admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-01-24 17:04:52 -05:00
parent db576c9566
commit 9a09a540ab
No known key found for this signature in database
GPG Key ID: 3504EC0FB4B2FE56
12 changed files with 715 additions and 188 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
2017/1000xxx/CVE-2017-1000078.json
View File

@ -1 +1,62 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://wiki.onosproject.org/display/ONOS/Security+advisories"}]},"description": {"description_data": [{"lang": "eng","value": "Linux foundation ONOS 1.9 is vulnerable to XSS in the device registration"}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "1.8, 1.9.0 and latest"}]},"product_name": "ONOS"}]},"vendor_name": "Linux foundation"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2017-05-06T20:43:28.328668","STATE": "PUBLIC", "ID": "CVE-2017-1000078","ASSIGNER": "kurt@seifried.org","REQUESTER": "mathias.morbitzer@aisec.fraunhofer.de"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Cross Site Scripting (XSS)"}]}]}}
{
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2017-05-06T20:43:28.328668",
"ID" : "CVE-2017-1000078",
"REQUESTER" : "mathias.morbitzer@aisec.fraunhofer.de",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "ONOS",
"version" : {
"version_data" : [
{
"version_value" : "1.8, 1.9.0 and latest"
}
]
}
}
]
},
"vendor_name" : "Linux foundation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Linux foundation ONOS 1.9 is vulnerable to XSS in the device. registration"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross Site Scripting (XSS)"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://wiki.onosproject.org/display/ONOS/Security+advisories"
}
]
}
}

63
2017/1000xxx/CVE-2017-1000079.json
View File

@ -1 +1,62 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://wiki.onosproject.org/display/ONOS/Security+advisories"}]},"description": {"description_data": [{"lang": "eng","value": "Linux foundation ONOS 1.9.0 is vulnerable to a DoS"}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "1.8, 1.9.0 and latest"}]},"product_name": "ONOS"}]},"vendor_name": "Linux foundation"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2017-05-06T20:43:28.329351","STATE": "PUBLIC", "ID": "CVE-2017-1000079","ASSIGNER": "kurt@seifried.org","REQUESTER": "mathias.morbitzer@aisec.fraunhofer.de"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Denial of Service"}]}]}}
{
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2017-05-06T20:43:28.329351",
"ID" : "CVE-2017-1000079",
"REQUESTER" : "mathias.morbitzer@aisec.fraunhofer.de",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "ONOS",
"version" : {
"version_data" : [
{
"version_value" : "1.8, 1.9.0 and latest"
}
]
}
}
]
},
"vendor_name" : "Linux foundation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Linux foundation ONOS 1.9.0 is vulnerable to a DoS."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of Service"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://wiki.onosproject.org/display/ONOS/Security+advisories"
}
]
}
}

63
2017/1000xxx/CVE-2017-1000080.json
View File

@ -1 +1,62 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://wiki.onosproject.org/display/ONOS/Security+advisories"}]},"description": {"description_data": [{"lang": "eng","value": "Linux foundation ONOS 1.9.0 allows unauthenticated use of websockets"}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "1.8, 1.9.0 and latest"}]},"product_name": "ONOS"}]},"vendor_name": "Linux foundation"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2017-05-06T20:43:28.330025","STATE": "PUBLIC", "ID": "CVE-2017-1000080","ASSIGNER": "kurt@seifried.org","REQUESTER": "mathias.morbitzer@aisec.fraunhofer.de"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Insecure Permissions"}]}]}}
{
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2017-05-06T20:43:28.330025",
"ID" : "CVE-2017-1000080",
"REQUESTER" : "mathias.morbitzer@aisec.fraunhofer.de",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "ONOS",
"version" : {
"version_data" : [
{
"version_value" : "1.8, 1.9.0 and latest"
}
]
}
}
]
},
"vendor_name" : "Linux foundation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Linux foundation ONOS 1.9.0 allows unauthenticated use of websockets."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Insecure Permissions"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://wiki.onosproject.org/display/ONOS/Security+advisories"
}
]
}
}

