diff --git a/2018/18xxx/CVE-2018-18590.json b/2018/18xxx/CVE-2018-18590.json index 58e101cd179..6650e23c246 100644 --- a/2018/18xxx/CVE-2018-18590.json +++ b/2018/18xxx/CVE-2018-18590.json @@ -1,100 +1,101 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@microfocus.com", - "DATE_PUBLIC": "2018-11-07T14:30:00.000Z", - "ID": "CVE-2018-18590", - "STATE": "PUBLIC", - "TITLE": "MFSBGN03829 rev.1 - Micro Focus Operation Bridge Containerized Suite, Remote Code Execution" + "CVE_data_meta" : { + "ASSIGNER" : "security@microfocus.com", + "DATE_PUBLIC" : "2018-11-07T14:30:00.000Z", + "ID" : "CVE-2018-18590", + "STATE" : "PUBLIC", + "TITLE" : "MFSBGN03829 rev.1 - Micro Focus Operation Bridge Containerized Suite, Remote Code Execution" }, - "affects": { - "vendor": { - "vendor_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "product": { - "product_data": [ + "product" : { + "product_data" : [ { - "product_name": "Operation Bridge Containerized Suite", - "version": { - "version_data": [ + "product_name" : "Operation Bridge Containerized Suite", + "version" : { + "version_data" : [ { - "version_value": "2017.11, 2018.02, 2018.05, 2018.08" + "version_value" : "2017.11, 2018.02, 2018.05, 2018.08" } ] } } ] }, - "vendor_name": "Micro Focus" + "vendor_name" : "Micro Focus" } ] } }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ { - "lang": "eng", - "value": "A potential remote code execution and information disclosure vulnerability exists in Micro Focus Operations Bridge containerized suite versions 2017.11, 2018.02, 2018.05, 2018.08. This vulnerability could allow for information disclosure. \n\n" + "lang" : "eng", + "value" : "A potential remote code execution and information disclosure vulnerability exists in Micro Focus Operations Bridge containerized suite versions 2017.11, 2018.02, 2018.05, 2018.08. This vulnerability could allow for information disclosure." } ] }, - "exploit": [ + "exploit" : [ { - "lang": "eng", - "value": "Remote Code Execution" + "lang" : "eng", + "value" : "Remote Code Execution" }, { - "lang": "eng", - "value": "Remote Information Disclosure" + "lang" : "eng", + "value" : "Remote Information Disclosure" } ], - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "ADJACENT_NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 9.6, - "baseSeverity": "CRITICAL", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", - "version": "3.0" + "impact" : { + "cvss" : { + "attackComplexity" : "LOW", + "attackVector" : "ADJACENT_NETWORK", + "availabilityImpact" : "HIGH", + "baseScore" : 9.6, + "baseSeverity" : "CRITICAL", + "confidentialityImpact" : "HIGH", + "integrityImpact" : "HIGH", + "privilegesRequired" : "NONE", + "scope" : "CHANGED", + "userInteraction" : "NONE", + "vectorString" : "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version" : "3.0" } }, - "problemtype": { - "problemtype_data": [ + "problemtype" : { + "problemtype_data" : [ { - "description": [ + "description" : [ { - "lang": "eng", - "value": "Remote Code Execution" + "lang" : "eng", + "value" : "Remote Code Execution" } ] }, { - "description": [ + "description" : [ { - "lang": "eng", - "value": "Remote Disclosure of Information" + "lang" : "eng", + "value" : "Remote Disclosure of Information" } ] } ] }, - "references": { - "reference_data": [ + "references" : { + "reference_data" : [ { - "refsource": "CONFIRM", - "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03283416" + "name" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03283416", + "refsource" : "CONFIRM", + "url" : "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03283416" } ] }, - "source": { - "discovery": "UNKNOWN" + "source" : { + "discovery" : "UNKNOWN" } } diff --git a/2018/19xxx/CVE-2018-19058.json b/2018/19xxx/CVE-2018-19058.json new file mode 100644 index 00000000000..d69575661d9 --- /dev/null +++ b/2018/19xxx/CVE-2018-19058.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-19058", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://gitlab.freedesktop.org/poppler/poppler/issues/659", + "refsource" : "MISC", + "url" : "https://gitlab.freedesktop.org/poppler/poppler/issues/659" + } + ] + } +} diff --git a/2018/19xxx/CVE-2018-19059.json b/2018/19xxx/CVE-2018-19059.json new file mode 100644 index 00000000000..c36a4b4e054 --- /dev/null +++ b/2018/19xxx/CVE-2018-19059.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-19059", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An issue was discovered in Poppler 0.71.0. There is a out-of-bounds read in EmbFile::save2 in FileSpec.cc, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating embedded files before save attempts." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://gitlab.freedesktop.org/poppler/poppler/issues/661", + "refsource" : "MISC", + "url" : "https://gitlab.freedesktop.org/poppler/poppler/issues/661" + } + ] + } +} diff --git a/2018/19xxx/CVE-2018-19060.json b/2018/19xxx/CVE-2018-19060.json new file mode 100644 index 00000000000..96fc9e25794 --- /dev/null +++ b/2018/19xxx/CVE-2018-19060.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-19060", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An issue was discovered in Poppler 0.71.0. There is a NULL pointer dereference in goo/GooString.h, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating a filename of an embedded file before constructing a save path." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://gitlab.freedesktop.org/poppler/poppler/issues/660", + "refsource" : "MISC", + "url" : "https://gitlab.freedesktop.org/poppler/poppler/issues/660" + } + ] + } +}