admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-02-13 00:02:24 +00:00
parent 22aed84e85
commit bc3582224f
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
100 changed files with 4286 additions and 7053 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
2012/2xxx/CVE-2012-2361.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2361",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,17 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120523 Moodle security notifications public",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2012/05/23/2"
"url": "http://openwall.com/lists/oss-security/2012/05/23/2",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2012/05/23/2"
},
{
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-31694",
"refsource": "CONFIRM",
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-31694"
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-31694",
"refsource": "MISC",
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-31694"
}
]
}

79
2012/2xxx/CVE-2012-2362.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2362",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "82069",
"refsource": "OSVDB",
"url": "http://osvdb.org/82069"
"url": "http://openwall.com/lists/oss-security/2012/05/23/2",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2012/05/23/2"
},
{
"name": "https://moodle.org/mod/forum/discuss.php?d=203052",
"refsource": "CONFIRM",
"url": "https://moodle.org/mod/forum/discuss.php?d=203052"
"url": "http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=038131c8b5614f18c14d964dc53b6960ae6c30d8",
"refsource": "MISC",
"name": "http://git.moodle.org/gw?p=moodle.git%3Ba=commit%3Bh=038131c8b5614f18c14d964dc53b6960ae6c30d8"
},
{
"name": "[oss-security] 20120523 Moodle security notifications public",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2012/05/23/2"
"url": "http://osvdb.org/82069",
"refsource": "MISC",
"name": "http://osvdb.org/82069"
},
{
"name": "http://git.moodle.org/gw?p=moodle.git;a=commit;h=038131c8b5614f18c14d964dc53b6960ae6c30d8",
"refsource": "CONFIRM",
"url": "http://git.moodle.org/gw?p=moodle.git;a=commit;h=038131c8b5614f18c14d964dc53b6960ae6c30d8"
"url": "https://moodle.org/mod/forum/discuss.php?d=203052",
"refsource": "MISC",
"name": "https://moodle.org/mod/forum/discuss.php?d=203052"
}
]
}

115
2012/2xxx/CVE-2012-2372.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2372",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,57 +27,81 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2012:1540",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1540.html"
"url": "http://marc.info/?l=bugtraq&m=139447903326211&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=139447903326211&w=2"
},
{
"name": "USN-1556-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1556-1"
"url": "http://ubuntu.com/usn/usn-1529-1",
"refsource": "MISC",
"name": "http://ubuntu.com/usn/usn-1529-1"
},
{
"name": "RHSA-2012:0743",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0743.html"
"url": "https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html",
"refsource": "MISC",
"name": "https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html"
},
{
"name": "https://oss.oracle.com/git/?p=redpatch.git;a=commit;h=c7b6a0a1d8d636852be130fa15fa8be10d4704e8",
"refsource": "CONFIRM",
"url": "https://oss.oracle.com/git/?p=redpatch.git;a=commit;h=c7b6a0a1d8d636852be130fa15fa8be10d4704e8"
"url": "http://rhn.redhat.com/errata/RHSA-2012-1540.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1540.html"
},
{
"name": "54062",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54062"
"url": "http://rhn.redhat.com/errata/RHSA-2012-0743.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-0743.html"
},
{
"name": "SUSE-SU-2012:1679",
"refsource": "SUSE",
"url": "https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html"
"url": "http://www.ubuntu.com/usn/USN-1555-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1555-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=822754",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=822754"
"url": "http://www.ubuntu.com/usn/USN-1556-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1556-1"
},
{
"name": "USN-1555-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1555-1"
"url": "http://www.securityfocus.com/bid/54062",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/54062"
},
{
"name": "USN-1529-1",
"refsource": "UBUNTU",
"url": "http://ubuntu.com/usn/usn-1529-1"
"url": "https://oss.oracle.com/git/?p=redpatch.git%3Ba=commit%3Bh=c7b6a0a1d8d636852be130fa15fa8be10d4704e8",
"refsource": "MISC",
"name": "https://oss.oracle.com/git/?p=redpatch.git%3Ba=commit%3Bh=c7b6a0a1d8d636852be130fa15fa8be10d4704e8"
},
{
"name": "HPSBGN02970",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=139447903326211&w=2"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=822754",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=822754"
}
]
}

127
2012/2xxx/CVE-2012-2392.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2392",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,67 +27,91 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "MDVSA-2012:015",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:015"
"url": "http://secunia.com/advisories/49226",
"refsource": "MISC",
"name": "http://secunia.com/advisories/49226"
},
{
"name": "1027094",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027094"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:015",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:015"
},
{
"name": "MDVSA-2012:042",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:042"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:042",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:042"
},
{
"name": "oval:org.mitre.oval:def:15604",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15604"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:080",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:080"
},
{
"name": "49226",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49226"
"url": "http://www.securitytracker.com/id?1027094",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1027094"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7120",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7120"
"url": "http://www.wireshark.org/security/wnpa-sec-2012-08.html",
"refsource": "MISC",
"name": "http://www.wireshark.org/security/wnpa-sec-2012-08.html"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7124",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7124"
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6805",
"refsource": "MISC",
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6805"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6805",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6805"
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7118",
"refsource": "MISC",
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7118"
},
{
"name": "MDVSA-2012:080",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:080"
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7119",
"refsource": "MISC",
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7119"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7119",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7119"
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7120",
"refsource": "MISC",
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7120"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2012-08.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2012-08.html"
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7124",
"refsource": "MISC",
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7124"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7118",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7118"
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15604",
"refsource": "MISC",
"name": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15604"
}
]
}

103
2012/2xxx/CVE-2012-2652.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2652",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "50132",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50132"
"url": "http://git.qemu.org/?p=qemu-stable-0.15.git%3Ba=log",
"refsource": "MISC",
"name": "http://git.qemu.org/?p=qemu-stable-0.15.git%3Ba=log"
},
{
"name": "http://git.qemu.org/?p=qemu-stable-0.15.git;a=log",
"refsource": "CONFIRM",
"url": "http://git.qemu.org/?p=qemu-stable-0.15.git;a=log"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00024.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00024.html"
},
{
"name": "50689",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50689"
"url": "http://secunia.com/advisories/50689",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50689"
},
{
"name": "53725",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53725"
"url": "http://www.debian.org/security/2012/dsa-2545",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2545"
},
{
"name": "SUSE-SU-2012:1202",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00024.html"
"url": "http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commit%3Bh=eba25057b9a5e19d10ace2bc7716667a31297169",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=virt/kvm/qemu-kvm.git%3Ba=commit%3Bh=eba25057b9a5e19d10ace2bc7716667a31297169"
},
{
"name": "USN-1522-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1522-1"
"url": "http://secunia.com/advisories/50132",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50132"
},
{
"name": "http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commit;h=eba25057b9a5e19d10ace2bc7716667a31297169",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commit;h=eba25057b9a5e19d10ace2bc7716667a31297169"
"url": "http://www.securityfocus.com/bid/53725",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/53725"
},
{
"name": "DSA-2545",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2545"
"url": "http://www.ubuntu.com/usn/USN-1522-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1522-1"
}
]
}

69
2012/2xxx/CVE-2012-2662.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting flaws were discovered in the Red Hat Certificate System Agent and End Entity pages. An attacker could use these flaws to perform a cross-site scripting (XSS) attack against victims using the Certificate System's web interface."
"value": "Multiple cross-site scripting (XSS) vulnerabilities in Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to the (1) System Agent or (2) End Entity pages."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Certificate System 8",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:8.1.1-1.el5pki",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:9.0.3-43.el6",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -95,56 +83,11 @@
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1027284"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1103",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1103"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1347",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1347"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-2662",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-2662"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=826646",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=826646"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77101",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77101"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
]
}
}

123
2012/2xxx/CVE-2012-2671.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2671",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=763650",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081812.html",
"refsource": "MISC",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=763650"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081812.html"
},
{
"name": "https://github.com/rtomayko/rack-cache/commit/2e3a64d07daac4c757cc57620f2288e865a09b90",
"refsource": "CONFIRM",
"url": "https://github.com/rtomayko/rack-cache/commit/2e3a64d07daac4c757cc57620f2288e865a09b90"
},
{
"name": "https://github.com/rtomayko/rack-cache/blob/master/CHANGES",
"refsource": "CONFIRM",
"url": "https://github.com/rtomayko/rack-cache/blob/master/CHANGES"
},
{
"name": "FEDORA-2012-8439",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/081812.html"
},
{
"name": "https://github.com/rtomayko/rack-cache/pull/52",
"refsource": "CONFIRM",
"url": "https://github.com/rtomayko/rack-cache/pull/52"
},
{
"name": "[oss-security] 20120606 Re: CVE request: rack-cache caches sensitive headers (Set-Cookie)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/06/06/8"
},
{
"name": "[oss-security] 20120606 CVE request: rack-cache caches sensitive headers (Set-Cookie)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/06/06/4"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=824520",
"url": "http://www.openwall.com/lists/oss-security/2012/06/06/4",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=824520"
"name": "http://www.openwall.com/lists/oss-security/2012/06/06/4"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/06/06/8",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/06/06/8"
},
{
"url": "https://bugzilla.novell.com/show_bug.cgi?id=763650",
"refsource": "MISC",
"name": "https://bugzilla.novell.com/show_bug.cgi?id=763650"
},
{
"url": "https://github.com/rtomayko/rack-cache/blob/master/CHANGES",
"refsource": "MISC",
"name": "https://github.com/rtomayko/rack-cache/blob/master/CHANGES"
},
{
"url": "https://github.com/rtomayko/rack-cache/commit/2e3a64d07daac4c757cc57620f2288e865a09b90",
"refsource": "MISC",
"name": "https://github.com/rtomayko/rack-cache/commit/2e3a64d07daac4c757cc57620f2288e865a09b90"
},
{
"url": "https://github.com/rtomayko/rack-cache/pull/52",
"refsource": "MISC",
"name": "https://github.com/rtomayko/rack-cache/pull/52"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=824520",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=824520"
}
]
}

113
2012/2xxx/CVE-2012-2672.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2672",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,57 +27,81 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://issues.jboss.org/browse/JBPAPP-9197",
"url": "http://java.net/jira/browse/JAVASERVERFACES-2436",
"refsource": "MISC",
"url": "https://issues.jboss.org/browse/JBPAPP-9197"
"name": "http://java.net/jira/browse/JAVASERVERFACES-2436"
},
{
"name": "RHSA-2012:1594",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1594.html"
"url": "http://rhn.redhat.com/errata/RHSA-2012-1591.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1591.html"
},
{
"name": "mojarra-facescontext-info-disc(76179)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76179"
"url": "http://rhn.redhat.com/errata/RHSA-2012-1592.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1592.html"
},
{
"name": "49284",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49284"
"url": "http://rhn.redhat.com/errata/RHSA-2012-1594.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1594.html"
},
{
"name": "51607",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51607"
"url": "http://secunia.com/advisories/49284",
"refsource": "MISC",
"name": "http://secunia.com/advisories/49284"
},
{
"name": "RHSA-2012:1592",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1592.html"
"url": "http://secunia.com/advisories/51607",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51607"
},
{
"name": "RHSA-2012:1591",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1591.html"
"url": "http://www.openwall.com/lists/oss-security/2012/06/07/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/06/07/2"
},
{
"name": "http://java.net/jira/browse/JAVASERVERFACES-2436",
"refsource": "CONFIRM",
"url": "http://java.net/jira/browse/JAVASERVERFACES-2436"
"url": "http://www.openwall.com/lists/oss-security/2012/06/07/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/06/07/3"
},
{
"name": "[oss-security] 20120606 CVE request: Mojarra allows deployed web applications to read FacesContext from other applications",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/06/07/2"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76179",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76179"
},
{
"name": "[oss-security] 20120606 Re: CVE request: Mojarra allows deployed web applications to read FacesContext from other applications",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/06/07/3"
"url": "https://issues.jboss.org/browse/JBPAPP-9197",
"refsource": "MISC",
"name": "https://issues.jboss.org/browse/JBPAPP-9197"
}
]
}

89
2012/2xxx/CVE-2012-2681.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2681",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,37 +27,61 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=827558",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html",
"refsource": "MISC",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=827558"
"name": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"name": "55618",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55618"
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"name": "cumin-redhat-weak-security(78771)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78771"
"url": "http://secunia.com/advisories/50660",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50660"
},
{
"name": "RHSA-2012:1278",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
"url": "http://www.securityfocus.com/bid/55618",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55618"
},
{
"name": "RHSA-2012:1281",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=827558",
"refsource": "MISC",
"name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=827558"
},
{
"name": "50660",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50660"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78771",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78771"
}
]
}

73
2012/2xxx/CVE-2012-2682.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2682",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0858",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0858.html"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0858.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0858.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=830254",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=830254"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0859.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0859.html"
},
{
"name": "RHSA-2014:0859",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0859.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=830254",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=830254"
}
]
}

145
2012/2xxx/CVE-2012-2691.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2691",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,82 +27,106 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://www.mantisbt.org/bugs/view.php?id=14340",
"refsource": "CONFIRM",
"url": "http://www.mantisbt.org/bugs/view.php?id=14340"
"url": "http://secunia.com/advisories/51199",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51199"
},
{
"name": "FEDORA-2012-18299",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html"
"url": "http://security.gentoo.org/glsa/glsa-201211-01.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201211-01.xml"
},
{
"name": "56467",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56467"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html"
},
{
"name": "https://github.com/mantisbt/mantisbt/commit/175d973105fe9f03a37ced537b742611631067e0",
"refsource": "CONFIRM",
"url": "https://github.com/mantisbt/mantisbt/commit/175d973105fe9f03a37ced537b742611631067e0"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html"
},
{
"name": "GLSA-201211-01",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201211-01.xml"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html"
},
{
"name": "https://github.com/mantisbt/mantisbt/commit/edc8142bb8ac0ac0df1a3824d78c15f4015d959e",
"refsource": "CONFIRM",
"url": "https://github.com/mantisbt/mantisbt/commit/edc8142bb8ac0ac0df1a3824d78c15f4015d959e"
"url": "http://secunia.com/advisories/49414",
"refsource": "MISC",
"name": "http://secunia.com/advisories/49414"
},
{
"name": "49414",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49414"
"url": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=148",
"refsource": "MISC",
"name": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=148"
},
{
"name": "[oss-security] 20120611 Re: CVE requests (x2) for Mantis Bug Tracker (MantisBT) before 1.2.11",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/06/11/6"
"url": "http://www.mantisbt.org/bugs/view.php?id=14340",
"refsource": "MISC",
"name": "http://www.mantisbt.org/bugs/view.php?id=14340"
},
{
"name": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=148",
"refsource": "CONFIRM",
"url": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=148"
"url": "http://www.openwall.com/lists/oss-security/2012/06/09/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/06/09/1"
},
{
"name": "51199",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51199"
"url": "http://www.openwall.com/lists/oss-security/2012/06/11/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/06/11/6"
},
{
"name": "FEDORA-2012-18294",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html"
"url": "http://www.securityfocus.com/bid/53907",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/53907"
},
{
"name": "53907",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53907"
"url": "http://www.securityfocus.com/bid/56467",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/56467"
},
{
"name": "[oss-security] 20120609 CVE requests (x2) for Mantis Bug Tracker (MantisBT) before 1.2.11",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/06/09/1"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76180",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76180"
},
{
"name": "FEDORA-2012-18273",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html"
"url": "https://github.com/mantisbt/mantisbt/commit/175d973105fe9f03a37ced537b742611631067e0",
"refsource": "MISC",
"name": "https://github.com/mantisbt/mantisbt/commit/175d973105fe9f03a37ced537b742611631067e0"
},
{
"name": "mantisbt-soapapi-sec-bypass(76180)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76180"
"url": "https://github.com/mantisbt/mantisbt/commit/edc8142bb8ac0ac0df1a3824d78c15f4015d959e",
"refsource": "MISC",
"name": "https://github.com/mantisbt/mantisbt/commit/edc8142bb8ac0ac0df1a3824d78c15f4015d959e"
}
]
}

121
2012/2xxx/CVE-2012-2692.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2692",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,62 +27,86 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "FEDORA-2012-18299",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html"
"url": "http://secunia.com/advisories/51199",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51199"
},
{
"name": "53921",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/53921"
"url": "http://security.gentoo.org/glsa/glsa-201211-01.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201211-01.xml"
},
{
"name": "http://www.mantisbt.org/bugs/view.php?id=14016",
"refsource": "CONFIRM",
"url": "http://www.mantisbt.org/bugs/view.php?id=14016"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html"
},
{
"name": "GLSA-201211-01",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201211-01.xml"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093063.html"
},
{
"name": "[oss-security] 20120611 Re: CVE requests (x2) for Mantis Bug Tracker (MantisBT) before 1.2.11",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/06/11/6"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html"
},
{
"name": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=148",
"refsource": "CONFIRM",
"url": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=148"
"url": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=148",
"refsource": "MISC",
"name": "http://www.mantisbt.org/bugs/changelog_page.php?version_id=148"
},
{
"name": "51199",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51199"
"url": "http://www.openwall.com/lists/oss-security/2012/06/09/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/06/09/1"
},
{
"name": "FEDORA-2012-18294",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093064.html"
"url": "http://www.openwall.com/lists/oss-security/2012/06/11/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/06/11/6"
},
{
"name": "[oss-security] 20120609 CVE requests (x2) for Mantis Bug Tracker (MantisBT) before 1.2.11",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/06/09/1"
"url": "http://www.mantisbt.org/bugs/view.php?id=14016",
"refsource": "MISC",
"name": "http://www.mantisbt.org/bugs/view.php?id=14016"
},
{
"name": "FEDORA-2012-18273",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-November/092926.html"
"url": "http://www.securityfocus.com/bid/53921",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/53921"
},
{
"name": "https://github.com/mantisbt/mantisbt/commit/ceafe6f0c679411b81368052633a63dd3ca06d9c",
"refsource": "CONFIRM",
"url": "https://github.com/mantisbt/mantisbt/commit/ceafe6f0c679411b81368052633a63dd3ca06d9c"
"url": "https://github.com/mantisbt/mantisbt/commit/ceafe6f0c679411b81368052633a63dd3ca06d9c",
"refsource": "MISC",
"name": "https://github.com/mantisbt/mantisbt/commit/ceafe6f0c679411b81368052633a63dd3ca06d9c"
}
]
}

