
"url": "http://www.mantisbt.org/bugs/view.php?id=15573"
"url": "https://github.com/mantisbt/mantisbt/commit/d16988c3ca232a7",
"refsource": "MISC",
"name": "https://github.com/mantisbt/mantisbt/commit/d16988c3ca232a7"
},
{
"name": "58626",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/58626"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=924340",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=924340"
}
]
}

57
2013/1xxx/CVE-2013-1892.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2013-1892 MongoDB: Server Side JavaScript Includes allow Remote Code Execution"
"value": "MongoDB before 2.0.9 and 2.2.x before 2.2.4 does not properly validate requests to the nativeHelper function in SpiderMonkey, which allows remote authenticated users to cause a denial of service (invalid memory access and server crash) or execute arbitrary code via a crafted memory address in the first argument."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
"value": "n/a"
}
]
}
@ -32,20 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise MRG 2",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:1.6.4-6.el6",
"version_affected": "!"
},
{
"version_value": "0:1.9-11.el6",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -98,51 +93,11 @@
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/03/25/9"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:1170",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:1170"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-1892",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-1892"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=927536",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=927536"
},
{
"url": "https://jira.mongodb.org/browse/SERVER-9124",
"refsource": "MISC",
"name": "https://jira.mongodb.org/browse/SERVER-9124"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}
}

91
2013/1xxx/CVE-2013-1897.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1897",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,37 +27,61 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "FEDORA-2013-4578",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101323.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101323.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101323.html"
},
{
"name": "https://git.fedorahosted.org/cgit/389/ds.git/commit/?h=389-ds-base-1.2.11&id=5a18c828533a670e7143327893f8171a19062286",
"refsource": "CONFIRM",
"url": "https://git.fedorahosted.org/cgit/389/ds.git/commit/?h=389-ds-base-1.2.11&id=5a18c828533a670e7143327893f8171a19062286"
"url": "http://rhn.redhat.com/errata/RHSA-2013-0742.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0742.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=928105",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=928105"
"url": "https://fedorahosted.org/389/ticket/47308",
"refsource": "MISC",
"name": "https://fedorahosted.org/389/ticket/47308"
},
{
"name": "https://fedorahosted.org/freeipa/ticket/3540",
"refsource": "CONFIRM",
"url": "https://fedorahosted.org/freeipa/ticket/3540"
"url": "https://fedorahosted.org/freeipa/ticket/3540",
"refsource": "MISC",
"name": "https://fedorahosted.org/freeipa/ticket/3540"
},
{
"name": "RHSA-2013:0742",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0742.html"
"url": "https://git.fedorahosted.org/cgit/389/ds.git/commit/?h=389-ds-base-1.2.11&id=5a18c828533a670e7143327893f8171a19062286",
"refsource": "MISC",
"name": "https://git.fedorahosted.org/cgit/389/ds.git/commit/?h=389-ds-base-1.2.11&id=5a18c828533a670e7143327893f8171a19062286"
},
{
"name": "https://fedorahosted.org/389/ticket/47308",
"refsource": "CONFIRM",
"url": "https://fedorahosted.org/389/ticket/47308"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=928105",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=928105"
}
]
}

87
2013/1xxx/CVE-2013-1910.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1910",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "yum",
"product": {
"product_data": [
{
"product_name": "yum",
"version": {
"version_data": [
{
"version_value": "3.4.3"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,36 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "yum",
"product": {
"product_data": [
{
"product_name": "yum",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.4.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2013-1910",
"url": "http://www.openwall.com/lists/oss-security/2013/03/29/4",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2013-1910"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1910",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1910"
},
{
"url": "https://access.redhat.com/security/cve/cve-2013-1910",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2013-1910"
"name": "http://www.openwall.com/lists/oss-security/2013/03/29/4"
},
{
"url": "http://www.securityfocus.com/bid/58533",
@ -73,14 +64,24 @@
"name": "http://www.securityfocus.com/bid/58533"
},
{
"url": "https://access.redhat.com/security/cve/cve-2013-1910",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/03/29/4",
"url": "http://www.openwall.com/lists/oss-security/2013/03/29/4"
"name": "https://access.redhat.com/security/cve/cve-2013-1910"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1910",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83348",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83348"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1910"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83348",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83348"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2013-1910",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2013-1910"
}
]
}

