From 8f640a9f38e6e187258775567295cd54564896cb Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 13 Feb 2023 04:01:56 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2012/4xxx/CVE-2012-4460.json | 79 ++-- 2012/4xxx/CVE-2012-4465.json | 107 ++--- 2012/4xxx/CVE-2012-4467.json | 85 ++-- 2012/4xxx/CVE-2012-4480.json | 77 ++-- 2012/4xxx/CVE-2012-4508.json | 139 ++++--- 2012/4xxx/CVE-2012-4514.json | 97 ++--- 2012/4xxx/CVE-2012-4515.json | 99 ++--- 2012/4xxx/CVE-2012-4516.json | 83 ++-- 2012/4xxx/CVE-2012-4517.json | 109 ++--- 2012/4xxx/CVE-2012-4518.json | 85 ++-- 2013/1xxx/CVE-2013-1929.json | 173 ++++---- 2013/1xxx/CVE-2013-1930.json | 89 ++-- 2013/1xxx/CVE-2013-1931.json | 97 ++--- 2013/1xxx/CVE-2013-1932.json | 77 ++-- 2013/1xxx/CVE-2013-1934.json | 73 ++-- 2013/1xxx/CVE-2013-1942.json | 103 ++--- 2013/1xxx/CVE-2013-1943.json | 52 +-- 2013/1xxx/CVE-2013-1950.json | 73 ++-- 2013/1xxx/CVE-2013-1951.json | 117 +++--- 2013/1xxx/CVE-2013-1952.json | 115 ++--- 2013/4xxx/CVE-2013-4410.json | 97 ++--- 2013/4xxx/CVE-2013-4411.json | 109 ++--- 2013/4xxx/CVE-2013-4414.json | 73 +--- 2013/4xxx/CVE-2013-4420.json | 73 ++-- 2013/4xxx/CVE-2013-4422.json | 103 ++--- 2013/4xxx/CVE-2013-4423.json | 737 +-------------------------------- 2013/4xxx/CVE-2013-4424.json | 61 +-- 2013/4xxx/CVE-2013-4428.json | 109 ++--- 2013/4xxx/CVE-2013-4440.json | 103 ++--- 2018/16xxx/CVE-2018-16885.json | 32 +- 2018/16xxx/CVE-2018-16889.json | 46 +- 2021/23xxx/CVE-2021-23174.json | 169 ++++---- 2023/0xxx/CVE-2023-0091.json | 12 +- 2023/0xxx/CVE-2023-0105.json | 12 +- 2023/0xxx/CVE-2023-0229.json | 48 ++- 2023/0xxx/CVE-2023-0296.json | 72 +--- 36 files changed, 1454 insertions(+), 2331 deletions(-) diff --git a/2012/4xxx/CVE-2012-4460.json b/2012/4xxx/CVE-2012-4460.json index 6e4a13e3cde..d0d15b1c6c1 100644 --- a/2012/4xxx/CVE-2012-4460.json +++ b/2012/4xxx/CVE-2012-4460.json @@ -1,40 +1,17 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-4460", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "The serializing/deserializing functions in the qpid::framing::Buffer class in Apache Qpid 0.20 and earlier allow remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors. NOTE: this issue could also trigger an out-of-bounds read, but it might not trigger a crash." + "value": "The serializing/deserializing functions in the qpid::framing::Buffer class in Apache Qpid 0.20 and earlier allow remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors. NOTE: this issue could also trigger an out-of-bounds read, but it might not trigger a crash." } ] }, @@ -50,27 +27,51 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=861242", + "url": "http://svn.apache.org/viewvc?view=revision&revision=1453031", "refsource": "MISC", - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=861242" + "name": "http://svn.apache.org/viewvc?view=revision&revision=1453031" }, { - "name": "https://issues.apache.org/jira/issues/?jql=fixVersion%20%3D%20%220.21%22%20AND%20project%20%3D%20QPID", - "refsource": "CONFIRM", - "url": "https://issues.apache.org/jira/issues/?jql=fixVersion%20%3D%20%220.21%22%20AND%20project%20%3D%20QPID" + "url": "https://issues.apache.org/jira/browse/QPID-4629", + "refsource": "MISC", + "name": "https://issues.apache.org/jira/browse/QPID-4629" }, { - "name": "https://issues.apache.org/jira/browse/QPID-4629", - "refsource": "CONFIRM", - "url": "https://issues.apache.org/jira/browse/QPID-4629" + "url": "https://issues.apache.org/jira/issues/?jql=fixVersion%20%3D%20%220.21%22%20AND%20project%20%3D%20QPID", + "refsource": "MISC", + "name": "https://issues.apache.org/jira/issues/?jql=fixVersion%20%3D%20%220.21%22%20AND%20project%20%3D%20QPID" }, { - "name": "http://svn.apache.org/viewvc?view=revision&revision=1453031", - "refsource": "CONFIRM", - "url": "http://svn.apache.org/viewvc?view=revision&revision=1453031" + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=861242", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=861242" } ] } diff --git a/2012/4xxx/CVE-2012-4465.json b/2012/4xxx/CVE-2012-4465.json index 1232fc43533..125ed8cd89b 100644 --- a/2012/4xxx/CVE-2012-4465.json +++ b/2012/4xxx/CVE-2012-4465.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-4465", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,42 +27,66 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "[oss-security] 20120930 cgit: heap buffer overflow", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2012/09/30/1" - }, - { - "name": "http://git.zx2c4.com/cgit/commit/?id=7757d1b046ecb67b830151d20715c658867df1ec", - "refsource": "CONFIRM", - "url": "http://git.zx2c4.com/cgit/commit/?id=7757d1b046ecb67b830151d20715c658867df1ec" - }, - { - "name": "[cgit] 20120703 avoid stack-smash when processing unusual commit", - "refsource": "MLIST", - "url": "http://hjemli.net/pipermail/cgit/2012-July/000652.html" - }, - { - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=820733", + "url": "http://git.zx2c4.com/cgit/commit/?id=7757d1b046ecb67b830151d20715c658867df1ec", "refsource": "MISC", - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=820733" + "name": "http://git.zx2c4.com/cgit/commit/?id=7757d1b046ecb67b830151d20715c658867df1ec" }, { - "name": "50734", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/50734" + "url": "http://hjemli.net/pipermail/cgit/2012-July/000652.html", + "refsource": "MISC", + "name": "http://hjemli.net/pipermail/cgit/2012-July/000652.html" }, { - "name": "55724", - "refsource": "BID", - "url": "http://www.securityfocus.com/bid/55724" + "url": "http://secunia.com/advisories/50734", + "refsource": "MISC", + "name": "http://secunia.com/advisories/50734" }, { - "name": "[oss-security] 20121003 Re: cgit: heap buffer overflow", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2012/10/03/7" + "url": "http://www.openwall.com/lists/oss-security/2012/09/30/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2012/09/30/1" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2012/10/03/7", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2012/10/03/7" + }, + { + "url": "http://www.securityfocus.com/bid/55724", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/55724" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=820733", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=820733" } ] } diff --git a/2012/4xxx/CVE-2012-4467.json b/2012/4xxx/CVE-2012-4467.json index 9fb2a6fbc77..9a4d1ea6574 100644 --- a/2012/4xxx/CVE-2012-4467.json +++ b/2012/4xxx/CVE-2012-4467.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-4467", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,32 +27,56 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.5.4", - "refsource": "CONFIRM", - "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.5.4" + "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ed6fe9d614fc1bca95eb8c0ccd0e92db00ef9d5d", + "refsource": "MISC", + "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ed6fe9d614fc1bca95eb8c0ccd0e92db00ef9d5d" }, { - "name": "55785", - "refsource": "BID", - "url": "http://www.securityfocus.com/bid/55785" + "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.5.4", + "refsource": "MISC", + "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.5.4" }, { - "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ed6fe9d614fc1bca95eb8c0ccd0e92db00ef9d5d", - "refsource": "CONFIRM", - "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=ed6fe9d614fc1bca95eb8c0ccd0e92db00ef9d5d" + "url": "http://www.openwall.com/lists/oss-security/2012/10/04/2", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2012/10/04/2" }, { - "name": "https://github.com/torvalds/linux/commit/ed6fe9d614fc1bca95eb8c0ccd0e92db00ef9d5d", - "refsource": "CONFIRM", - "url": "https://github.com/torvalds/linux/commit/ed6fe9d614fc1bca95eb8c0ccd0e92db00ef9d5d" + "url": "http://www.securityfocus.com/bid/55785", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/55785" }, { - "name": "[oss-security] 20121003 Re: CVE Request -- kernel: compat: SIOCGSTAMP/SIOCGSTAMPNS incorrect order of arguments to compat_put_time[val|spec]", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2012/10/04/2" + "url": "https://github.com/torvalds/linux/commit/ed6fe9d614fc1bca95eb8c0ccd0e92db00ef9d5d", + "refsource": "MISC", + "name": "https://github.com/torvalds/linux/commit/ed6fe9d614fc1bca95eb8c0ccd0e92db00ef9d5d" } ] } diff --git a/2012/4xxx/CVE-2012-4480.json b/2012/4xxx/CVE-2012-4480.json index 8b5050e3fad..ed0659c4835 100644 --- a/2012/4xxx/CVE-2012-4480.json +++ b/2012/4xxx/CVE-2012-4480.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-4480", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "mom", - "version": { - "version_data": [ - { - "version_value": "through 2012-10-05" - } - ] - } - } - ] - }, - "vendor_name": "mom" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,17 +27,36 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "mom", + "product": { + "product_data": [ + { + "product_name": "mom", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "through 2012-10-05" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4480", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089658.html", "refsource": "MISC", - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4480" - }, - { - "url": "https://access.redhat.com/security/cve/cve-2012-4480", - "refsource": "MISC", - "name": "https://access.redhat.com/security/cve/cve-2012-4480" + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089658.html" }, { "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090188.html", @@ -68,14 +64,19 @@ "name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090188.html" }, { + "url": "https://access.redhat.com/security/cve/cve-2012-4480", "refsource": "MISC", - "name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089658.html", - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089658.html" + "name": "https://access.redhat.com/security/cve/cve-2012-4480" }, { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4480", "refsource": "MISC", - "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79190", - "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79190" + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4480" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79190", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79190" } ] } diff --git a/2012/4xxx/CVE-2012-4508.json b/2012/4xxx/CVE-2012-4508.json index 5af85ec385e..26e87bbede6 100644 --- a/2012/4xxx/CVE-2012-4508.json +++ b/2012/4xxx/CVE-2012-4508.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-4508", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,77 +27,101 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=dee1f973ca341c266229faa5a1a5bb268bed3531", - "refsource": "CONFIRM", - "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=dee1f973ca341c266229faa5a1a5bb268bed3531" + "url": "https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html", + "refsource": "MISC", + "name": "https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html" }, { - "name": "RHSA-2012:1540", - "refsource": "REDHAT", - "url": "http://rhn.redhat.com/errata/RHSA-2012-1540.html" + "url": "http://rhn.redhat.com/errata/RHSA-2012-1540.html", + "refsource": "MISC", + "name": "http://rhn.redhat.com/errata/RHSA-2012-1540.html" }, { - "name": "RHSA-2013:0496", - "refsource": "REDHAT", - "url": "http://rhn.redhat.com/errata/RHSA-2013-0496.html" + "url": "http://rhn.redhat.com/errata/RHSA-2013-0496.html", + "refsource": "MISC", + "name": "http://rhn.redhat.com/errata/RHSA-2013-0496.html" }, { - "name": "RHSA-2013:1783", - "refsource": "REDHAT", - "url": "http://rhn.redhat.com/errata/RHSA-2013-1783.html" + "url": "http://www.ubuntu.com/usn/USN-1899-1", + "refsource": "MISC", + "name": "http://www.ubuntu.com/usn/USN-1899-1" }, { - "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.16", - "refsource": "CONFIRM", - "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.16" + "url": "http://www.ubuntu.com/usn/USN-1900-1", + "refsource": "MISC", + "name": "http://www.ubuntu.com/usn/USN-1900-1" }, { - "name": "USN-1645-1", - "refsource": "UBUNTU", - "url": "http://www.ubuntu.com/usn/USN-1645-1" + "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=dee1f973ca341c266229faa5a1a5bb268bed3531", + "refsource": "MISC", + "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=dee1f973ca341c266229faa5a1a5bb268bed3531" }, { - "name": "USN-1899-1", - "refsource": "UBUNTU", - "url": "http://www.ubuntu.com/usn/USN-1899-1" + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091110.html", + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091110.html" }, { - "name": "RHSA-2013:1519", - "refsource": "REDHAT", - "url": "http://rhn.redhat.com/errata/RHSA-2013-1519.html" + "url": "http://rhn.redhat.com/errata/RHSA-2013-1519.html", + "refsource": "MISC", + "name": "http://rhn.redhat.com/errata/RHSA-2013-1519.html" }, { - "name": "SUSE-SU-2012:1679", - "refsource": "SUSE", - "url": "https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html" + "url": "http://rhn.redhat.com/errata/RHSA-2013-1783.html", + "refsource": "MISC", + "name": "http://rhn.redhat.com/errata/RHSA-2013-1783.html" }, { - "name": "https://github.com/torvalds/linux/commit/dee1f973ca341c266229faa5a1a5bb268bed3531", - "refsource": "CONFIRM", - "url": "https://github.com/torvalds/linux/commit/dee1f973ca341c266229faa5a1a5bb268bed3531" + "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.16", + "refsource": "MISC", + "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.16" }, { - "name": "FEDORA-2012-17479", - "refsource": "FEDORA", - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091110.html" + "url": "http://www.openwall.com/lists/oss-security/2012/10/25/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2012/10/25/1" }, { - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=869904", - "refsource": "CONFIRM", - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=869904" + "url": "http://www.ubuntu.com/usn/USN-1645-1", + "refsource": "MISC", + "name": "http://www.ubuntu.com/usn/USN-1645-1" }, { - "name": "[oss-security] 