From c46505cba5b1c569bcb360c0ec5618d6e275ddbf Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 31 Oct 2019 19:01:12 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2013/1xxx/CVE-2013-1910.json | 75 ++++++++++++++++++++++++++++++++-- 2016/1xxx/CVE-2016-1549.json | 5 +++ 2016/9xxx/CVE-2016-9042.json | 5 +++ 2017/6xxx/CVE-2017-6451.json | 5 +++ 2017/6xxx/CVE-2017-6458.json | 5 +++ 2017/6xxx/CVE-2017-6460.json | 5 +++ 2017/6xxx/CVE-2017-6462.json | 5 +++ 2017/6xxx/CVE-2017-6463.json | 5 +++ 2017/6xxx/CVE-2017-6464.json | 5 +++ 2018/12xxx/CVE-2018-12327.json | 5 +++ 2018/7xxx/CVE-2018-7170.json | 5 +++ 2018/7xxx/CVE-2018-7182.json | 5 +++ 2018/7xxx/CVE-2018-7183.json | 5 +++ 2018/7xxx/CVE-2018-7184.json | 5 +++ 2018/7xxx/CVE-2018-7185.json | 5 +++ 2019/18xxx/CVE-2019-18218.json | 5 +++ 2019/18xxx/CVE-2019-18657.json | 72 ++++++++++++++++++++++++++++++++ 2019/8xxx/CVE-2019-8936.json | 5 +++ 18 files changed, 224 insertions(+), 3 deletions(-) create mode 100644 2019/18xxx/CVE-2019-18657.json diff --git a/2013/1xxx/CVE-2013-1910.json b/2013/1xxx/CVE-2013-1910.json index d1b485fab2b..45f394eaf34 100644 --- a/2013/1xxx/CVE-2013-1910.json +++ b/2013/1xxx/CVE-2013-1910.json @@ -1,8 +1,31 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2013-1910", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "yum", + "product": { + "product_data": [ + { + "product_name": "yum", + "version": { + "version_data": [ + { + "version_value": "3.4.3" + } + ] + } + } + ] + } + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,53 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "yum does not properly handle bad metadata, which allows an attacker to cause a denial of service and possibly have other unspecified impact via a Trojan horse file in the metadata of a remote repository." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service - Malformed Input" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://security-tracker.debian.org/tracker/CVE-2013-1910", + "refsource": "MISC", + "name": "https://security-tracker.debian.org/tracker/CVE-2013-1910" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1910", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1910" + }, + { + "url": "https://access.redhat.com/security/cve/cve-2013-1910", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/cve-2013-1910" + }, + { + "url": "http://www.securityfocus.com/bid/58533", + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/58533" + }, + { + "refsource": "MISC", + "name": "http://www.openwall.com/lists/oss-security/2013/03/29/4", + "url": "http://www.openwall.com/lists/oss-security/2013/03/29/4" + }, + { + "refsource": "MISC", + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83348", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83348" } ] } diff --git a/2016/1xxx/CVE-2016-1549.json b/2016/1xxx/CVE-2016-1549.json index ea026e92eee..8503c215159 100644 --- a/2016/1xxx/CVE-2016-1549.json +++ b/2016/1xxx/CVE-2016-1549.json @@ -114,6 +114,11 @@ "name": "GLSA-201607-15", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-15" + }, + { + "refsource": "CONFIRM", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us" } ] } diff --git a/2016/9xxx/CVE-2016-9042.json b/2016/9xxx/CVE-2016-9042.json index 1f73359436d..1ceeb1b9bf2 100644 --- a/2016/9xxx/CVE-2016-9042.json +++ b/2016/9xxx/CVE-2016-9042.json @@ -77,6 +77,11 @@ "name": "97046", "refsource": "BID", "url": "http://www.securityfocus.com/bid/97046" + }, + { + "refsource": "CONFIRM", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us" } ] } diff --git a/2017/6xxx/CVE-2017-6451.json b/2017/6xxx/CVE-2017-6451.json index 1e0f856dd1f..3d7819d25e9 100644 --- a/2017/6xxx/CVE-2017-6451.json +++ b/2017/6xxx/CVE-2017-6451.json @@ -81,6 +81,11 @@ "name": "http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu", "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu" + }, + { + "refsource": "CONFIRM", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us" } ] } diff --git a/2017/6xxx/CVE-2017-6458.json b/2017/6xxx/CVE-2017-6458.json index 684ccd800ae..da25be4f475 100644 --- a/2017/6xxx/CVE-2017-6458.json +++ b/2017/6xxx/CVE-2017-6458.json @@ -76,6 +76,11 @@ "name": "http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu", "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu" + }, + { + "refsource": "CONFIRM", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us" } ] } diff --git a/2017/6xxx/CVE-2017-6460.json b/2017/6xxx/CVE-2017-6460.json index 960c1712a5c..f33e503fab6 100644 --- a/2017/6xxx/CVE-2017-6460.json +++ b/2017/6xxx/CVE-2017-6460.json @@ -81,6 +81,11 @@ "name": "http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu", "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu" + }, + { + "refsource": "CONFIRM", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us" } ] } diff --git a/2017/6xxx/CVE-2017-6462.json b/2017/6xxx/CVE-2017-6462.json index 9717b5af470..29f77b229a8 100644 --- a/2017/6xxx/CVE-2017-6462.json +++ b/2017/6xxx/CVE-2017-6462.json @@ -96,6 +96,11 @@ "name": "RHSA-2018:0855", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0855" + }, + { + "refsource": "CONFIRM", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us" } ] } diff --git a/2017/6xxx/CVE-2017-6463.json b/2017/6xxx/CVE-2017-6463.json index 827f77f48bf..ca8c22172ec 100644 --- a/2017/6xxx/CVE-2017-6463.json +++ b/2017/6xxx/CVE-2017-6463.json @@ -96,6 +96,11 @@ "name": "RHSA-2018:0855", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0855" + }, + { + "refsource": "CONFIRM", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us" } ] } diff --git a/2017/6xxx/CVE-2017-6464.json b/2017/6xxx/CVE-2017-6464.json index 95ec82c11cc..93b35232d6c 100644 --- a/2017/6xxx/CVE-2017-6464.json +++ b/2017/6xxx/CVE-2017-6464.json @@ -91,6 +91,11 @@ "name": "RHSA-2018:0855", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:0855" + }, + { + "refsource": "CONFIRM", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us" } ] } diff --git a/2018/12xxx/CVE-2018-12327.json b/2018/12xxx/CVE-2018-12327.json index 7d090624c77..e86cfc4f5cd 100644 --- a/2018/12xxx/CVE-2018-12327.json +++ b/2018/12xxx/CVE-2018-12327.json @@ -86,6 +86,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:2077", "url": "https://access.redhat.com/errata/RHSA-2019:2077" + }, + { + "refsource": "CONFIRM", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us" } ] } diff --git a/2018/7xxx/CVE-2018-7170.json b/2018/7xxx/CVE-2018-7170.json index ab55d046a9c..39253912d0b 100644 --- a/2018/7xxx/CVE-2018-7170.json +++ b/2018/7xxx/CVE-2018-7170.json @@ -96,6 +96,11 @@ "name": "103194", "refsource": "BID", "url": "http://www.securityfocus.com/bid/103194" + }, + { + "refsource": "CONFIRM", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us" } ] } diff --git a/2018/7xxx/CVE-2018-7182.json b/2018/7xxx/CVE-2018-7182.json index 4241e5c249a..98eb4275d07 100644 --- a/2018/7xxx/CVE-2018-7182.json +++ b/2018/7xxx/CVE-2018-7182.json @@ -101,6 +101,11 @@ "name": "103191", "refsource": "BID", "url": "http://www.securityfocus.com/bid/103191" + }, + { + "refsource": "CONFIRM", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us" } ] } diff --git a/2018/7xxx/CVE-2018-7183.json b/2018/7xxx/CVE-2018-7183.json index 66daaa284d0..a0d016adcbe 100644 --- a/2018/7xxx/CVE-2018-7183.json +++ b/2018/7xxx/CVE-2018-7183.json @@ -96,6 +96,11 @@ "name": "http://support.ntp.org/bin/view/Main/NtpBug3414", "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/NtpBug3414" + }, + { + "refsource": "CONFIRM", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us" } ] } diff --git a/2018/7xxx/CVE-2018-7184.json b/2018/7xxx/CVE-2018-7184.json index 7b5f2cbc40e..a860b1f6136 100644 --- a/2018/7xxx/CVE-2018-7184.json +++ b/2018/7xxx/CVE-2018-7184.json @@ -96,6 +96,11 @@ "name": "https://www.synology.com/support/security/Synology_SA_18_13", "refsource": "CONFIRM", "url": "https://www.synology.com/support/security/Synology_SA_18_13" + }, + { + "refsource": "CONFIRM", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us" } ] } diff --git a/2018/7xxx/CVE-2018-7185.json b/2018/7xxx/CVE-2018-7185.json index 57e0ed186b6..03fdf30da01 100644 --- a/2018/7xxx/CVE-2018-7185.json +++ b/2018/7xxx/CVE-2018-7185.json @@ -106,6 +106,11 @@ "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "refsource": "MISC", "name": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html" + }, + { + "refsource": "CONFIRM", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us" } ] } diff --git a/2019/18xxx/CVE-2019-18218.json b/2019/18xxx/CVE-2019-18218.json index 66c0a1b8412..4e0a688a638 100644 --- a/2019/18xxx/CVE-2019-18218.json +++ b/2019/18xxx/CVE-2019-18218.json @@ -76,6 +76,11 @@ "refsource": "UBUNTU", "name": "USN-4172-1", "url": "https://usn.ubuntu.com/4172-1/" + }, + { + "refsource": "UBUNTU", + "name": "USN-4172-2", + "url": "https://usn.ubuntu.com/4172-2/" } ] } diff --git a/2019/18xxx/CVE-2019-18657.json b/2019/18xxx/CVE-2019-18657.json new file mode 100644 index 00000000000..9dd98b50e92 --- /dev/null +++ b/2019/18xxx/CVE-2019-18657.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-18657", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ClickHouse before 19.13.5.44 allows HTTP header injection via the url table function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/ClickHouse/ClickHouse/pull/6466", + "refsource": "MISC", + "name": "https://github.com/ClickHouse/ClickHouse/pull/6466" + }, + { + "url": "https://github.com/ClickHouse/ClickHouse/blob/master/CHANGELOG.md", + "refsource": "MISC", + "name": "https://github.com/ClickHouse/ClickHouse/blob/master/CHANGELOG.md" + }, + { + "url": "https://github.com/ClickHouse/ClickHouse/pull/7526/files", + "refsource": "MISC", + "name": "https://github.com/ClickHouse/ClickHouse/pull/7526/files" + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8936.json b/2019/8xxx/CVE-2019-8936.json index daa6440e461..f4b1d9599f2 100644 --- a/2019/8xxx/CVE-2019-8936.json +++ b/2019/8xxx/CVE-2019-8936.json @@ -116,6 +116,11 @@ "refsource": "CONFIRM", "name": "https://support.f5.com/csp/article/K61363039", "url": "https://support.f5.com/csp/article/K61363039" + }, + { + "refsource": "CONFIRM", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us" } ] }