63
2013/1xxx/CVE-2013-1913.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2013-1913 gimp: xwd plugin g_new() integer overflow"
"value": "Integer overflow in the load_image function in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.6.9 and earlier, when used with glib before 2.24, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large color entries value in an X Window System (XWD) image dump."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Integer Overflow or Wraparound",
"cweId": "CWE-190"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "2:2.2.13-3.el5_10",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "2:2.6.9-6.el6_5",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -86,49 +74,14 @@
"name": "http://www.ubuntu.com/usn/USN-2051-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:1778",
"url": "https://security.gentoo.org/glsa/201603-01",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:1778"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-1913",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-1913"
"name": "https://security.gentoo.org/glsa/201603-01"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=947868",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=947868"
},
{
"url": "https://security.gentoo.org/glsa/201603-01",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201603-01"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

71
2013/4xxx/CVE-2013-4370.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4370",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://seclists.org/oss-sec/2013/q4/att-61/xsa69.patch",
"url": "http://security.gentoo.org/glsa/glsa-201407-03.xml",
"refsource": "MISC",
"url": "http://seclists.org/oss-sec/2013/q4/att-61/xsa69.patch"
"name": "http://security.gentoo.org/glsa/glsa-201407-03.xml"
},
{
"name": "GLSA-201407-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201407-03.xml"
"url": "http://seclists.org/oss-sec/2013/q4/att-61/xsa69.patch",
"refsource": "MISC",
"name": "http://seclists.org/oss-sec/2013/q4/att-61/xsa69.patch"
},
{
"name": "[oss-security] 20131010 Xen Security Advisory 69 (CVE-2013-4370) - misplaced free in ocaml xc_vcpu_getaffinity stub",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/10/10/13"
"url": "http://www.openwall.com/lists/oss-security/2013/10/10/13",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/10/10/13"
}
]
}

67
2013/4xxx/CVE-2013-4371.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4371",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,17 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "GLSA-201407-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201407-03.xml"
"url": "http://security.gentoo.org/glsa/glsa-201407-03.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201407-03.xml"
},
{
"name": "[oss-security] 20131010 Xen Security Advisory 70 (CVE-2013-4371) - use-after-free in libxl_list_cpupool under memory pressure",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/10/10/12"
"url": "http://www.openwall.com/lists/oss-security/2013/10/10/12",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/10/10/12"
}
]
}

97
2013/4xxx/CVE-2013-4372.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4372",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,42 +27,66 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2013:1862",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1862.html"
"url": "http://rhn.redhat.com/errata/RHSA-2013-1862.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1862.html"
},
{
"name": "62659",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/62659"
"url": "http://fusesource.com/forge/git/fuseenterprise.git/?p=fuseenterprise.git%3Ba=commitdiff%3Bh=f5436ea1c5547c851bb6f92561272fe42c146e68",
"refsource": "MISC",
"name": "http://fusesource.com/forge/git/fuseenterprise.git/?p=fuseenterprise.git%3Ba=commitdiff%3Bh=f5436ea1c5547c851bb6f92561272fe42c146e68"
},
{
"name": "http://fusesource.com/issues/browse/FMC-495",
"refsource": "CONFIRM",
"url": "http://fusesource.com/issues/browse/FMC-495"
"url": "http://fusesource.com/issues/browse/FMC-495",
"refsource": "MISC",
"name": "http://fusesource.com/issues/browse/FMC-495"
},
{
"name": "RHSA-2013:1286",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1286.html"
"url": "http://rhn.redhat.com/errata/RHSA-2013-1286.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1286.html"
},
{
"name": "http://fusesource.com/forge/git/fuseenterprise.git/?p=fuseenterprise.git;a=commitdiff;h=f5436ea1c5547c851bb6f92561272fe42c146e68",
"refsource": "CONFIRM",
"url": "http://fusesource.com/forge/git/fuseenterprise.git/?p=fuseenterprise.git;a=commitdiff;h=f5436ea1c5547c851bb6f92561272fe42c146e68"
"url": "http://www.securityfocus.com/bid/62659",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/62659"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1011736",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1011736"
"url": "https://github.com/jboss-fuse/fuse/commit/e280cb370323eeb759030919d5111ed809e8ded5",
"refsource": "MISC",
"name": "https://github.com/jboss-fuse/fuse/commit/e280cb370323eeb759030919d5111ed809e8ded5"
},
{
"name": "https://github.com/jboss-fuse/fuse/commit/e280cb370323eeb759030919d5111ed809e8ded5",
"refsource": "CONFIRM",
"url": "https://github.com/jboss-fuse/fuse/commit/e280cb370323eeb759030919d5111ed809e8ded5"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1011736",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1011736"
}
]
}

