diff --git a/2016/10xxx/CVE-2016-10695.json b/2016/10xxx/CVE-2016-10695.json
index 070f1990147..6f17c6a67d0 100644
--- a/2016/10xxx/CVE-2016-10695.json
+++ b/2016/10xxx/CVE-2016-10695.json
@@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
- "value" : "The npm-test-sqlite3-trunk module provides asynchronous, non-blocking SQLite3 bindings npm-test-sqlite3-trunk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server."
+ "value" : "The npm-test-sqlite3-trunk module provides asynchronous, non-blocking SQLite3 bindings. npm-test-sqlite3-trunk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server."
}
]
},
@@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://nodesecurity.io/advisories/297",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/297"
}
]
diff --git a/2016/10xxx/CVE-2016-10696.json b/2016/10xxx/CVE-2016-10696.json
index 33dc0a56345..34cf19d6f27 100644
--- a/2016/10xxx/CVE-2016-10696.json
+++ b/2016/10xxx/CVE-2016-10696.json
@@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
- "value" : "windows-latestchromedriver downloads the latest version of chromedriver.exe windows-latestchromedriver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server."
+ "value" : "windows-latestchromedriver downloads the latest version of chromedriver.exe. windows-latestchromedriver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server."
}
]
},
@@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://nodesecurity.io/advisories/295",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/295"
}
]
diff --git a/2016/10xxx/CVE-2016-10697.json b/2016/10xxx/CVE-2016-10697.json
index bfcf65867ee..d99d9ce4659 100644
--- a/2016/10xxx/CVE-2016-10697.json
+++ b/2016/10xxx/CVE-2016-10697.json
@@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
- "value" : "react-native-baidu-voice-synthesizer is a baidu voice speech synthesizer for react native react-native-baidu-voice-synthesizer downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server."
+ "value" : "react-native-baidu-voice-synthesizer is a baidu voice speech synthesizer for react native. react-native-baidu-voice-synthesizer downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server."
}
]
},
@@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://nodesecurity.io/advisories/302",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/302"
}
]
diff --git a/2016/8xxx/CVE-2016-8390.json b/2016/8xxx/CVE-2016-8390.json
index 0b5e9d71331..e82af19b5ff 100644
--- a/2016/8xxx/CVE-2016-8390.json
+++ b/2016/8xxx/CVE-2016-8390.json
@@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
- "value" : "An exploitable out of bounds write vulnerability exists in the parsing of ELF Section Headers of Hopper App. A specially crafted ELF file can cause attacker controlled pointer arithmetic resulting in a partially controlled out of bounds write. An attacker can craft an ELF file with sepecific section headers to trigger this vulnerability."
+ "value" : "An exploitable out of bounds write vulnerability exists in the parsing of ELF Section Headers of Hopper Dissassembler 3.11.20. A specially crafted ELF file can cause attacker controlled pointer arithmetic resulting in a partially controlled out of bounds write. An attacker can craft an ELF file with specific section headers to trigger this vulnerability."
}
]
},
@@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0222",
+ "refsource" : "MISC",
"url" : "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0222"
}
]
diff --git a/2017/0xxx/CVE-2017-0928.json b/2017/0xxx/CVE-2017-0928.json
index 12c20adac70..ad8160ed6d1 100644
--- a/2017/0xxx/CVE-2017-0928.json
+++ b/2017/0xxx/CVE-2017-0928.json
@@ -54,9 +54,13 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://github.com/guardian/html-janitor/issues/35",
+ "refsource" : "MISC",
"url" : "https://github.com/guardian/html-janitor/issues/35"
},
{
+ "name" : "https://hackerone.com/reports/308158",
+ "refsource" : "MISC",
"url" : "https://hackerone.com/reports/308158"
}
]
diff --git a/2017/0xxx/CVE-2017-0930.json b/2017/0xxx/CVE-2017-0930.json
index 90333e6c322..0122a3cd7fd 100644
--- a/2017/0xxx/CVE-2017-0930.json
+++ b/2017/0xxx/CVE-2017-0930.json
@@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://hackerone.com/reports/296282",
+ "refsource" : "MISC",
"url" : "https://hackerone.com/reports/296282"
}
]
diff --git a/2017/0xxx/CVE-2017-0931.json b/2017/0xxx/CVE-2017-0931.json
index 5eebf9c1e1a..a07c5416a1c 100644
--- a/2017/0xxx/CVE-2017-0931.json
+++ b/2017/0xxx/CVE-2017-0931.json
@@ -54,9 +54,13 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://github.com/guardian/html-janitor/issues/34",
+ "refsource" : "MISC",
"url" : "https://github.com/guardian/html-janitor/issues/34"
},
{
+ "name" : "https://hackerone.com/reports/308155",
