admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-02-13 00:01:47 +00:00
parent 19e43f9eb9
commit ba0bfd46ce
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
100 changed files with 3520 additions and 11887 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

191
2012/4xxx/CVE-2012-4573.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4573",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,92 +27,116 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "51174",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51174"
},
{
"name": "51234",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51234"
},
{
"name": "USN-1626-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1626-1"
},
{
"name": "RHSA-2012:1558",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1558.html"
},
{
"name": "56437",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56437"
},
{
"name": "https://github.com/openstack/glance/commit/90bcdc5a89e350a358cf320a03f5afe99795f6f6",
"refsource": "CONFIRM",
"url": "https://github.com/openstack/glance/commit/90bcdc5a89e350a358cf320a03f5afe99795f6f6"
},
{
"name": "FEDORA-2012-17901",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092192.html"
},
{
"name": "[oss-security] 20121107 [OSSA 2012-017] Authentication bypass for image deletion (CVE-2012-4573)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/11/07/6"
},
{
"name": "[oss-security] 20121109 [OSSA 2012-017.1] Authentication bypass for image deletion (CVE-2012-4573, CVE-2012-5482) ERRATA 1",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/11/09/5"
},
{
"name": "http://packetstormsecurity.com/files/118733/Red-Hat-Security-Advisory-2012-1558-01.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092192.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/118733/Red-Hat-Security-Advisory-2012-1558-01.html"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092192.html"
},
{
"name": "87248",
"refsource": "OSVDB",
"url": "http://osvdb.org/87248"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00002.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00002.html"
},
{
"name": "https://github.com/openstack/glance/commit/6ab0992e5472ae3f9bef0d2ced41030655d9d2bc",
"refsource": "CONFIRM",
"url": "https://github.com/openstack/glance/commit/6ab0992e5472ae3f9bef0d2ced41030655d9d2bc"
"url": "http://osvdb.org/87248",
"refsource": "MISC",
"name": "http://osvdb.org/87248"
},
{
"name": "USN-1626-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1626-2"
"url": "http://packetstormsecurity.com/files/118733/Red-Hat-Security-Advisory-2012-1558-01.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/118733/Red-Hat-Security-Advisory-2012-1558-01.html"
},
{
"name": "https://bugs.launchpad.net/glance/+bug/1065187",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/glance/+bug/1065187"
"url": "http://rhn.redhat.com/errata/RHSA-2012-1558.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1558.html"
},
{
"name": "SUSE-SU-2012:1455",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00002.html"
"url": "http://secunia.com/advisories/51174",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51174"
},
{
"name": "https://github.com/openstack/glance/commit/efd7e75b1f419a52c7103c7840e24af8e5deb29d",
"refsource": "CONFIRM",
"url": "https://github.com/openstack/glance/commit/efd7e75b1f419a52c7103c7840e24af8e5deb29d"
"url": "http://secunia.com/advisories/51234",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51234"
},
{
"name": "openstack-glance-sec-bypass(79895)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79895"
"url": "http://www.openwall.com/lists/oss-security/2012/11/07/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/11/07/6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/11/09/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/11/09/5"
},
{
"url": "http://www.securityfocus.com/bid/56437",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/56437"
},
{
"url": "http://www.ubuntu.com/usn/USN-1626-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1626-1"
},
{
"url": "http://www.ubuntu.com/usn/USN-1626-2",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1626-2"
},
{
"url": "https://bugs.launchpad.net/glance/+bug/1065187",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/glance/+bug/1065187"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79895",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79895"
},
{
"url": "https://github.com/openstack/glance/commit/6ab0992e5472ae3f9bef0d2ced41030655d9d2bc",
"refsource": "MISC",
"name": "https://github.com/openstack/glance/commit/6ab0992e5472ae3f9bef0d2ced41030655d9d2bc"
},
{
"url": "https://github.com/openstack/glance/commit/90bcdc5a89e350a358cf320a03f5afe99795f6f6",
"refsource": "MISC",
"name": "https://github.com/openstack/glance/commit/90bcdc5a89e350a358cf320a03f5afe99795f6f6"
},
{
"url": "https://github.com/openstack/glance/commit/efd7e75b1f419a52c7103c7840e24af8e5deb29d",
"refsource": "MISC",
"name": "https://github.com/openstack/glance/commit/efd7e75b1f419a52c7103c7840e24af8e5deb29d"
}
]
}

91
2012/5xxx/CVE-2012-5483.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5483",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "56888",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56888"
},
{
"name": "RHSA-2012:1556",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1556.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=873447",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/094286.html",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=873447"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/094286.html"
},
{
"name": "keystone-secret-key-info-disc(80612)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80612"
"url": "http://rhn.redhat.com/errata/RHSA-2012-1556.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1556.html"
},
{
"name": "FEDORA-2012-19341",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/094286.html"
"url": "http://www.securityfocus.com/bid/56888",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/56888"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80612",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80612"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=873447",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=873447"
}
]
}

85
2012/5xxx/CVE-2012-5489.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5489",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt",
"refsource": "CONFIRM",
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
},
{
"name": "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt",
"refsource": "MISC",
"name": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"
},
{
"name": "https://plone.org/products/plone/security/advisories/20121106/05",
"refsource": "CONFIRM",
"url": "https://plone.org/products/plone/security/advisories/20121106/05"
"url": "https://plone.org/products/plone-hotfix/releases/20121106",
"refsource": "MISC",
"name": "https://plone.org/products/plone-hotfix/releases/20121106"
},
{
"name": "https://bugs.launchpad.net/zope2/+bug/1079238",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/zope2/+bug/1079238"
"url": "https://bugs.launchpad.net/zope2/+bug/1079238",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/zope2/+bug/1079238"
},
{
"name": "https://plone.org/products/plone-hotfix/releases/20121106",
"refsource": "CONFIRM",
"url": "https://plone.org/products/plone-hotfix/releases/20121106"
"url": "https://plone.org/products/plone/security/advisories/20121106/05",
"refsource": "MISC",
"name": "https://plone.org/products/plone/security/advisories/20121106/05"
}
]
}

79
2012/5xxx/CVE-2012-5493.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5493",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt",
"refsource": "CONFIRM",
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
},
{
"name": "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt",
"refsource": "MISC",
"name": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"
},
{
"name": "https://plone.org/products/plone/security/advisories/20121106/09",
"refsource": "CONFIRM",
"url": "https://plone.org/products/plone/security/advisories/20121106/09"
"url": "https://plone.org/products/plone-hotfix/releases/20121106",
"refsource": "MISC",
"name": "https://plone.org/products/plone-hotfix/releases/20121106"
},
{
"name": "https://plone.org/products/plone-hotfix/releases/20121106",
"refsource": "CONFIRM",
"url": "https://plone.org/products/plone-hotfix/releases/20121106"
"url": "https://plone.org/products/plone/security/advisories/20121106/09",
"refsource": "MISC",
"name": "https://plone.org/products/plone/security/advisories/20121106/09"
}
]
}

53
2012/5xxx/CVE-2012-5499.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was discovered that Plone, included as a part of luci, did not properly handle the processing of very large values passed to an internal utility function. A remote attacker could use a specially crafted URL that, when processed, would lead to excessive memory consumption."
"value": "python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service (memory consumption) via a large value, related to formatColumns."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Uncontrolled Resource Consumption",
"cweId": "CWE-400"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:0.12.2-81.el5",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -64,11 +63,6 @@
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1194",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1194"
},
{
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt",
"refsource": "MISC",
@ -79,46 +73,11 @@
"refsource": "MISC",
"name": "https://plone.org/products/plone-hotfix/releases/20121106"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-5499",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-5499"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=874657",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=874657"
},
{
"url": "https://plone.org/products/plone/security/advisories/20121106/15",
"refsource": "MISC",
"name": "https://plone.org/products/plone/security/advisories/20121106/15"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}
}

79
2012/5xxx/CVE-2012-5503.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5503",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://plone.org/products/plone/security/advisories/20121106/19",
"refsource": "CONFIRM",
"url": "https://plone.org/products/plone/security/advisories/20121106/19"
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
},
{
"name": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt",
"refsource": "CONFIRM",
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt",
"refsource": "MISC",
"name": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"
},
{
"name": "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
"url": "https://plone.org/products/plone-hotfix/releases/20121106",
"refsource": "MISC",
"name": "https://plone.org/products/plone-hotfix/releases/20121106"
},
{
"name": "https://plone.org/products/plone-hotfix/releases/20121106",
"refsource": "CONFIRM",
"url": "https://plone.org/products/plone-hotfix/releases/20121106"
"url": "https://plone.org/products/plone/security/advisories/20121106/19",
"refsource": "MISC",
"name": "https://plone.org/products/plone/security/advisories/20121106/19"
}
]
}

60
2012/5xxx/CVE-2012-5509.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2012-5509 aeolus-configserver: aeolus-configserver-setup /tmp file conductor credentials leak"
"value": "aeolus-configserver-setup in the Aeolas Configuration Server, as used in Red Hat CloudForms Cloud Engine before 1.1.2, uses world-readable permissions for a temporary file in /tmp, which allows local users to read credentials by reading this file."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Exposure of Sensitive Information to an Unauthorized Actor",
"cweId": "CWE-200"
"value": "n/a"
}
]
}
@ -32,28 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "CloudForms for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:0.13.26-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.4.12-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.8.0-8.el6cf",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -71,46 +58,11 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0545.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0545",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0545"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-5509",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-5509"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=875294",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=875294"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
]
}
}

53
2012/5xxx/CVE-2012-5513.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2012-5513 kernel: xen: XENMEM_exchange may overwrite hypervisor memory"
"value": "The XENMEM_exchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service (crash) or possibly gain privileges via unspecified vectors that overwrite memory in the hypervisor reserved range."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-308.24.1.el5",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -94,11 +93,6 @@
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2582"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1540",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1540"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html",
"refsource": "MISC",
@ -169,46 +163,11 @@
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/56797"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-5513",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-5513"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=877391",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=877391"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80482",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80482"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
]
}
}

64
2012/5xxx/CVE-2012-5519.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2012-5519 cups: privilege escalation for users of the CUPS SystemGroup group"
"value": "CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Access Control",
"cweId": "CWE-284"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "1:1.3.7-30.el5_9.3",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "1:1.4.2-50.el6_4.4",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -125,51 +113,11 @@
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1654-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0580",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0580"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-5519",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-5519"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=875898",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=875898"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80012",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80012"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
]
}
}

103
2012/5xxx/CVE-2012-5523.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5523",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "FEDORA-2012-18299",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html"
},
{
"name": "56520",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56520"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html"
},
{
"name": "mantisbt-cloned-info-disc(80070)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80070"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html"
},
{
"name": "[oss-security] 20121114 Re: CVE request: mantis before 1.2.12",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2012/11/14/1"
"url": "http://openwall.com/lists/oss-security/2012/11/14/1",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2012/11/14/1"
},
{
"name": "FEDORA-2012-18294",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html"
"url": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=150",
"refsource": "MISC",
"name": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=150"
},
{
"name": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=150",
"refsource": "CONFIRM",
"url": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=150"
"url": "http://www.securityfocus.com/bid/56520",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/56520"
},
{
"name": "FEDORA-2012-18273",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html"
"url": "http://www.mantisbt.org/bugs/view.php?id=14704",
"refsource": "MISC",
"name": "http://www.mantisbt.org/bugs/view.php?id=14704"
},
{
"name": "http://www.mantisbt.org/bugs/view.php?id=14704",
"refsource": "CONFIRM",
"url": "http://www.mantisbt.org/bugs/view.php?id=14704"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80070",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80070"
}
]
}

97
2012/5xxx/CVE-2012-5529.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5529",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,42 +27,66 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "1027769",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027769"
"url": "http://tracker.firebirdsql.org/browse/CORE-3884",
"refsource": "MISC",
"name": "http://tracker.firebirdsql.org/browse/CORE-3884"
},
{
"name": "firebird-tracedsqlprepareprepare-dos(80073)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80073"
"url": "http://www.debian.org/security/2013/dsa-2648",
"refsource": "MISC",
"name": "http://www.debian.org/security/2013/dsa-2648"
},
{
"name": "56521",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56521"
"url": "http://www.openwall.com/lists/oss-security/2012/11/14/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/11/14/6"
},
{
"name": "[oss-security] 20121114 CVE Request -- firebird: DoS (NULL pointer dereference) while preparing an empty query with trace enabled",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/11/14/6"
"url": "http://www.openwall.com/lists/oss-security/2012/11/14/8",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/11/14/8"
},
{
"name": "http://tracker.firebirdsql.org/browse/CORE-3884",
"refsource": "CONFIRM",
"url": "http://tracker.firebirdsql.org/browse/CORE-3884"
"url": "http://www.securityfocus.com/bid/56521",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/56521"
},
{
"name": "DSA-2648",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2648"
"url": "http://www.securitytracker.com/id?1027769",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1027769"
},
{
"name": "[oss-security] 20121114 Re: CVE Request -- firebird: DoS (NULL pointer dereference) while preparing an empty query with trace enabled",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/11/14/8"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80073",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80073"
}
]
}

77
2012/5xxx/CVE-2012-5559.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5559",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://drupal.org/node/1840992",
"url": "http://drupal.org/node/1840992",
"refsource": "MISC",
"url": "http://drupal.org/node/1840992"
"name": "http://drupal.org/node/1840992"
},
{
"name": "http://drupal.org/node/1841030",
"refsource": "CONFIRM",
"url": "http://drupal.org/node/1841030"
"url": "http://drupal.org/node/1841030",
"refsource": "MISC",
"name": "http://drupal.org/node/1841030"
},
{
"name": "51259",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51259"
"url": "http://secunia.com/advisories/51259",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51259"
},
{
"name": "[oss-security] 20121120 Re: CVE Request for Drupal Contributed Modules",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/11/20/4"
"url": "http://www.openwall.com/lists/oss-security/2012/11/20/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/11/20/4"
}
]
}

123
2012/5xxx/CVE-2012-5563.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5563",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OpenStack Keystone, as used in OpenStack Folsom 2012.2, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by creating new tokens through token chaining. NOTE: this issue exists because of a CVE-2012-3426 regression."
"value": "OpenStack Keystone, as used in OpenStack Folsom 2012.2, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by creating new tokens through token chaining. NOTE: this issue exists because of a CVE-2012-3426 regression."
}
]
},
@ -50,62 +27,86 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2012:1557",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1557.html"
"url": "http://rhn.redhat.com/errata/RHSA-2012-1557.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1557.html"
},
{
"name": "[oss-security] 20121128 [OSSA 2012-018] EC2-style credentials invalidation issue (CVE-2012-5571)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/11/28/5"
"url": "http://secunia.com/advisories/51423",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51423"
},
{
"name": "https://github.com/openstack/keystone/commit/38c7e46a640a94da4da89a39a5a1ea9c081f1eb5",
"refsource": "CONFIRM",
"url": "https://github.com/openstack/keystone/commit/38c7e46a640a94da4da89a39a5a1ea9c081f1eb5"
"url": "http://secunia.com/advisories/51436",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51436"
},
{
"name": "56727",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56727"
"url": "http://www.openwall.com/lists/oss-security/2012/11/28/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/11/28/5"
},
{
"name": "USN-1641-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1641-1"
"url": "http://www.openwall.com/lists/oss-security/2012/11/28/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/11/28/6"
},
{
"name": "https://github.com/openstack/keystone/commit/f9d4766249a72d8f88d75dcf1575b28dd3496681",
"refsource": "CONFIRM",
"url": "https://github.com/openstack/keystone/commit/f9d4766249a72d8f88d75dcf1575b28dd3496681"
"url": "http://www.securityfocus.com/bid/56727",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/56727"
},
{
"name": "[oss-security] 20121128 [OSSA 2012-019] Extension of token validity through token chaining (CVE-2012-5563)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/11/28/6"
"url": "http://www.ubuntu.com/usn/USN-1641-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1641-1"
},
{
"name": "https://bugs.launchpad.net/keystone/+bug/1079216",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/keystone/+bug/1079216"
"url": "https://bugs.launchpad.net/keystone/+bug/1079216",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/keystone/+bug/1079216"
},
{
"name": "51423",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51423"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80370",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80370"
},
{
"name": "folsom-tokens-security-bypass(80370)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80370"
"url": "https://github.com/openstack/keystone/commit/38c7e46a640a94da4da89a39a5a1ea9c081f1eb5",
"refsource": "MISC",
"name": "https://github.com/openstack/keystone/commit/38c7e46a640a94da4da89a39a5a1ea9c081f1eb5"
},
{
"name": "51436",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51436"
"url": "https://github.com/openstack/keystone/commit/f9d4766249a72d8f88d75dcf1575b28dd3496681",
"refsource": "MISC",
"name": "https://github.com/openstack/keystone/commit/f9d4766249a72d8f88d75dcf1575b28dd3496681"
}
]
}

