admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-02-13 00:01:47 +00:00
parent 19e43f9eb9
commit ba0bfd46ce
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
100 changed files with 3520 additions and 11887 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

191
2012/4xxx/CVE-2012-4573.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4573", "ID": "CVE-2012-4573",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,92 +27,116 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "51174", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092192.html",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51174"
},
{
"name": "51234",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51234"
},
{
"name": "USN-1626-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1626-1"
},
{
"name": "RHSA-2012:1558",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1558.html"
},
{
"name": "56437",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56437"
},
{
"name": "https://github.com/openstack/glance/commit/90bcdc5a89e350a358cf320a03f5afe99795f6f6",
"refsource": "CONFIRM",
"url": "https://github.com/openstack/glance/commit/90bcdc5a89e350a358cf320a03f5afe99795f6f6"
},
{
"name": "FEDORA-2012-17901",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092192.html"
},
{
"name": "[oss-security] 20121107 [OSSA 2012-017] Authentication bypass for image deletion (CVE-2012-4573)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/11/07/6"
},
{
"name": "[oss-security] 20121109 [OSSA 2012-017.1] Authentication bypass for image deletion (CVE-2012-4573, CVE-2012-5482) ERRATA 1",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/11/09/5"
},
{
"name": "http://packetstormsecurity.com/files/118733/Red-Hat-Security-Advisory-2012-1558-01.html",
"refsource": "MISC", "refsource": "MISC",
"url": "http://packetstormsecurity.com/files/118733/Red-Hat-Security-Advisory-2012-1558-01.html" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092192.html"
}, },
{ {
"name": "87248", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00002.html",
"refsource": "OSVDB", "refsource": "MISC",
"url": "http://osvdb.org/87248" "name": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00002.html"
}, },
{ {
"name": "https://github.com/openstack/glance/commit/6ab0992e5472ae3f9bef0d2ced41030655d9d2bc", "url": "http://osvdb.org/87248",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://github.com/openstack/glance/commit/6ab0992e5472ae3f9bef0d2ced41030655d9d2bc" "name": "http://osvdb.org/87248"
}, },
{ {
"name": "USN-1626-2", "url": "http://packetstormsecurity.com/files/118733/Red-Hat-Security-Advisory-2012-1558-01.html",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-1626-2" "name": "http://packetstormsecurity.com/files/118733/Red-Hat-Security-Advisory-2012-1558-01.html"
}, },
{ {
"name": "https://bugs.launchpad.net/glance/+bug/1065187", "url": "http://rhn.redhat.com/errata/RHSA-2012-1558.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugs.launchpad.net/glance/+bug/1065187" "name": "http://rhn.redhat.com/errata/RHSA-2012-1558.html"
}, },
{ {
"name": "SUSE-SU-2012:1455", "url": "http://secunia.com/advisories/51174",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00002.html" "name": "http://secunia.com/advisories/51174"
}, },
{ {
"name": "https://github.com/openstack/glance/commit/efd7e75b1f419a52c7103c7840e24af8e5deb29d", "url": "http://secunia.com/advisories/51234",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://github.com/openstack/glance/commit/efd7e75b1f419a52c7103c7840e24af8e5deb29d" "name": "http://secunia.com/advisories/51234"
}, },
{ {
"name": "openstack-glance-sec-bypass(79895)", "url": "http://www.openwall.com/lists/oss-security/2012/11/07/6",
"refsource": "XF", "refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79895" "name": "http://www.openwall.com/lists/oss-security/2012/11/07/6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/11/09/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/11/09/5"
},
{
"url": "http://www.securityfocus.com/bid/56437",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/56437"
},
{
"url": "http://www.ubuntu.com/usn/USN-1626-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1626-1"
},
{
"url": "http://www.ubuntu.com/usn/USN-1626-2",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1626-2"
},
{
"url": "https://bugs.launchpad.net/glance/+bug/1065187",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/glance/+bug/1065187"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79895",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79895"
},
{
"url": "https://github.com/openstack/glance/commit/6ab0992e5472ae3f9bef0d2ced41030655d9d2bc",
"refsource": "MISC",
"name": "https://github.com/openstack/glance/commit/6ab0992e5472ae3f9bef0d2ced41030655d9d2bc"
},
{
"url": "https://github.com/openstack/glance/commit/90bcdc5a89e350a358cf320a03f5afe99795f6f6",
"refsource": "MISC",
"name": "https://github.com/openstack/glance/commit/90bcdc5a89e350a358cf320a03f5afe99795f6f6"
},
{
"url": "https://github.com/openstack/glance/commit/efd7e75b1f419a52c7103c7840e24af8e5deb29d",
"refsource": "MISC",
"name": "https://github.com/openstack/glance/commit/efd7e75b1f419a52c7103c7840e24af8e5deb29d"
} }
] ]
} }

91
2012/5xxx/CVE-2012-5483.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5483", "ID": "CVE-2012-5483",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,32 +27,56 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "56888", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/094286.html",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56888"
},
{
"name": "RHSA-2012:1556",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1556.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=873447",
"refsource": "MISC", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=873447" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/094286.html"
}, },
{ {
"name": "keystone-secret-key-info-disc(80612)", "url": "http://rhn.redhat.com/errata/RHSA-2012-1556.html",
"refsource": "XF", "refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80612" "name": "http://rhn.redhat.com/errata/RHSA-2012-1556.html"
}, },
{ {
"name": "FEDORA-2012-19341", "url": "http://www.securityfocus.com/bid/56888",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/094286.html" "name": "http://www.securityfocus.com/bid/56888"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80612",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80612"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=873447",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=873447"
} }
] ]
} }

85
2012/5xxx/CVE-2012-5489.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5489", "ID": "CVE-2012-5489",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,32 +27,56 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt", "url": "http://www.openwall.com/lists/oss-security/2012/11/10/1",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt" "name": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
}, },
{ {
"name": "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix", "url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1" "name": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"
}, },
{ {
"name": "https://plone.org/products/plone/security/advisories/20121106/05", "url": "https://plone.org/products/plone-hotfix/releases/20121106",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://plone.org/products/plone/security/advisories/20121106/05" "name": "https://plone.org/products/plone-hotfix/releases/20121106"
}, },
{ {
"name": "https://bugs.launchpad.net/zope2/+bug/1079238", "url": "https://bugs.launchpad.net/zope2/+bug/1079238",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugs.launchpad.net/zope2/+bug/1079238" "name": "https://bugs.launchpad.net/zope2/+bug/1079238"
}, },
{ {
"name": "https://plone.org/products/plone-hotfix/releases/20121106", "url": "https://plone.org/products/plone/security/advisories/20121106/05",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://plone.org/products/plone-hotfix/releases/20121106" "name": "https://plone.org/products/plone/security/advisories/20121106/05"
} }
] ]
} }

79
2012/5xxx/CVE-2012-5493.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5493", "ID": "CVE-2012-5493",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,27 +27,51 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt", "url": "http://www.openwall.com/lists/oss-security/2012/11/10/1",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt" "name": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
}, },
{ {
"name": "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix", "url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1" "name": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"
}, },
{ {
"name": "https://plone.org/products/plone/security/advisories/20121106/09", "url": "https://plone.org/products/plone-hotfix/releases/20121106",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://plone.org/products/plone/security/advisories/20121106/09" "name": "https://plone.org/products/plone-hotfix/releases/20121106"
}, },
{ {
"name": "https://plone.org/products/plone-hotfix/releases/20121106", "url": "https://plone.org/products/plone/security/advisories/20121106/09",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://plone.org/products/plone-hotfix/releases/20121106" "name": "https://plone.org/products/plone/security/advisories/20121106/09"
} }
] ]
} }

53
2012/5xxx/CVE-2012-5499.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "It was discovered that Plone, included as a part of luci, did not properly handle the processing of very large values passed to an internal utility function. A remote attacker could use a specially crafted URL that, when processed, would lead to excessive memory consumption." "value": "python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service (memory consumption) via a large value, related to formatColumns."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Uncontrolled Resource Consumption", "value": "n/a"
"cweId": "CWE-400"
} }
] ]
} }
@ -32,16 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Red Hat Enterprise Linux 5", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "0:0.12.2-81.el5", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
} }
] ]
} }
@ -64,11 +63,6 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/11/10/1" "name": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
}, },
{
"url": "https://access.redhat.com/errata/RHSA-2014:1194",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1194"
},
{ {
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt", "url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt",
"refsource": "MISC", "refsource": "MISC",
@ -79,46 +73,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://plone.org/products/plone-hotfix/releases/20121106" "name": "https://plone.org/products/plone-hotfix/releases/20121106"
}, },
{
"url": "https://access.redhat.com/security/cve/CVE-2012-5499",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-5499"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=874657",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=874657"
},
{ {
"url": "https://plone.org/products/plone/security/advisories/20121106/15", "url": "https://plone.org/products/plone/security/advisories/20121106/15",
"refsource": "MISC", "refsource": "MISC",
"name": "https://plone.org/products/plone/security/advisories/20121106/15" "name": "https://plone.org/products/plone/security/advisories/20121106/15"
} }
] ]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
} }
} }

79
2012/5xxx/CVE-2012-5503.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5503", "ID": "CVE-2012-5503",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,27 +27,51 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "https://plone.org/products/plone/security/advisories/20121106/19", "url": "http://www.openwall.com/lists/oss-security/2012/11/10/1",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://plone.org/products/plone/security/advisories/20121106/19" "name": "http://www.openwall.com/lists/oss-security/2012/11/10/1"
}, },
{ {
"name": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt", "url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt" "name": "https://github.com/plone/Products.CMFPlone/blob/4.2.3/docs/CHANGES.txt"
}, },
{ {
"name": "[oss-security] 20121109 Re: Re: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix", "url": "https://plone.org/products/plone-hotfix/releases/20121106",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2012/11/10/1" "name": "https://plone.org/products/plone-hotfix/releases/20121106"
}, },
{ {
"name": "https://plone.org/products/plone-hotfix/releases/20121106", "url": "https://plone.org/products/plone/security/advisories/20121106/19",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://plone.org/products/plone-hotfix/releases/20121106" "name": "https://plone.org/products/plone/security/advisories/20121106/19"
} }
] ]
} }

60
2012/5xxx/CVE-2012-5509.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "CVE-2012-5509 aeolus-configserver: aeolus-configserver-setup /tmp file conductor credentials leak" "value": "aeolus-configserver-setup in the Aeolas Configuration Server, as used in Red Hat CloudForms Cloud Engine before 1.1.2, uses world-readable permissions for a temporary file in /tmp, which allows local users to read credentials by reading this file."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Exposure of Sensitive Information to an Unauthorized Actor", "value": "n/a"
"cweId": "CWE-200"
} }
] ]
} }
@ -32,28 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "CloudForms for RHEL 6", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "0:0.13.26-1.el6cf", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
},
{
"version_value": "0:0.4.12-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.3-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.8.0-8.el6cf",
"version_affected": "!"
} }
] ]
} }
@ -71,46 +58,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0545.html" "name": "http://rhn.redhat.com/errata/RHSA-2013-0545.html"
}, },
{
"url": "https://access.redhat.com/errata/RHSA-2013:0545",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0545"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-5509",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-5509"
},
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=875294", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=875294",
"refsource": "MISC", "refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=875294" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=875294"
} }
] ]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
]
} }
} }

53
2012/5xxx/CVE-2012-5513.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "CVE-2012-5513 kernel: xen: XENMEM_exchange may overwrite hypervisor memory" "value": "The XENMEM_exchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service (crash) or possibly gain privileges via unspecified vectors that overwrite memory in the hypervisor reserved range."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "value": "n/a"
"cweId": "CWE-119"
} }
] ]
} }
@ -32,16 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Red Hat Enterprise Linux 5", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "0:2.6.18-308.24.1.el5", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
} }
] ]
} }
@ -94,11 +93,6 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2582" "name": "http://www.debian.org/security/2012/dsa-2582"
}, },
{
"url": "https://access.redhat.com/errata/RHSA-2012:1540",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1540"
},
{ {
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html", "url": "http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00018.html",
"refsource": "MISC", "refsource": "MISC",
@ -169,46 +163,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://www.securityfocus.com/bid/56797" "name": "http://www.securityfocus.com/bid/56797"
}, },
{
"url": "https://access.redhat.com/security/cve/CVE-2012-5513",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-5513"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=877391",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=877391"
},
{ {
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80482", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80482",
"refsource": "MISC", "refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80482" "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80482"
} }
] ]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
]
} }
} }

64
2012/5xxx/CVE-2012-5519.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "CVE-2012-5519 cups: privilege escalation for users of the CUPS SystemGroup group" "value": "CUPS 1.4.4, when running in certain Linux distributions such as Debian GNU/Linux, stores the web interface administrator key in /var/run/cups/certs/0 using certain permissions, which allows local users in the lpadmin group to read or write arbitrary files as root by leveraging the web interface."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Improper Access Control", "value": "n/a"
"cweId": "CWE-284"
} }
] ]
} }
@ -32,27 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Red Hat Enterprise Linux 5", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "1:1.3.7-30.el5_9.3", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "1:1.4.2-50.el6_4.4",
"version_affected": "!"
} }
] ]
} }
@ -125,51 +113,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1654-1" "name": "http://www.ubuntu.com/usn/USN-1654-1"
}, },
{
"url": "https://access.redhat.com/errata/RHSA-2013:0580",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0580"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-5519",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-5519"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=875898",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=875898"
},
{ {
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80012", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80012",
"refsource": "MISC", "refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80012" "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80012"
} }
] ]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
]
} }
} }

103
2012/5xxx/CVE-2012-5523.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5523", "ID": "CVE-2012-5523",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,47 +27,71 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "FEDORA-2012-18299", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html"
}, },
{ {
"name": "56520", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/56520" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html"
}, },
{ {
"name": "mantisbt-cloned-info-disc(80070)", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html",
"refsource": "XF", "refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80070" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html"
}, },
{ {
"name": "[oss-security] 20121114 Re: CVE request: mantis before 1.2.12", "url": "http://openwall.com/lists/oss-security/2012/11/14/1",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://openwall.com/lists/oss-security/2012/11/14/1" "name": "http://openwall.com/lists/oss-security/2012/11/14/1"
}, },
{ {
"name": "FEDORA-2012-18294", "url": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=150",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html" "name": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=150"
}, },
{ {
"name": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=150", "url": "http://www.securityfocus.com/bid/56520",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=150" "name": "http://www.securityfocus.com/bid/56520"
}, },
{ {
"name": "FEDORA-2012-18273", "url": "http://www.mantisbt.org/bugs/view.php?id=14704",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html" "name": "http://www.mantisbt.org/bugs/view.php?id=14704"
}, },
{ {
"name": "http://www.mantisbt.org/bugs/view.php?id=14704", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80070",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.mantisbt.org/bugs/view.php?id=14704" "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80070"
} }
] ]
} }

97
2012/5xxx/CVE-2012-5529.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5529", "ID": "CVE-2012-5529",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,42 +27,66 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "1027769", "url": "http://tracker.firebirdsql.org/browse/CORE-3884",
"refsource": "SECTRACK", "refsource": "MISC",
"url": "http://www.securitytracker.com/id?1027769" "name": "http://tracker.firebirdsql.org/browse/CORE-3884"
}, },
{ {
"name": "firebird-tracedsqlprepareprepare-dos(80073)", "url": "http://www.debian.org/security/2013/dsa-2648",
"refsource": "XF", "refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80073" "name": "http://www.debian.org/security/2013/dsa-2648"
}, },
{ {
"name": "56521", "url": "http://www.openwall.com/lists/oss-security/2012/11/14/6",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/56521" "name": "http://www.openwall.com/lists/oss-security/2012/11/14/6"
}, },
{ {
"name": "[oss-security] 20121114 CVE Request -- firebird: DoS (NULL pointer dereference) while preparing an empty query with trace enabled", "url": "http://www.openwall.com/lists/oss-security/2012/11/14/8",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2012/11/14/6" "name": "http://www.openwall.com/lists/oss-security/2012/11/14/8"
}, },
{ {
"name": "http://tracker.firebirdsql.org/browse/CORE-3884", "url": "http://www.securityfocus.com/bid/56521",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://tracker.firebirdsql.org/browse/CORE-3884" "name": "http://www.securityfocus.com/bid/56521"
}, },
{ {
"name": "DSA-2648", "url": "http://www.securitytracker.com/id?1027769",
"refsource": "DEBIAN", "refsource": "MISC",
"url": "http://www.debian.org/security/2013/dsa-2648" "name": "http://www.securitytracker.com/id?1027769"
}, },
{ {
"name": "[oss-security] 20121114 Re: CVE Request -- firebird: DoS (NULL pointer dereference) while preparing an empty query with trace enabled", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80073",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2012/11/14/8" "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80073"
} }
] ]
} }

77
2012/5xxx/CVE-2012-5559.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5559", "ID": "CVE-2012-5559",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,27 +27,51 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "http://drupal.org/node/1840992", "url": "http://drupal.org/node/1840992",
"refsource": "MISC", "refsource": "MISC",
"url": "http://drupal.org/node/1840992" "name": "http://drupal.org/node/1840992"
}, },
{ {
"name": "http://drupal.org/node/1841030", "url": "http://drupal.org/node/1841030",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://drupal.org/node/1841030" "name": "http://drupal.org/node/1841030"
}, },
{ {
"name": "51259", "url": "http://secunia.com/advisories/51259",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/51259" "name": "http://secunia.com/advisories/51259"
}, },
{ {
"name": "[oss-security] 20121120 Re: CVE Request for Drupal Contributed Modules", "url": "http://www.openwall.com/lists/oss-security/2012/11/20/4",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2012/11/20/4" "name": "http://www.openwall.com/lists/oss-security/2012/11/20/4"
} }
] ]
} }

123
2012/5xxx/CVE-2012-5563.json
View File

@ -1,40 +1,17 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5563", "ID": "CVE-2012-5563",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "OpenStack Keystone, as used in OpenStack Folsom 2012.2, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by creating new tokens through token chaining. NOTE: this issue exists because of a CVE-2012-3426 regression." "value": "OpenStack Keystone, as used in OpenStack Folsom 2012.2, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by creating new tokens through token chaining. NOTE: this issue exists because of a CVE-2012-3426 regression."
} }
] ]
}, },
@ -50,62 +27,86 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "RHSA-2012:1557", "url": "http://rhn.redhat.com/errata/RHSA-2012-1557.html",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1557.html" "name": "http://rhn.redhat.com/errata/RHSA-2012-1557.html"
}, },
{ {
"name": "[oss-security] 20121128 [OSSA 2012-018] EC2-style credentials invalidation issue (CVE-2012-5571)", "url": "http://secunia.com/advisories/51423",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2012/11/28/5" "name": "http://secunia.com/advisories/51423"
}, },
{ {
"name": "https://github.com/openstack/keystone/commit/38c7e46a640a94da4da89a39a5a1ea9c081f1eb5", "url": "http://secunia.com/advisories/51436",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://github.com/openstack/keystone/commit/38c7e46a640a94da4da89a39a5a1ea9c081f1eb5" "name": "http://secunia.com/advisories/51436"
}, },
{ {
"name": "56727", "url": "http://www.openwall.com/lists/oss-security/2012/11/28/5",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/56727" "name": "http://www.openwall.com/lists/oss-security/2012/11/28/5"
}, },
{ {
"name": "USN-1641-1", "url": "http://www.openwall.com/lists/oss-security/2012/11/28/6",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-1641-1" "name": "http://www.openwall.com/lists/oss-security/2012/11/28/6"
}, },
{ {
"name": "https://github.com/openstack/keystone/commit/f9d4766249a72d8f88d75dcf1575b28dd3496681", "url": "http://www.securityfocus.com/bid/56727",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://github.com/openstack/keystone/commit/f9d4766249a72d8f88d75dcf1575b28dd3496681" "name": "http://www.securityfocus.com/bid/56727"
}, },
{ {
"name": "[oss-security] 20121128 [OSSA 2012-019] Extension of token validity through token chaining (CVE-2012-5563)", "url": "http://www.ubuntu.com/usn/USN-1641-1",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2012/11/28/6" "name": "http://www.ubuntu.com/usn/USN-1641-1"
}, },
{ {
"name": "https://bugs.launchpad.net/keystone/+bug/1079216", "url": "https://bugs.launchpad.net/keystone/+bug/1079216",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugs.launchpad.net/keystone/+bug/1079216" "name": "https://bugs.launchpad.net/keystone/+bug/1079216"
}, },
{ {
"name": "51423", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80370",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/51423" "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80370"
}, },
{ {
"name": "folsom-tokens-security-bypass(80370)", "url": "https://github.com/openstack/keystone/commit/38c7e46a640a94da4da89a39a5a1ea9c081f1eb5",
"refsource": "XF", "refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80370" "name": "https://github.com/openstack/keystone/commit/38c7e46a640a94da4da89a39a5a1ea9c081f1eb5"
}, },
{ {
"name": "51436", "url": "https://github.com/openstack/keystone/commit/f9d4766249a72d8f88d75dcf1575b28dd3496681",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/51436" "name": "https://github.com/openstack/keystone/commit/f9d4766249a72d8f88d75dcf1575b28dd3496681"
} }
] ]
} }