20121025 CVE-2012-4508 -- kernel: ext4: AIO vs fallocate stale data exposure", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2012/10/25/1" + "url": "https://github.com/torvalds/linux/commit/dee1f973ca341c266229faa5a1a5bb268bed3531", + "refsource": "MISC", + "name": "https://github.com/torvalds/linux/commit/dee1f973ca341c266229faa5a1a5bb268bed3531" }, { - "name": "USN-1900-1", - "refsource": "UBUNTU", - "url": "http://www.ubuntu.com/usn/USN-1900-1" + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=869904", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=869904" } ] } diff --git a/2012/4xxx/CVE-2012-4514.json b/2012/4xxx/CVE-2012-4514.json index 18bff247855..5a0b517fdd8 100644 --- a/2012/4xxx/CVE-2012-4514.json +++ b/2012/4xxx/CVE-2012-4514.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-4514", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,37 +27,61 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://bugs.kde.org/show_bug.cgi?id=271528", - "refsource": "CONFIRM", - "url": "https://bugs.kde.org/show_bug.cgi?id=271528" - }, - { - "name": "http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=65464349951e0df9b5d80c2eb3cc7458d54923ae", - "refsource": "CONFIRM", - "url": "http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=65464349951e0df9b5d80c2eb3cc7458d54923ae" - }, - { - "name": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc", + "url": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc", "refsource": "MISC", - "url": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc" + "name": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc" }, { - "name": "[oss-security] 20121011 Re: Pre-advisory for Konqueror 4.7.3 (other versions may be affected)", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2012/10/11/11" + "url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html", + "refsource": "MISC", + "name": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html" }, { - "name": "20121030 Medium risk security flaws in Konqueror", - "refsource": "BUGTRAQ", - "url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html" + "url": "http://www.openwall.com/lists/oss-security/2012/10/11/11", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2012/10/11/11" }, { - "name": "[oss-security] 20121030 Medium risk security flaws in Konqueror", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2012/10/30/6" + "url": "http://www.openwall.com/lists/oss-security/2012/10/30/6", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2012/10/30/6" + }, + { + "url": "http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=65464349951e0df9b5d80c2eb3cc7458d54923ae", + "refsource": "MISC", + "name": "http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=65464349951e0df9b5d80c2eb3cc7458d54923ae" + }, + { + "url": "https://bugs.kde.org/show_bug.cgi?id=271528", + "refsource": "MISC", + "name": "https://bugs.kde.org/show_bug.cgi?id=271528" } ] } diff --git a/2012/4xxx/CVE-2012-4515.json b/2012/4xxx/CVE-2012-4515.json index 4d90a30bca6..08f94c9d9cf 100644 --- a/2012/4xxx/CVE-2012-4515.json +++ b/2012/4xxx/CVE-2012-4515.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-4515", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,42 +27,66 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "51145", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/51145" - }, - { - "name": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc", + "url": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc", "refsource": "MISC", - "url": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc" + "name": "http://www.nth-dimension.org.uk/pub/NDSA20121010.txt.asc" }, { - "name": "[oss-security] 20121011 Re: Pre-advisory for Konqueror 4.7.3 (other versions may be affected)", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2012/10/11/11" + "url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html", + "refsource": "MISC", + "name": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html" }, { - "name": "20121030 Medium risk security flaws in Konqueror", - "refsource": "BUGTRAQ", - "url": "http://archives.neohapsis.com/archives/bugtraq/2012-11/0005.html" + "url": "http://secunia.com/advisories/51097", + "refsource": "MISC", + "name": "http://secunia.com/advisories/51097" }, { - "name": "http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=4f2eb356f1c23444fff2cfe0a7ae10efe303d6d8", - "refsource": "CONFIRM", - "url": "http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=4f2eb356f1c23444fff2cfe0a7ae10efe303d6d8" + "url": "http://secunia.com/advisories/51145", + "refsource": "MISC", + "name": "http://secunia.com/advisories/51145" }, { - "name": "[oss-security] 20121030 Medium risk security flaws in Konqueror", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2012/10/30/6" + "url": "http://www.openwall.com/lists/oss-security/2012/10/11/11", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2012/10/11/11" }, { - "name": "51097", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/51097" + "url": "http://www.openwall.com/lists/oss-security/2012/10/30/6", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2012/10/30/6" + }, + { + "url": "http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=4f2eb356f1c23444fff2cfe0a7ae10efe303d6d8", + "refsource": "MISC", + "name": "http://quickgit.kde.org/index.php?p=kdelibs.git&a=commitdiff&h=4f2eb356f1c23444fff2cfe0a7ae10efe303d6d8" } ] } diff --git a/2012/4xxx/CVE-2012-4516.json b/2012/4xxx/CVE-2012-4516.json index 525d432625a..df36112caf6 100644 --- a/2012/4xxx/CVE-2012-4516.json +++ b/2012/4xxx/CVE-2012-4516.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-4516", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,32 +27,56 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=865483", + "url": "http://git.openfabrics.org/git?p=~shefty/librdmacm.git%3Ba=commitdiff%3Bh=4b5c1aa734e0e734fc2ba3cd41d0ddf02170af6d", "refsource": "MISC", - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865483" + "name": "http://git.openfabrics.org/git?p=~shefty/librdmacm.git%3Ba=commitdiff%3Bh=4b5c1aa734e0e734fc2ba3cd41d0ddf02170af6d" }, { - "name": "[oss-security] 20121011 CVE Request -- librdmacm (one issue) / ibacm (two issues)", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2012/10/11/6" + "url": "http://www.openwall.com/lists/oss-security/2012/10/11/6", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2012/10/11/6" }, { - "name": "http://git.openfabrics.org/git?p=~shefty/librdmacm.git;a=commitdiff;h=4b5c1aa734e0e734fc2ba3cd41d0ddf02170af6d", - "refsource": "CONFIRM", - "url": "http://git.openfabrics.org/git?p=~shefty/librdmacm.git;a=commitdiff;h=4b5c1aa734e0e734fc2ba3cd41d0ddf02170af6d" + "url": "http://www.openwall.com/lists/oss-security/2012/10/11/9", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2012/10/11/9" }, { - "name": "[oss-security] 20121011 Re: CVE Request -- librdmacm (one issue) / ibacm (two issues)", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2012/10/11/9" + "url": "http://www.securityfocus.com/bid/55896", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/55896" }, { - "name": "55896", - "refsource": "BID", - "url": "http://www.securityfocus.com/bid/55896" + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865483", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=865483" } ] } diff --git a/2012/4xxx/CVE-2012-4517.json b/2012/4xxx/CVE-2012-4517.json index 4d4b29832ab..351c14f206e 100644 --- a/2012/4xxx/CVE-2012-4517.json +++ b/2012/4xxx/CVE-2012-4517.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-4517", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,47 +27,71 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "http://git.openfabrics.org/git?p=~shefty/ibacm.git;a=commit;h=c7d28b35d64333c262de3ec972c426423dadccf9", - "refsource": "CONFIRM", - "url": "http://git.openfabrics.org/git?p=~shefty/ibacm.git;a=commit;h=c7d28b35d64333c262de3ec972c426423dadccf9" - }, - { - "name": "RHSA-2013:0509", - "refsource": "REDHAT", - "url": "http://rhn.redhat.com/errata/RHSA-2013-0509.html" - }, - { - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=865492", + "url": "http://www.openwall.com/lists/oss-security/2012/10/11/6", "refsource": "MISC", - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865492" + "name": "http://www.openwall.com/lists/oss-security/2012/10/11/6" }, { - "name": "[oss-security] 20121011 CVE Request -- librdmacm (one issue) / ibacm (two issues)", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2012/10/11/6" + "url": "http://www.openwall.com/lists/oss-security/2012/10/11/9", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2012/10/11/9" }, { - "name": "ibacm-connections-dos(79396)", - "refsource": "XF", - "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79396" + "url": "http://rhn.redhat.com/errata/RHSA-2013-0509.html", + "refsource": "MISC", + "name": "http://rhn.redhat.com/errata/RHSA-2013-0509.html" }, { - "name": "[linux-rdma] 20120413 [ANNOUNCE] ibacm release 1.0.6", - "refsource": "MLIST", - "url": "http://comments.gmane.org/gmane.linux.drivers.rdma/11659" + "url": "http://www.securityfocus.com/bid/55890", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/55890" }, { - "name": "[oss-security] 20121011 Re: CVE Request -- librdmacm (one issue) / ibacm (two issues)", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2012/10/11/9" + "url": "http://comments.gmane.org/gmane.linux.drivers.rdma/11659", + "refsource": "MISC", + "name": "http://comments.gmane.org/gmane.linux.drivers.rdma/11659" }, { - "name": "55890", - "refsource": "BID", - "url": "http://www.securityfocus.com/bid/55890" + "url": "http://git.openfabrics.org/git?p=~shefty/ibacm.git%3Ba=commit%3Bh=c7d28b35d64333c262de3ec972c426423dadccf9", + "refsource": "MISC", + "name": "http://git.openfabrics.org/git?p=~shefty/ibacm.git%3Ba=commit%3Bh=c7d28b35d64333c262de3ec972c426423dadccf9" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79396", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79396" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=865492", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=865492" } ] } diff --git a/2012/4xxx/CVE-2012-4518.json b/2012/4xxx/CVE-2012-4518.json index 3bda558483c..a42ce183e86 100644 --- a/2012/4xxx/CVE-2012-4518.json +++ b/2012/4xxx/CVE-2012-4518.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-4518", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,32 +27,56 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "RHSA-2013:0509", - "refsource": "REDHAT", - "url": "http://rhn.redhat.com/errata/RHSA-2013-0509.html" + "url": "http://www.openwall.com/lists/oss-security/2012/10/11/6", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2012/10/11/6" }, { - "name": "[oss-security] 20121011 CVE Request -- librdmacm (one issue) / ibacm (two issues)", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2012/10/11/6" + "url": "http://www.openwall.com/lists/oss-security/2012/10/11/9", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2012/10/11/9" }, { - "name": "http://git.openfabrics.org/git?p=~shefty/ibacm.git;a=commit;h=d204fca2b6298d7799e918141ea8e11e7ad43cec", - "refsource": "CONFIRM", - "url": "http://git.openfabrics.org/git?p=~shefty/ibacm.git;a=commit;h=d204fca2b6298d7799e918141ea8e11e7ad43cec" + "url": "http://git.openfabrics.org/git?p=~shefty/ibacm.git%3Ba=commit%3Bh=d204fca2b6298d7799e918141ea8e11e7ad43cec", + "refsource": "MISC", + "name": "http://git.openfabrics.org/git?p=~shefty/ibacm.git%3Ba=commit%3Bh=d204fca2b6298d7799e918141ea8e11e7ad43cec" }, { - "name": "[oss-security] 20121011 Re: CVE Request -- librdmacm (one issue) / ibacm (two issues)", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2012/10/11/9" + "url": "http://rhn.redhat.com/errata/RHSA-2013-0509.html", + "refsource": "MISC", + "name": "http://rhn.redhat.com/errata/RHSA-2013-0509.html" }, { - "name": "55890", - "refsource": "BID", - "url": "http://www.securityfocus.com/bid/55890" + "url": "http://www.securityfocus.com/bid/55890", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/55890" } ] } diff --git a/2013/1xxx/CVE-2013-1929.json b/2013/1xxx/CVE-2013-1929.json index b4ce297f04c..2baafd03cb2 100644 --- a/2013/1xxx/CVE-2013-1929.json +++ b/2013/1xxx/CVE-2013-1929.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-1929", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,87 +27,111 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "USN-1834-1", - "refsource": "UBUNTU", - "url": "http://www.ubuntu.com/usn/USN-1834-1" - }, - { - "name": "MDVSA-2013:176", - "refsource": "MANDRIVA", - "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:176" - }, - { - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=949932", - "refsource": "CONFIRM", - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=949932" - }, - { - "name": "SUSE-SU-2013:1473", - "refsource": "SUSE", - "url": "http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html" - }, - { - "name": "RHSA-2013:1645", - "refsource": "REDHAT", - "url": "http://rhn.redhat.com/errata/RHSA-2013-1645.html" - }, - { - "name": "USN-1835-1", - "refsource": "UBUNTU", - "url": "http://www.ubuntu.com/usn/USN-1835-1" - }, - { - "name": "http://cansecwest.com/slides/2013/PrivateCore%20CSW%202013.pdf", + "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.6", "refsource": "MISC", - "url": "http://cansecwest.com/slides/2013/PrivateCore%20CSW%202013.pdf" + "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.6" }, { - "name": "USN-1838-1", - "refsource": "UBUNTU", - "url": "http://www.ubuntu.com/usn/USN-1838-1" + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:176", + "refsource": "MISC", + "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:176" }, { - "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=715230a44310a8cf66fbfb5a46f9a62a9b2de424", - "refsource": "CONFIRM", - "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=715230a44310a8cf66fbfb5a46f9a62a9b2de424" + "url": "http://rhn.redhat.com/errata/RHSA-2013-1645.html", + "refsource": "MISC", + "name": "http://rhn.redhat.com/errata/RHSA-2013-1645.html" }, { - "name": "openSUSE-SU-2013:1971", - "refsource": "SUSE", - "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html" + "url": "http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html", + "refsource": "MISC", + "name": "http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00003.html" }, { - "name": "USN-1836-1", - "refsource": "UBUNTU", - "url": "http://www.ubuntu.com/usn/USN-1836-1" + "url": "http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00004.html", + "refsource": "MISC", + "name": "http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00004.html" }, { - "name": "https://github.com/torvalds/linux/commit/715230a44310a8cf66fbfb5a46f9a62a9b2de424", - "refsource": "CONFIRM", - "url": "https://github.com/torvalds/linux/commit/715230a44310a8cf66fbfb5a46f9a62a9b2de424" + "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html", + "refsource": "MISC", + "name": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html" }, { - "name": "SUSE-SU-2013:1474", - "refsource": "SUSE", - "url": "http://lists.opensuse.org/opensuse-security-announce/2013-09/msg00004.html" + "url": "http://cansecwest.com/slides/2013/PrivateCore%20CSW%202013.pdf", + "refsource": "MISC", + "name": "http://cansecwest.com/slides/2013/PrivateCore%20CSW%202013.pdf" }, { - "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.6", - "refsource": "CONFIRM", - "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.6" + "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=715230a44310a8cf66fbfb5a46f9a62a9b2de424", + "refsource": "MISC", + "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=715230a44310a8cf66fbfb5a46f9a62a9b2de424" }, { - "name": "FEDORA-2013-5368", - "refsource": "FEDORA", - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101836.html" + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101836.html", + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101836.html" }, { - "name": "[oss-security] 20130405 Re: CVE Request: tg3 VPD firmware -> driver injection", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2013/04/06/3" + "url": "http://www.openwall.com/lists/oss-security/2013/04/06/3", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2013/04/06/3" + }, + { + "url": "http://www.ubuntu.com/usn/USN-1834-1", + "refsource": "MISC", + "name": "http://www.ubuntu.com/usn/USN-1834-1" + }, + { + "url": "http://www.ubuntu.com/usn/USN-1835-1", + "refsource": "MISC", + "name": "http://www.ubuntu.com/usn/USN-1835-1" + }, + { + "url": "http://www.ubuntu.com/usn/USN-1836-1", + "refsource": "MISC", + "name": "http://www.ubuntu.com/usn/USN-1836-1" + }, + { + "url": "http://www.ubuntu.com/usn/USN-1838-1", + "refsource": "MISC", + "name": "http://www.ubuntu.com/usn/USN-1838-1" + }, + { + "url": "https://github.com/torvalds/linux/commit/715230a44310a8cf66fbfb5a46f9a62a9b2de424", + "refsource": "MISC", + "name": "https://github.com/torvalds/linux/commit/715230a44310a8cf66fbfb5a46f9a62a9b2de424" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=949932", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=949932" } ] } diff --git a/2013/1xxx/CVE-2013-1930.json b/2013/1xxx/CVE-2013-1930.json index 64532ed039d..cf599e39e5a 100644 --- a/2013/1xxx/CVE-2013-1930.json +++ b/2013/1xxx/CVE-2013-1930.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-1930", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "mantisBT", - "product": { - "product_data": [ - { - "product_name": "mantisBT", - "version": { - "version_data": [ - { - "version_value": "1.2.12 before 1.2.15" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,17 +27,46 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "mantisBT", + "product": { + "product_data": [ + { + "product_name": "mantisBT", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.2.12 before 1.2.15" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2013-1930", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103438.html", "refsource": "MISC", - "name": "https://security-tracker.debian.org/tracker/CVE-2013-1930" + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103438.html" }, { - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1930", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103459.html", "refsource": "MISC", - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1930" + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103459.html" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2013/04/06/4", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2013/04/06/4" }, { "url": "http://www.securityfocus.com/bid/58890", @@ -68,29 +74,24 @@ "name": "http://www.securityfocus.com/bid/58890" }, { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1930", "refsource": "MISC", - "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103438.html", - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103438.html" + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1930" }, { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83796", "refsource": "MISC", - "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103459.html", - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103459.html" + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83796" }, { + "url": "https://mantisbt.org/bugs/view.php?id=15453", "refsource": "MISC", - "name": "http://www.openwall.com/lists/oss-security/2013/04/06/4", - "url": "http://www.openwall.com/lists/oss-security/2013/04/06/4" + "name": "https://mantisbt.org/bugs/view.php?id=15453" }, { + "url": "https://security-tracker.debian.org/tracker/CVE-2013-1930", "refsource": "MISC", - "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83796", - "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83796" - }, - { - "refsource": "MISC", - "name": "https://mantisbt.org/bugs/view.php?id=15453", - "url": "https://mantisbt.org/bugs/view.php?id=15453" + "name": "https://security-tracker.debian.org/tracker/CVE-2013-1930" } ] } diff --git a/2013/1xxx/CVE-2013-1931.json b/2013/1xxx/CVE-2013-1931.json index 989ac92be2a..a3e1b3120e8 100644 --- a/2013/1xxx/CVE-2013-1931.json +++ b/2013/1xxx/CVE-2013-1931.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-1931", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "mantisBT", - "product": { - "product_data": [ - { - "product_name": "mantisBT", - "version": { - "version_data": [ - { - "version_value": "1.2.14" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,12 +27,51 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "mantisBT", + "product": { + "product_data": [ + { + "product_name": "mantisBT", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.2.14" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2013-1931", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103438.html", "refsource": "MISC", - "name": "https://security-tracker.debian.org/tracker/CVE-2013-1931" + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103438.html" + }, + { + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103459.html", + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103459.html" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2013/04/06/4", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2013/04/06/4" + }, + { + "url": "http://www.securityfocus.com/bid/58889", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/58889" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1931", @@ -63,29 +79,14 @@ "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1931" }, { - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103438.html", + "url": "https://mantisbt.org/bugs/view.php?id=15511", "refsource": "MISC", - "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103438.html" + "name": "https://mantisbt.org/bugs/view.php?id=15511" }, { + "url": "https://security-tracker.debian.org/tracker/CVE-2013-1931", "refsource": "MISC", - "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103459.html", - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103459.html" - }, - { - "refsource": "MISC", - "name": "http://www.openwall.com/lists/oss-security/2013/04/06/4", - "url": "http://www.openwall.com/lists/oss-security/2013/04/06/4" - }, - { - "refsource": "MISC", - "name": "http://www.securityfocus.com/bid/58889", - "url": "http://www.securityfocus.com/bid/58889" - }, - { - "refsource": "CONFIRM", - "name": "https://mantisbt.org/bugs/view.php?id=15511", - "url": "https://mantisbt.org/bugs/view.php?id=15511" + "name": "https://security-tracker.debian.org/tracker/CVE-2013-1931" } ] } diff --git a/2013/1xxx/CVE-2013-1932.json b/2013/1xxx/CVE-2013-1932.json index ed70c1e78d5..e5191235140 100644 --- a/2013/1xxx/CVE-2013-1932.json +++ b/2013/1xxx/CVE-2013-1932.