73
2013/4xxx/CVE-2013-4373.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4373",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "jon-cve20134373-insecure-permissions(88179)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88179"
"url": "http://rhn.redhat.com/errata/RHSA-2013-1448.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1448.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1011824",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1011824"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88179",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88179"
},
{
"name": "RHSA-2013:1448",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1448.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1011824",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1011824"
}
]
}

65
2013/4xxx/CVE-2013-4374.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4374",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "RHQ Mongo DB Drift Server",
"version": {
"version_data": [
{
"version_value": "through 2013-09-25"
}
]
}
}
]
},
"vendor_name": "RHQ Mongo DB Drift Server"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,17 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "RHQ Mongo DB Drift Server",
"product": {
"product_data": [
{
"product_name": "RHQ Mongo DB Drift Server",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "through 2013-09-25"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4374",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4374"
},
{
"url": "https://access.redhat.com/security/cve/cve-2013-4374",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2013-4374"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4374",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4374"
}
]
}

85
2013/4xxx/CVE-2013-4377.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4377",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[Qemu-devel] 20130920 [PATCH 11/11] virtio-pci: add device_unplugged callback",
"refsource": "MLIST",
"url": "http://lists.nongnu.org/archive/html/qemu-devel/2013-09/msg03347.html"
"url": "http://www.ubuntu.com/usn/USN-2092-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2092-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1012633",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1012633"
"url": "http://lists.nongnu.org/archive/html/qemu-devel/2013-09/msg03347.html",
"refsource": "MISC",
"name": "http://lists.nongnu.org/archive/html/qemu-devel/2013-09/msg03347.html"
},
{
"name": "55015",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55015"
"url": "http://secunia.com/advisories/55015",
"refsource": "MISC",
"name": "http://secunia.com/advisories/55015"
},
{
"name": "USN-2092-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2092-1"
"url": "http://www.openwall.com/lists/oss-security/2013/09/26/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/09/26/5"
},
{
"name": "[oss-security] 20130926 Re: CVE request: qemu host crash from within guest",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/09/26/5"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1012633",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1012633"
}
]
}

84
2013/4xxx/CVE-2013-4387.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2013-4387 Kernel: net: IPv6: panic when UFO=On for an interface"
"value": "net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not properly determine the need for UDP Fragmentation Offload (UFO) processing of small packets after the UFO queueing of a large packet, which allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via network traffic that triggers a large response packet."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
"value": "n/a"
}
]
}
@ -32,38 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-431.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6.4 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-358.37.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise MRG 2",
"version": {
"version_data": [
{
"version_value": "0:3.8.13-rt14.25.el6rt",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -86,11 +63,6 @@
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2049-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:1490",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:1490"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-1645.html",
"refsource": "MISC",
@ -131,11 +103,6 @@
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2050-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:1645",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:1645"
},
{
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2811ebac2521ceac84f2bdae402455baa6a7fb47",
"refsource": "MISC",
@ -162,49 +129,14 @@
"name": "http://www.ubuntu.com/usn/USN-2045-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0284",
"url": "https://github.com/torvalds/linux/commit/2811ebac2521ceac84f2bdae402455baa6a7fb47",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0284"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-4387",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-4387"
"name": "https://github.com/torvalds/linux/commit/2811ebac2521ceac84f2bdae402455baa6a7fb47"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1011927",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1011927"
},
{
"url": "https://github.com/torvalds/linux/commit/2811ebac2521ceac84f2bdae402455baa6a7fb47",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/2811ebac2521ceac84f2bdae402455baa6a7fb47"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}

