admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-04-02 18:00:52 +00:00
parent bbbe4c25ed
commit 91d596ca39
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
62 changed files with 936 additions and 413 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2017/0xxx/CVE-2017-0330.json
View File

@ -66,6 +66,11 @@
"name": "1038201",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038201"
},
{
"refsource": "CONFIRM",
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
}
]
}

5
2017/6xxx/CVE-2017-6274.json
View File

@ -57,6 +57,11 @@
"name": "https://source.android.com/security/bulletin/pixel/2017-11-01#announcements",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/pixel/2017-11-01#announcements"
},
{
"refsource": "CONFIRM",
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
}
]
}

5
2017/6xxx/CVE-2017-6278.json
View File

@ -57,6 +57,11 @@
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4635",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4635"
},
{
"refsource": "CONFIRM",
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
}
]
}

5
2017/6xxx/CVE-2017-6284.json
View File

@ -57,6 +57,11 @@
"name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631",
"refsource": "CONFIRM",
"url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4631"
},
{
"refsource": "CONFIRM",
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
}
]
}

2
2017/7xxx/CVE-2017-7649.json
View File

@ -66,4 +66,4 @@
}
]
}
}
}

5
2018/1000xxx/CVE-2018-1000807.json
View File

@ -69,6 +69,11 @@
"name": "USN-3813-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3813-1/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1104",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00014.html"
}
]
}

5
2018/1000xxx/CVE-2018-1000808.json
View File

@ -69,6 +69,11 @@
"name": "USN-3813-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3813-1/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1104",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00014.html"
}
]
}

61
2018/1000xxx/CVE-2018-1000999.json
View File

@ -1,64 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2019-01-22T21:21:10.010936",
"DATE_REQUESTED": "2018-12-20T18:12:12",
"ID": "CVE-2018-1000999",
"REQUESTER": "cve@rapid7.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-1000999",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Fastnet SA MailCleaner version 2018092601 contains a Command Injection (CWE-78) vulnerability in /admin/managetracing/search/search that can result in an authenticated web application user running commands on the underlying web server as root. This attack appears to be exploitable via Post-authentication access to the web server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/rapid7/metasploit-framework/pull/11148",
"refsource": "MISC",
"url": "https://github.com/rapid7/metasploit-framework/pull/11148"
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: [CVE-2018-20323]. Reason: This candidate is a duplicate of [CVE-2018-20323]. Notes: All CVE users should reference [CVE-2018-20323] instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

5
2018/10xxx/CVE-2018-10733.json
View File

@ -66,6 +66,11 @@
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1574844",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1574844"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1120",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00005.html"
}
]
}

5
2018/10xxx/CVE-2018-10916.json
View File

@ -86,6 +86,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1059",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00036.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1110",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00010.html"
}
]
}

5
2018/11xxx/CVE-2018-11813.json
View File

@ -61,6 +61,11 @@
"name": "https://github.com/ChijinZ/security_advisories/blob/master/libjpeg-v9c/mail.pdf",
"refsource": "MISC",
"url": "https://github.com/ChijinZ/security_advisories/blob/master/libjpeg-v9c/mail.pdf"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1118",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html"
}
]
}

5
2018/12xxx/CVE-2018-12558.json
View File

@ -61,6 +61,11 @@
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901873",
"refsource": "MISC",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901873"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1114",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00012.html"
}
]
}

5
2018/14xxx/CVE-2018-14498.json
View File

@ -76,6 +76,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-87e2fa8e0f",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7YP4QUEYGHI4Q7GIAVFVKWQ7DJMBYLU/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1118",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html"
}
]
}

5
2018/18xxx/CVE-2018-18384.json
View File

@ -61,6 +61,11 @@
"name": "https://sourceforge.net/p/infozip/bugs/53/",
"refsource": "MISC",
"url": "https://sourceforge.net/p/infozip/bugs/53/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1117",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00009.html"
}
]
}

53
2018/19xxx/CVE-2018-19275.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-19275",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The BluStar component in Mitel InAttend before 2.5 SP3 and CMG before 8.4 SP3 Suite Servers has a default password, which could allow remote attackers to gain unauthorized access and execute arbitrary scripts with potential impacts to the confidentiality, integrity and availability of the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.mitel.com/en-gb/support/security-advisories/mitel-product-security-advisory-19-0002",
"url": "https://www.mitel.com/en-gb/support/security-advisories/mitel-product-security-advisory-19-0002"
},
{
"refsource": "CONFIRM",
"name": "https://www.mitel.com/-/media/mitel/pdf/security-advisories/security-bulletin-190002001-v10.pdf",
"url": "https://www.mitel.com/-/media/mitel/pdf/security-advisories/security-bulletin-190002001-v10.pdf"
}
]
}

