From cd7f0b0a17ea92196e71a2195fc254223d70764d Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 27 Mar 2019 19:00:45 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2016/10xxx/CVE-2016-10741.json | 5 ++ 2017/13xxx/CVE-2017-13305.json | 5 ++ 2017/3xxx/CVE-2017-3164.json | 5 ++ 2017/5xxx/CVE-2017-5753.json | 5 ++ 2018/12xxx/CVE-2018-12896.json | 5 ++ 2018/13xxx/CVE-2018-13053.json | 5 ++ 2018/16xxx/CVE-2018-16862.json | 5 ++ 2018/16xxx/CVE-2018-16884.json | 5 ++ 2018/17xxx/CVE-2018-17972.json | 5 ++ 2018/18xxx/CVE-2018-18281.json | 5 ++ 2018/18xxx/CVE-2018-18690.json | 5 ++ 2018/18xxx/CVE-2018-18710.json | 5 ++ 2018/18xxx/CVE-2018-18798.json | 2 +- 2018/19xxx/CVE-2018-19824.json | 5 ++ 2018/19xxx/CVE-2018-19985.json | 5 ++ 2018/20xxx/CVE-2018-20169.json | 5 ++ 2018/20xxx/CVE-2018-20511.json | 5 ++ 2018/3xxx/CVE-2018-3627.json | 5 ++ 2018/3xxx/CVE-2018-3628.json | 5 ++ 2018/3xxx/CVE-2018-3629.json | 5 ++ 2018/3xxx/CVE-2018-3632.json | 5 ++ 2018/3xxx/CVE-2018-3639.json | 5 ++ 2018/5xxx/CVE-2018-5848.json | 5 ++ 2018/5xxx/CVE-2018-5953.json | 5 ++ 2019/0xxx/CVE-2019-0192.json | 5 ++ 2019/1000xxx/CVE-2019-1000031.json | 2 +- 2019/1010xxx/CVE-2019-1010257.json | 75 +++++++++++++++++++++++++++--- 2019/3xxx/CVE-2019-3701.json | 5 ++ 2019/3xxx/CVE-2019-3819.json | 5 ++ 2019/3xxx/CVE-2019-3855.json | 5 ++ 2019/3xxx/CVE-2019-3856.json | 5 ++ 2019/3xxx/CVE-2019-3857.json | 5 ++ 2019/3xxx/CVE-2019-3858.json | 5 ++ 2019/3xxx/CVE-2019-3859.json | 5 ++ 2019/3xxx/CVE-2019-3860.json | 5 ++ 2019/3xxx/CVE-2019-3861.json | 5 ++ 2019/3xxx/CVE-2019-3862.json | 5 ++ 2019/3xxx/CVE-2019-3863.json | 5 ++ 2019/6xxx/CVE-2019-6454.json | 5 ++ 2019/6xxx/CVE-2019-6974.json | 5 ++ 2019/7xxx/CVE-2019-7221.json | 5 ++ 2019/7xxx/CVE-2019-7222.json | 5 ++ 2019/9xxx/CVE-2019-9003.json | 5 ++ 2019/9xxx/CVE-2019-9162.json | 5 ++ 2019/9xxx/CVE-2019-9213.json | 5 ++ 45 files changed, 281 insertions(+), 8 deletions(-) diff --git a/2016/10xxx/CVE-2016-10741.json b/2016/10xxx/CVE-2016-10741.json index ae707261b6c..fbc995242be 100644 --- a/2016/10xxx/CVE-2016-10741.json +++ b/2016/10xxx/CVE-2016-10741.json @@ -76,6 +76,11 @@ "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04197b341f23b908193308b8d63d17ff23232598", "refsource": "MISC", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04197b341f23b908193308b8d63d17ff23232598" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" } ] } diff --git a/2017/13xxx/CVE-2017-13305.json b/2017/13xxx/CVE-2017-13305.json index 2ef2c985138..0a266c16f83 100644 --- a/2017/13xxx/CVE-2017-13305.json +++ b/2017/13xxx/CVE-2017-13305.json @@ -82,6 +82,11 @@ "name": "USN-3655-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3655-2/" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" } ] } diff --git a/2017/3xxx/CVE-2017-3164.json b/2017/3xxx/CVE-2017-3164.json index 5eba111f1bb..b434005c248 100644 --- a/2017/3xxx/CVE-2017-3164.json +++ b/2017/3xxx/CVE-2017-3164.json @@ -72,6 +72,11 @@ "refsource": "MLIST", "name": "[lucene-dev] 20190327 [jira] [Commented] (SOLR-12770) [CVE-2017-3164] Make it possible to configure a shards whitelist for master/slave", "url": "https://lists.apache.org/thread.html/ca3105b6934ccd28e843dffe39724f6963ff49825e9b709837203649@%3Cdev.lucene.apache.org%3E" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190327-0003/", + "url": "https://security.netapp.com/advisory/ntap-20190327-0003/" } ] } diff --git a/2017/5xxx/CVE-2017-5753.json b/2017/5xxx/CVE-2017-5753.json index bc596d179d7..2f352de5746 100644 --- a/2017/5xxx/CVE-2017-5753.json +++ b/2017/5xxx/CVE-2017-5753.json @@ -352,6 +352,11 @@ "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613", "refsource": "CONFIRM", "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4613" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" } ] } diff --git a/2018/12xxx/CVE-2018-12896.json b/2018/12xxx/CVE-2018-12896.json index 35e7e603575..419d1e8f59b 100644 --- a/2018/12xxx/CVE-2018-12896.json +++ b/2018/12xxx/CVE-2018-12896.json @@ -106,6 +106,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update", "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" } ] } diff --git a/2018/13xxx/CVE-2018-13053.json b/2018/13xxx/CVE-2018-13053.json index 2b068d6534c..7a375646611 100644 --- a/2018/13xxx/CVE-2018-13053.json +++ b/2018/13xxx/CVE-2018-13053.json @@ -81,6 +81,11 @@ "name": "104671", "refsource": "BID", "url": "http://www.securityfocus.com/bid/104671" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" } ] } diff --git a/2018/16xxx/CVE-2018-16862.json b/2018/16xxx/CVE-2018-16862.json index 30275ba9ce7..b0c70bb4348 100644 --- a/2018/16xxx/CVE-2018-16862.json +++ b/2018/16xxx/CVE-2018-16862.json @@ -96,6 +96,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update", "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" } ] } diff --git a/2018/16xxx/CVE-2018-16884.json b/2018/16xxx/CVE-2018-16884.json index 98425a45fc9..bdc31ab5321 100644 --- a/2018/16xxx/CVE-2018-16884.json +++ b/2018/16xxx/CVE-2018-16884.json @@ -81,6 +81,11 @@ "name": "https://patchwork.kernel.org/cover/10733767/", "refsource": "CONFIRM", "url": "https://patchwork.kernel.org/cover/10733767/" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" } ] } diff --git a/2018/17xxx/CVE-2018-17972.json b/2018/17xxx/CVE-2018-17972.json index f6863936e80..251db48d583 100644 --- a/2018/17xxx/CVE-2018-17972.json +++ b/2018/17xxx/CVE-2018-17972.json @@ -126,6 +126,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update", "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" } ] } diff --git a/2018/18xxx/CVE-2018-18281.json b/2018/18xxx/CVE-2018-18281.json index 56c459fda30..00852ec2c22 100644 --- a/2018/18xxx/CVE-2018-18281.json +++ b/2018/18xxx/CVE-2018-18281.json @@ -141,6 +141,11 @@ "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.135", "refsource": "CONFIRM", "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.135" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" } ] } diff --git a/2018/18xxx/CVE-2018-18690.json b/2018/18xxx/CVE-2018-18690.json index 1ada5bac626..0041f64cf51 100644 --- a/2018/18xxx/CVE-2018-18690.json +++ b/2018/18xxx/CVE-2018-18690.json @@ -116,6 +116,11 @@ "name": "https://github.com/torvalds/linux/commit/7b38460dc8e4eafba06c78f8e37099d3b34d473c", "refsource": "MISC", "url": "https://github.com/torvalds/linux/commit/7b38460dc8e4eafba06c78f8e37099d3b34d473c" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" } ] } diff --git a/2018/18xxx/CVE-2018-18710.json b/2018/18xxx/CVE-2018-18710.json index bc2612ff6d3..9ba6f1ec6ac 100644 --- a/2018/18xxx/CVE-2018-18710.json +++ b/2018/18xxx/CVE-2018-18710.json @@ -111,6 +111,11 @@ "name": "https://github.com/torvalds/linux/commit/e4f3aa2e1e67bb48dfbaaf1cad59013d5a5bc276", "refsource": "MISC", "url": "https://github.com/torvalds/linux/commit/e4f3aa2e1e67bb48dfbaaf1cad59013d5a5bc276" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" } ] } diff --git a/2018/18xxx/CVE-2018-18798.json b/2018/18xxx/CVE-2018-18798.json index 2ce8df83092..24b030eaa92 100644 --- a/2018/18xxx/CVE-2018-18798.json +++ b/2018/18xxx/CVE-2018-18798.