91
2013/4xxx/CVE-2013-4391.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4391",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,37 +27,61 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=859051",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=859051"
"url": "http://www.debian.org/security/2013/dsa-2777",
"refsource": "MISC",
"name": "http://www.debian.org/security/2013/dsa-2777"
},
{
"name": "GLSA-201612-34",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-34"
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357",
"refsource": "MISC",
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357"
"url": "http://cgit.freedesktop.org/systemd/systemd/commit/?id=505b6a61c22d5565e9308045c7b9bf79f7d0517e",
"refsource": "MISC",
"name": "http://cgit.freedesktop.org/systemd/systemd/commit/?id=505b6a61c22d5565e9308045c7b9bf79f7d0517e"
},
{
"name": "DSA-2777",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2777"
"url": "http://www.openwall.com/lists/oss-security/2013/10/01/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/10/01/9"
},
{
"name": "[oss-security] 20131001 Re: [CVE request] systemd",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/10/01/9"
"url": "https://security.gentoo.org/glsa/201612-34",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201612-34"
},
{
"name": "http://cgit.freedesktop.org/systemd/systemd/commit/?id=505b6a61c22d5565e9308045c7b9bf79f7d0517e",
"refsource": "CONFIRM",
"url": "http://cgit.freedesktop.org/systemd/systemd/commit/?id=505b6a61c22d5565e9308045c7b9bf79f7d0517e"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=859051",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=859051"
}
]
}

73
2013/4xxx/CVE-2013-4392.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4392",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=859060",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=859060"
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357",
"refsource": "MISC",
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357"
"url": "http://www.openwall.com/lists/oss-security/2013/10/01/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/10/01/9"
},
{
"name": "[oss-security] 20131001 Re: [CVE request] systemd",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/10/01/9"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=859060",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=859060"
}
]
}

26
2018/14xxx/CVE-2018-14650.json
View File

@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Incorrect Permission Assignment for Critical Resource",
"value": "CWE-732",
"cweId": "CWE-732"
}
]
@ -32,16 +32,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "[UNKNOWN]",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"product_name": "sos-collector",
"version": {
"version_data": [
{
"version_value": "0:1.5-3.el7_6",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -59,16 +59,6 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2018:3663"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2018-14650",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2018-14650"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1633243",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1633243"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14650",
"refsource": "MISC",
@ -81,12 +71,6 @@
}
]
},
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Riccardo Schirone (Red Hat Product Security)."
}
],
"impact": {
"cvss": [
{

