admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-11-12 14:01:38 +00:00
parent a3f7574823
commit 9338a9a5a0
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
13 changed files with 602 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
2008/7xxx/CVE-2008-7220.json
View File

@ -141,6 +141,16 @@
"refsource": "MLIST",
"name": "[zookeeper-issues] 20191107 [jira] [Created] (ZOOKEEPER-3610) Update lib prototype.js: 1.4.0_pre4 due to security vulnerability",
"url": "https://lists.apache.org/thread.html/6d1b9a75a004dab42c81e8aa149d90e6fd26ce8cd6d71295e565e366@%3Cissues.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-issues] 20191112 [jira] [Created] (ZOOKEEPER-3612) CLONE - Update lib prototype.js: 1.4.0_pre4 due to security vulnerability",
"url": "https://lists.apache.org/thread.html/2ad48cd9d47edd0e677082eb869115809473a117e1e30b52fb511590@%3Cissues.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[zookeeper-dev] 20191112 [jira] [Created] (ZOOKEEPER-3612) CLONE - Update lib prototype.js: 1.4.0_pre4 due to security vulnerability",
"url": "https://lists.apache.org/thread.html/769fcc5f331b61c4d7ce16b807678e9a1799628d0146322e14aa24ed@%3Cdev.zookeeper.apache.org%3E"
}
]
}

60
2011/2xxx/CVE-2011-2897.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2897",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "gdk-pixbuf",
"product": {
"product_data": [
{
"product_name": "gdk-pixbuf",
"version": {
"version_data": [
{
"version_value": "through 2.31.1"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "gdk-pixbuf through 2.31.1 has GIF loader buffer overflow when initializing decompression tables due to an input validation flaw"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "GIF loader buffer overflow when initializing decompression tables"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2011-2897",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2011-2897"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2897",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2897"
},
{
"url": "https://access.redhat.com/security/cve/cve-2011-2897",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2011-2897"
}
]
}

60
2011/2xxx/CVE-2011-2935.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2935",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Elgg",
"product": {
"product_data": [
{
"product_name": "Elgg",
"version": {
"version_data": [
{
"version_value": "through 1.7.10"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Elgg through 1.7.10 has XSS"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unspecified"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "DEBIAN",
"name": "Debian",
"url": "https://security-tracker.debian.org/tracker/CVE-2011-2935"
},
{
"refsource": "REDHAT",
"name": "Red Hat",
"url": "https://access.redhat.com/security/cve/cve-2011-2935"
},
{
"refsource": "MISC",
"name": "https://oss-security.openwall.narkive.com/1UH3NYx8/cve-request-elgg-1-7-10-multiple-vulnerabilities",
"url": "https://oss-security.openwall.narkive.com/1UH3NYx8/cve-request-elgg-1-7-10-multiple-vulnerabilities"
}
]
}

60
2011/2xxx/CVE-2011-2936.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-2936",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Elgg",
"product": {
"product_data": [
{
"product_name": "Elgg",
"version": {
"version_data": [
{
"version_value": "through 1.7.10"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Elgg through 1.7.10 has a SQL injection vulnerability"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unspecified"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://oss-security.openwall.narkive.com/1UH3NYx8/cve-request-elgg-1-7-10-multiple-vulnerabilities",
"url": "https://oss-security.openwall.narkive.com/1UH3NYx8/cve-request-elgg-1-7-10-multiple-vulnerabilities"
},
{
"refsource": "DEBIAN",
"name": "Debian",
"url": "https://security-tracker.debian.org/tracker/CVE-2011-2936"
},
{
"refsource": "REDHAT",
"name": "Red Hat",
"url": "https://access.redhat.com/security/cve/cve-2011-2936"
}
]
}

60
2011/3xxx/CVE-2011-3370.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2011-3370",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "statusnet",
"product": {
"product_data": [
{
"product_name": "statusnet",
"version": {
"version_data": [
{
"version_value": "before 0.9.9 and 1.0.0beta2"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "statusnet before 0.9.9 has XSS"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "unspecified"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "DEBIAN",
"name": "Debian",
"url": "https://security-tracker.debian.org/tracker/CVE-2011-3370"
},
{
"refsource": "REDHAT",
"name": "Red Hat",
"url": "https://access.redhat.com/security/cve/cve-2011-3370"
},
{
"refsource": "MISC",
"name": "https://seclists.org/oss-sec/2011/q3/488",
"url": "https://seclists.org/oss-sec/2011/q3/488"
}
]
}