+ "refsource" : "MISC",
"url" : "https://hackerone.com/reports/308155"
}
]
diff --git a/2017/16xxx/CVE-2017-16005.json b/2017/16xxx/CVE-2017-16005.json
index 54b4873ed79..6ca49f84886 100644
--- a/2017/16xxx/CVE-2017-16005.json
+++ b/2017/16xxx/CVE-2017-16005.json
@@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
- "value" : "Http-signature is a \"Reference implementation of Joyent's HTTP Signature Scheme\". In versions <=0.9.11, http-signature signs only the header values, but not the header names. This makes http-signature vulnerable to header forgery. Thus, if an attacker can intercept a request, he can swap header names and change the meaning of the request without changing the signature. For this example request: ``` POST /pay HTTP/1.1 Host: example.com Date: Thu, 05 Jan 2012 21:31:40 GMT X-Payment-Source: src@money.com X-Payment-Destination: dst@money.com Authorization: Signature keyId=\"Test\",algorithm=\"rsa-sha256\",headers=\"x-payment-source x-payment-destination\" MDyO5tSvin5... ``` The request can be changed to have the following: ``` X-Payment-Source: dst@money.com // Emails switched X-Payment-Destination: src@money.com Authorization: Signature keyId=\"Test\",algorithm=\"rsa-sha256\",headers=\"x-payment-destination x-payment-source\" MDyO5tSvin5... ``` and both would be signed: ``` src@money.com dst@money.com ```"
+ "value" : "Http-signature is a \"Reference implementation of Joyent's HTTP Signature Scheme\". In versions <=0.9.11, http-signature signs only the header values, but not the header names. This makes http-signature vulnerable to header forgery. Thus, if an attacker can intercept a request, he can swap header names and change the meaning of the request without changing the signature."
}
]
},
@@ -54,9 +54,13 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://github.com/joyent/node-http-signature/issues/10",
+ "refsource" : "MISC",
"url" : "https://github.com/joyent/node-http-signature/issues/10"
},
{
+ "name" : "https://nodesecurity.io/advisories/318",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/318"
}
]
diff --git a/2017/16xxx/CVE-2017-16006.json b/2017/16xxx/CVE-2017-16006.json
index ab4c257ebdc..6c7811bcb13 100644
--- a/2017/16xxx/CVE-2017-16006.json
+++ b/2017/16xxx/CVE-2017-16006.json
@@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
- "value" : "Remarkable is a markdown parser. In versions 1.6.2 and lower, remarkable allows the use of `data:` URIs. After the markdown `[link](data:text/html,)` is rendered, the script will run when clicked."
+ "value" : "Remarkable is a markdown parser. In versions 1.6.2 and lower, remarkable allows the use of `data:` URIs in links and can therefore execute javascript."
}
]
},
@@ -54,9 +54,13 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://github.com/jonschlinkert/remarkable/issues/227",
+ "refsource" : "MISC",
"url" : "https://github.com/jonschlinkert/remarkable/issues/227"
},
{
+ "name" : "https://nodesecurity.io/advisories/319",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/319"
}
]
diff --git a/2017/16xxx/CVE-2017-16007.json b/2017/16xxx/CVE-2017-16007.json
index f3c0c1c1dc9..e2e8620d5c2 100644
--- a/2017/16xxx/CVE-2017-16007.json
+++ b/2017/16xxx/CVE-2017-16007.json
@@ -54,16 +54,24 @@
"references" : {
"reference_data" : [
{
+ "name" : "http://blog.intothesymmetry.com/2017/03/critical-vulnerability-in-json-web.html",
+ "refsource" : "MISC",
"url" : "http://blog.intothesymmetry.com/2017/03/critical-vulnerability-in-json-web.html"
},
{
+ "name" : "https://gist.github.com/asanso/fa25685348051ef6a28d49aa0f27a4ae",
+ "refsource" : "MISC",
+ "url" : "https://gist.github.com/asanso/fa25685348051ef6a28d49aa0f27a4ae"
+ },
+ {
+ "name" : "https://github.com/cisco/node-jose",
+ "refsource" : "MISC",
"url" : "https://github.com/cisco/node-jose"
},
{
+ "name" : "https://nodesecurity.io/advisories/324",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/324"
- },
- {
- "url" : "https://gist.github.com/asanso/fa25685348051ef6a28d49aa0f27a4ae"
}
]
}
diff --git a/2017/16xxx/CVE-2017-16008.json b/2017/16xxx/CVE-2017-16008.json
index b098597cd01..ed3deb84426 100644
--- a/2017/16xxx/CVE-2017-16008.json
+++ b/2017/16xxx/CVE-2017-16008.json
@@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
- "value" : "i18next is a language translation framework. Because of how the interpolation is implemented, making replacements from the dictionary one at a time, untrusted user input can use the name of one of the dictionary keys to inject script into the browser. Example: ``` var init = i18n.init({debug: true}, function(){ var test = i18n.t('__firstName__ __lastName__', { escapeInterpolation: true, firstName: '__lastNameHTML__', lastName: '` as part of the response, and in some browsers will run."