92
2018/14xxx/CVE-2018-14654.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the way glusterfs server handles client requests. A remote, authenticated attacker could set arbitrary values for the GF_XATTROP_ENTRY_IN_KEY and GF_XATTROP_ENTRY_OUT_KEY during xattrop file operation resulting in creation and deletion of arbitrary files on glusterfs server node."
"value": "The Gluster file system through version 4.1.4 is vulnerable to abuse of the 'features/index' translator. A remote attacker with access to mount volumes could exploit this via the 'GF_XATTROP_ENTRY_IN_KEY' xattrop to create arbitrary, empty files on the target server."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
"value": "CWE-22",
"cweId": "CWE-22"
}
]
@ -32,80 +32,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "The Gluster Project",
"product": {
"product_data": [
{
"product_name": "Native Client for RHEL 6 for Red Hat Storage",
"product_name": "glusterfs",
"version": {
"version_data": [
{
"version_value": "0:3.12.2-25.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Native Client for RHEL 7 for Red Hat Storage",
"version": {
"version_data": [
{
"version_value": "0:3.12.2-25.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Gluster Storage 3.4 for RHEL 6",
"version": {
"version_data": [
{
"version_value": "0:3.12.2-25.el6rhs",
"version_affected": "!"
},
{
"version_value": "0:3.4.1.0-1.el6rhs",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Gluster Storage 3.4 for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:3.12.2-25.el7rhgs",
"version_affected": "!"
},
{
"version_value": "0:3.4.1.0-1.el7rhgs",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:3.12.2-25.el7",
"version_affected": "!"
},
{
"version_value": "0:1.0.29-1.el7ev",
"version_affected": "!"
},
{
"version_value": "0:4.2-7.3.el7",
"version_affected": "!"
},
{
"version_value": "0:4.2-20181026.0.el7_6",
"version_affected": "!"
"version_affected": "=",
"version_value": "through 4.1.4"
}
]
}
@ -143,16 +79,6 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2018:3470"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2018-14654",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2018-14654"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1631576",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1631576"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14654",
"refsource": "MISC",
@ -160,12 +86,6 @@
}
]
},
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Michael Hanselmann (hansmi.ch) for reporting this issue."
}
],
"impact": {
"cvss": [
{

110
2018/14xxx/CVE-2018-14655.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-14655",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "keycloak",
"version": {
"version_data": [
{
"version_value": "3.4.3.Final, 4.0.0.Beta2, 4.3.0.Final"
}
]
}
}
]
},
"vendor_name": "Red Hat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -38,49 +15,82 @@
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "4.6/CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79"
"value": "CWE-79",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "keycloak",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.4.3.Final, 4.0.0.Beta2, 4.3.0.Final"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14655",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14655"
"url": "https://access.redhat.com/errata/RHSA-2018:3592",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2018:3592"
},
{
"name": "RHSA-2018:3592",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3592"
"url": "https://access.redhat.com/errata/RHSA-2018:3593",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2018:3593"
},
{
"name": "RHSA-2018:3593",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3593"
"url": "https://access.redhat.com/errata/RHSA-2018:3595",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2018:3595"
},
{
"name": "RHSA-2018:3595",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3595"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14655",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14655"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
}
]
}

128
2018/14xxx/CVE-2018-14656.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-14656",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "[UNKNOWN]"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -38,59 +15,92 @@
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "7/CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
"value": "CWE-20",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "[UNKNOWN]",
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14656",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14656"
},
{
"name": "1041804",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041804"
},
{
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=342db04ae71273322f0011384a9ed414df8bdae4",
"refsource": "CONFIRM",
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=342db04ae71273322f0011384a9ed414df8bdae4"
},
{
"name": "https://lore.kernel.org/lkml/20180828154901.112726-1-jannh@google.com/T/",
"url": "http://www.securitytracker.com/id/1041804",
"refsource": "MISC",
"url": "https://lore.kernel.org/lkml/20180828154901.112726-1-jannh@google.com/T/"
"name": "http://www.securitytracker.com/id/1041804"
},
{
"name": "https://seclists.org/oss-sec/2018/q4/9",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1650",
"refsource": "MISC",
"url": "https://seclists.org/oss-sec/2018/q4/9"
"name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1650"
},
{
"name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14656",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1650"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14656"
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=342db04ae71273322f0011384a9ed414df8bdae4",
"refsource": "MISC",
"name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=342db04ae71273322f0011384a9ed414df8bdae4"
},
{
"url": "https://lore.kernel.org/lkml/20180828154901.112726-1-jannh%40google.com/T/",
"refsource": "MISC",
"name": "https://lore.kernel.org/lkml/20180828154901.112726-1-jannh%40google.com/T/"
},
{
"url": "https://seclists.org/oss-sec/2018/q4/9",
"refsource": "MISC",
"name": "https://seclists.org/oss-sec/2018/q4/9"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
]
}

