admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-07-23 18:00:51 +00:00
parent aff5371749
commit a895bc8c47
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
28 changed files with 280 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2018/11xxx/CVE-2018-11499.json
View File

@ -56,6 +56,11 @@
"name": "https://github.com/sass/libsass/issues/2643",
"refsource": "MISC",
"url": "https://github.com/sass/libsass/issues/2643"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1791",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00047.html"
}
]
}

5
2018/17xxx/CVE-2018-17024.json
View File

@ -56,6 +56,11 @@
"name": "https://github.com/monstra-cms/monstra/issues/458",
"refsource": "MISC",
"url": "https://github.com/monstra-cms/monstra/issues/458"
},
{
"refsource": "MISC",
"name": "https://github.com/monstra-cms/monstra/issues/452",
"url": "https://github.com/monstra-cms/monstra/issues/452"
}
]
}

5
2018/18xxx/CVE-2018-18541.json
View File

@ -71,6 +71,11 @@
"name": "DSA-4329",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4329"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1793",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00046.html"
}
]
}

5
2018/19xxx/CVE-2018-19797.json
View File

@ -56,6 +56,11 @@
"name": "https://github.com/sass/libsass/issues/2779",
"refsource": "MISC",
"url": "https://github.com/sass/libsass/issues/2779"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1791",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00047.html"
}
]
}

5
2018/19xxx/CVE-2018-19827.json
View File

@ -56,6 +56,11 @@
"name": "https://github.com/sass/libsass/issues/2782",
"refsource": "MISC",
"url": "https://github.com/sass/libsass/issues/2782"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1791",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00047.html"
}
]
}

5
2018/19xxx/CVE-2018-19837.json
View File

@ -61,6 +61,11 @@
"name": "https://github.com/sass/libsass/commit/210fdff7a65370c2ae24e022a2b35da8c423cc5f",
"refsource": "MISC",
"url": "https://github.com/sass/libsass/commit/210fdff7a65370c2ae24e022a2b35da8c423cc5f"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1791",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00047.html"
}
]
}

5
2018/19xxx/CVE-2018-19838.json
View File

@ -56,6 +56,11 @@
"name": "https://github.com/sass/libsass/issues/2660",
"refsource": "MISC",
"url": "https://github.com/sass/libsass/issues/2660"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1791",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00047.html"
}
]
}

5
2018/19xxx/CVE-2018-19839.json
View File

@ -61,6 +61,11 @@
"name": "https://github.com/sass/libsass/issues/2657",
"refsource": "MISC",
"url": "https://github.com/sass/libsass/issues/2657"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1791",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00047.html"
}
]
}

5
2018/20xxx/CVE-2018-20190.json
View File

@ -61,6 +61,11 @@
"name": "https://github.com/sass/libsass/issues/2786",
"refsource": "MISC",
"url": "https://github.com/sass/libsass/issues/2786"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1791",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00047.html"
}
]
}

5
2018/20xxx/CVE-2018-20743.json
View File

@ -81,6 +81,11 @@
"name": "https://github.com/mumble-voip/mumble/pull/3512",
"refsource": "MISC",
"url": "https://github.com/mumble-voip/mumble/pull/3512"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1794",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00045.html"
}
]
}

5
2018/20xxx/CVE-2018-20821.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/sass/libsass/issues/2658",
"refsource": "MISC",
"name": "https://github.com/sass/libsass/issues/2658"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1791",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00047.html"
}
]
}

5
2018/20xxx/CVE-2018-20822.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/sass/libsass/issues/2671",
"refsource": "MISC",
"name": "https://github.com/sass/libsass/issues/2671"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1791",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00047.html"
}
]
}