109
2012/5xxx/CVE-2012-5573.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5573", "ID": "CVE-2012-5573",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,52 +27,76 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "GLSA-201301-03", "url": "http://openwall.com/lists/oss-security/2012/11/26/11",
"refsource": "GENTOO", "refsource": "MISC",
"url": "http://security.gentoo.org/glsa/glsa-201301-03.xml" "name": "http://openwall.com/lists/oss-security/2012/11/26/11"
}, },
{ {
"name": "https://trac.torproject.org/projects/tor/ticket/6252", "url": "http://secunia.com/advisories/51329",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://trac.torproject.org/projects/tor/ticket/6252" "name": "http://secunia.com/advisories/51329"
}, },
{ {
"name": "https://bugs.gentoo.org/show_bug.cgi?id=444804", "url": "http://security.gentoo.org/glsa/glsa-201301-03.xml",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=444804" "name": "http://security.gentoo.org/glsa/glsa-201301-03.xml"
}, },
{ {
"name": "51329", "url": "https://bugs.gentoo.org/show_bug.cgi?id=444804",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/51329" "name": "https://bugs.gentoo.org/show_bug.cgi?id=444804"
}, },
{ {
"name": "https://gitweb.torproject.org/arma/tor.git/commitdiff/b9b54568c0bb64c32bd0b362954bdbc8c1234b16", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80289",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://gitweb.torproject.org/arma/tor.git/commitdiff/b9b54568c0bb64c32bd0b362954bdbc8c1234b16" "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80289"
}, },
{ {
"name": "[oss-security] 20121126 Re: tor DoS via SENDME cells", "url": "https://gitweb.torproject.org/arma/tor.git/commitdiff/b9b54568c0bb64c32bd0b362954bdbc8c1234b16",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://openwall.com/lists/oss-security/2012/11/26/11" "name": "https://gitweb.torproject.org/arma/tor.git/commitdiff/b9b54568c0bb64c32bd0b362954bdbc8c1234b16"
}, },
{ {
"name": "https://gitweb.torproject.org/tor.git/blob/release-0.2.3:/ReleaseNotes", "url": "https://gitweb.torproject.org/tor.git/blob/release-0.2.3:/ReleaseNotes",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://gitweb.torproject.org/tor.git/blob/release-0.2.3:/ReleaseNotes" "name": "https://gitweb.torproject.org/tor.git/blob/release-0.2.3:/ReleaseNotes"
}, },
{ {
"name": "tor-sendme-dos(80289)", "url": "https://trac.torproject.org/projects/tor/ticket/6252",
"refsource": "XF", "refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80289" "name": "https://trac.torproject.org/projects/tor/ticket/6252"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=880310", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=880310",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=880310" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=880310"
} }
] ]
} }

105
2012/5xxx/CVE-2012-5603.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5603", "ID": "CVE-2012-5603",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,47 +27,71 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "cloudforms-katello-sec-bypass(80549)", "url": "http://rhn.redhat.com/errata/RHSA-2013-0544.html",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80549"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=882129",
"refsource": "MISC", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=882129" "name": "http://rhn.redhat.com/errata/RHSA-2013-0544.html"
}, },
{ {
"name": "88140", "url": "http://rhn.redhat.com/errata/RHSA-2012-1543.html",
"refsource": "OSVDB", "refsource": "MISC",
"url": "http://osvdb.org/88140" "name": "http://rhn.redhat.com/errata/RHSA-2012-1543.html"
}, },
{ {
"name": "51472", "url": "http://secunia.com/advisories/51472",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/51472" "name": "http://secunia.com/advisories/51472"
}, },
{ {
"name": "88142", "url": "http://www.securityfocus.com/bid/56819",
"refsource": "OSVDB", "refsource": "MISC",
"url": "http://osvdb.org/88142" "name": "http://www.securityfocus.com/bid/56819"
}, },
{ {
"name": "RHSA-2012:1543", "url": "http://osvdb.org/88140",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1543.html" "name": "http://osvdb.org/88140"
}, },
{ {
"name": "56819", "url": "http://osvdb.org/88142",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/56819" "name": "http://osvdb.org/88142"
}, },
{ {
"name": "RHSA-2013:0544", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80549",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0544.html" "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80549"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=882129",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=882129"
} }
] ]
} }

103
2012/5xxx/CVE-2012-5619.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5619", "ID": "CVE-2012-5619",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,42 +27,66 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "[oss-security] 20121203 Re: CVE request: TSK misrepresents \".\" files on FAT filesystems", "url": "http://labs.bitdefender.com/2012/06/flame-the-story-of-leaked-data-carried-by-human-vector/",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/12/04/2"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=883330",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=883330"
},
{
"name": "http://labs.bitdefender.com/2012/06/flame-the-story-of-leaked-data-carried-by-human-vector/",
"refsource": "MISC", "refsource": "MISC",
"url": "http://labs.bitdefender.com/2012/06/flame-the-story-of-leaked-data-carried-by-human-vector/" "name": "http://labs.bitdefender.com/2012/06/flame-the-story-of-leaked-data-carried-by-human-vector/"
}, },
{ {
"name": "FEDORA-2013-0336", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097289.html",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097293.html" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097289.html"
}, },
{ {
"name": "MDVSA-2013:125", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097293.html",
"refsource": "MANDRIVA", "refsource": "MISC",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:125" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097293.html"
}, },
{ {
"name": "FEDORA-2013-0320", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:125",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-January/097289.html" "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:125"
}, },
{ {
"name": "[oss-security] 20121201 CVE request: TSK misrepresents \".\" files on FAT filesystems", "url": "http://www.openwall.com/lists/oss-security/2012/12/01/2",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2012/12/01/2" "name": "http://www.openwall.com/lists/oss-security/2012/12/01/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/12/04/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/12/04/2"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=883330",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=883330"
} }
] ]
} }

199
2012/5xxx/CVE-2012-5629.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "CVE-2012-5629 JBoss: allows empty password to authenticate against LDAP" "value": "The default configuration of the (1) LdapLoginModule and (2) LdapExtLoginModule modules in JBoss Enterprise Application Platform (EAP) 4.3.0 CP10, 5.2.0, and 6.0.1, and Enterprise Web Platform (EWP) 5.2.0 allow remote attackers to bypass authentication via an empty password."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Authentication Bypass by Primary Weakness", "value": "n/a"
"cweId": "CWE-305"
} }
] ]
} }
@ -32,112 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "JBEWP 5 for RHEL 5", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "0:2.0.5-9.SP3_1_patch_01.ep5.el5", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
}
]
}
},
{
"product_name": "JBEWP 5 for RHEL 6",
"version": {
"version_data": [
{
"version_value": "0:2.0.5-9.1.SP3_1_patch_01.ep5.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 4",
"version": {
"version_data": [
{
"version_value": "0:4.3.0-12.GA_CP10_patch_01.1.ep1.el4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 4.3 for RHEL 5",
"version": {
"version_data": [
{
"version_value": "0:4.3.0-12.GA_CP10_patch_01.1.ep1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 5 for RHEL 4",
"version": {
"version_data": [
{
"version_value": "0:2.0.5-9.SP3_1_patch_01.ep5.el4",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 5 for RHEL 5",
"version": {
"version_data": [
{
"version_value": "0:2.0.5-9.SP3_1_patch_01.ep5.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 5 for RHEL 6",
"version": {
"version_data": [
{
"version_value": "0:2.0.5-9.1.SP3_1_patch_01.ep5.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 5",
"version": {
"version_data": [
{
"version_value": "0:7.1.3-5.Final_redhat_5.ep6.el5",
"version_affected": "!"
},
{
"version_value": "0:4.0.14-3.Final_redhat_3.ep6.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat JBoss Enterprise Application Platform 6 for RHEL 6",
"version": {
"version_data": [
{
"version_value": "0:7.1.3-5.Final_redhat_5.ep6.el6",
"version_affected": "!"
},
{
"version_value": "0:4.0.14-3.Final_redhat_3.ep6.el6",
"version_affected": "!"
} }
] ]
} }
@ -150,11 +53,6 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2013:0533",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0533"
},
{ {
"url": "http://rhn.redhat.com/errata/RHSA-2013-0533.html", "url": "http://rhn.redhat.com/errata/RHSA-2013-0533.html",
"refsource": "MISC", "refsource": "MISC",
@ -204,91 +102,6 @@
"url": "http://rhn.redhat.com/errata/RHSA-2013-0586.html", "url": "http://rhn.redhat.com/errata/RHSA-2013-0586.html",
"refsource": "MISC", "refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0586.html" "name": "http://rhn.redhat.com/errata/RHSA-2013-0586.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0229",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0229"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0230",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0230"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0231",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0231"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0232",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0232"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0233",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0233"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0234",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0234"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0248",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0248"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0249",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0249"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0586",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0586"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0665",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0665"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-5629",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-5629"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=885569",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=885569"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
} }
] ]
} }

257
2012/5xxx/CVE-2012-5633.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5633", "ID": "CVE-2012-5633",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,137 +27,161 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "51988", "url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51988"
},
{
"name": "http://svn.apache.org/viewvc?view=revision&revision=1409324",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc?view=revision&revision=1409324"
},
{
"name": "http://stackoverflow.com/questions/7933293/why-does-apache-cxf-ws-security-implementation-ignore-get-requests",
"refsource": "MISC", "refsource": "MISC",
"url": "http://stackoverflow.com/questions/7933293/why-does-apache-cxf-ws-security-implementation-ignore-get-requests" "name": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E"
}, },
{ {
"name": "20130208 New security advisories for Apache CXF", "url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2013/Feb/39"
},
{
"name": "RHSA-2013:0256",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0256.html"
},
{
"name": "90079",
"refsource": "OSVDB",
"url": "http://osvdb.org/90079"
},
{
"name": "RHSA-2013:0257",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0257.html"
},
{
"name": "http://svn.apache.org/viewvc?view=revision&revision=1420698",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc?view=revision&revision=1420698"
},
{
"name": "https://issues.jboss.org/browse/JBWS-3575",
"refsource": "MISC", "refsource": "MISC",
"url": "https://issues.jboss.org/browse/JBWS-3575" "name": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E"
}, },
{ {
"name": "57874", "url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/57874"
},
{
"name": "https://issues.apache.org/jira/browse/CXF-4629",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/CXF-4629"
},
{
"name": "RHSA-2013:0258",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0258.html"
},
{
"name": "52183",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/52183"
},
{
"name": "RHSA-2013:0749",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0749.html"
},
{
"name": "RHSA-2013:0743",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0743.html"
},
{
"name": "http://packetstormsecurity.com/files/120213/Apache-CXF-WS-Security-URIMappingInterceptor-Bypass.html",
"refsource": "MISC", "refsource": "MISC",
"url": "http://packetstormsecurity.com/files/120213/Apache-CXF-WS-Security-URIMappingInterceptor-Bypass.html" "name": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E"
}, },
{ {
"name": "http://cxf.apache.org/cve-2012-5633.html", "url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://cxf.apache.org/cve-2012-5633.html" "name": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E"
}, },
{ {
"name": "apachecxf-wssecurity-security-bypass(81980)", "url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E",
"refsource": "XF", "refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81980" "name": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E"
}, },
{ {
"name": "RHSA-2013:0259", "url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0259.html" "name": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E"
}, },
{ {
"name": "RHSA-2013:0726", "url": "http://cxf.apache.org/cve-2012-5633.html",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0726.html" "name": "http://cxf.apache.org/cve-2012-5633.html"
}, },
{ {
"refsource": "MLIST", "url": "http://osvdb.org/90079",
"name": "[cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html", "refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E" "name": "http://osvdb.org/90079"
}, },
{ {
"refsource": "MLIST", "url": "http://packetstormsecurity.com/files/120213/Apache-CXF-WS-Security-URIMappingInterceptor-Bypass.html",
"name": "[cxf-commits] 20200319 svn commit: r1058035 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html", "refsource": "MISC",
"url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E" "name": "http://packetstormsecurity.com/files/120213/Apache-CXF-WS-Security-URIMappingInterceptor-Bypass.html"
}, },
{ {
"refsource": "MLIST", "url": "http://rhn.redhat.com/errata/RHSA-2013-0256.html",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html", "refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E" "name": "http://rhn.redhat.com/errata/RHSA-2013-0256.html"
}, },
{ {
"refsource": "MLIST", "url": "http://rhn.redhat.com/errata/RHSA-2013-0257.html",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html", "refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E" "name": "http://rhn.redhat.com/errata/RHSA-2013-0257.html"
}, },
{ {
"refsource": "MLIST", "url": "http://rhn.redhat.com/errata/RHSA-2013-0258.html",
"name": "[cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html", "refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E" "name": "http://rhn.redhat.com/errata/RHSA-2013-0258.html"
}, },
{ {
"refsource": "MLIST", "url": "http://rhn.redhat.com/errata/RHSA-2013-0259.html",
"name": "[cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html", "refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E" "name": "http://rhn.redhat.com/errata/RHSA-2013-0259.html"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0726.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0726.html"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0743.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0743.html"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0749.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0749.html"
},
{
"url": "http://seclists.org/fulldisclosure/2013/Feb/39",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2013/Feb/39"
},
{
"url": "http://secunia.com/advisories/51988",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51988"
},
{
"url": "http://secunia.com/advisories/52183",
"refsource": "MISC",
"name": "http://secunia.com/advisories/52183"
},
{
"url": "http://stackoverflow.com/questions/7933293/why-does-apache-cxf-ws-security-implementation-ignore-get-requests",
"refsource": "MISC",
"name": "http://stackoverflow.com/questions/7933293/why-does-apache-cxf-ws-security-implementation-ignore-get-requests"
},
{
"url": "http://svn.apache.org/viewvc?view=revision&revision=1409324",
"refsource": "MISC",
"name": "http://svn.apache.org/viewvc?view=revision&revision=1409324"
},
{
"url": "http://svn.apache.org/viewvc?view=revision&revision=1420698",
"refsource": "MISC",
"name": "http://svn.apache.org/viewvc?view=revision&revision=1420698"
},
{
"url": "http://www.securityfocus.com/bid/57874",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/57874"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81980",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/81980"
},
{
"url": "https://issues.apache.org/jira/browse/CXF-4629",
"refsource": "MISC",
"name": "https://issues.apache.org/jira/browse/CXF-4629"
},
{
"url": "https://issues.jboss.org/browse/JBWS-3575",
"refsource": "MISC",
"name": "https://issues.jboss.org/browse/JBWS-3575"
} }
] ]
} }

79
2012/5xxx/CVE-2012-5639.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5639", "ID": "CVE-2012-5639",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "LibreOffice; OpenOffice",
"product": {
"product_data": [
{
"product_name": "LibreOffice, OpenOffice",
"version": {
"version_data": [
{
"version_value": "through at least 2012-12-15"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,12 +27,41 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "LibreOffice; OpenOffice",
"product": {
"product_data": [
{
"product_name": "LibreOffice, OpenOffice",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "through at least 2012-12-15"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://security-tracker.debian.org/tracker/CVE-2012-5639", "url": "http://www.openwall.com/lists/oss-security/2012/12/14/1",
"refsource": "MISC", "refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2012-5639" "name": "http://www.openwall.com/lists/oss-security/2012/12/14/1"
},
{
"url": "https://access.redhat.com/security/cve/cve-2012-5639",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2012-5639"
}, },
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5639", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5639",
@ -63,19 +69,14 @@
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5639" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5639"
}, },
{ {
"url": "https://lists.apache.org/thread.html/r253f92d0e6511d07a79774002e1d9db1d20b24bff27914a5adb14ccb%40%3Cissues.openoffice.apache.org%3E",
"refsource": "MISC", "refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/12/14/1", "name": "https://lists.apache.org/thread.html/r253f92d0e6511d07a79774002e1d9db1d20b24bff27914a5adb14ccb%40%3Cissues.openoffice.apache.org%3E"
"url": "http://www.openwall.com/lists/oss-security/2012/12/14/1"
}, },
{ {
"refsource": "REDHAT", "url": "https://security-tracker.debian.org/tracker/CVE-2012-5639",
"name": "Red Hat", "refsource": "MISC",
"url": "https://access.redhat.com/security/cve/cve-2012-5639" "name": "https://security-tracker.debian.org/tracker/CVE-2012-5639"
},
{
"refsource": "MLIST",
"name": "[openoffice-issues] 20201025 [Issue 121493] CVE-2012-5639: Remote file inclusion by office application",
"url": "https://lists.apache.org/thread.html/r253f92d0e6511d07a79774002e1d9db1d20b24bff27914a5adb14ccb@%3Cissues.openoffice.apache.org%3E"
} }
] ]
} }

56
2012/5xxx/CVE-2012-5643.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "CVE-2012-5643 squid: cachemgr.cgi memory usage DoS and memory leaks" "value": "Multiple memory leaks in tools/cachemgr.cc in cachemgr.cgi in Squid 2.x and 3.x before 3.1.22, 3.2.x before 3.2.4, and 3.3.x before 3.3.0.2 allow remote attackers to cause a denial of service (memory consumption) via (1) invalid Content-Length headers, (2) long POST requests, or (3) crafted authentication credentials."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Missing Release of Memory after Effective Lifetime", "value": "n/a"
"cweId": "CWE-401"
} }
] ]
} }
@ -32,16 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Red Hat Enterprise Linux 6", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "7:3.1.10-16.el6", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
} }
] ]
} }
@ -139,55 +138,20 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-11714.patch" "name": "http://www.squid-cache.org/Versions/v3/3.2/changesets/squid-3.2-11714.patch"
}, },
{
"url": "https://access.redhat.com/errata/RHSA-2013:0505",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0505"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-5643",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-5643"
},
{ {
"url": "https://bugs.gentoo.org/show_bug.cgi?id=447596", "url": "https://bugs.gentoo.org/show_bug.cgi?id=447596",
"refsource": "MISC", "refsource": "MISC",
"name": "https://bugs.gentoo.org/show_bug.cgi?id=447596" "name": "https://bugs.gentoo.org/show_bug.cgi?id=447596"
}, },
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=887962",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=887962"
},
{ {
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0368", "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0368",
"refsource": "MISC", "refsource": "MISC",
"name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0368" "name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0368"
} },
]
},
"impact": {
"cvss": [
{ {
"accessComplexity": "LOW", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=887962",
"accessVector": "NETWORK", "refsource": "MISC",
"authentication": "NONE", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=887962"
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
} }
] ]
} }