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "School Attendance Monitoring System 1.0 has SQL Injection via user/controller.php?action=edit." + "value": "Attendance Monitoring System 1.0 has SQL Injection via the 'id' parameter to student/index.php?view=view, event/index.php?view=view, and user/index.php?view=view." } ] }, diff --git a/2018/19xxx/CVE-2018-19824.json b/2018/19xxx/CVE-2018-19824.json index d0c8b71c7b1..f719b1a7a70 100644 --- a/2018/19xxx/CVE-2018-19824.json +++ b/2018/19xxx/CVE-2018-19824.json @@ -81,6 +81,11 @@ "name": "106109", "refsource": "BID", "url": "http://www.securityfocus.com/bid/106109" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" } ] } diff --git a/2018/19xxx/CVE-2018-19985.json b/2018/19xxx/CVE-2018-19985.json index c8c6be4af5d..f7a4845c8a7 100644 --- a/2018/19xxx/CVE-2018-19985.json +++ b/2018/19xxx/CVE-2018-19985.json @@ -76,6 +76,11 @@ "url": "https://hexhive.epfl.ch/projects/perifuzz/", "refsource": "MISC", "name": "https://hexhive.epfl.ch/projects/perifuzz/" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" } ] } diff --git a/2018/20xxx/CVE-2018-20169.json b/2018/20xxx/CVE-2018-20169.json index 339139bfe76..f0cae6ce8e0 100644 --- a/2018/20xxx/CVE-2018-20169.json +++ b/2018/20xxx/CVE-2018-20169.json @@ -76,6 +76,11 @@ "name": "https://github.com/torvalds/linux/commit/704620afc70cf47abb9d6a1a57f3825d2bca49cf", "refsource": "MISC", "url": "https://github.com/torvalds/linux/commit/704620afc70cf47abb9d6a1a57f3825d2bca49cf" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" } ] } diff --git a/2018/20xxx/CVE-2018-20511.json b/2018/20xxx/CVE-2018-20511.json index d7dc487cf70..f1d759d275b 100644 --- a/2018/20xxx/CVE-2018-20511.json +++ b/2018/20xxx/CVE-2018-20511.json @@ -76,6 +76,11 @@ "name": "106347", "refsource": "BID", "url": "http://www.securityfocus.com/bid/106347" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" } ] } diff --git a/2018/3xxx/CVE-2018-3627.json b/2018/3xxx/CVE-2018-3627.json index b27ecf60326..81b69b3329f 100644 --- a/2018/3xxx/CVE-2018-3627.json +++ b/2018/3xxx/CVE-2018-3627.json @@ -56,6 +56,11 @@ "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00118.html", "refsource": "CONFIRM", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00118.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190327-0006/", + "url": "https://security.netapp.com/advisory/ntap-20190327-0006/" } ] } diff --git a/2018/3xxx/CVE-2018-3628.json b/2018/3xxx/CVE-2018-3628.json index 44cb8ab32a1..267b619ccde 100644 --- a/2018/3xxx/CVE-2018-3628.json +++ b/2018/3xxx/CVE-2018-3628.json @@ -66,6 +66,11 @@ "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03868en_us", "refsource": "CONFIRM", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03868en_us" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190327-0001/", + "url": "https://security.netapp.com/advisory/ntap-20190327-0001/" } ] } diff --git a/2018/3xxx/CVE-2018-3629.json b/2018/3xxx/CVE-2018-3629.json index 09c1ed0fe42..e135b386ff6 100644 --- a/2018/3xxx/CVE-2018-3629.json +++ b/2018/3xxx/CVE-2018-3629.json @@ -66,6 +66,11 @@ "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03868en_us", "refsource": "CONFIRM", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03868en_us" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190327-0001/", + "url": "https://security.netapp.com/advisory/ntap-20190327-0001/" } ] } diff --git a/2018/3xxx/CVE-2018-3632.json b/2018/3xxx/CVE-2018-3632.json index 12a2b89a752..5ba69c37b95 100644 --- a/2018/3xxx/CVE-2018-3632.json +++ b/2018/3xxx/CVE-2018-3632.json @@ -66,6 +66,11 @@ "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03868en_us", "refsource": "CONFIRM", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03868en_us" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190327-0001/", + "url": "https://security.netapp.com/advisory/ntap-20190327-0001/" } ] } diff --git a/2018/3xxx/CVE-2018-3639.json b/2018/3xxx/CVE-2018-3639.json index f774b9a0a3e..43085900906 100644 --- a/2018/3xxx/CVE-2018-3639.json +++ b/2018/3xxx/CVE-2018-3639.json @@ -717,6 +717,11 @@ "name": "RHSA-2018:2228", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:2228" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" } ] } diff --git a/2018/5xxx/CVE-2018-5848.json b/2018/5xxx/CVE-2018-5848.json index 1d747423b68..e6c207bede8 100644 --- a/2018/5xxx/CVE-2018-5848.json +++ b/2018/5xxx/CVE-2018-5848.json @@ -77,6 +77,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190315 [SECURITY] [DLA 1715-1] linux-4.9 security update", "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00017.html" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" } ] } diff --git a/2018/5xxx/CVE-2018-5953.json b/2018/5xxx/CVE-2018-5953.json index d6f95e10770..050742de634 100644 --- a/2018/5xxx/CVE-2018-5953.json +++ b/2018/5xxx/CVE-2018-5953.json @@ -61,6 +61,11 @@ "name": "105045", "refsource": "BID", "url": "http://www.securityfocus.com/bid/105045" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" } ] } diff --git a/2019/0xxx/CVE-2019-0192.json b/2019/0xxx/CVE-2019-0192.json index 6116defbb81..cb819cd5c42 100644 --- a/2019/0xxx/CVE-2019-0192.json +++ b/2019/0xxx/CVE-2019-0192.json @@ -87,6 +87,11 @@ "refsource": "MLIST", "name": "[lucene-dev] 20190327 [jira] [Commented] (SOLR-13301) [CVE-2019-0192] Deserialization of untrusted data via jmx.serviceUrl", "url": "https://lists.apache.org/thread.html/53e4744b14fb7f1810405f8ff5531ab0953a23dd09ce8071ce87e00d@%3Cdev.lucene.apache.org%3E" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190327-0003/", + "url": "https://security.netapp.com/advisory/ntap-20190327-0003/" } ] } diff --git a/2019/1000xxx/CVE-2019-1000031.json b/2019/1000xxx/CVE-2019-1000031.json index f791b50aa01..9538cc8b1f1 100644 --- a/2019/1000xxx/CVE-2019-1000031.json +++ b/2019/1000xxx/CVE-2019-1000031.json @@ -43,7 +43,7 @@ "description_data": [ { "lang": "eng", - "value": "A disk space or quota exhaustion issue exists in the article2pdf Wordpress plugin 0.24, 0.25, 0.26, 0.27. Visiting PDF generation link but not following the redirect will leave behind a PDF file on disk which will never be deleted by the plug-in." + "value": "A disk space or quota exhaustion issue exists in article2pdf_getfile.php in the article2pdf Wordpress plugin 0.24, 0.25, 0.26, 0.27. Visiting PDF generation link but not following the redirect will leave behind a PDF file on disk which will never be deleted by the plug-in." } ] }, diff --git a/2019/1010xxx/CVE-2019-1010257.json b/2019/1010xxx/CVE-2019-1010257.json index 01f0a4e1a61..fe80d908944 100644 --- a/2019/1010xxx/CVE-2019-1010257.json +++ b/2019/1010xxx/CVE-2019-1010257.json @@ -1,17 +1,80 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cve-assign@distributedweaknessfiling.org", "ID": "CVE-2019-1010257", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "article2pdf", + "product": { + "product_data": [ + { + "product_name": "article2pdf Wordpress plug-in", + "version": { + "version_data": [ + { + "version_value": "0.24" + }, + { + "version_value": "0.25" + }, + { + "version_value": "0.26" + }, + { + "version_value": "0.27" + } + ] + } + } + ] + } + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An Information Disclosure / Data Modification issue exists in article2pdf_getfile.php in the article2pdf Wordpress plugin 0.24, 0.25, 0.26, 0.27. A URL can be constructed which allows overriding the PDF file's path leading to any PDF whose path is known and which is readable to the web server can be downloaded. The file will be deleted after download if the web server has permission to do so. For PHP versions before 5.3, any file can be read by null terminating the string left of the file extension." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure / Data Modification" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://wordpress.org/support/topic/pdf-download-path-improperly-sanitised/", + "url": "https://wordpress.org/support/topic/pdf-download-path-improperly-sanitised/" + }, + { + "refsource": "BUGTRAQ", + "name": "20190326 [article2pdf (Wordpress plug-in)] Multiple vulnerabilities (CVE-2019-1000031, CVE-2019-1010257)", + "url": "https://seclists.org/bugtraq/2019/Mar/49" + }, + { + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/152236/WordPress-article2pdf-0.24-DoS-File-Deletion-Disclosure.html", + "url": "https://packetstormsecurity.com/files/152236/WordPress-article2pdf-0.24-DoS-File-Deletion-Disclosure.html" } ] } diff --git a/2019/3xxx/CVE-2019-3701.json b/2019/3xxx/CVE-2019-3701.json index 81b6004cc43..7091b4cf567 100644 --- a/2019/3xxx/CVE-2019-3701.json +++ b/2019/3xxx/CVE-2019-3701.json @@ -66,6 +66,11 @@ "name": "https://bugzilla.suse.com/show_bug.cgi?id=1120386", "refsource": "MISC", "url": "https://bugzilla.suse.com/show_bug.cgi?id=1120386" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" } ] } diff --git a/2019/3xxx/CVE-2019-3819.json b/2019/3xxx/CVE-2019-3819.json index da16f8fb461..c31f6169d96 100644 --- a/2019/3xxx/CVE-2019-3819.json +++ b/2019/3xxx/CVE-2019-3819.json @@ -71,6 +71,11 @@ "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3819", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3819" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" } ] } diff --git a/2019/3xxx/CVE-2019-3855.json b/2019/3xxx/CVE-2019-3855.json index 77b9b1345e3..b84d2049f38 100644 --- a/2019/3xxx/CVE-2019-3855.json +++ b/2019/3xxx/CVE-2019-3855.json @@ -96,6 +96,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190327-0005/", + "url": "https://security.netapp.com/advisory/ntap-20190327-0005/" } ] }, diff --git a/2019/3xxx/CVE-2019-3856.json b/2019/3xxx/CVE-2019-3856.json index 999f0f01033..e93122c84f8 100644 --- a/2019/3xxx/CVE-2019-3856.json +++ b/2019/3xxx/CVE-2019-3856.json @@ -66,6 +66,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190327-0005/", + "url": "https://security.netapp.com/advisory/ntap-20190327-0005/" } ] }, diff --git a/2019/3xxx/CVE-2019-3857.json b/2019/3xxx/CVE-2019-3857.json index d893234cdbe..f3c27846733 100644 --- a/2019/3xxx/CVE-2019-3857.json +++ b/2019/3xxx/CVE-2019-3857.json @@ -66,6 +66,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190327-0005/", + "url": "https://security.netapp.com/advisory/ntap-20190327-0005/" } ] }, diff --git a/2019/3xxx/CVE-2019-3858.json b/2019/3xxx/CVE-2019-3858.json index 000292a81da..363605b665c 100644 --- a/2019/3xxx/CVE-2019-3858.json +++ b/2019/3xxx/CVE-2019-3858.json @@ -88,6 +88,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190327-0005/", + "url": "https://security.netapp.com/advisory/ntap-20190327-0005/" } ] }, diff --git a/2019/3xxx/CVE-2019-3859.json b/2019/3xxx/CVE-2019-3859.json index fcbbf61c97c..d3aa1bdcf4b 100644 --- a/2019/3xxx/CVE-2019-3859.json +++ b/2019/3xxx/CVE-2019-3859.json @@ -88,6 +88,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190327-0005/", + "url": "https://security.netapp.com/advisory/ntap-20190327-0005/" } ] }, diff --git a/2019/3xxx/CVE-2019-3860.json b/2019/3xxx/CVE-2019-3860.json index 752a299fc34..8060f8eec2c 100644 --- a/2019/3xxx/CVE-2019-3860.json +++ b/2019/3xxx/CVE-2019-3860.json @@ -58,6 +58,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190327-0005/", + "url": "https://security.netapp.com/advisory/ntap-20190327-0005/" } ] }, diff --git a/2019/3xxx/CVE-2019-3861.json b/2019/3xxx/CVE-2019-3861.json index bb609ae8d95..6285b982e2d 100644 --- a/2019/3xxx/CVE-2019-3861.json +++ b/2019/3xxx/CVE-2019-3861.json @@ -58,6 +58,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190327-0005/", + "url": "https://security.netapp.com/advisory/ntap-20190327-0005/" } ] }, diff --git a/2019/3xxx/CVE-2019-3862.json