admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 14:08:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-12-31 15:04:25 -05:00
parent 4fadf0f4fb
commit cd289e3266
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
5 changed files with 273 additions and 237 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
2018/20xxx/CVE-2018-20624.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-20624",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2018/20xxx/CVE-2018-20625.json Normal file
View File

@ -0,0 +1,18 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2018-20625",
"STATE" : "RESERVED"
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

172
2018/6xxx/CVE-2018-6334.json
View File

@ -1,89 +1,89 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve-assign@fb.com",
"DATE_ASSIGNED": "2018-03-26",
"ID": "CVE-2018-6334",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HHVM",
"version": {
"version_data": [
{
"version_affected": "!=>",
"version_value": "3.25.2"
},
{
"version_affected": "=>",
"version_value": "3.25.0"
},
{
"version_affected": "!=>",
"version_value": "3.24.6"
},
{
"version_affected": "=>",
"version_value": "3.22.0"
},
{
"version_affected": "!=>",
"version_value": "3.21.10"
},
{
"version_affected": "<",
"version_value": "3.21.10"
}
]
}
}
]
},
"vendor_name": "Facebook"
}
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@fb.com",
"DATE_ASSIGNED" : "2018-03-26",
"ID" : "CVE-2018-6334",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "HHVM",
"version" : {
"version_data" : [
{
"version_affected" : "!=>",
"version_value" : "3.25.2"
},
{
"version_affected" : "=>",
"version_value" : "3.25.0"
},
{
"version_affected" : "!=>",
"version_value" : "3.24.6"
},
{
"version_affected" : "=>",
"version_value" : "3.22.0"
},
{
"version_affected" : "!=>",
"version_value" : "3.21.10"
},
{
"version_affected" : "<",
"version_value" : "3.21.10"
}
]
}
}
]
},
"vendor_name" : "Facebook"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Multipart-file uploads call variables to be improperly registered in the global scope. In cases where variables are not declared explicitly before being used this can lead to unexpected behavior. This affects all supported versions of HHVM prior to the patch (3.25.1, 3.24.5, and 3.21.9 and below)."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Variable Extraction Error (CWE-621)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multipart-file uploads call variables to be improperly registered in the global scope. In cases where variables are not declared explicitly before being used this can lead to unexpected behavior. This affects all supported versions of HHVM prior to the patch (3.25.1, 3.24.5, and 3.21.9 and below)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Variable Extraction Error (CWE-621)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hhvm.com/blog/2018/03/30/hhvm-3.25.2.html",
"refsource": "MISC",
"url": "https://hhvm.com/blog/2018/03/30/hhvm-3.25.2.html"
},
{
"name": "https://github.com/facebook/hhvm/commit/6937de5544c3eead3466b75020d8382080ed0cff",
"refsource": "MISC",
"url": "https://github.com/facebook/hhvm/commit/6937de5544c3eead3466b75020d8382080ed0cff"
}
]
}
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/facebook/hhvm/commit/6937de5544c3eead3466b75020d8382080ed0cff",
"refsource" : "MISC",
"url" : "https://github.com/facebook/hhvm/commit/6937de5544c3eead3466b75020d8382080ed0cff"
},
{
"name" : "https://hhvm.com/blog/2018/03/30/hhvm-3.25.2.html",
"refsource" : "MISC",
"url" : "https://hhvm.com/blog/2018/03/30/hhvm-3.25.2.html"
}
]
}
}