56
2019/1010xxx/CVE-2019-1010199.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010199",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ServiceStack Framework",
"version": {
"version_data": [
{
"version_value": "4.5.14 [fixed: 5.2.0]"
}
]
}
}
]
},
"vendor_name": "ServiceStack"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ServiceStack ServiceStack Framework 4.5.14 is affected by: Cross Site Scripting (XSS). The impact is: JavaScrpit is reflected in the server response, hence executed by the browser. The component is: the query used in the GET request is prone. The attack vector is: Since there is no server-side validation and If Browser encoding is bypassed, the victim is affected when opening a crafted URL. The fixed version is: 5.2.0."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross Site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/ServiceStack/ServiceStack/commit/a0e0d7de20f5d1712f1793f925496def4383c610",
"refsource": "MISC",
"name": "https://github.com/ServiceStack/ServiceStack/commit/a0e0d7de20f5d1712f1793f925496def4383c610"
}
]
}

61
2019/1010xxx/CVE-2019-1010200.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010200",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Voice Builder",
"version": {
"version_data": [
{
"version_value": "Prior to commit c145d4604df67e6fc625992412eef0bf9a85e26b and f6660e6d8f0d1d931359d591dbdec580fef36d36 [fixed: After commit f6660e6d8f0d1d931359d591dbdec580fef36d36]"
}
]
}
}
]
},
"vendor_name": "Voice Builder"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Voice Builder Prior to commit c145d4604df67e6fc625992412eef0bf9a85e26b and f6660e6d8f0d1d931359d591dbdec580fef36d36 is affected by: CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'). The impact is: Remote code execution with the same privileges as the servers. The component is: Two web servers in the projects expose three vulnerable endpoints that can be accessed remotely. The endpoints are defined at: - /tts: https://github.com/google/voice-builder/blob/3a449a3e8d5100ff323161c89b897f6d5ccdb6f9/merlin_model_server/api.js#L34 - /alignment: https://github.com/google/voice-builder/blob/3a449a3e8d5100ff323161c89b897f6d5ccdb6f9/festival_model_server/api.js#L28 - /tts: https://github.com/google/voice-builder/blob/3a449a3e8d5100ff323161c89b897f6d5ccdb6f9/festival_model_server/api.js#L65. The attack vector is: Attacker sends a GET request to the vulnerable endpoint with a specially formatted query parameter. The fixed version is: After commit f6660e6d8f0d1d931359d591dbdec580fef36d36."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/google/voice-builder/commit/c145d4604df67e6fc625992412eef0bf9a85e26b",
"refsource": "MISC",
"name": "https://github.com/google/voice-builder/commit/c145d4604df67e6fc625992412eef0bf9a85e26b"
},
{
"url": "https://github.com/google/voice-builder/commit/f6660e6d8f0d1d931359d591dbdec580fef36d36",
"refsource": "MISC",
"name": "https://github.com/google/voice-builder/commit/f6660e6d8f0d1d931359d591dbdec580fef36d36"
}
]
}

56
2019/1010xxx/CVE-2019-1010201.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010201",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jeesite",
"version": {
"version_data": [
{
"version_value": "1.2.7 [fixed: 4.0 and later]"
}
]
}
}
]
},
"vendor_name": "Jeesite"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Jeesite 1.2.7 is affected by: SQL Injection. The impact is: sensitive information disclosure. The component is: updateProcInsIdByBusinessId() function in src/main/java/com.thinkgem.jeesite/modules/act/ActDao.java has SQL Injection vulnerability. The attack vector is: network connectivity,authenticated. The fixed version is: 4.0 and later."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/thinkgem/jeesite/blob/master/src/main/java/com/thinkgem/jeesite/modules/act/dao/ActDao.java",
"refsource": "MISC",
"name": "https://github.com/thinkgem/jeesite/blob/master/src/main/java/com/thinkgem/jeesite/modules/act/dao/ActDao.java"
}
]
}

5
2019/10xxx/CVE-2019-10877.json
View File

@ -61,6 +61,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-d29e04fa11",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KCS2CFDYJFBLZ4QKVPNJWHOZEGQ2LBC/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1793",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00046.html"
}
]
}