5
2018/19xxx/CVE-2018-19869.json
View File

@ -61,6 +61,11 @@
"name": "https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/",
"refsource": "CONFIRM",
"url": "https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1116",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00008.html"
}
]
}

5
2018/19xxx/CVE-2018-19871.json
View File

@ -61,6 +61,11 @@
"name": "https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/",
"refsource": "CONFIRM",
"url": "https://blog.qt.io/blog/2018/12/04/qt-5-11-3-released-important-security-updates/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1115",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00002.html"
}
]
}

5
2018/1xxx/CVE-2018-1152.json
View File

@ -82,6 +82,11 @@
"name": "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6",
"refsource": "CONFIRM",
"url": "https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1118",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html"
}
]
}

5
2018/3xxx/CVE-2018-3639.json
View File

@ -727,6 +727,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update",
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"
},
{
"refsource": "CONFIRM",
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
}
]
}

5
2018/3xxx/CVE-2018-3665.json
View File

@ -152,6 +152,11 @@
"name": "USN-3698-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3698-2/"
},
{
"refsource": "CONFIRM",
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
}
]
}

5
2018/6xxx/CVE-2018-6267.json
View File

@ -62,6 +62,11 @@
"name": "https://source.android.com/security/bulletin/2019-02-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2019-02-01"
},
{
"refsource": "CONFIRM",
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
}
]
}

5
2018/6xxx/CVE-2018-6268.json
View File

@ -62,6 +62,11 @@
"name": "https://source.android.com/security/bulletin/2019-02-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2019-02-01"
},
{
"refsource": "CONFIRM",
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
}
]
}

5
2018/6xxx/CVE-2018-6271.json
View File

@ -62,6 +62,11 @@
"name": "https://source.android.com/security/bulletin/2019-02-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2019-02-01"
},
{
"refsource": "CONFIRM",
"name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787",
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4787"
}
]
}

100
2018/9xxx/CVE-2018-9867.json
View File

@ -11,58 +11,58 @@
"product": {
"product_data": [
{
"product_name" : "SonicOS",
"version" : {
"version_data" : [
{
"version_value" : "5.9.1.10 and earlier"
},
{
"version_value" : "6.2.7.3"
},
{
"version_value" : "6.5.1.3"
},
{
"version_value" : "6.5.2.2"
},
{
"version_value" : "6.5.3.1"
},
{
"version_value" : "6.2.7.8"
},
{
"version_value" : "6.4.0.0"
},
{
"version_value" : "6.5.1.8"
},
{
"version_value" : "6.0.5.3-86o"
}
]
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "5.9.1.10 and earlier"
},
{
"version_value": "6.2.7.3"
},
{
"version_value": "6.5.1.3"
},
{
"version_value": "6.5.2.2"
},
{
"version_value": "6.5.3.1"
},
{
"version_value": "6.2.7.8"
},
{
"version_value": "6.4.0.0"
},
{
"version_value": "6.5.1.8"
},
{
"version_value": "6.0.5.3-86o"
}
]
}
},
{
"product_name" : "SonicOSv",
"version" : {
"version_data" : [
{
"version_value" : "6.5.0.2-8v_RC363 (VMWARE)"
},
{
"version_value" : "6.5.0.2.8v_RC367 (AZURE)"
},
{
"version_value" : "6.5.0.2.8v_RC368 (AWS)"
},
{
"version_value" : "6.5.0.2.8v_RC366 (HYPER_V)"
}
]
},
{
"product_name": "SonicOSv",
"version": {
"version_data": [
{
"version_value": "6.5.0.2-8v_RC363 (VMWARE)"
},
{
"version_value": "6.5.0.2.8v_RC367 (AZURE)"
},
{
"version_value": "6.5.0.2.8v_RC368 (AWS)"
},
{
"version_value": "6.5.0.2.8v_RC366 (HYPER_V)"
}
]
}
}
}
]
},
"vendor_name": "SonicWall"

67
2019/10xxx/CVE-2019-10692.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-10692",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the wp-google-maps plugin before 7.11.18 for WordPress, includes/class.rest-api.php in the REST API does not sanitize field names before a SELECT statement."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fwp-google-maps&old=2061433&new_path=%2Fwp-google-maps&new=2061434&sfp_email=&sfph_mail=#file755",
"refsource": "MISC",
"name": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fwp-google-maps&old=2061433&new_path=%2Fwp-google-maps&new=2061434&sfp_email=&sfph_mail=#file755"
},
{
"url": "https://wordpress.org/plugins/wp-google-maps/#developers",
"refsource": "MISC",
"name": "https://wordpress.org/plugins/wp-google-maps/#developers"
}
]
}
}