109
2012/5xxx/CVE-2012-5573.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5573",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,52 +27,76 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "GLSA-201301-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201301-03.xml"
"url": "http://openwall.com/lists/oss-security/2012/11/26/11",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2012/11/26/11"
},
{
"name": "https://trac.torproject.org/projects/tor/ticket/6252",
"refsource": "CONFIRM",
"url": "https://trac.torproject.org/projects/tor/ticket/6252"
"url": "http://secunia.com/advisories/51329",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51329"
},
{
"name": "https://bugs.gentoo.org/show_bug.cgi?id=444804",
"refsource": "CONFIRM",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=444804"
"url": "http://security.gentoo.org/glsa/glsa-201301-03.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201301-03.xml"
},
{
"name": "51329",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51329"
"url": "https://bugs.gentoo.org/show_bug.cgi?id=444804",
"refsource": "MISC",
"name": "https://bugs.gentoo.org/show_bug.cgi?id=444804"
},
{
"name": "https://gitweb.torproject.org/arma/tor.git/commitdiff/b9b54568c0bb64c32bd0b362954bdbc8c1234b16",
"refsource": "CONFIRM",
"url": "https://gitweb.torproject.org/arma/tor.git/commitdiff/b9b54568c0bb64c32bd0b362954bdbc8c1234b16"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80289",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80289"
},
{
"name": "[oss-security] 20121126 Re: tor DoS via SENDME cells",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2012/11/26/11"
"url": "https://gitweb.torproject.org/arma/tor.git/commitdiff/b9b54568c0bb64c32bd0b362954bdbc8c1234b16",
"refsource": "MISC",
"name": "https://gitweb.torproject.org/arma/tor.git/commitdiff/b9b54568c0bb64c32bd0b362954bdbc8c1234b16"
},
{
"name": "https://gitweb.torproject.org/tor.git/blob/release-0.2.3:/ReleaseNotes",
"refsource": "CONFIRM",
"url": "https://gitweb.torproject.org/tor.git/blob/release-0.2.3:/ReleaseNotes"
"url": "https://gitweb.torproject.org/tor.git/blob/release-0.2.3:/ReleaseNotes",
"refsource": "MISC",
"name": "https://gitweb.torproject.org/tor.git/blob/release-0.2.3:/ReleaseNotes"
},
{
"name": "tor-sendme-dos(80289)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80289"
"url": "https://trac.torproject.org/projects/tor/ticket/6252",
"refsource": "MISC",
"name": "https://trac.torproject.org/projects/tor/ticket/6252"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=880310",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=880310"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=880310",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=880310"
}
]
}

105
2012/5xxx/CVE-2012-5603.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5603",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "cloudforms-katello-sec-bypass(80549)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80549"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=882129",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0544.html",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=882129"
"name": "http://rhn.redhat.com/errata/RHSA-2013-0544.html"
},
{
"name": "88140",
"refsource": "OSVDB",
"url": "http://osvdb.org/88140"
"url": "http://rhn.redhat.com/errata/RHSA-2012-1543.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1543.html"
},
{
"name": "51472",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51472"
"url": "http://secunia.com/advisories/51472",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51472"
},
{
"name": "88142",
"refsource": "OSVDB",
"url": "http://osvdb.org/88142"
"url": "http://www.securityfocus.com/bid/56819",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/56819"
},
{
"name": "RHSA-2012:1543",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1543.html"
"url": "http://osvdb.org/88140",
"refsource": "MISC",
"name": "http://osvdb.org/88140"
},
{
"name": "56819",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56819"
"url": "http://osvdb.org/88142",
"refsource": "MISC",
"name": "http://osvdb.org/88142"
},
{
"name": "RHSA-2013:0544",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0544.html"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80549",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80549"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=882129",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=882129"
}
]
}

103
2012/5xxx/CVE-2012-5619.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5619",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,42 +27,66 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20121203 Re: CVE request: TSK misrepresents \".\" files on FAT filesystems",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/12/04/2"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=883330",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=883330"
},
{
"name": "http://labs.bitdefender.com/2012/06/flame-the-story-of-leaked-data-carried-by-human-vector/",
"url": "http://labs.bitdefender.com/2012/06/flame-the-story-of-leaked-data-carried-by-human-vector/",
"refsource": "MISC",
"url": "http://labs.bitdefender.com/2012/06/flame-the-story-of-leaked-data-carried-by-human-vector/"
"name": "http://labs.bitdefender.com/2012/06/flame-the-story-of-leaked-data-carried-by-human-vector/"
},
{
"name": "FEDORA-2013-0336",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097293.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097289.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097289.html"
},
{
"name": "MDVSA-2013:125",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:125"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097293.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097293.html"
},
{
"name": "FEDORA-2013-0320",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097289.html"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:125",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:125"
},
{
"name": "[oss-security] 20121201 CVE request: TSK misrepresents \".\" files on FAT filesystems",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/12/01/2"
"url": "http://www.openwall.com/lists/oss-security/2012/12/01/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/12/01/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/12/04/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/12/04/2"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=883330",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=883330"
}
]
}

199
2012/5xxx/CVE-2012-5629.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2012-5629 JBoss: allows empty password to authenticate against LDAP"
"value": "The default configuration of the (1) LdapLoginModule and (2) LdapExtLoginModule modules in JBoss Enterprise Application Platform (EAP) 4.3.0 CP10, 5.2.0, and 6.0.1, and Enterprise Web Platform (EWP) 5.2.0 allow remote attackers to bypass authentication via an empty password."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Authentication Bypass by Primary Weakness",
"cweId": "CWE-305"
"value": "n/a"
}
]
}
@ -32,112 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "JBEWP 5 for RHEL 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.0.5-9.SP3_1_patch_01.ep5.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "JBEWP 5 for RHEL 6",
"version": {
"version_data": [
{
"version_value": "0:2.0.5-9.1.SP3_1_patch_01.ep5.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 4",
"version": {
"version_data": [
{
"version_value": "0:4.3.0-12.GA_CP10_patch_01.1.ep1.el4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 5",
"version": {
"version_data": [
{
"version_value": "0:4.3.0-12.GA_CP10_patch_01.1.ep1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 5 for RHEL 4",
"version": {
"version_data": [
{
"version_value": "0:2.0.5-9.SP3_1_patch_01.ep5.el4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 5 for RHEL 5",
"version": {
"version_data": [
{
"version_value": "0:2.0.5-9.SP3_1_patch_01.ep5.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 5 for RHEL 6",
"version": {
"version_data": [
{
"version_value": "0:2.0.5-9.1.SP3_1_patch_01.ep5.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5",
"version": {
"version_data": [
{
"version_value": "0:7.1.3-5.Final_redhat_5.ep6.el5",
"version_affected": "!"
},
{
"version_value": "0:4.0.14-3.Final_redhat_3.ep6.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6",
"version": {
"version_data": [
{
"version_value": "0:7.1.3-5.Final_redhat_5.ep6.el6",
"version_affected": "!"
},
{
"version_value": "0:4.0.14-3.Final_redhat_3.ep6.el6",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -150,11 +53,6 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2013:0533",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0533"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0533.html",
"refsource": "MISC",
@ -204,91 +102,6 @@
"url": "http://rhn.redhat.com/errata/RHSA-2013-0586.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0586.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0229",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0229"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0230",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0230"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0231",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0231"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0232",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0232"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0233",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0233"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0234",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0234"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0248",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0248"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0249",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0249"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0586",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0586"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0665",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0665"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-5629",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-5629"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=885569",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=885569"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

257
2012/5xxx/CVE-2012-5633.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5633",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,137 +27,161 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "51988",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51988"
},
{
"name": "http://svn.apache.org/viewvc?view=revision&revision=1409324",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc?view=revision&revision=1409324"
},
{
"name": "http://stackoverflow.com/questions/7933293/why-does-apache-cxf-ws-security-implementation-ignore-get-requests",
"url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E",
"refsource": "MISC",
"url": "http://stackoverflow.com/questions/7933293/why-does-apache-cxf-ws-security-implementation-ignore-get-requests"
"name": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "20130208 New security advisories for Apache CXF",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2013/Feb/39"
},
{
"name": "RHSA-2013:0256",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0256.html"
},
{
"name": "90079",
"refsource": "OSVDB",
"url": "http://osvdb.org/90079"
},
{
"name": "RHSA-2013:0257",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0257.html"
},
{
"name": "http://svn.apache.org/viewvc?view=revision&revision=1420698",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc?view=revision&revision=1420698"
},
{
"name": "https://issues.jboss.org/browse/JBWS-3575",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E",
"refsource": "MISC",
"url": "https://issues.jboss.org/browse/JBWS-3575"
"name": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "57874",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/57874"
},
{
"name": "https://issues.apache.org/jira/browse/CXF-4629",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/CXF-4629"
},
{
"name": "RHSA-2013:0258",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0258.html"
},
{
"name": "52183",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/52183"
},
{
"name": "RHSA-2013:0749",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0749.html"
},
{
"name": "RHSA-2013:0743",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0743.html"
},
{
"name": "http://packetstormsecurity.com/files/120213/Apache-CXF-WS-Security-URIMappingInterceptor-Bypass.html",
"url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/120213/Apache-CXF-WS-Security-URIMappingInterceptor-Bypass.html"
"name": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "http://cxf.apache.org/cve-2012-5633.html",
"refsource": "CONFIRM",
"url": "http://cxf.apache.org/cve-2012-5633.html"
"url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "apachecxf-wssecurity-security-bypass(81980)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81980"
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "RHSA-2013:0259",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0259.html"
"url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "RHSA-2013:0726",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0726.html"
"url": "http://cxf.apache.org/cve-2012-5633.html",
"refsource": "MISC",
"name": "http://cxf.apache.org/cve-2012-5633.html"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E"
"url": "http://osvdb.org/90079",
"refsource": "MISC",
"name": "http://osvdb.org/90079"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20200319 svn commit: r1058035 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E"
"url": "http://packetstormsecurity.com/files/120213/Apache-CXF-WS-Security-URIMappingInterceptor-Bypass.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/120213/Apache-CXF-WS-Security-URIMappingInterceptor-Bypass.html"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
"url": "http://rhn.redhat.com/errata/RHSA-2013-0256.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0256.html"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
"url": "http://rhn.redhat.com/errata/RHSA-2013-0257.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0257.html"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E"
"url": "http://rhn.redhat.com/errata/RHSA-2013-0258.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0258.html"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E"
"url": "http://rhn.redhat.com/errata/RHSA-2013-0259.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0259.html"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0726.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0726.html"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0743.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0743.html"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0749.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0749.html"
},
{
"url": "http://seclists.org/fulldisclosure/2013/Feb/39",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2013/Feb/39"
},
{
"url": "http://secunia.com/advisories/51988",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51988"
},
{
"url": "http://secunia.com/advisories/52183",
"refsource": "MISC",
"name": "http://secunia.com/advisories/52183"
},
{
"url": "http://stackoverflow.com/questions/7933293/why-does-apache-cxf-ws-security-implementation-ignore-get-requests",
"refsource": "MISC",
"name": "http://stackoverflow.com/questions/7933293/why-does-apache-cxf-ws-security-implementation-ignore-get-requests"
},
{
"url": "http://svn.apache.org/viewvc?view=revision&revision=1409324",
"refsource": "MISC",
"name": "http://svn.apache.org/viewvc?view=revision&revision=1409324"
},
{
"url": "http://svn.apache.org/viewvc?view=revision&revision=1420698",
"refsource": "MISC",
"name": "http://svn.apache.org/viewvc?view=revision&revision=1420698"
},
{
"url": "http://www.securityfocus.com/bid/57874",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/57874"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81980",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81980"
},
{
"url": "https://issues.apache.org/jira/browse/CXF-4629",
"refsource": "MISC",
"name": "https://issues.apache.org/jira/browse/CXF-4629"
},
{
"url": "https://issues.jboss.org/browse/JBWS-3575",
"refsource": "MISC",
"name": "https://issues.jboss.org/browse/JBWS-3575"
}
]
}

79
2012/5xxx/CVE-2012-5639.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5639",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "LibreOffice; OpenOffice",
"product": {
"product_data": [
{
"product_name": "LibreOffice, OpenOffice",
"version": {
"version_data": [
{
"version_value": "through at least 2012-12-15"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,12 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "LibreOffice; OpenOffice",
"product": {
"product_data": [
{
"product_name": "LibreOffice, OpenOffice",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "through at least 2012-12-15"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2012-5639",
"url": "http://www.openwall.com/lists/oss-security/2012/12/14/1",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2012-5639"
"name": "http://www.openwall.com/lists/oss-security/2012/12/14/1"
},
{
"url": "https://access.redhat.com/security/cve/cve-2012-5639",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2012-5639"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5639",
@ -63,19 +69,14 @@
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5639"
},
{
"url": "https://lists.apache.org/thread.html/r253f92d0e6511d07a79774002e1d9db1d20b24bff27914a5adb14ccb%40%3Cissues.openoffice.apache.org%3E",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/12/14/1",
"url": "http://www.openwall.com/lists/oss-security/2012/12/14/1"
"name": "https://lists.apache.org/thread.html/r253f92d0e6511d07a79774002e1d9db1d20b24bff27914a5adb14ccb%40%3Cissues.openoffice.apache.org%3E"
},
{
"refsource": "REDHAT",
"name": "Red Hat",
"url": "https://access.redhat.com/security/cve/cve-2012-5639"
},
{
"refsource": "MLIST",
"name": "[openoffice-issues] 20201025 [Issue 121493] CVE-2012-5639: Remote file inclusion by office application",
"url": "https://lists.apache.org/thread.html/r253f92d0e6511d07a79774002e1d9db1d20b24bff27914a5adb14ccb@%3Cissues.openoffice.apache.org%3E"
"url": "https://security-tracker.debian.org/tracker/CVE-2012-5639",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2012-5639"
}
]
}

56
2012/5xxx/CVE-2012-5643.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2012-5643 squid: cachemgr.cgi memory usage DoS and memory leaks"
"value": "Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x before 3.3.0.2 allow remote attackers to cause a denial of service (memory consumption) via (1) invalid Content-Length headers, (2) long POST requests, or (3) crafted authentication credentials."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Missing Release of Memory after Effective Lifetime",
"cweId": "CWE-401"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "7:3.1.10-16.el6",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -139,55 +138,20 @@
"refsource": "MISC",
"name": "http://www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-11714.patch"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0505",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0505"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-5643",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-5643"
},
{
"url": "https://bugs.gentoo.org/show_bug.cgi?id=447596",
"refsource": "MISC",
"name": "https://bugs.gentoo.org/show_bug.cgi?id=447596"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=887962",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=887962"
},
{
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0368",
"refsource": "MISC",
"name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0368"
}
]
},
"impact": {
"cvss": [
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=887962",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=887962"
}
]
}