+ "value" : "Restify is a framework for building REST APIs. Restify >=2.0.0 <=4.0.4 using URL encoded script tags in a non-existent URL, an attacker can get script to run in some browsers."
}
]
},
@@ -54,9 +54,13 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://github.com/restify/node-restify/issues/1018",
+ "refsource" : "MISC",
"url" : "https://github.com/restify/node-restify/issues/1018"
},
{
+ "name" : "https://nodesecurity.io/advisories/314",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/314"
}
]
diff --git a/2017/16xxx/CVE-2017-16019.json b/2017/16xxx/CVE-2017-16019.json
index aca62fb15c0..b2c915c2dd1 100644
--- a/2017/16xxx/CVE-2017-16019.json
+++ b/2017/16xxx/CVE-2017-16019.json
@@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
- "value" : "GitBook is a command line tool (and Node.js library) for building beautiful books using GitHub/Git and Markdown (or AsciiDoc). Stored Cross-Site-Scripting (XSS) is possible by including code outside of backticks in any ebook. This code will be executed on the online reader."
+ "value" : "GitBook is a command line tool (and Node.js library) for building beautiful books using GitHub/Git and Markdown (or AsciiDoc). Stored Cross-Site-Scripting (XSS) is possible in GitBook before 3.2.2 by including code outside of backticks in any ebook. This code will be executed on the online reader."
}
]
},
@@ -54,9 +54,13 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://github.com/GitbookIO/gitbook/issues/1609",
+ "refsource" : "MISC",
"url" : "https://github.com/GitbookIO/gitbook/issues/1609"
},
{
+ "name" : "https://nodesecurity.io/advisories/159",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/159"
}
]
diff --git a/2017/16xxx/CVE-2017-16020.json b/2017/16xxx/CVE-2017-16020.json
index 379909c590b..e3c04ef6fdc 100644
--- a/2017/16xxx/CVE-2017-16020.json
+++ b/2017/16xxx/CVE-2017-16020.json
@@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
- "value" : "Summit is a node web framework. When using the PouchDB driver in the module, an attacker can execute arbitrary commands via the collection name."
+ "value" : "Summit is a node web framework. When using the PouchDB driver in the module, Summit 0.1.0 and later allows an attacker to execute arbitrary commands via the collection name."
}
]
},
@@ -54,9 +54,13 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://github.com/notduncansmith/summit/issues/23",
+ "refsource" : "MISC",
"url" : "https://github.com/notduncansmith/summit/issues/23"
},
{
+ "name" : "https://nodesecurity.io/advisories/315",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/315"
}
]
diff --git a/2017/16xxx/CVE-2017-16021.json b/2017/16xxx/CVE-2017-16021.json
index 7443002a39d..becba2d8282 100644
--- a/2017/16xxx/CVE-2017-16021.json
+++ b/2017/16xxx/CVE-2017-16021.json
@@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
- "value" : "uri-js is a module that tries to fully implement RFC 3986. One of these features is validating whether or not a supplied URL is valid or not. To do this, uri-js uses a regular expression, This regular expression is vulnerable to redos. This causes the program to hang and the CPU to idle at 100% usage while uri-js is trying to validate if the supplied URL is valid or not. To check if you're vulnerable, look for a call to `require(\"uri-js\").parse()` where a user is able to send their own input."
