admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-01-29 16:01:22 +00:00
parent 9a4746c6b5
commit 7ac188f6e2
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
18 changed files with 370 additions and 147 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

241
2018/12xxx/CVE-2018-12415.json
View File

@ -1,123 +1,120 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "security@tibco.com", "ASSIGNER": "security@tibco.com",
"DATE_PUBLIC": "2018-11-06T17:00:00Z", "DATE_PUBLIC": "2018-11-06T17:00:00Z",
"UPDATED": "2020-01-28T17:00:00Z", "UPDATED": "2020-01-28T17:00:00Z",
"ID": "CVE-2018-12415", "ID": "CVE-2018-12415",
"STATE": "PUBLIC", "STATE": "PUBLIC",
"TITLE": "TIBCO Enterprise Message Service Vulnerable to CSRF Attacks" "TITLE": "TIBCO Enterprise Message Service Vulnerable to CSRF Attacks"
}, },
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"product": { "vendor_name": "TIBCO Software Inc.",
"product_data": [ "product": {
{ "product_data": [
"product_name": "TIBCO Enterprise Message Service", {
"version": { "product_name": "TIBCO Enterprise Message Service",
"version_data": [ "version": {
{ "version_data": [
"version_affected": "<=", {
"version_value": "8.4.0" "version_value": "8.4.0 and previous"
} }
] ]
} }
}, },
{ {
"product_name": "TIBCO Enterprise Message Service - Community Edition", "product_name": "TIBCO Enterprise Message Service - Community Edition",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "<=", "version_value": "8.4.0 and previous"
"version_value": "8.4.0" }
} ]
] }
} },
}, {
{ "product_name": "TIBCO Enterprise Message Service - Developer Edition",
"product_name": "TIBCO Enterprise Message Service - Developer Edition", "version": {
"version": { "version_data": [
"version_data": [ {
{ "version_value": "8.4.0 and previous"
"version_affected": "<=", }
"version_value": "8.4.0" ]
} }
] }
} ]
} }
] }
}, ]
"vendor_name": "TIBCO Software Inc." }
} },
] "data_format": "MITRE",
} "data_type": "CVE",
}, "data_version": "4.0",
"data_format": "MITRE", "description": {
"data_type": "CVE", "description_data": [
"data_version": "4.0", {
"description": { "lang": "eng",
"description_data": [ "value": "The Central Administration server (emsca) component of TIBCO Software Inc.'s TIBCO Enterprise Message Service, TIBCO Enterprise Message Service - Community Edition, and TIBCO Enterprise Message Service - Developer Edition contains a vulnerability which may allow an attacker to perform cross-site request forgery (CSRF) attacks. Affected releases are TIBCO Software Inc.'s TIBCO Enterprise Message Service: versions 8.4.0 and below, TIBCO Enterprise Message Service - Community Edition: versions 8.4.0 and below, and TIBCO Enterprise Message Service - Developer Edition: versions 8.4.0 and below."
{ }
"lang": "eng", ]
"value": "The Central Administration server (emsca) component of TIBCO Software Inc.'s TIBCO Enterprise Message Service, TIBCO Enterprise Message Service - Community Edition, and TIBCO Enterprise Message Service - Developer Edition contains a vulnerability which may allow an attacker to perform cross-site request forgery (CSRF) attacks.\n\nAffected releases are TIBCO Software Inc.'s TIBCO Enterprise Message Service: versions 8.4.0 and below, TIBCO Enterprise Message Service - Community Edition: versions 8.4.0 and below, and TIBCO Enterprise Message Service - Developer Edition: versions 8.4.0 and below.\n" },
} "impact": {
] "cvss": {
}, "attackComplexity": "HIGH",
"impact": { "attackVector": "NETWORK",
"cvss": { "availabilityImpact": "HIGH",
"attackComplexity": "HIGH", "baseScore": 7.5,