109
2012/5xxx/CVE-2012-5653.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5653",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,52 +27,76 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "88529",
"refsource": "OSVDB",
"url": "http://osvdb.org/88529"
"url": "http://www.debian.org/security/2013/dsa-2776",
"refsource": "MISC",
"name": "http://www.debian.org/security/2013/dsa-2776"
},
{
"name": "http://drupalcode.org/project/drupal.git/commitdiff/da8023a",
"refsource": "CONFIRM",
"url": "http://drupalcode.org/project/drupal.git/commitdiff/da8023a"
"url": "http://drupal.org/SA-CORE-2012-004",
"refsource": "MISC",
"name": "http://drupal.org/SA-CORE-2012-004"
},
{
"name": "MDVSA-2013:074",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:074"
"url": "http://drupalcode.org/project/drupal.git/commitdiff/da8023a",
"refsource": "MISC",
"name": "http://drupalcode.org/project/drupal.git/commitdiff/da8023a"
},
{
"name": "http://drupal.org/SA-CORE-2012-004",
"refsource": "CONFIRM",
"url": "http://drupal.org/SA-CORE-2012-004"
"url": "http://www.openwall.com/lists/oss-security/2012/12/20/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/12/20/1"
},
{
"name": "56993",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56993"
"url": "http://www.securityfocus.com/bid/56993",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/56993"
},
{
"name": "http://drupalcode.org/project/drupal.git/commitdiff/b47f95d",
"refsource": "CONFIRM",
"url": "http://drupalcode.org/project/drupal.git/commitdiff/b47f95d"
"url": "http://drupalcode.org/project/drupal.git/commitdiff/b47f95d",
"refsource": "MISC",
"name": "http://drupalcode.org/project/drupal.git/commitdiff/b47f95d"
},
{
"name": "DSA-2776",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2776"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:074",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:074"
},
{
"name": "[oss-security] 20121219 Re: CVE request for Drupal core, and contributed modules",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/12/20/1"
"url": "http://osvdb.org/88529",
"refsource": "MISC",
"name": "http://osvdb.org/88529"
},
{
"name": "drupal-fileupload-code-execution(80795)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80795"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80795",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80795"
}
]
}

133
2012/5xxx/CVE-2012-5669.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5669",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,72 +27,96 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "1027921",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027921"
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=07bdb6e289c7954e2a533039dc93c1c136099d2d",
"refsource": "MISC",
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=07bdb6e289c7954e2a533039dc93c1c136099d2d"
},
{
"name": "http://www.freetype.org/",
"refsource": "CONFIRM",
"url": "http://www.freetype.org/"
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00056.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00056.html"
},
{
"name": "USN-1686-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1686-1"
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00068.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00068.html"
},
{
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=07bdb6e289c7954e2a533039dc93c1c136099d2d",
"refsource": "CONFIRM",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=07bdb6e289c7954e2a533039dc93c1c136099d2d"
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00078.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00078.html"
},
{
"name": "openSUSE-SU-2013:0189",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00078.html"
"url": "http://rhn.redhat.com/errata/RHSA-2013-0216.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0216.html"
},
{
"name": "[oss-security] 20121224 Re: CVE Request - Multiple security fixes in freetype - 2.4.11",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/12/25/2"
"url": "http://secunia.com/advisories/51826",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51826"
},
{
"name": "openSUSE-SU-2013:0165",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00056.html"
"url": "http://secunia.com/advisories/51900",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51900"
},
{
"name": "RHSA-2013:0216",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0216.html"
"url": "http://www.freetype.org/",
"refsource": "MISC",
"name": "http://www.freetype.org/"
},
{
"name": "https://savannah.nongnu.org/bugs/?37906",
"refsource": "CONFIRM",
"url": "https://savannah.nongnu.org/bugs/?37906"
"url": "http://www.openwall.com/lists/oss-security/2012/12/25/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/12/25/2"
},
{
"name": "SSA:2013-015-01",
"refsource": "SLACKWARE",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.520186"
"url": "http://www.securitytracker.com/id?1027921",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1027921"
},
{
"name": "51900",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51900"
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.520186",
"refsource": "MISC",
"name": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.520186"
},
{
"name": "openSUSE-SU-2013:0177",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00068.html"
"url": "http://www.ubuntu.com/usn/USN-1686-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1686-1"
},
{
"name": "51826",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51826"
"url": "https://savannah.nongnu.org/bugs/?37906",
"refsource": "MISC",
"name": "https://savannah.nongnu.org/bugs/?37906"
}
]
}

95
2012/6xxx/CVE-2012-6073.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-6073",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2013:0220",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0220.html"
},
{
"name": "[oss-security] 20121227 Re: CVE request: Jenkins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/12/28/1"
},
{
"name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20",
"refsource": "CONFIRM",
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=890608",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0220.html",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=890608"
"name": "http://rhn.redhat.com/errata/RHSA-2013-0220.html"
},
{
"name": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-11-20.cb",
"refsource": "CONFIRM",
"url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-11-20.cb"
"url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-11-20.cb",
"refsource": "MISC",
"name": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-11-20.cb"
},
{
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20",
"refsource": "MISC",
"name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/12/28/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/12/28/1"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=890608",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=890608"
}
]
}

163
2012/6xxx/CVE-2012-6093.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-6093",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,67 +27,91 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2013:0204",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00086.html"
},
{
"name": "https://codereview.qt-project.org/#change,42461",
"refsource": "CONFIRM",
"url": "https://codereview.qt-project.org/#change,42461"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697582",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697582",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697582"
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697582"
},
{
"name": "USN-1723-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1723-1"
},
{
"name": "openSUSE-SU-2013:0256",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00014.html"
},
{
"name": "52217",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/52217"
},
{
"name": "openSUSE-SU-2013:0211",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00089.html"
},
{
"name": "http://qt.gitorious.org/qt/qt/commit/3b14dc93cf0ef06f1424d7d6319a1af4505faa53%20%284.7%29",
"refsource": "CONFIRM",
"url": "http://qt.gitorious.org/qt/qt/commit/3b14dc93cf0ef06f1424d7d6319a1af4505faa53%20%284.7%29"
},
{
"name": "[Announce] 20130102 Qt Project Security Advisory: QSslSocket may report incorrect errors when certificate verification fails",
"refsource": "MLIST",
"url": "http://lists.qt-project.org/pipermail/announce/2013-January/000020.html"
},
{
"name": "http://qt.gitorious.org/qt/qt/commit/691e78e5061d4cbc0de212d23b06c5dffddf2098%20%284.8%29",
"refsource": "CONFIRM",
"url": "http://qt.gitorious.org/qt/qt/commit/691e78e5061d4cbc0de212d23b06c5dffddf2098%20%284.8%29"
},
{
"name": "[oss-security] 20130104 Re: CVE Request -- qt: QSslSocket might report inappropriate errors when certificate verification fails",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/01/04/6"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=891955",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00086.html",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=891955"
"name": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00086.html"
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00089.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00089.html"
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00014.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00014.html"
},
{
"url": "http://lists.qt-project.org/pipermail/announce/2013-January/000020.html",
"refsource": "MISC",
"name": "http://lists.qt-project.org/pipermail/announce/2013-January/000020.html"
},
{
"url": "http://qt.gitorious.org/qt/qt/commit/3b14dc93cf0ef06f1424d7d6319a1af4505faa53%20%284.7%29",
"refsource": "MISC",
"name": "http://qt.gitorious.org/qt/qt/commit/3b14dc93cf0ef06f1424d7d6319a1af4505faa53%20%284.7%29"
},
{
"url": "http://qt.gitorious.org/qt/qt/commit/691e78e5061d4cbc0de212d23b06c5dffddf2098%20%284.8%29",
"refsource": "MISC",
"name": "http://qt.gitorious.org/qt/qt/commit/691e78e5061d4cbc0de212d23b06c5dffddf2098%20%284.8%29"
},
{
"url": "http://secunia.com/advisories/52217",
"refsource": "MISC",
"name": "http://secunia.com/advisories/52217"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/01/04/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/01/04/6"
},
{
"url": "http://www.ubuntu.com/usn/USN-1723-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1723-1"
},
{
"url": "https://codereview.qt-project.org/#change%2C42461",
"refsource": "MISC",
"name": "https://codereview.qt-project.org/#change%2C42461"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=891955",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=891955"
}
]
}

184
2012/6xxx/CVE-2012-6109.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2012-6109 rubygem-rack: parsing Content-Disposition header DoS"
"value": "lib/rack/multipart.rb in Rack before 1.1.4, 1.2.x before 1.2.6, 1.3.x before 1.3.7, and 1.4.x before 1.4.2 uses an incorrect regular expression, which allows remote attackers to cause a denial of service (infinite loop) via a crafted Content-Disposion header."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Loop with Unreachable Exit Condition ('Infinite Loop')",
"cweId": "CWE-835"
"value": "n/a"
}
]
}
@ -32,139 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "CloudForms for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "1:3.0.10-10.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.1.4-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.5.0-0.9.beta4.el6cf",
"version_affected": "!"
},
{
"version_value": "1:1.3.0-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.5.5-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.8-6.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.6.1-7.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.0.4-6.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.11.3-5.el6cf",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Subscription Asset Manager 1.2",
"version": {
"version_data": [
{
"version_value": "0:1.7-2.el6_3",
"version_affected": "!"
},
{
"version_value": "0:0.6-4_redhat_1.ep6.el6.1",
"version_affected": "!"
},
{
"version_value": "0:0.7.23-1.el6_3",
"version_affected": "!"
},
{
"version_value": "0:0.19.9-5.el6_3",
"version_affected": "!"
},
{
"version_value": "0:1.2.1-15h.el6_3",
"version_affected": "!"
},
{
"version_value": "0:1.2.1-1h.el6_3",
"version_affected": "!"
},
{
"version_value": "0:1.2.1-12h.el6_3",
"version_affected": "!"
},
{
"version_value": "0:1.2.3-3h.el6_3",
"version_affected": "!"
},
{
"version_value": "0:1.2.1-2h.el6_3",
"version_affected": "!"
},
{
"version_value": "0:3.6.1-10h.el6_3",
"version_affected": "!"
},
{
"version_value": "0:2.6.17-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.1.5-4.el6_3",
"version_affected": "!"
},
{
"version_value": "1:3.0.10-10.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.0.12-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.1.3-1.el6_3",
"version_affected": "!"
},
{
"version_value": "0:2.3.0-3.el6cf",
"version_affected": "!"
},
{
"version_value": "1:1.3.0-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.0.4-6.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.6.5-0.12.git58097d9h.el6_3",
"version_affected": "!"
},
{
"version_value": "0:1.0.4-2.el6_3",
"version_affected": "!"
},
{
"version_value": "0:0.0.28-1.el6_3",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -187,31 +63,11 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0548.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0544",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0544"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0548",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0548"
},
{
"url": "http://rack.github.com/",
"refsource": "MISC",
"name": "http://rack.github.com/"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-6109",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-6109"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=895277",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=895277"
},
{
"url": "https://github.com/rack/rack/blob/master/README.rdoc",
"refsource": "MISC",
@ -226,31 +82,11 @@
"url": "https://groups.google.com/forum/#%21msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ",
"refsource": "MISC",
"name": "https://groups.google.com/forum/#%21msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ"
}
]
},
"impact": {
"cvss": [
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=895277",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=895277"
}
]
}

79
2013/4xxx/CVE-2013-4195.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4195",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=978471",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=978471"
"url": "http://plone.org/products/plone-hotfix/releases/20130618",
"refsource": "MISC",
"name": "http://plone.org/products/plone-hotfix/releases/20130618"
},
{
"name": "http://plone.org/products/plone/security/advisories/20130618-announcement",
"refsource": "CONFIRM",
"url": "http://plone.org/products/plone/security/advisories/20130618-announcement"
"url": "http://plone.org/products/plone/security/advisories/20130618-announcement",
"refsource": "MISC",
"name": "http://plone.org/products/plone/security/advisories/20130618-announcement"
},
{
"name": "http://plone.org/products/plone-hotfix/releases/20130618",
"refsource": "CONFIRM",
"url": "http://plone.org/products/plone-hotfix/releases/20130618"
"url": "http://seclists.org/oss-sec/2013/q3/261",
"refsource": "MISC",
"name": "http://seclists.org/oss-sec/2013/q3/261"
},
{
"name": "[oss-security] 20130801 Re: CVE Request -- Plone: 20130618 Hotfix (multiple vectors)",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2013/q3/261"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=978471",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=978471"
}
]
}

79
2013/4xxx/CVE-2013-4196.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4196",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=978475",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=978475"
"url": "http://plone.org/products/plone-hotfix/releases/20130618",
"refsource": "MISC",
"name": "http://plone.org/products/plone-hotfix/releases/20130618"
},
{
"name": "http://plone.org/products/plone/security/advisories/20130618-announcement",
"refsource": "CONFIRM",
"url": "http://plone.org/products/plone/security/advisories/20130618-announcement"
"url": "http://plone.org/products/plone/security/advisories/20130618-announcement",
"refsource": "MISC",
"name": "http://plone.org/products/plone/security/advisories/20130618-announcement"
},
{
"name": "http://plone.org/products/plone-hotfix/releases/20130618",
"refsource": "CONFIRM",
"url": "http://plone.org/products/plone-hotfix/releases/20130618"
"url": "http://seclists.org/oss-sec/2013/q3/261",
"refsource": "MISC",
"name": "http://seclists.org/oss-sec/2013/q3/261"
},
{
"name": "[oss-security] 20130801 Re: CVE Request -- Plone: 20130618 Hotfix (multiple vectors)",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2013/q3/261"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=978475",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=978475"
}
]
}

103
2013/4xxx/CVE-2013-4205.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4205",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,42 +27,66 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://github.com/torvalds/linux/commit/6160968cee8b90a5dd95318d716e31d7775c4ef3",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/6160968cee8b90a5dd95318d716e31d7775c4ef3"
},
{
"name": "[oss-security] 20130806 Re: CLONE_NEWUSER local DoS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/08/06/2"
},
{
"name": "http://twitter.com/grsecurity/statuses/364566062336978944",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6160968cee8b90a5dd95318d716e31d7775c4ef3",
"refsource": "MISC",
"url": "http://twitter.com/grsecurity/statuses/364566062336978944"
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6160968cee8b90a5dd95318d716e31d7775c4ef3"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.6",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.6"
"url": "http://twitter.com/grsecurity/statuses/364566062336978944",
"refsource": "MISC",
"name": "http://twitter.com/grsecurity/statuses/364566062336978944"
},
{
"name": "USN-1971-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1971-1"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.6",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.6"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6160968cee8b90a5dd95318d716e31d7775c4ef3",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6160968cee8b90a5dd95318d716e31d7775c4ef3"
"url": "http://www.openwall.com/lists/oss-security/2013/08/06/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/08/06/2"
},
{
"name": "USN-1974-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1974-1"
"url": "http://www.ubuntu.com/usn/USN-1971-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1971-1"
},
{
"url": "http://www.ubuntu.com/usn/USN-1974-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1974-1"
},
{
"url": "https://github.com/torvalds/linux/commit/6160968cee8b90a5dd95318d716e31d7775c4ef3",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/6160968cee8b90a5dd95318d716e31d7775c4ef3"
}
]
}