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-1932", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "mantisBT", - "product": { - "product_data": [ - { - "product_name": "mantisBT", - "version": { - "version_data": [ - { - "version_value": "1.2.13" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,12 +27,41 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "mantisBT", + "product": { + "product_data": [ + { + "product_name": "mantisBT", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.2.13" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2013-1932", + "url": "http://www.openwall.com/lists/oss-security/2013/04/06/4", "refsource": "MISC", - "name": "https://security-tracker.debian.org/tracker/CVE-2013-1932" + "name": "http://www.openwall.com/lists/oss-security/2013/04/06/4" + }, + { + "url": "http://www.securityfocus.com/bid/58893", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/58893" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1932", @@ -63,19 +69,14 @@ "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1932" }, { + "url": "https://mantisbt.org/bugs/view.php?id=15415", "refsource": "MISC", - "name": "http://www.openwall.com/lists/oss-security/2013/04/06/4", - "url": "http://www.openwall.com/lists/oss-security/2013/04/06/4" + "name": "https://mantisbt.org/bugs/view.php?id=15415" }, { + "url": "https://security-tracker.debian.org/tracker/CVE-2013-1932", "refsource": "MISC", - "name": "http://www.securityfocus.com/bid/58893", - "url": "http://www.securityfocus.com/bid/58893" - }, - { - "refsource": "CONFIRM", - "name": "https://mantisbt.org/bugs/view.php?id=15415", - "url": "https://mantisbt.org/bugs/view.php?id=15415" + "name": "https://security-tracker.debian.org/tracker/CVE-2013-1932" } ] } diff --git a/2013/1xxx/CVE-2013-1934.json b/2013/1xxx/CVE-2013-1934.json index 733a6b3716c..7b9c27b8dae 100644 --- a/2013/1xxx/CVE-2013-1934.json +++ b/2013/1xxx/CVE-2013-1934.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-1934", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "mantisBT", - "product": { - "product_data": [ - { - "product_name": "mantisBT", - "version": { - "version_data": [ - { - "version_value": "1.2.0rc1 before 1.2.14" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,17 +27,41 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "mantisBT", + "product": { + "product_data": [ + { + "product_name": "mantisBT", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.2.0rc1 before 1.2.14" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { + "url": "http://www.debian.org/security/2015/dsa-3120", "refsource": "MISC", - "name": "http://www.debian.org/security/2015/dsa-3120", - "url": "http://www.debian.org/security/2015/dsa-3120" + "name": "http://www.debian.org/security/2015/dsa-3120" }, { - "url": "https://security-tracker.debian.org/tracker/CVE-2013-1934", + "url": "http://www.openwall.com/lists/oss-security/2013/04/09/1", "refsource": "MISC", - "name": "https://security-tracker.debian.org/tracker/CVE-2013-1934" + "name": "http://www.openwall.com/lists/oss-security/2013/04/09/1" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1934", @@ -68,14 +69,14 @@ "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1934" }, { + "url": "https://mantisbt.org/bugs/view.php?id=15416", "refsource": "MISC", - "name": "http://www.openwall.com/lists/oss-security/2013/04/09/1", - "url": "http://www.openwall.com/lists/oss-security/2013/04/09/1" + "name": "https://mantisbt.org/bugs/view.php?id=15416" }, { - "refsource": "CONFIRM", - "name": "https://mantisbt.org/bugs/view.php?id=15416", - "url": "https://mantisbt.org/bugs/view.php?id=15416" + "url": "https://security-tracker.debian.org/tracker/CVE-2013-1934", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2013-1934" } ] } diff --git a/2013/1xxx/CVE-2013-1942.json b/2013/1xxx/CVE-2013-1942.json index aa602b6103d..3bf047f16cd 100644 --- a/2013/1xxx/CVE-2013-1942.json +++ b/2013/1xxx/CVE-2013-1942.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-1942", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,47 +27,71 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "59030", - "refsource": "BID", - "url": "http://www.securityfocus.com/bid/59030" + "url": "http://marc.info/?l=oss-security&m=136570964825921&w=2", + "refsource": "MISC", + "name": "http://marc.info/?l=oss-security&m=136570964825921&w=2" }, { - "name": "[oss-security] 20130505 Re: CVE-2013-1942 jPlayer 2.2.19 XSS", - "refsource": "MLIST", - "url": "http://marc.info/?l=oss-security&m=136773622321563&w=2" + "url": "http://marc.info/?l=oss-security&m=136726705917858&w=2", + "refsource": "MISC", + "name": "http://marc.info/?l=oss-security&m=136726705917858&w=2" }, { - "name": "[oss-security] 20130411 CVE-2013-1942 jPlayer 2.2.19 XSS", - "refsource": "MLIST", - "url": "http://marc.info/?l=oss-security&m=136570964825921&w=2" + "url": "http://marc.info/?l=oss-security&m=136773622321563&w=2", + "refsource": "MISC", + "name": "http://marc.info/?l=oss-security&m=136773622321563&w=2" }, { - "name": "http://www.jplayer.org/2.3.0/release-notes/", - "refsource": "CONFIRM", - "url": "http://www.jplayer.org/2.3.0/release-notes/" + "url": "http://owncloud.org/about/security/advisories/oC-SA-2013-014/", + "refsource": "MISC", + "name": "http://owncloud.org/about/security/advisories/oC-SA-2013-014/" }, { - "name": "http://owncloud.org/about/security/advisories/oC-SA-2013-014/", - "refsource": "CONFIRM", - "url": "http://owncloud.org/about/security/advisories/oC-SA-2013-014/" + "url": "http://seclists.org/fulldisclosure/2013/Apr/192", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2013/Apr/192" }, { - "name": "https://github.com/happyworm/jPlayer/commit/e8ca190f7f972a6a421cb95f09e138720e40ed6d", - "refsource": "CONFIRM", - "url": "https://github.com/happyworm/jPlayer/commit/e8ca190f7f972a6a421cb95f09e138720e40ed6d" + "url": "http://www.jplayer.org/2.3.0/release-notes/", + "refsource": "MISC", + "name": "http://www.jplayer.org/2.3.0/release-notes/" }, { - "name": "20130421 Vulnerabilities in jPlayer", - "refsource": "FULLDISC", - "url": "http://seclists.org/fulldisclosure/2013/Apr/192" + "url": "http://www.securityfocus.com/bid/59030", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/59030" }, { - "name": "[oss-security] 20130429 Re: CVE-2013-1942 jPlayer 2.2.19 XSS", - "refsource": "MLIST", - "url": "http://marc.info/?l=oss-security&m=136726705917858&w=2" + "url": "https://github.com/happyworm/jPlayer/commit/e8ca190f7f972a6a421cb95f09e138720e40ed6d", + "refsource": "MISC", + "name": "https://github.com/happyworm/jPlayer/commit/e8ca190f7f972a6a421cb95f09e138720e40ed6d" } ] } diff --git a/2013/1xxx/CVE-2013-1943.json b/2013/1xxx/CVE-2013-1943.json index 80ace73427f..d837881de0a 100644 --- a/2013/1xxx/CVE-2013-1943.json +++ b/2013/1xxx/CVE-2013-1943.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "CVE-2013-1943 kernel: kvm: missing check in kvm_set_memory_region()" + "value": "The KVM subsystem in the Linux kernel before 3.0 does not check whether kernel addresses are specified during allocation of memory slots for use in a guest's physical address space, which allows local users to gain privileges or obtain sensitive information from kernel memory via a crafted application, related to arch/x86/kvm/paging_tmpl.h and virt/kvm/kvm_main.c." } ] }, @@ -21,8 +21,7 @@ "description": [ { "lang": "eng", - "value": "Improper Restriction of Operations within the Bounds of a Memory Buffer", - "cweId": "CWE-119" + "value": "n/a" } ] } @@ -32,16 +31,16 @@ "vendor": { "vendor_data": [ { - "vendor_name": "Red Hat", + "vendor_name": "n/a", "product": { "product_data": [ { - "product_name": "Red Hat Enterprise Linux 6", + "product_name": "n/a", "version": { "version_data": [ { - "version_value": "0:2.6.32-358.11.1.el6", - "version_affected": "!" + "version_affected": "=", + "version_value": "n/a" } ] } @@ -54,11 +53,6 @@ }, "references": { "reference_data": [ - { - "url": "https://access.redhat.com/errata/RHSA-2013:0911", - "refsource": "MISC", - "name": "https://access.redhat.com/errata/RHSA-2013:0911" - }, { "url": "http://www.ubuntu.com/usn/USN-1939-1", "refsource": "MISC", @@ -75,44 +69,14 @@ "name": "http://web.archive.org/web/20130329070349/http://ftp.osuosl.org/pub/linux/kernel/v3.0/ChangeLog-3.0" }, { - "url": "https://access.redhat.com/security/cve/CVE-2013-1943", + "url": "https://github.com/torvalds/linux/commit/fa3d315a4ce2c0891cdde262562e710d95fba19e", "refsource": "MISC", - "name": "https://access.redhat.com/security/cve/CVE-2013-1943" + "name": "https://github.com/torvalds/linux/commit/fa3d315a4ce2c0891cdde262562e710d95fba19e" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=950490", "refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=950490" - }, - { - "url": "https://github.com/torvalds/linux/commit/fa3d315a4ce2c0891cdde262562e710d95fba19e", - "refsource": "MISC", - "name": "https://github.com/torvalds/linux/commit/fa3d315a4ce2c0891cdde262562e710d95fba19e" - } - ] - }, - "impact": { - "cvss": [ - { - "accessComplexity": "MEDIUM", - "accessVector": "LOCAL", - "authentication": "NONE", - "availabilityImpact": "COMPLETE", - "availabilityRequirement": "NOT_DEFINED", - "baseScore": 6.9, - "collateralDamagePotential": "NOT_DEFINED", - "confidentialityImpact": "COMPLETE", - "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 0, - "exploitability": "NOT_DEFINED", - "integrityImpact": "COMPLETE", - "integrityRequirement": "NOT_DEFINED", - "remediationLevel": "NOT_DEFINED", - "reportConfidence": "NOT_DEFINED", - "targetDistribution": "NOT_DEFINED", - "temporalScore": 0, - "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", - "version": "2.0" } ] } diff --git a/2013/1xxx/CVE-2013-1950.json b/2013/1xxx/CVE-2013-1950.json index 2ad57efffdf..e407ff59d9d 100644 --- a/2013/1xxx/CVE-2013-1950.json +++ b/2013/1xxx/CVE-2013-1950.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-1950", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,22 +27,46 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=948378", - "refsource": "CONFIRM", - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=948378" + "url": "http://git.infradead.org/users/steved/libtirpc.git/commitdiff/a9f437119d79a438cb12e510f3cadd4060102c9f", + "refsource": "MISC", + "name": "http://git.infradead.org/users/steved/libtirpc.git/commitdiff/a9f437119d79a438cb12e510f3cadd4060102c9f" }, { - "name": "http://git.infradead.org/users/steved/libtirpc.git/commitdiff/a9f437119d79a438cb12e510f3cadd4060102c9f", - "refsource": "CONFIRM", - "url": "http://git.infradead.org/users/steved/libtirpc.git/commitdiff/a9f437119d79a438cb12e510f3cadd4060102c9f" + "url": "http://rhn.redhat.com/errata/RHSA-2013-0884.html", + "refsource": "MISC", + "name": "http://rhn.redhat.com/errata/RHSA-2013-0884.html" }, { - "name": "RHSA-2013:0884", - "refsource": "REDHAT", - "url": "http://rhn.redhat.com/errata/RHSA-2013-0884.html" + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=948378", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=948378" } ] } diff --git a/2013/1xxx/CVE-2013-1951.json b/2013/1xxx/CVE-2013-1951.json index bc9ac3ecc1f..4c5e6c24c54 100644 --- a/2013/1xxx/CVE-2013-1951.json +++ b/2013/1xxx/CVE-2013-1951.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-1951", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "ikimedia Foundation", - "product": { - "product_data": [ - { - "product_name": "MediaWiki", - "version": { - "version_data": [ - { - "version_value": "before 1.19.5 and 1.20.x before 1.20.4" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,12 +27,61 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ikimedia Foundation", + "product": { + "product_data": [ + { + "product_name": "MediaWiki", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "before 1.19.5 and 1.20.x before 1.20.4" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2013-1951", + "url": "http://security.gentoo.org/glsa/glsa-201310-21.xml", "refsource": "MISC", - "name": "https://security-tracker.debian.org/tracker/CVE-2013-1951" + "name": "http://security.gentoo.org/glsa/glsa-201310-21.xml" + }, + { + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/104022.html", + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/104022.html" + }, + { + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/104027.html", + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/104027.html" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2013/04/16/12", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2013/04/16/12" + }, + { + "url": "http://www.securityfocus.com/bid/59077", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/59077" + }, + { + "url": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-1951", + "refsource": "MISC", + "name": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-1951" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1951", @@ -63,39 +89,14 @@ "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1951" }, { + "url": "https://phabricator.wikimedia.org/T48084", "refsource": "MISC", - "name": "http://security.gentoo.org/glsa/glsa-201310-21.xml", - "url": "http://security.gentoo.org/glsa/glsa-201310-21.xml" + "name": "https://phabricator.wikimedia.org/T48084" }, { + "url": "https://security-tracker.debian.org/tracker/CVE-2013-1951", "refsource": "MISC", - "name": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-1951", - "url": "https://bugs.gentoo.org/show_bug.cgi?id=CVE-2013-1951" - }, - { - "refsource": "MISC", - "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/104022.html", - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/104022.html" - }, - { - "refsource": "MISC", - "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/104027.html", - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/104027.html" - }, - { - "refsource": "MISC", - "name": "http://www.openwall.com/lists/oss-security/2013/04/16/12", - "url": "http://www.openwall.com/lists/oss-security/2013/04/16/12" - }, - { - "refsource": "MISC", - "name": "http://www.securityfocus.com/bid/59077", - "url": "http://www.securityfocus.com/bid/59077" - }, - { - "refsource": "CONFIRM", - "name": "https://phabricator.wikimedia.org/T48084", - "url": "https://phabricator.wikimedia.org/T48084" + "name": "https://security-tracker.debian.org/tracker/CVE-2013-1951" } ] } diff --git a/2013/1xxx/CVE-2013-1952.json b/2013/1xxx/CVE-2013-1952.json index f16cc6e3890..1558b21bee0 100644 --- a/2013/1xxx/CVE-2013-1952.json +++ b/2013/1xxx/CVE-2013-1952.