113
2012/2xxx/CVE-2012-2742.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2742",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,42 +27,66 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "revelation-passwordlength-weak-security(76407)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76407"
},
{
"name": "[oss-security] 20120618 CVE Request -- Revelation: 1) Limits effective password length to 32 characters 2) Doesn't iterate the passphrase through SHA algorithm to derive the encryption key",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/06/18/1"
},
{
"name": "54060",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54060"
},
{
"name": "[oss-security] 20120618 Re: CVE Request -- Revelation: 1) Limits effective password length to 32 characters 2) Doesn't iterate the passphrase through SHA algorithm to derive the encryption key",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/06/18/3"
},
{
"name": "https://bugs.gentoo.org/show_bug.cgi?id=421571",
"url": "http://knoxin.blogspot.co.uk/2012/06/revelation-password-manager-considered.html",
"refsource": "MISC",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=421571"
"name": "http://knoxin.blogspot.co.uk/2012/06/revelation-password-manager-considered.html"
},
{
"name": "http://oss.codepoet.no/revelation/issue/61/file-format-magic-string-version-mismatch",
"refsource": "CONFIRM",
"url": "http://oss.codepoet.no/revelation/issue/61/file-format-magic-string-version-mismatch"
},
{
"name": "http://knoxin.blogspot.co.uk/2012/06/revelation-password-manager-considered.html",
"url": "http://oss.codepoet.no/revelation/issue/61/file-format-magic-string-version-mismatch",
"refsource": "MISC",
"url": "http://knoxin.blogspot.co.uk/2012/06/revelation-password-manager-considered.html"
"name": "http://oss.codepoet.no/revelation/issue/61/file-format-magic-string-version-mismatch"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/06/18/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/06/18/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/06/18/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/06/18/3"
},
{
"url": "http://www.securityfocus.com/bid/54060",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/54060"
},
{
"url": "https://bugs.gentoo.org/show_bug.cgi?id=421571",
"refsource": "MISC",
"name": "https://bugs.gentoo.org/show_bug.cgi?id=421571"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76407",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76407"
}
]
}

179
2012/2xxx/CVE-2012-2751.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-2751",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ModSecurity before 2.6.6, when used with PHP, does not properly handle single quotes not at the beginning of a request parameter value in the Content-Disposition field of a request with a multipart/form-data Content-Type header, which allows remote attackers to bypass filtering rules and perform other attacks such as cross-site scripting (XSS) attacks. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-5031."
"value": "ModSecurity before 2.6.6, when used with PHP, does not properly handle single quotes not at the beginning of a request parameter value in the Content-Disposition field of a request with a multipart/form-data Content-Type header, which allows remote attackers to bypass filtering rules and perform other attacks such as cross-site scripting (XSS) attacks. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-5031."
}
]
},
@ -50,87 +27,111 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2013:1342",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00031.html"
},
{
"name": "54156",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54156"
},
{
"name": "DSA-2506",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2506"
},
{
"name": "openSUSE-SU-2013:1331",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00020.html"
},
{
"name": "http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/branches/2.6.x/CHANGES",
"refsource": "CONFIRM",
"url": "http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/branches/2.6.x/CHANGES"
},
{
"name": "49782",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49782"
},
{
"name": "http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/trunk/apache2/msc_multipart.c?r1=1918&r2=1917&pathrev=1918",
"refsource": "CONFIRM",
"url": "http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/trunk/apache2/msc_multipart.c?r1=1918&r2=1917&pathrev=1918"
},
{
"name": "http://blog.ivanristic.com/2012/06/modsecurity-and-modsecurity-core-rule-set-multipart-bypasses.html",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150",
"refsource": "MISC",
"url": "http://blog.ivanristic.com/2012/06/modsecurity-and-modsecurity-core-rule-set-multipart-bypasses.html"
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "[oss-security] 20120621 Re: mod_security CVE request",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/06/22/2"
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
"url": "http://blog.ivanristic.com/2012/06/modsecurity-and-modsecurity-core-rule-set-multipart-bypasses.html",
"refsource": "MISC",
"name": "http://blog.ivanristic.com/2012/06/modsecurity-and-modsecurity-core-rule-set-multipart-bypasses.html"
},
{
"name": "http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/trunk/CHANGES?r1=1920&r2=1919&pathrev=1920",
"refsource": "CONFIRM",
"url": "http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/trunk/CHANGES?r1=1920&r2=1919&pathrev=1920"
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00020.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00020.html"
},
{
"name": "[oss-security] 20120621 mod_security CVE request",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/06/22/1"
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00025.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00025.html"
},
{
"name": "MDVSA-2012:118",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:118"
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00031.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00031.html"
},
{
"name": "49576",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49576"
"url": "http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/branches/2.6.x/CHANGES",
"refsource": "MISC",
"name": "http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/branches/2.6.x/CHANGES"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
"url": "http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/trunk/CHANGES?r1=1920&r2=1919&pathrev=1920",
"refsource": "MISC",
"name": "http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/trunk/CHANGES?r1=1920&r2=1919&pathrev=1920"
},
{
"name": "openSUSE-SU-2013:1336",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00025.html"
"url": "http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/trunk/apache2/msc_multipart.c?r1=1918&r2=1917&pathrev=1918",
"refsource": "MISC",
"name": "http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/trunk/apache2/msc_multipart.c?r1=1918&r2=1917&pathrev=1918"
},
{
"url": "http://secunia.com/advisories/49576",
"refsource": "MISC",
"name": "http://secunia.com/advisories/49576"
},
{
"url": "http://secunia.com/advisories/49782",
"refsource": "MISC",
"name": "http://secunia.com/advisories/49782"
},
{
"url": "http://www.debian.org/security/2012/dsa-2506",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2506"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:118",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:118"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/06/22/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/06/22/1"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/06/22/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/06/22/2"
},
{
"url": "http://www.securityfocus.com/bid/54156",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/54156"
}
]
}

121
2012/3xxx/CVE-2012-3361.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3361",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,62 +27,86 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "49763",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49763"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083984.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083984.html"
},
{
"name": "https://review.openstack.org/#/c/9268/",
"refsource": "CONFIRM",
"url": "https://review.openstack.org/#/c/9268/"
"url": "http://secunia.com/advisories/49763",
"refsource": "MISC",
"name": "http://secunia.com/advisories/49763"
},
{
"name": "54278",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54278"
"url": "http://secunia.com/advisories/49802",
"refsource": "MISC",
"name": "http://secunia.com/advisories/49802"
},
{
"name": "https://bugs.launchpad.net/nova/+bug/1015531",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/nova/+bug/1015531"
"url": "http://www.ubuntu.com/usn/USN-1497-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1497-1"
},
{
"name": "49802",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49802"
"url": "https://bugs.launchpad.net/nova/+bug/1015531",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/nova/+bug/1015531"
},
{
"name": "FEDORA-2012-10418",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083969.html"
"url": "https://github.com/openstack/nova/commit/2427d4a99bed35baefd8f17ba422cb7aae8dcca7",
"refsource": "MISC",
"name": "https://github.com/openstack/nova/commit/2427d4a99bed35baefd8f17ba422cb7aae8dcca7"
},
{
"name": "[openstack] 20120603 [OSSA 2012-008] Arbitrary file injection/corruption through directory traversal issues (CVE-2012-3360, CVE-2012-3361)",
"refsource": "MLIST",
"url": "https://lists.launchpad.net/openstack/msg14089.html"
"url": "https://github.com/openstack/nova/commit/b0feaffdb2b1c51182b8dce41b367f3449af5dd9",
"refsource": "MISC",
"name": "https://github.com/openstack/nova/commit/b0feaffdb2b1c51182b8dce41b367f3449af5dd9"
},
{
"name": "FEDORA-2012-10420",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083984.html"
"url": "https://lists.launchpad.net/openstack/msg14089.html",
"refsource": "MISC",
"name": "https://lists.launchpad.net/openstack/msg14089.html"
},
{
"name": "https://github.com/openstack/nova/commit/2427d4a99bed35baefd8f17ba422cb7aae8dcca7",
"refsource": "CONFIRM",
"url": "https://github.com/openstack/nova/commit/2427d4a99bed35baefd8f17ba422cb7aae8dcca7"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083969.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2012-July/083969.html"
},
{
"name": "https://github.com/openstack/nova/commit/b0feaffdb2b1c51182b8dce41b367f3449af5dd9",
"refsource": "CONFIRM",
"url": "https://github.com/openstack/nova/commit/b0feaffdb2b1c51182b8dce41b367f3449af5dd9"
"url": "http://www.securityfocus.com/bid/54278",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/54278"
},
{
"name": "USN-1497-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1497-1"
"url": "https://review.openstack.org/#/c/9268/",
"refsource": "MISC",
"name": "https://review.openstack.org/#/c/9268/"
}
]
}

91
2012/3xxx/CVE-2012-3371.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3371",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,37 +27,61 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "54388",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54388"
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/13",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/07/11/13"
},
{
"name": "[openstack] 20120711 [OSSA 2012-009] Scheduler denial of service through scheduler_hints (CVE-2012-3371)",
"refsource": "MLIST",
"url": "https://lists.launchpad.net/openstack/msg14452.html"
"url": "http://www.securityfocus.com/bid/54388",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/54388"
},
{
"name": "https://bugs.launchpad.net/nova/+bug/1017795",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/nova/+bug/1017795"
"url": "http://www.ubuntu.com/usn/USN-1501-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1501-1"
},
{
"name": "[oss-security] 20120711 [OSSA 2012-009] Scheduler denial of service through scheduler_hints (CVE-2012-3371)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/07/11/13"
"url": "https://bugs.launchpad.net/nova/+bug/1017795",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/nova/+bug/1017795"
},
{
"name": "USN-1501-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1501-1"
"url": "https://github.com/openstack/nova/commit/034762e8060dcf0a11cb039b9d426b0d0bb1801d",
"refsource": "MISC",
"name": "https://github.com/openstack/nova/commit/034762e8060dcf0a11cb039b9d426b0d0bb1801d"
},
{
"name": "https://github.com/openstack/nova/commit/034762e8060dcf0a11cb039b9d426b0d0bb1801d",
"refsource": "CONFIRM",
"url": "https://github.com/openstack/nova/commit/034762e8060dcf0a11cb039b9d426b0d0bb1801d"
"url": "https://lists.launchpad.net/openstack/msg14452.html",
"refsource": "MISC",
"name": "https://lists.launchpad.net/openstack/msg14452.html"
}
]
}

85
2012/3xxx/CVE-2012-3381.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3381",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=838160",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=838160"
"url": "http://sourceforge.net/tracker/index.php?func=detail&aid=3541554&group_id=128809&atid=712784",
"refsource": "MISC",
"name": "http://sourceforge.net/tracker/index.php?func=detail&aid=3541554&group_id=128809&atid=712784"
},
{
"name": "[oss-security] 20120706 Re: CVE Request: sblim-sfcb: insecure LD_LIBRARY_PATH usage",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/07/06/8"
"url": "http://www.openwall.com/lists/oss-security/2012/07/06/7",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/07/06/7"
},
{
"name": "http://sourceforge.net/tracker/index.php?func=detail&aid=3541554&group_id=128809&atid=712784",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/tracker/index.php?func=detail&aid=3541554&group_id=128809&atid=712784"
"url": "http://www.openwall.com/lists/oss-security/2012/07/06/8",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/07/06/8"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=770234",
"refsource": "CONFIRM",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=770234"
"url": "https://bugzilla.novell.com/show_bug.cgi?id=770234",
"refsource": "MISC",
"name": "https://bugzilla.novell.com/show_bug.cgi?id=770234"
},
{
"name": "[oss-security] 20120706 CVE Request: sblim-sfcb: insecure LD_LIBRARY_PATH usage",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/07/06/7"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=838160",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=838160"
}
]
}

91
2012/3xxx/CVE-2012-3382.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3382",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://github.com/mono/mono/commit/d16d4623edb210635bec3ca3786481b82cde25a2",
"refsource": "CONFIRM",
"url": "https://github.com/mono/mono/commit/d16d4623edb210635bec3ca3786481b82cde25a2"
},
{
"name": "openSUSE-SU-2012:0974",
"refsource": "SUSE",
"url": "https://hermes.opensuse.org/messages/15374367"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=769799",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:140",
"refsource": "MISC",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=769799"
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:140"
},
{
"name": "[oss-security] 20120706 Re: CVE Request: XSS in a Mono System.web error page",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/07/06/11"
"url": "http://www.openwall.com/lists/oss-security/2012/07/06/11",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/07/06/11"
},
{
"name": "MDVSA-2012:140",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:140"
"url": "https://bugzilla.novell.com/show_bug.cgi?id=769799",
"refsource": "MISC",
"name": "https://bugzilla.novell.com/show_bug.cgi?id=769799"
},
{
"url": "https://github.com/mono/mono/commit/d16d4623edb210635bec3ca3786481b82cde25a2",
"refsource": "MISC",
"name": "https://github.com/mono/mono/commit/d16d4623edb210635bec3ca3786481b82cde25a2"
},
{
"url": "https://hermes.opensuse.org/messages/15374367",
"refsource": "MISC",
"name": "https://hermes.opensuse.org/messages/15374367"
}
]
}

85
2012/3xxx/CVE-2012-3391.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3391",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "moodle-rss-feeds-info-disc(76957)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76957"
"url": "http://openwall.com/lists/oss-security/2012/07/17/1",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2012/07/17/1"
},
{
"name": "49890",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49890"
"url": "http://secunia.com/advisories/49890",
"refsource": "MISC",
"name": "http://secunia.com/advisories/49890"
},
{
"name": "[oss-security] 20120717 Moodle security notifications public",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2012/07/17/1"
"url": "http://www.securityfocus.com/bid/54481",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/54481"
},
{
"name": "54481",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54481"
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=refs%2Fheads%2FMOODLE_22_STABLE&st=commit&s=MDL-32199",
"refsource": "MISC",
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=refs%2Fheads%2FMOODLE_22_STABLE&st=commit&s=MDL-32199"
},
{
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=refs%2Fheads%2FMOODLE_22_STABLE&st=commit&s=MDL-32199",
"refsource": "CONFIRM",
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=refs%2Fheads%2FMOODLE_22_STABLE&st=commit&s=MDL-32199"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76957",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76957"
}
]
}

85
2012/3xxx/CVE-2012-3392.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3392",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=refs%2Fheads%2FMOODLE_22_STABLE&st=commit&s=MDL-31460",
"refsource": "CONFIRM",
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=refs%2Fheads%2FMOODLE_22_STABLE&st=commit&s=MDL-31460"
"url": "http://openwall.com/lists/oss-security/2012/07/17/1",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2012/07/17/1"
},
{
"name": "moodle-subscriptions-sec-bypass(76958)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76958"
"url": "http://secunia.com/advisories/49890",
"refsource": "MISC",
"name": "http://secunia.com/advisories/49890"
},
{
"name": "49890",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/49890"
"url": "http://www.securityfocus.com/bid/54481",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/54481"
},
{
"name": "[oss-security] 20120717 Moodle security notifications public",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2012/07/17/1"
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=refs%2Fheads%2FMOODLE_22_STABLE&st=commit&s=MDL-31460",
"refsource": "MISC",
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=refs%2Fheads%2FMOODLE_22_STABLE&st=commit&s=MDL-31460"
},
{
"name": "54481",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54481"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76958",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76958"
}
]
}

67
2012/3xxx/CVE-2012-3401.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2012-3401 libtiff (tiff2pdf): Heap-based buffer overflow due to improper initialization of T2P context struct pointer"
"value": "The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:3.8.2-18.el5_8",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:3.9.4-9.el6_3",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -140,55 +128,20 @@
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1511-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1590",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1590"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-3401",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-3401"
},
{
"url": "https://bugzilla.redhat.com/attachment.cgi?id=596457",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/attachment.cgi?id=596457"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=837577",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=837577"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77088",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77088"
}
]
},
"impact": {
"cvss": [
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=837577",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=837577"
}
]
}

48
2012/3xxx/CVE-2012-3402.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2012-3402 gimp (PSD plug-in): Heap-buffer overflow by decoding certain PSD headers"
"value": "Integer overflow in plug-ins/common/psd.c in the Adobe Photoshop PSD plugin in GIMP 2.2.13 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted channels header value in a PSD image file, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2009-3909."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "2:2.2.13-2.0.7.el5_8.5",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -74,21 +73,11 @@
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1027411"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1181",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1181"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/08/20/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/08/20/6"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-3402",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-3402"
},
{
"url": "https://bugzilla.redhat.com/attachment.cgi?id=603059&action=diff",
"refsource": "MISC",
@ -100,30 +89,5 @@
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=838941"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}
}

145
2012/3xxx/CVE-2012-3411.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3411",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,62 +27,86 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "MDVSA-2013:072",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:072"
},
{
"name": "RHSA-2013:0276",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0276.html"
},
{
"name": "[oss-security] 20120712 Re: Re: CVE Request -- dnsmasq: When being run by libvirt open DNS proxy (reachable out-of the virtual network set for the particular guest domain too) is created",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/07/12/5"
},
{
"name": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=2f38141f434e23292f84cefc33e8de76fb856147",
"refsource": "CONFIRM",
"url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=2f38141f434e23292f84cefc33e8de76fb856147"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=833033",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0579.html",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=833033"
"name": "http://rhn.redhat.com/errata/RHSA-2013-0579.html"
},
{
"name": "RHSA-2013:0579",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0579.html"
},
{
"name": "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG",
"refsource": "CONFIRM",
"url": "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG"
},
{
"name": "54353",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54353"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372",
"refsource": "MISC",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372"
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683372"
},
{
"name": "RHSA-2013:0277",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0277.html"
"url": "http://rhn.redhat.com/errata/RHSA-2013-0276.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0276.html"
},
{
"name": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=54dd393f3938fc0c19088fbd319b95e37d81a2b0",
"refsource": "CONFIRM",
"url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=54dd393f3938fc0c19088fbd319b95e37d81a2b0"
"url": "http://rhn.redhat.com/errata/RHSA-2013-0277.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0277.html"
},
{
"url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=2f38141f434e23292f84cefc33e8de76fb856147",
"refsource": "MISC",
"name": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=2f38141f434e23292f84cefc33e8de76fb856147"
},
{
"url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=54dd393f3938fc0c19088fbd319b95e37d81a2b0",
"refsource": "MISC",
"name": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git%3Ba=commitdiff%3Bh=54dd393f3938fc0c19088fbd319b95e37d81a2b0"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:072",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:072"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/07/12/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/07/12/5"
},
{
"url": "http://www.securityfocus.com/bid/54353",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/54353"
},
{
"url": "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG",
"refsource": "MISC",
"name": "http://www.thekelleys.org.uk/dnsmasq/CHANGELOG"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=833033",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=833033"
}
]
}