75
2013/4xxx/CVE-2013-4215.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4215",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://tracker.nagios.org/view.php?id=451",
"url": "http://osvdb.org/96085",
"refsource": "MISC",
"url": "http://tracker.nagios.org/view.php?id=451"
"name": "http://osvdb.org/96085"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=957482",
"url": "http://seclists.org/oss-sec/2013/q3/310",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=957482"
"name": "http://seclists.org/oss-sec/2013/q3/310"
},
{
"name": "[oss-security] 20130807 Some Nagios /tmp vulns (no reply from upstream)",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2013/q3/310"
"url": "http://tracker.nagios.org/view.php?id=451",
"refsource": "MISC",
"name": "http://tracker.nagios.org/view.php?id=451"
},
{
"name": "96085",
"refsource": "OSVDB",
"url": "http://osvdb.org/96085"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=957482",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=957482"
}
]
}

67
2013/4xxx/CVE-2013-4216.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4216",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,17 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20130808 Re: CVE Request -- Four flaws in WiMAX (afaik upstream is dead for this)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/08/08/17"
"url": "http://www.openwall.com/lists/oss-security/2013/08/08/17",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/08/08/17"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=911122",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=911122"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=911122",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=911122"
}
]
}

1329
2013/4xxx/CVE-2013-4225.json
View File

File diff suppressed because it is too large Load Diff

81
2013/4xxx/CVE-2013-4235.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4235",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "shadow",
"version": {
"version_data": [
{
"version_value": "1"
}
]
}
}
]
},
"vendor_name": "shadow"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,17 +27,36 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "shadow",
"product": {
"product_data": [
{
"product_name": "shadow",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4235",
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2013-4235"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235"
"name": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
},
{
"url": "https://access.redhat.com/security/cve/cve-2013-4235",
@ -68,14 +64,19 @@
"name": "https://access.redhat.com/security/cve/cve-2013-4235"
},
{
"refsource": "MLIST",
"name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar",
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235"
},
{
"refsource": "GENTOO",
"name": "GLSA-202210-26",
"url": "https://security.gentoo.org/glsa/202210-26"
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4235",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2013-4235"
},
{
"url": "https://security.gentoo.org/glsa/202210-26",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202210-26"
}
]
}

73
2013/4xxx/CVE-2013-4236.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4236",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become \"unavailable to the managment server\" via invalid XML characters in a guest agent response. NOTE: this issue is due to an incomplete fix for CVE-2013-0167."
"value": "VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become \"unavailable to the managment server\" via invalid XML characters in a guest agent response. NOTE: this issue is due to an incomplete fix for CVE-2013-0167."
}
]
},
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://gerrit.ovirt.org/gitweb?p=vdsm.git;a=commit;h=5fe1615b7949999fc9abd896bde63bf24f8431d6",
"url": "http://gerrit.ovirt.org/gitweb?p=vdsm.git%3Ba=commit%3Bh=5fe1615b7949999fc9abd896bde63bf24f8431d6",
"refsource": "MISC",
"url": "http://gerrit.ovirt.org/gitweb?p=vdsm.git;a=commit;h=5fe1615b7949999fc9abd896bde63bf24f8431d6"
"name": "http://gerrit.ovirt.org/gitweb?p=vdsm.git%3Ba=commit%3Bh=5fe1615b7949999fc9abd896bde63bf24f8431d6"
},
{
"name": "RHSA-2013:1155",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1155.html"
"url": "http://rhn.redhat.com/errata/RHSA-2013-1155.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1155.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=996166",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=996166"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=996166",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=996166"
}
]
}

63
2013/4xxx/CVE-2013-4245.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4245",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Orca",
"product": {
"product_data": [
{
"product_name": "Orca",
"version": {
"version_data": [
{
"version_value": "3.14.0"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,12 +27,36 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Orca",
"product": {
"product_data": [
{
"product_name": "Orca",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.14.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4245",
"url": "https://access.redhat.com/security/cve/cve-2013-4245",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2013-4245"
"name": "https://access.redhat.com/security/cve/cve-2013-4245"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4245",
@ -68,9 +69,9 @@
"name": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-4245"
},
{
"url": "https://access.redhat.com/security/cve/cve-2013-4245",
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4245",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2013-4245"
"name": "https://security-tracker.debian.org/tracker/CVE-2013-4245"
}
]
}

99
2013/4xxx/CVE-2013-4255.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4255",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2013:1172",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1172.html"
},
{
"name": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1786",
"refsource": "CONFIRM",
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1786"
},
{
"name": "RHSA-2013:1171",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1171.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=919401",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=919401"
},
{
"name": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=3829",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1171.html",
"refsource": "MISC",
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=3829"
"name": "http://rhn.redhat.com/errata/RHSA-2013-1171.html"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-1172.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1172.html"
},
{
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1786",
"refsource": "MISC",
"name": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1786"
},
{
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=3829",
"refsource": "MISC",
"name": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=3829"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=919401",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=919401"
}
]
}

97
2013/4xxx/CVE-2013-4256.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4256",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,42 +27,66 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20130819 Re: CVE Request : NAS v1.9.3 multiple Vulnerabilites",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/08/19/3"
"url": "http://radscan.com/pipermail/nas/2013-August/001270.html",
"refsource": "MISC",
"name": "http://radscan.com/pipermail/nas/2013-August/001270.html"
},
{
"name": "[nas] 20130807 nas: Multiple Vulnerabilities in nas 1.9.3",
"refsource": "MLIST",
"url": "http://radscan.com/pipermail/nas/2013-August/001270.html"
"url": "http://sourceforge.net/p/nas/code/288",
"refsource": "MISC",
"name": "http://sourceforge.net/p/nas/code/288"
},
{
"name": "[oss-security] 20130816 CVE Request : NAS v1.9.3 multiple Vulnerabilites",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/08/16/2"
"url": "http://www.debian.org/security/2013/dsa-2771",
"refsource": "MISC",
"name": "http://www.debian.org/security/2013/dsa-2771"
},
{
"name": "http://sourceforge.net/p/nas/code/288",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/p/nas/code/288"
"url": "http://www.openwall.com/lists/oss-security/2013/08/16/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/08/16/2"
},
{
"name": "DSA-2771",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2771"
"url": "http://www.openwall.com/lists/oss-security/2013/08/19/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/08/19/3"
},
{
"name": "61848",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/61848"
"url": "http://www.securityfocus.com/bid/61848",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/61848"
},
{
"name": "USN-1986-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1986-1"
"url": "http://www.ubuntu.com/usn/USN-1986-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1986-1"
}
]
}

103
2013/4xxx/CVE-2013-4276.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4276",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "USN-3770-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3770-2/"
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718682",
"refsource": "MISC",
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718682"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=992975",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=992975"
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00021.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00021.html"
},
{
"name": "61607",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/61607"
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00029.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00029.html"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718682",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718682"
"url": "http://www.openwall.com/lists/oss-security/2013/08/22/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/08/22/3"
},
{
"name": "openSUSE-SU-2013:1560",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00029.html"
"url": "http://www.securityfocus.com/bid/61607",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/61607"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=991757",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=991757"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=991757",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=991757"
},
{
"name": "openSUSE-SU-2013:1547",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00021.html"
"url": "https://usn.ubuntu.com/3770-2/",
"refsource": "MISC",
"name": "https://usn.ubuntu.com/3770-2/"
},
{
"name": "[oss-security] 20130822 Re: CVE request: lcms 1.x buffer overflows",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/08/22/3"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=992975",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=992975"
}
]
}

121
2013/4xxx/CVE-2013-4296.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4296",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,62 +27,86 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "60895",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60895"
"url": "http://wiki.libvirt.org/page/Maintenance_Releases",
"refsource": "MISC",
"name": "http://wiki.libvirt.org/page/Maintenance_Releases"
},
{
"name": "GLSA-201412-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
"url": "http://rhn.redhat.com/errata/RHSA-2013-1460.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1460.html"
},
{
"name": "http://libvirt.org/git/?p=libvirt.git;a=commit;h=e7f400a110e2e3673b96518170bfea0855dd82c0",
"refsource": "CONFIRM",
"url": "http://libvirt.org/git/?p=libvirt.git;a=commit;h=e7f400a110e2e3673b96518170bfea0855dd82c0"
"url": "http://secunia.com/advisories/60895",
"refsource": "MISC",
"name": "http://secunia.com/advisories/60895"
},
{
"name": "DSA-2764",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2764"
"url": "http://security.gentoo.org/glsa/glsa-201412-04.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
},
{
"name": "USN-1954-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1954-1"
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00023.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00023.html"
},
{
"name": "http://wiki.libvirt.org/page/Maintenance_Releases",
"refsource": "CONFIRM",
"url": "http://wiki.libvirt.org/page/Maintenance_Releases"
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00024.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00024.html"
},
{
"name": "RHSA-2013:1272",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1272.html"
"url": "http://rhn.redhat.com/errata/RHSA-2013-1272.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1272.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1006173",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1006173"
"url": "http://www.ubuntu.com/usn/USN-1954-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1954-1"
},
{
"name": "RHSA-2013:1460",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1460.html"
"url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=e7f400a110e2e3673b96518170bfea0855dd82c0",
"refsource": "MISC",
"name": "http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=e7f400a110e2e3673b96518170bfea0855dd82c0"
},
{
"name": "openSUSE-SU-2013:1550",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00024.html"
"url": "http://www.debian.org/security/2013/dsa-2764",
"refsource": "MISC",
"name": "http://www.debian.org/security/2013/dsa-2764"
},
{
"name": "openSUSE-SU-2013:1549",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00023.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1006173",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1006173"
}
]
}

97
2013/4xxx/CVE-2013-4325.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4325",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,42 +27,66 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2013:1274",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1274.html"
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00062.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00062.html"
},
{
"name": "USN-1956-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1956-1"
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00000.html"
},
{
"name": "openSUSE-SU-2013:1617",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00062.html"
"url": "http://rhn.redhat.com/errata/RHSA-2013-1274.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1274.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1002375",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1002375"
"url": "http://www.debian.org/security/2013/dsa-2829",
"refsource": "MISC",
"name": "http://www.debian.org/security/2013/dsa-2829"
},
{
"name": "DSA-2829",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2829"
"url": "http://www.ubuntu.com/usn/USN-1956-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1956-1"
},
{
"name": "openSUSE-SU-2013:1620",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00000.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1002375",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1002375"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1006674",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1006674"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1006674",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1006674"
}
]
}

99
2013/4xxx/CVE-2013-4326.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4326",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2013:1597",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00051.html"
},
{
"name": "RHSA-2013:1282",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1282.html"
},
{
"name": "[oss-security] 20130918 Re: Fwd: [vs-plain] polkit races",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/09/18/6"
},
{
"name": "openSUSE-SU-2013:1548",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00022.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1006677",
"url": "http://www.openwall.com/lists/oss-security/2013/09/18/6",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1006677"
"name": "http://www.openwall.com/lists/oss-security/2013/09/18/6"
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00022.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00022.html"
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00051.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00051.html"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-1282.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1282.html"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1006677",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1006677"
}
]
}

80
2013/4xxx/CVE-2013-4345.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2013-4345 kernel: ansi_cprng: off by one error in non-block size request"
"value": "Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via multiple requests for small amounts of data, leading to improper management of the state of the consumed data."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Off-by-one Error",
"cweId": "CWE-193"
"value": "n/a"
}
]
}
@ -32,38 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-371.1.2.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-431.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise MRG 2",
"version": {
"version_data": [
{
"version_value": "0:3.8.13-rt14.25.el6rt",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -116,11 +93,6 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1490.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:1490",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:1490"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-1449.html",
"refsource": "MISC",
@ -131,16 +103,6 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1645.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:1449",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:1449"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:1645",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:1645"
},
{
"url": "http://www.ubuntu.com/usn/USN-2064-1",
"refsource": "MISC",
@ -176,41 +138,11 @@
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2110-1"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-4345",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-4345"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1007690",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1007690"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
]
}
}

2334
2013/4xxx/CVE-2013-4346.json
View File

File diff suppressed because it is too large Load Diff

53
2013/4xxx/CVE-2013-4355.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2013-4355 Kernel: Xen: Xsa-63: information leak via I/O instruction emulation"
"value": "Xen 4.3.x and earlier does not properly handle certain errors, which allows local HVM guests to obtain hypervisor stack memory via a (1) port or (2) memory mapped I/O write or (3) other unspecified operations related to addresses without associated memory."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Exposure of Sensitive Information to an Unauthorized Actor",
"cweId": "CWE-200"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-371.3.1.el5",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -93,46 +92,6 @@
"url": "http://www.openwall.com/lists/oss-security/2013/09/30/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/09/30/1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:1790",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:1790"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-4355",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-4355"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1009598",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1009598"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
]
}

79
2013/4xxx/CVE-2013-4356.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4356",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "54962",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54962"
"url": "http://security.gentoo.org/glsa/glsa-201407-03.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201407-03.xml"
},
{
"name": "GLSA-201407-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201407-03.xml"
"url": "http://secunia.com/advisories/54962",
"refsource": "MISC",
"name": "http://secunia.com/advisories/54962"
},
{
"name": "[oss-security] 20130930 Xen Security Advisory 64 (CVE-2013-4356) - Memory accessible by 64-bit PV guests under live migration",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/09/30/2"
"url": "http://www.openwall.com/lists/oss-security/2013/09/30/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/09/30/2"
},
{
"name": "62709",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/62709"
"url": "http://www.securityfocus.com/bid/62709",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/62709"
}
]
}

79
2013/4xxx/CVE-2013-4375.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4375",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://xenproject.org/downloads/xen-archives/supported-xen-43-series/xen-431.html",
"refsource": "CONFIRM",
"url": "http://xenproject.org/downloads/xen-archives/supported-xen-43-series/xen-431.html"
"url": "http://security.gentoo.org/glsa/glsa-201407-03.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201407-03.xml"
},
{
"name": "GLSA-201407-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201407-03.xml"
"url": "http://www.ubuntu.com/usn/USN-2092-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2092-1"
},
{
"name": "USN-2092-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2092-1"
"url": "http://www.openwall.com/lists/oss-security/2013/10/10/14",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/10/10/14"
},
{
"name": "[oss-security] 20131010 Xen Security Advisory 71 (CVE-2013-4375) - qemu disk backend (qdisk) resource leak",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/10/10/14"
"url": "http://xenproject.org/downloads/xen-archives/supported-xen-43-series/xen-431.html",
"refsource": "MISC",
"name": "http://xenproject.org/downloads/xen-archives/supported-xen-43-series/xen-431.html"
}
]
}

91
2013/4xxx/CVE-2013-4385.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4385",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,37 +27,61 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "62690",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/62690"
"url": "http://lists.gnu.org/archive/html/chicken-announce/2013-10/msg00000.html",
"refsource": "MISC",
"name": "http://lists.gnu.org/archive/html/chicken-announce/2013-10/msg00000.html"
},
{
"name": "[chicken-announce] 20130927 Re: [SECURITY] Buffer overrun in some uses of read-string! procedure from \"extras\"",
"refsource": "MLIST",
"url": "http://lists.nongnu.org/archive/html/chicken-announce/2013-09/msg00001.html"
"url": "http://lists.nongnu.org/archive/html/chicken-announce/2013-09/msg00000.html",
"refsource": "MISC",
"name": "http://lists.nongnu.org/archive/html/chicken-announce/2013-09/msg00000.html"
},
{
"name": "[chicken-announce] 20130926 [SECURITY] Buffer overrun in some uses of read-string! procedure from \"extras\"",
"refsource": "MLIST",
"url": "http://lists.nongnu.org/archive/html/chicken-announce/2013-09/msg00000.html"
"url": "http://lists.nongnu.org/archive/html/chicken-announce/2013-09/msg00001.html",
"refsource": "MISC",
"name": "http://lists.nongnu.org/archive/html/chicken-announce/2013-09/msg00001.html"
},
{
"name": "[chicken-announce] 20131003 Chicken 4.8.0.5 released",
"refsource": "MLIST",
"url": "http://lists.gnu.org/archive/html/chicken-announce/2013-10/msg00000.html"
"url": "http://secunia.com/advisories/55009",
"refsource": "MISC",
"name": "http://secunia.com/advisories/55009"
},
{
"name": "GLSA-201612-54",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-54"
"url": "http://www.securityfocus.com/bid/62690",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/62690"
},
{
"name": "55009",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55009"
"url": "https://security.gentoo.org/glsa/201612-54",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201612-54"
}
]
}