109
2012/5xxx/CVE-2012-5653.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5653", "ID": "CVE-2012-5653",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,52 +27,76 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "88529", "url": "http://www.debian.org/security/2013/dsa-2776",
"refsource": "OSVDB", "refsource": "MISC",
"url": "http://osvdb.org/88529" "name": "http://www.debian.org/security/2013/dsa-2776"
}, },
{ {
"name": "http://drupalcode.org/project/drupal.git/commitdiff/da8023a", "url": "http://drupal.org/SA-CORE-2012-004",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://drupalcode.org/project/drupal.git/commitdiff/da8023a" "name": "http://drupal.org/SA-CORE-2012-004"
}, },
{ {
"name": "MDVSA-2013:074", "url": "http://drupalcode.org/project/drupal.git/commitdiff/da8023a",
"refsource": "MANDRIVA", "refsource": "MISC",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:074" "name": "http://drupalcode.org/project/drupal.git/commitdiff/da8023a"
}, },
{ {
"name": "http://drupal.org/SA-CORE-2012-004", "url": "http://www.openwall.com/lists/oss-security/2012/12/20/1",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://drupal.org/SA-CORE-2012-004" "name": "http://www.openwall.com/lists/oss-security/2012/12/20/1"
}, },
{ {
"name": "56993", "url": "http://www.securityfocus.com/bid/56993",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/56993" "name": "http://www.securityfocus.com/bid/56993"
}, },
{ {
"name": "http://drupalcode.org/project/drupal.git/commitdiff/b47f95d", "url": "http://drupalcode.org/project/drupal.git/commitdiff/b47f95d",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://drupalcode.org/project/drupal.git/commitdiff/b47f95d" "name": "http://drupalcode.org/project/drupal.git/commitdiff/b47f95d"
}, },
{ {
"name": "DSA-2776", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:074",
"refsource": "DEBIAN", "refsource": "MISC",
"url": "http://www.debian.org/security/2013/dsa-2776" "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:074"
}, },
{ {
"name": "[oss-security] 20121219 Re: CVE request for Drupal core, and contributed modules", "url": "http://osvdb.org/88529",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2012/12/20/1" "name": "http://osvdb.org/88529"
}, },
{ {
"name": "drupal-fileupload-code-execution(80795)", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80795",
"refsource": "XF", "refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80795" "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80795"
} }
] ]
} }

133
2012/5xxx/CVE-2012-5669.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-5669", "ID": "CVE-2012-5669",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,72 +27,96 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "1027921", "url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=07bdb6e289c7954e2a533039dc93c1c136099d2d",
"refsource": "SECTRACK", "refsource": "MISC",
"url": "http://www.securitytracker.com/id?1027921" "name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=07bdb6e289c7954e2a533039dc93c1c136099d2d"
}, },
{ {
"name": "http://www.freetype.org/", "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00056.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.freetype.org/" "name": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00056.html"
}, },
{ {
"name": "USN-1686-1", "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00068.html",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-1686-1" "name": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00068.html"
}, },
{ {
"name": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=07bdb6e289c7954e2a533039dc93c1c136099d2d", "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00078.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=07bdb6e289c7954e2a533039dc93c1c136099d2d" "name": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00078.html"
}, },
{ {
"name": "openSUSE-SU-2013:0189", "url": "http://rhn.redhat.com/errata/RHSA-2013-0216.html",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00078.html" "name": "http://rhn.redhat.com/errata/RHSA-2013-0216.html"
}, },
{ {
"name": "[oss-security] 20121224 Re: CVE Request - Multiple security fixes in freetype - 2.4.11", "url": "http://secunia.com/advisories/51826",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2012/12/25/2" "name": "http://secunia.com/advisories/51826"
}, },
{ {
"name": "openSUSE-SU-2013:0165", "url": "http://secunia.com/advisories/51900",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00056.html" "name": "http://secunia.com/advisories/51900"
}, },
{ {
"name": "RHSA-2013:0216", "url": "http://www.freetype.org/",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0216.html" "name": "http://www.freetype.org/"
}, },
{ {
"name": "https://savannah.nongnu.org/bugs/?37906", "url": "http://www.openwall.com/lists/oss-security/2012/12/25/2",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://savannah.nongnu.org/bugs/?37906" "name": "http://www.openwall.com/lists/oss-security/2012/12/25/2"
}, },
{ {
"name": "SSA:2013-015-01", "url": "http://www.securitytracker.com/id?1027921",
"refsource": "SLACKWARE", "refsource": "MISC",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.520186" "name": "http://www.securitytracker.com/id?1027921"
}, },
{ {
"name": "51900", "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.520186",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/51900" "name": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.520186"
}, },
{ {
"name": "openSUSE-SU-2013:0177", "url": "http://www.ubuntu.com/usn/USN-1686-1",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00068.html" "name": "http://www.ubuntu.com/usn/USN-1686-1"
}, },
{ {
"name": "51826", "url": "https://savannah.nongnu.org/bugs/?37906",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/51826" "name": "https://savannah.nongnu.org/bugs/?37906"
} }
] ]
} }

95
2012/6xxx/CVE-2012-6073.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-6073", "ID": "CVE-2012-6073",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,32 +27,56 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "RHSA-2013:0220", "url": "http://rhn.redhat.com/errata/RHSA-2013-0220.html",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0220.html"
},
{
"name": "[oss-security] 20121227 Re: CVE request: Jenkins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/12/28/1"
},
{
"name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20",
"refsource": "CONFIRM",
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=890608",
"refsource": "MISC", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=890608" "name": "http://rhn.redhat.com/errata/RHSA-2013-0220.html"
}, },
{ {
"name": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-11-20.cb", "url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-11-20.cb",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-11-20.cb" "name": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-11-20.cb"
},
{
"url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20",
"refsource": "MISC",
"name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/12/28/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/12/28/1"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=890608",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=890608"
} }
] ]
} }

163
2012/6xxx/CVE-2012-6093.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-6093", "ID": "CVE-2012-6093",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,67 +27,91 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "openSUSE-SU-2013:0204", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697582",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00086.html"
},
{
"name": "https://codereview.qt-project.org/#change,42461",
"refsource": "CONFIRM",
"url": "https://codereview.qt-project.org/#change,42461"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697582",
"refsource": "MISC", "refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697582" "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697582"
}, },
{ {
"name": "USN-1723-1", "url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00086.html",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1723-1"
},
{
"name": "openSUSE-SU-2013:0256",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00014.html"
},
{
"name": "52217",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/52217"
},
{
"name": "openSUSE-SU-2013:0211",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00089.html"
},
{
"name": "http://qt.gitorious.org/qt/qt/commit/3b14dc93cf0ef06f1424d7d6319a1af4505faa53%20%284.7%29",
"refsource": "CONFIRM",
"url": "http://qt.gitorious.org/qt/qt/commit/3b14dc93cf0ef06f1424d7d6319a1af4505faa53%20%284.7%29"
},
{
"name": "[Announce] 20130102 Qt Project Security Advisory: QSslSocket may report incorrect errors when certificate verification fails",
"refsource": "MLIST",
"url": "http://lists.qt-project.org/pipermail/announce/2013-January/000020.html"
},
{
"name": "http://qt.gitorious.org/qt/qt/commit/691e78e5061d4cbc0de212d23b06c5dffddf2098%20%284.8%29",
"refsource": "CONFIRM",
"url": "http://qt.gitorious.org/qt/qt/commit/691e78e5061d4cbc0de212d23b06c5dffddf2098%20%284.8%29"
},
{
"name": "[oss-security] 20130104 Re: CVE Request -- qt: QSslSocket might report inappropriate errors when certificate verification fails",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/01/04/6"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=891955",
"refsource": "MISC", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=891955" "name": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00086.html"
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00089.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00089.html"
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00014.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-02/msg00014.html"
},
{
"url": "http://lists.qt-project.org/pipermail/announce/2013-January/000020.html",
"refsource": "MISC",
"name": "http://lists.qt-project.org/pipermail/announce/2013-January/000020.html"
},
{
"url": "http://qt.gitorious.org/qt/qt/commit/3b14dc93cf0ef06f1424d7d6319a1af4505faa53%20%284.7%29",
"refsource": "MISC",
"name": "http://qt.gitorious.org/qt/qt/commit/3b14dc93cf0ef06f1424d7d6319a1af4505faa53%20%284.7%29"
},
{
"url": "http://qt.gitorious.org/qt/qt/commit/691e78e5061d4cbc0de212d23b06c5dffddf2098%20%284.8%29",
"refsource": "MISC",
"name": "http://qt.gitorious.org/qt/qt/commit/691e78e5061d4cbc0de212d23b06c5dffddf2098%20%284.8%29"
},
{
"url": "http://secunia.com/advisories/52217",
"refsource": "MISC",
"name": "http://secunia.com/advisories/52217"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/01/04/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/01/04/6"
},
{
"url": "http://www.ubuntu.com/usn/USN-1723-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1723-1"
},
{
"url": "https://codereview.qt-project.org/#change%2C42461",
"refsource": "MISC",
"name": "https://codereview.qt-project.org/#change%2C42461"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=891955",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=891955"
} }
] ]
} }

184
2012/6xxx/CVE-2012-6109.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "CVE-2012-6109 rubygem-rack: parsing Content-Disposition header DoS" "value": "lib/rack/multipart.rb in Rack before 1.1.4, 1.2.x before 1.2.6, 1.3.x before 1.3.7, and 1.4.x before 1.4.2 uses an incorrect regular expression, which allows remote attackers to cause a denial of service (infinite loop) via a crafted Content-Disposion header."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Loop with Unreachable Exit Condition ('Infinite Loop')", "value": "n/a"
"cweId": "CWE-835"
} }
] ]
} }
@ -32,139 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "CloudForms for RHEL 6", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "1:3.0.10-10.el6cf", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
},
{
"version_value": "0:2.1.4-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.5.0-0.9.beta4.el6cf",
"version_affected": "!"
},
{
"version_value": "1:1.3.0-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.5.5-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:3.8-6.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.6.1-7.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.0.4-6.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.11.3-5.el6cf",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Subscription Asset Manager 1.2",
"version": {
"version_data": [
{
"version_value": "0:1.7-2.el6_3",
"version_affected": "!"
},
{
"version_value": "0:0.6-4_redhat_1.ep6.el6.1",
"version_affected": "!"
},
{
"version_value": "0:0.7.23-1.el6_3",
"version_affected": "!"
},
{
"version_value": "0:0.19.9-5.el6_3",
"version_affected": "!"
},
{
"version_value": "0:1.2.1-15h.el6_3",
"version_affected": "!"
},
{
"version_value": "0:1.2.1-1h.el6_3",
"version_affected": "!"
},
{
"version_value": "0:1.2.1-12h.el6_3",
"version_affected": "!"
},
{
"version_value": "0:1.2.3-3h.el6_3",
"version_affected": "!"
},
{
"version_value": "0:1.2.1-2h.el6_3",
"version_affected": "!"
},
{
"version_value": "0:3.6.1-10h.el6_3",
"version_affected": "!"
},
{
"version_value": "0:2.6.17-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.1.5-4.el6_3",
"version_affected": "!"
},
{
"version_value": "1:3.0.10-10.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.0.12-2.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.1.3-1.el6_3",
"version_affected": "!"
},
{
"version_value": "0:2.3.0-3.el6cf",
"version_affected": "!"
},
{
"version_value": "1:1.3.0-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:2.0.4-6.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.6.5-0.12.git58097d9h.el6_3",
"version_affected": "!"
},
{
"version_value": "0:1.0.4-2.el6_3",
"version_affected": "!"
},
{
"version_value": "0:0.0.28-1.el6_3",
"version_affected": "!"
} }
] ]
} }
@ -187,31 +63,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0548.html" "name": "http://rhn.redhat.com/errata/RHSA-2013-0548.html"
}, },
{
"url": "https://access.redhat.com/errata/RHSA-2013:0544",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0544"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:0548",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:0548"
},
{ {
"url": "http://rack.github.com/", "url": "http://rack.github.com/",
"refsource": "MISC", "refsource": "MISC",
"name": "http://rack.github.com/" "name": "http://rack.github.com/"
}, },
{
"url": "https://access.redhat.com/security/cve/CVE-2012-6109",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-6109"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=895277",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=895277"
},
{ {
"url": "https://github.com/rack/rack/blob/master/README.rdoc", "url": "https://github.com/rack/rack/blob/master/README.rdoc",
"refsource": "MISC", "refsource": "MISC",
@ -226,31 +82,11 @@
"url": "https://groups.google.com/forum/#%21msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ", "url": "https://groups.google.com/forum/#%21msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ",
"refsource": "MISC", "refsource": "MISC",
"name": "https://groups.google.com/forum/#%21msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ" "name": "https://groups.google.com/forum/#%21msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ"
} },
]
},
"impact": {
"cvss": [
{ {
"accessComplexity": "MEDIUM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=895277",
"accessVector": "NETWORK", "refsource": "MISC",
"authentication": "NONE", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=895277"
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
} }
] ]
} }

79
2013/4xxx/CVE-2013-4195.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4195", "ID": "CVE-2013-4195",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,27 +27,51 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=978471", "url": "http://plone.org/products/plone-hotfix/releases/20130618",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=978471" "name": "http://plone.org/products/plone-hotfix/releases/20130618"
}, },
{ {
"name": "http://plone.org/products/plone/security/advisories/20130618-announcement", "url": "http://plone.org/products/plone/security/advisories/20130618-announcement",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://plone.org/products/plone/security/advisories/20130618-announcement" "name": "http://plone.org/products/plone/security/advisories/20130618-announcement"
}, },
{ {
"name": "http://plone.org/products/plone-hotfix/releases/20130618", "url": "http://seclists.org/oss-sec/2013/q3/261",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://plone.org/products/plone-hotfix/releases/20130618" "name": "http://seclists.org/oss-sec/2013/q3/261"
}, },
{ {
"name": "[oss-security] 20130801 Re: CVE Request -- Plone: 20130618 Hotfix (multiple vectors)", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=978471",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://seclists.org/oss-sec/2013/q3/261" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=978471"
} }
] ]
} }

79
2013/4xxx/CVE-2013-4196.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4196", "ID": "CVE-2013-4196",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,27 +27,51 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=978475", "url": "http://plone.org/products/plone-hotfix/releases/20130618",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=978475" "name": "http://plone.org/products/plone-hotfix/releases/20130618"
}, },
{ {
"name": "http://plone.org/products/plone/security/advisories/20130618-announcement", "url": "http://plone.org/products/plone/security/advisories/20130618-announcement",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://plone.org/products/plone/security/advisories/20130618-announcement" "name": "http://plone.org/products/plone/security/advisories/20130618-announcement"
}, },
{ {
"name": "http://plone.org/products/plone-hotfix/releases/20130618", "url": "http://seclists.org/oss-sec/2013/q3/261",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://plone.org/products/plone-hotfix/releases/20130618" "name": "http://seclists.org/oss-sec/2013/q3/261"
}, },
{ {
"name": "[oss-security] 20130801 Re: CVE Request -- Plone: 20130618 Hotfix (multiple vectors)", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=978475",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://seclists.org/oss-sec/2013/q3/261" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=978475"
} }
] ]
} }

103
2013/4xxx/CVE-2013-4205.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4205", "ID": "CVE-2013-4205",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,42 +27,66 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "https://github.com/torvalds/linux/commit/6160968cee8b90a5dd95318d716e31d7775c4ef3", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6160968cee8b90a5dd95318d716e31d7775c4ef3",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/6160968cee8b90a5dd95318d716e31d7775c4ef3"
},
{
"name": "[oss-security] 20130806 Re: CLONE_NEWUSER local DoS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/08/06/2"
},
{
"name": "http://twitter.com/grsecurity/statuses/364566062336978944",
"refsource": "MISC", "refsource": "MISC",
"url": "http://twitter.com/grsecurity/statuses/364566062336978944" "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=6160968cee8b90a5dd95318d716e31d7775c4ef3"
}, },
{ {
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.6", "url": "http://twitter.com/grsecurity/statuses/364566062336978944",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.6" "name": "http://twitter.com/grsecurity/statuses/364566062336978944"
}, },
{ {
"name": "USN-1971-1", "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.6",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-1971-1" "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.6"
}, },
{ {
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6160968cee8b90a5dd95318d716e31d7775c4ef3", "url": "http://www.openwall.com/lists/oss-security/2013/08/06/2",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=6160968cee8b90a5dd95318d716e31d7775c4ef3" "name": "http://www.openwall.com/lists/oss-security/2013/08/06/2"
}, },
{ {
"name": "USN-1974-1", "url": "http://www.ubuntu.com/usn/USN-1971-1",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-1974-1" "name": "http://www.ubuntu.com/usn/USN-1971-1"
},
{
"url": "http://www.ubuntu.com/usn/USN-1974-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1974-1"
},
{
"url": "https://github.com/torvalds/linux/commit/6160968cee8b90a5dd95318d716e31d7775c4ef3",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/6160968cee8b90a5dd95318d716e31d7775c4ef3"
} }
] ]
} }

75
2013/4xxx/CVE-2013-4215.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4215", "ID": "CVE-2013-4215",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,27 +27,51 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "http://tracker.nagios.org/view.php?id=451", "url": "http://osvdb.org/96085",
"refsource": "MISC", "refsource": "MISC",
"url": "http://tracker.nagios.org/view.php?id=451" "name": "http://osvdb.org/96085"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=957482", "url": "http://seclists.org/oss-sec/2013/q3/310",
"refsource": "MISC", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=957482" "name": "http://seclists.org/oss-sec/2013/q3/310"
}, },
{ {
"name": "[oss-security] 20130807 Some Nagios /tmp vulns (no reply from upstream)", "url": "http://tracker.nagios.org/view.php?id=451",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://seclists.org/oss-sec/2013/q3/310" "name": "http://tracker.nagios.org/view.php?id=451"
}, },
{ {
"name": "96085", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=957482",
"refsource": "OSVDB", "refsource": "MISC",
"url": "http://osvdb.org/96085" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=957482"
} }
] ]
} }

67
2013/4xxx/CVE-2013-4216.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4216", "ID": "CVE-2013-4216",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,17 +27,41 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "[oss-security] 20130808 Re: CVE Request -- Four flaws in WiMAX (afaik upstream is dead for this)", "url": "http://www.openwall.com/lists/oss-security/2013/08/08/17",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2013/08/08/17" "name": "http://www.openwall.com/lists/oss-security/2013/08/08/17"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=911122", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=911122",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=911122" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=911122"
} }
] ]
} }

1329
2013/4xxx/CVE-2013-4225.json
View File

File diff suppressed because it is too large Load Diff

81
2013/4xxx/CVE-2013-4235.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4235", "ID": "CVE-2013-4235",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "shadow",
"version": {
"version_data": [
{
"version_value": "1"
}
]
}
}
]
},
"vendor_name": "shadow"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,17 +27,36 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "shadow",
"product": {
"product_data": [
{
"product_name": "shadow",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4235", "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E",
"refsource": "MISC", "refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2013-4235" "name": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235"
}, },
{ {
"url": "https://access.redhat.com/security/cve/cve-2013-4235", "url": "https://access.redhat.com/security/cve/cve-2013-4235",
@ -68,14 +64,19 @@
"name": "https://access.redhat.com/security/cve/cve-2013-4235" "name": "https://access.redhat.com/security/cve/cve-2013-4235"
}, },
{ {
"refsource": "MLIST", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235",
"name": "[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar", "refsource": "MISC",
"url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235"
}, },
{ {
"refsource": "GENTOO", "url": "https://security-tracker.debian.org/tracker/CVE-2013-4235",
"name": "GLSA-202210-26", "refsource": "MISC",
"url": "https://security.gentoo.org/glsa/202210-26" "name": "https://security-tracker.debian.org/tracker/CVE-2013-4235"
},
{
"url": "https://security.gentoo.org/glsa/202210-26",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/202210-26"
} }
] ]
} }

73
2013/4xxx/CVE-2013-4236.json
View File

@ -1,40 +1,17 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4236", "ID": "CVE-2013-4236",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become \"unavailable to the managment server\" via invalid XML characters in a guest agent response. NOTE: this issue is due to an incomplete fix for CVE-2013-0167." "value": "VDSM in Red Hat Enterprise Virtualization 3 and 3.2 allows privileged guest users to cause the host to become \"unavailable to the managment server\" via invalid XML characters in a guest agent response. NOTE: this issue is due to an incomplete fix for CVE-2013-0167."
} }
] ]
}, },
@ -50,22 +27,46 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "http://gerrit.ovirt.org/gitweb?p=vdsm.git;a=commit;h=5fe1615b7949999fc9abd896bde63bf24f8431d6", "url": "http://gerrit.ovirt.org/gitweb?p=vdsm.git%3Ba=commit%3Bh=5fe1615b7949999fc9abd896bde63bf24f8431d6",
"refsource": "MISC", "refsource": "MISC",
"url": "http://gerrit.ovirt.org/gitweb?p=vdsm.git;a=commit;h=5fe1615b7949999fc9abd896bde63bf24f8431d6" "name": "http://gerrit.ovirt.org/gitweb?p=vdsm.git%3Ba=commit%3Bh=5fe1615b7949999fc9abd896bde63bf24f8431d6"
}, },
{ {
"name": "RHSA-2013:1155", "url": "http://rhn.redhat.com/errata/RHSA-2013-1155.html",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1155.html" "name": "http://rhn.redhat.com/errata/RHSA-2013-1155.html"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=996166", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=996166",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=996166" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=996166"
} }
] ]
} }

