diff --git a/2012/5xxx/CVE-2012-5663.json b/2012/5xxx/CVE-2012-5663.json index cd2312eaa56..b9871e49ece 100644 --- a/2012/5xxx/CVE-2012-5663.json +++ b/2012/5xxx/CVE-2012-5663.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-5663", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "textproc/isearch package", + "product": { + "product_data": [ + { + "product_name": "textproc/isearch package", + "version": { + "version_data": [ + { + "version_value": "before 1.47.01nb1" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,48 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The isearch package (textproc/isearch) before 1.47.01nb1 uses the tempnam() function to create insecure temporary files into a publicly-writable area (/tmp)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Other" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://security-tracker.debian.org/tracker/CVE-2012-5663", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2012-5663" + }, + { + "url": "https://access.redhat.com/security/cve/cve-2012-5663", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/cve-2012-5663" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2012/12/21/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2012/12/21/2" + }, + { + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2012/12/21/3", + "url": "http://www.openwall.com/lists/oss-security/2012/12/21/3" + }, + { + "refsource": "MISC", + "name": "http://gnats.netbsd.org/47360", + "url": "http://gnats.netbsd.org/47360" } ] } diff --git a/2013/0xxx/CVE-2013-0196.json b/2013/0xxx/CVE-2013-0196.json index 5c914f5e268..6d6009c5924 100644 --- a/2013/0xxx/CVE-2013-0196.json +++ b/2013/0xxx/CVE-2013-0196.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-0196", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "OpenShift", + "product": { + "product_data": [ + { + "product_name": "OpenShift Enterprise", + "version": { + "version_data": [ + { + "version_value": "1.2" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A CSRF issue was found in OpenShift Enterprise 1.2. The web console is using 'Basic authentication' and the REST API has no CSRF attack protection mechanism. This can allow an attacker to obtain the credential and the Authorization: header when requesting the REST API via web browser." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Request Forgery " + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0196", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0196" + }, + { + "url": "https://access.redhat.com/security/cve/cve-2013-0196", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/cve-2013-0196" } ] } diff --git a/2013/0xxx/CVE-2013-0264.json b/2013/0xxx/CVE-2013-0264.json index 68493bae531..4b6d5334551 100644 --- a/2013/0xxx/CVE-2013-0264.json +++ b/2013/0xxx/CVE-2013-0264.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-0264", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "cumin", + "product": { + "product_data": [ + { + "product_name": "cumin", + "version": { + "version_data": [ + { + "version_value": "r5310" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An import error was introduced in Cumin in the code refactoring in r5310. Server certificate validation is always disabled when connecting to Aviary servers, even if the installed packages on a system support it." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "General Configuration Problem" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0264", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-0264" + }, + { + "url": "https://access.redhat.com/security/cve/cve-2013-0264", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/cve-2013-0264" } ] } diff --git a/2013/2xxx/CVE-2013-2016.json b/2013/2xxx/CVE-2013-2016.json index b864a7cea09..1d881c76754 100644 --- a/2013/2xxx/CVE-2013-2016.json +++ b/2013/2xxx/CVE-2013-2016.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-2016", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "qemu", + "product": { + "product_data": [ + { + "product_name": "qemu (virtio-rng)", + "version": { + "version_data": [ + { + "version_value": "v1.3.0 and later" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,63 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, such as virtio-rng, a privileged guest user could use this flaw to access the matching host's qemu address space and thus increase their privileges on the host." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Other" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://security-tracker.debian.org/tracker/CVE-2013-2016", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2013-2016" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2016", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2016" + }, + { + "url": "https://access.redhat.com/security/cve/cve-2013-2016", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/cve-2013-2016" + }, + { + "refsource": "MISC", + "name": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00002.html", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-05/msg00002.html" + }, + { + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2013/04/29/5", + "url": "http://www.openwall.com/lists/oss-security/2013/04/29/5" + }, + { + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2013/04/29/6", + "url": "http://www.openwall.com/lists/oss-security/2013/04/29/6" + }, + { + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/59541", + "url": "http://www.securityfocus.com/bid/59541" + }, + { + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83850", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83850" } ] } diff --git a/2018/20xxx/CVE-2018-20488.json b/2018/20xxx/CVE-2018-20488.json index 1d982fb239c..899b125ad1a 100644 --- a/2018/20xxx/CVE-2018-20488.json +++ b/2018/20xxx/CVE-2018-20488.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20488", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows Information Exposure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/", + "url": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/" + }, + { + "refsource": "CONFIRM", + "name": "https://gitlab.com/gitlab-org/gitlab-ce/issues/53477", + "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/53477" } ] } diff --git a/2018/20xxx/CVE-2018-20489.json b/2018/20xxx/CVE-2018-20489.json index 1be46fc532e..3864f2a7e8e 100644 --- a/2018/20xxx/CVE-2018-20489.json +++ b/2018/20xxx/CVE-2018-20489.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20489", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/", + "url": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/" + }, + { + "refsource": "CONFIRM", + "name": "https://gitlab.com/gitlab-org/gitlab-foss/issues/41500", + "url": "https://gitlab.com/gitlab-org/gitlab-foss/issues/41500" } ] } diff --git a/2018/20xxx/CVE-2018-20490.json b/2018/20xxx/CVE-2018-20490.json index da4eab3b023..ab30ef69f00 100644 --- a/2018/20xxx/CVE-2018-20490.json +++ b/2018/20xxx/CVE-2018-20490.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20490", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in GitLab Community and Enterprise Edition 11.2.x through 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/", + "url": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/" + }, + { + "refsource": "CONFIRM", + "name": "https://gitlab.com/gitlab-org/gitlab-ce/issues/54377", + "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/54377" } ] } diff --git a/2018/20xxx/CVE-2018-20491.json b/2018/20xxx/CVE-2018-20491.json index 06777f842a6..8c3656eeb7d 100644 --- a/2018/20xxx/CVE-2018-20491.json +++ b/2018/20xxx/CVE-2018-20491.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20491", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in GitLab Enterprise Edition 11.3.x and 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/", + "url": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/" + }, + { + "refsource": "CONFIRM", + "name": "https://gitlab.com/gitlab-org/gitlab-ce/issues/54008", + "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/54008" } ] } diff --git a/2018/20xxx/CVE-2018-20493.json b/2018/20xxx/CVE-2018-20493.json index 8371b896087..eb38a8e9c16 100644 --- a/2018/20xxx/CVE-2018-20493.json +++ b/2018/20xxx/CVE-2018-20493.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20493", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/", + "url": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/" + }, + { + "refsource": "CONFIRM", + "name": "https://gitlab.com/gitlab-org/gitlab-ce/issues/54914", + "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/54914" } ] } diff --git a/2018/20xxx/CVE-2018-20494.json b/2018/20xxx/CVE-2018-20494.json index 819c4b05db3..0576fbbaaba 100644 --- a/2018/20xxx/CVE-2018-20494.json +++ b/2018/20xxx/CVE-2018-20494.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20494", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/", + "url": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/" + }, + { + "refsource": "CONFIRM", + "name": "https://gitlab.com/gitlab-org/gitlab-ce/issues/54334", + "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/54334" } ] } diff --git a/2018/20xxx/CVE-2018-20495.json b/2018/20xxx/CVE-2018-20495.json index ba85ae82336..4fa3d493432 100644 --- a/2018/20xxx/CVE-2018-20495.json +++ b/2018/20xxx/CVE-2018-20495.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20495", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in GitLab Community and Enterprise Edition 11.3.x and 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows Information Exposure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/", + "url": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/" + }, + { + "refsource": "CONFIRM", + "name": "https://gitlab.com/gitlab-org/gitlab-ce/issues/51969", + "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/51969" } ] } diff --git a/2018/20xxx/CVE-2018-20496.json b/2018/20xxx/CVE-2018-20496.json index f03ea3f0b06..33072167347 100644 --- a/2018/20xxx/CVE-2018-20496.json +++ b/2018/20xxx/CVE-2018-20496.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20496", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in GitLab Community and Enterprise Edition 11.2.x through 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows XSS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/", + "url": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/" + }, + { + "refsource": "CONFIRM", + "name": "https://gitlab.com/gitlab-org/gitlab-ce/issues/54427", + "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/54427" } ] } diff --git a/2018/20xxx/CVE-2018-20497.json b/2018/20xxx/CVE-2018-20497.json index 6253162898a..c1268eeff35 100644 --- a/2018/20xxx/CVE-2018-20497.json +++ b/2018/20xxx/CVE-2018-20497.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20497", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows SSRF." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/", + "url": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/" + }, + { + "refsource": "CONFIRM", + "name": "https://gitlab.com/gitlab-org/gitlab-ce/issues/51327", + "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/51327" } ] } diff --git a/2018/20xxx/CVE-2018-20498.json b/2018/20xxx/CVE-2018-20498.json index 33636db6632..1cb1851df5a 100644 --- a/2018/20xxx/CVE-2018-20498.json +++ b/2018/20xxx/CVE-2018-20498.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20498", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/", + "url": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/" + }, + { + "refsource": "CONFIRM", + "name": "https://gitlab.com/gitlab-org/gitlab-ce/issues/50995", + "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/50995" } ] } diff --git a/2018/20xxx/CVE-2018-20499.json b/2018/20xxx/CVE-2018-20499.json index b540e84e23e..dae9f457559 100644 --- a/2018/20xxx/CVE-2018-20499.json +++ b/2018/20xxx/CVE-2018-20499.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20499", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in GitLab Community and Enterprise Edition before 11.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows SSRF." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/", + "url": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/" + }, + { + "refsource": "CONFIRM", + "name": "https://gitlab.com/gitlab-org/gitlab-ce/issues/55439", + "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/55439" } ] } diff --git a/2018/20xxx/CVE-2018-20501.json b/2018/20xxx/CVE-2018-20501.json index e14b2b7b2bc..a085b5715da 100644 --- a/2018/20xxx/CVE-2018-20501.json +++ b/2018/20xxx/CVE-2018-20501.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20501", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,33 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/", + "url": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/" + }, + { + "refsource": "CONFIRM", + "name": "https://gitlab.com/gitlab-org/gitlab-ce/issues/53543", + "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/53543" } ] } diff --git a/2018/20xxx/CVE-2018-20507.json b/2018/20xxx/CVE-2018-20507.json index 5dbc4da1016..aeb749a205e 100644 --- a/2018/20xxx/CVE-2018-20507.json +++ b/2018/20xxx/CVE-2018-20507.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20507", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in GitLab Enterprise Edition 11.2.x through 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/", + "refsource": "MISC", + "name": "https://about.gitlab.com/2018/12/31/security-release-gitlab-11-dot-6-dot-1-released/" } ] } diff --git a/2019/20xxx/CVE-2019-20150.json b/2019/20xxx/CVE-2019-20150.json new file mode 100644 index 00000000000..9d50bd3696b --- /dev/null +++ b/2019/20xxx/CVE-2019-20150.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20150", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20151.json b/2019/20xxx/CVE-2019-20151.json new file mode 100644 index 00000000000..75dabd1ecf4 --- /dev/null +++ b/2019/20xxx/CVE-2019-20151.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20151", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20152.json b/2019/20xxx/CVE-2019-20152.json new file mode 100644 index 00000000000..8381feec248 --- /dev/null +++ b/2019/20xxx/CVE-2019-20152.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20152", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20153.json b/2019/20xxx/CVE-2019-20153.json new file mode 100644 index 00000000000..930fdeb2e99 --- /dev/null +++ b/2019/20xxx/CVE-2019-20153.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20153", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20154.json b/2019/20xxx/CVE-2019-20154.json new file mode 100644 index 00000000000..8343eef54c3 --- /dev/null +++ b/2019/20xxx/CVE-2019-20154.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20154", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/20xxx/CVE-2019-20155.json b/2019/20xxx/CVE-2019-20155.json new file mode 100644 index 00000000000..c59e5e6154a --- /dev/null +++ b/2019/20xxx/CVE-2019-20155.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-20155", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file