From 62bf8be44b9392f315ae6ab532e5a00ba0227750 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 12 Feb 2023 23:02:52 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2015/7xxx/CVE-2015-7498.json | 79 ++++----------------------------- 2015/7xxx/CVE-2015-7507.json | 17 ++++---- 2015/7xxx/CVE-2015-7508.json | 17 ++++---- 2015/7xxx/CVE-2015-7518.json | 80 +++------------------------------ 2015/7xxx/CVE-2015-7528.json | 64 +++------------------------ 2015/7xxx/CVE-2015-7546.json | 85 ++++++++++++++++++------------------ 6 files changed, 81 insertions(+), 261 deletions(-) diff --git a/2015/7xxx/CVE-2015-7498.json b/2015/7xxx/CVE-2015-7498.json index 9749e7c5a15..32b00d29474 100644 --- a/2015/7xxx/CVE-2015-7498.json +++ b/2015/7xxx/CVE-2015-7498.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "A denial of service flaw was found in libxml2. A remote attacker could provide a specially crafted XML or HTML file that, when processed by an application using libxml2, would cause that application to crash." + "value": "Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure." } ] }, @@ -21,8 +21,7 @@ "description": [ { "lang": "eng", - "value": "Heap-based Buffer Overflow", - "cweId": "CWE-122" + "value": "n/a" } ] } @@ -32,27 +31,16 @@ "vendor": { "vendor_data": [ { - "vendor_name": "Red Hat", + "vendor_name": "n/a", "product": { "product_data": [ { - "product_name": "Red Hat Enterprise Linux 6", + "product_name": "n/a", "version": { "version_data": [ { - "version_value": "0:2.7.6-20.el6_7.1", - "version_affected": "!" - } - ] - } - }, - { - "product_name": "Red Hat Enterprise Linux 7", - "version": { - "version_data": [ - { - "version_value": "0:2.9.1-6.el7_2.2", - "version_affected": "!" + "version_affected": "=", + "version_value": "n/a" } ] } @@ -120,21 +108,6 @@ "refsource": "MISC", "name": "http://www.ubuntu.com/usn/USN-2834-1" }, - { - "url": "https://access.redhat.com/errata/RHSA-2015:2549", - "refsource": "MISC", - "name": "https://access.redhat.com/errata/RHSA-2015:2549" - }, - { - "url": "https://access.redhat.com/errata/RHSA-2015:2550", - "refsource": "MISC", - "name": "https://access.redhat.com/errata/RHSA-2015:2550" - }, - { - "url": "https://access.redhat.com/errata/RHSA-2016:1089", - "refsource": "MISC", - "name": "https://access.redhat.com/errata/RHSA-2016:1089" - }, { "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04944172", "refsource": "MISC", @@ -151,50 +124,14 @@ "name": "http://www.securityfocus.com/bid/79548" }, { - "url": "https://access.redhat.com/security/cve/CVE-2015-7498", + "url": "https://git.gnome.org/browse/libxml2/commit/?id=afd27c21f6b36e22682b7da20d726bce2dcb2f43", "refsource": "MISC", - "name": "https://access.redhat.com/security/cve/CVE-2015-7498" + "name": "https://git.gnome.org/browse/libxml2/commit/?id=afd27c21f6b36e22682b7da20d726bce2dcb2f43" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281879", "refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1281879" - }, - { - "url": "https://git.gnome.org/browse/libxml2/commit/?id=afd27c21f6b36e22682b7da20d726bce2dcb2f43", - "refsource": "MISC", - "name": "https://git.gnome.org/browse/libxml2/commit/?id=afd27c21f6b36e22682b7da20d726bce2dcb2f43" - } - ] - }, - "credits": [ - { - "lang": "en", - "value": "Red Hat would like to thank the GNOME project for reporting this issue. Upstream acknowledges Kostya Serebryany as the original reporter." - } - ], - "impact": { - "cvss": [ - { - "accessComplexity": "MEDIUM", - "accessVector": "NETWORK", - "authentication": "NONE", - "availabilityImpact": "PARTIAL", - "availabilityRequirement": "NOT_DEFINED", - "baseScore": 4.3, - "collateralDamagePotential": "NOT_DEFINED", - "confidentialityImpact": "NONE", - "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 0, - "exploitability": "NOT_DEFINED", - "integrityImpact": "NONE", - "integrityRequirement": "NOT_DEFINED", - "remediationLevel": "NOT_DEFINED", - "reportConfidence": "NOT_DEFINED", - "targetDistribution": "NOT_DEFINED", - "temporalScore": 0, - "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", - "version": "2.0" } ] } diff --git a/2015/7xxx/CVE-2015-7507.json b/2015/7xxx/CVE-2015-7507.json index a3b58535334..2cf9526ec21 100644 --- a/2015/7xxx/CVE-2015-7507.json +++ b/2015/7xxx/CVE-2015-7507.json @@ -1,12 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2015-7507", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -39,6 +39,7 @@ "version": { "version_data": [ { + "version_affected": "=", "version_value": "0.1.2" } ] @@ -53,14 +54,14 @@ "references": { "reference_data": [ { + "url": "http://seclists.org/fulldisclosure/2015/Dec/73", "refsource": "MISC", - "name": "http://www.securityfocus.com/archive/1/archive/1/537132/100/0/threaded", - "url": "http://www.securityfocus.com/archive/1/archive/1/537132/100/0/threaded" + "name": "http://seclists.org/fulldisclosure/2015/Dec/73" }, { + "url": "http://www.securityfocus.com/archive/1/archive/1/537132/100/0/threaded", "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2015/Dec/73", - "url": "http://seclists.org/fulldisclosure/2015/Dec/73" + "name": "http://www.securityfocus.com/archive/1/archive/1/537132/100/0/threaded" } ] } diff --git a/2015/7xxx/CVE-2015-7508.json b/2015/7xxx/CVE-2015-7508.json index 4867cc07d6a..834daaa7efd 100644 --- a/2015/7xxx/CVE-2015-7508.json +++ b/2015/7xxx/CVE-2015-7508.json @@ -1,12 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2015-7508", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -39,6 +39,7 @@ "version": { "version_data": [ { + "version_affected": "=", "version_value": "0.1.2" } ] @@ -53,14 +54,14 @@ "references": { "reference_data": [ { + "url": "http://seclists.org/fulldisclosure/2015/Dec/73", "refsource": "MISC", - "name": "http://www.securityfocus.com/archive/1/archive/1/537132/100/0/threaded", - "url": "http://www.securityfocus.com/archive/1/archive/1/537132/100/0/threaded" + "name": "http://seclists.org/fulldisclosure/2015/Dec/73" }, { + "url": "http://www.securityfocus.com/archive/1/archive/1/537132/100/0/threaded", "refsource": "MISC", - "name": "http://seclists.org/fulldisclosure/2015/Dec/73", - "url": "http://seclists.org/fulldisclosure/2015/Dec/73" + "name": "http://www.securityfocus.com/archive/1/archive/1/537132/100/0/threaded" } ] } diff --git a/2015/7xxx/CVE-2015-7518.json b/2015/7xxx/CVE-2015-7518.json index 9d57df8e54a..e9ce1767efc 100644 --- a/2015/7xxx/CVE-2015-7518.json +++ b/2015/7xxx/CVE-2015-7518.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "A stored cross-site scripting (XSS) flaw was found in the smart class parameters/variables field. By sending a specially crafted request to Satellite, a remote, authenticated attacker could embed HTML content into the stored data, allowing them to inject malicious content into the web page that is used to view that data." + "value": "Multiple cross-site scripting (XSS) vulnerabilities in information popups in Foreman before 1.10.0 allow remote attackers to inject arbitrary web script or HTML via (1) global parameters, (2) smart class parameters, or (3) smart variables in the (a) host or (b) hostgroup edit forms." } ] }, @@ -21,8 +21,7 @@ "description": [ { "lang": "eng", - "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", - "cweId": "CWE-79" + "value": "n/a" } ] } @@ -32,48 +31,16 @@ "vendor": { "vendor_data": [ { - "vendor_name": "Red Hat", + "vendor_name": "n/a", "product": { "product_data": [ { - "product_name": "Red Hat Satellite 6.1", + "product_name": "n/a", "version": { "version_data": [ { - "version_value": "0:0.9.49.11-1.el6", - "version_affected": "!" - }, - { - "version_value": "0:1.7.2.53-1.el7sat", - "version_affected": "!" - }, - { - "version_value": "0:2.3.25-1.el7sat", - "version_affected": "!" - }, - { - "version_value": "0:2.6.0.20-1.el6", - "version_affected": "!" - }, - { - "version_value": "0:2.6.0.20-1.el7sat", - "version_affected": "!" - }, - { - "version_value": "1:3.0.24-11.pulp.el7sat", - "version_affected": "!" - }, - { - "version_value": "0:1.24.1-1.el7sat", - "version_affected": "!" - }, - { - "version_value": "0:2.2.0.83-1.el6_6sat", - "version_affected": "!" - }, - { - "version_value": "0:0.0.7.21-1.el7sat", - "version_affected": "!" + "version_affected": "=", + "version_value": "n/a" } ] } @@ -105,41 +72,6 @@ "url": "https://access.redhat.com/errata/RHSA-2016:0174", "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2016:0174" - }, - { - "url": "https://access.redhat.com/security/cve/CVE-2015-7518", - "refsource": "MISC", - "name": "https://access.redhat.com/security/cve/CVE-2015-7518" - }, - { - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1285728", - "refsource": "MISC", - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1285728" - } - ] - }, - "impact": { - "cvss": [ - { - "accessComplexity": "MEDIUM", - "accessVector": "NETWORK", - "authentication": "SINGLE", - "availabilityImpact": "NONE", - "availabilityRequirement": "NOT_DEFINED", - "baseScore": 3.5, - "collateralDamagePotential": "NOT_DEFINED", - "confidentialityImpact": "NONE", - "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 0, - "exploitability": "NOT_DEFINED", - "integrityImpact": "PARTIAL", - "integrityRequirement": "NOT_DEFINED", - "remediationLevel": "NOT_DEFINED", - "reportConfidence": "NOT_DEFINED", - "targetDistribution": "NOT_DEFINED", - "temporalScore": 0, - "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", - "version": "2.0" } ] } diff --git a/2015/7xxx/CVE-2015-7528.json b/2015/7xxx/CVE-2015-7528.json index a4a822f84f4..b5342133c21 100644 --- a/2015/7xxx/CVE-2015-7528.json +++ b/2015/7xxx/CVE-2015-7528.