1345
2013/4xxx/CVE-2013-4386.json
View File

File diff suppressed because it is too large Load Diff

73
2013/4xxx/CVE-2013-4405.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2013-4405 cumin: CSRF protection does not work"
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allow remote attackers to hijack the authentication of cumin users for unspecified requests."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Cross-Site Request Forgery (CSRF)",
"cweId": "CWE-352"
"value": "n/a"
}
]
}
@ -32,31 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "MRG for RHEL-5 v. 2",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:0.1.5787-4.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise MRG 2",
"version": {
"version_data": [
{
"version_value": "0:0.1.5787-4.el6",
"version_affected": "!"
},
{
"version_value": "0:1.8.23.2-1.el6",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -79,55 +63,10 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1852.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:1851",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:1851"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:1852",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:1852"
},
{
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=998561",
"refsource": "MISC",
"name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=998561"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-4405",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-4405"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=998561",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=998561"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
]
}

97
2013/4xxx/CVE-2013-4416.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4416",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,42 +27,66 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "GLSA-201407-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201407-03.xml"
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00009.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00009.html"
},
{
"name": "1029264",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029264"
"url": "http://security.gentoo.org/glsa/glsa-201407-03.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201407-03.xml"
},
{
"name": "99072",
"refsource": "OSVDB",
"url": "http://osvdb.org/99072"
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00059.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00059.html"
},
{
"name": "[oss-security] 20131029 Xen Security Advisory 72 (CVE-2013-4416) - ocaml xenstored mishandles oversized message replies",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/10/29/5"
"url": "http://osvdb.org/99072",
"refsource": "MISC",
"name": "http://osvdb.org/99072"
},
{
"name": "63404",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/63404"
"url": "http://www.openwall.com/lists/oss-security/2013/10/29/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/10/29/5"
},
{
"name": "openSUSE-SU-2013:1636",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00009.html"
"url": "http://www.securityfocus.com/bid/63404",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/63404"
},
{
"name": "openSUSE-SU-2013:1876",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00059.html"
"url": "http://www.securitytracker.com/id/1029264",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1029264"
}
]
}

91
2013/4xxx/CVE-2013-4445.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4445",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,37 +27,61 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "FEDORA-2013-20965",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/122308.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/121433.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/121433.html"
},
{
"name": "https://drupal.org/node/2113317",
"refsource": "CONFIRM",
"url": "https://drupal.org/node/2113317"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/122298.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/122298.html"
},
{
"name": "https://drupal.org/node/2112785",
"refsource": "CONFIRM",
"url": "https://drupal.org/node/2112785"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/122308.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/122308.html"
},
{
"name": "FEDORA-2013-20942",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/121433.html"
"url": "https://drupal.org/node/2112785",
"refsource": "MISC",
"name": "https://drupal.org/node/2112785"
},
{
"name": "FEDORA-2013-20976",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/122298.html"
"url": "https://drupal.org/node/2112791",
"refsource": "MISC",
"name": "https://drupal.org/node/2112791"
},
{
"name": "https://drupal.org/node/2112791",
"refsource": "CONFIRM",
"url": "https://drupal.org/node/2112791"
"url": "https://drupal.org/node/2113317",
"refsource": "MISC",
"name": "https://drupal.org/node/2113317"
}
]
}

1356
2014/0xxx/CVE-2014-0007.json
View File

File diff suppressed because it is too large Load Diff

91
2014/0xxx/CVE-2014-0008.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0008",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,37 +27,61 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://moodle.org/mod/forum/discuss.php?d=252414",
"refsource": "CONFIRM",
"url": "https://moodle.org/mod/forum/discuss.php?d=252414"
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36721",
"refsource": "MISC",
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36721"
},
{
"name": "[oss-security] 20140120 Moodle security notifications public",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/01/20/1"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127510.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127510.html"
},
{
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36721",
"refsource": "CONFIRM",
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36721"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127533.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127533.html"
},
{
"name": "FEDORA-2014-1396",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127533.html"
"url": "http://openwall.com/lists/oss-security/2014/01/20/1",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2014/01/20/1"
},
{
"name": "FEDORA-2014-1377",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127510.html"
"url": "http://www.securitytracker.com/id/1029647",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1029647"
},
{
"name": "1029647",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029647"
"url": "https://moodle.org/mod/forum/discuss.php?d=252414",
"refsource": "MISC",
"name": "https://moodle.org/mod/forum/discuss.php?d=252414"
}
]
}

91
2014/0xxx/CVE-2014-0009.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0009",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,37 +27,61 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20140120 Moodle security notifications public",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/01/20/1"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127510.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127510.html"
},
{
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-42643",
"refsource": "CONFIRM",
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-42643"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127533.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127533.html"
},
{
"name": "https://moodle.org/mod/forum/discuss.php?d=252415",
"refsource": "CONFIRM",
"url": "https://moodle.org/mod/forum/discuss.php?d=252415"
"url": "http://openwall.com/lists/oss-security/2014/01/20/1",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2014/01/20/1"
},
{
"name": "FEDORA-2014-1396",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127533.html"
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-42643",
"refsource": "MISC",
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-42643"
},
{
"name": "FEDORA-2014-1377",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127510.html"
"url": "http://www.securitytracker.com/id/1029648",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1029648"
},
{
"name": "1029648",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029648"
"url": "https://moodle.org/mod/forum/discuss.php?d=252415",
"refsource": "MISC",
"name": "https://moodle.org/mod/forum/discuss.php?d=252415"
}
]
}

103
2014/0xxx/CVE-2014-0017.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0017",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "USN-2145-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2145-1"
"url": "http://www.openwall.com/lists/oss-security/2014/03/05/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/03/05/1"
},
{
"name": "DSA-2879",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2879"
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00036.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00036.html"
},
{
"name": "openSUSE-SU-2014:0366",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00036.html"
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00040.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00040.html"
},
{
"name": "57407",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57407"
"url": "http://secunia.com/advisories/57407",
"refsource": "MISC",
"name": "http://secunia.com/advisories/57407"
},
{
"name": "[oss-security] 20140305 libssh and stunnel PRNG flaws",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/03/05/1"
"url": "http://www.debian.org/security/2014/dsa-2879",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-2879"
},
{
"name": "http://www.libssh.org/2014/03/04/libssh-0-6-3-security-release/",
"refsource": "CONFIRM",
"url": "http://www.libssh.org/2014/03/04/libssh-0-6-3-security-release/"
"url": "http://www.libssh.org/2014/03/04/libssh-0-6-3-security-release/",
"refsource": "MISC",
"name": "http://www.libssh.org/2014/03/04/libssh-0-6-3-security-release/"
},
{
"name": "openSUSE-SU-2014:0370",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00040.html"
"url": "http://www.ubuntu.com/usn/USN-2145-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2145-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1072191",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1072191"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1072191",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1072191"
}
]
}

85
2014/0xxx/CVE-2014-0018.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0018",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0170",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0170.html"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0170.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0170.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1052783",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052783"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0171.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0171.html"
},
{
"name": "RHSA-2014:0172",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0172.html"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0172.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0172.html"
},
{
"name": "65591",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65591"
"url": "http://www.securityfocus.com/bid/65591",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/65591"
},
{
"name": "RHSA-2014:0171",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0171.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052783",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1052783"
}
]
}

99
2014/0xxx/CVE-2014-0027.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0027",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The play_wave_from_socket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third party information."
"value": "The play_wave_from_socket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third party information."
}
]
},
@ -50,42 +27,66 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "FEDORA-2014-0579",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127776.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127748.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127748.html"
},
{
"name": "64791",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64791"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127776.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127776.html"
},
{
"name": "MDVSA-2014:032",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:032"
"url": "http://seclists.org/oss-sec/2014/q1/59",
"refsource": "MISC",
"name": "http://seclists.org/oss-sec/2014/q1/59"
},
{
"name": "101948",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/101948"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:032",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:032"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1048678",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1048678"
"url": "http://www.osvdb.org/101948",
"refsource": "MISC",
"name": "http://www.osvdb.org/101948"
},
{
"name": "[oss-security] 20140110 temporary file issue in flite",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q1/59"
"url": "http://www.securityfocus.com/bid/64791",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/64791"
},
{
"name": "FEDORA-2014-0574",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127748.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1048678",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1048678"
}
]
}

97
2014/0xxx/CVE-2014-0028.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0028",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,42 +27,66 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "USN-2093-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2093-1"
"url": "http://libvirt.org/news.html",
"refsource": "MISC",
"name": "http://libvirt.org/news.html"
},
{
"name": "http://libvirt.org/news.html",
"refsource": "CONFIRM",
"url": "http://libvirt.org/news.html"
"url": "http://secunia.com/advisories/60895",
"refsource": "MISC",
"name": "http://secunia.com/advisories/60895"
},
{
"name": "60895",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60895"
"url": "http://security.gentoo.org/glsa/glsa-201412-04.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
},
{
"name": "GLSA-201412-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
"url": "http://www.ubuntu.com/usn/USN-2093-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2093-1"
},
{
"name": "openSUSE-SU-2014:0268",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00060.html"
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00060.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00060.html"
},
{
"name": "[libvirt] 20140115 [PATCH 0/4] CVE-2014-0028: domain events vs. ACL filtering",
"refsource": "MLIST",
"url": "https://www.redhat.com/archives/libvir-list/2014-January/msg00684.html"
"url": "https://www.redhat.com/archives/libvir-list/2014-January/msg00684.html",
"refsource": "MISC",
"name": "https://www.redhat.com/archives/libvir-list/2014-January/msg00684.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1048637",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1048637"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1048637",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1048637"
}
]
}

61
2014/0xxx/CVE-2014-0029.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0029",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,12 +27,36 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1059433",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1059433"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1059433",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1059433"
}
]
}

79
2014/0xxx/CVE-2014-0037.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0037",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1056767",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1056767"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:044",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:044"
},
{
"name": "[oss-security] 20140131 Security Flaw CVE-2014-0037",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/01/31/14"
"url": "http://www.openwall.com/lists/oss-security/2014/01/31/14",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/01/31/14"
},
{
"name": "MDVSA-2014:044",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:044"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1059903",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1059903"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1059903",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1059903"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1056767",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1056767"
}
]
}

175
2014/0xxx/CVE-2014-0038.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0038",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,102 +27,126 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2def2ef2ae5f3990aabdbe8a755911902707d268",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2def2ef2ae5f3990aabdbe8a755911902707d268"
},
{
"name": "USN-2096-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2096-1"
},
{
"name": "https://github.com/saelo/cve-2014-0038",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html",
"refsource": "MISC",
"url": "https://github.com/saelo/cve-2014-0038"
"name": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html"
},
{
"name": "USN-2095-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2095-1"
},
{
"name": "http://pastebin.com/raw.php?i=DH3Lbg54",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00003.html",
"refsource": "MISC",
"url": "http://pastebin.com/raw.php?i=DH3Lbg54"
"name": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00003.html"
},
{
"name": "https://code.google.com/p/chromium/issues/detail?id=338594",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2def2ef2ae5f3990aabdbe8a755911902707d268",
"refsource": "MISC",
"url": "https://code.google.com/p/chromium/issues/detail?id=338594"
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2def2ef2ae5f3990aabdbe8a755911902707d268"
},
{
"name": "USN-2094-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2094-1"
"url": "http://pastebin.com/raw.php?i=DH3Lbg54",
"refsource": "MISC",
"name": "http://pastebin.com/raw.php?i=DH3Lbg54"
},
{
"name": "MDVSA-2014:038",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:038"
"url": "http://secunia.com/advisories/56669",
"refsource": "MISC",
"name": "http://secunia.com/advisories/56669"
},
{
"name": "56669",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56669"
"url": "http://www.exploit-db.com/exploits/31346",
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/31346"
},
{
"name": "65255",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65255"
"url": "http://www.exploit-db.com/exploits/31347",
"refsource": "MISC",
"name": "http://www.exploit-db.com/exploits/31347"
},
{
"name": "https://github.com/torvalds/linux/commit/2def2ef2ae5f3990aabdbe8a755911902707d268",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/2def2ef2ae5f3990aabdbe8a755911902707d268"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.2",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.2"
},
{
"name": "40503",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/40503/"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:038",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:038"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.2",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.2"
"url": "http://www.openwall.com/lists/oss-security/2014/01/31/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/01/31/2"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1060023",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060023"
"url": "http://www.securityfocus.com/bid/65255",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/65255"
},
{
"name": "openSUSE-SU-2014:0204",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html"
"url": "http://www.ubuntu.com/usn/USN-2094-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2094-1"
},
{
"name": "31347",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/31347"
"url": "http://www.ubuntu.com/usn/USN-2095-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2095-1"
},
{
"name": "openSUSE-SU-2014:0205",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00003.html"
"url": "http://www.ubuntu.com/usn/USN-2096-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2096-1"
},
{
"name": "31346",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/31346"
"url": "https://code.google.com/p/chromium/issues/detail?id=338594",
"refsource": "MISC",
"name": "https://code.google.com/p/chromium/issues/detail?id=338594"
},
{
"name": "[oss-security] 20140131 Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/01/31/2"
"url": "https://github.com/saelo/cve-2014-0038",
"refsource": "MISC",
"name": "https://github.com/saelo/cve-2014-0038"
},
{
"url": "https://github.com/torvalds/linux/commit/2def2ef2ae5f3990aabdbe8a755911902707d268",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/2def2ef2ae5f3990aabdbe8a755911902707d268"
},
{
"url": "https://www.exploit-db.com/exploits/40503/",
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/40503/"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060023",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1060023"
}
]
}

73
2014/0xxx/CVE-2014-0047.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0047",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "73315",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73315"
"url": "http://www.openwall.com/lists/oss-security/2015/03/24/23",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/03/24/23"
},
{
"name": "[oss-security] 20150324 Re: 2 moderate (borderline low) docker flaws fixed in >=1.5 and possibly earlier",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/03/24/23"
"url": "http://www.securityfocus.com/bid/73315",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/73315"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1063549",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1063549"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1063549",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1063549"
}
]
}

