mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
"-Synchronized-Data."
This commit is contained in:
parent
898c18c7a6
commit
c5ad4b55ec
87
2019/11xxx/CVE-2019-11358.json
Normal file
87
2019/11xxx/CVE-2019-11358.json
Normal file
@ -0,0 +1,87 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"ID": "CVE-2019-11358",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://backdropcms.org/security/backdrop-sa-core-2019-009",
|
||||
"refsource": "MISC",
|
||||
"name": "https://backdropcms.org/security/backdrop-sa-core-2019-009"
|
||||
},
|
||||
{
|
||||
"url": "https://www.drupal.org/sa-core-2019-006",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.drupal.org/sa-core-2019-006"
|
||||
},
|
||||
{
|
||||
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
|
||||
},
|
||||
{
|
||||
"url": "https://snyk.io/vuln/SNYK-JS-JQUERY-174006",
|
||||
"refsource": "MISC",
|
||||
"name": "https://snyk.io/vuln/SNYK-JS-JQUERY-174006"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/jquery/jquery/pull/4333",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/jquery/jquery/pull/4333"
|
||||
},
|
||||
{
|
||||
"url": "https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
62
2019/11xxx/CVE-2019-11359.json
Normal file
62
2019/11xxx/CVE-2019-11359.json
Normal file
@ -0,0 +1,62 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"ID": "CVE-2019-11359",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Cross-site scripting (XSS) vulnerability in display.php in I, Librarian 4.10 allows remote attackers to inject arbitrary web script or HTML via the project parameter."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/mkucej/i-librarian/issues/138",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/mkucej/i-librarian/issues/138"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
Loading…
x
Reference in New Issue
Block a user