63
2011/5xxx/CVE-2011-5271.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-5271",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Pacemaker before 1.1.6 configure script creates temporary files insecurely"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2011-5271",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2011-5271"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/02/11/1",
"url": "http://www.openwall.com/lists/oss-security/2014/02/11/1"
},
{
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91120",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91120"
},
{
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/65472",
"url": "http://www.securityfocus.com/bid/65472"
}
]
}

55
2014/3xxx/CVE-2014-3599.json
View File

@ -1,8 +1,31 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3599",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "HornetQ REST",
"product": {
"product_data": [
{
"product_name": "HornetQ REST",
"version": {
"version_data": [
{
"version_value": "Fixed In Version: 2.5.0"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "HornetQ REST is vulnerable to XML External Entity due to insecure configuration of RestEasy"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XXE due to insecure configuration of RestEasy"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3599",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3599"
},
{
"url": "https://access.redhat.com/security/cve/cve-2014-3599",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2014-3599"
}
]
}

63
2014/7xxx/CVE-2014-7143.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-7143",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,43 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Python Twisted 14.0 trustRoot is not respected in HTTP client"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2014-7143",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2014-7143"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-7143",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-7143"
},
{
"url": "http://www.openwall.com/lists/oss-security/2014/09/22/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/09/22/2"
},
{
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96135",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96135"
}
]
}

53
2018/18xxx/CVE-2018-18819.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18819",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability in the web conference chat component of MiCollab, versions 7.3 PR6 (7.3.0.601) and earlier, and 8.0 (8.0.0.40) through 8.0 SP2 FP2 (8.0.2.202), and MiVoice Business Express versions 7.3 PR3 (7.3.1.302) and earlier, and 8.0 (8.0.0.40) through 8.0 SP2 FP1 (8.0.2.202), could allow creation of unauthorized chat sessions, due to insufficient access controls. A successful exploit could allow execution of arbitrary commands."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.mitel.com/support/security-advisories",
"refsource": "MISC",
"name": "https://www.mitel.com/support/security-advisories"
},
{
"refsource": "CONFIRM",
"name": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-18-0012",
"url": "https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-18-0012"
}
]
}

62
2019/18xxx/CVE-2019-18658.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Helm 2.x before 2.15.2, commands that deal with loading a chart as a directory or packaging a chart provide an opportunity for a maliciously designed chart to include sensitive content such as /etc/passwd, or to execute a denial of service (DoS) via a special file such as /dev/urandom, via symlinks. No version of Tiller is known to be impacted. This is a client-only issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://helm.sh/blog/2019-10-30-helm-symlink-security-notice/",
"refsource": "MISC",
"name": "https://helm.sh/blog/2019-10-30-helm-symlink-security-notice/"
}
]
}
}

67
2019/18xxx/CVE-2019-18817.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18817",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Istio 1.3.x before 1.3.5 allows Denial of Service because continue_on_listener_filters_timeout is set to True, a related issue to CVE-2019-18836."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://istio.io/news/2019/announcing-1.3.5/",
"refsource": "MISC",
"name": "https://istio.io/news/2019/announcing-1.3.5/"
},
{
"refsource": "MISC",
"name": "https://github.com/istio/istio/issues/18229",
"url": "https://github.com/istio/istio/issues/18229"
}
]
}
}

5
2019/9xxx/CVE-2019-9900.json
View File

@ -71,6 +71,11 @@
"refsource": "CONFIRM",
"name": "https://groups.google.com/forum/#!topic/envoy-announce/VoHfnDqZiAM",
"url": "https://groups.google.com/forum/#!topic/envoy-announce/VoHfnDqZiAM"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-x74r-f4mw-c32h",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-x74r-f4mw-c32h"
}
]
},

5
2019/9xxx/CVE-2019-9901.json
View File

@ -66,6 +66,11 @@
"refsource": "CONFIRM",
"name": "https://groups.google.com/forum/#!topic/envoy-announce/VoHfnDqZiAM",
"url": "https://groups.google.com/forum/#!topic/envoy-announce/VoHfnDqZiAM"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-xcx5-93pw-jw2w",
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-xcx5-93pw-jw2w"
}
]
},