137
2012/3xxx/CVE-2012-3412.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2012-3412 kernel: sfc: potential remote denial of service through TCP MSS option"
"value": "The sfc (aka Solarflare Solarstorm) driver in the Linux kernel before 3.2.30 allows remote attackers to cause a denial of service (DMA descriptor consumption and network-controller outage) via crafted TCP packets that trigger a small MSS value."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Uncontrolled Resource Consumption",
"cweId": "CWE-400"
"value": "n/a"
}
]
}
@ -32,71 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-308.16.1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5.6 EUS - Server Only",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-238.45.1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-279.11.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6.1 EUS - Server Only",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-131.35.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6.2 EUS - Server and Compute Node Only",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-220.28.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "RHEV 3.X Hypervisor and Agents for RHEL-6",
"version": {
"version_data": [
{
"version_value": "0:6.3-20121012.0.el6_3",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -169,11 +113,6 @@
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1580-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1323",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1323"
},
{
"url": "https://www.suse.com/support/update/announcement/2012/suse-su-20121679-1.html",
"refsource": "MISC",
@ -225,74 +164,14 @@
"name": "http://www.openwall.com/lists/oss-security/2012/08/03/4"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1324",
"url": "https://github.com/torvalds/linux/commit/68cb695ccecf949d48949e72f8ce591fdaaa325c",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1324"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1347",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1347"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1366",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1366"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1375",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1375"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1401",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1401"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1430",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1430"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-3412",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-3412"
"name": "https://github.com/torvalds/linux/commit/68cb695ccecf949d48949e72f8ce591fdaaa325c"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=844714",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=844714"
},
{
"url": "https://github.com/torvalds/linux/commit/68cb695ccecf949d48949e72f8ce591fdaaa325c",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/68cb695ccecf949d48949e72f8ce591fdaaa325c"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}

85
2012/3xxx/CVE-2012-3431.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3431",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "teiid-jdbc-info-disc(78803)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78803"
},
{
"name": "RHSA-2012:1301",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1301.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=843669",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1301.html",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=843669"
"name": "http://rhn.redhat.com/errata/RHSA-2012-1301.html"
},
{
"name": "55634",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55634"
"url": "http://www.securityfocus.com/bid/55634",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55634"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78803",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78803"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=843669",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=843669"
}
]
}

109
2012/3xxx/CVE-2012-3432.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3432",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,52 +27,76 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "DSA-2531",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2531"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00024.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00024.html"
},
{
"name": "55082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55082"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00025.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00025.html"
},
{
"name": "[Xen-devel] 20120727 Xen Security Advisory 10 (CVE-2012-3432) - HVM user\tmode MMIO emul DoS",
"refsource": "MLIST",
"url": "http://lists.xen.org/archives/html/xen-devel/2012-07/msg01649.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
},
{
"name": "GLSA-201309-24",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html"
},
{
"name": "SUSE-SU-2012:1044",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00025.html"
"url": "http://secunia.com/advisories/55082",
"refsource": "MISC",
"name": "http://secunia.com/advisories/55082"
},
{
"name": "SUSE-SU-2012:1043",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00024.html"
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "openSUSE-SU-2012:1174",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html"
"url": "http://www.debian.org/security/2012/dsa-2531",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2531"
},
{
"name": "54691",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/54691"
"url": "http://lists.xen.org/archives/html/xen-devel/2012-07/msg01649.html",
"refsource": "MISC",
"name": "http://lists.xen.org/archives/html/xen-devel/2012-07/msg01649.html"
},
{
"name": "openSUSE-SU-2012:1172",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html"
"url": "http://www.securityfocus.com/bid/54691",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/54691"
}
]
}

91
2012/3xxx/CVE-2012-3442.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3442",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,37 +27,61 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120730 CVE Request: Django 1.3.1 and 1.4.0 security issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/07/31/1"
"url": "http://www.debian.org/security/2012/dsa-2529",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2529"
},
{
"name": "https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/",
"refsource": "CONFIRM",
"url": "https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:143",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:143"
},
{
"name": "MDVSA-2012:143",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:143"
"url": "http://www.openwall.com/lists/oss-security/2012/07/31/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/07/31/1"
},
{
"name": "USN-1560-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1560-1"
"url": "http://www.openwall.com/lists/oss-security/2012/07/31/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/07/31/2"
},
{
"name": "[oss-security] 20120730 Re: CVE Request: Django 1.3.1 and 1.4.0 security issues",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/07/31/2"
"url": "http://www.ubuntu.com/usn/USN-1560-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1560-1"
},
{
"name": "DSA-2529",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2529"
"url": "https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/",
"refsource": "MISC",
"name": "https://www.djangoproject.com/weblog/2012/jul/30/security-releases-issued/"
}
]
}

179
2012/3xxx/CVE-2012-3451.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3451",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,112 +27,136 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=851896",
"url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851896"
"name": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "RHSA-2013:0256",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0256.html"
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "http://svn.apache.org/viewvc?view=revision&revision=1368559",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc?view=revision&revision=1368559"
"url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "RHSA-2012:1594",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1594.html"
"url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "RHSA-2013:0257",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0257.html"
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "51607",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51607"
"url": "http://rhn.redhat.com/errata/RHSA-2012-1591.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1591.html"
},
{
"name": "RHSA-2013:0258",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0258.html"
"url": "http://rhn.redhat.com/errata/RHSA-2012-1592.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1592.html"
},
{
"name": "apache-cfx-soapaction-security-bypass(78734)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78734"
"url": "http://rhn.redhat.com/errata/RHSA-2012-1594.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1594.html"
},
{
"name": "RHSA-2012:1592",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1592.html"
"url": "http://secunia.com/advisories/51607",
"refsource": "MISC",
"name": "http://secunia.com/advisories/51607"
},
{
"name": "52183",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/52183"
"url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E"
},
{
"name": "RHSA-2013:0743",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0743.html"
"url": "http://rhn.redhat.com/errata/RHSA-2013-0256.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0256.html"
},
{
"name": "RHSA-2012:1591",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1591.html"
"url": "http://rhn.redhat.com/errata/RHSA-2013-0257.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0257.html"
},
{
"name": "RHSA-2013:0259",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0259.html"
"url": "http://rhn.redhat.com/errata/RHSA-2013-0258.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0258.html"
},
{
"name": "http://cxf.apache.org/cve-2012-3451.html",
"refsource": "CONFIRM",
"url": "http://cxf.apache.org/cve-2012-3451.html"
"url": "http://rhn.redhat.com/errata/RHSA-2013-0259.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0259.html"
},
{
"name": "RHSA-2013:0726",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0726.html"
"url": "http://rhn.redhat.com/errata/RHSA-2013-0726.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0726.html"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20200116 svn commit: r1055336 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-12423.txt.asc security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E"
"url": "http://rhn.redhat.com/errata/RHSA-2013-0743.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0743.html"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20200319 svn commit: r1058035 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2019-17573.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E"
"url": "http://secunia.com/advisories/52183",
"refsource": "MISC",
"name": "http://secunia.com/advisories/52183"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20200401 svn commit: r1058573 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2020-1954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E"
"url": "http://cxf.apache.org/cve-2012-3451.html",
"refsource": "MISC",
"name": "http://cxf.apache.org/cve-2012-3451.html"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20201112 svn commit: r1067927 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2020-13954.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E"
"url": "http://svn.apache.org/viewvc?view=revision&revision=1368559",
"refsource": "MISC",
"name": "http://svn.apache.org/viewvc?view=revision&revision=1368559"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20210402 svn commit: r1073270 - in /websites/production/cxf/content: cache/main.pageCache security-advisories.data/CVE-2021-22696.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78734",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78734"
},
{
"refsource": "MLIST",
"name": "[cxf-commits] 20210616 svn commit: r1075801 - in /websites/production/cxf/content: cache/main.pageCache index.html security-advisories.data/CVE-2021-30468.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=851896",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=851896"
}
]
}

73
2012/3xxx/CVE-2012-3452.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3452",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120803 gnome-screensaver 3.4.2 locked only active screen",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/08/03/3"
"url": "http://www.openwall.com/lists/oss-security/2012/08/03/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/08/03/3"
},
{
"name": "https://bugzilla.gnome.org/show_bug.cgi?id=679441",
"refsource": "CONFIRM",
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=679441"
"url": "http://www.openwall.com/lists/oss-security/2012/08/03/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/08/03/5"
},
{
"name": "[oss-security] 20120803 Re: gnome-screensaver 3.4.2 locked only active screen",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/08/03/5"
"url": "https://bugzilla.gnome.org/show_bug.cgi?id=679441",
"refsource": "MISC",
"name": "https://bugzilla.gnome.org/show_bug.cgi?id=679441"
}
]
}

145
2014/0xxx/CVE-2014-0001.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0001",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,82 +27,106 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "1029708",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029708"
"url": "http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64",
"refsource": "MISC",
"name": "http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64"
},
{
"name": "52161",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/52161"
"url": "http://osvdb.org/102713",
"refsource": "MISC",
"name": "http://osvdb.org/102713"
},
{
"name": "http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64",
"refsource": "CONFIRM",
"url": "http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0164.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0164.html"
},
{
"name": "102714",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/102714"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0173.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0173.html"
},
{
"name": "RHSA-2014:0186",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0186.html"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0186.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0186.html"
},
{
"name": "MDVSA-2014:029",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:029"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0189.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0189.html"
},
{
"name": "65298",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65298"
"url": "http://secunia.com/advisories/52161",
"refsource": "MISC",
"name": "http://secunia.com/advisories/52161"
},
{
"name": "mysql-cve20140001-bo(90901)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90901"
"url": "http://security.gentoo.org/glsa/glsa-201409-04.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201409-04.xml"
},
{
"name": "102713",
"refsource": "OSVDB",
"url": "http://osvdb.org/102713"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:029",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:029"
},
{
"name": "RHSA-2014:0173",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0173.html"
"url": "http://www.osvdb.org/102714",
"refsource": "MISC",
"name": "http://www.osvdb.org/102714"
},
{
"name": "RHSA-2014:0189",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0189.html"
"url": "http://www.securityfocus.com/bid/65298",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/65298"
},
{
"name": "RHSA-2014:0164",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0164.html"
"url": "http://www.securitytracker.com/id/1029708",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1029708"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1054592",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1054592"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90901",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90901"
},
{
"name": "https://mariadb.com/kb/en/mariadb-5535-changelog/",
"refsource": "CONFIRM",
"url": "https://mariadb.com/kb/en/mariadb-5535-changelog/"
"url": "https://mariadb.com/kb/en/mariadb-5535-changelog/",
"refsource": "MISC",
"name": "https://mariadb.com/kb/en/mariadb-5535-changelog/"
},
{
"name": "GLSA-201409-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201409-04.xml"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1054592",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1054592"
}
]
}

121
2014/0xxx/CVE-2014-0003.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0003",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,62 +27,86 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "57125",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57125"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0245.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0245.html"
},
{
"name": "RHSA-2014:0254",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0254.html"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0254.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0254.html"
},
{
"name": "RHSA-2014:0371",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0371.html"
"url": "https://lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0f5ee42f28fdaf%40%3Ccommits.camel.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0f5ee42f28fdaf%40%3Ccommits.camel.apache.org%3E"
},
{
"name": "65902",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65902"
"url": "https://lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d%40%3Ccommits.camel.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d%40%3Ccommits.camel.apache.org%3E"
},
{
"name": "57719",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57719"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0371.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0371.html"
},
{
"name": "RHSA-2014:0245",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0245.html"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0372.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0372.html"
},
{
"name": "57716",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57716"
"url": "http://secunia.com/advisories/57125",
"refsource": "MISC",
"name": "http://secunia.com/advisories/57125"
},
{
"name": "http://camel.apache.org/security-advisories.data/CVE-2014-0003.txt.asc",
"refsource": "CONFIRM",
"url": "http://camel.apache.org/security-advisories.data/CVE-2014-0003.txt.asc"
"url": "http://secunia.com/advisories/57716",
"refsource": "MISC",
"name": "http://secunia.com/advisories/57716"
},
{
"name": "RHSA-2014:0372",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0372.html"
"url": "http://secunia.com/advisories/57719",
"refsource": "MISC",
"name": "http://secunia.com/advisories/57719"
},
{
"refsource": "MLIST",
"name": "[camel-commits] 20190430 svn commit: r1044347 - in /websites/production/camel/content: cache/main.pageCache security-advisories.data/CVE-2019-0194.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/b4014ea7c5830ca1fc28edd5cafedfe93ad4af2d9e69c961c5def31d@%3Ccommits.camel.apache.org%3E"
"url": "http://camel.apache.org/security-advisories.data/CVE-2014-0003.txt.asc",
"refsource": "MISC",
"name": "http://camel.apache.org/security-advisories.data/CVE-2014-0003.txt.asc"
},
{
"refsource": "MLIST",
"name": "[camel-commits] 20190524 svn commit: r1045395 - in /websites/production/camel/content: cache/main.pageCache security-advisories.data/CVE-2019-0188.txt.asc security-advisories.html",
"url": "https://lists.apache.org/thread.html/2318d7f7d87724d8716cd650c21b31cb06e4d34f6d0f5ee42f28fdaf@%3Ccommits.camel.apache.org%3E"
"url": "http://www.securityfocus.com/bid/65902",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/65902"
}
]
}

65
2014/0xxx/CVE-2014-0023.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0023",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OpenShift",
"version": {
"version_data": [
{
"version_value": "through 2014-01-21"
}
]
}
}
]
},
"vendor_name": "OpenShift"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,17 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "OpenShift",
"product": {
"product_data": [
{
"product_name": "OpenShift",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "through 2014-01-21"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0023",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0023"
},
{
"url": "https://access.redhat.com/security/cve/cve-2014-0023",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2014-0023"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0023",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0023"
}
]
}

52
2014/0xxx/CVE-2014-0041.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-0041 OpenStack openstack-heat-templates: use of HTTPS url and sslverify=false"
"value": "OpenStack Heat Templates (heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 4.0, sets sslverify to false for certain Yum repositories, which disables SSL protection and allows man-in-the-middle attackers to prevent updates via unspecified vectors."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Certificate Validation",
"cweId": "CWE-295"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "OpenStack 4 for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:0-0.3.20140407git.el6ost",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -59,55 +58,20 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0579.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0579",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0579"
},
{
"url": "https://bugs.launchpad.net/heat-templates/+bug/1267635",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/heat-templates/+bug/1267635"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-0041",
"url": "https://github.com/openstack/heat-templates/commit/65a4f8bebc72da71c616e2e378b7b1ac354db1a3CONFIRM:",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-0041"
"name": "https://github.com/openstack/heat-templates/commit/65a4f8bebc72da71c616e2e378b7b1ac354db1a3CONFIRM:"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1059515",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1059515"
},
{
"url": "https://github.com/openstack/heat-templates/commit/65a4f8bebc72da71c616e2e378b7b1ac354db1a3CONFIRM:",
"refsource": "MISC",
"name": "https://github.com/openstack/heat-templates/commit/65a4f8bebc72da71c616e2e378b7b1ac354db1a3CONFIRM:"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
]
}

157
2014/0xxx/CVE-2014-0061.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0061",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,92 +27,116 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0211",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0211.html"
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705",
"refsource": "MISC",
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"
},
{
"name": "RHSA-2014:0221",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0221.html"
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "http://support.apple.com/kb/HT6448",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6448"
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html",
"refsource": "MISC",
"name": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
},
{
"name": "RHSA-2014:0469",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0469.html"
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html"
},
{
"name": "APPLE-SA-2014-10-16-3",
"refsource": "APPLE",
"url": "http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html"
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html"
},
{
"name": "http://wiki.postgresql.org/wiki/20140220securityrelease",
"refsource": "CONFIRM",
"url": "http://wiki.postgresql.org/wiki/20140220securityrelease"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0211.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0211.html"
},
{
"name": "DSA-2864",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2864"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0221.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0221.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0249.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0249.html"
},
{
"name": "RHSA-2014:0249",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0249.html"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0469.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0469.html"
},
{
"name": "http://www.postgresql.org/about/news/1506/",
"refsource": "CONFIRM",
"url": "http://www.postgresql.org/about/news/1506/"
"url": "http://secunia.com/advisories/61307",
"refsource": "MISC",
"name": "http://secunia.com/advisories/61307"
},
{
"name": "USN-2120-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2120-1"
"url": "http://support.apple.com/kb/HT6448",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT6448"
},
{
"name": "https://support.apple.com/kb/HT6536",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT6536"
"url": "http://wiki.postgresql.org/wiki/20140220securityrelease",
"refsource": "MISC",
"name": "http://wiki.postgresql.org/wiki/20140220securityrelease"
},
{
"name": "DSA-2865",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2865"
"url": "http://www.debian.org/security/2014/dsa-2864",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-2864"
},
{
"name": "openSUSE-SU-2014:0345",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html"
"url": "http://www.debian.org/security/2014/dsa-2865",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-2865"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"
"url": "http://www.postgresql.org/about/news/1506/",
"refsource": "MISC",
"name": "http://www.postgresql.org/about/news/1506/"
},
{
"name": "openSUSE-SU-2014:0368",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html"
"url": "http://www.ubuntu.com/usn/USN-2120-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2120-1"
},
{
"name": "61307",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61307"
"url": "https://support.apple.com/kb/HT6536",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT6536"
}
]
}

133
2014/0xxx/CVE-2014-0206.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0206",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,72 +27,96 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "59278",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59278"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=edfbbf388f293d70bf4b7c0bc38774d05e6f711a",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=edfbbf388f293d70bf4b7c0bc38774d05e6f711a"
},
{
"name": "https://source.android.com/security/bulletin/2017-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-04-01"
"url": "http://secunia.com/advisories/59278",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59278"
},
{
"name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=edfbbf388f29",
"refsource": "CONFIRM",
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=edfbbf388f29"
"url": "http://www.securityfocus.com/bid/68176",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/68176"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=edfbbf388f293d70bf4b7c0bc38774d05e6f711a",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=edfbbf388f293d70bf4b7c0bc38774d05e6f711a"
"url": "http://www.securitytracker.com/id/1030479",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1030479"
},
{
"name": "1030479",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030479"
"url": "http://www.securitytracker.com/id/1038201",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1038201"
},
{
"name": "https://github.com/torvalds/linux/commit/edfbbf388f293d70bf4b7c0bc38774d05e6f711a",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/edfbbf388f293d70bf4b7c0bc38774d05e6f711a"
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=edfbbf388f29",
"refsource": "MISC",
"name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=edfbbf388f29"
},
{
"name": "68176",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68176"
"url": "https://github.com/torvalds/linux/commit/edfbbf388f293d70bf4b7c0bc38774d05e6f711a",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/edfbbf388f293d70bf4b7c0bc38774d05e6f711a"
},
{
"name": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.46",
"refsource": "CONFIRM",
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.46"
"url": "https://source.android.com/security/bulletin/2017-04-01",
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2017-04-01"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1094602",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094602"
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.46",
"refsource": "MISC",
"name": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.46"
},
{
"name": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.3",
"refsource": "CONFIRM",
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.3"
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.24",
"refsource": "MISC",
"name": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.24"
},
{
"name": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.24",
"refsource": "CONFIRM",
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.24"
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.10",
"refsource": "MISC",
"name": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.10"
},
{
"name": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.10",
"refsource": "CONFIRM",
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.10"
"url": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.3",
"refsource": "MISC",
"name": "https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.15.3"
},
{
"name": "1038201",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038201"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1094602",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1094602"
}
]
}