97
2014/0xxx/CVE-2014-0048.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0048",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "docker.io",
"product": {
"product_data": [
{
"product_name": "docker.io",
"version": {
"version_data": [
{
"version_value": "before 1.6.0"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,12 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "docker.io",
"product": {
"product_data": [
{
"product_name": "docker.io",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "before 1.6.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2014-0048",
"url": "http://www.openwall.com/lists/oss-security/2015/03/24/18",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2014-0048"
"name": "http://www.openwall.com/lists/oss-security/2015/03/24/18"
},
{
"url": "http://www.openwall.com/lists/oss-security/2015/03/24/22",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/03/24/22"
},
{
"url": "http://www.openwall.com/lists/oss-security/2015/03/24/23",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/03/24/23"
},
{
"url": "https://access.redhat.com/security/cve/cve-2014-0048",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2014-0048"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0048",
@ -68,29 +84,14 @@
"name": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2014-0048"
},
{
"url": "https://access.redhat.com/security/cve/cve-2014-0048",
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2014-0048"
"name": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E"
},
{
"url": "http://www.openwall.com/lists/oss-security/2015/03/24/23",
"url": "https://security-tracker.debian.org/tracker/CVE-2014-0048",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/03/24/23"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/03/24/18",
"url": "http://www.openwall.com/lists/oss-security/2015/03/24/18"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/03/24/22",
"url": "http://www.openwall.com/lists/oss-security/2015/03/24/22"
},
{
"refsource": "MLIST",
"name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12",
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E"
"name": "https://security-tracker.debian.org/tracker/CVE-2014-0048"
}
]
}

85
2014/0xxx/CVE-2014-0049.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0049",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.6",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.6"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a08d3b3b99efd509133946056531cdf8f3a0c09b",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a08d3b3b99efd509133946056531cdf8f3a0c09b"
},
{
"name": "[oss-security] 20140303 CVE-2014-0049 -- Linux kernel: kvm: mmio_fragments out-of-the-bounds access",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/03/03/1"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.6",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.6"
},
{
"name": "https://github.com/torvalds/linux/commit/a08d3b3b99efd509133946056531cdf8f3a0c09b",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/a08d3b3b99efd509133946056531cdf8f3a0c09b"
"url": "http://www.openwall.com/lists/oss-security/2014/03/03/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/03/03/1"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a08d3b3b99efd509133946056531cdf8f3a0c09b",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a08d3b3b99efd509133946056531cdf8f3a0c09b"
"url": "https://github.com/torvalds/linux/commit/a08d3b3b99efd509133946056531cdf8f3a0c09b",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/a08d3b3b99efd509133946056531cdf8f3a0c09b"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1062368",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1062368"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1062368",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1062368"
}
]
}

84
2014/0xxx/CVE-2014-0057.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-0057 CFME: Dangerous send in ServiceController"
"value": "The x_button method in the ServiceController (vmdb/app/controllers/service_controller.rb) in Red Hat CloudForms 3.0 Management Engine 5.2 allows remote attackers to execute arbitrary methods via unspecified vectors."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')",
"cweId": "CWE-470"
"value": "n/a"
}
]
}
@ -32,52 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "CloudForms Management Engine 5.x",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:5.2.2.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.9.3.448-40.1.el6",
"version_affected": "!"
},
{
"version_value": "1:3.2.13-5.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.9.2-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.7-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.31.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.19.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.7.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.5.6-3.el6cf",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -90,11 +53,6 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2014:0215",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0215"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2014-0215.html",
"refsource": "MISC",
@ -105,41 +63,11 @@
"refsource": "MISC",
"name": "http://secunia.com/advisories/57376"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0057",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0057"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064140",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1064140"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
]
}
}

79
2014/0xxx/CVE-2014-0058.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0058",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0204",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0204.html"
"url": "http://rhn.redhat.com/errata/RHSA-2015-0034.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0034.html"
},
{
"name": "RHSA-2015:0034",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0034.html"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0204.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0204.html"
},
{
"name": "RHSA-2014:0205",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0205.html"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0205.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0205.html"
},
{
"name": "65762",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65762"
"url": "http://www.securityfocus.com/bid/65762",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/65762"
}
]
}

91
2014/0xxx/CVE-2014-0059.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0059",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,37 +27,61 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0565",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0565.html"
"url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
},
{
"name": "RHSA-2015:0675",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
"url": "http://rhn.redhat.com/errata/RHSA-2015-0850.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0850.html"
},
{
"name": "RHSA-2015:0850",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0850.html"
"url": "http://rhn.redhat.com/errata/RHSA-2015-0851.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0851.html"
},
{
"name": "RHSA-2014:0563",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0563.html"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0563.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0563.html"
},
{
"name": "RHSA-2015:0851",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0851.html"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0564.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0564.html"
},
{
"name": "RHSA-2014:0564",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0564.html"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0565.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0565.html"
}
]
}

121
2014/0xxx/CVE-2014-0067.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0067",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,62 +27,86 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://wiki.postgresql.org/wiki/20140220securityrelease",
"refsource": "CONFIRM",
"url": "http://wiki.postgresql.org/wiki/20140220securityrelease"
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "DSA-2864",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2864"
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"
},
{
"name": "http://www.postgresql.org/about/news/1506/",
"refsource": "CONFIRM",
"url": "http://www.postgresql.org/about/news/1506/"
"url": "https://support.apple.com/HT205219",
"refsource": "MISC",
"name": "https://support.apple.com/HT205219"
},
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
"url": "https://support.apple.com/kb/HT205031",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT205031"
},
{
"name": "DSA-2865",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2865"
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html"
},
{
"name": "openSUSE-SU-2014:0345",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html"
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html"
},
{
"name": "65721",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65721"
"url": "http://wiki.postgresql.org/wiki/20140220securityrelease",
"refsource": "MISC",
"name": "http://wiki.postgresql.org/wiki/20140220securityrelease"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
"url": "http://www.debian.org/security/2014/dsa-2864",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-2864"
},
{
"name": "APPLE-SA-2015-09-16-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"
"url": "http://www.debian.org/security/2014/dsa-2865",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-2865"
},
{
"name": "openSUSE-SU-2014:0368",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html"
"url": "http://www.postgresql.org/about/news/1506/",
"refsource": "MISC",
"name": "http://www.postgresql.org/about/news/1506/"
},
{
"name": "https://support.apple.com/HT205219",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205219"
"url": "http://www.securityfocus.com/bid/65721",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/65721"
}
]
}

48
2014/0xxx/CVE-2014-0068.json
View File

@ -1,12 +1,33 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-0068",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was reported that watchman in openshift node-utils creates /var/run/watchman.pid and /var/log/watchman.ouput with world writable permission."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-732",
"cweId": "CWE-732"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
@ -19,6 +40,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "openshift node-util as shipped in Openshift Enterprise 1.x and 2.x"
}
]
@ -30,32 +52,12 @@
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-732"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064100",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1064100",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064100"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was reported that watchman in openshift node-utils creates /var/run/watchman.pid and /var/log/watchman.ouput with world writable permission."
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1064100"
}
]
}

103
2014/0xxx/CVE-2014-0069.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0069",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[linux-cifs] 20140214 [PATCH] cifs: ensure that uncached writes handle unmapped areas correctly",
"refsource": "MLIST",
"url": "http://article.gmane.org/gmane.linux.kernel.cifs/9401"
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html"
},
{
"name": "65588",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65588"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0328.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0328.html"
},
{
"name": "https://github.com/torvalds/linux/commit/5d81de8e8667da7135d3a32a964087c0faf5483f",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/5d81de8e8667da7135d3a32a964087c0faf5483f"
"url": "http://article.gmane.org/gmane.linux.kernel.cifs/9401",
"refsource": "MISC",
"name": "http://article.gmane.org/gmane.linux.kernel.cifs/9401"
},
{
"name": "RHSA-2014:0328",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0328.html"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5d81de8e8667da7135d3a32a964087c0faf5483f",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5d81de8e8667da7135d3a32a964087c0faf5483f"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1064253",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064253"
"url": "http://www.openwall.com/lists/oss-security/2014/02/17/4",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/02/17/4"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5d81de8e8667da7135d3a32a964087c0faf5483f",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5d81de8e8667da7135d3a32a964087c0faf5483f"
"url": "http://www.securityfocus.com/bid/65588",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/65588"
},
{
"name": "[oss-security] 20140217 CVE-2014-0069 -- kernel: cifs: incorrect handling of bogus user pointers during uncached writes",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/02/17/4"
"url": "https://github.com/torvalds/linux/commit/5d81de8e8667da7135d3a32a964087c0faf5483f",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/5d81de8e8667da7135d3a32a964087c0faf5483f"
},
{
"name": "SUSE-SU-2014:0459",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064253",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1064253"
}
]
}

97
2014/0xxx/CVE-2014-0077.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0077",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,42 +27,66 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "66678",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66678"
"url": "http://secunia.com/advisories/59386",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59386"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1064440",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064440"
"url": "http://secunia.com/advisories/59599",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59599"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.10",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.10"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d8316f3991d207fe32881a9ac20241be8fa2bad0",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d8316f3991d207fe32881a9ac20241be8fa2bad0"
},
{
"name": "https://github.com/torvalds/linux/commit/d8316f3991d207fe32881a9ac20241be8fa2bad0",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/d8316f3991d207fe32881a9ac20241be8fa2bad0"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.10",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.10"
},
{
"name": "59386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59386"
"url": "http://www.securityfocus.com/bid/66678",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/66678"
},
{
"name": "59599",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59599"
"url": "https://github.com/torvalds/linux/commit/d8316f3991d207fe32881a9ac20241be8fa2bad0",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/d8316f3991d207fe32881a9ac20241be8fa2bad0"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d8316f3991d207fe32881a9ac20241be8fa2bad0",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d8316f3991d207fe32881a9ac20241be8fa2bad0"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064440",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1064440"
}
]
}

60
2014/0xxx/CVE-2014-0078.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-0078 CFME: multiple authorization bypass vulnerabilities in CatalogController"
"value": "The CatalogController in Red Hat CloudForms Management Engine (CFME) before 5.2.3.2 allows remote authenticated users to delete arbitrary catalogs via vectors involving guessing the catalog ID."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Missing Authorization",
"cweId": "CWE-862"
"value": "n/a"
}
]
}
@ -32,28 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "CloudForms Management Engine 5.x",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:5.2.3.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:9.2.7-1.1.el6",
"version_affected": "!"
},
{
"version_value": "0:9.0r2-4.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.2.13-6.el6cf",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -71,46 +58,11 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0469.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0469",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0469"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0078",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0078"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064556",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1064556"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
}
]
}
}

67
2014/0xxx/CVE-2014-0079.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0079",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,17 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "MDVSA-2014:044",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:044"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:044",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:044"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1059903",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1059903"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1059903",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1059903"
}
]
}

97
2014/9xxx/CVE-2014-9420.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was found that the Linux kernel's ISO file system implementation did not correctly limit the traversal of Rock Ridge extension Continuation Entries (CE). An attacker with physical access to the system could use this flaw to trigger an infinite loop in the kernel, resulting in a denial of service."
"value": "The rock_continue function in fs/isofs/rock.c in the Linux kernel through 3.18.1 does not restrict the number of Rock Ridge continuation entries, which allows local users to cause a denial of service (infinite loop, and system crash or hang) via a crafted iso9660 image."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Loop with Unreachable Exit Condition ('Infinite Loop')",
"cweId": "CWE-835"
"value": "n/a"
}
]
}
@ -32,42 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-504.23.4.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:3.10.0-229.7.2.rt56.141.6.el7_1",
"version_affected": "!"
},
{
"version_value": "0:3.10.0-229.7.2.ael7b",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise MRG 2",
"version": {
"version_data": [
{
"version_value": "1:3.10.0-229.rt56.153.el6rt",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -195,36 +168,6 @@
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/12/25/4"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1081",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1081"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1137",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1137"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1138",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1138"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1139",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1139"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-9420",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-9420"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1175235",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1175235"
},
{
"url": "https://github.com/torvalds/linux/commit/f54e18f1b831c92f6512d2eedb224cd63d607d3d",
"refsource": "MISC",
@ -234,31 +177,11 @@
"url": "https://source.android.com/security/bulletin/2017-01-01.html",
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2017-01-01.html"
}
]
},
"impact": {
"cvss": [
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.7,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1175235",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1175235"
}
]
}

97
2014/9xxx/CVE-2014-9710.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-9710",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,42 +27,66 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5f5bc6b1e2d5a6f827bc860ef2dc5b6f365d1339",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5f5bc6b1e2d5a6f827bc860ef2dc5b6f365d1339"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html"
},
{
"name": "SUSE-SU-2015:1489",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5f5bc6b1e2d5a6f827bc860ef2dc5b6f365d1339",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5f5bc6b1e2d5a6f827bc860ef2dc5b6f365d1339"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1205079",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205079"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html"
},
{
"name": "1032418",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032418"
"url": "http://www.openwall.com/lists/oss-security/2015/03/24/11",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/03/24/11"
},
{
"name": "[oss-security] 20150324 CVE request Linux kernel: fs: btrfs: non-atomic xattr replace operation",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/03/24/11"
"url": "http://www.securitytracker.com/id/1032418",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1032418"
},
{
"name": "SUSE-SU-2015:1224",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html"
"url": "https://github.com/torvalds/linux/commit/5f5bc6b1e2d5a6f827bc860ef2dc5b6f365d1339",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/5f5bc6b1e2d5a6f827bc860ef2dc5b6f365d1339"
},
{
"name": "https://github.com/torvalds/linux/commit/5f5bc6b1e2d5a6f827bc860ef2dc5b6f365d1339",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/5f5bc6b1e2d5a6f827bc860ef2dc5b6f365d1339"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205079",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1205079"
}
]
}

121
2014/9xxx/CVE-2014-9730.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-9730",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,62 +27,86 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150602 CVE request Linux kernel: fs: udf heap overflow in __udf_adinicb_readpage",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/06/02/7"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2"
},
{
"name": "https://github.com/torvalds/linux/commit/e237ec37ec154564f8690c5bd1795339955eeef9",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/e237ec37ec154564f8690c5bd1795339955eeef9"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html"
},
{
"name": "SUSE-SU-2015:1611",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html"
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e237ec37ec154564f8690c5bd1795339955eeef9",
"refsource": "MISC",
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e237ec37ec154564f8690c5bd1795339955eeef9"
},
{
"name": "SUSE-SU-2015:1324",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1228229",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1228229"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
},
{
"name": "74964",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74964"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html"
},
{
"name": "openSUSE-SU-2015:1382",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e237ec37ec154564f8690c5bd1795339955eeef9",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e237ec37ec154564f8690c5bd1795339955eeef9"
"url": "http://www.openwall.com/lists/oss-security/2015/06/02/7",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/06/02/7"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2"
"url": "http://www.securityfocus.com/bid/74964",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/74964"
},
{
"name": "SUSE-SU-2015:1224",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html"
"url": "https://github.com/torvalds/linux/commit/e237ec37ec154564f8690c5bd1795339955eeef9",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/e237ec37ec154564f8690c5bd1795339955eeef9"
},
{
"name": "SUSE-SU-2015:1592",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1228229",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1228229"
}
]
}

91
2015/5xxx/CVE-2015-5225.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A heap-based buffer overflow issue was found in the QEMU emulator's VNC display driver. It could occur while refreshing the VNC server's display surface using the vnc_refresh_server_surface() routine. A privileged guest user could use this flaw to corrupt the heap memory and crash the QEMU process instance, or to potentially use it to execute arbitrary code on the host."
"value": "Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service (heap memory corruption and process crash) or possibly execute arbitrary code on the host via unspecified vectors, related to refreshing the server display surface."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
"value": "n/a"
}
]
}
@ -32,49 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "10:2.1.2-23.el7_1.9",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "10:2.1.2-23.el7_1.9",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "10:2.1.2-23.el7_1.9",
"version_affected": "!"
}
]
}
},
{
"product_name": "RHEV 3.X Hypervisor and Agents for RHEL-7",
"version": {
"version_data": [
{
"version_value": "10:2.1.2-23.el7_1.9",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -137,26 +103,6 @@
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1033547"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1772",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1772"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1837",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1837"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5225",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5225"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1255896",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1255896"
},
{
"url": "https://lists.gnu.org/archive/html/qemu-devel/2015-08/msg02495.html",
"refsource": "MISC",
@ -168,30 +114,5 @@
"name": "https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg05832.html"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
]
}
}