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-1952", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,57 +27,81 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "55082", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/55082" + "url": "http://secunia.com/advisories/55082", + "refsource": "MISC", + "name": "http://secunia.com/advisories/55082" }, { - "name": "FEDORA-2013-7432", - "refsource": "FEDORA", - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105533.html" + "url": "http://security.gentoo.org/glsa/glsa-201309-24.xml", + "refsource": "MISC", + "name": "http://security.gentoo.org/glsa/glsa-201309-24.xml" }, { - "name": "GLSA-201309-24", - "refsource": "GENTOO", - "url": "http://security.gentoo.org/glsa/glsa-201309-24.xml" + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html", + "refsource": "MISC", + "name": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html" }, { - "name": "DSA-2666", - "refsource": "DEBIAN", - "url": "http://www.debian.org/security/2013/dsa-2666" + "url": "http://www.debian.org/security/2013/dsa-2666", + "refsource": "MISC", + "name": "http://www.debian.org/security/2013/dsa-2666" }, { - "name": "59617", - "refsource": "BID", - "url": "http://www.securityfocus.com/bid/59617" + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105533.html", + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105533.html" }, { - "name": "53312", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/53312" + "url": "http://osvdb.org/92984", + "refsource": "MISC", + "name": "http://osvdb.org/92984" }, { - "name": "SUSE-SU-2014:0446", - "refsource": "SUSE", - "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html" + "url": "http://secunia.com/advisories/53312", + "refsource": "MISC", + "name": "http://secunia.com/advisories/53312" }, { - "name": "xen-cve20131952-dos(83968)", - "refsource": "XF", - "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83968" + "url": "http://www.openwall.com/lists/oss-security/2013/05/02/9", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2013/05/02/9" }, { - "name": "92984", - "refsource": "OSVDB", - "url": "http://osvdb.org/92984" + "url": "http://www.securityfocus.com/bid/59617", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/59617" }, { - "name": "[oss-security] 20130502 Xen Security Advisory 49 (CVE-2013-1952) - VT-d interrupt remapping source validation flaw for bridges", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2013/05/02/9" + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83968", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83968" } ] } diff --git a/2013/4xxx/CVE-2013-4410.json b/2013/4xxx/CVE-2013-4410.json index 0501214110f..50905c0330d 100644 --- a/2013/4xxx/CVE-2013-4410.json +++ b/2013/4xxx/CVE-2013-4410.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-4410", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "ReviewBoard", - "product": { - "product_data": [ - { - "product_name": "ReviewBoard", - "version": { - "version_data": [ - { - "version_value": "Fixed in 1.6.19 and 1.7.15" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,22 +27,41 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ReviewBoard", + "product": { + "product_data": [ + { + "product_name": "ReviewBoard", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Fixed in 1.6.19 and 1.7.15" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "url": "https://security-tracker.debian.org/tracker/CVE-2013-4410", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120619.html", "refsource": "MISC", - "name": "https://security-tracker.debian.org/tracker/CVE-2013-4410" + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120619.html" }, { - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4410", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119819.html", "refsource": "MISC", - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4410" - }, - { - "url": "https://access.redhat.com/security/cve/cve-2013-4410", - "refsource": "MISC", - "name": "https://access.redhat.com/security/cve/cve-2013-4410" + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119819.html" }, { "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119820.html", @@ -73,34 +69,39 @@ "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119820.html" }, { + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119830.html", "refsource": "MISC", - "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120619.html", - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120619.html" + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119830.html" }, { + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119831.html", "refsource": "MISC", - "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119819.html", - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119819.html" + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119831.html" }, { + "url": "http://www.securityfocus.com/bid/63022", "refsource": "MISC", - "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119830.html", - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119830.html" + "name": "http://www.securityfocus.com/bid/63022" }, { + "url": "https://access.redhat.com/security/cve/cve-2013-4410", "refsource": "MISC", - "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119831.html", - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119831.html" + "name": "https://access.redhat.com/security/cve/cve-2013-4410" }, { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4410", "refsource": "MISC", - "name": "http://www.securityfocus.com/bid/63022", - "url": "http://www.securityfocus.com/bid/63022" + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4410" }, { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88060", "refsource": "MISC", - "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88060", - "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88060" + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88060" + }, + { + "url": "https://security-tracker.debian.org/tracker/CVE-2013-4410", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2013-4410" } ] } diff --git a/2013/4xxx/CVE-2013-4411.json b/2013/4xxx/CVE-2013-4411.json index 650da1a2132..88d8aba0c1c 100644 --- a/2013/4xxx/CVE-2013-4411.json +++ b/2013/4xxx/CVE-2013-4411.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-4411", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "vendor_name": "Review Board", - "product": { - "product_data": [ - { - "product_name": "Review Board", - "version": { - "version_data": [ - { - "version_value": "through 2013-10-08" - } - ] - } - } - ] - } - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,22 +27,61 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Review Board", + "product": { + "product_data": [ + { + "product_name": "Review Board", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "through 2013-10-08" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120619.html", "refsource": "MISC", - "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119820.html", - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119820.html" + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120619.html" }, { - "url": "https://security-tracker.debian.org/tracker/CVE-2013-4411", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119819.html", "refsource": "MISC", - "name": "https://security-tracker.debian.org/tracker/CVE-2013-4411" + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119819.html" }, { - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4411", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119820.html", "refsource": "MISC", - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4411" + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119820.html" + }, + { + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119830.html", + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119830.html" + }, + { + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119831.html", + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119831.html" + }, + { + "url": "http://www.securityfocus.com/bid/63023", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/63023" }, { "url": "https://access.redhat.com/security/cve/cve-2013-4411", @@ -73,34 +89,19 @@ "name": "https://access.redhat.com/security/cve/cve-2013-4411" }, { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4411", "refsource": "MISC", - "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120619.html", - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120619.html" + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4411" }, { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88061", "refsource": "MISC", - "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119819.html", - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119819.html" + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88061" }, { + "url": "https://security-tracker.debian.org/tracker/CVE-2013-4411", "refsource": "MISC", - "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119830.html", - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119830.html" - }, - { - "refsource": "MISC", - "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119831.html", - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119831.html" - }, - { - "refsource": "MISC", - "name": "http://www.securityfocus.com/bid/63023", - "url": "http://www.securityfocus.com/bid/63023" - }, - { - "refsource": "MISC", - "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88061", - "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88061" + "name": "https://security-tracker.debian.org/tracker/CVE-2013-4411" } ] } diff --git a/2013/4xxx/CVE-2013-4414.json b/2013/4xxx/CVE-2013-4414.json index 7781017c209..fb6ba71af89 100644 --- a/2013/4xxx/CVE-2013-4414.json +++ b/2013/4xxx/CVE-2013-4414.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "CVE-2013-4414 cumin: non-persistent XSS possible due to not escaping set limit form input" + "value": "Cross-site scripting (XSS) vulnerability in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allows remote attackers to inject arbitrary web script or HTML via the \"Max allowance\" field in the \"Set limit\" form." } ] }, @@ -21,8 +21,7 @@ "description": [ { "lang": "eng", - "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", - "cweId": "CWE-79" + "value": "n/a" } ] } @@ -32,31 +31,16 @@ "vendor": { "vendor_data": [ { - "vendor_name": "Red Hat", + "vendor_name": "n/a", "product": { "product_data": [ { - "product_name": "MRG for RHEL-5 v. 2", + "product_name": "n/a", "version": { "version_data": [ { - "version_value": "0:0.1.5787-4.el5", - "version_affected": "!" - } - ] - } - }, - { - "product_name": "Red Hat Enterprise MRG 2", - "version": { - "version_data": [ - { - "version_value": "0:0.1.5787-4.el6", - "version_affected": "!" - }, - { - "version_value": "0:1.8.23.2-1.el6", - "version_affected": "!" + "version_affected": "=", + "version_value": "n/a" } ] } @@ -79,55 +63,10 @@ "refsource": "MISC", "name": "http://rhn.redhat.com/errata/RHSA-2013-1852.html" }, - { - "url": "https://access.redhat.com/errata/RHSA-2013:1851", - "refsource": "MISC", - "name": "https://access.redhat.com/errata/RHSA-2013:1851" - }, - { - "url": "https://access.redhat.com/errata/RHSA-2013:1852", - "refsource": "MISC", - "name": "https://access.redhat.com/errata/RHSA-2013:1852" - }, { "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=998606", "refsource": "MISC", "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=998606" - }, - { - "url": "https://access.redhat.com/security/cve/CVE-2013-4414", - "refsource": "MISC", - "name": "https://access.redhat.com/security/cve/CVE-2013-4414" - }, - { - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=998606", - "refsource": "MISC", - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=998606" - } - ] - }, - "impact": { - "cvss": [ - { - "accessComplexity": "MEDIUM", - "accessVector": "NETWORK", - "authentication": "NONE", - "availabilityImpact": "NONE", - "availabilityRequirement": "NOT_DEFINED", - "baseScore": 4.3, - "collateralDamagePotential": "NOT_DEFINED", - "confidentialityImpact": "NONE", - "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 0, - "exploitability": "NOT_DEFINED", - "integrityImpact": "PARTIAL", - "integrityRequirement": "NOT_DEFINED", - "remediationLevel": "NOT_DEFINED", - "reportConfidence": "NOT_DEFINED", - "targetDistribution": "NOT_DEFINED", - "temporalScore": 0, - "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", - "version": "2.0" } ] } diff --git a/2013/4xxx/CVE-2013-4420.json b/2013/4xxx/CVE-2013-4420.json index ea346dfa5d4..ee14343173b 100644 --- a/2013/4xxx/CVE-2013-4420.json +++ b/2013/4xxx/CVE-2013-4420.