+ "value" : "uri-js is a module that tries to fully implement RFC 3986. One of these features is validating whether or not a supplied URL is valid or not. To do this, uri-js uses a regular expression, This regular expression is vulnerable to redos. This causes the program to hang and the CPU to idle at 100% usage while uri-js is trying to validate if the supplied URL is valid or not. To check if you're vulnerable, look for a call to `require(\"uri-js\").parse()` where a user is able to send their own input. This affects uri-js 2.1.1 and earlier."
}
]
},
@@ -54,9 +54,13 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://github.com/garycourt/uri-js/issues/12",
+ "refsource" : "MISC",
"url" : "https://github.com/garycourt/uri-js/issues/12"
},
{
+ "name" : "https://nodesecurity.io/advisories/100",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/100"
}
]
diff --git a/2017/16xxx/CVE-2017-16022.json b/2017/16xxx/CVE-2017-16022.json
index 8653d668284..b58c57f57cc 100644
--- a/2017/16xxx/CVE-2017-16022.json
+++ b/2017/16xxx/CVE-2017-16022.json
@@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
- "value" : "Morris.js creates an svg graph, with labels that appear when hovering over a point. The hovering label names are not escaped. If control over the labels is obtained, script can be injected. The script will run on the client side whenever that specific graph is loaded."
+ "value" : "Morris.js creates an svg graph, with labels that appear when hovering over a point. The hovering label names are not escaped in versions 0.5.0 and earlier. If control over the labels is obtained, script can be injected. The script will run on the client side whenever that specific graph is loaded."
}
]
},
@@ -54,9 +54,13 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://github.com/morrisjs/morris.js/pull/464",
+ "refsource" : "MISC",
"url" : "https://github.com/morrisjs/morris.js/pull/464"
},
{
+ "name" : "https://nodesecurity.io/advisories/307",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/307"
}
]
diff --git a/2017/16xxx/CVE-2017-16023.json b/2017/16xxx/CVE-2017-16023.json
index 18d7401ad2a..62782dea7be 100644
--- a/2017/16xxx/CVE-2017-16023.json
+++ b/2017/16xxx/CVE-2017-16023.json
@@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
- "value" : "Decamelize is used to convert a dash/dot/underscore/space separated string to camelCase. Decamelize uses regular expressions to evaluate a string and takes unescaped separator values, which can be used to create a denial of service attack."
+ "value" : "Decamelize is used to convert a dash/dot/underscore/space separated string to camelCase. Decamelize 1.1.0 through 1.1.1 uses regular expressions to evaluate a string and takes unescaped separator values, which can be used to create a denial of service attack."
}
]
},
@@ -54,9 +54,13 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://github.com/sindresorhus/decamelize/issues/5",
+ "refsource" : "MISC",
"url" : "https://github.com/sindresorhus/decamelize/issues/5"
},
{
+ "name" : "https://nodesecurity.io/advisories/308",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/308"
}
]
diff --git a/2017/16xxx/CVE-2017-16024.json b/2017/16xxx/CVE-2017-16024.json
index 6e678343edb..86190a936f6 100644
--- a/2017/16xxx/CVE-2017-16024.json
+++ b/2017/16xxx/CVE-2017-16024.json
@@ -54,16 +54,24 @@
"references" : {
"reference_data" : [
{
- "url" : "https://github.com/gvarsanyi/sync-exec/issues/17"
- },
- {
+ "name" : "https://cwe.mitre.org/data/definitions/377.html",
+ "refsource" : "MISC",
"url" : "https://cwe.mitre.org/data/definitions/377.html"
},
{
- "url" : "https://www.owasp.org/index.php/Insecure_Temporary_File"
+ "name" : "https://github.com/gvarsanyi/sync-exec/issues/17",
+ "refsource" : "MISC",