73
2014/0xxx/CVE-2014-0214.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0214",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43119",
"refsource": "CONFIRM",
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43119"
"url": "http://openwall.com/lists/oss-security/2014/05/19/1",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2014/05/19/1"
},
{
"name": "[oss-security] 20140519 Moodle security notifications public",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/05/19/1"
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43119",
"refsource": "MISC",
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43119"
},
{
"name": "https://moodle.org/mod/forum/discuss.php?d=260362",
"refsource": "CONFIRM",
"url": "https://moodle.org/mod/forum/discuss.php?d=260362"
"url": "https://moodle.org/mod/forum/discuss.php?d=260362",
"refsource": "MISC",
"name": "https://moodle.org/mod/forum/discuss.php?d=260362"
}
]
}

73
2014/0xxx/CVE-2014-0215.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0215",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44750",
"refsource": "CONFIRM",
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44750"
"url": "http://openwall.com/lists/oss-security/2014/05/19/1",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2014/05/19/1"
},
{
"name": "https://moodle.org/mod/forum/discuss.php?d=260363",
"refsource": "CONFIRM",
"url": "https://moodle.org/mod/forum/discuss.php?d=260363"
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44750",
"refsource": "MISC",
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-44750"
},
{
"name": "[oss-security] 20140519 Moodle security notifications public",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/05/19/1"
"url": "https://moodle.org/mod/forum/discuss.php?d=260363",
"refsource": "MISC",
"name": "https://moodle.org/mod/forum/discuss.php?d=260363"
}
]
}

73
2014/0xxx/CVE-2014-0216.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0216",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://moodle.org/mod/forum/discuss.php?d=260364",
"refsource": "CONFIRM",
"url": "https://moodle.org/mod/forum/discuss.php?d=260364"
"url": "http://openwall.com/lists/oss-security/2014/05/19/1",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2014/05/19/1"
},
{
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43877",
"refsource": "CONFIRM",
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43877"
"url": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43877",
"refsource": "MISC",
"name": "http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-43877"
},
{
"name": "[oss-security] 20140519 Moodle security notifications public",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/05/19/1"
"url": "https://moodle.org/mod/forum/discuss.php?d=260364",
"refsource": "MISC",
"name": "https://moodle.org/mod/forum/discuss.php?d=260364"
}
]
}

984
2014/0xxx/CVE-2014-0234.json
View File

File diff suppressed because it is too large Load Diff

73
2014/0xxx/CVE-2014-0236.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0236",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://php.net/ChangeLog-5.php",
"refsource": "CONFIRM",
"url": "http://php.net/ChangeLog-5.php"
"url": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f3f22ff5c697aef854ffc1918bce708b37481b0f",
"refsource": "MISC",
"name": "http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=f3f22ff5c697aef854ffc1918bce708b37481b0f"
},
{
"name": "https://bugs.php.net/bug.php?id=67329",
"refsource": "CONFIRM",
"url": "https://bugs.php.net/bug.php?id=67329"
"url": "http://php.net/ChangeLog-5.php",
"refsource": "MISC",
"name": "http://php.net/ChangeLog-5.php"
},
{
"name": "http://git.php.net/?p=php-src.git;a=commit;h=f3f22ff5c697aef854ffc1918bce708b37481b0f",
"refsource": "CONFIRM",
"url": "http://git.php.net/?p=php-src.git;a=commit;h=f3f22ff5c697aef854ffc1918bce708b37481b0f"
"url": "https://bugs.php.net/bug.php?id=67329",
"refsource": "MISC",
"name": "https://bugs.php.net/bug.php?id=67329"
}
]
}

193
2014/0xxx/CVE-2014-0244.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0244",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,122 +27,146 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_samba1",
"refsource": "CONFIRM",
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_samba1"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136864.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136864.html"
},
{
"name": "MDVSA-2014:136",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:136"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134717.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134717.html"
},
{
"name": "RHSA-2014:0866",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0866.html"
"url": "http://security.gentoo.org/glsa/glsa-201502-15.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201502-15.xml"
},
{
"name": "http://www.samba.org/samba/security/CVE-2014-0244",
"refsource": "CONFIRM",
"url": "http://www.samba.org/samba/security/CVE-2014-0244"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:082",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:082"
},
{
"name": "FEDORA-2014-9132",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136864.html"
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05115993",
"refsource": "MISC",
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05115993"
},
{
"name": "68148",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68148"
"url": "http://advisories.mageia.org/MGASA-2014-0279.html",
"refsource": "MISC",
"name": "http://advisories.mageia.org/MGASA-2014-0279.html"
},
{
"name": "61218",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/61218"
"url": "http://linux.oracle.com/errata/ELSA-2014-0866.html",
"refsource": "MISC",
"name": "http://linux.oracle.com/errata/ELSA-2014-0866.html"
},
{
"name": "59834",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59834"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0866.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0866.html"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-0866.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-0866.html"
"url": "http://secunia.com/advisories/59378",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59378"
},
{
"name": "59848",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59848"
"url": "http://secunia.com/advisories/59407",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59407"
},
{
"name": "20140711 [ MDVSA-2014:136 ] samba",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/532757/100/0/threaded"
"url": "http://secunia.com/advisories/59433",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59433"
},
{
"name": "GLSA-201502-15",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201502-15.xml"
"url": "http://secunia.com/advisories/59579",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59579"
},
{
"name": "59407",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59407"
"url": "http://secunia.com/advisories/59834",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59834"
},
{
"name": "FEDORA-2014-7672",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134717.html"
"url": "http://secunia.com/advisories/59848",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59848"
},
{
"name": "59433",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59433"
"url": "http://secunia.com/advisories/59919",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59919"
},
{
"name": "59919",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59919"
"url": "http://secunia.com/advisories/61218",
"refsource": "MISC",
"name": "http://secunia.com/advisories/61218"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0279.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0279.html"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:136",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:136"
},
{
"name": "59378",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59378"
"url": "http://www.samba.org/samba/security/CVE-2014-0244",
"refsource": "MISC",
"name": "http://www.samba.org/samba/security/CVE-2014-0244"
},
{
"name": "MDVSA-2015:082",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:082"
"url": "http://www.securityfocus.com/archive/1/532757/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/532757/100/0/threaded"
},
{
"name": "59579",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59579"
"url": "http://www.securityfocus.com/bid/68148",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/68148"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05115993",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05115993"
"url": "http://www.securitytracker.com/id/1030455",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1030455"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1097815",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1097815"
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_samba1",
"refsource": "MISC",
"name": "https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_samba1"
},
{
"name": "1030455",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030455"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1097815",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1097815"
}
]
}

73
2014/0xxx/CVE-2014-0246.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-0246",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "67634",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67634"
"url": "http://www.openwall.com/lists/oss-security/2014/05/27/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/05/27/1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1101393",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101393"
"url": "http://www.securityfocus.com/bid/67634",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/67634"
},
{
"name": "[oss-security] 20140527 CVE-2014-0246 sos: md5 hash of GRUB password collected when running sosreport",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/05/27/1"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1101393",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1101393"
}
]
}

193
2014/1xxx/CVE-2014-1874.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-1874",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,122 +27,146 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "USN-2135-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2135-1"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html"
},
{
"name": "USN-2138-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2138-1"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2172fa709ab32ca60e86179dc67d0857be8e2c98",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2172fa709ab32ca60e86179dc67d0857be8e2c98"
},
{
"name": "USN-2137-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2137-1"
"url": "http://linux.oracle.com/errata/ELSA-2014-0771.html",
"refsource": "MISC",
"name": "http://linux.oracle.com/errata/ELSA-2014-0771.html"
},
{
"name": "USN-2141-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2141-1"
"url": "http://linux.oracle.com/errata/ELSA-2014-3043.html",
"refsource": "MISC",
"name": "http://linux.oracle.com/errata/ELSA-2014-3043.html"
},
{
"name": "USN-2129-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2129-1"
"url": "http://secunia.com/advisories/59262",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59262"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2172fa709ab32ca60e86179dc67d0857be8e2c98",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=2172fa709ab32ca60e86179dc67d0857be8e2c98"
"url": "http://secunia.com/advisories/59309",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59309"
},
{
"name": "USN-2136-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2136-1"
"url": "http://secunia.com/advisories/59406",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59406"
},
{
"name": "USN-2128-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2128-1"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.4",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.4"
},
{
"name": "USN-2140-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2140-1"
"url": "http://www.openwall.com/lists/oss-security/2014/02/07/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/02/07/2"
},
{
"name": "[oss-security] 20140206 Re: CVE Request: Linux kernel: SELinux local DoS",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/02/07/2"
"url": "http://www.securityfocus.com/bid/65459",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/65459"
},
{
"name": "59262",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59262"
"url": "http://www.ubuntu.com/usn/USN-2128-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2128-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1062356",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1062356"
"url": "http://www.ubuntu.com/usn/USN-2129-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2129-1"
},
{
"name": "USN-2139-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2139-1"
"url": "http://www.ubuntu.com/usn/USN-2133-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2133-1"
},
{
"name": "59309",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59309"
"url": "http://www.ubuntu.com/usn/USN-2134-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2134-1"
},
{
"name": "59406",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59406"
"url": "http://www.ubuntu.com/usn/USN-2135-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2135-1"
},
{
"name": "USN-2134-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2134-1"
"url": "http://www.ubuntu.com/usn/USN-2136-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2136-1"
},
{
"name": "65459",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/65459"
"url": "http://www.ubuntu.com/usn/USN-2137-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2137-1"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-0771.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-0771.html"
"url": "http://www.ubuntu.com/usn/USN-2138-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2138-1"
},
{
"name": "USN-2133-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2133-1"
"url": "http://www.ubuntu.com/usn/USN-2139-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2139-1"
},
{
"name": "https://github.com/torvalds/linux/commit/2172fa709ab32ca60e86179dc67d0857be8e2c98",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/2172fa709ab32ca60e86179dc67d0857be8e2c98"
"url": "http://www.ubuntu.com/usn/USN-2140-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2140-1"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.4",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.4"
"url": "http://www.ubuntu.com/usn/USN-2141-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2141-1"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-3043.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-3043.html"
"url": "https://github.com/torvalds/linux/commit/2172fa709ab32ca60e86179dc67d0857be8e2c98",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/2172fa709ab32ca60e86179dc67d0857be8e2c98"
},
{
"name": "SUSE-SU-2015:0812",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00020.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1062356",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1062356"
}
]
}

121
2014/2xxx/CVE-2014-2894.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-2894 QEMU: out of bounds buffer accesses, guest triggerable via IDE SMART"
"value": "Off-by-one error in the cmd_smart function in the smart self test in hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow and memory corruption."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
"value": "n/a"
}
]
}
@ -32,64 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "OpenStack 3 for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.10",
"version_affected": "!"
}
]
}
},
{
"product_name": "OpenStack 4 for RHEL 6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.10",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.10",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "10:1.5.3-60.el7_0.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "RHEV 3.X Hypervisor and Agents for RHEL-6",
"version": {
"version_data": [
{
"version_value": "2:0.12.1.2-2.415.el6_5.10",
"version_affected": "!"
},
{
"version_value": "0:6.5-20140603.2.el6ev",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -117,26 +68,6 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0744.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0674",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0674"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0743",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0743"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0744",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0744"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0888",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0888"
},
{
"url": "http://www.ubuntu.com/usn/USN-2182-1",
"refsource": "MISC",
@ -167,21 +98,6 @@
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/66932"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0704",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0704"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-2894",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-2894"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1087971",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1087971"
},
{
"url": "https://lists.nongnu.org/archive/html/qemu-devel/2014-04/msg02016.html",
"refsource": "MISC",
@ -198,30 +114,5 @@
"name": "https://lists.nongnu.org/archive/html/qemu-devel/2014-04/msg02152.html"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:H/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
]
}
}

159
2014/3xxx/CVE-2014-3144.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3144",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service (integer underflow and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr and __skb_get_nlattr_nest functions before the vulnerability was announced."
"value": "The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service (integer underflow and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr and __skb_get_nlattr_nest functions before the vulnerability was announced."
}
]
},
@ -50,92 +27,116 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20140509 Re: CVE request Linux kernel: filter: prevent nla extensions to peek beyond the end of the message",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/05/09/6"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=05ab8f2647e4221cbdb3856dd7d32bd5407316b3",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=05ab8f2647e4221cbdb3856dd7d32bd5407316b3"
},
{
"name": "USN-2263-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2263-1"
"url": "http://linux.oracle.com/errata/ELSA-2014-3052.html",
"refsource": "MISC",
"name": "http://linux.oracle.com/errata/ELSA-2014-3052.html"
},
{
"name": "DSA-2949",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2949"
"url": "http://secunia.com/advisories/58990",
"refsource": "MISC",
"name": "http://secunia.com/advisories/58990"
},
{
"name": "USN-2261-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2261-1"
"url": "http://secunia.com/advisories/59311",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59311"
},
{
"name": "USN-2252-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2252-1"
"url": "http://secunia.com/advisories/59597",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59597"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-3052.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-3052.html"
"url": "http://secunia.com/advisories/60613",
"refsource": "MISC",
"name": "http://secunia.com/advisories/60613"
},
{
"name": "58990",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58990"
"url": "http://www.debian.org/security/2014/dsa-2949",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-2949"
},
{
"name": "60613",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60613"
"url": "http://www.openwall.com/lists/oss-security/2014/05/09/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/05/09/6"
},
{
"name": "USN-2264-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2264-1"
"url": "http://www.securityfocus.com/bid/67309",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/67309"
},
{
"name": "https://github.com/torvalds/linux/commit/05ab8f2647e4221cbdb3856dd7d32bd5407316b3",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/05ab8f2647e4221cbdb3856dd7d32bd5407316b3"
"url": "http://www.ubuntu.com/usn/USN-2251-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2251-1"
},
{
"name": "67309",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67309"
"url": "http://www.ubuntu.com/usn/USN-2252-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2252-1"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=05ab8f2647e4221cbdb3856dd7d32bd5407316b3",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=05ab8f2647e4221cbdb3856dd7d32bd5407316b3"
"url": "http://www.ubuntu.com/usn/USN-2259-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2259-1"
},
{
"name": "USN-2262-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2262-1"
"url": "http://www.ubuntu.com/usn/USN-2261-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2261-1"
},
{
"name": "USN-2259-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2259-1"
"url": "http://www.ubuntu.com/usn/USN-2262-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2262-1"
},
{
"name": "USN-2251-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2251-1"
"url": "http://www.ubuntu.com/usn/USN-2263-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2263-1"
},
{
"name": "59311",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59311"
"url": "http://www.ubuntu.com/usn/USN-2264-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2264-1"
},
{
"name": "59597",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59597"
"url": "https://github.com/torvalds/linux/commit/05ab8f2647e4221cbdb3856dd7d32bd5407316b3",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/05ab8f2647e4221cbdb3856dd7d32bd5407316b3"
}
]
}

171
2014/3xxx/CVE-2014-3145.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3145",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr_nest function before the vulnerability was announced."
"value": "The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr_nest function before the vulnerability was announced."
}
]
},
@ -50,102 +27,126 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20140509 Re: CVE request Linux kernel: filter: prevent nla extensions to peek beyond the end of the message",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/05/09/6"
"url": "http://www.securitytracker.com/id/1038201",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1038201"
},
{
"name": "USN-2263-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2263-1"
"url": "https://source.android.com/security/bulletin/2017-04-01",
"refsource": "MISC",
"name": "https://source.android.com/security/bulletin/2017-04-01"
},
{
"name": "DSA-2949",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2949"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=05ab8f2647e4221cbdb3856dd7d32bd5407316b3",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=05ab8f2647e4221cbdb3856dd7d32bd5407316b3"
},
{
"name": "https://source.android.com/security/bulletin/2017-04-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-04-01"
"url": "http://linux.oracle.com/errata/ELSA-2014-3052.html",
"refsource": "MISC",
"name": "http://linux.oracle.com/errata/ELSA-2014-3052.html"
},
{
"name": "USN-2261-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2261-1"
"url": "http://secunia.com/advisories/58990",
"refsource": "MISC",
"name": "http://secunia.com/advisories/58990"
},
{
"name": "USN-2252-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2252-1"
"url": "http://secunia.com/advisories/59311",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59311"
},
{
"name": "http://linux.oracle.com/errata/ELSA-2014-3052.html",
"refsource": "CONFIRM",
"url": "http://linux.oracle.com/errata/ELSA-2014-3052.html"
"url": "http://secunia.com/advisories/59597",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59597"
},
{
"name": "58990",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58990"
"url": "http://secunia.com/advisories/60613",
"refsource": "MISC",
"name": "http://secunia.com/advisories/60613"
},
{
"name": "60613",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60613"
"url": "http://www.debian.org/security/2014/dsa-2949",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-2949"
},
{
"name": "USN-2264-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2264-1"
"url": "http://www.openwall.com/lists/oss-security/2014/05/09/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/05/09/6"
},
{
"name": "https://github.com/torvalds/linux/commit/05ab8f2647e4221cbdb3856dd7d32bd5407316b3",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/05ab8f2647e4221cbdb3856dd7d32bd5407316b3"
"url": "http://www.ubuntu.com/usn/USN-2251-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2251-1"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=05ab8f2647e4221cbdb3856dd7d32bd5407316b3",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=05ab8f2647e4221cbdb3856dd7d32bd5407316b3"
"url": "http://www.ubuntu.com/usn/USN-2252-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2252-1"
},
{
"name": "USN-2262-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2262-1"
"url": "http://www.ubuntu.com/usn/USN-2259-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2259-1"
},
{
"name": "67321",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67321"
"url": "http://www.ubuntu.com/usn/USN-2261-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2261-1"
},
{
"name": "USN-2259-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2259-1"
"url": "http://www.ubuntu.com/usn/USN-2262-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2262-1"
},
{
"name": "USN-2251-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2251-1"
"url": "http://www.ubuntu.com/usn/USN-2263-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2263-1"
},
{
"name": "59311",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59311"
"url": "http://www.ubuntu.com/usn/USN-2264-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2264-1"
},
{
"name": "59597",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59597"
"url": "https://github.com/torvalds/linux/commit/05ab8f2647e4221cbdb3856dd7d32bd5407316b3",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/05ab8f2647e4221cbdb3856dd7d32bd5407316b3"
},
{
"name": "1038201",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038201"
"url": "http://www.securityfocus.com/bid/67321",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/67321"
}
]
}