"attackVector": "NETWORK", "baseSeverity": "HIGH",
"availabilityImpact": "HIGH", "confidentialityImpact": "HIGH",
"baseScore": 7.5, "integrityImpact": "HIGH",
"baseSeverity": "HIGH", "privilegesRequired": "NONE",
"confidentialityImpact": "HIGH", "scope": "UNCHANGED",
"integrityImpact": "HIGH", "userInteraction": "REQUIRED",
"privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"scope": "UNCHANGED", "version": "3.0"
"userInteraction": "REQUIRED", }
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", },
"version": "3.0" "problemtype": {
} "problemtype_data": [
}, {
"problemtype": { "description": [
"problemtype_data": [ {
{ "lang": "eng",
"description": [ "value": "In deployments of TIBCO Enterprise Message Service (EMS) that use the Central Administration server, the impact of this vulnerability includes the theoretical possibility of reconfiguring all EMS servers administered by the affected component. With such access, the attacker might also be able to gain access to all data sent via EMS."
{ }
"lang": "eng", ]
"value": "In deployments of TIBCO Enterprise Message Service (EMS) that use the Central Administration server, the impact of this vulnerability includes the theoretical possibility of reconfiguring all EMS servers administered by the affected component. With such access, the attacker might also be able to gain access to all data sent via EMS." }
} ]
] },
} "references": {
] "reference_data": [
}, {
"references": { "name": "http://www.tibco.com/services/support/advisories",
"reference_data": [ "refsource": "MISC",
{ "url": "http://www.tibco.com/services/support/advisories"
"name": "http://www.tibco.com/services/support/advisories", },
"refsource": "MISC", {
"url": "http://www.tibco.com/services/support/advisories" "name": "https://www.tibco.com/support/advisories/2018/11/tibco-security-advisory-november-6-2018-tibco-enterprise-messaging-service",
}, "refsource": "CONFIRM",
{ "url": "https://www.tibco.com/support/advisories/2018/11/tibco-security-advisory-november-6-2018-tibco-enterprise-messaging-service"
"name": "https://www.tibco.com/support/advisories/2018/11/tibco-security-advisory-november-6-2018-tibco-enterprise-messaging-service", },
"refsource": "CONFIRM", {
"url": "https://www.tibco.com/support/advisories/2018/11/tibco-security-advisory-november-6-2018-tibco-enterprise-messaging-service" "name": "105850",
}, "refsource": "BID",
{ "url": "http://www.securityfocus.com/bid/105850"
"name": "105850", }
"refsource": "BID", ]
"url": "http://www.securityfocus.com/bid/105850" },
} "solution": [
] {
}, "lang": "eng",
"solution": [ "value": "TIBCO has released updated versions of the affected components which address these issues.\n\nTIBCO Enterprise Message Service versions 8.4.0 and below update to version 8.4.1 or higher\nTIBCO Enterprise Message Service - Community Edition versions 8.4.0 and below update to version 8.4.1 or higher\nTIBCO Enterprise Message Service - Developer Edition versions 8.4.0 and below update to version 8.4.1 or higher"
{ }
"lang": "eng", ],
"value": "TIBCO has released updated versions of the affected components which address these issues.\n\nTIBCO Enterprise Message Service versions 8.4.0 and below update to version 8.4.1 or higher\nTIBCO Enterprise Message Service - Community Edition versions 8.4.0 and below update to version 8.4.1 or higher\nTIBCO Enterprise Message Service - Developer Edition versions 8.4.0 and below update to version 8.4.1 or higher" "source": {
} "discovery": "INTERNAL"
], }
"source": { }
"discovery": "INTERNAL"
}
}