+ "url" : "https://github.com/gvarsanyi/sync-exec/issues/17"
},
{
+ "name" : "https://nodesecurity.io/advisories/310",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/310"
+ },
+ {
+ "name" : "https://www.owasp.org/index.php/Insecure_Temporary_File",
+ "refsource" : "MISC",
+ "url" : "https://www.owasp.org/index.php/Insecure_Temporary_File"
}
]
}
diff --git a/2017/16xxx/CVE-2017-16025.json b/2017/16xxx/CVE-2017-16025.json
index fe965917b24..12d1b603fc3 100644
--- a/2017/16xxx/CVE-2017-16025.json
+++ b/2017/16xxx/CVE-2017-16025.json
@@ -54,12 +54,18 @@
"references" : {
"reference_data" : [
{
- "url" : "https://github.com/hapijs/nes/issues/171"
- },
- {
+ "name" : "https://github.com/hapijs/nes/commit/249ba1755ed6977fbc208463c87364bf884ad655",
+ "refsource" : "MISC",
"url" : "https://github.com/hapijs/nes/commit/249ba1755ed6977fbc208463c87364bf884ad655"
},
{
+ "name" : "https://github.com/hapijs/nes/issues/171",
+ "refsource" : "MISC",
+ "url" : "https://github.com/hapijs/nes/issues/171"
+ },
+ {
+ "name" : "https://nodesecurity.io/advisories/331",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/331"
}
]
diff --git a/2017/16xxx/CVE-2017-16026.json b/2017/16xxx/CVE-2017-16026.json
index 5dcd3c55be8..bf10879b4bd 100644
--- a/2017/16xxx/CVE-2017-16026.json
+++ b/2017/16xxx/CVE-2017-16026.json
@@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
- "value" : "Request is an http client. If a request is made using ```multipart```, and the body type is a ```number```, then the specified number of non-zero memory is passed in the body."
+ "value" : "Request is an http client. If a request is made using ```multipart```, and the body type is a ```number```, then the specified number of non-zero memory is passed in the body. This affects Request >=2.2.6 <2.47.0 || >2.51.0 <=2.67.0."
}
]
},
@@ -54,12 +54,18 @@
"references" : {
"reference_data" : [
{
- "url" : "https://github.com/request/request/pull/2018"
- },
- {
+ "name" : "https://github.com/request/request/issues/1904",
+ "refsource" : "MISC",
"url" : "https://github.com/request/request/issues/1904"
},
{
+ "name" : "https://github.com/request/request/pull/2018",
+ "refsource" : "MISC",
+ "url" : "https://github.com/request/request/pull/2018"
+ },
+ {
+ "name" : "https://nodesecurity.io/advisories/309",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/309"
}
]
diff --git a/2017/16xxx/CVE-2017-16028.json b/2017/16xxx/CVE-2017-16028.json
index 66223790578..45b2f0c303a 100644
--- a/2017/16xxx/CVE-2017-16028.json
+++ b/2017/16xxx/CVE-2017-16028.json
@@ -54,9 +54,13 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://github.com/tableflip/react-native-meteor-oauth/blob/a7eb738b74c469f5db20296b44b7cae4e2337435/src/meteor-oauth.js#L66",
+ "refsource" : "MISC",
"url" : "https://github.com/tableflip/react-native-meteor-oauth/blob/a7eb738b74c469f5db20296b44b7cae4e2337435/src/meteor-oauth.js#L66"
},
{
+ "name" : "https://nodesecurity.io/advisories/157",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/157"
}
]
diff --git a/2017/16xxx/CVE-2017-16029.json b/2017/16xxx/CVE-2017-16029.json
index d13cf5ff566..6ab3bb2ef11 100644
--- a/2017/16xxx/CVE-2017-16029.json
+++ b/2017/16xxx/CVE-2017-16029.json
@@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
- "value" : "hostr is a simple web server that serves up the contents of the current directory. There is a directory traversal vulnerability in hostr that allows an attacker to read files outside the current directory by sending `../` in the url path for GET requests."
+ "value" : "hostr is a simple web server that serves up the contents of the current directory. There is a directory traversal vulnerability in hostr 2.3.5 and earlier that allows an attacker to read files outside the current directory by sending `../` in the url path for GET requests."