63
2013/4xxx/CVE-2013-4245.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4245", "ID": "CVE-2013-4245",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Orca",
"product": {
"product_data": [
{
"product_name": "Orca",
"version": {
"version_data": [
{
"version_value": "3.14.0"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,12 +27,36 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Orca",
"product": {
"product_data": [
{
"product_name": "Orca",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.14.0"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4245", "url": "https://access.redhat.com/security/cve/cve-2013-4245",
"refsource": "MISC", "refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2013-4245" "name": "https://access.redhat.com/security/cve/cve-2013-4245"
}, },
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4245", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4245",
@ -68,9 +69,9 @@
"name": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-4245" "name": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2013-4245"
}, },
{ {
"url": "https://access.redhat.com/security/cve/cve-2013-4245", "url": "https://security-tracker.debian.org/tracker/CVE-2013-4245",
"refsource": "MISC", "refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2013-4245" "name": "https://security-tracker.debian.org/tracker/CVE-2013-4245"
} }
] ]
} }

99
2013/4xxx/CVE-2013-4255.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4255", "ID": "CVE-2013-4255",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,32 +27,56 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "RHSA-2013:1172", "url": "http://rhn.redhat.com/errata/RHSA-2013-1171.html",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1172.html"
},
{
"name": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1786",
"refsource": "CONFIRM",
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1786"
},
{
"name": "RHSA-2013:1171",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1171.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=919401",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=919401"
},
{
"name": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=3829",
"refsource": "MISC", "refsource": "MISC",
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=3829" "name": "http://rhn.redhat.com/errata/RHSA-2013-1171.html"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-1172.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1172.html"
},
{
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1786",
"refsource": "MISC",
"name": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1786"
},
{
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=3829",
"refsource": "MISC",
"name": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=3829"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=919401",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=919401"
} }
] ]
} }

97
2013/4xxx/CVE-2013-4256.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4256", "ID": "CVE-2013-4256",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,42 +27,66 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "[oss-security] 20130819 Re: CVE Request : NAS v1.9.3 multiple Vulnerabilites", "url": "http://radscan.com/pipermail/nas/2013-August/001270.html",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2013/08/19/3" "name": "http://radscan.com/pipermail/nas/2013-August/001270.html"
}, },
{ {
"name": "[nas] 20130807 nas: Multiple Vulnerabilities in nas 1.9.3", "url": "http://sourceforge.net/p/nas/code/288",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://radscan.com/pipermail/nas/2013-August/001270.html" "name": "http://sourceforge.net/p/nas/code/288"
}, },
{ {
"name": "[oss-security] 20130816 CVE Request : NAS v1.9.3 multiple Vulnerabilites", "url": "http://www.debian.org/security/2013/dsa-2771",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2013/08/16/2" "name": "http://www.debian.org/security/2013/dsa-2771"
}, },
{ {
"name": "http://sourceforge.net/p/nas/code/288", "url": "http://www.openwall.com/lists/oss-security/2013/08/16/2",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://sourceforge.net/p/nas/code/288" "name": "http://www.openwall.com/lists/oss-security/2013/08/16/2"
}, },
{ {
"name": "DSA-2771", "url": "http://www.openwall.com/lists/oss-security/2013/08/19/3",
"refsource": "DEBIAN", "refsource": "MISC",
"url": "http://www.debian.org/security/2013/dsa-2771" "name": "http://www.openwall.com/lists/oss-security/2013/08/19/3"
}, },
{ {
"name": "61848", "url": "http://www.securityfocus.com/bid/61848",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/61848" "name": "http://www.securityfocus.com/bid/61848"
}, },
{ {
"name": "USN-1986-1", "url": "http://www.ubuntu.com/usn/USN-1986-1",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-1986-1" "name": "http://www.ubuntu.com/usn/USN-1986-1"
} }
] ]
} }

103
2013/4xxx/CVE-2013-4276.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4276", "ID": "CVE-2013-4276",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,47 +27,71 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "USN-3770-2", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718682",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "https://usn.ubuntu.com/3770-2/" "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718682"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=992975", "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00021.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=992975" "name": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00021.html"
}, },
{ {
"name": "61607", "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00029.html",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/61607" "name": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00029.html"
}, },
{ {
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718682", "url": "http://www.openwall.com/lists/oss-security/2013/08/22/3",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718682" "name": "http://www.openwall.com/lists/oss-security/2013/08/22/3"
}, },
{ {
"name": "openSUSE-SU-2013:1560", "url": "http://www.securityfocus.com/bid/61607",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00029.html" "name": "http://www.securityfocus.com/bid/61607"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=991757", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=991757",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=991757" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=991757"
}, },
{ {
"name": "openSUSE-SU-2013:1547", "url": "https://usn.ubuntu.com/3770-2/",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00021.html" "name": "https://usn.ubuntu.com/3770-2/"
}, },
{ {
"name": "[oss-security] 20130822 Re: CVE request: lcms 1.x buffer overflows", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=992975",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2013/08/22/3" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=992975"
} }
] ]
} }

121
2013/4xxx/CVE-2013-4296.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4296", "ID": "CVE-2013-4296",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,62 +27,86 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "60895", "url": "http://wiki.libvirt.org/page/Maintenance_Releases",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/60895" "name": "http://wiki.libvirt.org/page/Maintenance_Releases"
}, },
{ {
"name": "GLSA-201412-04", "url": "http://rhn.redhat.com/errata/RHSA-2013-1460.html",
"refsource": "GENTOO", "refsource": "MISC",
"url": "http://security.gentoo.org/glsa/glsa-201412-04.xml" "name": "http://rhn.redhat.com/errata/RHSA-2013-1460.html"
}, },
{ {
"name": "http://libvirt.org/git/?p=libvirt.git;a=commit;h=e7f400a110e2e3673b96518170bfea0855dd82c0", "url": "http://secunia.com/advisories/60895",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://libvirt.org/git/?p=libvirt.git;a=commit;h=e7f400a110e2e3673b96518170bfea0855dd82c0" "name": "http://secunia.com/advisories/60895"
}, },
{ {
"name": "DSA-2764", "url": "http://security.gentoo.org/glsa/glsa-201412-04.xml",
"refsource": "DEBIAN", "refsource": "MISC",
"url": "http://www.debian.org/security/2013/dsa-2764" "name": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
}, },
{ {
"name": "USN-1954-1", "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00023.html",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-1954-1" "name": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00023.html"
}, },
{ {
"name": "http://wiki.libvirt.org/page/Maintenance_Releases", "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00024.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://wiki.libvirt.org/page/Maintenance_Releases" "name": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00024.html"
}, },
{ {
"name": "RHSA-2013:1272", "url": "http://rhn.redhat.com/errata/RHSA-2013-1272.html",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1272.html" "name": "http://rhn.redhat.com/errata/RHSA-2013-1272.html"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1006173", "url": "http://www.ubuntu.com/usn/USN-1954-1",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1006173" "name": "http://www.ubuntu.com/usn/USN-1954-1"
}, },
{ {
"name": "RHSA-2013:1460", "url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=e7f400a110e2e3673b96518170bfea0855dd82c0",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1460.html" "name": "http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=e7f400a110e2e3673b96518170bfea0855dd82c0"
}, },
{ {
"name": "openSUSE-SU-2013:1550", "url": "http://www.debian.org/security/2013/dsa-2764",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00024.html" "name": "http://www.debian.org/security/2013/dsa-2764"
}, },
{ {
"name": "openSUSE-SU-2013:1549", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1006173",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00023.html" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1006173"
} }
] ]
} }

97
2013/4xxx/CVE-2013-4325.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4325", "ID": "CVE-2013-4325",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,42 +27,66 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "RHSA-2013:1274", "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00062.html",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1274.html" "name": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00062.html"
}, },
{ {
"name": "USN-1956-1", "url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00000.html",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-1956-1" "name": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00000.html"
}, },
{ {
"name": "openSUSE-SU-2013:1617", "url": "http://rhn.redhat.com/errata/RHSA-2013-1274.html",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00062.html" "name": "http://rhn.redhat.com/errata/RHSA-2013-1274.html"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1002375", "url": "http://www.debian.org/security/2013/dsa-2829",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1002375" "name": "http://www.debian.org/security/2013/dsa-2829"
}, },
{ {
"name": "DSA-2829", "url": "http://www.ubuntu.com/usn/USN-1956-1",
"refsource": "DEBIAN", "refsource": "MISC",
"url": "http://www.debian.org/security/2013/dsa-2829" "name": "http://www.ubuntu.com/usn/USN-1956-1"
}, },
{ {
"name": "openSUSE-SU-2013:1620", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1002375",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00000.html" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1002375"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1006674", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1006674",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1006674" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1006674"
} }
] ]
} }

99
2013/4xxx/CVE-2013-4326.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4326", "ID": "CVE-2013-4326",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,32 +27,56 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "openSUSE-SU-2013:1597", "url": "http://www.openwall.com/lists/oss-security/2013/09/18/6",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00051.html"
},
{
"name": "RHSA-2013:1282",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1282.html"
},
{
"name": "[oss-security] 20130918 Re: Fwd: [vs-plain] polkit races",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/09/18/6"
},
{
"name": "openSUSE-SU-2013:1548",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00022.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1006677",
"refsource": "MISC", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1006677" "name": "http://www.openwall.com/lists/oss-security/2013/09/18/6"
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00022.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00022.html"
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00051.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00051.html"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-1282.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1282.html"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1006677",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1006677"
} }
] ]
} }

80
2013/4xxx/CVE-2013-4345.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "CVE-2013-4345 kernel: ansi_cprng: off by one error in non-block size request" "value": "Off-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via multiple requests for small amounts of data, leading to improper management of the state of the consumed data."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Off-by-one Error", "value": "n/a"
"cweId": "CWE-193"
} }
] ]
} }
@ -32,38 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Red Hat Enterprise Linux 5", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "0:2.6.18-371.1.2.el5", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-431.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise MRG 2",
"version": {
"version_data": [
{
"version_value": "0:3.8.13-rt14.25.el6rt",
"version_affected": "!"
} }
] ]
} }
@ -116,11 +93,6 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1490.html" "name": "http://rhn.redhat.com/errata/RHSA-2013-1490.html"
}, },
{
"url": "https://access.redhat.com/errata/RHSA-2013:1490",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:1490"
},
{ {
"url": "http://rhn.redhat.com/errata/RHSA-2013-1449.html", "url": "http://rhn.redhat.com/errata/RHSA-2013-1449.html",
"refsource": "MISC", "refsource": "MISC",
@ -131,16 +103,6 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1645.html" "name": "http://rhn.redhat.com/errata/RHSA-2013-1645.html"
}, },
{
"url": "https://access.redhat.com/errata/RHSA-2013:1449",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:1449"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:1645",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:1645"
},
{ {
"url": "http://www.ubuntu.com/usn/USN-2064-1", "url": "http://www.ubuntu.com/usn/USN-2064-1",
"refsource": "MISC", "refsource": "MISC",
@ -176,41 +138,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2110-1" "name": "http://www.ubuntu.com/usn/USN-2110-1"
}, },
{
"url": "https://access.redhat.com/security/cve/CVE-2013-4345",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-4345"
},
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1007690", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1007690",
"refsource": "MISC", "refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1007690" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1007690"
} }
] ]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
}
]
} }
} }

2334
2013/4xxx/CVE-2013-4346.json
View File

File diff suppressed because it is too large Load Diff

53
2013/4xxx/CVE-2013-4355.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "CVE-2013-4355 Kernel: Xen: Xsa-63: information leak via I/O instruction emulation" "value": "Xen 4.3.x and earlier does not properly handle certain errors, which allows local HVM guests to obtain hypervisor stack memory via a (1) port or (2) memory mapped I/O write or (3) other unspecified operations related to addresses without associated memory."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Exposure of Sensitive Information to an Unauthorized Actor", "value": "n/a"
"cweId": "CWE-200"
} }
] ]
} }
@ -32,16 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Red Hat Enterprise Linux 5", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "0:2.6.18-371.3.1.el5", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
} }
] ]
} }
@ -93,46 +92,6 @@
"url": "http://www.openwall.com/lists/oss-security/2013/09/30/1", "url": "http://www.openwall.com/lists/oss-security/2013/09/30/1",
"refsource": "MISC", "refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/09/30/1" "name": "http://www.openwall.com/lists/oss-security/2013/09/30/1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:1790",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:1790"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-4355",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-4355"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1009598",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1009598"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:M/Au:S/C:P/I:N/A:N",
"version": "2.0"
} }
] ]
} }

79
2013/4xxx/CVE-2013-4356.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4356", "ID": "CVE-2013-4356",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,27 +27,51 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "54962", "url": "http://security.gentoo.org/glsa/glsa-201407-03.xml",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/54962" "name": "http://security.gentoo.org/glsa/glsa-201407-03.xml"
}, },
{ {
"name": "GLSA-201407-03", "url": "http://secunia.com/advisories/54962",
"refsource": "GENTOO", "refsource": "MISC",
"url": "http://security.gentoo.org/glsa/glsa-201407-03.xml" "name": "http://secunia.com/advisories/54962"
}, },
{ {
"name": "[oss-security] 20130930 Xen Security Advisory 64 (CVE-2013-4356) - Memory accessible by 64-bit PV guests under live migration", "url": "http://www.openwall.com/lists/oss-security/2013/09/30/2",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2013/09/30/2" "name": "http://www.openwall.com/lists/oss-security/2013/09/30/2"
}, },
{ {
"name": "62709", "url": "http://www.securityfocus.com/bid/62709",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/62709" "name": "http://www.securityfocus.com/bid/62709"
} }
] ]
} }

79
2013/4xxx/CVE-2013-4375.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4375", "ID": "CVE-2013-4375",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,27 +27,51 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "http://xenproject.org/downloads/xen-archives/supported-xen-43-series/xen-431.html", "url": "http://security.gentoo.org/glsa/glsa-201407-03.xml",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://xenproject.org/downloads/xen-archives/supported-xen-43-series/xen-431.html" "name": "http://security.gentoo.org/glsa/glsa-201407-03.xml"
}, },
{ {
"name": "GLSA-201407-03", "url": "http://www.ubuntu.com/usn/USN-2092-1",
"refsource": "GENTOO", "refsource": "MISC",
"url": "http://security.gentoo.org/glsa/glsa-201407-03.xml" "name": "http://www.ubuntu.com/usn/USN-2092-1"
}, },
{ {
"name": "USN-2092-1", "url": "http://www.openwall.com/lists/oss-security/2013/10/10/14",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-2092-1" "name": "http://www.openwall.com/lists/oss-security/2013/10/10/14"
}, },
{ {
"name": "[oss-security] 20131010 Xen Security Advisory 71 (CVE-2013-4375) - qemu disk backend (qdisk) resource leak", "url": "http://xenproject.org/downloads/xen-archives/supported-xen-43-series/xen-431.html",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2013/10/10/14" "name": "http://xenproject.org/downloads/xen-archives/supported-xen-43-series/xen-431.html"
} }
] ]
} }

91
2013/4xxx/CVE-2013-4385.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4385", "ID": "CVE-2013-4385",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,37 +27,61 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "62690", "url": "http://lists.gnu.org/archive/html/chicken-announce/2013-10/msg00000.html",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/62690" "name": "http://lists.gnu.org/archive/html/chicken-announce/2013-10/msg00000.html"
}, },
{ {
"name": "[chicken-announce] 20130927 Re: [SECURITY] Buffer overrun in some uses of read-string! procedure from \"extras\"", "url": "http://lists.nongnu.org/archive/html/chicken-announce/2013-09/msg00000.html",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://lists.nongnu.org/archive/html/chicken-announce/2013-09/msg00001.html" "name": "http://lists.nongnu.org/archive/html/chicken-announce/2013-09/msg00000.html"
}, },
{ {
"name": "[chicken-announce] 20130926 [SECURITY] Buffer overrun in some uses of read-string! procedure from \"extras\"", "url": "http://lists.nongnu.org/archive/html/chicken-announce/2013-09/msg00001.html",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://lists.nongnu.org/archive/html/chicken-announce/2013-09/msg00000.html" "name": "http://lists.nongnu.org/archive/html/chicken-announce/2013-09/msg00001.html"
}, },
{ {
"name": "[chicken-announce] 20131003 Chicken 4.8.0.5 released", "url": "http://secunia.com/advisories/55009",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://lists.gnu.org/archive/html/chicken-announce/2013-10/msg00000.html" "name": "http://secunia.com/advisories/55009"
}, },
{ {
"name": "GLSA-201612-54", "url": "http://www.securityfocus.com/bid/62690",
"refsource": "GENTOO", "refsource": "MISC",
"url": "https://security.gentoo.org/glsa/201612-54" "name": "http://www.securityfocus.com/bid/62690"
}, },
{ {
"name": "55009", "url": "https://security.gentoo.org/glsa/201612-54",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/55009" "name": "https://security.gentoo.org/glsa/201612-54"
} }
] ]
} }

1345
2013/4xxx/CVE-2013-4386.json
View File

File diff suppressed because it is too large Load Diff

73
2013/4xxx/CVE-2013-4405.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "CVE-2013-4405 cumin: CSRF protection does not work" "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface for cumin in Red Hat Enterprise MRG Grid 2.4 allow remote attackers to hijack the authentication of cumin users for unspecified requests."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Cross-Site Request Forgery (CSRF)", "value": "n/a"
"cweId": "CWE-352"
} }
] ]
} }
@ -32,31 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "MRG for RHEL-5 v. 2", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "0:0.1.5787-4.el5", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
}
]
}
},
{
"product_name": "Red Hat Enterprise MRG 2",
"version": {
"version_data": [
{
"version_value": "0:0.1.5787-4.el6",
"version_affected": "!"
},
{
"version_value": "0:1.8.23.2-1.el6",
"version_affected": "!"
} }
] ]
} }
@ -79,55 +63,10 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1852.html" "name": "http://rhn.redhat.com/errata/RHSA-2013-1852.html"
}, },
{
"url": "https://access.redhat.com/errata/RHSA-2013:1851",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:1851"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:1852",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:1852"
},
{ {
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=998561", "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=998561",
"refsource": "MISC", "refsource": "MISC",
"name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=998561" "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=998561"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-4405",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-4405"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=998561",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=998561"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
} }
] ]
} }

97
2013/4xxx/CVE-2013-4416.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4416", "ID": "CVE-2013-4416",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,42 +27,66 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "GLSA-201407-03", "url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00009.html",
"refsource": "GENTOO", "refsource": "MISC",
"url": "http://security.gentoo.org/glsa/glsa-201407-03.xml" "name": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00009.html"
}, },
{ {
"name": "1029264", "url": "http://security.gentoo.org/glsa/glsa-201407-03.xml",
"refsource": "SECTRACK", "refsource": "MISC",
"url": "http://www.securitytracker.com/id/1029264" "name": "http://security.gentoo.org/glsa/glsa-201407-03.xml"
}, },
{ {
"name": "99072", "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00059.html",
"refsource": "OSVDB", "refsource": "MISC",
"url": "http://osvdb.org/99072" "name": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00059.html"
}, },
{ {
"name": "[oss-security] 20131029 Xen Security Advisory 72 (CVE-2013-4416) - ocaml xenstored mishandles oversized message replies", "url": "http://osvdb.org/99072",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2013/10/29/5" "name": "http://osvdb.org/99072"
}, },
{ {
"name": "63404", "url": "http://www.openwall.com/lists/oss-security/2013/10/29/5",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/63404" "name": "http://www.openwall.com/lists/oss-security/2013/10/29/5"
}, },
{ {
"name": "openSUSE-SU-2013:1636", "url": "http://www.securityfocus.com/bid/63404",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00009.html" "name": "http://www.securityfocus.com/bid/63404"
}, },
{ {
"name": "openSUSE-SU-2013:1876", "url": "http://www.securitytracker.com/id/1029264",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00059.html" "name": "http://www.securitytracker.com/id/1029264"
} }
] ]
} }