7
2018/7xxx/CVE-2018-7712.json
View File

@ -34,7 +34,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (size.height <= (1<<20)) may be false." "value": "** DISPUTED ** The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (size.height <= (1<<20)) may be false. Note: \u201cOpenCV CV_Assert is not an assertion (C-like assert()), it is regular C++ exception which can raised in case of invalid or non-supported parameters.\u201d"
} }
] ]
}, },
@ -56,6 +56,11 @@
"name": "https://github.com/xiaoqx/pocs/tree/master/opencv/dos-by-assert", "name": "https://github.com/xiaoqx/pocs/tree/master/opencv/dos-by-assert",
"refsource": "MISC", "refsource": "MISC",
"url": "https://github.com/xiaoqx/pocs/tree/master/opencv/dos-by-assert" "url": "https://github.com/xiaoqx/pocs/tree/master/opencv/dos-by-assert"
},
{
"refsource": "MISC",
"name": "https://github.com/opencv/opencv/issues/10998",
"url": "https://github.com/opencv/opencv/issues/10998"
} }
] ]
} }

7
2018/7xxx/CVE-2018-7713.json
View File

@ -34,7 +34,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (size.width <= (1<<20)) may be false." "value": "** DISPUTED ** The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (size.width <= (1<<20)) may be false. Note: \u201cOpenCV CV_Assert is not an assertion (C-like assert()), it is regular C++ exception which can raised in case of invalid or non-supported parameters.\u201d"
} }
] ]
}, },
@ -56,6 +56,11 @@
"name": "https://github.com/xiaoqx/pocs/tree/master/opencv/dos-by-assert", "name": "https://github.com/xiaoqx/pocs/tree/master/opencv/dos-by-assert",
"refsource": "MISC", "refsource": "MISC",
"url": "https://github.com/xiaoqx/pocs/tree/master/opencv/dos-by-assert" "url": "https://github.com/xiaoqx/pocs/tree/master/opencv/dos-by-assert"
},
{
"refsource": "MISC",
"name": "https://github.com/opencv/opencv/issues/10998",
"url": "https://github.com/opencv/opencv/issues/10998"
} }
] ]
} }

7
2018/7xxx/CVE-2018-7714.json
View File

@ -34,7 +34,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (pixels <= (1<<30)) may be false." "value": "** DISPUTED ** The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (pixels <= (1<<30)) may be false. Note: \u201cOpenCV CV_Assert is not an assertion (C-like assert()), it is regular C++ exception which can raised in case of invalid or non-supported parameters.\u201d"
} }
] ]
}, },
@ -56,6 +56,11 @@
"name": "https://github.com/xiaoqx/pocs/tree/master/opencv/dos-by-assert", "name": "https://github.com/xiaoqx/pocs/tree/master/opencv/dos-by-assert",
"refsource": "MISC", "refsource": "MISC",
"url": "https://github.com/xiaoqx/pocs/tree/master/opencv/dos-by-assert" "url": "https://github.com/xiaoqx/pocs/tree/master/opencv/dos-by-assert"
},
{
"refsource": "MISC",
"name": "https://github.com/opencv/opencv/issues/10998",
"url": "https://github.com/opencv/opencv/issues/10998"
} }
] ]
} }

53
2019/7xxx/CVE-2019-7654.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7654", "ID": "CVE-2019-7654",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
}, },
"data_format": "MITRE", "data_format": "MITRE",
"data_type": "CVE", "data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Wowza Streaming Engine 4.7.7 and 4.7.8 suffers from multiple CSRF vulnerabilities. For example, an administrator, by following a link, can be tricked into making unwanted changes such as adding another admin user via enginemanager/server/user/edit.htm in the Server->Users component."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.wowza.com/pricing/installer",
"refsource": "MISC",
"name": "https://www.wowza.com/pricing/installer"
},
{
"refsource": "MISC",
"name": "https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-7654-CSRF-Wowza",
"url": "https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-7654-CSRF-Wowza"
} }
] ]
} }