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-4420", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,22 +27,46 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731860", - "refsource": "CONFIRM", - "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731860" + "url": "http://www.debian.org/security/2014/dsa-2863", + "refsource": "MISC", + "name": "http://www.debian.org/security/2014/dsa-2863" }, { - "name": "DSA-2863", - "refsource": "DEBIAN", - "url": "http://www.debian.org/security/2014/dsa-2863" + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731860", + "refsource": "MISC", + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731860" }, { - "name": "[libtar] 20150213 Fw: Re: Validation of file names", - "refsource": "MLIST", - "url": "https://lists.feep.net:8080/pipermail/libtar/2014-February/000403.html" + "url": "https://lists.feep.net:8080/pipermail/libtar/2014-February/000403.html", + "refsource": "MISC", + "name": "https://lists.feep.net:8080/pipermail/libtar/2014-February/000403.html" } ] } diff --git a/2013/4xxx/CVE-2013-4422.json b/2013/4xxx/CVE-2013-4422.json index 2878430f14d..5563d3a99f4 100644 --- a/2013/4xxx/CVE-2013-4422.json +++ b/2013/4xxx/CVE-2013-4422.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-4422", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,47 +27,71 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "http://quassel-irc.org/node/120", - "refsource": "CONFIRM", - "url": "http://quassel-irc.org/node/120" + "url": "http://secunia.com/advisories/55581", + "refsource": "MISC", + "name": "http://secunia.com/advisories/55581" }, { - "name": "55194", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/55194" + "url": "http://security.gentoo.org/glsa/glsa-201311-03.xml", + "refsource": "MISC", + "name": "http://security.gentoo.org/glsa/glsa-201311-03.xml" }, { - "name": "55581", - "refsource": "SECUNIA", - "url": "http://secunia.com/advisories/55581" + "url": "http://bugs.quassel-irc.org/issues/1244", + "refsource": "MISC", + "name": "http://bugs.quassel-irc.org/issues/1244" }, { - "name": "http://bugs.quassel-irc.org/issues/1244", - "refsource": "CONFIRM", - "url": "http://bugs.quassel-irc.org/issues/1244" + "url": "http://quassel-irc.org/node/120", + "refsource": "MISC", + "name": "http://quassel-irc.org/node/120" }, { - "name": "[oss-security] 20131010 Re: CVE Request - Quassel IRC SQL injection", - "refsource": "MLIST", - "url": "http://seclists.org/oss-sec/2013/q4/74" + "url": "http://seclists.org/oss-sec/2013/q4/74", + "refsource": "MISC", + "name": "http://seclists.org/oss-sec/2013/q4/74" }, { - "name": "quasselirc-backslash-sql-injection(87805)", - "refsource": "XF", - "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87805" + "url": "http://secunia.com/advisories/55194", + "refsource": "MISC", + "name": "http://secunia.com/advisories/55194" }, { - "name": "GLSA-201311-03", - "refsource": "GENTOO", - "url": "http://security.gentoo.org/glsa/glsa-201311-03.xml" + "url": "http://www.securityfocus.com/bid/62923", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/62923" }, { - "name": "62923", - "refsource": "BID", - "url": "http://www.securityfocus.com/bid/62923" + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87805", + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87805" } ] } diff --git a/2013/4xxx/CVE-2013-4423.json b/2013/4xxx/CVE-2013-4423.json index d94f3896a72..6d6b8007bb6 100644 --- a/2013/4xxx/CVE-2013-4423.json +++ b/2013/4xxx/CVE-2013-4423.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "CVE-2013-4423 CloudForms: user password stored in recoverable format" + "value": "CloudForms stores user passwords in recoverable format" } ] }, @@ -21,8 +21,7 @@ "description": [ { "lang": "eng", - "value": "Insufficiently Protected Credentials", - "cweId": "CWE-522" + "value": "user password stored in recoverable format" } ] } @@ -32,700 +31,16 @@ "vendor": { "vendor_data": [ { - "vendor_name": "Red Hat", + "vendor_name": "CloudForms", "product": { "product_data": [ { - "product_name": "CloudForms Management Engine 5.x", + "product_name": "CloudForms", "version": { "version_data": [ { - "version_value": "0:5.2.0.37-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.0.0-2.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.12-11.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:B.02.16-4.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:4.0P1-3.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:9.2.3-5.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1-12.el6", - "version_affected": "!" - }, - { - "version_value": "0:9.2.4-7.el6", - "version_affected": "!" - }, - { - "version_value": "0:9.0r2-3.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.5.3-7.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1-11.el6", - "version_affected": "!" - }, - { - "version_value": "0:0.1.4-5.el6", - "version_affected": "!" - }, - { - "version_value": "0:1.9.3.448-38.el6", - "version_affected": "!" - }, - { - "version_value": "1:3.2.13-3.el6cf", - "version_affected": "!" - }, - { - "version_value": "1:3.2.13-4.el6cf", - "version_affected": "!" - }, - { - "version_value": "1:3.1.0-3.el6cf", - "version_affected": "!" - }, - { - "version_value": "1:3.2.13-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.1.9-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.1.1-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.2.8-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.2.0-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.0.0-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.2.5-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:3.0.2-3.el6", - "version_affected": "!" - }, - { - "version_value": "0:4.9.0-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.1.0-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.11.3-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:3.0.1-7.el6", - "version_affected": "!" - }, - { - "version_value": "0:1.0.1-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.0.0-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:3.0.0-3.el6", - "version_affected": "!" - }, - { - "version_value": "0:4.6.0-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.3.5-3.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.3.0-3.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.1.0-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.3.9-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.3.0-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.0.29-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.3.2-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.4.1-4.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.2-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.1.9-2.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.2.1-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.0.7-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.1.3-1.el6", - "version_affected": "!" - }, - { - "version_value": "0:0.1.0-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.7.0-4.el6", - "version_affected": "!" - }, - { - "version_value": "0:0.25.3-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.7-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.0.5-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:4.1.0-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.5.5-2.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.3.1-2.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.3.0-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:3.2.3-2.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.14.0-2.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.2.4-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.4.6-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:4.0.3-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.4-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.2.5-2.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.6.19-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.2.1-3.el6", - "version_affected": "!" - }, - { - "version_value": "0:0.7.1-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.4.0-7.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.12.3-2.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.10.2-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.2.7-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.1.1-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.6.1-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.0.2-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.2.6-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.1.1.0-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.0.4-2.el6", - "version_affected": "!" - }, - { - "version_value": "0:1.8.0-3.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.8.0-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.2.2-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.5.1-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.1.3-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.1.8-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.6.2-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.5.3-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:4.7.1-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:6.5.1-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:3.0.0-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.20.1-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:3.2.0-3.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.7.7-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.5.2-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.7-2.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.2.20110317223538-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.5.3-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.7.7-3.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.1.2-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.0.5-7.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.6.5-2.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.5.6-2.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.1.4-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.3.0-4.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.5.21-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.12.2-5.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.4.0-4.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.3.3-2.el6", - "version_affected": "!" - }, - { - "version_value": "0:0.11.0-2.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:3.2.1-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.20.2-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "1:1.4.5-3.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.2-2.el6", - "version_affected": "!" - }, - { - "version_value": "0:1.3.2-7.el6", - "version_affected": "!" - }, - { - "version_value": "0:0.6.2-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "1:3.2.13-2.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.13.8-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:10.1.0-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.8.3-2.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.0.17-3.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.2.3-4.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:3.12.2-4.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.3.1-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.0.0-3.el6", - "version_affected": "!" - }, - { - "version_value": "0:1.6.7-5.