91
2013/4xxx/CVE-2013-4445.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4445", "ID": "CVE-2013-4445",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,37 +27,61 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "FEDORA-2013-20965", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/121433.html",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/122308.html" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/121433.html"
}, },
{ {
"name": "https://drupal.org/node/2113317", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/122298.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://drupal.org/node/2113317" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/122298.html"
}, },
{ {
"name": "https://drupal.org/node/2112785", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/122308.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://drupal.org/node/2112785" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/122308.html"
}, },
{ {
"name": "FEDORA-2013-20942", "url": "https://drupal.org/node/2112785",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/121433.html" "name": "https://drupal.org/node/2112785"
}, },
{ {
"name": "FEDORA-2013-20976", "url": "https://drupal.org/node/2112791",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/122298.html" "name": "https://drupal.org/node/2112791"
}, },
{ {
"name": "https://drupal.org/node/2112791", "url": "https://drupal.org/node/2113317",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://drupal.org/node/2112791" "name": "https://drupal.org/node/2113317"
} }
] ]
} }

1356
2014/0xxx/CVE-2014-0007.json
View File

File diff suppressed because it is too large Load Diff

91
2014/0xxx/CVE-2014-0008.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0008", "ID": "CVE-2014-0008",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,37 +27,61 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "https://moodle.org/mod/forum/discuss.php?d=252414", "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36721",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://moodle.org/mod/forum/discuss.php?d=252414" "name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36721"
}, },
{ {
"name": "[oss-security] 20140120 Moodle security notifications public", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127510.html",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://openwall.com/lists/oss-security/2014/01/20/1" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127510.html"
}, },
{ {
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36721", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127533.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36721" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127533.html"
}, },
{ {
"name": "FEDORA-2014-1396", "url": "http://openwall.com/lists/oss-security/2014/01/20/1",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127533.html" "name": "http://openwall.com/lists/oss-security/2014/01/20/1"
}, },
{ {
"name": "FEDORA-2014-1377", "url": "http://www.securitytracker.com/id/1029647",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127510.html" "name": "http://www.securitytracker.com/id/1029647"
}, },
{ {
"name": "1029647", "url": "https://moodle.org/mod/forum/discuss.php?d=252414",
"refsource": "SECTRACK", "refsource": "MISC",
"url": "http://www.securitytracker.com/id/1029647" "name": "https://moodle.org/mod/forum/discuss.php?d=252414"
} }
] ]
} }

91
2014/0xxx/CVE-2014-0009.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0009", "ID": "CVE-2014-0009",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,37 +27,61 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "[oss-security] 20140120 Moodle security notifications public", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127510.html",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://openwall.com/lists/oss-security/2014/01/20/1" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127510.html"
}, },
{ {
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-42643", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127533.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-42643" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127533.html"
}, },
{ {
"name": "https://moodle.org/mod/forum/discuss.php?d=252415", "url": "http://openwall.com/lists/oss-security/2014/01/20/1",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://moodle.org/mod/forum/discuss.php?d=252415" "name": "http://openwall.com/lists/oss-security/2014/01/20/1"
}, },
{ {
"name": "FEDORA-2014-1396", "url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-42643",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127533.html" "name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-42643"
}, },
{ {
"name": "FEDORA-2014-1377", "url": "http://www.securitytracker.com/id/1029648",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/127510.html" "name": "http://www.securitytracker.com/id/1029648"
}, },
{ {
"name": "1029648", "url": "https://moodle.org/mod/forum/discuss.php?d=252415",
"refsource": "SECTRACK", "refsource": "MISC",
"url": "http://www.securitytracker.com/id/1029648" "name": "https://moodle.org/mod/forum/discuss.php?d=252415"
} }
] ]
} }

103
2014/0xxx/CVE-2014-0017.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0017", "ID": "CVE-2014-0017",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,47 +27,71 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "USN-2145-1", "url": "http://www.openwall.com/lists/oss-security/2014/03/05/1",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-2145-1" "name": "http://www.openwall.com/lists/oss-security/2014/03/05/1"
}, },
{ {
"name": "DSA-2879", "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00036.html",
"refsource": "DEBIAN", "refsource": "MISC",
"url": "http://www.debian.org/security/2014/dsa-2879" "name": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00036.html"
}, },
{ {
"name": "openSUSE-SU-2014:0366", "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00040.html",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00036.html" "name": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00040.html"
}, },
{ {
"name": "57407", "url": "http://secunia.com/advisories/57407",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/57407" "name": "http://secunia.com/advisories/57407"
}, },
{ {
"name": "[oss-security] 20140305 libssh and stunnel PRNG flaws", "url": "http://www.debian.org/security/2014/dsa-2879",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2014/03/05/1" "name": "http://www.debian.org/security/2014/dsa-2879"
}, },
{ {
"name": "http://www.libssh.org/2014/03/04/libssh-0-6-3-security-release/", "url": "http://www.libssh.org/2014/03/04/libssh-0-6-3-security-release/",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.libssh.org/2014/03/04/libssh-0-6-3-security-release/" "name": "http://www.libssh.org/2014/03/04/libssh-0-6-3-security-release/"
}, },
{ {
"name": "openSUSE-SU-2014:0370", "url": "http://www.ubuntu.com/usn/USN-2145-1",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00040.html" "name": "http://www.ubuntu.com/usn/USN-2145-1"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1072191", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1072191",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1072191" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1072191"
} }
] ]
} }

85
2014/0xxx/CVE-2014-0018.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0018", "ID": "CVE-2014-0018",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,32 +27,56 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "RHSA-2014:0170", "url": "http://rhn.redhat.com/errata/RHSA-2014-0170.html",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0170.html" "name": "http://rhn.redhat.com/errata/RHSA-2014-0170.html"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1052783", "url": "http://rhn.redhat.com/errata/RHSA-2014-0171.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052783" "name": "http://rhn.redhat.com/errata/RHSA-2014-0171.html"
}, },
{ {
"name": "RHSA-2014:0172", "url": "http://rhn.redhat.com/errata/RHSA-2014-0172.html",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0172.html" "name": "http://rhn.redhat.com/errata/RHSA-2014-0172.html"
}, },
{ {
"name": "65591", "url": "http://www.securityfocus.com/bid/65591",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/65591" "name": "http://www.securityfocus.com/bid/65591"
}, },
{ {
"name": "RHSA-2014:0171", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052783",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0171.html" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1052783"
} }
] ]
} }

99
2014/0xxx/CVE-2014-0027.json
View File

@ -1,40 +1,17 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0027", "ID": "CVE-2014-0027",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "The play_wave_from_socket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third party information." "value": "The play_wave_from_socket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third party information."
} }
] ]
}, },
@ -50,42 +27,66 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "FEDORA-2014-0579", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127748.html",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127776.html" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127748.html"
}, },
{ {
"name": "64791", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127776.html",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/64791" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127776.html"
}, },
{ {
"name": "MDVSA-2014:032", "url": "http://seclists.org/oss-sec/2014/q1/59",
"refsource": "MANDRIVA", "refsource": "MISC",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:032" "name": "http://seclists.org/oss-sec/2014/q1/59"
}, },
{ {
"name": "101948", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:032",
"refsource": "OSVDB", "refsource": "MISC",
"url": "http://www.osvdb.org/101948" "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:032"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1048678", "url": "http://www.osvdb.org/101948",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1048678" "name": "http://www.osvdb.org/101948"
}, },
{ {
"name": "[oss-security] 20140110 temporary file issue in flite", "url": "http://www.securityfocus.com/bid/64791",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://seclists.org/oss-sec/2014/q1/59" "name": "http://www.securityfocus.com/bid/64791"
}, },
{ {
"name": "FEDORA-2014-0574", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1048678",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127748.html" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1048678"
} }
] ]
} }

97
2014/0xxx/CVE-2014-0028.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0028", "ID": "CVE-2014-0028",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,42 +27,66 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "USN-2093-1", "url": "http://libvirt.org/news.html",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-2093-1" "name": "http://libvirt.org/news.html"
}, },
{ {
"name": "http://libvirt.org/news.html", "url": "http://secunia.com/advisories/60895",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://libvirt.org/news.html" "name": "http://secunia.com/advisories/60895"
}, },
{ {
"name": "60895", "url": "http://security.gentoo.org/glsa/glsa-201412-04.xml",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/60895" "name": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
}, },
{ {
"name": "GLSA-201412-04", "url": "http://www.ubuntu.com/usn/USN-2093-1",
"refsource": "GENTOO", "refsource": "MISC",
"url": "http://security.gentoo.org/glsa/glsa-201412-04.xml" "name": "http://www.ubuntu.com/usn/USN-2093-1"
}, },
{ {
"name": "openSUSE-SU-2014:0268", "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00060.html",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00060.html" "name": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00060.html"
}, },
{ {
"name": "[libvirt] 20140115 [PATCH 0/4] CVE-2014-0028: domain events vs. ACL filtering", "url": "https://www.redhat.com/archives/libvir-list/2014-January/msg00684.html",
"refsource": "MLIST", "refsource": "MISC",
"url": "https://www.redhat.com/archives/libvir-list/2014-January/msg00684.html" "name": "https://www.redhat.com/archives/libvir-list/2014-January/msg00684.html"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1048637", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1048637",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1048637" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1048637"
} }
] ]
} }

61
2014/0xxx/CVE-2014-0029.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0029", "ID": "CVE-2014-0029",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,12 +27,36 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1059433", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1059433",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1059433" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1059433"
} }
] ]
} }

79
2014/0xxx/CVE-2014-0037.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0037", "ID": "CVE-2014-0037",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,27 +27,51 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1056767", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:044",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1056767" "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:044"
}, },
{ {
"name": "[oss-security] 20140131 Security Flaw CVE-2014-0037", "url": "http://www.openwall.com/lists/oss-security/2014/01/31/14",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2014/01/31/14" "name": "http://www.openwall.com/lists/oss-security/2014/01/31/14"
}, },
{ {
"name": "MDVSA-2014:044", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1059903",
"refsource": "MANDRIVA", "refsource": "MISC",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:044" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1059903"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1059903", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1056767",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1059903" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1056767"
} }
] ]
} }

175
2014/0xxx/CVE-2014-0038.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0038", "ID": "CVE-2014-0038",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,102 +27,126 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2def2ef2ae5f3990aabdbe8a755911902707d268", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2def2ef2ae5f3990aabdbe8a755911902707d268"
},
{
"name": "USN-2096-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2096-1"
},
{
"name": "https://github.com/saelo/cve-2014-0038",
"refsource": "MISC", "refsource": "MISC",
"url": "https://github.com/saelo/cve-2014-0038" "name": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html"
}, },
{ {
"name": "USN-2095-1", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00003.html",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2095-1"
},
{
"name": "http://pastebin.com/raw.php?i=DH3Lbg54",
"refsource": "MISC", "refsource": "MISC",
"url": "http://pastebin.com/raw.php?i=DH3Lbg54" "name": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00003.html"
}, },
{ {
"name": "https://code.google.com/p/chromium/issues/detail?id=338594", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2def2ef2ae5f3990aabdbe8a755911902707d268",
"refsource": "MISC", "refsource": "MISC",
"url": "https://code.google.com/p/chromium/issues/detail?id=338594" "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2def2ef2ae5f3990aabdbe8a755911902707d268"
}, },
{ {
"name": "USN-2094-1", "url": "http://pastebin.com/raw.php?i=DH3Lbg54",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-2094-1" "name": "http://pastebin.com/raw.php?i=DH3Lbg54"
}, },
{ {
"name": "MDVSA-2014:038", "url": "http://secunia.com/advisories/56669",
"refsource": "MANDRIVA", "refsource": "MISC",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:038" "name": "http://secunia.com/advisories/56669"
}, },
{ {
"name": "56669", "url": "http://www.exploit-db.com/exploits/31346",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/56669" "name": "http://www.exploit-db.com/exploits/31346"
}, },
{ {
"name": "65255", "url": "http://www.exploit-db.com/exploits/31347",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/65255" "name": "http://www.exploit-db.com/exploits/31347"
}, },
{ {
"name": "https://github.com/torvalds/linux/commit/2def2ef2ae5f3990aabdbe8a755911902707d268", "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.2",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/2def2ef2ae5f3990aabdbe8a755911902707d268" "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.2"
}, },
{ {
"name": "40503", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:038",
"refsource": "EXPLOIT-DB", "refsource": "MISC",
"url": "https://www.exploit-db.com/exploits/40503/" "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:038"
}, },
{ {
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.2", "url": "http://www.openwall.com/lists/oss-security/2014/01/31/2",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.2" "name": "http://www.openwall.com/lists/oss-security/2014/01/31/2"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1060023", "url": "http://www.securityfocus.com/bid/65255",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060023" "name": "http://www.securityfocus.com/bid/65255"
}, },
{ {
"name": "openSUSE-SU-2014:0204", "url": "http://www.ubuntu.com/usn/USN-2094-1",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00002.html" "name": "http://www.ubuntu.com/usn/USN-2094-1"
}, },
{ {
"name": "31347", "url": "http://www.ubuntu.com/usn/USN-2095-1",
"refsource": "EXPLOIT-DB", "refsource": "MISC",
"url": "http://www.exploit-db.com/exploits/31347" "name": "http://www.ubuntu.com/usn/USN-2095-1"
}, },
{ {
"name": "openSUSE-SU-2014:0205", "url": "http://www.ubuntu.com/usn/USN-2096-1",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00003.html" "name": "http://www.ubuntu.com/usn/USN-2096-1"
}, },
{ {
"name": "31346", "url": "https://code.google.com/p/chromium/issues/detail?id=338594",
"refsource": "EXPLOIT-DB", "refsource": "MISC",
"url": "http://www.exploit-db.com/exploits/31346" "name": "https://code.google.com/p/chromium/issues/detail?id=338594"
}, },
{ {
"name": "[oss-security] 20140131 Linux 3.4+: arbitrary write with CONFIG_X86_X32 (CVE-2014-0038)", "url": "https://github.com/saelo/cve-2014-0038",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2014/01/31/2" "name": "https://github.com/saelo/cve-2014-0038"
},
{
"url": "https://github.com/torvalds/linux/commit/2def2ef2ae5f3990aabdbe8a755911902707d268",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/2def2ef2ae5f3990aabdbe8a755911902707d268"
},
{
"url": "https://www.exploit-db.com/exploits/40503/",
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/40503/"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1060023",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1060023"
} }
] ]
} }

73
2014/0xxx/CVE-2014-0047.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0047", "ID": "CVE-2014-0047",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,22 +27,46 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "73315", "url": "http://www.openwall.com/lists/oss-security/2015/03/24/23",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/73315" "name": "http://www.openwall.com/lists/oss-security/2015/03/24/23"
}, },
{ {
"name": "[oss-security] 20150324 Re: 2 moderate (borderline low) docker flaws fixed in >=1.5 and possibly earlier", "url": "http://www.securityfocus.com/bid/73315",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2015/03/24/23" "name": "http://www.securityfocus.com/bid/73315"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1063549", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1063549",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1063549" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1063549"
} }
] ]
} }

97
2014/0xxx/CVE-2014-0048.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0048", "ID": "CVE-2014-0048",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "docker.io",
"product": {
"product_data": [
{
"product_name": "docker.io",
"version": {
"version_data": [
{
"version_value": "before 1.6.0"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,12 +27,51 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "docker.io",
"product": {
"product_data": [
{
"product_name": "docker.io",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "before 1.6.0"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://security-tracker.debian.org/tracker/CVE-2014-0048", "url": "http://www.openwall.com/lists/oss-security/2015/03/24/18",
"refsource": "MISC", "refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2014-0048" "name": "http://www.openwall.com/lists/oss-security/2015/03/24/18"
},
{
"url": "http://www.openwall.com/lists/oss-security/2015/03/24/22",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/03/24/22"
},
{
"url": "http://www.openwall.com/lists/oss-security/2015/03/24/23",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/03/24/23"
},
{
"url": "https://access.redhat.com/security/cve/cve-2014-0048",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2014-0048"
}, },
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0048", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0048",
@ -68,29 +84,14 @@
"name": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2014-0048" "name": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2014-0048"
}, },
{ {
"url": "https://access.redhat.com/security/cve/cve-2014-0048", "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E",
"refsource": "MISC", "refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2014-0048" "name": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E"
}, },
{ {
"url": "http://www.openwall.com/lists/oss-security/2015/03/24/23", "url": "https://security-tracker.debian.org/tracker/CVE-2014-0048",
"refsource": "MISC", "refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/03/24/23" "name": "https://security-tracker.debian.org/tracker/CVE-2014-0048"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/03/24/18",
"url": "http://www.openwall.com/lists/oss-security/2015/03/24/18"
},
{
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/03/24/22",
"url": "http://www.openwall.com/lists/oss-security/2015/03/24/22"
},
{
"refsource": "MLIST",
"name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12",
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E"
} }
] ]
} }

85
2014/0xxx/CVE-2014-0049.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0049", "ID": "CVE-2014-0049",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,32 +27,56 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.6", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a08d3b3b99efd509133946056531cdf8f3a0c09b",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.6" "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a08d3b3b99efd509133946056531cdf8f3a0c09b"
}, },
{ {
"name": "[oss-security] 20140303 CVE-2014-0049 -- Linux kernel: kvm: mmio_fragments out-of-the-bounds access", "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.6",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2014/03/03/1" "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.6"
}, },
{ {
"name": "https://github.com/torvalds/linux/commit/a08d3b3b99efd509133946056531cdf8f3a0c09b", "url": "http://www.openwall.com/lists/oss-security/2014/03/03/1",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/a08d3b3b99efd509133946056531cdf8f3a0c09b" "name": "http://www.openwall.com/lists/oss-security/2014/03/03/1"
}, },
{ {
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a08d3b3b99efd509133946056531cdf8f3a0c09b", "url": "https://github.com/torvalds/linux/commit/a08d3b3b99efd509133946056531cdf8f3a0c09b",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a08d3b3b99efd509133946056531cdf8f3a0c09b" "name": "https://github.com/torvalds/linux/commit/a08d3b3b99efd509133946056531cdf8f3a0c09b"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1062368", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1062368",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1062368" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1062368"
} }
] ]
} }

84
2014/0xxx/CVE-2014-0057.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "CVE-2014-0057 CFME: Dangerous send in ServiceController" "value": "The x_button method in the ServiceController (vmdb/app/controllers/service_controller.rb) in Red Hat CloudForms 3.0 Management Engine 5.2 allows remote attackers to execute arbitrary methods via unspecified vectors."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')", "value": "n/a"
"cweId": "CWE-470"
} }
] ]
} }
@ -32,52 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "CloudForms Management Engine 5.x", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "0:5.2.2.3-1.el6cf", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
},
{
"version_value": "0:1.9.3.448-40.1.el6",
"version_affected": "!"
},
{
"version_value": "1:3.2.13-5.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.9.2-3.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.0.7-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.31.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.19.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:0.7.0-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.1.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "0:1.5.6-3.el6cf",
"version_affected": "!"
} }
] ]
} }
@ -90,11 +53,6 @@
}, },
"references": { "references": {
"reference_data": [ "reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2014:0215",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0215"
},
{ {
"url": "http://rhn.redhat.com/errata/RHSA-2014-0215.html", "url": "http://rhn.redhat.com/errata/RHSA-2014-0215.html",
"refsource": "MISC", "refsource": "MISC",
@ -105,41 +63,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://secunia.com/advisories/57376" "name": "http://secunia.com/advisories/57376"
}, },
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0057",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0057"
},
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064140", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064140",
"refsource": "MISC", "refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1064140" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1064140"
} }
] ]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
]
} }
} }