139
2014/3xxx/CVE-2014-3146.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3146",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,77 +27,101 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "DSA-2941",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-2941"
"url": "http://advisories.mageia.org/MGASA-2014-0218.html",
"refsource": "MISC",
"name": "http://advisories.mageia.org/MGASA-2014-0218.html"
},
{
"name": "http://lxml.de/3.3/changes-3.3.5.html",
"refsource": "CONFIRM",
"url": "http://lxml.de/3.3/changes-3.3.5.html"
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00083.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00083.html"
},
{
"name": "[oss-security] 20140509 Re: CVE request: python-lxml clean_html() input sanitization flaw",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/05/09/7"
"url": "http://lxml.de/3.3/changes-3.3.5.html",
"refsource": "MISC",
"name": "http://lxml.de/3.3/changes-3.3.5.html"
},
{
"name": "USN-2217-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2217-1"
"url": "http://seclists.org/fulldisclosure/2014/Apr/210",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2014/Apr/210"
},
{
"name": "[lxml] 20140415 lxml.html.clean vulnerability",
"refsource": "MLIST",
"url": "https://mailman-mail5.webfaction.com/pipermail/lxml/2014-April/007128.html"
"url": "http://seclists.org/fulldisclosure/2014/Apr/319",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2014/Apr/319"
},
{
"name": "58744",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58744"
"url": "http://secunia.com/advisories/58013",
"refsource": "MISC",
"name": "http://secunia.com/advisories/58013"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0218.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0218.html"
"url": "http://secunia.com/advisories/58744",
"refsource": "MISC",
"name": "http://secunia.com/advisories/58744"
},
{
"name": "67159",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67159"
"url": "http://secunia.com/advisories/59008",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59008"
},
{
"name": "MDVSA-2015:112",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:112"
"url": "http://www.debian.org/security/2014/dsa-2941",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-2941"
},
{
"name": "58013",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58013"
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:112",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:112"
},
{
"name": "20140415 lxml (python lib) vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Apr/210"
"url": "http://www.openwall.com/lists/oss-security/2014/05/09/7",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/05/09/7"
},
{
"name": "59008",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59008"
"url": "http://www.securityfocus.com/bid/67159",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/67159"
},
{
"name": "openSUSE-SU-2014:0735",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2014-05/msg00083.html"
"url": "http://www.ubuntu.com/usn/USN-2217-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2217-1"
},
{
"name": "20140430 Re: lxml (python lib) vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Apr/319"
"url": "https://mailman-mail5.webfaction.com/pipermail/lxml/2014-April/007128.html",
"refsource": "MISC",
"name": "https://mailman-mail5.webfaction.com/pipermail/lxml/2014-April/007128.html"
}
]
}

85
2014/3xxx/CVE-2014-3464.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3464",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "jboss-eap-cve20143464-sec-bypass(95409)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95409"
"url": "http://rhn.redhat.com/errata/RHSA-2014-1019.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-1019.html"
},
{
"name": "RHSA-2014:1020",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1020.html"
"url": "http://rhn.redhat.com/errata/RHSA-2014-1020.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-1020.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1102317",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1102317"
"url": "http://rhn.redhat.com/errata/RHSA-2014-1021.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-1021.html"
},
{
"name": "RHSA-2014:1021",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1021.html"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95409",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95409"
},
{
"name": "RHSA-2014:1019",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1019.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1102317",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1102317"
}
]
}

75
2014/3xxx/CVE-2014-3474.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-3473 CVE-2014-3474 CVE-2014-3475 CVE-2014-8578 openstack-horizon: multiple XSS flaws"
"value": "Cross-site scripting (XSS) vulnerability in horizon/static/horizon/js/horizon.instances.js in the Launch Instance menu in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to inject arbitrary web script or HTML via a network name."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "OpenStack 4 for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2013.2.3-3.el6ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2014.1.1-2.el7ost",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -75,31 +63,11 @@
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/07/08/6"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0939",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0939"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1188",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1188"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1116090",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1116090"
},
{
"url": "http://www.securityfocus.com/bid/68460",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/68460"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-3474",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-3474"
},
{
"url": "https://bugs.launchpad.net/horizon/+bug/1322197",
"refsource": "MISC",
@ -111,36 +79,5 @@
"name": "https://review.openstack.org/#/c/105477"
}
]
},
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank OpenStack project for reporting this issue. Upstream acknowledges Craig Lorentzen (Cisco), Jason Hullinger (Hewlett Packard), and Michael Xin (Rackspace) as the original reporters."
}
],
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
]
}
}

75
2014/3xxx/CVE-2014-3475.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-3473 CVE-2014-3474 CVE-2014-3475 CVE-2014-8578 openstack-horizon: multiple XSS flaws"
"value": "Cross-site scripting (XSS) vulnerability in the Users panel (admin/users/) in OpenStack Dashboard (Horizon) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 allows remote administrators to inject arbitrary web script or HTML via a user email address, a different vulnerability than CVE-2014-8578."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "OpenStack 4 for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2013.2.3-3.el6ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2014.1.1-2.el7ost",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -70,21 +58,6 @@
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2015-01/msg00040.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0939",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0939"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1188",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1188"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1116090",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1116090"
},
{
"url": "http://www.openwall.com/lists/oss-security/2014/07/08/6",
"refsource": "MISC",
@ -95,47 +68,11 @@
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/68456"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-3475",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-3475"
},
{
"url": "https://bugs.launchpad.net/horizon/+bug/1320235",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/horizon/+bug/1320235"
}
]
},
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank OpenStack project for reporting this issue. Upstream acknowledges Craig Lorentzen (Cisco), Jason Hullinger (Hewlett Packard), and Michael Xin (Rackspace) as the original reporters."
}
],
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
}
]
}
}

91
2014/3xxx/CVE-2014-3476.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3476",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,37 +27,61 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2014:0848",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00031.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00031.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00031.html"
},
{
"name": "59547",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59547"
"url": "http://secunia.com/advisories/57886",
"refsource": "MISC",
"name": "http://secunia.com/advisories/57886"
},
{
"name": "68026",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68026"
"url": "http://secunia.com/advisories/59547",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59547"
},
{
"name": "https://bugs.launchpad.net/keystone/+bug/1324592",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/keystone/+bug/1324592"
"url": "http://www.openwall.com/lists/oss-security/2014/06/12/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/06/12/3"
},
{
"name": "57886",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57886"
"url": "http://www.securityfocus.com/bid/68026",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/68026"
},
{
"name": "[oss-security] 20140612 [OSSA 2014-018] Keystone privilege escalation through trust chained delegation (CVE-2014-3476)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/06/12/3"
"url": "https://bugs.launchpad.net/keystone/+bug/1324592",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/keystone/+bug/1324592"
}
]
}

53
2014/3xxx/CVE-2014-3485.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-3485 ovirt-engine-api: XML eXternal Entity (XXE) flaw"
"value": "The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Restriction of XML External Entity Reference",
"cweId": "CWE-611"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "RHEV Manager version 3.4",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:3.4.0-22",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -63,46 +62,6 @@
"url": "http://www.securitytracker.com/id/1030501",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1030501"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0814",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0814"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-3485",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-3485"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1107472",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1107472"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
]
}

52
2014/3xxx/CVE-2014-3486.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-3486 CFME: SSH Utility insecure tmp file creation leading to code execution as root"
"value": "The (1) shell_exec function in lib/util/MiqSshUtilV1.rb and (2) temp_cmd_file function in lib/util/MiqSshUtilV2.rb in Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 allow local users to execute arbitrary commands via a symlink attack on a temporary file with a predictable name."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Insecure Temporary File",
"cweId": "CWE-377"
"value": "n/a"
}
]
}
@ -32,20 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "CloudForms Management Engine 5.x",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:5.2.4.2-1.el6cf",
"version_affected": "!"
},
{
"version_value": "1:3.2.13-8.el6cf",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -58,11 +53,6 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2014:0816",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0816"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2014-0816.html",
"refsource": "MISC",
@ -73,41 +63,11 @@
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/68300"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-3486",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-3486"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1107528",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1107528"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.9,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}
}

79
2014/3xxx/CVE-2014-3494.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3494",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2015:0573",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html"
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00068.html"
},
{
"name": "68113",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68113"
"url": "http://quickgit.kde.org/?p=kdelibs.git&a=commitdiff&h=bbae87dc1be3ae063796a582774bd5642cacdd5d&hp=1ccdb43ed3b32a7798eec6d39bb3c83a6e40228f",
"refsource": "MISC",
"name": "http://quickgit.kde.org/?p=kdelibs.git&a=commitdiff&h=bbae87dc1be3ae063796a582774bd5642cacdd5d&hp=1ccdb43ed3b32a7798eec6d39bb3c83a6e40228f"
},
{
"name": "http://quickgit.kde.org/?p=kdelibs.git&a=commitdiff&h=bbae87dc1be3ae063796a582774bd5642cacdd5d&hp=1ccdb43ed3b32a7798eec6d39bb3c83a6e40228f",
"refsource": "CONFIRM",
"url": "http://quickgit.kde.org/?p=kdelibs.git&a=commitdiff&h=bbae87dc1be3ae063796a582774bd5642cacdd5d&hp=1ccdb43ed3b32a7798eec6d39bb3c83a6e40228f"
"url": "http://www.kde.org/info/security/advisory-20140618-1.txt",
"refsource": "MISC",
"name": "http://www.kde.org/info/security/advisory-20140618-1.txt"
},
{
"name": "http://www.kde.org/info/security/advisory-20140618-1.txt",
"refsource": "CONFIRM",
"url": "http://www.kde.org/info/security/advisory-20140618-1.txt"
"url": "http://www.securityfocus.com/bid/68113",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/68113"
}
]
}

63
2014/3xxx/CVE-2014-3495.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3495",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "duplicity",
"product": {
"product_data": [
{
"product_name": "duplicity",
"version": {
"version_data": [
{
"version_value": "0.6.24"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,12 +27,36 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "duplicity",
"product": {
"product_data": [
{
"product_name": "duplicity",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.6.24"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2014-3495",
"url": "https://access.redhat.com/security/cve/cve-2014-3495",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2014-3495"
"name": "https://access.redhat.com/security/cve/cve-2014-3495"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3495",
@ -68,9 +69,9 @@
"name": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2014-3495"
},
{
"url": "https://access.redhat.com/security/cve/cve-2014-3495",
"url": "https://security-tracker.debian.org/tracker/CVE-2014-3495",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2014-3495"
"name": "https://security-tracker.debian.org/tracker/CVE-2014-3495"
}
]
}

88
2014/3xxx/CVE-2014-3496.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-3496 OpenShift Origin: Command execution as root via downloadable cartridge source-url"
"value": "cartridge_repository.rb in OpenShift Origin and Enterprise 1.2.8 through 2.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a Source-Url ending with a (1) .tar.gz, (2) .zip, (3) .tgz, or (4) .tar file extension in a cartridge manifest file."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')",
"cweId": "CWE-78"
"value": "n/a"
}
]
}
@ -32,42 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat OpenShift Enterprise 2.0",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:1.17.5.17-1.el6op",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat OpenShift Enterprise 2.1",
"version": {
"version_data": [
{
"version_value": "0:0.8.1.2-1.el6op",
"version_affected": "!"
},
{
"version_value": "0:1.23.9.11-1.el6op",
"version_affected": "!"
}
]
}
},
{
"product_name": "RHEL 6 Version of OpenShift Enterprise 1.2",
"version": {
"version_data": [
{
"version_value": "0:1.9.14.8-1.el6op",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -101,59 +74,14 @@
"name": "http://secunia.com/advisories/59298"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0762",
"url": "https://github.com/openshift/origin-server/pull/5521",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0762"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0763",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0763"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0764",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0764"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-3496",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-3496"
"name": "https://github.com/openshift/origin-server/pull/5521"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1110470",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1110470"
},
{
"url": "https://github.com/openshift/origin-server/pull/5521",
"refsource": "MISC",
"name": "https://github.com/openshift/origin-server/pull/5521"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 10,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}

115
2014/3xxx/CVE-2014-3524.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3524",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,57 +27,81 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "69351",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/69351"
"url": "http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/",
"refsource": "MISC",
"name": "http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/"
},
{
"name": "60235",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60235"
"url": "http://secunia.com/advisories/59600",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59600"
},
{
"name": "http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/",
"refsource": "CONFIRM",
"url": "http://blog.documentfoundation.org/2014/08/28/libreoffice-4-3-1-fresh-announced/"
"url": "http://secunia.com/advisories/59877",
"refsource": "MISC",
"name": "http://secunia.com/advisories/59877"
},
{
"name": "20140821 CVE-2014-3524: Apache OpenOffice Calc Command Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/533200/100/0/threaded"
"url": "http://secunia.com/advisories/60235",
"refsource": "MISC",
"name": "http://secunia.com/advisories/60235"
},
{
"name": "apache-openoffice-cve20143524-command-exec(95421)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95421"
"url": "http://www.openoffice.org/security/cves/CVE-2014-3524.html",
"refsource": "MISC",
"name": "http://www.openoffice.org/security/cves/CVE-2014-3524.html"
},
{
"name": "1030755",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030755"
"url": "http://www.securityfocus.com/archive/1/533200/100/0/threaded",
"refsource": "MISC",
"name": "http://www.securityfocus.com/archive/1/533200/100/0/threaded"
},
{
"name": "59877",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59877"
"url": "http://www.securityfocus.com/bid/69351",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/69351"
},
{
"name": "http://www.openoffice.org/security/cves/CVE-2014-3524.html",
"refsource": "CONFIRM",
"url": "http://www.openoffice.org/security/cves/CVE-2014-3524.html"
"url": "http://www.securitytracker.com/id/1030755",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1030755"
},
{
"name": "GLSA-201603-05",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201603-05"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95421",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95421"
},
{
"name": "59600",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59600"
"url": "https://security.gentoo.org/glsa/201603-05",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201603-05"
}
]
}

62
2014/3xxx/CVE-2014-3534.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was found that Linux kernel's ptrace subsystem did not properly sanitize the address-space-control bits when the program-status word (PSW) was being set. On IBM S/390 systems, a local, unprivileged user could use this flaw to set address-space-control bits to the kernel space, and thus gain read and write access to kernel memory."
"value": "arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACE_POKEUSR_AREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a crafted application that makes a ptrace system call."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Incorrect Privilege Assignment",
"cweId": "CWE-266"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:3.10.0-123.6.3.el7",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -54,11 +53,6 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2014:1023",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1023"
},
{
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=dab6cf55f81a6e16b8147aed9a843e1691dcd318",
"refsource": "MISC",
@ -99,16 +93,6 @@
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1030683"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-3534",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-3534"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1114089",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1114089"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95069",
"refsource": "MISC",
@ -118,37 +102,11 @@
"url": "https://github.com/torvalds/linux/commit/dab6cf55f81a6e16b8147aed9a843e1691dcd318",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/dab6cf55f81a6e16b8147aed9a843e1691dcd318"
}
]
},
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Martin Schwidefsky (IBM) for reporting this issue."
}
],
"impact": {
"cvss": [
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.2,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1114089",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1114089"
}
]
}

68
2014/3xxx/CVE-2014-3535.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A NULL pointer dereference flaw was found in the way the Linux kernel's networking implementation handled logging while processing certain invalid packets coming in via a VxLAN interface. A remote attacker could use this flaw to crash the system by sending a specially crafted packet to such an interface."
"value": "include/linux/netdevice.h in the Linux kernel before 2.6.36 incorrectly uses macros for netdev_printk and its related logging implementation, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) by sending invalid packets to a VxLAN interface."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "NULL Pointer Dereference",
"cweId": "CWE-476"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-431.29.2.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "RHEV 3.X Hypervisor and Agents for RHEL-6",
"version": {
"version_data": [
{
"version_value": "0:6.5-20140821.1.el6ev",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -81,54 +69,14 @@
"name": "http://www.securityfocus.com/bid/69721"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1167",
"url": "https://github.com/torvalds/linux/commit/256df2f3879efdb2e9808bdb1b54b16fbb11fa38",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1167"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1168",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1168"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-3535",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-3535"
"name": "https://github.com/torvalds/linux/commit/256df2f3879efdb2e9808bdb1b54b16fbb11fa38"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1114540",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1114540"
},
{
"url": "https://github.com/torvalds/linux/commit/256df2f3879efdb2e9808bdb1b54b16fbb11fa38",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/256df2f3879efdb2e9808bdb1b54b16fbb11fa38"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}

65
2014/3xxx/CVE-2014-3536.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3536",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "CFME (CloudForms Management Engine)",
"product": {
"product_data": [
{
"product_name": "CFME (CloudForms Management Engine)",
"version": {
"version_data": [
{
"version_value": "through 2014-07-01"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,17 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "CFME (CloudForms Management Engine)",
"product": {
"product_data": [
{
"product_name": "CFME (CloudForms Management Engine)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "through 2014-07-01"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3536",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3536"
},
{
"url": "https://access.redhat.com/security/cve/cve-2014-3536",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2014-3536"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3536",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3536"
}
]
}

79
2014/3xxx/CVE-2014-3554.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3554",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20140729 CVE-2014-3554: libndp buffer overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/07/29/2"
"url": "http://www.openwall.com/lists/oss-security/2014/07/29/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/07/29/2"
},
{
"name": "libndp-cve20143554-bo(94927)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94927"
"url": "http://www.securityfocus.com/bid/68945",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/68945"
},
{
"name": "68945",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68945"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94927",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94927"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1118583",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1118583"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1118583",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1118583"
}
]
}

85
2014/3xxx/CVE-2014-3555.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A denial of service flaw was found in neutron's handling of allowed address pairs. As there was no enforced quota on the amount of allowed address pairs, a sufficiently authorized user could possibly create a large number of firewall rules, impacting performance or potentially rendering a compute node unusable."
"value": "OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (crash or long firewall rule updates) by creating a large number of allowed address pairs."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Uncontrolled Resource Consumption",
"cweId": "CWE-400"
"value": "n/a"
}
]
}
@ -32,38 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "OpenStack 4 for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2013.2.3-16.el6ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"version": {
"version_data": [
{
"version_value": "0:2014.1.2-2.el6ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:2014.1.2-2.el7ost",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -111,60 +88,10 @@
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/68765"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1078",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1078"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1119",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1119"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1120",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1120"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-3555",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-3555"
},
{
"url": "https://bugs.launchpad.net/neutron/+bug/1336207",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/neutron/+bug/1336207"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1118833",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1118833"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 3.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
}
]
}

97
2014/3xxx/CVE-2014-3564.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-3564",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,42 +27,66 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "109699",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/109699"
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"name": "68990",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68990"
"url": "http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpgme.git%3Ba=commit%3Bh=2cbd76f7911fc215845e89b50d6af5ff4a83dd77",
"refsource": "MISC",
"name": "http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpgme.git%3Ba=commit%3Bh=2cbd76f7911fc215845e89b50d6af5ff4a83dd77"
},
{
"name": "DSA-3005",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2014/dsa-3005"
"url": "http://seclists.org/oss-sec/2014/q3/266",
"refsource": "MISC",
"name": "http://seclists.org/oss-sec/2014/q3/266"
},
{
"name": "http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpgme.git;a=commit;h=2cbd76f7911fc215845e89b50d6af5ff4a83dd77",
"refsource": "CONFIRM",
"url": "http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gpgme.git;a=commit;h=2cbd76f7911fc215845e89b50d6af5ff4a83dd77"
"url": "http://www.debian.org/security/2014/dsa-3005",
"refsource": "MISC",
"name": "http://www.debian.org/security/2014/dsa-3005"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1113267",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1113267"
"url": "http://www.osvdb.org/109699",
"refsource": "MISC",
"name": "http://www.osvdb.org/109699"
},
{
"name": "[oss-security] 20140731 CVE-2014-3564 gpgme: heap-based buffer overflow in gpgsm status handler",
"refsource": "MLIST",
"url": "http://seclists.org/oss-sec/2014/q3/266"
"url": "http://www.securityfocus.com/bid/68990",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/68990"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1113267",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1113267"
}
]
}