63
2017/1000xxx/CVE-2017-1000081.json
View File

@ -1 +1,62 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://wiki.onosproject.org/display/ONOS/Security+advisories"}]},"description": {"description_data": [{"lang": "eng","value": "Linux foundation ONOS 1.9.0 is vulnerable to unauthenticated upload of applications (.oar) resulting in remote code execution"}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "1.8, 1.9.0 and latest"}]},"product_name": "ONOS"}]},"vendor_name": "Linux foundation"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2017-05-06T20:43:28.330737","STATE": "PUBLIC", "ID": "CVE-2017-1000081","ASSIGNER": "kurt@seifried.org","REQUESTER": "mathias.morbitzer@aisec.fraunhofer.de"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Insecure Permissions"}]}]}}
{
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2017-05-06T20:43:28.330737",
"ID" : "CVE-2017-1000081",
"REQUESTER" : "mathias.morbitzer@aisec.fraunhofer.de",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "ONOS",
"version" : {
"version_data" : [
{
"version_value" : "1.8, 1.9.0 and latest"
}
]
}
}
]
},
"vendor_name" : "Linux foundation"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Linux foundation ONOS 1.9.0 is vulnerable to unauthenticated upload of applications (.oar) resulting in remote code execution."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Insecure Permissions"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://wiki.onosproject.org/display/ONOS/Security+advisories"
}
]
}
}

121
2017/1000xxx/CVE-2017-1000474.json
View File

@ -1,67 +1,62 @@
{
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://sourceforge.net/projects/vsms-php/?source=directory"
},
{
"url": "http://voidthemes.com/scripts/vsms/"
},
{
"url": "http://singsip.wixsite.com/singsip/vuln"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Soyket Chowdhury Vehicle Sales Management System version 2017-07-30 is vulnerable to multiple SQL Injecting in login/vehicle.php, login/profile.php, login/Actions.php, login/manage_employee.php, and login/sell.php scripts resulting in the expose of user's login credentials, SQL Injection and Stored XSS vulnerability, which leads to remote code executing."
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "2017-07-30"
}
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2017-12-29",
"ID" : "CVE-2017-1000474",
"REQUESTER" : "drumsmith101@hotmail.com",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Vehicle Sales Management System",
"version" : {
"version_data" : [
{
"version_value" : "2017-07-30"
}
]
}
}
]
},
"product_name": "Vehicle Sales Management System"
}
]
},
"vendor_name": "Soyket Chowdhury"
}
]
}
},
"CVE_data_meta": {
"DATE_ASSIGNED": "2017-12-29",
"ID": "CVE-2017-1000474",
"ASSIGNER": "kurt@seifried.org",
"REQUESTER": "drumsmith101@hotmail.com"
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection"
}
]
},
"vendor_name" : "Soyket Chowdhury"
}
]
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Soyket Chowdhury Vehicle Sales Management System version 2017-07-30 is vulnerable to multiple SQL Injecting in login/vehicle.php, login/profile.php, login/Actions.php, login/manage_employee.php, and login/sell.php scripts resulting in the expose of user's login credentials, SQL Injection and Stored XSS vulnerability, which leads to remote code executing."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "SQL Injection"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://singsip.wixsite.com/singsip/vuln"
}
]
}
}

122
2018/1000xxx/CVE-2018-1000005.json
View File

@ -1,65 +1,65 @@
{
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "kurt@seifried.org",
"DATE_ASSIGNED": "2018-01-17",
"ID": "CVE-2018-1000005",
"REQUESTER": "daniel@haxx.se",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "libcurl",
"product": {
"product_data": [
{
"product_name": "libcurl",
"version": {
"version_data": [
{
"version_value": "libcurl 7.49.0 to and including 7.57.0"
}
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2018-01-17",
"ID" : "CVE-2018-1000005",
"REQUESTER" : "daniel@haxx.se",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "libcurl",
"version" : {
"version_data" : [
{
"version_value" : "libcurl 7.49.0 to and including 7.57.0"
}
]
}
}
]
}
}
]
}
}
},
"vendor_name" : "libcurl"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. It was reported (https://github.com/curl/curl/pull/2231) that reading an HTTP/2 trailer could mess up future trailers since the stored size was one byte less than required. The problem is that the code that creates HTTP/1-like headers from the HTTP/2 trailer data once appended a string like `:` to the target buffer, while this was recently changed to `: ` (a space was added after the colon) but the following math wasn't updated correspondingly. When accessed, the data is read out of bounds and causes either a crash or that the (too large) data gets passed to client write. This could lead to a denial-of-service situation or an information disclosure if someone has a service that echoes back or uses the trailers for something."
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. It was reported (https://github.com/curl/curl/pull/2231) that reading an HTTP/2 trailer could mess up future trailers since the stored size was one byte less than required. The problem is that the code that creates HTTP/1-like headers from the HTTP/2 trailer data once appended a string like `:` to the target buffer, while this was recently changed to `: ` (a space was added after the colon) but the following math wasn't updated correspondingly. When accessed, the data is read out of bounds and causes either a crash or that the (too large) data gets passed to client write. This could lead to a denial-of-service situation or an information disclosure if someone has a service that echoes back or uses the trailers for something."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "out bounds read"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/curl/curl/pull/2231"
},
{
"url": "https://curl.haxx.se/docs/adv_2018-824a.html"
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "out bounds read"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://curl.haxx.se/docs/adv_2018-824a.html"
},
{
"url" : "https://github.com/curl/curl/pull/2231"
}
]
}
}