92
2018/14xxx/CVE-2018-14659.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in glusterfs server which allowed clients to create io-stats dumps on server node. A remote, authenticated attacker could use this flaw to create io-stats dump on a server without any limitation and utilizing all available inodes resulting in remote denial of service."
"value": "The Gluster file system through versions 4.1.4 and 3.1.2 is vulnerable to a denial of service attack via use of the 'GF_XATTR_IOSTATS_DUMP_KEY' xattr. A remote, authenticated attacker could exploit this by mounting a Gluster volume and repeatedly calling 'setxattr(2)' to trigger a state dump and create an arbitrary number of files in the server's runtime directory."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Uncontrolled Resource Consumption",
"value": "CWE-400",
"cweId": "CWE-400"
}
]
@ -32,80 +32,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "The Gluster Project",
"product": {
"product_data": [
{
"product_name": "Native Client for RHEL 6 for Red Hat Storage",
"product_name": "glusterfs",
"version": {
"version_data": [
{
"version_value": "0:3.12.2-25.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Native Client for RHEL 7 for Red Hat Storage",
"version": {
"version_data": [
{
"version_value": "0:3.12.2-25.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Gluster Storage 3.4 for RHEL 6",
"version": {
"version_data": [
{
"version_value": "0:3.12.2-25.el6rhs",
"version_affected": "!"
},
{
"version_value": "0:3.4.1.0-1.el6rhs",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Gluster Storage 3.4 for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:3.12.2-25.el7rhgs",
"version_affected": "!"
},
{
"version_value": "0:3.4.1.0-1.el7rhgs",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:3.12.2-25.el7",
"version_affected": "!"
},
{
"version_value": "0:1.0.29-1.el7ev",
"version_affected": "!"
},
{
"version_value": "0:4.2-7.3.el7",
"version_affected": "!"
},
{
"version_value": "0:4.2-20181026.0.el7_6",
"version_affected": "!"
"version_affected": "=",
"version_value": "through 3.1.2 and 4.1.4"
}
]
}
@ -148,16 +84,6 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2018:3470"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2018-14659",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2018-14659"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1635929",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1635929"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14659",
"refsource": "MISC",
@ -165,12 +91,6 @@
}
]
},
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Michael Hanselmann (hansmi.ch) for reporting this issue."
}
],
"impact": {
"cvss": [
{

92
2018/14xxx/CVE-2018-14660.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in glusterfs server which allowed repeated usage of GF_META_LOCK_KEY xattr. A remote, authenticated attacker could use this flaw to create multiple locks for single inode by using setxattr repetitively resulting in memory exhaustion of glusterfs server node."
"value": "A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated usage of GF_META_LOCK_KEY xattr. A remote, authenticated attacker could use this flaw to create multiple locks for single inode by using setxattr repetitively resulting in memory exhaustion of glusterfs server node."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Uncontrolled Resource Consumption",
"value": "CWE-400",
"cweId": "CWE-400"
}
]
@ -32,80 +32,20 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "[UNKNOWN]",
"product": {
"product_data": [
{
"product_name": "Native Client for RHEL 6 for Red Hat Storage",
"product_name": "glusterfs",
"version": {
"version_data": [
{
"version_value": "0:3.12.2-25.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Native Client for RHEL 7 for Red Hat Storage",
"version": {
"version_data": [
{
"version_value": "0:3.12.2-25.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Gluster Storage 3.4 for RHEL 6",
"version": {
"version_data": [
{
"version_value": "0:3.12.2-25.el6rhs",
"version_affected": "!"
"version_affected": "=",
"version_value": "affected versions through 4.1.4"
},
{
"version_value": "0:3.4.1.0-1.el6rhs",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Gluster Storage 3.4 for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:3.12.2-25.el7rhgs",
"version_affected": "!"
},
{
"version_value": "0:3.4.1.0-1.el7rhgs",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:3.12.2-25.el7",
"version_affected": "!"
},
{
"version_value": "0:1.0.29-1.el7ev",
"version_affected": "!"
},
{
"version_value": "0:4.2-7.3.el7",
"version_affected": "!"
},
{
"version_value": "0:4.2-20181026.0.el7_6",
"version_affected": "!"
"version_affected": "=",
"version_value": "affected versions through 3.1.2"
}
]
}
@ -143,16 +83,6 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2018:3470"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2018-14660",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2018-14660"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1635926",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1635926"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14660",
"refsource": "MISC",
@ -160,12 +90,6 @@
}
]
},
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Michael Hanselmann (hansmi.ch) for reporting this issue."
}
],
"impact": {
"cvss": [
{