103
2014/7xxx/CVE-2014-7849.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-7849",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2015:0920",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0920.html"
"url": "http://rhn.redhat.com/errata/RHSA-2015-0215.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0215.html"
},
{
"name": "redhat-jboss-cve20147849-sec-bypass(100890)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100890"
"url": "http://rhn.redhat.com/errata/RHSA-2015-0216.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0216.html"
},
{
"name": "RHSA-2015:0215",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0215.html"
"url": "http://rhn.redhat.com/errata/RHSA-2015-0217.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0217.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1165170",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1165170"
"url": "http://rhn.redhat.com/errata/RHSA-2015-0218.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0218.html"
},
{
"name": "RHSA-2015:0217",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0217.html"
"url": "http://www.securitytracker.com/id/1031741",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1031741"
},
{
"name": "RHSA-2015:0218",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0218.html"
"url": "http://rhn.redhat.com/errata/RHSA-2015-0920.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0920.html"
},
{
"name": "RHSA-2015:0216",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0216.html"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100890",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100890"
},
{
"name": "1031741",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031741"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1165170",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1165170"
}
]
}

80
2014/8xxx/CVE-2014-8097.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server, or leak memory contents to the client."
"value": "The DBE extension in X.Org X Window System (aka X11 or X) X11R6.1 and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) ProcDbeSwapBuffers or (2) SProcDbeSwapBuffers function."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read",
"cweId": "CWE-125"
"value": "n/a"
}
]
}
@ -32,38 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:1.1.1-48.107.el5_11",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:1.15.0-25.el6_6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:1.15.0-7.el7_0.3",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -121,16 +98,6 @@
"refsource": "MISC",
"name": "http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1982",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1982"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1983",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1983"
},
{
"url": "https://security.gentoo.org/glsa/201504-06",
"refsource": "MISC",
@ -140,41 +107,6 @@
"url": "http://www.securityfocus.com/bid/71604",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/71604"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-8097",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-8097"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1168705",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1168705"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 3.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:M/Au:S/C:P/I:N/A:P",
"version": "2.0"
}
]
}

80
2014/8xxx/CVE-2014-8098.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Multiple out-of-bounds write flaws were found in the way the X.Org server calculated memory requirements for certain GLX extension requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges."
"value": "The GLX extension in XFree86 4.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) __glXDisp_Render, (2) __glXDisp_RenderLarge, (3) __glXDispSwap_VendorPrivate, (4) __glXDispSwap_VendorPrivateWithReply, (5) set_client_info, (6) __glXDispSwap_SetClientInfoARB, (7) DoSwapInterval, (8) DoGetProgramString, (9) DoGetString, (10) __glXDispSwap_RenderMode, (11) __glXDisp_GetCompressedTexImage, (12) __glXDispSwap_GetCompressedTexImage, (13) __glXDisp_FeedbackBuffer, (14) __glXDispSwap_FeedbackBuffer, (15) __glXDisp_SelectBuffer, (16) __glXDispSwap_SelectBuffer, (17) __glXDisp_Flush, (18) __glXDispSwap_Flush, (19) __glXDisp_Finish, (20) __glXDispSwap_Finish, (21) __glXDisp_ReadPixels, (22) __glXDispSwap_ReadPixels, (23) __glXDisp_GetTexImage, (24) __glXDispSwap_GetTexImage, (25) __glXDisp_GetPolygonStipple, (26) __glXDispSwap_GetPolygonStipple, (27) __glXDisp_GetSeparableFilter, (28) __glXDisp_GetSeparableFilterEXT, (29) __glXDisp_GetConvolutionFilter, (30) __glXDisp_GetConvolutionFilterEXT, (31) __glXDisp_GetHistogram, (32) __glXDisp_GetHistogramEXT, (33) __glXDisp_GetMinmax, (34) __glXDisp_GetMinmaxEXT, (35) __glXDisp_GetColorTable, (36) __glXDisp_GetColorTableSGI, (37) GetSeparableFilter, (38) GetConvolutionFilter, (39) GetHistogram, (40) GetMinmax, or (41) GetColorTable function."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Write",
"cweId": "CWE-787"
"value": "n/a"
}
]
}
@ -32,38 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:1.1.1-48.107.el5_11",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:1.15.0-25.el6_6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:1.15.0-7.el7_0.3",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -116,16 +93,6 @@
"refsource": "MISC",
"name": "http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1982",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1982"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1983",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1983"
},
{
"url": "https://security.gentoo.org/glsa/201504-06",
"refsource": "MISC",
@ -140,41 +107,6 @@
"url": "http://www.securityfocus.com/bid/71606",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/71606"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-8098",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-8098"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1168707",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1168707"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
]
}

80
2014/8xxx/CVE-2014-8099.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server."
"value": "The XVideo extension in XFree86 4.0.0, X.Org X Window System (aka X11 or X) X11R6.7, and X.Org Server (aka xserver and xorg-server) before 1.16.3 allows remote authenticated users to cause a denial of service (out-of-bounds read or write) or possibly execute arbitrary code via a crafted length or index value to the (1) SProcXvQueryExtension, (2) SProcXvQueryAdaptors, (3) SProcXvQueryEncodings, (4) SProcXvGrabPort, (5) SProcXvUngrabPort, (6) SProcXvPutVideo, (7) SProcXvPutStill, (8) SProcXvGetVideo, (9) SProcXvGetStill, (10) SProcXvPutImage, (11) SProcXvShmPutImage, (12) SProcXvSelectVideoNotify, (13) SProcXvSelectPortNotify, (14) SProcXvStopVideo, (15) SProcXvSetPortAttribute, (16) SProcXvGetPortAttribute, (17) SProcXvQueryBestSize, (18) SProcXvQueryPortAttributes, (19) SProcXvQueryImageAttributes, or (20) SProcXvListImageFormats function."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read",
"cweId": "CWE-125"
"value": "n/a"
}
]
}
@ -32,38 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:1.1.1-48.107.el5_11",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:1.15.0-25.el6_6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:1.15.0-7.el7_0.3",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -116,56 +93,11 @@
"refsource": "MISC",
"name": "http://www.x.org/wiki/Development/Security/Advisory-2014-12-09/"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1982",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1982"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1983",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1983"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-8099",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-8099"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1168710",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1168710"
},
{
"url": "https://security.gentoo.org/glsa/201504-06",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201504-06"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 2.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
}
]
}
}

205
2014/8xxx/CVE-2014-8109.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-8109",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,132 +27,156 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://github.com/apache/httpd/commit/3f1693d558d0758f829c8b53993f1749ddf6ffcb",
"refsource": "CONFIRM",
"url": "https://github.com/apache/httpd/commit/3f1693d558d0758f829c8b53993f1749ddf6ffcb"
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1174077",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1174077"
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "USN-2523-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2523-1"
"url": "http://advisories.mageia.org/MGASA-2015-0011.html",
"refsource": "MISC",
"name": "http://advisories.mageia.org/MGASA-2015-0011.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "[oss-security] 20141128 CVE Request: \"LuaAuthzProvider\" in Apache HTTP Server mixes up arguments",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/11/28/5"
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"
},
{
"name": "73040",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73040"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159352.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159352.html"
},
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
"url": "http://www.openwall.com/lists/oss-security/2014/11/28/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/11/28/5"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0011.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0011.html"
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "https://issues.apache.org/bugzilla/show_bug.cgi?id=57204",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=57204"
"url": "http://www.securityfocus.com/bid/73040",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/73040"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
"url": "http://www.ubuntu.com/usn/USN-2523-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2523-1"
},
{
"name": "APPLE-SA-2015-09-16-4",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html"
"url": "https://github.com/apache/httpd/commit/3f1693d558d0758f829c8b53993f1749ddf6ffcb",
"refsource": "MISC",
"name": "https://github.com/apache/httpd/commit/3f1693d558d0758f829c8b53993f1749ddf6ffcb"
},
{
"name": "FEDORA-2015-9216",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/159352.html"
"url": "https://issues.apache.org/bugzilla/show_bug.cgi?id=57204",
"refsource": "MISC",
"name": "https://issues.apache.org/bugzilla/show_bug.cgi?id=57204"
},
{
"name": "https://support.apple.com/HT205219",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT205219"
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E"
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E"
"url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E"
"url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a%40%3Ccvs.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E"
"url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4%40%3Ccvs.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
"url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b%40%3Ccvs.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"url": "https://lists.apache.org/thread.html/ra7f6aeb28661fbf826969526585f16856abc4615877875f9d3b35ef4@%3Ccvs.httpd.apache.org%3E"
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E"
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [9/13] - /httpd/site/trunk/content/security/json/",
"url": "https://lists.apache.org/thread.html/r83109088737656fa6307bd99ab40f8ff0269ae58d3f7272d7048494a@%3Ccvs.httpd.apache.org%3E"
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E",
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3Ccvs.httpd.apache.org%3E"
"url": "https://support.apple.com/HT205219",
"refsource": "MISC",
"name": "https://support.apple.com/HT205219"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [10/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"url": "https://lists.apache.org/thread.html/rb14daf9cc4e28d18cdc15d6a6ca74e565672fabf7ad89541071d008b@%3Ccvs.httpd.apache.org%3E"
"url": "https://support.apple.com/kb/HT205031",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT205031"
},
{
"refsource": "MLIST",
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"url": "https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1174077",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1174077"
}
]
}

53
2014/8xxx/CVE-2014-8118.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-8118 rpm: integer overflow and stack overflow in CPIO header parsing"
"value": "Integer overflow in RPM 4.12 and earlier allows remote attackers to execute arbitrary code via a crafted CPIO header in the payload section of an RPM file, which triggers a stack-based buffer overflow."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Stack-based Buffer Overflow",
"cweId": "CWE-121"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:4.11.1-18.el7_0",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -79,51 +78,11 @@
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:056"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:1976",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:1976"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-8118",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-8118"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1168715",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1168715"
},
{
"url": "https://security.gentoo.org/glsa/201811-22",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201811-22"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}
}

83
2014/8xxx/CVE-2014-8127.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-8127 libtiff: out-of-bounds read with malformed TIFF image in multiple tools"
"value": "LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted TIFF image to the (1) checkInkNamesString function in tif_dir.c in the thumbnail tool, (2) compresscontig function in tiff2bw.c in the tiff2bw tool, (3) putcontig8bitCIELab function in tif_getimage.c in the tiff2rgba tool, LZWPreDecode function in tif_lzw.c in the (4) tiff2ps or (5) tiffdither tool, (6) NeXTDecode function in tif_next.c in the tiffmedian tool, or (7) TIFFWriteDirectoryTagLongLong8Array function in tif_dirwrite.c in the tiffset tool."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read",
"cweId": "CWE-125"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:3.9.4-18.el6_8",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:4.0.3-25.el7_2",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -135,70 +123,11 @@
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1032760"
},
{
"url": "https://access.redhat.com/errata/RHSA-2016:1546",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2016:1546"
},
{
"url": "https://access.redhat.com/errata/RHSA-2016:1547",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2016:1547"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-8127",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-8127"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185805",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1185805"
},
{
"url": "https://security.gentoo.org/glsa/201701-16",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201701-16"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 3.6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
}
]
}
}

37
2014/8xxx/CVE-2014-8128.json
View File

@ -1,12 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-8128",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -39,6 +39,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "prior to 4.0.4"
}
]
@ -53,39 +54,39 @@
"references": {
"reference_data": [
{
"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html",
"refsource": "MISC",
"name": "http://www.conostix.com/pub/adv/CVE-2014-8128-LibTIFF-Out-of-bounds_Writes.txt",
"url": "http://www.conostix.com/pub/adv/CVE-2014-8128-LibTIFF-Out-of-bounds_Writes.txt"
"name": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html"
},
{
"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2015/01/24/15",
"url": "http://openwall.com/lists/oss-security/2015/01/24/15"
"name": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html"
},
{
"url": "http://openwall.com/lists/oss-security/2015/01/24/15",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT204941",
"url": "http://support.apple.com/kb/HT204941"
"name": "http://openwall.com/lists/oss-security/2015/01/24/15"
},
{
"url": "http://support.apple.com/kb/HT204941",
"refsource": "MISC",
"name": "http://support.apple.com/kb/HT204942",
"url": "http://support.apple.com/kb/HT204942"
"name": "http://support.apple.com/kb/HT204941"
},
{
"url": "http://support.apple.com/kb/HT204942",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1185812",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185812"
"name": "http://support.apple.com/kb/HT204942"
},
{
"url": "http://www.conostix.com/pub/adv/CVE-2014-8128-LibTIFF-Out-of-bounds_Writes.txt",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html",
"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.html"
"name": "http://www.conostix.com/pub/adv/CVE-2014-8128-LibTIFF-Out-of-bounds_Writes.txt"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185812",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html",
"url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1185812"
}
]
}

82
2014/8xxx/CVE-2014-8129.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2014-8129 libtiff: out-of-bounds read/write with malformed TIFF image in tiff2pdf"
"value": "LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read",
"cweId": "CWE-125"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:3.9.4-18.el6_8",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:4.0.3-25.el7_2",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -80,16 +68,6 @@
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1032760"
},
{
"url": "https://access.redhat.com/errata/RHSA-2016:1546",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2016:1546"
},
{
"url": "https://access.redhat.com/errata/RHSA-2016:1547",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2016:1547"
},
{
"url": "https://security.gentoo.org/glsa/201701-16",
"refsource": "MISC",
@ -141,58 +119,14 @@
"name": "http://www.securityfocus.com/bid/72352"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-8129",
"url": "https://www.debian.org/security/2015/dsa-3273",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-8129"
"name": "https://www.debian.org/security/2015/dsa-3273"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185815",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1185815"
},
{
"url": "https://www.debian.org/security/2015/dsa-3273",
"refsource": "MISC",
"name": "https://www.debian.org/security/2015/dsa-3273"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 3.6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.0"
}
]
}

54
2014/8xxx/CVE-2014-8139.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow flaw was found in the way unzip computed the CRC32 checksum of certain extra fields of a file. A specially crafted Zip archive could cause unzip to crash when the archive was tested with unzip's '-t' option."
"value": "Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read",
"cweId": "CWE-125"
"value": "Buffer Overflow"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "Info-ZIP",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "UnZip",
"version": {
"version_data": [
{
"version_value": "0:6.0-2.el6_6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:6.0-15.ael7b",
"version_affected": "!"
"version_affected": "=",
"version_value": "6.0 and earlier"
}
]
}
@ -80,41 +68,11 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0700"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-8139",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-8139"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1174844",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1174844"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}
}

185
2014/8xxx/CVE-2014-8159.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the (u)verbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate their privileges on the system."
"value": "The InfiniBand (IB) implementation in the Linux kernel package before 2.6.32-504.12.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly restrict use of User Verbs for registration of memory regions, which allows local users to access arbitrary physical memory locations, and consequently cause a denial of service (system crash) or gain privileges, by leveraging permissions on a uverbs device under /dev/infiniband/."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Integer Overflow or Wraparound",
"cweId": "CWE-190"
"value": "n/a"
}
]
}
@ -32,108 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-404.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5.6 Long Life",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-238.55.1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 5.9 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:2.6.18-348.30.1.el5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-504.12.2.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6.2 Advanced Update Support",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-220.60.2.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6.4 Advanced Update Support",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-358.59.1.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6.5 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:2.6.32-431.53.2.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:3.10.0-229.1.2.rt56.141.2.el7_1",
"version_affected": "!"
},
{
"version_value": "0:3.10.0-229.1.2.ael7b",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise MRG 2",
"version": {
"version_data": [
{
"version_value": "1:3.10.0-229.rt56.147.el6rt",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -161,11 +68,6 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0782.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:0782",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0782"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html",
"refsource": "MISC",
@ -176,21 +78,11 @@
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0674.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:0674",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0674"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2015-0695.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0695.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:0695",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0695"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152747.html",
"refsource": "MISC",
@ -291,76 +183,11 @@
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2561-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:0726",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0726"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:0727",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0727"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:0751",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0751"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:0783",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0783"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:0803",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0803"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:0870",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0870"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:0919",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0919"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-8159",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-8159"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1181166",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1181166"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.2,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "COMPLETE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "COMPLETE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
]
}
}

61
2014/8xxx/CVE-2014-8167.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-8167",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "vdsm and vdsclient",
"version": {
"version_data": [
{
"version_value": "through 2014-11-18"
}
]
}
}
]
},
"vendor_name": "vdsm and vdsclient"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,6 +27,30 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "vdsm and vdsclient",
"product": {
"product_data": [
{
"product_name": "vdsm and vdsclient",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "through 2014-11-18"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
@ -58,9 +59,9 @@
"name": "https://access.redhat.com/security/cve/cve-2014-8167"
},
{
"refsource": "REDHAT",
"name": "Red Hat",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8167"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8167",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8167"
}
]
}

61
2014/8xxx/CVE-2014-8168.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-8168",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,12 +27,36 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1192249",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1192249"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1192249",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1192249"
}
]
}

68
2014/8xxx/CVE-2014-8169.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was found that program-based automounter maps that used interpreted languages such as Python would use standard environment variables to locate and load modules of those languages. A local attacker could potentially use this flaw to escalate their privileges on the system."
"value": "automount 5.0.8, when a program map uses certain interpreted languages, uses the calling user's USER and HOME environment variable values instead of the values for the user used to run the mapped program, which allows local users to gain privileges via a Trojan horse program in the user home directory."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Untrusted Search Path",
"cweId": "CWE-426"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "1:5.0.5-113.el6",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "1:5.0.7-54.el7",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -91,54 +79,14 @@
"name": "http://www.ubuntu.com/usn/USN-2579-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1344",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=917977",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1344"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:2417",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2417"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2014-8169",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2014-8169"
"name": "https://bugzilla.suse.com/show_bug.cgi?id=917977"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1192565",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1192565"
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=917977",
"refsource": "MISC",
"name": "https://bugzilla.suse.com/show_bug.cgi?id=917977"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.6,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

79
2014/8xxx/CVE-2014-8177.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-8177",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2015:1845",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1845.html"
"url": "http://rhn.redhat.com/errata/RHSA-2015-1845.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-1845.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1257525",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1257525"
"url": "http://rhn.redhat.com/errata/RHSA-2015-1846.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-1846.html"
},
{
"name": "RHSA-2015:1846",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1846.html"
"url": "http://www.openwall.com/lists/oss-security/2015/08/27/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/08/27/5"
},
{
"name": "[oss-security] 20150827 CVE-2014-8177 gluster-swift metadata constraints are not correctly enforced",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/08/27/5"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1257525",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1257525"
}
]
}