5
2019/10xxx/CVE-2019-10878.json
View File

@ -61,6 +61,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-d29e04fa11",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KCS2CFDYJFBLZ4QKVPNJWHOZEGQ2LBC/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1793",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00046.html"
}
]
}

5
2019/10xxx/CVE-2019-10879.json
View File

@ -61,6 +61,11 @@
"refsource": "FEDORA",
"name": "FEDORA-2019-d29e04fa11",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KCS2CFDYJFBLZ4QKVPNJWHOZEGQ2LBC/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1793",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00046.html"
}
]
}

5
2019/11xxx/CVE-2019-11597.json
View File

@ -76,6 +76,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1683",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00001.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1795",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00043.html"
}
]
}

5
2019/12xxx/CVE-2019-12735.json
View File

@ -151,6 +151,11 @@
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1759",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00034.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1796",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00050.html"
}
]
}

5
2019/12xxx/CVE-2019-12814.json
View File

@ -136,6 +136,11 @@
"refsource": "MLIST",
"name": "[zookeeper-issues] 20190713 [jira] [Updated] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814",
"url": "https://lists.apache.org/thread.html/b0a2b2cca072650dbd5882719976c3d353972c44f6736ddf0ba95209@%3Cissues.zookeeper.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[accumulo-commits] 20190723 [accumulo] branch 2.0 updated: Fix CVE-2019-12814 Use jackson-databind 2.9.9.1",
"url": "https://lists.apache.org/thread.html/bf20574dbc2db255f1fd489942b5720f675e32a2c4f44eb6a36060cd@%3Ccommits.accumulo.apache.org%3E"
}
]
}

5
2019/12xxx/CVE-2019-12815.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC",
"name": "https://github.com/proftpd/proftpd/pull/816",
"url": "https://github.com/proftpd/proftpd/pull/816"
},
{
"refsource": "BID",
"name": "109339",
"url": "http://www.securityfocus.com/bid/109339"
}
]
}

5
2019/12xxx/CVE-2019-12904.json
View File

@ -66,6 +66,11 @@
"url": "https://github.com/gpg/libgcrypt/commit/a4c561aab1014c3630bc88faf6f5246fee16b020",
"refsource": "MISC",
"name": "https://github.com/gpg/libgcrypt/commit/a4c561aab1014c3630bc88faf6f5246fee16b020"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1792",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00049.html"
}
]
}

5
2019/6xxx/CVE-2019-6283.json
View File

@ -56,6 +56,11 @@
"name": "https://github.com/sass/libsass/issues/2814",
"refsource": "MISC",
"url": "https://github.com/sass/libsass/issues/2814"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1791",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00047.html"
}
]
}

5
2019/6xxx/CVE-2019-6284.json
View File

@ -56,6 +56,11 @@
"name": "https://github.com/sass/libsass/issues/2816",
"refsource": "MISC",
"url": "https://github.com/sass/libsass/issues/2816"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1791",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00047.html"
}
]
}

5
2019/6xxx/CVE-2019-6286.json
View File

@ -56,6 +56,11 @@
"name": "https://github.com/sass/libsass/issues/2815",
"refsource": "MISC",
"url": "https://github.com/sass/libsass/issues/2815"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1791",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00047.html"
}
]
}

5
2019/7xxx/CVE-2019-7314.json
View File

@ -76,6 +76,11 @@
"refsource": "DEBIAN",
"name": "DSA-4408",
"url": "https://www.debian.org/security/2019/dsa-4408"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1797",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00044.html"
}
]
}

5
2019/9xxx/CVE-2019-9215.json
View File

@ -71,6 +71,11 @@
"refsource": "MLIST",
"name": "[debian-lts-announce] 20190318 [SECURITY] [DLA 1720-1] liblivemedia security update",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00022.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1797",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00044.html"
}
]
}