18
2019/10xxx/CVE-2019-10693.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10693",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/10xxx/CVE-2019-10694.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10694",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/10xxx/CVE-2019-10695.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10695",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/10xxx/CVE-2019-10696.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10696",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/10xxx/CVE-2019-10697.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10697",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/10xxx/CVE-2019-10698.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10698",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/10xxx/CVE-2019-10699.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10699",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/10xxx/CVE-2019-10700.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10700",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/10xxx/CVE-2019-10701.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10701",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/10xxx/CVE-2019-10702.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10702",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2019/10xxx/CVE-2019-10703.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-10703",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

5
2019/1xxx/CVE-2019-1559.json
View File

@ -126,6 +126,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1076",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1105",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00019.html"
}
]
}

5
2019/3xxx/CVE-2019-3816.json
View File

@ -101,6 +101,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-af0cd1b8f7",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CXQP7UDPRZIZ4LM7FEJCTC2EDUYVOR2J/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1111",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00006.html"
}
]
}

5
2019/3xxx/CVE-2019-3833.json
View File

@ -91,6 +91,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-af0cd1b8f7",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CXQP7UDPRZIZ4LM7FEJCTC2EDUYVOR2J/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1111",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00006.html"
}
]
}

10
2019/3xxx/CVE-2019-3838.json
View File

@ -68,6 +68,16 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-1a2c059afd",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANBSCZABXQUEQWIKNWJ35IYX24M227EI/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1119",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00011.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1121",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00018.html"
}
]
},

5
2019/3xxx/CVE-2019-3855.json
View File

@ -111,6 +111,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1075",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1109",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html"
}
]
},

5
2019/3xxx/CVE-2019-3856.json
View File

@ -81,6 +81,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1075",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1109",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html"
}
]
},

5
2019/3xxx/CVE-2019-3857.json
View File

@ -81,6 +81,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1075",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1109",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html"
}
]
},

5
2019/3xxx/CVE-2019-3858.json
View File

@ -98,6 +98,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1075",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1109",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html"
}
]
},

5
2019/3xxx/CVE-2019-3859.json
View File

@ -103,6 +103,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190402 [SECURITY] [DLA 1730-2] libssh2 regression update",
"url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00006.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1109",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html"
}
]
},

5
2019/3xxx/CVE-2019-3860.json
View File

@ -68,6 +68,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1075",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1109",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html"
}
]
},

5
2019/3xxx/CVE-2019-3861.json
View File

@ -68,6 +68,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1075",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1109",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html"
}
]
},

5
2019/3xxx/CVE-2019-3862.json
View File

@ -98,6 +98,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1075",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1109",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html"
}
]
},

5
2019/3xxx/CVE-2019-3863.json
View File

@ -81,6 +81,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1075",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1109",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html"
}
]
},

199
2019/7xxx/CVE-2019-7474.json
View File

@ -1,106 +1,105 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@sonicwall.com",
"ID" : "CVE-2019-7474",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2019-7474",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SonicOS",
"version" : {
"version_data" : [
{
"version_value" : "5.9.1.10 and earlier"
},
{
"version_value" : "6.2.7.3"
},
{
"version_value" : "6.5.1.3"
},
{
"version_value" : "6.5.2.2"
},
{
"version_value" : "6.5.3.1"
},
{
"version_value" : "6.2.7.8"
},
{
"version_value" : "6.4.0.0"
},
{
"version_value" : "6.5.1.8"
},
{
"version_value" : "6.0.5.3-86o"
}
]
}
},
{
"product_name" : "SonicOSv",
"version" : {
"version_data" : [
{
"version_value" : "6.5.0.2-8v_RC363 (VMWARE)"
},
{
"version_value" : "6.5.0.2.8v_RC367 (AZURE)"
},
{
"version_value" : "6.5.0.2.8v_RC368 (AWS)"
},
{
"version_value" : "6.5.0.2.8v_RC366 (HYPER_V)"
}
]
}
}
]
},
"vendor_name" : "SonicWall"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
"affects": {
"vendor": {
"vendor_data": [
{
"lang" : "eng",
"value" : "CWE-248: Uncaught Exception"
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "5.9.1.10 and earlier"
},
{
"version_value": "6.2.7.3"
},
{
"version_value": "6.5.1.3"
},
{
"version_value": "6.5.2.2"
},
{
"version_value": "6.5.3.1"
},
{
"version_value": "6.2.7.8"
},
{
"version_value": "6.4.0.0"
},
{
"version_value": "6.5.1.8"
},
{
"version_value": "6.0.5.3-86o"
}
]
}
},
{
"product_name": "SonicOSv",
"version": {
"version_data": [
{
"version_value": "6.5.0.2-8v_RC363 (VMWARE)"
},
{
"version_value": "6.5.0.2.8v_RC367 (AZURE)"
},
{
"version_value": "6.5.0.2.8v_RC368 (AWS)"
},
{
"version_value": "6.5.0.2.8v_RC366 (HYPER_V)"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
]
]
}
},
"references" : {
"reference_data" : [
{
"name" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0001",
"refsource" : "CONFIRM",
"url" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0001"
}
]
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-248: Uncaught Exception"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0001",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0001"
}
]
}
}
}