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.2.0-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.12.0-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.12.2-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.12.1-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.0.6-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.0.4-3.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.0.9-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:3.1.3-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.4.1-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.13.0-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.0.10-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.2.0-4.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.1.0-2.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.9.5-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.0.19-2.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.7.0-2.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:3.1.20-3.el6", - "version_affected": "!" - }, - { - "version_value": "0:2.32.1-2.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:4.2.1-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.3.4-7.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.7.1-6.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.7.1-2.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.2.3-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.0.2-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.2.3-8.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.3.9-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.1.0-6.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.6.0-2.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.4.5-2.el6", - "version_affected": "!" - }, - { - "version_value": "0:1.3.6-2.el6", - "version_affected": "!" - }, - { - "version_value": "0:1.1.2-8.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.0.0-8.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.6.5-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.4.5-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.10.0-7.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.4.5-5.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.11.0-0.6.beta5.el6", - "version_affected": "!" - }, - { - "version_value": "0:1.3.1-5.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.18.1-3.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.3.3-10.el6", - "version_affected": "!" - }, - { - "version_value": "0:0.5.3-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.4.0-5.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.4.10-6.el6", - "version_affected": "!" - }, - { - "version_value": "0:1.16.2-2.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:0.3.33-2.el6", - "version_affected": "!" - }, - { - "version_value": "0:2.1.3-3.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.4.0-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.5.1-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.11.0-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:1.0.12-1.el6cf", - "version_affected": "!" - }, - { - "version_value": "0:2.3.0-2.el6cf", - "version_affected": "!" - }, - { - "version_value": "1:3.14.5.10-1.1.el6", - "version_affected": "!" + "version_affected": "=", + "version_value": "Fixed in 3.0" } ] } @@ -738,56 +53,16 @@ }, "references": { "reference_data": [ - { - "url": "https://access.redhat.com/errata/RHEA-2013:1487", - "refsource": "MISC", - "name": "https://access.redhat.com/errata/RHEA-2013:1487" - }, - { - "url": "https://access.redhat.com/security/cve/CVE-2013-4423", - "refsource": "MISC", - "name": "https://access.redhat.com/security/cve/CVE-2013-4423" - }, { "url": "https://access.redhat.com/security/cve/cve-2013-4423", "refsource": "MISC", "name": "https://access.redhat.com/security/cve/cve-2013-4423" }, - { - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018345", - "refsource": "MISC", - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1018345" - }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4423", "refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4423" } ] - }, - "impact": { - "cvss": [ - { - "accessComplexity": "MEDIUM", - "accessVector": "LOCAL", - "authentication": "SINGLE", - "availabilityImpact": "NONE", - "availabilityRequirement": "NOT_DEFINED", - "baseScore": 1.5, - "collateralDamagePotential": "NOT_DEFINED", - "confidentialityImpact": "PARTIAL", - "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 0, - "exploitability": "NOT_DEFINED", - "integrityImpact": "NONE", - "integrityRequirement": "NOT_DEFINED", - "remediationLevel": "NOT_DEFINED", - "reportConfidence": "NOT_DEFINED", - "targetDistribution": "NOT_DEFINED", - "temporalScore": 0, - "vectorString": "AV:L/AC:M/Au:S/C:P/I:N/A:N", - "version": "2.0" - } - ] } } \ No newline at end of file diff --git a/2013/4xxx/CVE-2013-4424.json b/2013/4xxx/CVE-2013-4424.json index 08cae74cc45..c4389e69aab 100644 --- a/2013/4xxx/CVE-2013-4424.json +++ b/2013/4xxx/CVE-2013-4424.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-4424", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,12 +27,36 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "RHSA-2013:1843", - "refsource": "REDHAT", - "url": "http://rhn.redhat.com/errata/RHSA-2013-1843.html" + "url": "http://rhn.redhat.com/errata/RHSA-2013-1843.html", + "refsource": "MISC", + "name": "http://rhn.redhat.com/errata/RHSA-2013-1843.html" } ] } diff --git a/2013/4xxx/CVE-2013-4428.json b/2013/4xxx/CVE-2013-4428.json index b4bab64b1f2..6892d359352 100644 --- a/2013/4xxx/CVE-2013-4428.json +++ b/2013/4xxx/CVE-2013-4428.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-4428", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,52 +27,76 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "RHSA-2013:1525", - "refsource": "REDHAT", - "url": "http://rhn.redhat.com/errata/RHSA-2013-1525.html" + "url": "http://rhn.redhat.com/errata/RHSA-2013-1525.html", + "refsource": "MISC", + "name": "http://rhn.redhat.com/errata/RHSA-2013-1525.html" }, { - "name": "USN-2003-1", - "refsource": "UBUNTU", - "url": "http://www.ubuntu.com/usn/USN-2003-1" + "url": "http://www.openwall.com/lists/oss-security/2013/10/15/8", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2013/10/15/8" }, { - "name": "https://launchpad.net/glance/+milestone/2013.1.4", - "refsource": "CONFIRM", - "url": "https://launchpad.net/glance/+milestone/2013.1.4" + "url": "http://www.openwall.com/lists/oss-security/2013/10/16/9", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2013/10/16/9" }, { - "name": "https://bugs.launchpad.net/glance/+bug/1235378", - "refsource": "CONFIRM", - "url": "https://bugs.launchpad.net/glance/+bug/1235378" + "url": "http://www.securityfocus.com/bid/63159", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/63159" }, { - "name": "[oss-security] 20131015 CVE request for a vulnerability in OpenStack Glance", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2013/10/15/8" + "url": "http://www.ubuntu.com/usn/USN-2003-1", + "refsource": "MISC", + "name": "http://www.ubuntu.com/usn/USN-2003-1" }, { - "name": "63159", - "refsource": "BID", - "url": "http://www.securityfocus.com/bid/63159" + "url": "https://bugs.launchpad.net/glance/+bug/1235226", + "refsource": "MISC", + "name": "https://bugs.launchpad.net/glance/+bug/1235226" }, { - "name": "[oss-security] 20131015 Re: CVE request for a vulnerability in OpenStack Glance", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2013/10/16/9" + "url": "https://bugs.launchpad.net/glance/+bug/1235378", + "refsource": "MISC", + "name": "https://bugs.launchpad.net/glance/+bug/1235378" }, { - "name": "https://bugs.launchpad.net/glance/+bug/1235226", - "refsource": "CONFIRM", - "url": "https://bugs.launchpad.net/glance/+bug/1235226" + "url": "https://launchpad.net/glance/+milestone/2013.1.4", + "refsource": "MISC", + "name": "https://launchpad.net/glance/+milestone/2013.1.4" }, { - "name": "https://launchpad.net/glance/+milestone/2013.2", - "refsource": "CONFIRM", - "url": "https://launchpad.net/glance/+milestone/2013.2" + "url": "https://launchpad.net/glance/+milestone/2013.2", + "refsource": "MISC", + "name": "https://launchpad.net/glance/+milestone/2013.2" } ] } diff --git a/2013/4xxx/CVE-2013-4440.json b/2013/4xxx/CVE-2013-4440.json index e27c8be0d04..484686b1d88 100644 --- a/2013/4xxx/CVE-2013-4440.json +++ b/2013/4xxx/CVE-2013-4440.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", "CVE_data_meta": { - "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-4440", + "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", "description": { "description_data": [ { @@ -50,47 +27,71 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "n/a" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "[oss-security] 20140606 Re: CVE Request: pwgen", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2013/06/06/1" + "url": "http://advisories.mageia.org/MGASA-2014-0535.html", + "refsource": "MISC", + "name": "http://advisories.mageia.org/MGASA-2014-0535.html" }, { - "name": "http://sourceforge.net/p/pwgen/code/ci/00118ccac4656adb028504639b313d7b09e62b79/", - "refsource": "CONFIRM", - "url": "http://sourceforge.net/p/pwgen/code/ci/00118ccac4656adb028504639b313d7b09e62b79/" + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-December/146015.html", + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-December/146015.html" }, { - "name": "FEDORA-2014-16406", - "refsource": "FEDORA", - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-December/146237.html" + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-December/146237.html", + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-December/146237.html" }, { - "name": "FEDORA-2014-16368", - "refsource": "FEDORA", - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-December/146015.html" + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-December/146285.html", + "refsource": "MISC", + "name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-December/146285.html" }, { - "name": "[oss-security] 20141015 Re: RESEND: CVE Request: pwgen", - "refsource": "MLIST", - "url": "http://www.openwall.com/lists/oss-security/2013/10/16/15" + "url": "http://sourceforge.net/p/pwgen/code/ci/00118ccac4656adb028504639b313d7b09e62b79/", + "refsource": "MISC", + "name": "http://sourceforge.net/p/pwgen/code/ci/00118ccac4656adb028504639b313d7b09e62b79/" }, { - "name": "MDVSA-2015:008", - "refsource": "MANDRIVA", - "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:008" + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:008", + "refsource": "MISC", + "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:008" }, { - "name": "FEDORA-2014-16473", - "refsource": "FEDORA", - "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-December/146285.html" + "url": "http://www.openwall.com/lists/oss-security/2013/06/06/1", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2013/06/06/1" }, { - "name": "http://advisories.mageia.org/MGASA-2014-0535.html", - "refsource": "CONFIRM", - "url": "http://advisories.mageia.org/MGASA-2014-0535.html" + "url": "http://www.openwall.com/lists/oss-security/2013/10/16/15", + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2013/10/16/15" } ] } diff --git a/2018/16xxx/CVE-2018-16885.json b/2018/16xxx/CVE-2018-16885.json index f68a9815f19..3a31c10dc96 100644 --- a/2018/16xxx/CVE-2018-16885.json +++ b/2018/16xxx/CVE-2018-16885.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "A flaw was found in the Linux kernel that allows the userspace to call memcpy_fromiovecend() and similar functions with a zero offset and buffer length. This can cause a read beyond the buffer boundaries flaw and, in certain cases, cause a memory access fault and a system halt by accessing invalid memory address." + "value": "A flaw was found in the Linux kernel that allows the userspace to call memcpy_fromiovecend() and similar functions with a zero offset and buffer length which causes the read beyond the buffer boundaries, in certain cases causing a memory access fault and a system halt by accessing invalid memory address. This issue only affects kernel version 3.10.x as shipped with Red Hat Enterprise Linux 7." } ] }, @@ -21,7 +21,7 @@ "description": [ { "lang": "eng", - "value": "Out-of-bounds Read", + "value": "CWE-125", "cweId": "CWE-125" } ] @@ -32,20 +32,16 @@ "vendor": { "vendor_data": [ { - "vendor_name": "Red Hat", + "vendor_name": "The Linux Foundation", "product": { "product_data": [ { - "product_name": "Red Hat Enterprise Linux 7", + "product_name": "kernel", "version": { "version_data": [ { - "version_value": "0:3.10.0-1062.rt56.1022.el7", - "version_affected": "!" - }, - { - "version_value": "0:3.10.0-1062.el7", - "version_affected": "!" + "version_affected": "=", + "version_value": "3.10.x as shipped with Red Hat Enterprise Linux 7" } ] } @@ -73,16 +69,6 @@ "refsource": "MISC", "name": "http://www.securityfocus.com/bid/106296" }, - { - "url": "https://access.redhat.com/security/cve/CVE-2018-16885", - "refsource": "MISC", - "name": "https://access.redhat.com/security/cve/CVE-2018-16885" - }, - { - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661503", - "refsource": "MISC", - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1661503" - }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16885", "refsource": "MISC", @@ -90,12 +76,6 @@ } ] }, - "credits": [ - { - "lang": "en", - "value": "This issue was discovered by Paolo Abeni (Red Hat)." - } - ], "impact": { "cvss": [ { diff --git a/2018/16xxx/CVE-2018-16889.json b/2018/16xxx/CVE-2018-16889.json index f4b03c32a4d..447f1a0bcf8 100644 --- a/2018/16xxx/CVE-2018-16889.json +++ b/2018/16xxx/CVE-2018-16889.