From 6076571cb9699d5408fac512ea408c72e059bfea Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 4 Apr 2019 14:00:49 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2014/3xxx/CVE-2014-3603.json | 70 ++++++++++++++++++++++++++++++++-- 2019/10xxx/CVE-2019-10846.json | 18 +++++++++ 2019/10xxx/CVE-2019-10847.json | 18 +++++++++ 2019/10xxx/CVE-2019-10848.json | 18 +++++++++ 2019/10xxx/CVE-2019-10849.json | 18 +++++++++ 2019/10xxx/CVE-2019-10850.json | 18 +++++++++ 2019/10xxx/CVE-2019-10851.json | 18 +++++++++ 2019/10xxx/CVE-2019-10852.json | 18 +++++++++ 2019/10xxx/CVE-2019-10853.json | 18 +++++++++ 2019/10xxx/CVE-2019-10854.json | 18 +++++++++ 2019/10xxx/CVE-2019-10855.json | 18 +++++++++ 11 files changed, 247 insertions(+), 3 deletions(-) create mode 100644 2019/10xxx/CVE-2019-10846.json create mode 100644 2019/10xxx/CVE-2019-10847.json create mode 100644 2019/10xxx/CVE-2019-10848.json create mode 100644 2019/10xxx/CVE-2019-10849.json create mode 100644 2019/10xxx/CVE-2019-10850.json create mode 100644 2019/10xxx/CVE-2019-10851.json create mode 100644 2019/10xxx/CVE-2019-10852.json create mode 100644 2019/10xxx/CVE-2019-10853.json create mode 100644 2019/10xxx/CVE-2019-10854.json create mode 100644 2019/10xxx/CVE-2019-10855.json diff --git a/2014/3xxx/CVE-2014-3603.json b/2014/3xxx/CVE-2014-3603.json index d90243914f3..b10304ef6bf 100644 --- a/2014/3xxx/CVE-2014-3603.json +++ b/2014/3xxx/CVE-2014-3603.json @@ -1,8 +1,8 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2014-3603", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +11,71 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The (1) HttpResource and (2) FileBackedHttpResource implementations in Shibboleth Identity Provider (IdP) before 2.4.1 and OpenSAML Java 2.6.2 do not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Other" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Shibboleth; OpenSAML Java", + "product": { + "product_data": [ + { + "product_name": "Identity Provider (IdP)", + "version": { + "version_data": [ + { + "version_value": "< 2.4.1" + } + ] + } + }, + { + "product_name": "OpenSAML Java", + "version": { + "version_data": [ + { + "version_value": "< 2.6.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "refsource": "SECUNIA", + "name": "60816", + "url": "http://secunia.com/advisories/60816" + }, + { + "refsource": "CONFIRM", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1131823", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1131823" + }, + { + "refsource": "CONFIRM", + "name": "http://shibboleth.net/community/advisories/secadv_20140813.txt", + "url": "http://shibboleth.net/community/advisories/secadv_20140813.txt" } ] } diff --git a/2019/10xxx/CVE-2019-10846.json b/2019/10xxx/CVE-2019-10846.json new file mode 100644 index 00000000000..8dc82b9d0c2 --- /dev/null +++ b/2019/10xxx/CVE-2019-10846.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10846", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10847.json b/2019/10xxx/CVE-2019-10847.json new file mode 100644 index 00000000000..cf7ed3b08bb --- /dev/null +++ b/2019/10xxx/CVE-2019-10847.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10847", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10848.json b/2019/10xxx/CVE-2019-10848.json new file mode 100644 index 00000000000..ae86c043e36 --- /dev/null +++ b/2019/10xxx/CVE-2019-10848.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10848", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10849.json b/2019/10xxx/CVE-2019-10849.json new file mode 100644 index 00000000000..bf16ffc4991 --- /dev/null +++ b/2019/10xxx/CVE-2019-10849.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10849", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10850.json b/2019/10xxx/CVE-2019-10850.json new file mode 100644 index 00000000000..a9e1cfedfbc --- /dev/null +++ b/2019/10xxx/CVE-2019-10850.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10850", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10851.json b/2019/10xxx/CVE-2019-10851.json new file mode 100644 index 00000000000..daa2a083a33 --- /dev/null +++ b/2019/10xxx/CVE-2019-10851.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10851", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10852.json b/2019/10xxx/CVE-2019-10852.json new file mode 100644 index 00000000000..40802d930bc --- /dev/null +++ b/2019/10xxx/CVE-2019-10852.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10852", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10853.json b/2019/10xxx/CVE-2019-10853.json new file mode 100644 index 00000000000..df4e3b8a916 --- /dev/null +++ b/2019/10xxx/CVE-2019-10853.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10853", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10854.json b/2019/10xxx/CVE-2019-10854.json new file mode 100644 index 00000000000..6f292bb51c4 --- /dev/null +++ b/2019/10xxx/CVE-2019-10854.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10854", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/10xxx/CVE-2019-10855.json b/2019/10xxx/CVE-2019-10855.json new file mode 100644 index 00000000000..d07be32c3a3 --- /dev/null +++ b/2019/10xxx/CVE-2019-10855.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-10855", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file