97
2015/5xxx/CVE-2015-5229.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5229",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,42 +27,66 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1246713",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1246713"
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"name": "84172",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/84172"
"url": "http://rhn.redhat.com/errata/RHSA-2016-0176.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2016-0176.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1256285",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1256285"
"url": "http://www.securityfocus.com/bid/84172",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/84172"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1246713",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1246713"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1293976",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1293976"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1293976",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1293976"
},
{
"name": "RHSA-2016:0176",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0176.html"
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10150",
"refsource": "MISC",
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10150"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10150",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10150"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1256285",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1256285"
}
]
}

85
2015/5xxx/CVE-2015-5232.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5232",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://github.com/01org/opa-fm/commit/5f4087aabb5d03c42738b320af0fc60e9df4d1f7",
"refsource": "CONFIRM",
"url": "https://github.com/01org/opa-fm/commit/5f4087aabb5d03c42738b320af0fc60e9df4d1f7"
"url": "http://www.openwall.com/lists/oss-security/2015/09/22/17",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/09/22/17"
},
{
"name": "[oss-security] 20150922 CVE-2015-5232: various /tmp races in opa-fm, opa-ff",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/09/22/17"
"url": "https://github.com/01org/opa-ff/commit/080ab97461d80a01636f77ba6aecc667c3c0087c",
"refsource": "MISC",
"name": "https://github.com/01org/opa-ff/commit/080ab97461d80a01636f77ba6aecc667c3c0087c"
},
{
"name": "https://github.com/01org/opa-ff/commit/080ab97461d80a01636f77ba6aecc667c3c0087c",
"refsource": "CONFIRM",
"url": "https://github.com/01org/opa-ff/commit/080ab97461d80a01636f77ba6aecc667c3c0087c"
"url": "https://github.com/01org/opa-fm/commit/5f4087aabb5d03c42738b320af0fc60e9df4d1f7",
"refsource": "MISC",
"name": "https://github.com/01org/opa-fm/commit/5f4087aabb5d03c42738b320af0fc60e9df4d1f7"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1257098",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1257098"
"url": "https://github.com/01org/opa-fm/commit/c5759e7b76f5bf844be6c6641cc1b356bbc83869",
"refsource": "MISC",
"name": "https://github.com/01org/opa-fm/commit/c5759e7b76f5bf844be6c6641cc1b356bbc83869"
},
{
"name": "https://github.com/01org/opa-fm/commit/c5759e7b76f5bf844be6c6641cc1b356bbc83869",
"refsource": "CONFIRM",
"url": "https://github.com/01org/opa-fm/commit/c5759e7b76f5bf844be6c6641cc1b356bbc83869"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1257098",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1257098"
}
]
}

120
2015/5xxx/CVE-2015-5233.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A flaw was discovered where Satellite failed to properly enforce permissions on the show and delete actions for reports. An authenticated user with show or delete report permissions could use this flaw to view or delete any reports held in Foreman."
"value": "Foreman before 1.8.4 and 1.9.x before 1.9.1 do not properly apply view_hosts permissions, which allows (1) remote authenticated users with the view_reports permission to read reports from arbitrary hosts or (2) remote authenticated users with the destroy_reports permission to delete reports from arbitrary hosts via direct access to the (a) individual report show/delete pages or (b) APIs."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Access Control",
"cweId": "CWE-284"
"value": "n/a"
}
]
}
@ -32,88 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Satellite 6.1",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:1.7.2.49-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:3.0.5-3",
"version_affected": "!"
},
{
"version_value": "0:1.7.2.7-1.el6",
"version_affected": "!"
},
{
"version_value": "0:2.6.8-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:2.2.6-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:2.3.22-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.3.4-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.30-7.el7",
"version_affected": "!"
},
{
"version_value": "0:0.4-11.el7",
"version_affected": "!"
},
{
"version_value": "0:0.9-11.el6",
"version_affected": "!"
},
{
"version_value": "0:4.0.2.14-1.el6_6sat",
"version_affected": "!"
},
{
"version_value": "0:2.0.0.23-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.2.4-1.el6_6sat",
"version_affected": "!"
},
{
"version_value": "0:2.2.0.77-1.el6_6sat",
"version_affected": "!"
},
{
"version_value": "0:0.0.6-1.el6_6sat",
"version_affected": "!"
},
{
"version_value": "0:0.0.3.10-1.el6",
"version_affected": "!"
},
{
"version_value": "0:0.9.6-1.el6",
"version_affected": "!"
},
{
"version_value": "0:1.0.3-2.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.0.5-3.el6",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -140,41 +67,6 @@
"url": "https://access.redhat.com/errata/RHSA-2015:2622",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2622"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5233",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5233"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1262443",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1262443"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P",
"version": "2.0"
}
]
}

51
2015/5xxx/CVE-2015-5239.json
View File

@ -1,12 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5239",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -39,6 +39,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "before 2.1.0"
}
]
@ -53,54 +54,54 @@
"references": {
"reference_data": [
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00026.html",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00026.html"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00026.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html"
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00026.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00005.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00005.html",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00005.html"
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00005.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00011.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00011.html",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00011.html"
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00011.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2015/09/02/7",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2745-1",
"url": "http://www.ubuntu.com/usn/USN-2745-1"
"name": "http://www.openwall.com/lists/oss-security/2015/09/02/7"
},
{
"url": "http://www.ubuntu.com/usn/USN-2745-1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/09/02/7",
"url": "http://www.openwall.com/lists/oss-security/2015/09/02/7"
"name": "http://www.ubuntu.com/usn/USN-2745-1"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/qemu/qemu/commit/f9a70e79391f6d7c2a912d785239ee8effc1922d",
"url": "https://github.com/qemu/qemu/commit/f9a70e79391f6d7c2a912d785239ee8effc1922d"
"url": "https://github.com/qemu/qemu/commit/f9a70e79391f6d7c2a912d785239ee8effc1922d",
"refsource": "MISC",
"name": "https://github.com/qemu/qemu/commit/f9a70e79391f6d7c2a912d785239ee8effc1922d"
},
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14",
"refsource": "MISC",
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14"
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14"
}
]
}

89
2015/5xxx/CVE-2015-5240.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A race-condition flaw leading to ACL bypass was discovered in OpenStack Networking (neutron). An authenticated user could change the owner of a port after it was created but before firewall rules were applied, thus preventing firewall control checks from occurring. All OpenStack Networking deployments that used either the ML2 plug-in or a plug-in that relied on the security groups AMQP API were affected."
"value": "Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: before the security group rules are applied."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')",
"cweId": "CWE-362"
"value": "n/a"
}
]
}
@ -32,49 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2014.1.5-4.el6ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2014.1.5-4.el7ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2014.2.3-19.el7ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2015.1.1-7.el7ost",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -97,55 +63,20 @@
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/09/08/9"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1909",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1909"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5240",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5240"
},
{
"url": "https://bugs.launchpad.net/neutron/+bug/1489111",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/neutron/+bug/1489111"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1258458",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1258458"
},
{
"url": "https://security.openstack.org/ossa/OSSA-2015-018.html",
"refsource": "MISC",
"name": "https://security.openstack.org/ossa/OSSA-2015-018.html"
}
]
},
"impact": {
"cvss": [
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.9,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:P",
"version": "2.0"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1258458",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1258458"
}
]
}

79
2015/5xxx/CVE-2015-5242.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5242",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1258743",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1258743"
"url": "http://rhn.redhat.com/errata/RHSA-2015-1918.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-1918.html"
},
{
"name": "https://review.openstack.org/#/c/237994/",
"refsource": "CONFIRM",
"url": "https://review.openstack.org/#/c/237994/"
"url": "https://access.redhat.com/solutions/1985893",
"refsource": "MISC",
"name": "https://access.redhat.com/solutions/1985893"
},
{
"name": "RHSA-2015:1918",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1918.html"
"url": "https://review.openstack.org/#/c/237994/",
"refsource": "MISC",
"name": "https://review.openstack.org/#/c/237994/"
},
{
"name": "https://access.redhat.com/solutions/1985893",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/solutions/1985893"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1258743",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1258743"
}
]
}

79
2015/5xxx/CVE-2015-5244.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5244",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://pagure.io/mod_nss/c/34e1ccecb4a7d5054dba2f92b403af9b6ae1e110",
"refsource": "CONFIRM",
"url": "https://pagure.io/mod_nss/c/34e1ccecb4a7d5054dba2f92b403af9b6ae1e110"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175248.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175248.html"
},
{
"name": "FEDORA-2015-c76c1c84cf",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175248.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176026.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176026.html"
},
{
"name": "FEDORA-2016-6aa4dd4f3a",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176026.html"
"url": "https://pagure.io/mod_nss/c/34e1ccecb4a7d5054dba2f92b403af9b6ae1e110",
"refsource": "MISC",
"name": "https://pagure.io/mod_nss/c/34e1ccecb4a7d5054dba2f92b403af9b6ae1e110"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1259216",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1259216"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1259216",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1259216"
}
]
}

357
2015/5xxx/CVE-2015-5245.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A feature in Ceph Object Gateway (RGW) allows to return a specific HTTP header that contains the name of a bucket that was accessed. It was found that the returned HTTP headers were not sanitized. An unauthenticated attacker could use this flaw to craft HTTP headers in responses that would confuse the load balancer residing in front of RGW, potentially resulting in a denial of service."
"value": "CRLF injection vulnerability in the Ceph Object Gateway (aka radosgw or RGW) in Ceph before 0.94.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted bucket name."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Input Validation",
"cweId": "CWE-20"
"value": "n/a"
}
]
}
@ -32,320 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Ceph Storage 1.3 for Red Hat Enterprise Linux 7",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:1.2.4-3.el7cp",
"version_affected": "!"
},
{
"version_value": "0:1.3-11.el7cp",
"version_affected": "!"
},
{
"version_value": "1:0.94.3-3.el7cp",
"version_affected": "!"
},
{
"version_value": "0:1.5.27.3-1.el7cp",
"version_affected": "!"
},
{
"version_value": "0:0.1.1-1.el7cp",
"version_affected": "!"
},
{
"version_value": "1:1.7.6-2.1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.7.2.33-1.el7sat",
"version_affected": "!"
},
{
"version_value": "1:1.7.5-2.el7cp",
"version_affected": "!"
},
{
"version_value": "0:1.7.2.5-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.7.2.13-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.3.1-2.el7",
"version_affected": "!"
},
{
"version_value": "0:20130517-7.1fm.gitc4bce43.el7sat",
"version_affected": "!"
},
{
"version_value": "0:2.4.1-1.el7cp",
"version_affected": "!"
},
{
"version_value": "0:3.6.2-4.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.2.3-1.el7cp",
"version_affected": "!"
},
{
"version_value": "0:0.1.0-1.el7cp",
"version_affected": "!"
},
{
"version_value": "0:1.6.18-5.el7sat",
"version_affected": "!"
},
{
"version_value": "0:2.0.0-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.2.5-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:3.0.0-5.el7sat",
"version_affected": "!"
},
{
"version_value": "0:3.0.0-8.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.3.0-6.el7sat",
"version_affected": "!"
},
{
"version_value": "0:2.0.0-4.el7",
"version_affected": "!"
},
{
"version_value": "0:0.8.0-13.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.4.2-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:4.0.2.13-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:4.0.10.1-1.el7",
"version_affected": "!"
},
{
"version_value": "0:0.10.0-3.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.0.8-3.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.2.7-5.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.3.2-1.el7",
"version_affected": "!"
},
{
"version_value": "0:1.8.2-4.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.3.1-3.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.4.7-8.el7sat",
"version_affected": "!"
},
{
"version_value": "0:4.0.18-19.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.12.2-10.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.0.7-3.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.9.0-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.6.7-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:2.0.1-9.el7sat",
"version_affected": "!"
},
{
"version_value": "0:3.1.1-15.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.2.1-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:2.7.1-2.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.3.3-1.el7",
"version_affected": "!"
},
{
"version_value": "0:4.1.3-7.el7sat",
"version_affected": "!"
},
{
"version_value": "0:2.10.1-3.el7sat",
"version_affected": "!"
},
{
"version_value": "0:2.1.3-6.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.2.0-1.3.el7sat",
"version_affected": "!"
},
{
"version_value": "0:3.0.2-10.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.0.2-6.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.5.0-1.el7",
"version_affected": "!"
},
{
"version_value": "0:1.4.3-3.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.0.11-1.el7",
"version_affected": "!"
},
{
"version_value": "0:1.0.2-12.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.3.0-7.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.6.2-2.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.4.0-3.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.1.2-4.el7sat",
"version_affected": "!"
},
{
"version_value": "0:2.0.5-2.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.6.21-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.6.5.9-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.0.4.4-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.1.3-17.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.8.1-26.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.19-7.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.0.11-8.el7sat",
"version_affected": "!"
},
{
"version_value": "1:1.4.1-13.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.5.0-7.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.9.2.2-41.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.1.2-3.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.10.0-1.el7sat",
"version_affected": "!"
},
{
"version_value": "1:1.3.6-27.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.0.2.1-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.3.3-18.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.6.5-2.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.4.1-21.el7",
"version_affected": "!"
},
{
"version_value": "0:0.7.9-2.el7rhgs",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -368,50 +63,10 @@
"refsource": "MISC",
"name": "http://tracker.ceph.com/issues/12537"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:2066",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2066"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:2512",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2512"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5245",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5245"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1261606",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1261606"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
"version": "2.0"
}
]
}

47
2015/5xxx/CVE-2015-5250.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was found that improper error handling in the API server could cause the master process to crash. A user with network access to the master could use this flaw to crash the master process."
"value": "The API server in OpenShift Origin 1.0.5 allows remote attackers to cause a denial of service (master process crash) via crafted JSON data."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Input Validation",
"cweId": "CWE-20"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat OpenShift Enterprise 3.0",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:3.0.1.0-1.git.529.dcab62c.el7ose",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -60,44 +59,14 @@
"name": "https://access.redhat.com/errata/RHSA-2015:1736"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5250",
"url": "https://github.com/openshift/origin/issues/4374",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5250"
"name": "https://github.com/openshift/origin/issues/4374"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1259867",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1259867"
},
{
"url": "https://github.com/openshift/origin/issues/4374",
"refsource": "MISC",
"name": "https://github.com/openshift/origin/issues/4374"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
}
]
}

68
2015/5xxx/CVE-2015-5260.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A heap-based buffer overflow flaw was found in the way spice handled certain QXL commands related to the \"surface_id\" parameter. A user in a guest could use this flaw to crash the host QEMU-KVM process or, possibly, execute arbitrary code with the privileges of the host QEMU-KVM process."
"value": "Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Input Validation",
"cweId": "CWE-20"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:0.12.4-12.el6_7.3",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:0.12.4-9.el7_1.3",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -106,54 +94,14 @@
"name": "http://www.ubuntu.com/usn/USN-2766-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1889",
"url": "https://security.gentoo.org/glsa/201606-05",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1889"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1890",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1890"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5260",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5260"
"name": "https://security.gentoo.org/glsa/201606-05"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1260822",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1260822"
},
{
"url": "https://security.gentoo.org/glsa/201606-05",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201606-05"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
}
]
}

