admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-10 02:04:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

updated rejected CVE's as per gtheall

Browse Source
This commit is contained in:
Kurt Seifried 2018-12-05 13:49:32 -07:00
parent e15e72a239
commit 8632f3f229
No known key found for this signature in database
GPG Key ID: F15CADC4A00F8174
2 changed files with 19 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2018/1000xxx/CVE-2018-1000818.json
View File

@ -11,7 +11,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-19131, CVE-2018-19132. Reason: This candidate is a duplicate of CVE-2018-19131 and/or CVE-2018-19132. Notes: All CVE users should reference CVE-2018-19131 and/or CVE-2018-19132 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-19132. Reason: This candidate is a reservation duplicate of CVE-2018-19132. Notes: All CVE users should reference CVE-2018-19132 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

19
2018/1000xxx/CVE-2018-1000819.json
View File

@ -1 +1,18 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://github.com/squid-cache/squid/pull/306"},{"url": "http://www.squid-cache.org/Versions/v5/changesets/squid-5-6feeb15ff312f3e145763adf8d234ed6a0b3f11d.patch"},{"url": "http://www.squid-cache.org/Advisories/SQUID-2018_4.txt"}]},"description": {"description_data": [{"lang": "eng","value": "The Squid Software Foundation Squid HTTP Proxy version 3.1.12.1 to 3.1.23, 3.2.0.4 to 3.5.28, 4.0 to 4.3 - inclusive contains a Cross Site Scripting (XSS) vulnerability in HTTP(S) error page generation for TLS X.509 certificate errors that can result in Arbitrary HTML/script run by web Browser within scope of CORS origin. This attack appear to be exploitable via Attacker delivers X.509 certificate designed to trigger TLS error page generation using syntax supplied in the certificate. This vulnerability appears to have been fixed in 4.4."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "3.1.12.1 to 3.1.23, 3.2.0.4 to 3.5.28, 4.0 to 4.3 - inclusive"}]},"product_name": "Squid HTTP Proxy"}]},"vendor_name": "The Squid Software Foundation"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-11-27T13:54:33.458510","DATE_REQUESTED": "2018-10-24T16:35:36","ID": "CVE-2018-1000819","ASSIGNER": "kurt@seifried.org","REQUESTER": "squid3@treenet.co.nz"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Cross Site Scripting (XSS)"}]}]}}
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-1000819",
"STATE" : "REJECT"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-19131. Reason: This candidate is a reservation duplicate of CVE-2018-19131. Notes: All CVE users should reference CVE-2018-19131 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}
}