79
2014/0xxx/CVE-2014-0058.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0058", "ID": "CVE-2014-0058",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,27 +27,51 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "RHSA-2014:0204", "url": "http://rhn.redhat.com/errata/RHSA-2015-0034.html",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0204.html" "name": "http://rhn.redhat.com/errata/RHSA-2015-0034.html"
}, },
{ {
"name": "RHSA-2015:0034", "url": "http://rhn.redhat.com/errata/RHSA-2014-0204.html",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0034.html" "name": "http://rhn.redhat.com/errata/RHSA-2014-0204.html"
}, },
{ {
"name": "RHSA-2014:0205", "url": "http://rhn.redhat.com/errata/RHSA-2014-0205.html",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0205.html" "name": "http://rhn.redhat.com/errata/RHSA-2014-0205.html"
}, },
{ {
"name": "65762", "url": "http://www.securityfocus.com/bid/65762",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/65762" "name": "http://www.securityfocus.com/bid/65762"
} }
] ]
} }

91
2014/0xxx/CVE-2014-0059.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0059", "ID": "CVE-2014-0059",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,37 +27,61 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "RHSA-2014:0565", "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0565.html" "name": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
}, },
{ {
"name": "RHSA-2015:0675", "url": "http://rhn.redhat.com/errata/RHSA-2015-0850.html",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html" "name": "http://rhn.redhat.com/errata/RHSA-2015-0850.html"
}, },
{ {
"name": "RHSA-2015:0850", "url": "http://rhn.redhat.com/errata/RHSA-2015-0851.html",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0850.html" "name": "http://rhn.redhat.com/errata/RHSA-2015-0851.html"
}, },
{ {
"name": "RHSA-2014:0563", "url": "http://rhn.redhat.com/errata/RHSA-2014-0563.html",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0563.html" "name": "http://rhn.redhat.com/errata/RHSA-2014-0563.html"
}, },
{ {
"name": "RHSA-2015:0851", "url": "http://rhn.redhat.com/errata/RHSA-2014-0564.html",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0851.html" "name": "http://rhn.redhat.com/errata/RHSA-2014-0564.html"
}, },
{ {
"name": "RHSA-2014:0564", "url": "http://rhn.redhat.com/errata/RHSA-2014-0565.html",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0564.html" "name": "http://rhn.redhat.com/errata/RHSA-2014-0565.html"
} }
] ]
} }

121
2014/0xxx/CVE-2014-0067.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0067", "ID": "CVE-2014-0067",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,62 +27,86 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "http://wiki.postgresql.org/wiki/20140220securityrelease", "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://wiki.postgresql.org/wiki/20140220securityrelease" "name": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
}, },
{ {
"name": "DSA-2864", "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html",
"refsource": "DEBIAN", "refsource": "MISC",
"url": "http://www.debian.org/security/2014/dsa-2864" "name": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"
}, },
{ {
"name": "http://www.postgresql.org/about/news/1506/", "url": "https://support.apple.com/HT205219",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.postgresql.org/about/news/1506/" "name": "https://support.apple.com/HT205219"
}, },
{ {
"name": "APPLE-SA-2015-08-13-2", "url": "https://support.apple.com/kb/HT205031",
"refsource": "APPLE", "refsource": "MISC",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" "name": "https://support.apple.com/kb/HT205031"
}, },
{ {
"name": "DSA-2865", "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html",
"refsource": "DEBIAN", "refsource": "MISC",
"url": "http://www.debian.org/security/2014/dsa-2865" "name": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html"
}, },
{ {
"name": "openSUSE-SU-2014:0345", "url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html" "name": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html"
}, },
{ {
"name": "65721", "url": "http://wiki.postgresql.org/wiki/20140220securityrelease",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/65721" "name": "http://wiki.postgresql.org/wiki/20140220securityrelease"
}, },
{ {
"name": "https://support.apple.com/kb/HT205031", "url": "http://www.debian.org/security/2014/dsa-2864",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://support.apple.com/kb/HT205031" "name": "http://www.debian.org/security/2014/dsa-2864"
}, },
{ {
"name": "APPLE-SA-2015-09-16-4", "url": "http://www.debian.org/security/2014/dsa-2865",
"refsource": "APPLE", "refsource": "MISC",
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html" "name": "http://www.debian.org/security/2014/dsa-2865"
}, },
{ {
"name": "openSUSE-SU-2014:0368", "url": "http://www.postgresql.org/about/news/1506/",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html" "name": "http://www.postgresql.org/about/news/1506/"
}, },
{ {
"name": "https://support.apple.com/HT205219", "url": "http://www.securityfocus.com/bid/65721",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://support.apple.com/HT205219" "name": "http://www.securityfocus.com/bid/65721"
} }
] ]
} }

48
2014/0xxx/CVE-2014-0068.json
View File

@ -1,12 +1,33 @@
{ {
"data_version": "4.0",
"data_type": "CVE", "data_type": "CVE",
"data_format": "MITRE", "data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2014-0068", "ID": "CVE-2014-0068",
"ASSIGNER": "secalert@redhat.com", "ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was reported that watchman in openshift node-utils creates /var/run/watchman.pid and /var/log/watchman.ouput with world writable permission."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-732",
"cweId": "CWE-732"
}
]
}
]
},
"affects": { "affects": {
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
@ -19,6 +40,7 @@
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "=",
"version_value": "openshift node-util as shipped in Openshift Enterprise 1.x and 2.x" "version_value": "openshift node-util as shipped in Openshift Enterprise 1.x and 2.x"
} }
] ]
@ -30,32 +52,12 @@
] ]
} }
}, },
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-732"
}
]
}
]
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064100",
"refsource": "MISC", "refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1064100", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1064100"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064100"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was reported that watchman in openshift node-utils creates /var/run/watchman.pid and /var/log/watchman.ouput with world writable permission."
} }
] ]
} }

103
2014/0xxx/CVE-2014-0069.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0069", "ID": "CVE-2014-0069",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,47 +27,71 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "[linux-cifs] 20140214 [PATCH] cifs: ensure that uncached writes handle unmapped areas correctly", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://article.gmane.org/gmane.linux.kernel.cifs/9401" "name": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html"
}, },
{ {
"name": "65588", "url": "http://rhn.redhat.com/errata/RHSA-2014-0328.html",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/65588" "name": "http://rhn.redhat.com/errata/RHSA-2014-0328.html"
}, },
{ {
"name": "https://github.com/torvalds/linux/commit/5d81de8e8667da7135d3a32a964087c0faf5483f", "url": "http://article.gmane.org/gmane.linux.kernel.cifs/9401",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/5d81de8e8667da7135d3a32a964087c0faf5483f" "name": "http://article.gmane.org/gmane.linux.kernel.cifs/9401"
}, },
{ {
"name": "RHSA-2014:0328", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5d81de8e8667da7135d3a32a964087c0faf5483f",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0328.html" "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5d81de8e8667da7135d3a32a964087c0faf5483f"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1064253", "url": "http://www.openwall.com/lists/oss-security/2014/02/17/4",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064253" "name": "http://www.openwall.com/lists/oss-security/2014/02/17/4"
}, },
{ {
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5d81de8e8667da7135d3a32a964087c0faf5483f", "url": "http://www.securityfocus.com/bid/65588",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5d81de8e8667da7135d3a32a964087c0faf5483f" "name": "http://www.securityfocus.com/bid/65588"
}, },
{ {
"name": "[oss-security] 20140217 CVE-2014-0069 -- kernel: cifs: incorrect handling of bogus user pointers during uncached writes", "url": "https://github.com/torvalds/linux/commit/5d81de8e8667da7135d3a32a964087c0faf5483f",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2014/02/17/4" "name": "https://github.com/torvalds/linux/commit/5d81de8e8667da7135d3a32a964087c0faf5483f"
}, },
{ {
"name": "SUSE-SU-2014:0459", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064253",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00026.html" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1064253"
} }
] ]
} }

97
2014/0xxx/CVE-2014-0077.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0077", "ID": "CVE-2014-0077",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,42 +27,66 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "66678", "url": "http://secunia.com/advisories/59386",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/66678" "name": "http://secunia.com/advisories/59386"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1064440", "url": "http://secunia.com/advisories/59599",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064440" "name": "http://secunia.com/advisories/59599"
}, },
{ {
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.10", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d8316f3991d207fe32881a9ac20241be8fa2bad0",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.10" "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d8316f3991d207fe32881a9ac20241be8fa2bad0"
}, },
{ {
"name": "https://github.com/torvalds/linux/commit/d8316f3991d207fe32881a9ac20241be8fa2bad0", "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.10",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/d8316f3991d207fe32881a9ac20241be8fa2bad0" "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.10"
}, },
{ {
"name": "59386", "url": "http://www.securityfocus.com/bid/66678",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/59386" "name": "http://www.securityfocus.com/bid/66678"
}, },
{ {
"name": "59599", "url": "https://github.com/torvalds/linux/commit/d8316f3991d207fe32881a9ac20241be8fa2bad0",
"refsource": "SECUNIA", "refsource": "MISC",
"url": "http://secunia.com/advisories/59599" "name": "https://github.com/torvalds/linux/commit/d8316f3991d207fe32881a9ac20241be8fa2bad0"
}, },
{ {
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d8316f3991d207fe32881a9ac20241be8fa2bad0", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064440",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=d8316f3991d207fe32881a9ac20241be8fa2bad0" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1064440"
} }
] ]
} }

60
2014/0xxx/CVE-2014-0078.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "CVE-2014-0078 CFME: multiple authorization bypass vulnerabilities in CatalogController" "value": "The CatalogController in Red Hat CloudForms Management Engine (CFME) before 5.2.3.2 allows remote authenticated users to delete arbitrary catalogs via vectors involving guessing the catalog ID."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Missing Authorization", "value": "n/a"
"cweId": "CWE-862"
} }
] ]
} }
@ -32,28 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "CloudForms Management Engine 5.x", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "0:5.2.3.2-1.el6cf", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
},
{
"version_value": "0:9.2.7-1.1.el6",
"version_affected": "!"
},
{
"version_value": "0:9.0r2-4.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.2.13-6.el6cf",
"version_affected": "!"
} }
] ]
} }
@ -71,46 +58,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0469.html" "name": "http://rhn.redhat.com/errata/RHSA-2014-0469.html"
}, },
{
"url": "https://access.redhat.com/errata/RHSA-2014:0469",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0469"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0078",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0078"
},
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064556", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064556",
"refsource": "MISC", "refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1064556" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1064556"
} }
] ]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
}
]
} }
} }

67
2014/0xxx/CVE-2014-0079.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0079", "ID": "CVE-2014-0079",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,17 +27,41 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "MDVSA-2014:044", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:044",
"refsource": "MANDRIVA", "refsource": "MISC",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:044" "name": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:044"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1059903", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1059903",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1059903" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1059903"
} }
] ]
} }

97
2014/9xxx/CVE-2014-9420.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "It was found that the Linux kernel's ISO file system implementation did not correctly limit the traversal of Rock Ridge extension Continuation Entries (CE). An attacker with physical access to the system could use this flaw to trigger an infinite loop in the kernel, resulting in a denial of service." "value": "The rock_continue function in fs/isofs/rock.c in the Linux kernel through 3.18.1 does not restrict the number of Rock Ridge continuation entries, which allows local users to cause a denial of service (infinite loop, and system crash or hang) via a crafted iso9660 image."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Loop with Unreachable Exit Condition ('Infinite Loop')", "value": "n/a"
"cweId": "CWE-835"
} }
] ]
} }
@ -32,42 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Red Hat Enterprise Linux 6", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "0:2.6.32-504.23.4.el6", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:3.10.0-229.7.2.rt56.141.6.el7_1",
"version_affected": "!"
},
{
"version_value": "0:3.10.0-229.7.2.ael7b",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise MRG 2",
"version": {
"version_data": [
{
"version_value": "1:3.10.0-229.rt56.153.el6rt",
"version_affected": "!"
} }
] ]
} }
@ -195,36 +168,6 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/12/25/4" "name": "http://www.openwall.com/lists/oss-security/2014/12/25/4"
}, },
{
"url": "https://access.redhat.com/errata/RHSA-2015:1081",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1081"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1137",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1137"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1138",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1138"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1139",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1139"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-9420",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-9420"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1175235",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1175235"
},
{ {
"url": "https://github.com/torvalds/linux/commit/f54e18f1b831c92f6512d2eedb224cd63d607d3d", "url": "https://github.com/torvalds/linux/commit/f54e18f1b831c92f6512d2eedb224cd63d607d3d",
"refsource": "MISC", "refsource": "MISC",
@ -234,31 +177,11 @@
"url": "https://source.android.com/security/bulletin/2017-01-01.html", "url": "https://source.android.com/security/bulletin/2017-01-01.html",
"refsource": "MISC", "refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2017-01-01.html" "name": "https://source.android.com/security/bulletin/2017-01-01.html"
} },
]
},
"impact": {
"cvss": [
{ {
"accessComplexity": "MEDIUM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1175235",
"accessVector": "LOCAL", "refsource": "MISC",
"authentication": "NONE", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1175235"
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.7,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
} }
] ]
} }

97
2014/9xxx/CVE-2014-9710.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-9710", "ID": "CVE-2014-9710",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,42 +27,66 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5f5bc6b1e2d5a6f827bc860ef2dc5b6f365d1339", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=5f5bc6b1e2d5a6f827bc860ef2dc5b6f365d1339" "name": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html"
}, },
{ {
"name": "SUSE-SU-2015:1489", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5f5bc6b1e2d5a6f827bc860ef2dc5b6f365d1339",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html" "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=5f5bc6b1e2d5a6f827bc860ef2dc5b6f365d1339"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1205079", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205079" "name": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html"
}, },
{ {
"name": "1032418", "url": "http://www.openwall.com/lists/oss-security/2015/03/24/11",
"refsource": "SECTRACK", "refsource": "MISC",
"url": "http://www.securitytracker.com/id/1032418" "name": "http://www.openwall.com/lists/oss-security/2015/03/24/11"
}, },
{ {
"name": "[oss-security] 20150324 CVE request Linux kernel: fs: btrfs: non-atomic xattr replace operation", "url": "http://www.securitytracker.com/id/1032418",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2015/03/24/11" "name": "http://www.securitytracker.com/id/1032418"
}, },
{ {
"name": "SUSE-SU-2015:1224", "url": "https://github.com/torvalds/linux/commit/5f5bc6b1e2d5a6f827bc860ef2dc5b6f365d1339",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html" "name": "https://github.com/torvalds/linux/commit/5f5bc6b1e2d5a6f827bc860ef2dc5b6f365d1339"
}, },
{ {
"name": "https://github.com/torvalds/linux/commit/5f5bc6b1e2d5a6f827bc860ef2dc5b6f365d1339", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205079",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/5f5bc6b1e2d5a6f827bc860ef2dc5b6f365d1339" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1205079"
} }
] ]
} }

121
2014/9xxx/CVE-2014-9730.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-9730", "ID": "CVE-2014-9730",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,62 +27,86 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "[oss-security] 20150602 CVE request Linux kernel: fs: udf heap overflow in __udf_adinicb_readpage", "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2015/06/02/7" "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2"
}, },
{ {
"name": "https://github.com/torvalds/linux/commit/e237ec37ec154564f8690c5bd1795339955eeef9", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/e237ec37ec154564f8690c5bd1795339955eeef9" "name": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html"
}, },
{ {
"name": "SUSE-SU-2015:1611", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e237ec37ec154564f8690c5bd1795339955eeef9",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html" "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e237ec37ec154564f8690c5bd1795339955eeef9"
}, },
{ {
"name": "SUSE-SU-2015:1324", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html" "name": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1228229", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1228229" "name": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
}, },
{ {
"name": "74964", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/74964" "name": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html"
}, },
{ {
"name": "openSUSE-SU-2015:1382", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html" "name": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html"
}, },
{ {
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e237ec37ec154564f8690c5bd1795339955eeef9", "url": "http://www.openwall.com/lists/oss-security/2015/06/02/7",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e237ec37ec154564f8690c5bd1795339955eeef9" "name": "http://www.openwall.com/lists/oss-security/2015/06/02/7"
}, },
{ {
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2", "url": "http://www.securityfocus.com/bid/74964",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2" "name": "http://www.securityfocus.com/bid/74964"
}, },
{ {
"name": "SUSE-SU-2015:1224", "url": "https://github.com/torvalds/linux/commit/e237ec37ec154564f8690c5bd1795339955eeef9",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html" "name": "https://github.com/torvalds/linux/commit/e237ec37ec154564f8690c5bd1795339955eeef9"
}, },
{ {
"name": "SUSE-SU-2015:1592", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1228229",
"refsource": "SUSE", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1228229"
} }
] ]
} }

91
2015/5xxx/CVE-2015-5225.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "A heap-based buffer overflow issue was found in the QEMU emulator's VNC display driver. It could occur while refreshing the VNC server's display surface using the vnc_refresh_server_surface() routine. A privileged guest user could use this flaw to corrupt the heap memory and crash the QEMU process instance, or to potentially use it to execute arbitrary code on the host." "value": "Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service (heap memory corruption and process crash) or possibly execute arbitrary code on the host via unspecified vectors, related to refreshing the server display surface."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Heap-based Buffer Overflow", "value": "n/a"
"cweId": "CWE-122"
} }
] ]
} }
@ -32,49 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "10:2.1.2-23.el7_1.9", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "10:2.1.2-23.el7_1.9",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "10:2.1.2-23.el7_1.9",
"version_affected": "!"
}
]
}
},
{
"product_name": "RHEV 3.X Hypervisor and Agents for RHEL-7",
"version": {
"version_data": [
{
"version_value": "10:2.1.2-23.el7_1.9",
"version_affected": "!"
} }
] ]
} }
@ -137,26 +103,6 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://www.securitytracker.com/id/1033547" "name": "http://www.securitytracker.com/id/1033547"
}, },
{
"url": "https://access.redhat.com/errata/RHSA-2015:1772",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1772"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1837",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1837"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5225",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5225"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1255896",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1255896"
},
{ {
"url": "https://lists.gnu.org/archive/html/qemu-devel/2015-08/msg02495.html", "url": "https://lists.gnu.org/archive/html/qemu-devel/2015-08/msg02495.html",
"refsource": "MISC", "refsource": "MISC",
@ -168,30 +114,5 @@
"name": "https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg05832.html" "name": "https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg05832.html"
} }
] ]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
]
} }
} }

97
2015/5xxx/CVE-2015-5229.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5229", "ID": "CVE-2015-5229",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,42 +27,66 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1246713", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1246713" "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
}, },
{ {
"name": "84172", "url": "http://rhn.redhat.com/errata/RHSA-2016-0176.html",
"refsource": "BID", "refsource": "MISC",
"url": "http://www.securityfocus.com/bid/84172" "name": "http://rhn.redhat.com/errata/RHSA-2016-0176.html"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1256285", "url": "http://www.securityfocus.com/bid/84172",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1256285" "name": "http://www.securityfocus.com/bid/84172"
}, },
{ {
"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1246713",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1246713"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1293976", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1293976",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1293976" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1293976"
}, },
{ {
"name": "RHSA-2016:0176", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10150",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0176.html" "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10150"
}, },
{ {
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10150", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1256285",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10150" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1256285"
} }
] ]
} }

85
2015/5xxx/CVE-2015-5232.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5232", "ID": "CVE-2015-5232",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,32 +27,56 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "https://github.com/01org/opa-fm/commit/5f4087aabb5d03c42738b320af0fc60e9df4d1f7", "url": "http://www.openwall.com/lists/oss-security/2015/09/22/17",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://github.com/01org/opa-fm/commit/5f4087aabb5d03c42738b320af0fc60e9df4d1f7" "name": "http://www.openwall.com/lists/oss-security/2015/09/22/17"
}, },
{ {
"name": "[oss-security] 20150922 CVE-2015-5232: various /tmp races in opa-fm, opa-ff", "url": "https://github.com/01org/opa-ff/commit/080ab97461d80a01636f77ba6aecc667c3c0087c",
"refsource": "MLIST", "refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2015/09/22/17" "name": "https://github.com/01org/opa-ff/commit/080ab97461d80a01636f77ba6aecc667c3c0087c"
}, },
{ {
"name": "https://github.com/01org/opa-ff/commit/080ab97461d80a01636f77ba6aecc667c3c0087c", "url": "https://github.com/01org/opa-fm/commit/5f4087aabb5d03c42738b320af0fc60e9df4d1f7",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://github.com/01org/opa-ff/commit/080ab97461d80a01636f77ba6aecc667c3c0087c" "name": "https://github.com/01org/opa-fm/commit/5f4087aabb5d03c42738b320af0fc60e9df4d1f7"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1257098", "url": "https://github.com/01org/opa-fm/commit/c5759e7b76f5bf844be6c6641cc1b356bbc83869",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1257098" "name": "https://github.com/01org/opa-fm/commit/c5759e7b76f5bf844be6c6641cc1b356bbc83869"
}, },
{ {
"name": "https://github.com/01org/opa-fm/commit/c5759e7b76f5bf844be6c6641cc1b356bbc83869", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1257098",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://github.com/01org/opa-fm/commit/c5759e7b76f5bf844be6c6641cc1b356bbc83869" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1257098"
} }
] ]
} }