32
2014/8xxx/CVE-2014-8178.json
View File

@ -1,12 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-8178",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -39,6 +39,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "before 1.8.3"
}
]
@ -49,6 +50,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "before 1.6.2-CS7"
}
]
@ -63,29 +65,29 @@
"references": {
"reference_data": [
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00014.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00036.html",
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00036.html"
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00014.html"
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00036.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00014.html",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00014.html"
"name": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00036.html"
},
{
"url": "https://github.com/docker/docker/blob/master/CHANGELOG.md#183-2015-10-12",
"refsource": "MISC",
"name": "https://groups.google.com/forum/#!msg/docker-dev/bWVVtLNbFy8/UaefOqMOCAAJ",
"url": "https://groups.google.com/forum/#!msg/docker-dev/bWVVtLNbFy8/UaefOqMOCAAJ"
"name": "https://github.com/docker/docker/blob/master/CHANGELOG.md#183-2015-10-12"
},
{
"url": "https://groups.google.com/forum/#%21msg/docker-dev/bWVVtLNbFy8/UaefOqMOCAAJ",
"refsource": "MISC",
"name": "https://github.com/docker/docker/blob/master/CHANGELOG.md#183-2015-10-12",
"url": "https://github.com/docker/docker/blob/master/CHANGELOG.md#183-2015-10-12"
"name": "https://groups.google.com/forum/#%21msg/docker-dev/bWVVtLNbFy8/UaefOqMOCAAJ"
},
{
"refsource": "CONFIRM",
"name": "https://www.docker.com/legal/docker-cve-database",
"url": "https://www.docker.com/legal/docker-cve-database"
"url": "https://www.docker.com/legal/docker-cve-database",
"refsource": "MISC",
"name": "https://www.docker.com/legal/docker-cve-database"
}
]
}

36
2014/8xxx/CVE-2014-8179.json
View File

@ -1,12 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-8179",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -39,6 +39,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "before 1.8.3"
}
]
@ -49,6 +50,7 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "before 1.6.2-CS7"
}
]
@ -63,34 +65,34 @@
"references": {
"reference_data": [
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00014.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00036.html",
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00036.html"
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00014.html"
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00036.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00014.html",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00014.html"
"name": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00036.html"
},
{
"url": "https://github.com/docker/docker/blob/master/CHANGELOG.md#183-2015-10-12",
"refsource": "MISC",
"name": "https://groups.google.com/forum/#!msg/docker-dev/bWVVtLNbFy8/UaefOqMOCAAJ",
"url": "https://groups.google.com/forum/#!msg/docker-dev/bWVVtLNbFy8/UaefOqMOCAAJ"
"name": "https://github.com/docker/docker/blob/master/CHANGELOG.md#183-2015-10-12"
},
{
"url": "https://groups.google.com/forum/#%21msg/docker-dev/bWVVtLNbFy8/UaefOqMOCAAJ",
"refsource": "MISC",
"name": "https://github.com/docker/docker/blob/master/CHANGELOG.md#183-2015-10-12",
"url": "https://github.com/docker/docker/blob/master/CHANGELOG.md#183-2015-10-12"
"name": "https://groups.google.com/forum/#%21msg/docker-dev/bWVVtLNbFy8/UaefOqMOCAAJ"
},
{
"url": "https://www.docker.com/legal/docker-cve-database",
"refsource": "MISC",
"name": "https://blog.docker.com/2015/10/security-release-docker-1-8-3-1-6-2-cs7/",
"url": "https://blog.docker.com/2015/10/security-release-docker-1-8-3-1-6-2-cs7/"
"name": "https://www.docker.com/legal/docker-cve-database"
},
{
"refsource": "CONFIRM",
"name": "https://www.docker.com/legal/docker-cve-database",
"url": "https://www.docker.com/legal/docker-cve-database"
"url": "https://blog.docker.com/2015/10/security-release-docker-1-8-3-1-6-2-cs7/",
"refsource": "MISC",
"name": "https://blog.docker.com/2015/10/security-release-docker-1-8-3-1-6-2-cs7/"
}
]
}

121
2014/9xxx/CVE-2014-9278.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-9278",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "71420",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71420"
},
{
"name": "[oss-security] 20141204 Re: CVE request: OpenSSH ~/.k5users patch (Fedora and downstreams)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/12/04/17"
},
{
"name": "RHSA-2015:0425",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0425.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1169843",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1169843"
},
{
"name": "https://bugzilla.mindrot.org/show_bug.cgi?id=1867",
"refsource": "CONFIRM",
"url": "https://bugzilla.mindrot.org/show_bug.cgi?id=1867"
},
{
"name": "http://thread.gmane.org/gmane.comp.encryption.kerberos.general/15855",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0425.html",
"refsource": "MISC",
"url": "http://thread.gmane.org/gmane.comp.encryption.kerberos.general/15855"
"name": "http://rhn.redhat.com/errata/RHSA-2015-0425.html"
},
{
"name": "openssh-gssservkrb5-sec-bypass(99090)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99090"
"url": "http://thread.gmane.org/gmane.comp.encryption.kerberos.general/15855",
"refsource": "MISC",
"name": "http://thread.gmane.org/gmane.comp.encryption.kerberos.general/15855"
},
{
"name": "[oss-security] 20141202 CVE request: OpenSSH ~/.k5users patch (Fedora and downstreams)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2014/12/02/3"
"url": "http://www.openwall.com/lists/oss-security/2014/12/02/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/12/02/3"
},
{
"url": "http://www.openwall.com/lists/oss-security/2014/12/04/17",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2014/12/04/17"
},
{
"url": "http://www.securityfocus.com/bid/71420",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/71420"
},
{
"url": "https://bugzilla.mindrot.org/show_bug.cgi?id=1867",
"refsource": "MISC",
"name": "https://bugzilla.mindrot.org/show_bug.cgi?id=1867"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99090",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99090"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1169843",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1169843"
}
]
}

109
2014/9xxx/CVE-2014-9637.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-9637",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,52 +27,76 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://savannah.gnu.org/bugs/?44051",
"refsource": "CONFIRM",
"url": "https://savannah.gnu.org/bugs/?44051"
"url": "http://advisories.mageia.org/MGASA-2015-0068.html",
"refsource": "MISC",
"name": "http://advisories.mageia.org/MGASA-2015-0068.html"
},
{
"name": "[oss-security] 20150122 Re: CVE request: directory traversal flaw in patch",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/22/7"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154214.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154214.html"
},
{
"name": "FEDORA-2015-1134",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148953.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148953.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-January/148953.html"
},
{
"name": "http://advisories.mageia.org/MGASA-2015-0068.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2015-0068.html"
"url": "http://www.openwall.com/lists/oss-security/2015/01/22/7",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/01/22/7"
},
{
"name": "72286",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72286"
"url": "http://www.securityfocus.com/bid/72286",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/72286"
},
{
"name": "https://git.savannah.gnu.org/cgit/patch.git/commit/?id=0c08d7a902c6fdd49b704623a12d8d672ef18944",
"refsource": "CONFIRM",
"url": "https://git.savannah.gnu.org/cgit/patch.git/commit/?id=0c08d7a902c6fdd49b704623a12d8d672ef18944"
"url": "http://www.ubuntu.com/usn/USN-2651-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2651-1"
},
{
"name": "FEDORA-2015-1165",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154214.html"
"url": "https://git.savannah.gnu.org/cgit/patch.git/commit/?id=0c08d7a902c6fdd49b704623a12d8d672ef18944",
"refsource": "MISC",
"name": "https://git.savannah.gnu.org/cgit/patch.git/commit/?id=0c08d7a902c6fdd49b704623a12d8d672ef18944"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1185262",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185262"
"url": "https://savannah.gnu.org/bugs/?44051",
"refsource": "MISC",
"name": "https://savannah.gnu.org/bugs/?44051"
},
{
"name": "USN-2651-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2651-1"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1185262",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1185262"
}
]
}

101
2014/9xxx/CVE-2014-9638.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-9638",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://trac.xiph.org/ticket/2137",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html",
"refsource": "MISC",
"url": "https://trac.xiph.org/ticket/2137"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html"
},
{
"name": "[oss-security] 20150121 CVE request: two issues in vorbis-tools",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/21/5"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html"
},
{
"name": "FEDORA-2015-2335",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html"
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html"
},
{
"name": "[oss-security] 20150122 Re: CVE request: two issues in vorbis-tools",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/22/9"
"url": "http://seclists.org/fulldisclosure/2015/Jan/78",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2015/Jan/78"
},
{
"name": "openSUSE-SU-2015:0522",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html"
"url": "http://www.openwall.com/lists/oss-security/2015/01/21/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/01/21/5"
},
{
"name": "20150119 vorbis-tools issues",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Jan/78"
"url": "http://www.openwall.com/lists/oss-security/2015/01/22/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/01/22/9"
},
{
"name": "FEDORA-2015-2330",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html"
"url": "http://www.securityfocus.com/bid/72290",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/72290"
},
{
"name": "72290",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72290"
"url": "https://trac.xiph.org/ticket/2137",
"refsource": "MISC",
"name": "https://trac.xiph.org/ticket/2137"
}
]
}

125
2014/9xxx/CVE-2014-9639.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-9639",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "72295",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/72295"
},
{
"name": "[oss-security] 20150121 CVE request: two issues in vorbis-tools",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/21/5"
},
{
"name": "FEDORA-2015-2335",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html"
},
{
"name": "[oss-security] 20150122 Re: CVE request: two issues in vorbis-tools",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/22/9"
},
{
"name": "openSUSE-SU-2015:0522",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html"
},
{
"name": "20150119 vorbis-tools issues",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2015/Jan/78"
},
{
"name": "https://trac.xiph.org/ticket/2136",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html",
"refsource": "MISC",
"url": "https://trac.xiph.org/ticket/2136"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150543.html"
},
{
"name": "FEDORA-2015-2330",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-February/150570.html"
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00054.html"
},
{
"url": "http://seclists.org/fulldisclosure/2015/Jan/78",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2015/Jan/78"
},
{
"url": "http://www.openwall.com/lists/oss-security/2015/01/21/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/01/21/5"
},
{
"url": "http://www.openwall.com/lists/oss-security/2015/01/22/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/01/22/9"
},
{
"url": "http://www.securityfocus.com/bid/72295",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/72295"
},
{
"url": "https://trac.xiph.org/ticket/2136",
"refsource": "MISC",
"name": "https://trac.xiph.org/ticket/2136"
}
]
}

79
2014/9xxx/CVE-2014-9718.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-9718",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "DSA-3259",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3259"
"url": "http://www.debian.org/security/2015/dsa-3259",
"refsource": "MISC",
"name": "http://www.debian.org/security/2015/dsa-3259"
},
{
"name": "[oss-security] 20150420 Re: CVE request Qemu: malicious PRDT flow from guest to host",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2015/04/20/7"
"url": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3251bdcf1c67427d964517053c3d185b46e618e8",
"refsource": "MISC",
"name": "http://git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=3251bdcf1c67427d964517053c3d185b46e618e8"
},
{
"name": "http://git.qemu.org/?p=qemu.git;a=commit;h=3251bdcf1c67427d964517053c3d185b46e618e8",
"refsource": "CONFIRM",
"url": "http://git.qemu.org/?p=qemu.git;a=commit;h=3251bdcf1c67427d964517053c3d185b46e618e8"
"url": "http://openwall.com/lists/oss-security/2015/04/20/7",
"refsource": "MISC",
"name": "http://openwall.com/lists/oss-security/2015/04/20/7"
},
{
"name": "73316",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/73316"
"url": "http://www.securityfocus.com/bid/73316",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/73316"
}
]
}

145
2014/9xxx/CVE-2014-9728.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-9728",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,82 +27,106 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a1d47b262952a45aae62bd49cfaf33dd76c11a2c",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a1d47b262952a45aae62bd49cfaf33dd76c11a2c"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2"
},
{
"name": "https://github.com/torvalds/linux/commit/a1d47b262952a45aae62bd49cfaf33dd76c11a2c",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/a1d47b262952a45aae62bd49cfaf33dd76c11a2c"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html"
},
{
"name": "[oss-security] 20150602 CVE request Linux kernel: fs: udf heap overflow in __udf_adinicb_readpage",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/06/02/7"
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a1d47b262952a45aae62bd49cfaf33dd76c11a2c",
"refsource": "MISC",
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a1d47b262952a45aae62bd49cfaf33dd76c11a2c"
},
{
"name": "https://github.com/torvalds/linux/commit/e237ec37ec154564f8690c5bd1795339955eeef9",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/e237ec37ec154564f8690c5bd1795339955eeef9"
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e159332b9af4b04d882dbcfe1bb0117f0a6d4b58",
"refsource": "MISC",
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e159332b9af4b04d882dbcfe1bb0117f0a6d4b58"
},
{
"name": "SUSE-SU-2015:1611",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html"
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e237ec37ec154564f8690c5bd1795339955eeef9",
"refsource": "MISC",
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e237ec37ec154564f8690c5bd1795339955eeef9"
},
{
"name": "SUSE-SU-2015:1324",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html"
},
{
"name": "https://github.com/torvalds/linux/commit/e159332b9af4b04d882dbcfe1bb0117f0a6d4b58",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/e159332b9af4b04d882dbcfe1bb0117f0a6d4b58"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1228229",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1228229"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html"
},
{
"name": "74964",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74964"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html"
},
{
"name": "openSUSE-SU-2015:1382",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
"url": "http://www.openwall.com/lists/oss-security/2015/06/02/7",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/06/02/7"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e159332b9af4b04d882dbcfe1bb0117f0a6d4b58",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e159332b9af4b04d882dbcfe1bb0117f0a6d4b58"
"url": "http://www.securityfocus.com/bid/74964",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/74964"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e237ec37ec154564f8690c5bd1795339955eeef9",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e237ec37ec154564f8690c5bd1795339955eeef9"
"url": "https://github.com/torvalds/linux/commit/a1d47b262952a45aae62bd49cfaf33dd76c11a2c",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/a1d47b262952a45aae62bd49cfaf33dd76c11a2c"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2"
"url": "https://github.com/torvalds/linux/commit/e159332b9af4b04d882dbcfe1bb0117f0a6d4b58",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/e159332b9af4b04d882dbcfe1bb0117f0a6d4b58"
},
{
"name": "SUSE-SU-2015:1224",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html"
"url": "https://github.com/torvalds/linux/commit/e237ec37ec154564f8690c5bd1795339955eeef9",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/e237ec37ec154564f8690c5bd1795339955eeef9"
},
{
"name": "SUSE-SU-2015:1592",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1228229",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1228229"
}
]
}

121
2014/9xxx/CVE-2014-9729.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2014-9729",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,62 +27,86 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150602 CVE request Linux kernel: fs: udf heap overflow in __udf_adinicb_readpage",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/06/02/7"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2"
},
{
"name": "SUSE-SU-2015:1611",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html"
},
{
"name": "SUSE-SU-2015:1324",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html"
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e159332b9af4b04d882dbcfe1bb0117f0a6d4b58",
"refsource": "MISC",
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e159332b9af4b04d882dbcfe1bb0117f0a6d4b58"
},
{
"name": "https://github.com/torvalds/linux/commit/e159332b9af4b04d882dbcfe1bb0117f0a6d4b58",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/e159332b9af4b04d882dbcfe1bb0117f0a6d4b58"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1228229",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1228229"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
},
{
"name": "74964",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74964"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html"
},
{
"name": "openSUSE-SU-2015:1382",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e159332b9af4b04d882dbcfe1bb0117f0a6d4b58",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e159332b9af4b04d882dbcfe1bb0117f0a6d4b58"
"url": "http://www.openwall.com/lists/oss-security/2015/06/02/7",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/06/02/7"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.2"
"url": "http://www.securityfocus.com/bid/74964",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/74964"
},
{
"name": "SUSE-SU-2015:1224",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html"
"url": "https://github.com/torvalds/linux/commit/e159332b9af4b04d882dbcfe1bb0117f0a6d4b58",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/e159332b9af4b04d882dbcfe1bb0117f0a6d4b58"
},
{
"name": "SUSE-SU-2015:1592",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1228229",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1228229"
}
]
}

67
2015/0xxx/CVE-2015-0210.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-0210",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,17 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1178263",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178263"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178263",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1178263"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1178921",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178921"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1178921",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1178921"
}
]
}

85
2015/0xxx/CVE-2015-0271.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was found that the local log-viewing function of the redhat-access-plugin for OpenStack Dashboard (horizon) did not sanitize user input. An authenticated user could use this flaw to read an arbitrary file with the permissions of the web server."
"value": "The log-viewing function in the Red Hat redhat-access-plugin before 6.0.3 for OpenStack Dashboard (horizon) allows remote attackers to read arbitrary files via a crafted path."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Files or Directories Accessible to External Parties",
"cweId": "CWE-552"
"value": "n/a"
}
]
}
@ -32,38 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:5.0.1-0.el6ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:5.0.1-0.el7ost",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"version": {
"version_data": [
{
"version_value": "0:6.0.3-0.el7ost",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -90,56 +67,6 @@
"url": "http://rhn.redhat.com/errata/RHSA-2015-0841.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-0841.html"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:0645",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0645"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:0840",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0840"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:0841",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0841"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-0271",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-0271"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1193638",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1193638"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
]
}

73
2015/1xxx/CVE-2015-1370.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-1370",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://github.com/chjj/marked/issues/492",
"url": "http://www.openwall.com/lists/oss-security/2015/01/23/2",
"refsource": "MISC",
"url": "https://github.com/chjj/marked/issues/492"
"name": "http://www.openwall.com/lists/oss-security/2015/01/23/2"
},
{
"name": "https://nodesecurity.io/advisories/marked_vbscript_injection",
"url": "https://github.com/chjj/marked/issues/492",
"refsource": "MISC",
"url": "https://nodesecurity.io/advisories/marked_vbscript_injection"
"name": "https://github.com/chjj/marked/issues/492"
},
{
"name": "[oss-security] 20150122 CVE requests for nodejs marked VBScript Content Injection and sequelize SQL Injection in Order",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/01/23/2"
"url": "https://github.com/evilpacket/marked/commit/3c191144939107c45a7fa11ab6cb88be6694a1ba",
"refsource": "MISC",
"name": "https://github.com/evilpacket/marked/commit/3c191144939107c45a7fa11ab6cb88be6694a1ba"
},
{
"name": "https://github.com/evilpacket/marked/commit/3c191144939107c45a7fa11ab6cb88be6694a1ba",
"url": "https://nodesecurity.io/advisories/marked_vbscript_injection",
"refsource": "MISC",
"url": "https://github.com/evilpacket/marked/commit/3c191144939107c45a7fa11ab6cb88be6694a1ba"
"name": "https://nodesecurity.io/advisories/marked_vbscript_injection"
}
]
}

