From b7bceb38b41d5f0d8cc2ba1427eebfa1662ab6d3 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 14 Jan 2019 17:07:24 -0500 Subject: [PATCH] - Synchronized data. --- 2018/16xxx/CVE-2018-16888.json | 50 ++++++++++++++++++++++++++++++++-- 2019/6xxx/CVE-2019-6283.json | 48 ++++++++++++++++++++++++++++++-- 2019/6xxx/CVE-2019-6284.json | 48 ++++++++++++++++++++++++++++++-- 2019/6xxx/CVE-2019-6285.json | 48 ++++++++++++++++++++++++++++++-- 2019/6xxx/CVE-2019-6286.json | 48 ++++++++++++++++++++++++++++++-- 2019/6xxx/CVE-2019-6287.json | 18 ++++++++++++ 6 files changed, 249 insertions(+), 11 deletions(-) create mode 100644 2019/6xxx/CVE-2019-6287.json diff --git a/2018/16xxx/CVE-2018-16888.json b/2018/16xxx/CVE-2018-16888.json index abee834d896..f2a85d680b3 100644 --- a/2018/16xxx/CVE-2018-16888.json +++ b/2018/16xxx/CVE-2018-16888.json @@ -1,8 +1,31 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "secalert@redhat.com", "ID" : "CVE-2018-16888", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user (e.g. User field set in the service file), a local attacker who is able to write to the PIDFile of the mentioned service may use this flaw to trick systemd into killing other services and/or privileged processes. Versions before v237 are vulnerable." } ] }, @@ -24,5 +47,26 @@ } ] ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16888", + "refsource" : "CONFIRM", + "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16888" + } + ] } } diff --git a/2019/6xxx/CVE-2019-6283.json b/2019/6xxx/CVE-2019-6283.json index 7e8ae26482b..6edcf80bbe0 100644 --- a/2019/6xxx/CVE-2019-6283.json +++ b/2019/6xxx/CVE-2019-6283.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2019-6283", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::parenthese_scope in prelexer.hpp." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/sass/libsass/issues/2814", + "refsource" : "MISC", + "url" : "https://github.com/sass/libsass/issues/2814" } ] } diff --git a/2019/6xxx/CVE-2019-6284.json b/2019/6xxx/CVE-2019-6284.json index f96b41039e2..39a853b8523 100644 --- a/2019/6xxx/CVE-2019-6284.json +++ b/2019/6xxx/CVE-2019-6284.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2019-6284", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::alternatives in prelexer.hpp." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/sass/libsass/issues/2816", + "refsource" : "MISC", + "url" : "https://github.com/sass/libsass/issues/2816" } ] } diff --git a/2019/6xxx/CVE-2019-6285.json b/2019/6xxx/CVE-2019-6285.json index 6308d021675..797bfadb92c 100644 --- a/2019/6xxx/CVE-2019-6285.json +++ b/2019/6xxx/CVE-2019-6285.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2019-6285", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/jbeder/yaml-cpp/issues/660", + "refsource" : "MISC", + "url" : "https://github.com/jbeder/yaml-cpp/issues/660" } ] } diff --git a/2019/6xxx/CVE-2019-6286.json b/2019/6xxx/CVE-2019-6286.json index b01b9096b59..cdba77bd6a3 100644 --- a/2019/6xxx/CVE-2019-6286.json +++ b/2019/6xxx/CVE-2019-6286.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2019-6286", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelexer::skip_over_scopes in prelexer.hpp when called from Sass::Parser::parse_import(), a similar issue to CVE-2018-11693." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/sass/libsass/issues/2815", + "refsource" : "MISC", + "url" : "https://github.com/sass/libsass/issues/2815" } ] } diff --git a/2019/6xxx/CVE-2019-6287.json b/2019/6xxx/CVE-2019-6287.json new file mode 100644 index 00000000000..808594fd86c --- /dev/null +++ b/2019/6xxx/CVE-2019-6287.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-6287", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +}