diff --git a/2016/5xxx/CVE-2016-5388.json b/2016/5xxx/CVE-2016-5388.json index 8bf91176a27..dc1fdd01437 100644 --- a/2016/5xxx/CVE-2016-5388.json +++ b/2016/5xxx/CVE-2016-5388.json @@ -141,6 +141,11 @@ "name": "RHSA-2016:1636", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1636" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190813 [SECURITY] [DLA 1883-1] tomcat8 security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00015.html" } ] } diff --git a/2018/8xxx/CVE-2018-8014.json b/2018/8xxx/CVE-2018-8014.json index 21144e1011e..afce3adcb00 100644 --- a/2018/8xxx/CVE-2018-8014.json +++ b/2018/8xxx/CVE-2018-8014.json @@ -210,6 +210,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2205", "url": "https://access.redhat.com/errata/RHSA-2019:2205" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190813 [SECURITY] [DLA 1883-1] tomcat8 security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00015.html" } ] } diff --git a/2019/0xxx/CVE-2019-0221.json b/2019/0xxx/CVE-2019-0221.json index 7955300db51..7d996cc0898 100644 --- a/2019/0xxx/CVE-2019-0221.json +++ b/2019/0xxx/CVE-2019-0221.json @@ -99,6 +99,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1808", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00054.html" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190813 [SECURITY] [DLA 1883-1] tomcat8 security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00015.html" } ] }, diff --git a/2019/11xxx/CVE-2019-11041.json b/2019/11xxx/CVE-2019-11041.json index 2a56dceb3cb..1adf9f79f4b 100644 --- a/2019/11xxx/CVE-2019-11041.json +++ b/2019/11xxx/CVE-2019-11041.json @@ -80,6 +80,16 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190812 [SECURITY] [DLA 1878-1] php5 security update", "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4097-2", + "url": "https://usn.ubuntu.com/4097-2/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4097-1", + "url": "https://usn.ubuntu.com/4097-1/" } ] }, diff --git a/2019/11xxx/CVE-2019-11042.json b/2019/11xxx/CVE-2019-11042.json index 09babc533a5..de728de21a5 100644 --- a/2019/11xxx/CVE-2019-11042.json +++ b/2019/11xxx/CVE-2019-11042.json @@ -80,6 +80,16 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190812 [SECURITY] [DLA 1878-1] php5 security update", "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-4097-2", + "url": "https://usn.ubuntu.com/4097-2/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4097-1", + "url": "https://usn.ubuntu.com/4097-1/" } ] }, diff --git a/2019/11xxx/CVE-2019-11207.json b/2019/11xxx/CVE-2019-11207.json index 80032d6c1e1..0d43d5a4513 100644 --- a/2019/11xxx/CVE-2019-11207.json +++ b/2019/11xxx/CVE-2019-11207.json @@ -47,7 +47,7 @@ "description_data": [ { "lang": "eng", - "value": "The web server component of TIBCO Software Inc.'s TIBCO LogLogic Enterprise Virtual Appliance, and TIBCO LogLogic Log Management Intelligence contains multiple vulnerabilities that theoretically allow persistent and reflected cross-site scripting (XSS) attacks, as well as cross-site request forgery (CSRF) attacks.\n\nThis issue affects:\nTIBCO Software Inc. TIBCO LogLogic Enterprise Virtual Appliance version 6.2.1 and prior versions.\nTIBCO Software Inc. TIBCO LogLogic Log Management Intelligence 6.2.1.\nTIBCO LogLogic LX825 Appliance 0.0.004, TIBCO LogLogic LX1025 Appliance 0.0.004, TIBCO LogLogic LX4025 Appliance 0.0.004, TIBCO LogLogic MX3025 Appliance 0.0.004, TIBCO LogLogic MX4025 Appliance 0.0.004, TIBCO LogLogic ST1025 Appliance 0.0.004, TIBCO LogLogic ST2025-SAN Appliance 0.0.004, and TIBCO LogLogic ST4025 Appliance 0.0.004 using TIBCO LogLogic Log Management Intelligence versions 6.2.1 and below.\nTIBCO LogLogic LX1035 Appliance 0.0.005, TIBCO LogLogic LX1025R1 Appliance 0.0.004, TIBCO LogLogic LX1025R2 Appliance 0.0.004, TIBCO LogLogic LX4025R1 Appliance 0.0.004, TIBCO LogLogic LX4025R2 Appliance 0.0.004, TIBCO LogLogic LX4035 Appliance 0.0.005, TIBCO LogLogic ST2025-SANR1 Appliance 0.0.004, TIBCO LogLogic ST2025-SANR2 Appliance 0.0.004, TIBCO LogLogic ST2035-SAN Appliance 0.0.005, TIBCO LogLogic ST4025R1 Appliance 0.0.004, TIBCO LogLogic ST4025R2 Appliance 0.0.004, and TIBCO LogLogic ST4035 Appliance 0.0.005 using TIBCO LogLogic Log Management Intelligence versions 6.2.1 and below." + "value": "The web server component of TIBCO Software Inc.'s TIBCO LogLogic Enterprise Virtual Appliance, and TIBCO LogLogic Log Management Intelligence contains multiple vulnerabilities that theoretically allow persistent and reflected cross-site scripting (XSS) attacks, as well as cross-site request forgery (CSRF) attacks. This issue affects: TIBCO Software Inc. TIBCO LogLogic Enterprise Virtual Appliance version 6.2.1 and prior versions. TIBCO Software Inc. TIBCO LogLogic Log Management Intelligence 6.2.1. TIBCO LogLogic LX825 Appliance 0.0.004, TIBCO LogLogic LX1025 