}
]
},
@@ -54,9 +54,13 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://github.com/henrytseng/hostr/issues/8",
+ "refsource" : "MISC",
"url" : "https://github.com/henrytseng/hostr/issues/8"
},
{
+ "name" : "https://nodesecurity.io/advisories/303",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/303"
}
]
diff --git a/2017/16xxx/CVE-2017-16030.json b/2017/16xxx/CVE-2017-16030.json
index fe23f06a887..08bf09d2a56 100644
--- a/2017/16xxx/CVE-2017-16030.json
+++ b/2017/16xxx/CVE-2017-16030.json
@@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
- "value" : "Useragent is used to parse useragent headers. It uses several regular expressions to accomplish this. An attacker could edit their own headers, creating an arbitrarily long useragent string, causing the event loop and server to block. Proof of Concept: ``` var useragent = require('useragent'); var badUserAgent = 'MSIE 0.0'+Array(900000).join('0')+'XBLWP'; var request = 'GET / HTTP/1.1\\r User-Agent: ' + badUserAgent + '\\r \\r '; console.log(useragent.parse(request)); ```"
+ "value" : "Useragent is used to parse useragent headers. It uses several regular expressions to accomplish this. An attacker could edit their own headers, creating an arbitrarily long useragent string, causing the event loop and server to block. This affects Useragent 2.1.12 and earlier."
}
]
},
@@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://nodesecurity.io/advisories/312",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/312"
}
]
diff --git a/2017/16xxx/CVE-2017-16031.json b/2017/16xxx/CVE-2017-16031.json
index 277bd6614d7..bbd8e7bb2ac 100644
--- a/2017/16xxx/CVE-2017-16031.json
+++ b/2017/16xxx/CVE-2017-16031.json
@@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
- "value" : "Socket.io is a realtime application framework that provides communication via websockets. Because socket.io depends on `Math.random()` to create socket IDs, the IDs are predictable. An attacker is able to guess the socket ID and gain access to socket.io servers, potentially obtaining sensitive information."
+ "value" : "Socket.io is a realtime application framework that provides communication via websockets. Because socket.io 0.9.6 and earlier depends on `Math.random()` to create socket IDs, the IDs are predictable. An attacker is able to guess the socket ID and gain access to socket.io servers, potentially obtaining sensitive information."
}
]
},
@@ -54,15 +54,23 @@
"references" : {
"reference_data" : [
{
- "url" : "https://github.com/socketio/socket.io/issues/856"
- },
- {
- "url" : "https://github.com/socketio/socket.io/pull/857"
- },
- {
+ "name" : "https://github.com/socketio/socket.io/commit/67b4eb9abdf111dfa9be4176d1709374a2b4ded8",
+ "refsource" : "MISC",
"url" : "https://github.com/socketio/socket.io/commit/67b4eb9abdf111dfa9be4176d1709374a2b4ded8"
},
{
+ "name" : "https://github.com/socketio/socket.io/issues/856",
+ "refsource" : "MISC",
+ "url" : "https://github.com/socketio/socket.io/issues/856"
+ },
+ {
+ "name" : "https://github.com/socketio/socket.io/pull/857",
+ "refsource" : "MISC",
+ "url" : "https://github.com/socketio/socket.io/pull/857"
+ },
+ {
+ "name" : "https://nodesecurity.io/advisories/321",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/321"
}
]
diff --git a/2017/16xxx/CVE-2017-16035.json b/2017/16xxx/CVE-2017-16035.json
index d4a820c08cf..772e565a6a8 100644
--- a/2017/16xxx/CVE-2017-16035.json
+++ b/2017/16xxx/CVE-2017-16035.json
@@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://nodesecurity.io/advisories/334",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/334"
}
]
diff --git a/2017/16xxx/CVE-2017-16036.json b/2017/16xxx/CVE-2017-16036.json
index 14afaff902a..259795045e0 100644
--- a/2017/16xxx/CVE-2017-16036.json
+++ b/2017/16xxx/CVE-2017-16036.json
@@ -54,9 +54,13 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/badjs-sourcemap-server",
+ "refsource" : "MISC",
"url" : "https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/badjs-sourcemap-server"
},
{
+ "name" : "https://nodesecurity.io/advisories/349",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/349"
}
]
diff --git a/2017/16xxx/CVE-2017-16037.json b/2017/16xxx/CVE-2017-16037.json
index 91f56a182e2..fcd41704465 100644
--- a/2017/16xxx/CVE-2017-16037.json
+++ b/2017/16xxx/CVE-2017-16037.json
@@ -54,9 +54,13 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/gomeplus-h5-proxy",
+ "refsource" : "MISC",
"url" : "https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/gomeplus-h5-proxy"
},
{
+ "name" : "https://nodesecurity.io/advisories/350",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/350"
}
]
diff --git a/2017/16xxx/CVE-2017-16038.json b/2017/16xxx/CVE-2017-16038.json
index b2f57aff677..00257b71f47 100644
--- a/2017/16xxx/CVE-2017-16038.json
+++ b/2017/16xxx/CVE-2017-16038.json
@@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
- "value" : "`f2e-server` is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing \"../\" in the url. This is compounded by `f2e-server` requiring elevated privileges to run."