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "It was found that OpenShift's API back end did not verify requests for pod log locations, allowing a pod on a Node to request logs for any other pod on that Node. A remote attacker could use this flaw to view sensitive information via pod logs that they would normally not have access to." + "value": "Kubernetes before 1.2.0-alpha.5 allows remote attackers to read arbitrary pod logs via a container name." } ] }, @@ -21,8 +21,7 @@ "description": [ { "lang": "eng", - "value": "Improper Input Validation", - "cweId": "CWE-20" + "value": "n/a" } ] } @@ -32,27 +31,16 @@ "vendor": { "vendor_data": [ { - "vendor_name": "Red Hat", + "vendor_name": "n/a", "product": { "product_data": [ { - "product_name": "Red Hat OpenShift Enterprise 3.0", + "product_name": "n/a", "version": { "version_data": [ { - "version_value": "0:3.0.2.0-0.git.38.7576bc5.el7ose", - "version_affected": "!" - } - ] - } - }, - { - "product_name": "Red Hat OpenShift Enterprise 3.1", - "version": { - "version_data": [ - { - "version_value": "0:3.1.0.4-1.git.15.5e061c3.el7aos", - "version_affected": "!" + "version_affected": "=", + "version_value": "n/a" } ] } @@ -75,21 +63,6 @@ "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2015:2544" }, - { - "url": "https://access.redhat.com/errata/RHSA-2015:2615", - "refsource": "MISC", - "name": "https://access.redhat.com/errata/RHSA-2015:2615" - }, - { - "url": "https://access.redhat.com/security/cve/CVE-2015-7528", - "refsource": "MISC", - "name": "https://access.redhat.com/security/cve/CVE-2015-7528" - }, - { - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1286745", - "refsource": "MISC", - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1286745" - }, { "url": "https://github.com/kubernetes/kubernetes/pull/17886", "refsource": "MISC", @@ -106,30 +79,5 @@ "name": "https://github.com/openshift/origin/pull/6113" } ] - }, - "impact": { - "cvss": [ - { - "accessComplexity": "LOW", - "accessVector": "NETWORK", - "authentication": "SINGLE", - "availabilityImpact": "NONE", - "availabilityRequirement": "NOT_DEFINED", - "baseScore": 4, - "collateralDamagePotential": "NOT_DEFINED", - "confidentialityImpact": "PARTIAL", - "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 0, - "exploitability": "NOT_DEFINED", - "integrityImpact": "NONE", - "integrityRequirement": "NOT_DEFINED", - "remediationLevel": "NOT_DEFINED", - "reportConfidence": "NOT_DEFINED", - "targetDistribution": "NOT_DEFINED", - "temporalScore": 0, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", - "version": "2.0" - } - ] } } \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7546.json b/2015/7xxx/CVE-2015-7546.json index 8cc7c2a0719..5b4c441e78c 100644 --- a/2015/7xxx/CVE-2015-7546.json +++ b/2015/7xxx/CVE-2015-7546.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2015-7546", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,32 +27,56 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://wiki.openstack.org/wiki/OSSN/OSSN-0062", - "refsource": "CONFIRM", - "url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0062" + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "MISC", + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { - "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource": "CONFIRM", - "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + "url": "http://www.securityfocus.com/bid/80498", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/80498" }, { - "name": "https://bugs.launchpad.net/keystone/+bug/1490804", - "refsource": "CONFIRM", - "url": "https://bugs.launchpad.net/keystone/+bug/1490804" + "url": "https://bugs.launchpad.net/keystone/+bug/1490804", + "refsource": "MISC", + "name": "https://bugs.launchpad.net/keystone/+bug/1490804" }, { - "name": "https://security.openstack.org/ossa/OSSA-2016-005.html", - "refsource": "CONFIRM", - "url": "https://security.openstack.org/ossa/OSSA-2016-005.html" + "url": "https://security.openstack.org/ossa/OSSA-2016-005.html", + "refsource": "MISC", + "name": "https://security.openstack.org/ossa/OSSA-2016-005.html" }, { - "name": "80498", - "refsource": "BID", - "url": "http://www.securityfocus.com/bid/80498" + "url": "https://wiki.openstack.org/wiki/OSSN/OSSN-0062", + "refsource": "MISC", + "name": "https://wiki.openstack.org/wiki/OSSN/OSSN-0062" } ] }