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "It was found that Ceph RGW did not properly sanitize encryption keys in debug logging for v4 auth. Encryption keys could be inadvertently disclosed when sharing debug logs." + "value": "Ceph does not properly sanitize encryption keys in debug logging for v4 auth. This results in the leaking of encryption key information in log files via plaintext. Versions up to v13.2.4 are vulnerable." } ] }, @@ -21,7 +21,7 @@ "description": [ { "lang": "eng", - "value": "Insertion of Sensitive Information into Log File", + "value": "CWE-532", "cweId": "CWE-532" } ] @@ -32,40 +32,16 @@ "vendor": { "vendor_data": [ { - "vendor_name": "Red Hat", + "vendor_name": "The Ceph Project", "product": { "product_data": [ { - "product_name": "Red Hat Ceph Storage 3.3", + "product_name": "ceph", "version": { "version_data": [ { - "version_value": "2:12.2.12-45.el7cp", - "version_affected": "!" - }, - { - "version_value": "0:3.2.24-1.el7cp", - "version_affected": "!" - }, - { - "version_value": "0:2.6-19.el7cp", - "version_affected": "!" - }, - { - "version_value": "0:2.0.6-1.el7cp", - "version_affected": "!" - }, - { - "version_value": "0:1.7.4-1.el7cp", - "version_affected": "!" - }, - { - "version_value": "0:2.7.4-10.el7cp", - "version_affected": "!" - }, - { - "version_value": "0:2.6.1-16.el7ost", - "version_affected": "!" + "version_affected": "=", + "version_value": "up to v13.2.4" } ] } @@ -93,16 +69,6 @@ "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2019:2541" }, - { - "url": "https://access.redhat.com/security/cve/CVE-2018-16889", - "refsource": "MISC", - "name": "https://access.redhat.com/security/cve/CVE-2018-16889" - }, - { - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665334", - "refsource": "MISC", - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1665334" - }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16889", "refsource": "MISC", diff --git a/2021/23xxx/CVE-2021-23174.json b/2021/23xxx/CVE-2021-23174.json index b58b9185d9e..8ef1bcf6b4c 100644 --- a/2021/23xxx/CVE-2021-23174.json +++ b/2021/23xxx/CVE-2021-23174.json @@ -1,43 +1,12 @@ { - "CVE_data_meta": { - "ASSIGNER": "audit@patchstack.com", - "DATE_PUBLIC": "2021-10-29T07:30:00.000Z", - "ID": "CVE-2021-23174", - "STATE": "PUBLIC", - "TITLE": "WordPress Download Monitor plugin <= 4.4.6 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Vulnerability discovered by Ex.Mi (Patchstack)." - } - ], - "data_format": "MITRE", - "data_type": "CVE", "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2021-23174", + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" + }, "description": { "description_data": [ { @@ -46,63 +15,109 @@ } ] }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 3.4, - "baseSeverity": "LOW", - "confidentialityImpact": "NONE", - "integrityImpact": "LOW", - "privilegesRequired": "HIGH", - "scope": "CHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:L/A:N", - "version": "3.1" - } - }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" } ] } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "WPChill", + "product": { + "product_data": [ + { + "product_name": "Download Monitor", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "4.4.7", + "status": "unaffected" + } + ], + "lessThanOrEqual": "4.4.6", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { - "name": "https://wordpress.org/plugins/download-monitor/#developers", - "refsource": "CONFIRM", - "url": "https://wordpress.org/plugins/download-monitor/#developers" - }, - { - "name": "https://github.com/WPChill/download-monitor/blob/master/changelog.txt", - "refsource": "CONFIRM", - "url": "https://github.com/WPChill/download-monitor/blob/master/changelog.txt" - }, - { - "name": "https://patchstack.com/database/vulnerability/download-monitor/wordpress-download-monitor-plugin-4-4-6-authenticated-persistent-cross-site-scripting-xss-vulnerability", - "refsource": "CONFIRM", - "url": "https://patchstack.com/database/vulnerability/download-monitor/wordpress-download-monitor-plugin-4-4-6-authenticated-persistent-cross-site-scripting-xss-vulnerability" + "url": "https://patchstack.com/database/vulnerability/download-monitor/wordpress-download-monitor-plugin-4-4-6-authenticated-persistent-cross-site-scripting-xss-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/vulnerability/download-monitor/wordpress-download-monitor-plugin-4-4-6-authenticated-persistent-cross-site-scripting-xss-vulnerability?_s_id=cve" } ] }, - "solution": [ - { - "lang": "eng", - "value": "Update to 4.4.7 or higher version." - } - ], + "generator": { + "engine": "Vulnogram 0.0.9" + }, "source": { "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "

Update to 4.4.7 or higher version.

" + } + ], + "value": "Update to 4.4.7 or higher version.\n\n" + } + ], + "credits": [ + { + "lang": "en", + "value": "FearZzZz (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 3.4, + "baseSeverity": "LOW", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:L/A:N", + "version": "3.1" + } + ] } } \ No newline at end of file diff --git a/2023/0xxx/CVE-2023-0091.json b/2023/0xxx/CVE-2023-0091.json index 6c42bedb311..504a0634be3 100644 --- a/2023/0xxx/CVE-2023-0091.json +++ b/2023/0xxx/CVE-2023-0091.json @@ -39,8 +39,16 @@ "version": { "version_data": [ { - "version_value": "n/a", - "version_affected": "?" + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "n/a", + "status": "unknown" + } + ], + "defaultStatus": "unaffected" + } } ] } diff --git a/2023/0xxx/CVE-2023-0105.json b/2023/0xxx/CVE-2023-0105.json index ff26228a22d..5fe5ba021a5 100644 --- a/2023/0xxx/CVE-2023-0105.json +++ b/2023/0xxx/CVE-2023-0105.json @@ -39,8 +39,16 @@ "version": { "version_data": [ { - "version_value": "n/a", - "version_affected": "?" + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "n/a", + "status": "unknown" + } + ], + "defaultStatus": "unaffected" + } } ] } diff --git a/2023/0xxx/CVE-2023-0229.json b/2023/0xxx/CVE-2023-0229.json index b876117f0d4..ceef4eb136e 100644 --- a/2023/0xxx/CVE-2023-0229.json +++ b/2023/0xxx/CVE-2023-0229.json @@ -1,12 +1,33 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-0229", "ASSIGNER": "secalert@redhat.com", "STATE": "PUBLIC" }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A flaw was found in github.com/openshift/apiserver-library-go, used in OpenShift 4.12 and 4.11, that contains an issue that can allow low-privileged users to set the seccomp profile for pods they control to \"unconfined.\" By default, the seccomp profile used in the restricted-v2 Security Context Constraint (SCC) is \"runtime/default,\" allowing users to disable seccomp for pods they can create and modify." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20", + "cweId": "CWE-20" + } + ] + } + ] + }, "affects": { "vendor": { "vendor_data": [ @@ -19,6 +40,7 @@ "version": { "version_data": [ { + "version_affected": "=", "version_value": "openshift/apiserver-library-go 4.11" } ] @@ -30,32 +52,12 @@ ] } }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-20" - } - ] - } - ] - }, "references": { "reference_data": [ { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160349", "refsource": "MISC", - "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2160349", - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160349" - } - ] - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A flaw was found in github.com/openshift/apiserver-library-go, used in OpenShift 4.12 and 4.11, that contains an issue that can allow low-privileged users to set the seccomp profile for pods they control to \"unconfined.\" By default, the seccomp profile used in the restricted-v2 Security Context Constraint (SCC) is \"runtime/default,\" allowing users to disable seccomp for pods they can create and modify." + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2160349" } ] } diff --git a/2023/0xxx/CVE-2023-0296.json b/2023/0xxx/CVE-2023-0296.json index b11a29869ba..12046859a2a 100644 --- a/2023/0xxx/CVE-2023-0296.json +++ b/2023/0xxx/CVE-2023-0296.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "The Birthday attack against 64-bit block ciphers (CVE-2016-2183) was reported for the health checks port (9979) on the etcd grpc-proxy component. Even though the CVE-2016-2183 has been fixed in the etcd components, to enable periodic health checks from kubelet, it was necessary to open up a new port (9979) on etcd grpc-proxy. Therefore, this port might still be considered vulnerable to the same type of attack. The health checks on etcd grpc-proxy do not contain sensitive data, only metrics data. The potential impact related to this vulnerability is minimal. The CVE-2023-0296 has been assigned to this issue to track the permanent fix in the etcd component." + "value": "The Birthday attack against 64-bit block ciphers flaw (CVE-2016-2183) was reported for the health checks port (9979) on etcd grpc-proxy component. Even though the CVE-2016-2183 has been fixed in the etcd components, to enable periodic health checks from kubelet, it was necessary to open up a new port (9979) on etcd grpc-proxy, hence this port might be considered as still vulnerable to the same type of vulnerability. The health checks on etcd grpc-proxy do not contain sensitive data (only metrics data), therefore the potential impact related to this vulnerability is minimal. The CVE-2023-0296 has been assigned to this issue to track the permanent fix in the etcd component." } ] }, @@ -21,7 +21,7 @@ "description": [ { "lang": "eng", - "value": "Use of a Broken or Risky Cryptographic Algorithm", + "value": "CWE-327", "cweId": "CWE-327" } ] @@ -32,38 +32,16 @@ "vendor": { "vendor_data": [ { - "vendor_name": "Red Hat", + "vendor_name": "n/a", "product": { "product_data": [ { - "product_name": "Red Hat OpenShift Container Platform 4.10", + "product_name": "Red Hat OpenShift", "version": { "version_data": [ { - "version_value": "v4.10.0-202301062005.p0.g2a91bf0.assembly.stream", - "version_affected": "!" - } - ] - } - }, - { - "product_name": "Red Hat OpenShift Container Platform 4.11", - "version": { - "version_data": [ - { - "version_value": "v4.11.0-202301041324.p0.gc50e9aa.assembly.stream", - "version_affected": "!" - } - ] - } - }, - { - "product_name": "Red Hat OpenShift Container Platform 4.12", - "version": { - "version_data": [ - { - "version_value": "v4.12.0-202212121125.p0.g89a451c.assembly.stream", - "version_affected": "!" + "version_affected": "=", + "version_value": "OpenShift 4.11" } ] } @@ -76,49 +54,11 @@ }, "references": { "reference_data": [ - { - "url": "https://access.redhat.com/errata/RHSA-2022:7399", - "refsource": "MISC", - "name": "https://access.redhat.com/errata/RHSA-2022:7399" - }, - { - "url": "https://access.redhat.com/errata/RHSA-2023:0069", - "refsource": "MISC", - "name": "https://access.redhat.com/errata/RHSA-2023:0069" - }, - { - "url": "https://access.redhat.com/errata/RHSA-2023:0241", - "refsource": "MISC", - "name": "https://access.redhat.com/errata/RHSA-2023:0241" - }, - { - "url": "https://access.redhat.com/security/cve/CVE-2023-0296", - "refsource": "MISC", - "name": "https://access.redhat.com/security/cve/CVE-2023-0296" - }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2161287", "refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2161287" } ] - }, - "impact": { - "cvss": [ - { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 5.3, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", - "version": "3.1" - } - ] } } \ No newline at end of file