From b70f3581fd6621c1e5456a4a203139739aa4f46c Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 22 May 2019 00:00:46 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2018/15xxx/CVE-2018-15587.json | 5 +++ 2019/0xxx/CVE-2019-0161.json | 5 +++ 2019/10xxx/CVE-2019-10066.json | 56 +++++++++++++++++++++++++++---- 2019/10xxx/CVE-2019-10067.json | 56 +++++++++++++++++++++++++++---- 2019/11xxx/CVE-2019-11068.json | 5 +++ 2019/1xxx/CVE-2019-1559.json | 5 +++ 2019/9xxx/CVE-2019-9892.json | 61 ++++++++++++++++++++++++++++++---- 7 files changed, 175 insertions(+), 18 deletions(-) diff --git a/2018/15xxx/CVE-2018-15587.json b/2018/15xxx/CVE-2018-15587.json index 0dbb7aae5ae..06cf315d613 100644 --- a/2018/15xxx/CVE-2018-15587.json +++ b/2018/15xxx/CVE-2018-15587.json @@ -86,6 +86,11 @@ "refsource": "MISC", "name": "https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdf", "url": "https://github.com/RUB-NDS/Johnny-You-Are-Fired/blob/master/paper/johnny-fired.pdf" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1431", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00047.html" } ] } diff --git a/2019/0xxx/CVE-2019-0161.json b/2019/0xxx/CVE-2019-0161.json index d058a737645..978957a4f2a 100644 --- a/2019/0xxx/CVE-2019-0161.json +++ b/2019/0xxx/CVE-2019-0161.json @@ -53,6 +53,11 @@ "refsource": "SUSE", "name": "openSUSE-SU-2019:1352", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00019.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1425", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00046.html" } ] }, diff --git a/2019/10xxx/CVE-2019-10066.json b/2019/10xxx/CVE-2019-10066.json index 02d6dc523a2..fdb4f67281e 100644 --- a/2019/10xxx/CVE-2019-10066.json +++ b/2019/10xxx/CVE-2019-10066.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-10066", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-10066", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6, Community Edition 6.0.x through 6.0.17, and OTRSAppointmentCalendar 5.0.x through 5.0.12. An attacker who is logged into OTRS as an agent with appropriate permissions may create a carefully crafted calendar appointment in order to cause execution of JavaScript in the context of OTRS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://community.otrs.com/security-advisory-2019-06-security-update-for-otrs-framework/", + "url": "https://community.otrs.com/security-advisory-2019-06-security-update-for-otrs-framework/" } ] } diff --git a/2019/10xxx/CVE-2019-10067.json b/2019/10xxx/CVE-2019-10067.json index 6d042eab2a2..76dfe0d9bd4 100644 --- a/2019/10xxx/CVE-2019-10067.json +++ b/2019/10xxx/CVE-2019-10067.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-10067", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-10067", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Open Ticket Request System (OTRS) 7.x through 7.0.6 and Community Edition 5.0.x through 5.0.35 and 6.0.x through 6.0.17. An attacker who is logged into OTRS as an agent user with appropriate permissions may manipulate the URL to cause execution of JavaScript in the context of OTRS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://community.otrs.com/security-advisory-2019-05-security-update-for-otrs-framework/", + "url": "https://community.otrs.com/security-advisory-2019-05-security-update-for-otrs-framework/" } ] } diff --git a/2019/11xxx/CVE-2019-11068.json b/2019/11xxx/CVE-2019-11068.json index f448aa2039a..32b07778a94 100644 --- a/2019/11xxx/CVE-2019-11068.json +++ b/2019/11xxx/CVE-2019-11068.json @@ -81,6 +81,11 @@ "refsource": "MLIST", "name": "[oss-security] 20190423 Re: Nokogiri security update v1.10.3", "url": "http://www.openwall.com/lists/oss-security/2019/04/23/5" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1433", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00048.html" } ] } diff --git a/2019/1xxx/CVE-2019-1559.json b/2019/1xxx/CVE-2019-1559.json index 6e906cd0ca5..34665a47e99 100644 --- a/2019/1xxx/CVE-2019-1559.json +++ b/2019/1xxx/CVE-2019-1559.json @@ -161,6 +161,11 @@ "refsource": "CONFIRM", "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10282", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10282" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2019:1432", + "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00049.html" } ] } diff --git a/2019/9xxx/CVE-2019-9892.json b/2019/9xxx/CVE-2019-9892.json index 220fe90a258..3e05df0b888 100644 --- a/2019/9xxx/CVE-2019-9892.json +++ b/2019/9xxx/CVE-2019-9892.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-9892", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-9892", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Open Ticket Request System (OTRS) 5.x through 5.0.34, 6.x through 6.0.17, and 7.x through 7.0.6. An attacker who is logged into OTRS as an agent user with appropriate permissions may try to import carefully crafted Report Statistics XML that will result in reading of arbitrary files on the OTRS filesystem." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://lists.debian.org/debian-lts-announce/2019/05/msg00003.html", + "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00003.html" + }, + { + "refsource": "CONFIRM", + "name": "https://community.otrs.com/security-advisory-2019-04-security-update-for-otrs-framework/", + "url": "https://community.otrs.com/security-advisory-2019-04-security-update-for-otrs-framework/" } ] }