+ "value" : "`f2e-server` 1.12.11 and earlier is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing \"../\" in the url. This is compounded by `f2e-server` requiring elevated privileges to run."
}
]
},
@@ -54,12 +54,18 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://github.com/shy2850/node-server/issues/10",
+ "refsource" : "MISC",
"url" : "https://github.com/shy2850/node-server/issues/10"
},
{
+ "name" : "https://github.com/shy2850/node-server/pull/12/files",
+ "refsource" : "MISC",
"url" : "https://github.com/shy2850/node-server/pull/12/files"
},
{
+ "name" : "https://nodesecurity.io/advisories/346",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/346"
}
]
diff --git a/2017/16xxx/CVE-2017-16039.json b/2017/16xxx/CVE-2017-16039.json
index dd8fd6e20c9..75be3e5c472 100644
--- a/2017/16xxx/CVE-2017-16039.json
+++ b/2017/16xxx/CVE-2017-16039.json
@@ -54,9 +54,13 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/hftp",
+ "refsource" : "MISC",
"url" : "https://github.com/JacksonGL/NPM-Vuln-PoC/tree/master/directory-traversal/hftp"
},
{
+ "name" : "https://nodesecurity.io/advisories/384",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/384"
}
]
diff --git a/2017/16xxx/CVE-2017-16040.json b/2017/16xxx/CVE-2017-16040.json
index c0fac0f57a8..2b949e9b617 100644
--- a/2017/16xxx/CVE-2017-16040.json
+++ b/2017/16xxx/CVE-2017-16040.json
@@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://nodesecurity.io/advisories/291",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/291"
}
]
diff --git a/2017/16xxx/CVE-2017-16041.json b/2017/16xxx/CVE-2017-16041.json
index e1e9e6a650e..e2a6ab9eeb0 100644
--- a/2017/16xxx/CVE-2017-16041.json
+++ b/2017/16xxx/CVE-2017-16041.json
@@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://nodesecurity.io/advisories/249",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/249"
}
]
diff --git a/2017/16xxx/CVE-2017-16042.json b/2017/16xxx/CVE-2017-16042.json
index ce9ad2981ad..fcaa752d585 100644
--- a/2017/16xxx/CVE-2017-16042.json
+++ b/2017/16xxx/CVE-2017-16042.json
@@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
- "value" : "Growl adds growl notification support to nodejs. Growl does not properly sanitize input before passing it to exec, allowing for arbitrary command execution."
+ "value" : "Growl adds growl notification support to nodejs. Growl before 1.10.2 does not properly sanitize input before passing it to exec, allowing for arbitrary command execution."
}
]
},
@@ -54,12 +54,18 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://github.com/tj/node-growl/issues/60",
+ "refsource" : "MISC",
"url" : "https://github.com/tj/node-growl/issues/60"
},
{
+ "name" : "https://github.com/tj/node-growl/pull/61",
+ "refsource" : "MISC",
"url" : "https://github.com/tj/node-growl/pull/61"
},
{
+ "name" : "https://nodesecurity.io/advisories/146",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/146"
}
]
diff --git a/2017/16xxx/CVE-2017-16043.json b/2017/16xxx/CVE-2017-16043.json
index aa7e6b07403..466b950bb2a 100644
--- a/2017/16xxx/CVE-2017-16043.json
+++ b/2017/16xxx/CVE-2017-16043.json
@@ -35,7 +35,7 @@
"description_data" : [
{
"lang" : "eng",
- "value" : "Shout is an IRC client. Because the `/topic` command in messages is unescaped, attackers have the ability to inject HTML scripts that will run in the victim's browser."
+ "value" : "Shout is an IRC client. Because the `/topic` command in messages is unescaped, attackers have the ability to inject HTML scripts that will run in the victim's browser. Affects shout >=0.44.0 <=0.49.3."