172
2018/6xxx/CVE-2018-6335.json
View File

@ -1,89 +1,89 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve-assign@fb.com",
"DATE_ASSIGNED": "2018-04-13",
"ID": "CVE-2018-6335",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "HHVM",
"version": {
"version_data": [
{
"version_affected": "!=>",
"version_value": "3.25.3"
},
{
"version_affected": "=>",
"version_value": "3.25.0"
},
{
"version_affected": "!=>",
"version_value": "3.24.7"
},
{
"version_affected": "=>",
"version_value": "3.22.0"
},
{
"version_affected": "!=>",
"version_value": "3.21.11"
},
{
"version_affected": "<",
"version_value": "3.21.11"
}
]
}
}
]
},
"vendor_name": "Facebook"
}
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@fb.com",
"DATE_ASSIGNED" : "2018-04-13",
"ID" : "CVE-2018-6335",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "HHVM",
"version" : {
"version_data" : [
{
"version_affected" : "!=>",
"version_value" : "3.25.3"
},
{
"version_affected" : "=>",
"version_value" : "3.25.0"
},
{
"version_affected" : "!=>",
"version_value" : "3.24.7"
},
{
"version_affected" : "=>",
"version_value" : "3.22.0"
},
{
"version_affected" : "!=>",
"version_value" : "3.21.11"
},
{
"version_affected" : "<",
"version_value" : "3.21.11"
}
]
}
}
]
},
"vendor_name" : "Facebook"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "A Malformed h2 frame can cause 'std::out_of_range' exception when parsing priority meta data. This behavior can lead to denial-of-service. This affects all supported versions of HHVM (3.25.2, 3.24.6, and 3.21.10 and below) when using the proxygen server to handle HTTP2 requests."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of Service (CWE-400)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Malformed h2 frame can cause 'std::out_of_range' exception when parsing priority meta data. This behavior can lead to denial-of-service. This affects all supported versions of HHVM (3.25.2, 3.24.6, and 3.21.10 and below) when using the proxygen server to handle HTTP2 requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (CWE-400)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://hhvm.com/blog/2018/05/04/hhvm-3.25.3.html",
"refsource": "MISC",
"url": "https://hhvm.com/blog/2018/05/04/hhvm-3.25.3.html"
},
{
"name": "https://github.com/facebook/hhvm/commit/4cb57dd753a339654ca464c139db9871fe961d56",
"refsource": "MISC",
"url": "https://github.com/facebook/hhvm/commit/4cb57dd753a339654ca464c139db9871fe961d56"
}
]
}
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://github.com/facebook/hhvm/commit/4cb57dd753a339654ca464c139db9871fe961d56",
"refsource" : "MISC",
"url" : "https://github.com/facebook/hhvm/commit/4cb57dd753a339654ca464c139db9871fe961d56"
},
{
"name" : "https://hhvm.com/blog/2018/05/04/hhvm-3.25.3.html",
"refsource" : "MISC",
"url" : "https://hhvm.com/blog/2018/05/04/hhvm-3.25.3.html"
}
]
}
}

130
2018/6xxx/CVE-2018-6336.json
View File

@ -1,68 +1,68 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve-assign@fb.com",
"DATE_ASSIGNED": "2018-04-26",
"ID": "CVE-2018-6336",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "osquery",
"version": {
"version_data": [
{
"version_affected": "!=>",
"version_value": "3.2.7"
},
{
"version_affected": "<",
"version_value": "3.2.7"
}
]
}
}
]
},
"vendor_name": "Facebook"
}
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@fb.com",
"DATE_ASSIGNED" : "2018-04-26",
"ID" : "CVE-2018-6336",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "osquery",
"version" : {
"version_data" : [
{
"version_affected" : "!=>",
"version_value" : "3.2.7"
},
{
"version_affected" : "<",
"version_value" : "3.2.7"
}
]
}
}
]
},
"vendor_name" : "Facebook"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code will execute. This issue affects osquery prior to v3.2.7"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Security Features (CWE-254)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the third-party tool will believe that the code is signed by Apple, but the malicious unsigned code will execute. This issue affects osquery prior to v3.2.7"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Security Features (CWE-254)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.okta.com/security-blog/2018/06/issues-around-third-party-apple-code-signing-checks/",
"refsource": "MISC",
"url": "https://www.okta.com/security-blog/2018/06/issues-around-third-party-apple-code-signing-checks/"
}
]
}
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.okta.com/security-blog/2018/06/issues-around-third-party-apple-code-signing-checks/",
"refsource" : "MISC",
"url" : "https://www.okta.com/security-blog/2018/06/issues-around-third-party-apple-code-signing-checks/"
}
]
}
}