199
2019/7xxx/CVE-2019-7475.json
View File

@ -1,106 +1,105 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@sonicwall.com",
"ID" : "CVE-2019-7475",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2019-7475",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SonicOS",
"version" : {
"version_data" : [
{
"version_value" : "5.9.1.10 and earlier"
},
{
"version_value" : "6.2.7.3"
},
{
"version_value" : "6.5.1.3"
},
{
"version_value" : "6.5.2.2"
},
{
"version_value" : "6.5.3.1"
},
{
"version_value" : "6.2.7.8"
},
{
"version_value" : "6.4.0.0"
},
{
"version_value" : "6.5.1.8"
},
{
"version_value" : "6.0.5.3-86o"
}
]
}
},
{
"product_name" : "SonicOSv",
"version" : {
"version_data" : [
{
"version_value" : "6.5.0.2-8v_RC363 (VMWARE)"
},
{
"version_value" : "6.5.0.2.8v_RC367 (AZURE)"
},
{
"version_value" : "6.5.0.2.8v_RC368 (AWS)"
},
{
"version_value" : "6.5.0.2.8v_RC366 (HYPER_V)"
}
]
}
}
]
},
"vendor_name" : "SonicWall"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
"affects": {
"vendor": {
"vendor_data": [
{
"lang" : "eng",
"value" : "CWE-284: Improper Access Control"
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "5.9.1.10 and earlier"
},
{
"version_value": "6.2.7.3"
},
{
"version_value": "6.5.1.3"
},
{
"version_value": "6.5.2.2"
},
{
"version_value": "6.5.3.1"
},
{
"version_value": "6.2.7.8"
},
{
"version_value": "6.4.0.0"
},
{
"version_value": "6.5.1.8"
},
{
"version_value": "6.0.5.3-86o"
}
]
}
},
{
"product_name": "SonicOSv",
"version": {
"version_data": [
{
"version_value": "6.5.0.2-8v_RC363 (VMWARE)"
},
{
"version_value": "6.5.0.2.8v_RC367 (AZURE)"
},
{
"version_value": "6.5.0.2.8v_RC368 (AWS)"
},
{
"version_value": "6.5.0.2.8v_RC366 (HYPER_V)"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
]
]
}
},
"references" : {
"reference_data" : [
{
"name" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0002",
"refsource" : "CONFIRM",
"url" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0002"
}
]
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0002",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0002"
}
]
}
}
}