}
]
},
@@ -54,9 +54,13 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://github.com/erming/shout/pull/344",
+ "refsource" : "MISC",
"url" : "https://github.com/erming/shout/pull/344"
},
{
+ "name" : "https://nodesecurity.io/advisories/322",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/322"
}
]
diff --git a/2017/16xxx/CVE-2017-16044.json b/2017/16xxx/CVE-2017-16044.json
index a191f45171d..f23c0d8740e 100644
--- a/2017/16xxx/CVE-2017-16044.json
+++ b/2017/16xxx/CVE-2017-16044.json
@@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://nodesecurity.io/advisories/497",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/497"
}
]
diff --git a/2017/16xxx/CVE-2017-16045.json b/2017/16xxx/CVE-2017-16045.json
index f7285ca12ee..15d8f7ad4c1 100644
--- a/2017/16xxx/CVE-2017-16045.json
+++ b/2017/16xxx/CVE-2017-16045.json
@@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://nodesecurity.io/advisories/496",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/496"
}
]
diff --git a/2017/16xxx/CVE-2017-16046.json b/2017/16xxx/CVE-2017-16046.json
index f78adad0db6..a8705862140 100644
--- a/2017/16xxx/CVE-2017-16046.json
+++ b/2017/16xxx/CVE-2017-16046.json
@@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://nodesecurity.io/advisories/495",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/495"
}
]
diff --git a/2017/16xxx/CVE-2017-16048.json b/2017/16xxx/CVE-2017-16048.json
index 9ae6e1a1f61..06f893ca2bc 100644
--- a/2017/16xxx/CVE-2017-16048.json
+++ b/2017/16xxx/CVE-2017-16048.json
@@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://nodesecurity.io/advisories/493",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/493"
}
]
diff --git a/2017/16xxx/CVE-2017-16049.json b/2017/16xxx/CVE-2017-16049.json
index 9cd5697d3e3..953baccfa06 100644
--- a/2017/16xxx/CVE-2017-16049.json
+++ b/2017/16xxx/CVE-2017-16049.json
@@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://nodesecurity.io/advisories/492",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/492"
}
]
diff --git a/2017/16xxx/CVE-2017-16050.json b/2017/16xxx/CVE-2017-16050.json
index 0d7a7e591c7..c5dc4cd7baa 100644
--- a/2017/16xxx/CVE-2017-16050.json
+++ b/2017/16xxx/CVE-2017-16050.json
@@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://nodesecurity.io/advisories/491",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/491"
}
]
diff --git a/2017/16xxx/CVE-2017-16051.json b/2017/16xxx/CVE-2017-16051.json
index 878f79c6349..c16ef9e3139 100644
--- a/2017/16xxx/CVE-2017-16051.json
+++ b/2017/16xxx/CVE-2017-16051.json
@@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://nodesecurity.io/advisories/490",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/490"
}
]
diff --git a/2017/16xxx/CVE-2017-16052.json b/2017/16xxx/CVE-2017-16052.json
index bbe26ed0c0d..40c02195d78 100644
--- a/2017/16xxx/CVE-2017-16052.json
+++ b/2017/16xxx/CVE-2017-16052.json
@@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://nodesecurity.io/advisories/489",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/489"
}
]
diff --git a/2017/16xxx/CVE-2017-16053.json b/2017/16xxx/CVE-2017-16053.json
index dc3b54ed486..e49e605f89d 100644
--- a/2017/16xxx/CVE-2017-16053.json
+++ b/2017/16xxx/CVE-2017-16053.json
@@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://nodesecurity.io/advisories/487",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/487"
}
]
diff --git a/2017/16xxx/CVE-2017-16054.json b/2017/16xxx/CVE-2017-16054.json
index 0083afde636..9fc192f1b2a 100644
--- a/2017/16xxx/CVE-2017-16054.json
+++ b/2017/16xxx/CVE-2017-16054.json
@@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://nodesecurity.io/advisories/488",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/488"
}
]
diff --git a/2017/16xxx/CVE-2017-16055.json b/2017/16xxx/CVE-2017-16055.json
index a3acfd7fd1e..f7aecd53f8c 100644
--- a/2017/16xxx/CVE-2017-16055.json
+++ b/2017/16xxx/CVE-2017-16055.json
@@ -54,6 +54,8 @@
"references" : {
"reference_data" : [
{
+ "name" : "https://nodesecurity.io/advisories/486",
+ "refsource" : "MISC",
"url" : "https://nodesecurity.io/advisories/486"
}
]