98
2018/14xxx/CVE-2018-14666.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-14666",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Satellite",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "[UNKNOWN]"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -38,39 +15,72 @@
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "6.8/CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-285"
"value": "CWE-285",
"cweId": "CWE-285"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "[UNKNOWN]",
"product": {
"product_data": [
{
"product_name": "Satellite",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "106490",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106490"
"url": "http://www.securityfocus.com/bid/106490",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/106490"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14666",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14666"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14666",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14666"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
]
}

156
2018/14xxx/CVE-2018-14667.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-14667",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "RichFaces",
"version": {
"version_data": [
{
"version_value": "affected 3.X through 3.3.4"
}
]
}
}
]
},
"vendor_name": "[UNKNOWN]"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -38,69 +15,102 @@
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "9.8/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-94"
"value": "CWE-94",
"cweId": "CWE-94"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "[UNKNOWN]",
"product": {
"product_data": [
{
"product_name": "RichFaces",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "affected 3.X through 3.3.4"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14667",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14667"
},
{
"name": "RHSA-2018:3519",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3519"
},
{
"name": "RHSA-2018:3581",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3581"
},
{
"name": "RHSA-2018:3518",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3518"
},
{
"name": "RHSA-2018:3517",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3517"
},
{
"name": "1042037",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1042037"
},
{
"url": "http://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html",
"url": "http://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html"
"name": "http://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html"
},
{
"refsource": "FULLDISC",
"name": "20200313 RichFaces exploitation toolkit",
"url": "http://seclists.org/fulldisclosure/2020/Mar/21"
"url": "http://seclists.org/fulldisclosure/2020/Mar/21",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2020/Mar/21"
},
{
"url": "http://www.securitytracker.com/id/1042037",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1042037"
},
{
"url": "https://access.redhat.com/errata/RHSA-2018:3517",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2018:3517"
},
{
"url": "https://access.redhat.com/errata/RHSA-2018:3518",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2018:3518"
},
{
"url": "https://access.redhat.com/errata/RHSA-2018:3519",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2018:3519"
},
{
"url": "https://access.redhat.com/errata/RHSA-2018:3581",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2018:3581"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14667",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14667"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
]
}

56
2018/16xxx/CVE-2018-16838.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2018-16838 sssd: improper implementation of GPOs due to too restrictive permissions"
"value": "A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by SSSD due to a too strict permission settings on the server side, SSSD will allow all authenticated users to login instead of denying access."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Access Control",
"value": "CWE-284",
"cweId": "CWE-284"
}
]
@ -32,50 +32,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "[UNKNOWN]",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"product_name": "sssd",
"version": {
"version_data": [
{
"version_value": "0:1.16.4-21.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "0:2.2.0-19.el8",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:1.1.9-0.1.el7ev",
"version_affected": "!"
},
{
"version_value": "0:4.3.5-0.20190717.0.el7ev",
"version_affected": "!"
},
{
"version_value": "0:4.3.5-2.el7ev",
"version_affected": "!"
},
{
"version_value": "0:4.3.5-20190722.0.el7_7",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -113,16 +79,6 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2019:3651"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2018-16838",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2018-16838"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1640820",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1640820"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16838",
"refsource": "MISC",