199
2019/7xxx/CVE-2019-7477.json
View File

@ -1,106 +1,105 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "psirt@sonicwall.com",
"ID" : "CVE-2019-7477",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2019-7477",
"STATE": "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SonicOS",
"version" : {
"version_data" : [
{
"version_value" : "5.9.1.10 and earlier"
},
{
"version_value" : "6.2.7.3"
},
{
"version_value" : "6.5.1.3"
},
{
"version_value" : "6.5.2.2"
},
{
"version_value" : "6.5.3.1"
},
{
"version_value" : "6.2.7.8"
},
{
"version_value" : "6.4.0.0"
},
{
"version_value" : "6.5.1.8"
},
{
"version_value" : "6.0.5.3-86o"
}
]
}
},
{
"product_name" : "SonicOSv",
"version" : {
"version_data" : [
{
"version_value" : "6.5.0.2-8v_RC363 (VMWARE)"
},
{
"version_value" : "6.5.0.2.8v_RC367 (AZURE)"
},
{
"version_value" : "6.5.0.2.8v_RC368 (AWS)"
},
{
"version_value" : "6.5.0.2.8v_RC366 (HYPER_V)"
}
]
}
}
]
},
"vendor_name" : "SonicWall"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain sensitive plaintext data when CBC cipher suites are enabled. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
"affects": {
"vendor": {
"vendor_data": [
{
"lang" : "eng",
"value" : "CWE-327: Use of a Broken or Risky Cryptographic Algorithm"
"product": {
"product_data": [
{
"product_name": "SonicOS",
"version": {
"version_data": [
{
"version_value": "5.9.1.10 and earlier"
},
{
"version_value": "6.2.7.3"
},
{
"version_value": "6.5.1.3"
},
{
"version_value": "6.5.2.2"
},
{
"version_value": "6.5.3.1"
},
{
"version_value": "6.2.7.8"
},
{
"version_value": "6.4.0.0"
},
{
"version_value": "6.5.1.8"
},
{
"version_value": "6.0.5.3-86o"
}
]
}
},
{
"product_name": "SonicOSv",
"version": {
"version_data": [
{
"version_value": "6.5.0.2-8v_RC363 (VMWARE)"
},
{
"version_value": "6.5.0.2.8v_RC367 (AZURE)"
},
{
"version_value": "6.5.0.2.8v_RC368 (AWS)"
},
{
"version_value": "6.5.0.2.8v_RC366 (HYPER_V)"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
]
]
}
},
"references" : {
"reference_data" : [
{
"name" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0003",
"refsource" : "CONFIRM",
"url" : "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0003"
}
]
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain sensitive plaintext data when CBC cipher suites are enabled. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0003",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0003"
}
]
}
}
}

5
2019/8xxx/CVE-2019-8955.json
View File

@ -66,6 +66,11 @@
"name": "https://blog.torproject.org/new-releases-tor-0402-alpha-0358-03411-and-03312",
"refsource": "MISC",
"url": "https://blog.torproject.org/new-releases-tor-0402-alpha-0358-03411-and-03312"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1107",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00013.html"
}
]
}

5
2019/9xxx/CVE-2019-9208.json
View File

@ -81,6 +81,11 @@
"refsource": "BUGTRAQ",
"name": "20190324 [SECURITY] [DSA 4416-1] wireshark security update",
"url": "https://seclists.org/bugtraq/2019/Mar/35"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00007.html"
}
]
}

5
2019/9xxx/CVE-2019-9209.json
View File

@ -86,6 +86,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190325 [SECURITY] [DLA 1729-1] wireshark security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00031.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00007.html"
}
]
}

5
2019/9xxx/CVE-2019-9214.json
View File

@ -81,6 +81,11 @@
"refsource": "BUGTRAQ",
"name": "20190324 [SECURITY] [DSA 4416-1] wireshark security update",
"url": "https://seclists.org/bugtraq/2019/Mar/35"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00007.html"
}
]
}

5
2019/9xxx/CVE-2019-9894.json
View File

@ -66,6 +66,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-9e1a1cd634",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1113",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html"
}
]
}

5
2019/9xxx/CVE-2019-9895.json
View File

@ -66,6 +66,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-9e1a1cd634",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1113",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html"
}
]
}

5
2019/9xxx/CVE-2019-9896.json
View File

@ -56,6 +56,11 @@
"url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html",
"refsource": "MISC",
"name": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1113",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html"
}
]
}

5
2019/9xxx/CVE-2019-9897.json
View File

@ -66,6 +66,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-9e1a1cd634",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1113",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html"
}
]
}

5
2019/9xxx/CVE-2019-9898.json
View File

@ -81,6 +81,11 @@
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190401-0002/",
"url": "https://security.netapp.com/advisory/ntap-20190401-0002/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1113",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html"
}
]
}

56
2019/9xxx/CVE-2019-9946.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-9946",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2019-9946",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cloud Native Computing Foundation (CNCF) CNI (Container Networking Interface) 0.7.4 has a network firewall misconfiguration which affects Kubernetes. The CNI 'portmap' plugin, used to setup HostPorts for CNI, inserts rules at the front of the iptables nat chains; which take precedence over the KUBE- SERVICES chain. Because of this, the HostPort/portmap rule could match incoming traffic even if there were better fitting, more specific service definition rules like NodePorts later in the chain. The issue is fixed in CNI 0.7.5 and Kubernetes 1.11.9, 1.12.7, 1.13.5, and 1.14.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/containernetworking/plugins/pull/269#issuecomment-477683272",
"url": "https://github.com/containernetworking/plugins/pull/269#issuecomment-477683272"
}
]
}