145
2015/5xxx/CVE-2015-5262.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5262",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,82 +27,106 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E"
},
{
"name": "http://svn.apache.org/viewvc?view=revision&revision=1626784",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc?view=revision&revision=1626784"
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E"
},
{
"name": "https://jenkins.io/security/advisory/2018-02-26/",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2018-02-26/"
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1261538",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1261538"
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
},
{
"name": "FEDORA-2015-15590",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167962.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167962.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167962.html"
},
{
"name": "FEDORA-2015-15589",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167999.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167999.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167999.html"
},
{
"name": "https://issues.apache.org/jira/browse/HTTPCLIENT-1478",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/HTTPCLIENT-1478"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168030.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168030.html"
},
{
"name": "FEDORA-2015-15588",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168030.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00032.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00032.html"
},
{
"name": "1033743",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1033743"
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00033.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00033.html"
},
{
"name": "USN-2769-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2769-1"
"url": "http://svn.apache.org/viewvc?view=revision&revision=1626784",
"refsource": "MISC",
"name": "http://svn.apache.org/viewvc?view=revision&revision=1626784"
},
{
"refsource": "MLIST",
"name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities",
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E"
"url": "http://www.securitytracker.com/id/1033743",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1033743"
},
{
"refsource": "MLIST",
"name": "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"
"url": "http://www.ubuntu.com/usn/USN-2769-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2769-1"
},
{
"refsource": "MLIST",
"name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"
"url": "https://issues.apache.org/jira/browse/HTTPCLIENT-1478",
"refsource": "MISC",
"name": "https://issues.apache.org/jira/browse/HTTPCLIENT-1478"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1873",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00032.html"
"url": "https://jenkins.io/security/advisory/2018-02-26/",
"refsource": "MISC",
"name": "https://jenkins.io/security/advisory/2018-02-26/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2020:1875",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00033.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1261538",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1261538"
}
]
}

56
2015/5xxx/CVE-2015-5273.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was found that the ABRT debug information installer (abrt-action-install-debuginfo-to-abrt-cache) did not use temporary directories in a secure way. A local attacker could use the flaw to create symbolic links and files at arbitrary locations as the abrt user."
"value": "The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users to write to arbitrary files via a symlink attack on unpacked.cpio in a pre-created directory with a predictable name in /var/tmp."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Insecure Temporary File",
"cweId": "CWE-377"
"value": "n/a"
}
]
}
@ -32,20 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.1.11-35.el7",
"version_affected": "!"
},
{
"version_value": "0:2.1.11-31.el7",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -84,49 +79,14 @@
"name": "http://www.securityfocus.com/bid/78113"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:2505",
"url": "https://github.com/abrt/abrt/commit/50ee8130fb4cd4ef1af7682a2c85dd99cb99424e",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2505"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5273",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5273"
"name": "https://github.com/abrt/abrt/commit/50ee8130fb4cd4ef1af7682a2c85dd99cb99424e"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1262252",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1262252"
},
{
"url": "https://github.com/abrt/abrt/commit/50ee8130fb4cd4ef1af7682a2c85dd99cb99424e",
"refsource": "MISC",
"name": "https://github.com/abrt/abrt/commit/50ee8130fb4cd4ef1af7682a2c85dd99cb99424e"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
]
}

53
2015/5xxx/CVE-2015-5274.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A command injection flaw was found in the OpenShift Origin Management Console. A remote, authenticated user permitted to send requests to the Broker could use this flaw to execute arbitrary commands with elevated privileges on the Red Hat OpenShift server."
"value": "rubygem-openshift-origin-console in Red Hat OpenShift 2.2 allows remote authenticated users to execute arbitrary commands via a crafted request to the Broker."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Input Validation",
"cweId": "CWE-20"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat OpenShift Enterprise 2.2",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:1.34.1.3-1.el6op",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -58,46 +57,6 @@
"url": "http://rhn.redhat.com/errata/RHSA-2015-1808.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-1808.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1808",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1808"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5274",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5274"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1262518",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1262518"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
]
}

110
2015/5xxx/CVE-2015-5279.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A heap buffer overflow flaw was found in the way QEMU's NE2000 NIC emulation implementation handled certain packets received over the network. A privileged user inside a guest could use this flaw to crash the QEMU instance (denial of service) or potentially execute arbitrary code on the host."
"value": "Heap-based buffer overflow in the ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via vectors related to receiving packets."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
"value": "n/a"
}
]
}
@ -32,53 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:83-274.el5_11",
"version_affected": "!"
},
{
"version_value": "0:3.0.3-147.el5_11",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.479.el6_7.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.479.el6_7.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "RHEV 3.X Hypervisor and Agents for RHEL-6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.479.el6_7.2",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -176,71 +138,11 @@
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1033569"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1896",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1896"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1923",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1923"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1924",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1924"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1925",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1925"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:2065",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2065"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5279",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5279"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1256672",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1256672"
},
{
"url": "https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg03984.html",
"refsource": "MISC",
"name": "https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg03984.html"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
]
}
}

71
2015/5xxx/CVE-2015-5283.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A NULL pointer dereference flaw was found in the SCTP implementation. A local user could use this flaw to cause a denial of service on the system by triggering a kernel panic when creating multiple sockets in parallel while the system did not have the SCTP module loaded."
"value": "The sctp_init function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to cause a denial of service (panic or memory corruption) by creating SCTP sockets before all of the steps have finished."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Initialization",
"cweId": "CWE-665"
"value": "n/a"
}
]
}
@ -32,20 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:3.10.0-327.rt56.204.el7",
"version_affected": "!"
},
{
"version_value": "0:3.10.0-327.el7",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -98,16 +93,6 @@
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2829-2"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:2152",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2152"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:2411",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2411"
},
{
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8e2d61e0aed2b7c4ecb35844fe07e0b2b762dee4",
"refsource": "MISC",
@ -133,16 +118,6 @@
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1033808"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5283",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5283"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1257528",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1257528"
},
{
"url": "https://github.com/torvalds/linux/commit/8e2d61e0aed2b7c4ecb35844fe07e0b2b762dee4",
"refsource": "MISC",
@ -152,37 +127,11 @@
"url": "https://security-tracker.debian.org/tracker/CVE-2015-5283",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2015-5283"
}
]
},
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Ji Jianwen (Red Hat engineering)."
}
],
"impact": {
"cvss": [
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.7,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1257528",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1257528"
}
]
}

72
2015/5xxx/CVE-2015-5292.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was found that SSSD's Privilege Attribute Certificate (PAC) responder plug-in would leak a small amount of memory on each authentication request. A remote attacker could potentially use this flaw to exhaust all available memory on the system by making repeated requests to a Kerberized daemon application configured to authenticate using the PAC responder plug-in."
"value": "Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a large number of logins that trigger parsing of PAC blobs during Kerberos authentication."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Missing Release of Memory after Effective Lifetime",
"cweId": "CWE-401"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:1.12.4-47.el6_7.4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:1.13.0-40.el7",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -110,26 +98,6 @@
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1034038"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:2019",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2019"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:2355",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2355"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5292",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5292"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1267580",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1267580"
},
{
"url": "https://fedorahosted.org/sssd/attachment/ticket/2803/0001-Fix-memory-leak-in-sssdpac_verify.patch",
"refsource": "MISC",
@ -144,31 +112,11 @@
"url": "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.1",
"refsource": "MISC",
"name": "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.1"
}
]
},
"impact": {
"cvss": [
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:S/C:N/I:N/A:P",
"version": "2.0"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1267580",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1267580"
}
]
}

67
2015/5xxx/CVE-2015-5293.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5293",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,17 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://access.redhat.com/security/cve/CVE-2015-5293",
"refsource": "CONFIRM",
"url": "https://access.redhat.com/security/cve/CVE-2015-5293"
"url": "https://access.redhat.com/security/cve/CVE-2015-5293",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5293"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1267714",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1267714"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1267714",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1267714"
}
]
}

101
2015/5xxx/CVE-2015-5295.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was discovered in the OpenStack Orchestration service (heat), where a specially formatted template could be used to trick the heat-engine service into opening a local file. Although the file contents are never disclosed to the end user, an OpenStack-authenticated attacker could use this flaw to cause a denial of service or determine whether a given file name is present on the server."
"value": "The template-validate command in OpenStack Orchestration API (Heat) before 2015.1.3 (kilo) and 5.0.x before 5.0.1 (liberty) allows remote authenticated users to cause a denial of service (memory consumption) or determine the existence of local files via the resource type in a template, as demonstrated by file:///dev/zero."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Uncontrolled Resource Consumption",
"cweId": "CWE-400"
"value": "n/a"
}
]
}
@ -32,49 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2014.1.5-7.el6ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2014.1.5-7.el7ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2014.2.3-11.el7ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2015.1.2-9.el7ost",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -107,71 +73,16 @@
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/81438"
},
{
"url": "https://access.redhat.com/errata/RHSA-2016:0266",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2016:0266"
},
{
"url": "https://access.redhat.com/errata/RHSA-2016:0440",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2016:0440"
},
{
"url": "https://access.redhat.com/errata/RHSA-2016:0441",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2016:0441"
},
{
"url": "https://access.redhat.com/errata/RHSA-2016:0442",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2016:0442"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5295",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5295"
},
{
"url": "https://bugs.launchpad.net/heat/+bug/1496277",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/heat/+bug/1496277"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298295",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1298295"
},
{
"url": "https://security.openstack.org/ossa/OSSA-2016-003.html",
"refsource": "MISC",
"name": "https://security.openstack.org/ossa/OSSA-2016-003.html"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
}
]
}
}

78
2015/5xxx/CVE-2015-5302.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was found that ABRT may have exposed non-public information to Red Hat Bugzilla during crash reporting. A bug in the libreport library caused changes made by a user in files included in a crash report to be discarded. As a result, Red Hat Bugzilla attachments may contain data that was not intended to be made public, including host names, IP addresses, or command line options."
"value": "libreport 2.0.7 before 2.6.3 only saves changes to the first file when editing a crash report, which allows remote attackers to obtain sensitive information via unspecified vectors related to the (1) backtrace, (2) cmdline, (3) environ, (4) open_fds, (5) maps, (6) smaps, (7) hostname, (8) remote, (9) ks.cfg, or (10) anaconda-tb file attachment included in a Red Hat Bugzilla bug report."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Insertion of Sensitive Information Into Sent Data",
"cweId": "CWE-201"
"value": "n/a"
}
]
}
@ -32,31 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.0.9-25.el6_7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:2.1.11-35.el7",
"version_affected": "!"
},
{
"version_value": "0:2.1.11-31.el7",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -79,11 +63,6 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-2505.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:2505",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2505"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172695.html",
"refsource": "MISC",
@ -100,55 +79,14 @@
"name": "http://www.securityfocus.com/bid/77685"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:2504",
"url": "https://github.com/abrt/libreport/commit/257578a23d1537a2d235aaa2b1488ee4f818e360",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2504"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5302",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5302"
"name": "https://github.com/abrt/libreport/commit/257578a23d1537a2d235aaa2b1488ee4f818e360"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1270903",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1270903"
},
{
"url": "https://github.com/abrt/libreport/commit/257578a23d1537a2d235aaa2b1488ee4f818e360",
"refsource": "MISC",
"name": "https://github.com/abrt/libreport/commit/257578a23d1537a2d235aaa2b1488ee4f818e360"
}
]
},
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Bastien Nocera (Red Hat)."
}
],
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
]
}

67
2015/5xxx/CVE-2015-5303.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5303",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,17 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2015:2650",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2015:2650"
"url": "https://access.redhat.com/errata/RHSA-2015:2650",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2650"
},
{
"name": "https://bugs.launchpad.net/tripleo/+bug/1516027",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/tripleo/+bug/1516027"
"url": "https://bugs.launchpad.net/tripleo/+bug/1516027",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/tripleo/+bug/1516027"
}
]
}

97
2015/5xxx/CVE-2015-5304.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5304",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,42 +27,66 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2015:2541",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2541.html"
"url": "http://rhn.redhat.com/errata/RHSA-2015-2538.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-2538.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1273046",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273046"
"url": "http://rhn.redhat.com/errata/RHSA-2015-2539.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-2539.html"
},
{
"name": "1034280",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1034280"
"url": "http://rhn.redhat.com/errata/RHSA-2015-2540.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-2540.html"
},
{
"name": "RHSA-2015:2540",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2540.html"
"url": "http://rhn.redhat.com/errata/RHSA-2015-2541.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-2541.html"
},
{
"name": "RHSA-2015:2542",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2542.html"
"url": "http://rhn.redhat.com/errata/RHSA-2015-2542.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-2542.html"
},
{
"name": "RHSA-2015:2538",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2538.html"
"url": "http://www.securitytracker.com/id/1034280",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1034280"
},
{
"name": "RHSA-2015:2539",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2539.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273046",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1273046"
}
]
}

43
2015/5xxx/CVE-2015-5305.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Kubernetes fails to validate object name types before passing the data to etcd. As the etcd service generates keys based on the object name type this can lead to a directory path traversal."
"value": "Directory traversal vulnerability in Kubernetes, as used in Red Hat OpenShift Enterprise 3.0, allows attackers to write to arbitrary files via a crafted object type name, which is not properly handled before passing it to etcd."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
"cweId": "CWE-22"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat OpenShift Enterprise 3.0",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:3.0.2.0-0.git.20.656dc3e.el7ose",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -59,41 +58,11 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1945"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5305",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5305"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273969",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1273969"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
]
}
}

52
2015/5xxx/CVE-2015-5329.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the director (openstack-tripleo-heat-templates) where the RabbitMQ credentials defaulted to guest/guest and supplied values in the configuration were not used. As a result, all deployed overclouds used the same credentials (guest/guest). A remote non-authenticated attacker could use this flaw to access RabbitMQ services in the deployed cloud."
"value": "The TripleO Heat templates (tripleo-heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 7.0, do not properly use the configured RabbitMQ credentials, which makes it easier for remote attackers to obtain access to services in deployed overclouds by leveraging knowledge of the default credentials."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Use of Hard-coded Credentials",
"cweId": "CWE-798"
"value": "n/a"
}
]
}
@ -32,20 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform director 7.0 for RHEL 7",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:0.8.6-94.el7ost",
"version_affected": "!"
},
{
"version_value": "0:0.0.10-22.el7ost",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -62,41 +57,6 @@
"url": "https://access.redhat.com/errata/RHSA-2015:2650",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2650"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5329",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5329"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281777",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1281777"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

41
2015/5xxx/CVE-2015-5745.json
View File

@ -1,12 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5745",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -39,6 +39,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "before 2.4.0"
}
]
@ -53,44 +54,44 @@
"references": {
"reference_data": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html"
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html",
"refsource": "MISC",
"name": "https://lists.gnu.org/archive/html/qemu-devel/2015-07/msg05458.html",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2015-07/msg05458.html"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2015/08/06/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/08/06/3",
"url": "http://www.openwall.com/lists/oss-security/2015/08/06/3"
"name": "http://www.openwall.com/lists/oss-security/2015/08/06/3"
},
{
"url": "http://www.openwall.com/lists/oss-security/2015/08/06/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/08/06/5",
"url": "http://www.openwall.com/lists/oss-security/2015/08/06/5"
"name": "http://www.openwall.com/lists/oss-security/2015/08/06/5"
},
{
"url": "https://github.com/qemu/qemu/commit/7882080388be5088e72c425b02223c02e6cb4295",
"refsource": "MISC",
"name": "https://github.com/qemu/qemu/commit/7882080388be5088e72c425b02223c02e6cb4295",
"url": "https://github.com/qemu/qemu/commit/7882080388be5088e72c425b02223c02e6cb4295"
"name": "https://github.com/qemu/qemu/commit/7882080388be5088e72c425b02223c02e6cb4295"
},
{
"url": "https://lists.gnu.org/archive/html/qemu-devel/2015-07/msg05458.html",
"refsource": "MISC",
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13"
"name": "https://lists.gnu.org/archive/html/qemu-devel/2015-07/msg05458.html"
}
]
}