116
2018/1000xxx/CVE-2018-1000007.json
View File

@ -1,62 +1,62 @@
{
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "kurt@seifried.org",
"DATE_ASSIGNED": "2018-01-22",
"ID": "CVE-2018-1000007",
"REQUESTER": "daniel@haxx.se",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "libcurl",
"product": {
"product_data": [
{
"product_name": "libcurl",
"version": {
"version_data": [
{
"version_value": "7.1 through 7.57.0"
}
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2018-01-22",
"ID" : "CVE-2018-1000007",
"REQUESTER" : "daniel@haxx.se",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "libcurl",
"version" : {
"version_data" : [
{
"version_value" : "7.1 through 7.57.0"
}
]
}
}
]
}
}
]
}
}
},
"vendor_name" : "libcurl"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the `Location:` response header value. Sending the same set of headers to subsequest hosts is in particular a problem for applications that pass on custom `Authorization:` headers, as this header often contains privacy sensitive information or data that could allow others to impersonate the libcurl-using client's request."
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the `Location:` response header value. Sending the same set of headers to subsequest hosts is in particular a problem for applications that pass on custom `Authorization:` headers, as this header often contains privacy sensitive information or data that could allow others to impersonate the libcurl-using client's request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-201"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://curl.haxx.se/docs/adv_2018-b3bf.html"
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "CWE-201"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://curl.haxx.se/docs/adv_2018-b3bf.html"
}
]
}
}

49
2018/5xxx/CVE-2018-5759.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-5759",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +34,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the AST depth for binary expressions, which allows remote attackers to cause a denial of service (excessive recursion) via a crafted file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://git.ghostscript.com/?p=mujs.git;a=commit;h=4d45a96e57fbabf00a7378b337d0ddcace6f38c1"
},
{
"url" : "https://bugs.ghostscript.com/show_bug.cgi?id=698868"
}
]
}

60
2018/6xxx/CVE-2018-6190.json Normal file
View File

@ -0,0 +1,60 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-6190",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Netis WF2419 V3.2.41381 devices allow XSS via the Description field on the MAC Filtering page."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://packetstormsecurity.com/files/146032/Netis-WF2419-3.2.41381-Cross-Site-Scripting.html"
}
]
}
}

63
2018/6xxx/CVE-2018-6191.json Normal file
View File

@ -0,0 +1,63 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-6191",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "The js_strtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer overflow because of incorrect exponent validation."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://git.ghostscript.com/?p=mujs.git;a=commit;h=25821e6d74fab5fcc200fe5e818362e03e114428"
},
{
"url" : "https://bugs.ghostscript.com/show_bug.cgi?id=698920"
}
]
}
}

60
2018/6xxx/CVE-2018-6192.json Normal file
View File

@ -0,0 +1,60 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-6192",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation violation and application crash) via a crafted pdf file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://bugs.ghostscript.com/show_bug.cgi?id=698916"
}
]
}
}

60
2018/6xxx/CVE-2018-6193.json Normal file
View File

@ -0,0 +1,60 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-6193",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A Cross-Site Scripting (XSS) vulnerability was found in Routers2 2.24, affecting the 'rtr' GET parameter in a page=graph action to cgi-bin/routers2.pl."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://github.com/sshipway/routers2/issues/1"
}
]
}
}