67
2015/1xxx/CVE-2015-1554.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-1554",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,17 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1186590",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1186590"
"url": "http://www.openwall.com/lists/oss-security/2015/02/08/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2015/02/08/1"
},
{
"name": "[oss-security] 20150207 Re: kgb-bot can be crashed by some network traffic",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/02/08/1"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1186590",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1186590"
}
]
}

69
2015/1xxx/CVE-2015-1779.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "It was found that the QEMU's websocket frame decoder processed incoming frames without limiting resources used to process the header and the payload. An attacker able to access a guest's VNC console could use this flaw to trigger a denial of service on the host by exhausting all available memory and CPU."
"value": "The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Allocation of Resources Without Limits or Throttling",
"cweId": "CWE-770"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "10:1.5.3-86.el7_1.8",
"version_affected": "!"
}
]
}
},
{
"product_name": "RHEV 3.X Hypervisor and Agents for RHEL-7",
"version": {
"version_data": [
{
"version_value": "10:2.1.2-23.el7_1.10",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -130,26 +118,6 @@
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2608-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1931",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1931"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1943",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1943"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-1779",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-1779"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1199572",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1199572"
},
{
"url": "https://lists.gnu.org/archive/html/qemu-devel/2015-03/msg04894.html",
"refsource": "MISC",
@ -171,30 +139,5 @@
"name": "https://security.gentoo.org/glsa/201602-01"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.7,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:A/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}
}

65
2015/1xxx/CVE-2015-1780.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-1780",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "oVirt",
"version": {
"version_data": [
{
"version_value": "through 2015-03-06"
}
]
}
}
]
},
"vendor_name": "oVirt"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,17 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "oVirt",
"product": {
"product_data": [
{
"product_name": "oVirt",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "through 2015-03-06"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-1780",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-1780"
},
{
"url": "https://access.redhat.com/security/cve/cve-2015-1780",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/cve-2015-1780"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-1780",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-1780"
}
]
}

85
2015/1xxx/CVE-2015-1781.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A buffer overflow flaw was found in the way glibc's gethostbyname_r() and other related functions computed the size of a buffer when passed a misaligned buffer as input. An attacker able to make an application call any of these functions with a misaligned buffer could use this flaw to crash the application or, potentially, execute arbitrary code with the permissions of the user running the application."
"value": "Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
"value": "n/a"
}
]
}
@ -32,38 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2.12-1.149.el6_6.7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:2.17-105.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.1 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:2.17-79.el7_1",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -96,11 +73,6 @@
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2985-2"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:2589",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2589"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177404.html",
"refsource": "MISC",
@ -131,26 +103,6 @@
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1032178"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:0863",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:0863"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:2199",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2199"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-1781",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-1781"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1199525",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1199525"
},
{
"url": "https://rhn.redhat.com/errata/RHSA-2015-0863.html",
"refsource": "MISC",
@ -172,30 +124,5 @@
"name": "https://www.sourceware.org/ml/libc-alpha/2015-08/msg00609.html"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}
}

53
2015/1xxx/CVE-2015-1782.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the way the kex_agree_methods() function of libssh2 performed a key exchange when negotiating a new SSH session. A man-in-the-middle attacker could use a crafted SSH_MSG_KEXINIT packet to crash a connecting libssh2 client."
"value": "The kex_agree_methods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service (crash) or have other unspecified impact via crafted length values in an SSH_MSG_KEXINIT packet."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Improper Handling of Length Parameter Inconsistency",
"cweId": "CWE-130"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:1.4.3-10.el7",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -93,46 +92,6 @@
"url": "http://www.securityfocus.com/bid/73061",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/73061"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:2140",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:2140"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-1782",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-1782"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1199511",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1199511"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
]
}

83
2015/1xxx/CVE-2015-1783.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-1783",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://repos.entrouvert.org/lasso.git/commit/lasso/xml?id=6d854cef4211cdcdbc7446c978f23ab859847cdd",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154321.html",
"refsource": "MISC",
"url": "https://repos.entrouvert.org/lasso.git/commit/lasso/xml?id=6d854cef4211cdcdbc7446c978f23ab859847cdd"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154321.html"
},
{
"name": "FEDORA-2015-4807",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154355.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154355.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154355.html"
},
{
"name": "FEDORA-2015-4821",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155382.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155382.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155382.html"
},
{
"name": "FEDORA-2015-4848",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154321.html"
"url": "https://repos.entrouvert.org/lasso.git/commit/lasso/xml?id=6d854cef4211cdcdbc7446c978f23ab859847cdd",
"refsource": "MISC",
"name": "https://repos.entrouvert.org/lasso.git/commit/lasso/xml?id=6d854cef4211cdcdbc7446c978f23ab859847cdd"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1199925",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1199925"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1199925",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1199925"
}
]
}

80
2015/1xxx/CVE-2015-1789.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "An out-of-bounds read flaw was found in the X509_cmp_time() function of OpenSSL, which is used to test the expiry dates of SSL/TLS certificates. An attacker could possibly use a specially crafted SSL/TLS certificate or CRL (Certificate Revocation List), which when parsed by an application would cause that application to crash."
"value": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Out-of-bounds Read",
"cweId": "CWE-125"
"value": "n/a"
}
]
}
@ -32,38 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:0.9.8e-36.el5_11",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:1.0.1e-30.el6_6.11",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "1:1.0.1e-42.el7_1.8",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -271,31 +248,11 @@
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2639-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1115",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1115"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1197",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1197"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-1789",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-1789"
},
{
"url": "https://bto.bluecoat.com/security-advisory/sa98",
"refsource": "MISC",
"name": "https://bto.bluecoat.com/security-advisory/sa98"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1228603",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1228603"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf",
"refsource": "MISC",
@ -372,30 +329,5 @@
"name": "https://www.openssl.org/news/secadv_20150611.txt"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}
}

580
2015/1xxx/CVE-2015-1790.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-1790",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,277 +27,296 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2015:1184",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html"
},
{
"name": "SSRT102180",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=143880121627664&w=2"
},
{
"name": "DSA-3287",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3287"
},
{
"name": "SUSE-SU-2015:1150",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10122",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10122"
},
{
"name": "SUSE-SU-2015:1183",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html"
},
{
"name": "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015",
"refsource": "CONFIRM",
"url": "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015"
},
{
"name": "HPSBMU03409",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=144050155601375&w=2"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05353965",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05353965"
},
{
"name": "https://openssl.org/news/secadv/20150611.txt",
"refsource": "CONFIRM",
"url": "https://openssl.org/news/secadv/20150611.txt"
},
{
"name": "RHSA-2015:1115",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1115.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "RHSA-2015:1197",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1197.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "SUSE-SU-2015:1182",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888"
},
{
"name": "SUSE-SU-2015:1143",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"name": "openSUSE-SU-2016:0640",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name": "1032564",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032564"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
},
{
"name": "http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015",
"refsource": "CONFIRM",
"url": "http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015"
},
{
"name": "FEDORA-2015-10108",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160647.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "20150612 Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl"
},
{
"name": "openSUSE-SU-2015:1277",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html"
},
{
"name": "SUSE-SU-2015:1181",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html"
},
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "USN-2639-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2639-1"
},
{
"name": "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015",
"refsource": "CONFIRM",
"url": "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015"
},
{
"name": "GLSA-201506-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201506-02"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "https://github.com/openssl/openssl/commit/59302b600e8d5b77ef144e447bb046fd7ab72686",
"refsource": "CONFIRM",
"url": "https://github.com/openssl/openssl/commit/59302b600e8d5b77ef144e447bb046fd7ab72686"
},
{
"name": "HPSBUX03388",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=143880121627664&w=2"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"name": "FEDORA-2015-10047",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160436.html"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"name": "SUSE-SU-2015:1185",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694"
},
{
"name": "openSUSE-SU-2015:1139",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html"
},
{
"name": "https://bto.bluecoat.com/security-advisory/sa98",
"refsource": "CONFIRM",
"url": "https://bto.bluecoat.com/security-advisory/sa98"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733"
},
{
"name": "NetBSD-SA2015-008",
"refsource": "NETBSD",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc"
},
{
"name": "https://www.openssl.org/news/secadv_20150611.txt",
"refsource": "CONFIRM",
"url": "https://www.openssl.org/news/secadv_20150611.txt"
},
{
"name": "75157",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75157"
},
{
"name": "HPSBGN03371",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=143654156615516&w=2"
},
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource": "MISC",
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11"
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"url": "https://support.apple.com/kb/HT205031",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT205031"
},
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
},
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"url": "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015",
"refsource": "MISC",
"name": "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015"
},
{
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc",
"refsource": "MISC",
"name": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc"
},
{
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694",
"refsource": "MISC",
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694"
},
{
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733",
"refsource": "MISC",
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160436.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160436.html"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160647.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160647.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00003.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00005.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00037.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"url": "http://marc.info/?l=bugtraq&m=143654156615516&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=143654156615516&w=2"
},
{
"url": "http://marc.info/?l=bugtraq&m=143880121627664&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=143880121627664&w=2"
},
{
"url": "http://marc.info/?l=bugtraq&m=144050155601375&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=144050155601375&w=2"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2015-1115.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-1115.html"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2015-1197.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-1197.html"
},
{
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl",
"refsource": "MISC",
"name": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl"
},
{
"url": "http://www.debian.org/security/2015/dsa-3287",
"refsource": "MISC",
"name": "http://www.debian.org/security/2015/dsa-3287"
},
{
"url": "http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015",
"refsource": "MISC",
"name": "http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015"
},
{
"url": "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015",
"refsource": "MISC",
"name": "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015"
},
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"url": "http://www.securityfocus.com/bid/91787",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/91787"
},
{
"url": "http://www.securitytracker.com/id/1032564",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1032564"
},
{
"url": "http://www.ubuntu.com/usn/USN-2639-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2639-1"
},
{
"url": "https://bto.bluecoat.com/security-advisory/sa98",
"refsource": "MISC",
"name": "https://bto.bluecoat.com/security-advisory/sa98"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763",
"refsource": "MISC",
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044",
"refsource": "MISC",
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888",
"refsource": "MISC",
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380",
"refsource": "MISC",
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351",
"refsource": "MISC",
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05353965",
"refsource": "MISC",
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05353965"
},
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10122",
"refsource": "MISC",
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10122"
},
{
"url": "https://openssl.org/news/secadv/20150611.txt",
"refsource": "MISC",
"name": "https://openssl.org/news/secadv/20150611.txt"
},
{
"url": "https://security.gentoo.org/glsa/201506-02",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201506-02"
},
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11",
"refsource": "MISC",
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11"
},
{
"url": "https://www.openssl.org/news/secadv_20150611.txt",
"refsource": "MISC",
"name": "https://www.openssl.org/news/secadv_20150611.txt"
},
{
"url": "http://www.securityfocus.com/bid/75157",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/75157"
},
{
"url": "https://github.com/openssl/openssl/commit/59302b600e8d5b77ef144e447bb046fd7ab72686",
"refsource": "MISC",
"name": "https://github.com/openssl/openssl/commit/59302b600e8d5b77ef144e447bb046fd7ab72686"
}
]
}

550
2015/1xxx/CVE-2015-1791.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2015-1791",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,262 +27,281 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2015:1184",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html"
},
{
"name": "SSRT102180",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=143880121627664&w=2"
},
{
"name": "DSA-3287",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3287"
},
{
"name": "SUSE-SU-2015:1150",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10122",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10122"
},
{
"name": "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015",
"refsource": "CONFIRM",
"url": "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667"
},
{
"name": "HPSBMU03409",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=144050155601375&w=2"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05353965",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05353965"
},
{
"name": "https://openssl.org/news/secadv/20150611.txt",
"refsource": "CONFIRM",
"url": "https://openssl.org/news/secadv/20150611.txt"
},
{
"name": "75161",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75161"
},
{
"name": "RHSA-2015:1115",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1115.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"name": "1032479",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032479"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"name": "SUSE-SU-2015:1182",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888"
},
{
"name": "SUSE-SU-2015:1143",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"name": "https://github.com/openssl/openssl/commit/98ece4eebfb6cd45cc8d550c6ac0022965071afc",
"refsource": "CONFIRM",
"url": "https://github.com/openssl/openssl/commit/98ece4eebfb6cd45cc8d550c6ac0022965071afc"
},
{
"name": "openSUSE-SU-2016:0640",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"name": "http://www-304.ibm.com/support/docview.wss?uid=swg21960041",
"refsource": "CONFIRM",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960041"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
},
{
"name": "http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015",
"refsource": "CONFIRM",
"url": "http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015"
},
{
"name": "FEDORA-2015-10108",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160647.html"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "20150612 Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl"
},
{
"name": "APPLE-SA-2015-08-13-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"name": "USN-2639-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2639-1"
},
{
"name": "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015",
"refsource": "CONFIRM",
"url": "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015"
},
{
"name": "GLSA-201506-02",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201506-02"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044"
},
{
"name": "91787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/91787"
},
{
"name": "HPSBUX03388",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq&m=143880121627664&w=2"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"name": "FEDORA-2015-10047",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160436.html"
},
{
"name": "https://support.apple.com/kb/HT205031",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT205031"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"name": "https://support.citrix.com/article/CTX216642",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX216642"
},
{
"name": "SUSE-SU-2015:1185",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694"
},
{
"name": "openSUSE-SU-2015:1139",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html"
},
{
"name": "https://bto.bluecoat.com/security-advisory/sa98",
"refsource": "CONFIRM",
"url": "https://bto.bluecoat.com/security-advisory/sa98"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733"
},
{
"name": "NetBSD-SA2015-008",
"refsource": "NETBSD",
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc"
},
{
"name": "https://www.openssl.org/news/secadv_20150611.txt",
"refsource": "CONFIRM",
"url": "https://www.openssl.org/news/secadv_20150611.txt"
},
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html",
"refsource": "MISC",
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11",
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11"
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
},
{
"refsource": "CONFIRM",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
},
{
"url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html",
"refsource": "MISC",
"name": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
},
{
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"
},
{
"url": "https://support.apple.com/kb/HT205031",
"refsource": "MISC",
"name": "https://support.apple.com/kb/HT205031"
},
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"url": "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015",
"refsource": "MISC",
"name": "http://fortiguard.com/advisory/openssl-vulnerabilities-june-2015"
},
{
"url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc",
"refsource": "MISC",
"name": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2015-008.txt.asc"
},
{
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694",
"refsource": "MISC",
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10694"
},
{
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733",
"refsource": "MISC",
"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10733"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160436.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160436.html"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160647.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160647.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00026.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00004.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00006.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00007.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
},
{
"url": "http://marc.info/?l=bugtraq&m=143880121627664&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=143880121627664&w=2"
},
{
"url": "http://marc.info/?l=bugtraq&m=144050155601375&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=bugtraq&m=144050155601375&w=2"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2015-1115.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2015-1115.html"
},
{
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl",
"refsource": "MISC",
"name": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150612-openssl"
},
{
"url": "http://www.debian.org/security/2015/dsa-3287",
"refsource": "MISC",
"name": "http://www.debian.org/security/2015/dsa-3287"
},
{
"url": "http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015",
"refsource": "MISC",
"name": "http://www.fortiguard.com/advisory/2015-06-11-fortinet-vulnerability-openssl-vulnerabilities-june-2015"
},
{
"url": "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015",
"refsource": "MISC",
"name": "http://www.fortiguard.com/advisory/openssl-vulnerabilities-june-2015"
},
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
},
{
"url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html"
},
{
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html",
"refsource": "MISC",
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html"
},
{
"url": "http://www.securityfocus.com/bid/91787",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/91787"
},
{
"url": "http://www.ubuntu.com/usn/USN-2639-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2639-1"
},
{
"url": "https://bto.bluecoat.com/security-advisory/sa98",
"refsource": "MISC",
"name": "https://bto.bluecoat.com/security-advisory/sa98"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf",
"refsource": "MISC",
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763",
"refsource": "MISC",
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05045763"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044",
"refsource": "MISC",
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05131044"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888",
"refsource": "MISC",
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667",
"refsource": "MISC",
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380",
"refsource": "MISC",
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351",
"refsource": "MISC",
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05184351"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05353965",
"refsource": "MISC",
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05353965"
},
{
"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10122",
"refsource": "MISC",
"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10122"
},
{
"url": "https://openssl.org/news/secadv/20150611.txt",
"refsource": "MISC",
"name": "https://openssl.org/news/secadv/20150611.txt"
},
{
"url": "https://security.gentoo.org/glsa/201506-02",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201506-02"
},
{
"url": "https://support.citrix.com/article/CTX216642",
"refsource": "MISC",
"name": "https://support.citrix.com/article/CTX216642"
},
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11",
"refsource": "MISC",
"name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1144-security-advisory-11"
},
{
"url": "https://www.openssl.org/news/secadv_20150611.txt",
"refsource": "MISC",
"name": "https://www.openssl.org/news/secadv_20150611.txt"
},
{
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960041",
"refsource": "MISC",
"name": "http://www-304.ibm.com/support/docview.wss?uid=swg21960041"
},
{
"url": "http://www.securityfocus.com/bid/75161",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/75161"
},
{
"url": "http://www.securitytracker.com/id/1032479",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1032479"
},
{
"url": "https://github.com/openssl/openssl/commit/98ece4eebfb6cd45cc8d550c6ac0022965071afc",
"refsource": "MISC",
"name": "https://github.com/openssl/openssl/commit/98ece4eebfb6cd45cc8d550c6ac0022965071afc"
}
]
}

64
2015/1xxx/CVE-2015-1792.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "A denial of service flaw was found in the way OpenSSL verified certain signed messages using CMS (Cryptographic Message Syntax). A remote attacker could cause an application using OpenSSL to use excessive amounts of memory by sending a specially crafted message for verification."
"value": "The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (infinite loop) via vectors that trigger a NULL value of a BIO data structure, as demonstrated by an unrecognized X.660 OID for a hash function."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Loop with Unreachable Exit Condition ('Infinite Loop')",
"cweId": "CWE-835"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:1.0.1e-30.el6_6.11",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "1:1.0.1e-42.el7_1.8",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -230,11 +218,6 @@
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2639-1"
},
{
"url": "https://access.redhat.com/errata/RHSA-2015:1115",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2015:1115"
},
{
"url": "https://bto.bluecoat.com/security-advisory/sa98",
"refsource": "MISC",
@ -305,46 +288,11 @@
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/75154"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2015-1792",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2015-1792"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1228607",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1228607"
},
{
"url": "https://github.com/openssl/openssl/commit/cd30f03ac5bf2962f44bd02ae8d88245dff2f12c",
"refsource": "MISC",
"name": "https://github.com/openssl/openssl/commit/cd30f03ac5bf2962f44bd02ae8d88245dff2f12c"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 4.3,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "NONE",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "NONE",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
]
}
}