admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 02:32:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-04-30 22:00:42 +00:00
parent 31a76bd468
commit 9ef5eac2bd
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
4 changed files with 231 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2018/6xxx/CVE-2018-6064.json
View File

@ -82,6 +82,11 @@
"name": "https://crbug.com/798644",
"refsource": "MISC",
"url": "https://crbug.com/798644"
},
{
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-368/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-368/"
}
]
}

81
2019/0xxx/CVE-2019-0194.json
View File

@ -1,17 +1,84 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0194",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0194",
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache",
"product": {
"product_data": [
{
"product_name": "Apache Camel",
"version": {
"version_data": [
{
"version_value": "Camel 2.21.0 to 2.21.3"
},
{
"version_value": "Camel 2.22.0 to 2.22.2 and Camel 2.23.0 The unsupported Camel 2.x (2.19 and earlier) versions may be also affected."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Directory Traversal"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[camel-commits] 20190430 [camel] branch master updated: Added CVE-2019-0194 details",
"url": "https://lists.apache.org/thread.html/45e23ade8d3cb754615f95975e89e8dc73c59eeac914f07d53acbac6@%3Ccommits.camel.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[camel-users] 20190430 [SECURITY] New security advisory CVE-2019-0194 released for Apache Camel",
"url": "https://lists.apache.org/thread.html/0a163d02169d3d361150e8183df4af33f1a3d8a419b2937ac8e6c66f@%3Cusers.camel.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[camel-commits] 20190430 svn commit: r1044347 - in /websites/production/camel/content: cache/main.pageCache security-advisories.data/CVE-2019-0194.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d@%3Ccommits.camel.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190430 [SECURITY] New security advisory CVE-2019-0194 released for Apache Camel",
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/2"
},
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/a39441db574ee996f829344491b3211b53c9ed926f00ae5d88943b76@%3Cdev.camel.apache.org%3E",
"url": "https://lists.apache.org/thread.html/a39441db574ee996f829344491b3211b53c9ed926f00ae5d88943b76@%3Cdev.camel.apache.org%3E"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Apache Camel's File is vulnerable to directory traversal. Camel 2.21.0 to 2.21.3, 2.22.0 to 2.22.2, 2.23.0 and the unsupported Camel 2.x (2.19 and earlier) versions may be also affected."
}
]
}

83
2019/0xxx/CVE-2019-0213.json
View File

@ -1,17 +1,86 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0213",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0213",
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache",
"product": {
"product_data": [
{
"product_name": "Apache Archiva",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 2.2.4"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stored XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BUGTRAQ",
"name": "20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"url": "https://seclists.org/bugtraq/2019/Apr/47"
},
{
"refsource": "MLIST",
"name": "[maven-users] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"url": "https://lists.apache.org/thread.html/c358754a35473a61477f9d487870581a0dd7054ff95974628fa09f97@%3Cusers.maven.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[archiva-users] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"url": "https://lists.apache.org/thread.html/0397ddbd17b5257cc1746b31a07294a87221c5ca24e5d19d390e28f3@%3Cusers.archiva.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190430 [SECURITY] CVE-2019-0213: Apache Archiva Stored XSS",
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/7"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/152681/Apache-Archiva-2.2.3-Cross-Site-Scripting.html",
"url": "http://packetstormsecurity.com/files/152681/Apache-Archiva-2.2.3-Cross-Site-Scripting.html"
},
{
"refsource": "MISC",
"name": "http://archiva.apache.org/security.html#CVE-2019-0213",
"url": "http://archiva.apache.org/security.html#CVE-2019-0213"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Apache Archiva before 2.2.4, it is possible to write files to the archiva server at arbitrary locations by using the artifact upload mechanism. Existing files can be overwritten, if the archiva run user has appropriate permission on the filesystem for the target file."
}
]
}

83
2019/0xxx/CVE-2019-0214.json
View File

@ -1,17 +1,86 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-0214",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-0214",
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache",
"product": {
"product_data": [
{
"product_name": "Apache Archiva",
"version": {
"version_data": [
{
"version_value": "All versions prior to version 2.2.4"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary write/delete of files on the archiva server"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[maven-users] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"url": "https://lists.apache.org/thread.html/239349b6dd8f66cf87a70c287b03af451dea158b776d3dfc550b4f0e@%3Cusers.maven.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[archiva-users] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"url": "https://lists.apache.org/thread.html/5851cb0214f22ba681fb445870eeb6b01afd1fb614e45a22978d7dda@%3Cusers.archiva.apache.org%3E"
},
{
"refsource": "BUGTRAQ",
"name": "20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"url": "https://seclists.org/bugtraq/2019/Apr/48"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190430 [SECURITY] CVE-2019-0214: Apache Archiva arbitrary file write and delete on the server",
"url": "http://www.openwall.com/lists/oss-security/2019/04/30/8"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/152684/Apache-Archiva-2.2.3-File-Write-Delete.html",
"url": "http://packetstormsecurity.com/files/152684/Apache-Archiva-2.2.3-File-Write-Delete.html"
},
{
"refsource": "CONFIRM",
"name": "http://archiva.apache.org/security.html#CVE-2019-0214",
"url": "http://archiva.apache.org/security.html#CVE-2019-0214"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Apache Archiva 2.0.0 - 2.2.3, it is possible to write files to the archiva server at arbitrary locations by using the artifact upload mechanism. Existing files can be overwritten, if the archiva run user has appropriate permission on the filesystem for the target file."
}
]
}