120
2015/5xxx/CVE-2015-5233.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "A flaw was discovered where Satellite failed to properly enforce permissions on the show and delete actions for reports. An authenticated user with show or delete report permissions could use this flaw to view or delete any reports held in Foreman." "value": "Foreman before 1.8.4 and 1.9.x before 1.9.1 do not properly apply view_hosts permissions, which allows (1) remote authenticated users with the view_reports permission to read reports from arbitrary hosts or (2) remote authenticated users with the destroy_reports permission to delete reports from arbitrary hosts via direct access to the (a) individual report show/delete pages or (b) APIs."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Improper Access Control", "value": "n/a"
"cweId": "CWE-284"
} }
] ]
} }
@ -32,88 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Red Hat Satellite 6.1", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "0:1.7.2.49-1.el7sat", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
},
{
"version_value": "0:3.0.5-3",
"version_affected": "!"
},
{
"version_value": "0:1.7.2.7-1.el6",
"version_affected": "!"
},
{
"version_value": "0:2.6.8-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:2.2.6-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:2.3.22-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.3.4-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.30-7.el7",
"version_affected": "!"
},
{
"version_value": "0:0.4-11.el7",
"version_affected": "!"
},
{
"version_value": "0:0.9-11.el6",
"version_affected": "!"
},
{
"version_value": "0:4.0.2.14-1.el6_6sat",
"version_affected": "!"
},
{
"version_value": "0:2.0.0.23-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.2.4-1.el6_6sat",
"version_affected": "!"
},
{
"version_value": "0:2.2.0.77-1.el6_6sat",
"version_affected": "!"
},
{
"version_value": "0:0.0.6-1.el6_6sat",
"version_affected": "!"
},
{
"version_value": "0:0.0.3.10-1.el6",
"version_affected": "!"
},
{
"version_value": "0:0.9.6-1.el6",
"version_affected": "!"
},
{
"version_value": "0:1.0.3-2.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.0.5-3.el6",
"version_affected": "!"
} }
] ]
} }
@ -140,41 +67,6 @@
"url": "https://access.redhat.com/errata/RHSA-2015:2622", "url": "https://access.redhat.com/errata/RHSA-2015:2622",
"refsource": "MISC", "refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2622" "name": "https://access.redhat.com/errata/RHSA-2015:2622"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5233",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5233"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1262443",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1262443"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P",
"version": "2.0"
} }
] ]
} }

51
2015/5xxx/CVE-2015-5239.json
View File

@ -1,12 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5239", "ID": "CVE-2015-5239",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -39,6 +39,7 @@
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "=",
"version_value": "before 2.1.0" "version_value": "before 2.1.0"
} }
] ]
@ -53,54 +54,54 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html",
"refsource": "MISC", "refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00026.html", "name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00026.html"
}, },
{ {
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html",
"refsource": "MISC", "refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html", "name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html"
}, },
{ {
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html",
"refsource": "MISC", "refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html", "name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html"
}, },
{ {
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00026.html",
"refsource": "MISC", "refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html", "name": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00026.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html"
}, },
{ {
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00005.html",
"refsource": "MISC", "refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00005.html", "name": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00005.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00005.html"
}, },
{ {
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00011.html",
"refsource": "MISC", "refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00011.html", "name": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00011.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00011.html"
}, },
{ {
"url": "http://www.openwall.com/lists/oss-security/2015/09/02/7",
"refsource": "MISC", "refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2745-1", "name": "http://www.openwall.com/lists/oss-security/2015/09/02/7"
"url": "http://www.ubuntu.com/usn/USN-2745-1"
}, },
{ {
"url": "http://www.ubuntu.com/usn/USN-2745-1",
"refsource": "MISC", "refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/09/02/7", "name": "http://www.ubuntu.com/usn/USN-2745-1"
"url": "http://www.openwall.com/lists/oss-security/2015/09/02/7"
}, },
{ {
"refsource": "CONFIRM", "url": "https://github.com/qemu/qemu/commit/f9a70e79391f6d7c2a912d785239ee8effc1922d",
"name": "https://github.com/qemu/qemu/commit/f9a70e79391f6d7c2a912d785239ee8effc1922d", "refsource": "MISC",
"url": "https://github.com/qemu/qemu/commit/f9a70e79391f6d7c2a912d785239ee8effc1922d" "name": "https://github.com/qemu/qemu/commit/f9a70e79391f6d7c2a912d785239ee8effc1922d"
}, },
{ {
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14", "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14"
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1188-security-advisory-14"
} }
] ]
} }

89
2015/5xxx/CVE-2015-5240.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "A race-condition flaw leading to ACL bypass was discovered in OpenStack Networking (neutron). An authenticated user could change the owner of a port after it was created but before firewall rules were applied, thus preventing firewall control checks from occurring. All OpenStack Networking deployments that used either the ML2 plug-in or a plug-in that relied on the security groups AMQP API were affected." "value": "Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: before the security group rules are applied."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", "value": "n/a"
"cweId": "CWE-362"
} }
] ]
} }
@ -32,49 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "0:2014.1.5-4.el6ost", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2014.1.5-4.el7ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2014.2.3-19.el7ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2015.1.1-7.el7ost",
"version_affected": "!"
} }
] ]
} }
@ -97,55 +63,20 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/09/08/9" "name": "http://www.openwall.com/lists/oss-security/2015/09/08/9"
}, },
{
"url": "https://access.redhat.com/errata/RHSA-2015:1909",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1909"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5240",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5240"
},
{ {
"url": "https://bugs.launchpad.net/neutron/+bug/1489111", "url": "https://bugs.launchpad.net/neutron/+bug/1489111",
"refsource": "MISC", "refsource": "MISC",
"name": "https://bugs.launchpad.net/neutron/+bug/1489111" "name": "https://bugs.launchpad.net/neutron/+bug/1489111"
}, },
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1258458",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1258458"
},
{ {
"url": "https://security.openstack.org/ossa/OSSA-2015-018.html", "url": "https://security.openstack.org/ossa/OSSA-2015-018.html",
"refsource": "MISC", "refsource": "MISC",
"name": "https://security.openstack.org/ossa/OSSA-2015-018.html" "name": "https://security.openstack.org/ossa/OSSA-2015-018.html"
} },
]
},
"impact": {
"cvss": [
{ {
"accessComplexity": "MEDIUM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1258458",
"accessVector": "NETWORK", "refsource": "MISC",
"authentication": "SINGLE", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1258458"
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.9,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:P",
"version": "2.0"
} }
] ]
} }

79
2015/5xxx/CVE-2015-5242.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5242", "ID": "CVE-2015-5242",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,27 +27,51 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1258743", "url": "http://rhn.redhat.com/errata/RHSA-2015-1918.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1258743" "name": "http://rhn.redhat.com/errata/RHSA-2015-1918.html"
}, },
{ {
"name": "https://review.openstack.org/#/c/237994/", "url": "https://access.redhat.com/solutions/1985893",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://review.openstack.org/#/c/237994/" "name": "https://access.redhat.com/solutions/1985893"
}, },
{ {
"name": "RHSA-2015:1918", "url": "https://review.openstack.org/#/c/237994/",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1918.html" "name": "https://review.openstack.org/#/c/237994/"
}, },
{ {
"name": "https://access.redhat.com/solutions/1985893", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1258743",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://access.redhat.com/solutions/1985893" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1258743"
} }
] ]
} }

79
2015/5xxx/CVE-2015-5244.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5244", "ID": "CVE-2015-5244",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,27 +27,51 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "https://pagure.io/mod_nss/c/34e1ccecb4a7d5054dba2f92b403af9b6ae1e110", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175248.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://pagure.io/mod_nss/c/34e1ccecb4a7d5054dba2f92b403af9b6ae1e110" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175248.html"
}, },
{ {
"name": "FEDORA-2015-c76c1c84cf", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176026.html",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175248.html" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176026.html"
}, },
{ {
"name": "FEDORA-2016-6aa4dd4f3a", "url": "https://pagure.io/mod_nss/c/34e1ccecb4a7d5054dba2f92b403af9b6ae1e110",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176026.html" "name": "https://pagure.io/mod_nss/c/34e1ccecb4a7d5054dba2f92b403af9b6ae1e110"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1259216", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1259216",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1259216" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1259216"
} }
] ]
} }

357
2015/5xxx/CVE-2015-5245.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "A feature in Ceph Object Gateway (RGW) allows to return a specific HTTP header that contains the name of a bucket that was accessed. It was found that the returned HTTP headers were not sanitized. An unauthenticated attacker could use this flaw to craft HTTP headers in responses that would confuse the load balancer residing in front of RGW, potentially resulting in a denial of service." "value": "CRLF injection vulnerability in the Ceph Object Gateway (aka radosgw or RGW) in Ceph before 0.94.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted bucket name."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Improper Input Validation", "value": "n/a"
"cweId": "CWE-20"
} }
] ]
} }
@ -32,320 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Red Hat Ceph Storage 1.3 for Red Hat Enterprise Linux 7", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "0:1.2.4-3.el7cp", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
},
{
"version_value": "0:1.3-11.el7cp",
"version_affected": "!"
},
{
"version_value": "1:0.94.3-3.el7cp",
"version_affected": "!"
},
{
"version_value": "0:1.5.27.3-1.el7cp",
"version_affected": "!"
},
{
"version_value": "0:0.1.1-1.el7cp",
"version_affected": "!"
},
{
"version_value": "1:1.7.6-2.1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.7.2.33-1.el7sat",
"version_affected": "!"
},
{
"version_value": "1:1.7.5-2.el7cp",
"version_affected": "!"
},
{
"version_value": "0:1.7.2.5-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.7.2.13-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.3.1-2.el7",
"version_affected": "!"
},
{
"version_value": "0:20130517-7.1fm.gitc4bce43.el7sat",
"version_affected": "!"
},
{
"version_value": "0:2.4.1-1.el7cp",
"version_affected": "!"
},
{
"version_value": "0:3.6.2-4.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.2.3-1.el7cp",
"version_affected": "!"
},
{
"version_value": "0:0.1.0-1.el7cp",
"version_affected": "!"
},
{
"version_value": "0:1.6.18-5.el7sat",
"version_affected": "!"
},
{
"version_value": "0:2.0.0-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.2.5-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:3.0.0-5.el7sat",
"version_affected": "!"
},
{
"version_value": "0:3.0.0-8.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.3.0-6.el7sat",
"version_affected": "!"
},
{
"version_value": "0:2.0.0-4.el7",
"version_affected": "!"
},
{
"version_value": "0:0.8.0-13.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.4.2-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:4.0.2.13-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:4.0.10.1-1.el7",
"version_affected": "!"
},
{
"version_value": "0:0.10.0-3.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.0.8-3.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.2.7-5.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.3.2-1.el7",
"version_affected": "!"
},
{
"version_value": "0:1.8.2-4.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.3.1-3.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.4.7-8.el7sat",
"version_affected": "!"
},
{
"version_value": "0:4.0.18-19.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.12.2-10.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.0.7-3.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.9.0-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.6.7-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:2.0.1-9.el7sat",
"version_affected": "!"
},
{
"version_value": "0:3.1.1-15.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.2.1-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:2.7.1-2.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.3.3-1.el7",
"version_affected": "!"
},
{
"version_value": "0:4.1.3-7.el7sat",
"version_affected": "!"
},
{
"version_value": "0:2.10.1-3.el7sat",
"version_affected": "!"
},
{
"version_value": "0:2.1.3-6.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.2.0-1.3.el7sat",
"version_affected": "!"
},
{
"version_value": "0:3.0.2-10.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.0.2-6.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.5.0-1.el7",
"version_affected": "!"
},
{
"version_value": "0:1.4.3-3.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.0.11-1.el7",
"version_affected": "!"
},
{
"version_value": "0:1.0.2-12.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.3.0-7.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.6.2-2.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.4.0-3.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.1.2-4.el7sat",
"version_affected": "!"
},
{
"version_value": "0:2.0.5-2.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.6.21-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.6.5.9-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.0.4.4-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.1.3-17.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.8.1-26.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.19-7.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.0.11-8.el7sat",
"version_affected": "!"
},
{
"version_value": "1:1.4.1-13.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.5.0-7.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.9.2.2-41.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.1.2-3.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.10.0-1.el7sat",
"version_affected": "!"
},
{
"version_value": "1:1.3.6-27.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.0.2.1-1.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.3.3-18.el7sat",
"version_affected": "!"
},
{
"version_value": "0:0.6.5-2.el7sat",
"version_affected": "!"
},
{
"version_value": "0:1.4.1-21.el7",
"version_affected": "!"
},
{
"version_value": "0:0.7.9-2.el7rhgs",
"version_affected": "!"
} }
] ]
} }
@ -368,50 +63,10 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://tracker.ceph.com/issues/12537" "name": "http://tracker.ceph.com/issues/12537"
}, },
{
"url": "https://access.redhat.com/errata/RHSA-2015:2066",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2066"
},
{ {
"url": "https://access.redhat.com/errata/RHSA-2015:2512", "url": "https://access.redhat.com/errata/RHSA-2015:2512",
"refsource": "MISC", "refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2512" "name": "https://access.redhat.com/errata/RHSA-2015:2512"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5245",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5245"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1261606",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1261606"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
"version": "2.0"
} }
] ]
} }

47
2015/5xxx/CVE-2015-5250.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "It was found that improper error handling in the API server could cause the master process to crash. A user with network access to the master could use this flaw to crash the master process." "value": "The API server in OpenShift Origin 1.0.5 allows remote attackers to cause a denial of service (master process crash) via crafted JSON data."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Improper Input Validation", "value": "n/a"
"cweId": "CWE-20"
} }
] ]
} }
@ -32,16 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Red Hat OpenShift Enterprise 3.0", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "0:3.0.1.0-1.git.529.dcab62c.el7ose", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
} }
] ]
} }
@ -60,44 +59,14 @@
"name": "https://access.redhat.com/errata/RHSA-2015:1736" "name": "https://access.redhat.com/errata/RHSA-2015:1736"
}, },
{ {
"url": "https://access.redhat.com/security/cve/CVE-2015-5250", "url": "https://github.com/openshift/origin/issues/4374",
"refsource": "MISC", "refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5250" "name": "https://github.com/openshift/origin/issues/4374"
}, },
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1259867", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1259867",
"refsource": "MISC", "refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1259867" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1259867"
},
{
"url": "https://github.com/openshift/origin/issues/4374",
"refsource": "MISC",
"name": "https://github.com/openshift/origin/issues/4374"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
} }
] ]
} }

68
2015/5xxx/CVE-2015-5260.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "A heap-based buffer overflow flaw was found in the way spice handled certain QXL commands related to the \"surface_id\" parameter. A user in a guest could use this flaw to crash the host QEMU-KVM process or, possibly, execute arbitrary code with the privileges of the host QEMU-KVM process." "value": "Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Improper Input Validation", "value": "n/a"
"cweId": "CWE-20"
} }
] ]
} }
@ -32,27 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Red Hat Enterprise Linux 6", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "0:0.12.4-12.el6_7.3", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:0.12.4-9.el7_1.3",
"version_affected": "!"
} }
] ]
} }
@ -106,54 +94,14 @@
"name": "http://www.ubuntu.com/usn/USN-2766-1" "name": "http://www.ubuntu.com/usn/USN-2766-1"
}, },
{ {
"url": "https://access.redhat.com/errata/RHSA-2015:1889", "url": "https://security.gentoo.org/glsa/201606-05",
"refsource": "MISC", "refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1889" "name": "https://security.gentoo.org/glsa/201606-05"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1890",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1890"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5260",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5260"
}, },
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1260822", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1260822",
"refsource": "MISC", "refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1260822" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1260822"
},
{
"url": "https://security.gentoo.org/glsa/201606-05",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201606-05"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
} }
] ]
} }

145
2015/5xxx/CVE-2015-5262.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5262", "ID": "CVE-2015-5262",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,82 +27,106 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" "name": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E"
}, },
{ {
"name": "http://svn.apache.org/viewvc?view=revision&revision=1626784", "url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "http://svn.apache.org/viewvc?view=revision&revision=1626784" "name": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E"
}, },
{ {
"name": "https://jenkins.io/security/advisory/2018-02-26/", "url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://jenkins.io/security/advisory/2018-02-26/" "name": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1261538", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1261538" "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
}, },
{ {
"name": "FEDORA-2015-15590", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167962.html",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167962.html" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167962.html"
}, },
{ {
"name": "FEDORA-2015-15589", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167999.html",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167999.html" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/167999.html"
}, },
{ {
"name": "https://issues.apache.org/jira/browse/HTTPCLIENT-1478", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168030.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://issues.apache.org/jira/browse/HTTPCLIENT-1478" "name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168030.html"
}, },
{ {
"name": "FEDORA-2015-15588", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00032.html",
"refsource": "FEDORA", "refsource": "MISC",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168030.html" "name": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00032.html"
}, },
{ {
"name": "1033743", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00033.html",
"refsource": "SECTRACK", "refsource": "MISC",
"url": "http://www.securitytracker.com/id/1033743" "name": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00033.html"
}, },
{ {
"name": "USN-2769-1", "url": "http://svn.apache.org/viewvc?view=revision&revision=1626784",
"refsource": "UBUNTU", "refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-2769-1" "name": "http://svn.apache.org/viewvc?view=revision&revision=1626784"
}, },
{ {
"refsource": "MLIST", "url": "http://www.securitytracker.com/id/1033743",
"name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities", "refsource": "MISC",
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E" "name": "http://www.securitytracker.com/id/1033743"
}, },
{ {
"refsource": "MLIST", "url": "http://www.ubuntu.com/usn/USN-2769-1",
"name": "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", "refsource": "MISC",
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E" "name": "http://www.ubuntu.com/usn/USN-2769-1"
}, },
{ {
"refsource": "MLIST", "url": "https://issues.apache.org/jira/browse/HTTPCLIENT-1478",
"name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities", "refsource": "MISC",
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E" "name": "https://issues.apache.org/jira/browse/HTTPCLIENT-1478"
}, },
{ {
"refsource": "SUSE", "url": "https://jenkins.io/security/advisory/2018-02-26/",
"name": "openSUSE-SU-2020:1873", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00032.html" "name": "https://jenkins.io/security/advisory/2018-02-26/"
}, },
{ {
"refsource": "SUSE", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1261538",
"name": "openSUSE-SU-2020:1875", "refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00033.html" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1261538"
} }
] ]
} }

56
2015/5xxx/CVE-2015-5273.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "It was found that the ABRT debug information installer (abrt-action-install-debuginfo-to-abrt-cache) did not use temporary directories in a secure way. A local attacker could use the flaw to create symbolic links and files at arbitrary locations as the abrt user." "value": "The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users to write to arbitrary files via a symlink attack on unpacked.cpio in a pre-created directory with a predictable name in /var/tmp."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Insecure Temporary File", "value": "n/a"
"cweId": "CWE-377"
} }
] ]
} }
@ -32,20 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Red Hat Enterprise Linux 7", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "0:2.1.11-35.el7", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
},
{
"version_value": "0:2.1.11-31.el7",
"version_affected": "!"
} }
] ]
} }
@ -84,49 +79,14 @@
"name": "http://www.securityfocus.com/bid/78113" "name": "http://www.securityfocus.com/bid/78113"
}, },
{ {
"url": "https://access.redhat.com/errata/RHSA-2015:2505", "url": "https://github.com/abrt/abrt/commit/50ee8130fb4cd4ef1af7682a2c85dd99cb99424e",
"refsource": "MISC", "refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2505" "name": "https://github.com/abrt/abrt/commit/50ee8130fb4cd4ef1af7682a2c85dd99cb99424e"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5273",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5273"
}, },
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1262252", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1262252",
"refsource": "MISC", "refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1262252" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1262252"
},
{
"url": "https://github.com/abrt/abrt/commit/50ee8130fb4cd4ef1af7682a2c85dd99cb99424e",
"refsource": "MISC",
"name": "https://github.com/abrt/abrt/commit/50ee8130fb4cd4ef1af7682a2c85dd99cb99424e"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
} }
] ]
} }