53
2019/7xxx/CVE-2019-7655.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7655", "ID": "CVE-2019-7655",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
}, },
"data_format": "MITRE", "data_format": "MITRE",
"data_type": "CVE", "data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Wowza Streaming Engine 4.7.7 and 4.7.8 suffers from multiple authenticated XSS vulnerabilities via the (1) customList%5B0%5D.value field in enginemanager/server/serversetup/edit_adv.htm of the Server Setup configuration or the (2) host field in enginemanager/j_spring_security_check of the login form."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.wowza.com/pricing/installer",
"refsource": "MISC",
"name": "https://www.wowza.com/pricing/installer"
},
{
"refsource": "MISC",
"name": "https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-7655-XSS-Wowza",
"url": "https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-7655-XSS-Wowza"
} }
] ]
} }

53
2019/7xxx/CVE-2019-7656.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-7656", "ID": "CVE-2019-7656",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
}, },
"data_format": "MITRE", "data_format": "MITRE",
"data_type": "CVE", "data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "A privilege escalation vulnerability in Wowza Streaming Engine 4.7.7 and 4.7.8 allows any unprivileged Linux user to escalate privileges to root. The installer sets too relaxed permissions on /usr/local/WowzaStreamingEngine/bin/* core program files. By injecting a payload into one of those files, it will run with the same privileges as the Wowza server, root. For example, /usr/local/WowzaStreamingEngine/bin/tune.sh could be replaced with a Trojan horse."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.wowza.com/pricing/installer",
"refsource": "MISC",
"name": "https://www.wowza.com/pricing/installer"
},
{
"refsource": "MISC",
"name": "https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-7656-PrivEscal-Wowza",
"url": "https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-7656-PrivEscal-Wowza"
} }
] ]
} }

3
2020/2xxx/CVE-2020-2099.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-2099", "ID": "CVE-2020-2099",
"ASSIGNER": "jenkinsci-cert@googlegroups.com" "ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {

3
2020/2xxx/CVE-2020-2100.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-2100", "ID": "CVE-2020-2100",
"ASSIGNER": "jenkinsci-cert@googlegroups.com" "ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {

3
2020/2xxx/CVE-2020-2101.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-2101", "ID": "CVE-2020-2101",
"ASSIGNER": "jenkinsci-cert@googlegroups.com" "ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {

3
2020/2xxx/CVE-2020-2102.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-2102", "ID": "CVE-2020-2102",
"ASSIGNER": "jenkinsci-cert@googlegroups.com" "ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {

3
2020/2xxx/CVE-2020-2103.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-2103", "ID": "CVE-2020-2103",
"ASSIGNER": "jenkinsci-cert@googlegroups.com" "ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {

3
2020/2xxx/CVE-2020-2104.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-2104", "ID": "CVE-2020-2104",
"ASSIGNER": "jenkinsci-cert@googlegroups.com" "ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {

3
2020/2xxx/CVE-2020-2105.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-2105", "ID": "CVE-2020-2105",
"ASSIGNER": "jenkinsci-cert@googlegroups.com" "ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {

3
2020/2xxx/CVE-2020-2106.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-2106", "ID": "CVE-2020-2106",
"ASSIGNER": "jenkinsci-cert@googlegroups.com" "ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {

3
2020/2xxx/CVE-2020-2107.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-2107", "ID": "CVE-2020-2107",
"ASSIGNER": "jenkinsci-cert@googlegroups.com" "ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {

3
2020/2xxx/CVE-2020-2108.json
View File

@ -1,7 +1,8 @@
{ {
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-2108", "ID": "CVE-2020-2108",
"ASSIGNER": "jenkinsci-cert@googlegroups.com" "ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
}, },
"affects": { "affects": {
"vendor": { "vendor": {

66
2020/7xxx/CVE-2020-7247.json
View File

@ -1,17 +1,71 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-7247",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2020-7247",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the \"uncommented\" default configuration. The issue exists because of an incorrect return value upon failure of input validation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.openbsd.org/security.html",
"url": "https://www.openbsd.org/security.html"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2020/01/28/3",
"url": "http://www.openwall.com/lists/oss-security/2020/01/28/3"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/openbsd/src/commit/9dcfda045474d8903224d175907bfc29761dcb45",
"url": "https://github.com/openbsd/src/commit/9dcfda045474d8903224d175907bfc29761dcb45"
} }
] ]
} }