Appliance 0.0.004, TIBCO LogLogic LX4025 Appliance 0.0.004, TIBCO LogLogic MX3025 Appliance 0.0.004, TIBCO LogLogic MX4025 Appliance 0.0.004, TIBCO LogLogic ST1025 Appliance 0.0.004, TIBCO LogLogic ST2025-SAN Appliance 0.0.004, and TIBCO LogLogic ST4025 Appliance 0.0.004 using TIBCO LogLogic Log Management Intelligence versions 6.2.1 and below. TIBCO LogLogic LX1035 Appliance 0.0.005, TIBCO LogLogic LX1025R1 Appliance 0.0.004, TIBCO LogLogic LX1025R2 Appliance 0.0.004, TIBCO LogLogic LX4025R1 Appliance 0.0.004, TIBCO LogLogic LX4025R2 Appliance 0.0.004, TIBCO LogLogic LX4035 Appliance 0.0.005, TIBCO LogLogic ST2025-SANR1 Appliance 0.0.004, TIBCO LogLogic ST2025-SANR2 Appliance 0.0.004, TIBCO LogLogic ST2035-SAN Appliance 0.0.005, TIBCO LogLogic ST4025R1 Appliance 0.0.004, TIBCO LogLogic ST4025R2 Appliance 0.0.004, and TIBCO LogLogic ST4035 Appliance 0.0.005 using TIBCO LogLogic Log Management Intelligence versions 6.2.1 and below." } ] }, @@ -85,12 +85,14 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "http://www.tibco.com/services/support/advisories" + "refsource": "MISC", + "url": "http://www.tibco.com/services/support/advisories", + "name": "http://www.tibco.com/services/support/advisories" }, { - "refsource": "CONFIRM", - "url": "https://www.tibco.com/support/advisories/2019/08/tibco-security-advisory-august-13-2019-tibco-loglogic-log-management-intelligence" + "refsource": "MISC", + "url": "https://www.tibco.com/support/advisories/2019/08/tibco-security-advisory-august-13-2019-tibco-loglogic-log-management-intelligence", + "name": "https://www.tibco.com/support/advisories/2019/08/tibco-security-advisory-august-13-2019-tibco-loglogic-log-management-intelligence" } ] }, @@ -103,4 +105,4 @@ "source": { "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9512.json b/2019/9xxx/CVE-2019-9512.json index 21a93c2d68f..6c4b11f9fcf 100644 --- a/2019/9xxx/CVE-2019-9512.json +++ b/2019/9xxx/CVE-2019-9512.json @@ -88,10 +88,25 @@ "name": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md", "refsource": "MISC", "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md" + }, + { + "refsource": "MLIST", + "name": "[trafficserver-dev] 20190813 Apache Traffic Server is vulnerable to various HTTP/2 attacks", + "url": "https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[trafficserver-users] 20190813 Apache Traffic Server is vulnerable to various HTTP/2 attacks", + "url": "https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3Cusers.trafficserver.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[trafficserver-announce] 20190813 Apache Traffic Server is vulnerable to various HTTP/2 attacks", + "url": "https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E" } ] }, "source": { "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9514.json b/2019/9xxx/CVE-2019-9514.json index 63aab157f7e..a1c521f146d 100644 --- a/2019/9xxx/CVE-2019-9514.json +++ b/2019/9xxx/CVE-2019-9514.json @@ -88,10 +88,25 @@ "name": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md", "refsource": "MISC", "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md" + }, + { + "refsource": "MLIST", + "name": "[trafficserver-dev] 20190813 Apache Traffic Server is vulnerable to various HTTP/2 attacks", + "url": "https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[trafficserver-users] 20190813 Apache Traffic Server is vulnerable to various HTTP/2 attacks", + "url": "https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3Cusers.trafficserver.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[trafficserver-announce] 20190813 Apache Traffic Server is vulnerable to various HTTP/2 attacks", + "url": "https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E" } ] }, "source": { "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9515.json b/2019/9xxx/CVE-2019-9515.json index 365ed283f51..21877ee0bc4 100644 --- a/2019/9xxx/CVE-2019-9515.json +++ b/2019/9xxx/CVE-2019-9515.json @@ -88,10 +88,25 @@ "name": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md", "refsource": "MISC", "url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md" + }, + { + "refsource": "MLIST", + "name": "[trafficserver-dev] 20190813 Apache Traffic Server is vulnerable to various HTTP/2 attacks", + "url": "https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[trafficserver-users] 20190813 Apache Traffic Server is vulnerable to various HTTP/2 attacks", + "url": "https://lists.apache.org/thread.html/392108390cef48af647a2e47b7fd5380e050e35ae8d1aa2030254c04@%3Cusers.trafficserver.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[trafficserver-announce] 20190813 Apache Traffic Server is vulnerable to various HTTP/2 attacks", + "url": "https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E" } ] }, "source": { "discovery": "UNKNOWN" } -} +} \ No newline at end of file