53
2015/5xxx/CVE-2015-5274.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "A command injection flaw was found in the OpenShift Origin Management Console. A remote, authenticated user permitted to send requests to the Broker could use this flaw to execute arbitrary commands with elevated privileges on the Red Hat OpenShift server." "value": "rubygem-openshift-origin-console in Red Hat OpenShift 2.2 allows remote authenticated users to execute arbitrary commands via a crafted request to the Broker."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Improper Input Validation", "value": "n/a"
"cweId": "CWE-20"
} }
] ]
} }
@ -32,16 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Red Hat OpenShift Enterprise 2.2", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "0:1.34.1.3-1.el6op", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
} }
] ]
} }
@ -58,46 +57,6 @@
"url": "http://rhn.redhat.com/errata/RHSA-2015-1808.html", "url": "http://rhn.redhat.com/errata/RHSA-2015-1808.html",
"refsource": "MISC", "refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-1808.html" "name": "http://rhn.redhat.com/errata/RHSA-2015-1808.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1808",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1808"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5274",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5274"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1262518",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1262518"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
} }
] ]
} }

110
2015/5xxx/CVE-2015-5279.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "A heap buffer overflow flaw was found in the way QEMU's NE2000 NIC emulation implementation handled certain packets received over the network. A privileged user inside a guest could use this flaw to crash the QEMU instance (denial of service) or potentially execute arbitrary code on the host." "value": "Heap-based buffer overflow in the ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows guest OS users to cause a denial of service (instance crash) or possibly execute arbitrary code via vectors related to receiving packets."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Heap-based Buffer Overflow", "value": "n/a"
"cweId": "CWE-122"
} }
] ]
} }
@ -32,53 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Red Hat Enterprise Linux 5", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "0:83-274.el5_11", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
},
{
"version_value": "0:3.0.3-147.el5_11",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.479.el6_7.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.479.el6_7.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "RHEV 3.X Hypervisor and Agents for RHEL-6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.479.el6_7.2",
"version_affected": "!"
} }
] ]
} }
@ -176,71 +138,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://www.securitytracker.com/id/1033569" "name": "http://www.securitytracker.com/id/1033569"
}, },
{
"url": "https://access.redhat.com/errata/RHSA-2015:1896",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1896"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1923",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1923"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1924",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1924"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1925",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1925"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:2065",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2065"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5279",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5279"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1256672",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1256672"
},
{ {
"url": "https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg03984.html", "url": "https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg03984.html",
"refsource": "MISC", "refsource": "MISC",
"name": "https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg03984.html" "name": "https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg03984.html"
} }
] ]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
]
} }
} }

71
2015/5xxx/CVE-2015-5283.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "A NULL pointer dereference flaw was found in the SCTP implementation. A local user could use this flaw to cause a denial of service on the system by triggering a kernel panic when creating multiple sockets in parallel while the system did not have the SCTP module loaded." "value": "The sctp_init function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequence of protocol-initialization steps, which allows local users to cause a denial of service (panic or memory corruption) by creating SCTP sockets before all of the steps have finished."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Improper Initialization", "value": "n/a"
"cweId": "CWE-665"
} }
] ]
} }
@ -32,20 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Red Hat Enterprise Linux 7", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "0:3.10.0-327.rt56.204.el7", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
},
{
"version_value": "0:3.10.0-327.el7",
"version_affected": "!"
} }
] ]
} }
@ -98,16 +93,6 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2829-2" "name": "http://www.ubuntu.com/usn/USN-2829-2"
}, },
{
"url": "https://access.redhat.com/errata/RHSA-2015:2152",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2152"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:2411",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2411"
},
{ {
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8e2d61e0aed2b7c4ecb35844fe07e0b2b762dee4", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8e2d61e0aed2b7c4ecb35844fe07e0b2b762dee4",
"refsource": "MISC", "refsource": "MISC",
@ -133,16 +118,6 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://www.securitytracker.com/id/1033808" "name": "http://www.securitytracker.com/id/1033808"
}, },
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5283",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5283"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1257528",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1257528"
},
{ {
"url": "https://github.com/torvalds/linux/commit/8e2d61e0aed2b7c4ecb35844fe07e0b2b762dee4", "url": "https://github.com/torvalds/linux/commit/8e2d61e0aed2b7c4ecb35844fe07e0b2b762dee4",
"refsource": "MISC", "refsource": "MISC",
@ -152,37 +127,11 @@
"url": "https://security-tracker.debian.org/tracker/CVE-2015-5283", "url": "https://security-tracker.debian.org/tracker/CVE-2015-5283",
"refsource": "MISC", "refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2015-5283" "name": "https://security-tracker.debian.org/tracker/CVE-2015-5283"
} },
]
},
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Ji Jianwen (Red Hat engineering)."
}
],
"impact": {
"cvss": [
{ {
"accessComplexity": "MEDIUM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1257528",
"accessVector": "LOCAL", "refsource": "MISC",
"authentication": "NONE", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1257528"
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.7,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
} }
] ]
} }

72
2015/5xxx/CVE-2015-5292.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "It was found that SSSD's Privilege Attribute Certificate (PAC) responder plug-in would leak a small amount of memory on each authentication request. A remote attacker could potentially use this flaw to exhaust all available memory on the system by making repeated requests to a Kerberized daemon application configured to authenticate using the PAC responder plug-in." "value": "Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause a denial of service (memory consumption) via a large number of logins that trigger parsing of PAC blobs during Kerberos authentication."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Missing Release of Memory after Effective Lifetime", "value": "n/a"
"cweId": "CWE-401"
} }
] ]
} }
@ -32,27 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Red Hat Enterprise Linux 6", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "0:1.12.4-47.el6_7.4", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:1.13.0-40.el7",
"version_affected": "!"
} }
] ]
} }
@ -110,26 +98,6 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://www.securitytracker.com/id/1034038" "name": "http://www.securitytracker.com/id/1034038"
}, },
{
"url": "https://access.redhat.com/errata/RHSA-2015:2019",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2019"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:2355",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2355"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5292",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5292"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1267580",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1267580"
},
{ {
"url": "https://fedorahosted.org/sssd/attachment/ticket/2803/0001-Fix-memory-leak-in-sssdpac_verify.patch", "url": "https://fedorahosted.org/sssd/attachment/ticket/2803/0001-Fix-memory-leak-in-sssdpac_verify.patch",
"refsource": "MISC", "refsource": "MISC",
@ -144,31 +112,11 @@
"url": "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.1", "url": "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.1",
"refsource": "MISC", "refsource": "MISC",
"name": "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.1" "name": "https://fedorahosted.org/sssd/wiki/Releases/Notes-1.13.1"
} },
]
},
"impact": {
"cvss": [
{ {
"accessComplexity": "HIGH", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1267580",
"accessVector": "NETWORK", "refsource": "MISC",
"authentication": "SINGLE", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1267580"
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:S/C:N/I:N/A:P",
"version": "2.0"
} }
] ]
} }

67
2015/5xxx/CVE-2015-5293.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5293", "ID": "CVE-2015-5293",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,17 +27,41 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "https://access.redhat.com/security/cve/CVE-2015-5293", "url": "https://access.redhat.com/security/cve/CVE-2015-5293",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://access.redhat.com/security/cve/CVE-2015-5293" "name": "https://access.redhat.com/security/cve/CVE-2015-5293"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1267714", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1267714",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1267714" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1267714"
} }
] ]
} }

101
2015/5xxx/CVE-2015-5295.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "A vulnerability was discovered in the OpenStack Orchestration service (heat), where a specially formatted template could be used to trick the heat-engine service into opening a local file. Although the file contents are never disclosed to the end user, an OpenStack-authenticated attacker could use this flaw to cause a denial of service or determine whether a given file name is present on the server." "value": "The template-validate command in OpenStack Orchestration API (Heat) before 2015.1.3 (kilo) and 5.0.x before 5.0.1 (liberty) allows remote authenticated users to cause a denial of service (memory consumption) or determine the existence of local files via the resource type in a template, as demonstrated by file:///dev/zero."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Uncontrolled Resource Consumption", "value": "n/a"
"cweId": "CWE-400"
} }
] ]
} }
@ -32,49 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "0:2014.1.5-7.el6ost", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2014.1.5-7.el7ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2014.2.3-11.el7ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2015.1.2-9.el7ost",
"version_affected": "!"
} }
] ]
} }
@ -107,71 +73,16 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://www.securityfocus.com/bid/81438" "name": "http://www.securityfocus.com/bid/81438"
}, },
{
"url": "https://access.redhat.com/errata/RHSA-2016:0266",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2016:0266"
},
{
"url": "https://access.redhat.com/errata/RHSA-2016:0440",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2016:0440"
},
{
"url": "https://access.redhat.com/errata/RHSA-2016:0441",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2016:0441"
},
{
"url": "https://access.redhat.com/errata/RHSA-2016:0442",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2016:0442"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5295",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5295"
},
{ {
"url": "https://bugs.launchpad.net/heat/+bug/1496277", "url": "https://bugs.launchpad.net/heat/+bug/1496277",
"refsource": "MISC", "refsource": "MISC",
"name": "https://bugs.launchpad.net/heat/+bug/1496277" "name": "https://bugs.launchpad.net/heat/+bug/1496277"
}, },
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298295",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1298295"
},
{ {
"url": "https://security.openstack.org/ossa/OSSA-2016-003.html", "url": "https://security.openstack.org/ossa/OSSA-2016-003.html",
"refsource": "MISC", "refsource": "MISC",
"name": "https://security.openstack.org/ossa/OSSA-2016-003.html" "name": "https://security.openstack.org/ossa/OSSA-2016-003.html"
} }
] ]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
}
]
} }
} }

78
2015/5xxx/CVE-2015-5302.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "It was found that ABRT may have exposed non-public information to Red Hat Bugzilla during crash reporting. A bug in the libreport library caused changes made by a user in files included in a crash report to be discarded. As a result, Red Hat Bugzilla attachments may contain data that was not intended to be made public, including host names, IP addresses, or command line options." "value": "libreport 2.0.7 before 2.6.3 only saves changes to the first file when editing a crash report, which allows remote attackers to obtain sensitive information via unspecified vectors related to the (1) backtrace, (2) cmdline, (3) environ, (4) open_fds, (5) maps, (6) smaps, (7) hostname, (8) remote, (9) ks.cfg, or (10) anaconda-tb file attachment included in a Red Hat Bugzilla bug report."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Insertion of Sensitive Information Into Sent Data", "value": "n/a"
"cweId": "CWE-201"
} }
] ]
} }
@ -32,31 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Red Hat Enterprise Linux 6", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "0:2.0.9-25.el6_7", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:2.1.11-35.el7",
"version_affected": "!"
},
{
"version_value": "0:2.1.11-31.el7",
"version_affected": "!"
} }
] ]
} }
@ -79,11 +63,6 @@
"refsource": "MISC", "refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-2505.html" "name": "http://rhn.redhat.com/errata/RHSA-2015-2505.html"
}, },
{
"url": "https://access.redhat.com/errata/RHSA-2015:2505",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2505"
},
{ {
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172695.html", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172695.html",
"refsource": "MISC", "refsource": "MISC",
@ -100,55 +79,14 @@
"name": "http://www.securityfocus.com/bid/77685" "name": "http://www.securityfocus.com/bid/77685"
}, },
{ {
"url": "https://access.redhat.com/errata/RHSA-2015:2504", "url": "https://github.com/abrt/libreport/commit/257578a23d1537a2d235aaa2b1488ee4f818e360",
"refsource": "MISC", "refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2504" "name": "https://github.com/abrt/libreport/commit/257578a23d1537a2d235aaa2b1488ee4f818e360"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5302",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5302"
}, },
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1270903", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1270903",
"refsource": "MISC", "refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1270903" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1270903"
},
{
"url": "https://github.com/abrt/libreport/commit/257578a23d1537a2d235aaa2b1488ee4f818e360",
"refsource": "MISC",
"name": "https://github.com/abrt/libreport/commit/257578a23d1537a2d235aaa2b1488ee4f818e360"
}
]
},
"credits": [
{
"lang": "en",
"value": "This issue was discovered by Bastien Nocera (Red Hat)."
}
],
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
} }
] ]
} }

67
2015/5xxx/CVE-2015-5303.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5303", "ID": "CVE-2015-5303",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,17 +27,41 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "RHSA-2015:2650", "url": "https://access.redhat.com/errata/RHSA-2015:2650",
"refsource": "REDHAT", "refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2015:2650" "name": "https://access.redhat.com/errata/RHSA-2015:2650"
}, },
{ {
"name": "https://bugs.launchpad.net/tripleo/+bug/1516027", "url": "https://bugs.launchpad.net/tripleo/+bug/1516027",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugs.launchpad.net/tripleo/+bug/1516027" "name": "https://bugs.launchpad.net/tripleo/+bug/1516027"
} }
] ]
} }

97
2015/5xxx/CVE-2015-5304.json
View File

@ -1,35 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5304", "ID": "CVE-2015-5304",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -50,42 +27,66 @@
} }
] ]
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"name": "RHSA-2015:2541", "url": "http://rhn.redhat.com/errata/RHSA-2015-2538.html",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2541.html" "name": "http://rhn.redhat.com/errata/RHSA-2015-2538.html"
}, },
{ {
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1273046", "url": "http://rhn.redhat.com/errata/RHSA-2015-2539.html",
"refsource": "CONFIRM", "refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273046" "name": "http://rhn.redhat.com/errata/RHSA-2015-2539.html"
}, },
{ {
"name": "1034280", "url": "http://rhn.redhat.com/errata/RHSA-2015-2540.html",
"refsource": "SECTRACK", "refsource": "MISC",
"url": "http://www.securitytracker.com/id/1034280" "name": "http://rhn.redhat.com/errata/RHSA-2015-2540.html"
}, },
{ {
"name": "RHSA-2015:2540", "url": "http://rhn.redhat.com/errata/RHSA-2015-2541.html",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2540.html" "name": "http://rhn.redhat.com/errata/RHSA-2015-2541.html"
}, },
{ {
"name": "RHSA-2015:2542", "url": "http://rhn.redhat.com/errata/RHSA-2015-2542.html",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2542.html" "name": "http://rhn.redhat.com/errata/RHSA-2015-2542.html"
}, },
{ {
"name": "RHSA-2015:2538", "url": "http://www.securitytracker.com/id/1034280",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2538.html" "name": "http://www.securitytracker.com/id/1034280"
}, },
{ {
"name": "RHSA-2015:2539", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273046",
"refsource": "REDHAT", "refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2015-2539.html" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1273046"
} }
] ]
} }

43
2015/5xxx/CVE-2015-5305.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "Kubernetes fails to validate object name types before passing the data to etcd. As the etcd service generates keys based on the object name type this can lead to a directory path traversal." "value": "Directory traversal vulnerability in Kubernetes, as used in Red Hat OpenShift Enterprise 3.0, allows attackers to write to arbitrary files via a crafted object type name, which is not properly handled before passing it to etcd."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "value": "n/a"
"cweId": "CWE-22"
} }
] ]
} }
@ -32,16 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Red Hat OpenShift Enterprise 3.0", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "0:3.0.2.0-0.git.20.656dc3e.el7ose", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
} }
] ]
} }
@ -59,41 +58,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1945" "name": "https://access.redhat.com/errata/RHSA-2015:1945"
}, },
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5305",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5305"
},
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273969", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1273969",
"refsource": "MISC", "refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1273969" "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1273969"
} }
] ]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
]
} }
} }

52
2015/5xxx/CVE-2015-5329.json
View File

@ -11,7 +11,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "A flaw was found in the director (openstack-tripleo-heat-templates) where the RabbitMQ credentials defaulted to guest/guest and supplied values in the configuration were not used. As a result, all deployed overclouds used the same credentials (guest/guest). A remote non-authenticated attacker could use this flaw to access RabbitMQ services in the deployed cloud." "value": "The TripleO Heat templates (tripleo-heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 7.0, do not properly use the configured RabbitMQ credentials, which makes it easier for remote attackers to obtain access to services in deployed overclouds by leveraging knowledge of the default credentials."
} }
] ]
}, },
@ -21,8 +21,7 @@
"description": [ "description": [
{ {
"lang": "eng", "lang": "eng",
"value": "Use of Hard-coded Credentials", "value": "n/a"
"cweId": "CWE-798"
} }
] ]
} }
@ -32,20 +31,16 @@
"vendor": { "vendor": {
"vendor_data": [ "vendor_data": [
{ {
"vendor_name": "Red Hat", "vendor_name": "n/a",
"product": { "product": {
"product_data": [ "product_data": [
{ {
"product_name": "Red Hat Enterprise Linux OpenStack Platform director 7.0 for RHEL 7", "product_name": "n/a",
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_value": "0:0.8.6-94.el7ost", "version_affected": "=",
"version_affected": "!" "version_value": "n/a"
},
{
"version_value": "0:0.0.10-22.el7ost",
"version_affected": "!"
} }
] ]
} }
@ -62,41 +57,6 @@
"url": "https://access.redhat.com/errata/RHSA-2015:2650", "url": "https://access.redhat.com/errata/RHSA-2015:2650",
"refsource": "MISC", "refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2650" "name": "https://access.redhat.com/errata/RHSA-2015:2650"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-5329",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-5329"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1281777",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1281777"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
} }
] ]
} }

41
2015/5xxx/CVE-2015-5745.json
View File

@ -1,12 +1,12 @@
{ {
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-5745", "ID": "CVE-2015-5745",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC" "STATE": "PUBLIC"
}, },
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
@ -39,6 +39,7 @@
"version": { "version": {
"version_data": [ "version_data": [
{ {
"version_affected": "=",
"version_value": "before 2.4.0" "version_value": "before 2.4.0"
} }
] ]
@ -53,44 +54,44 @@
"references": { "references": {
"reference_data": [ "reference_data": [
{ {
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13",
"refsource": "MISC", "refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html", "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html"
}, },
{ {
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html",
"refsource": "MISC", "refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html", "name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html"
}, },
{ {
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html",
"refsource": "MISC", "refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html", "name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html"
}, },
{ {
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html",
"refsource": "MISC", "refsource": "MISC",
"name": "https://lists.gnu.org/archive/html/qemu-devel/2015-07/msg05458.html", "name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html"
"url": "https://lists.gnu.org/archive/html/qemu-devel/2015-07/msg05458.html"
}, },
{ {
"url": "http://www.openwall.com/lists/oss-security/2015/08/06/3",
"refsource": "MISC", "refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/08/06/3", "name": "http://www.openwall.com/lists/oss-security/2015/08/06/3"
"url": "http://www.openwall.com/lists/oss-security/2015/08/06/3"
}, },
{ {
"url": "http://www.openwall.com/lists/oss-security/2015/08/06/5",
"refsource": "MISC", "refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/08/06/5", "name": "http://www.openwall.com/lists/oss-security/2015/08/06/5"
"url": "http://www.openwall.com/lists/oss-security/2015/08/06/5"
}, },
{ {
"url": "https://github.com/qemu/qemu/commit/7882080388be5088e72c425b02223c02e6cb4295",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/qemu/qemu/commit/7882080388be5088e72c425b02223c02e6cb4295", "name": "https://github.com/qemu/qemu/commit/7882080388be5088e72c425b02223c02e6cb4295"
"url": "https://github.com/qemu/qemu/commit/7882080388be5088e72c425b02223c02e6cb4295"
}, },
{ {
"url": "https://lists.gnu.org/archive/html/qemu-devel/2015-07/msg05458.html",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13", "name": "https://lists.gnu.org/archive/html/qemu-devel/2015-07/msg05458.html"
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13"
} }
] ]
} }