admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-09-10 15:00:51 +00:00
parent 0235a5e027
commit caefa9ea44
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
8 changed files with 88 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2019/12xxx/CVE-2019-12400.json
View File

@ -61,6 +61,11 @@
"refsource": "MLIST",
"name": "[santuario-dev] 20190906 Re: [CVE-2019-12400] Apache Santuario potentially loads XML parsing code from an untrusted source",
"url": "https://lists.apache.org/thread.html/edaa7edb9c58e5f5bd0c950f2b6232b62b15f5c44ad803e8728308ce@%3Cdev.santuario.apache.org%3E"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190910-0003/",
"url": "https://security.netapp.com/advisory/ntap-20190910-0003/"
}
]
},

56
2019/12xxx/CVE-2019-12401.json
View File

@ -4,14 +4,64 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-12401",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apache",
"product": {
"product_data": [
{
"product_name": "Solr",
"version": {
"version_data": [
{
"version_value": "1.3.0 to 1.4.1"
},
{
"version_value": "3.1.0 to 3.6.2"
},
{
"version_value": "4.0.0 to 4.10.4"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "XML Entity Expansion"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[www-announce] 20190909 [SECURITY] CVE-2019-12401: XML Bomb in Apache Solr versions prior to 5.0",
"url": "http://mail-archives.us.apache.org/mod_mbox/www-announce/201909.mbox/%3CCAECwjAXU4%3DkAo5DeUJw7Kvk67sgCmajAN7LGZQNjbjZ8gv%3DBdw%40mail.gmail.com%3E"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Solr versions 1.3.0 to 1.4.1, 3.1.0 to 3.6.2 and 4.0.0 to 4.10.4 are vulnerable to an XML resource consumption attack (a.k.a. Lol Bomb) via it\u2019s update handler.?By leveraging XML DOCTYPE and ENTITY type elements, the attacker can create a pattern that will expand when the server parses the XML causing OOMs."
}
]
}

5
2019/13xxx/CVE-2019-13139.json
View File

@ -71,6 +71,11 @@
"refsource": "DEBIAN",
"name": "DSA-4521",
"url": "https://www.debian.org/security/2019/dsa-4521"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190910-0001/",
"url": "https://security.netapp.com/advisory/ntap-20190910-0001/"
}
]
}

5
2019/5xxx/CVE-2019-5608.json
View File

@ -54,6 +54,11 @@
"refsource": "CONFIRM",
"name": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:19.mldv2.asc",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:19.mldv2.asc"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190910-0002/",
"url": "https://security.netapp.com/advisory/ntap-20190910-0002/"
}
]
},

5
2019/5xxx/CVE-2019-5609.json
View File

@ -54,6 +54,11 @@
"refsource": "CONFIRM",
"name": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:21.bhyve.asc",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:21.bhyve.asc"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190910-0002/",
"url": "https://security.netapp.com/advisory/ntap-20190910-0002/"
}
]
},

5
2019/5xxx/CVE-2019-5610.json
View File

@ -69,6 +69,11 @@
"refsource": "CONFIRM",
"name": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:20.bsnmp.asc",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:20.bsnmp.asc"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190910-0002/",
"url": "https://security.netapp.com/advisory/ntap-20190910-0002/"
}
]
},

5
2019/5xxx/CVE-2019-5611.json
View File

@ -69,6 +69,11 @@
"refsource": "CONFIRM",
"name": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:22.mbuf.asc",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:22.mbuf.asc"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190910-0002/",
"url": "https://security.netapp.com/advisory/ntap-20190910-0002/"
}
]
},

5
2019/5xxx/CVE-2019-5612.json
View File

@ -54,6 +54,11 @@
"refsource": "CONFIRM",
"name": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:23.midi.asc",
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-19:23.midi.asc"
},
{
"refsource": "CONFIRM",
"name": "https://security.netapp.com/advisory/ntap-20190910-0002/",
"url": "https://security.netapp.com/advisory/ntap-20190910-0002/"
}
]
},