b/2019/3xxx/CVE-2019-3862.json index 05b4faa9af7..14f78f166c6 100644 --- a/2019/3xxx/CVE-2019-3862.json +++ b/2019/3xxx/CVE-2019-3862.json @@ -88,6 +88,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190327-0005/", + "url": "https://security.netapp.com/advisory/ntap-20190327-0005/" } ] }, diff --git a/2019/3xxx/CVE-2019-3863.json b/2019/3xxx/CVE-2019-3863.json index e89485019af..28955c10dc8 100644 --- a/2019/3xxx/CVE-2019-3863.json +++ b/2019/3xxx/CVE-2019-3863.json @@ -66,6 +66,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190327-0005/", + "url": "https://security.netapp.com/advisory/ntap-20190327-0005/" } ] }, diff --git a/2019/6xxx/CVE-2019-6454.json b/2019/6xxx/CVE-2019-6454.json index fdcd8097f83..59d75e9d104 100644 --- a/2019/6xxx/CVE-2019-6454.json +++ b/2019/6xxx/CVE-2019-6454.json @@ -101,6 +101,11 @@ "refsource": "DEBIAN", "name": "DSA-4393-1", "url": "https://www.debian.org/security/2019/dsa-4393" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190327-0004/", + "url": "https://security.netapp.com/advisory/ntap-20190327-0004/" } ] } diff --git a/2019/6xxx/CVE-2019-6974.json b/2019/6xxx/CVE-2019-6974.json index cd026e1a206..7750d589fe0 100644 --- a/2019/6xxx/CVE-2019-6974.json +++ b/2019/6xxx/CVE-2019-6974.json @@ -96,6 +96,11 @@ "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cfa39381173d5f969daf43582c95ad679189cbc9", "refsource": "MISC", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cfa39381173d5f969daf43582c95ad679189cbc9" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" } ] } diff --git a/2019/7xxx/CVE-2019-7221.json b/2019/7xxx/CVE-2019-7221.json index 1731bdb003a..ddc2760bf8b 100644 --- a/2019/7xxx/CVE-2019-7221.json +++ b/2019/7xxx/CVE-2019-7221.json @@ -91,6 +91,11 @@ "refsource": "CONFIRM", "name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1760", "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1760" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" } ] } diff --git a/2019/7xxx/CVE-2019-7222.json b/2019/7xxx/CVE-2019-7222.json index 71832f4e52b..61cde07ad78 100644 --- a/2019/7xxx/CVE-2019-7222.json +++ b/2019/7xxx/CVE-2019-7222.json @@ -96,6 +96,11 @@ "refsource": "CONFIRM", "name": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ecec76885bcfe3294685dc363fd1273df0d5d65f", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ecec76885bcfe3294685dc363fd1273df0d5d65f" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" } ] } diff --git a/2019/9xxx/CVE-2019-9003.json b/2019/9xxx/CVE-2019-9003.json index 94e067e97ae..2a7bf636f43 100644 --- a/2019/9xxx/CVE-2019-9003.json +++ b/2019/9xxx/CVE-2019-9003.json @@ -71,6 +71,11 @@ "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=77f8269606bf95fcb232ee86f6da80886f1dfae8", "refsource": "MISC", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=77f8269606bf95fcb232ee86f6da80886f1dfae8" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190327-0002/", + "url": "https://security.netapp.com/advisory/ntap-20190327-0002/" } ] } diff --git a/2019/9xxx/CVE-2019-9162.json b/2019/9xxx/CVE-2019-9162.json index 43ed112bf70..dcca03bf232 100644 --- a/2019/9xxx/CVE-2019-9162.json +++ b/2019/9xxx/CVE-2019-9162.json @@ -86,6 +86,11 @@ "name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1776", "refsource": "MISC", "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1776" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20190327-0002/", + "url": "https://security.netapp.com/advisory/ntap-20190327-0002/" } ] } diff --git a/2019/9xxx/CVE-2019-9213.json b/2019/9xxx/CVE-2019-9213.json index 5920471f58b..e992e8873dc 100644 --- a/2019/9xxx/CVE-2019-9213.json +++ b/2019/9xxx/CVE-2019-9213.json @@ -96,6 +96,11 @@ "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.14", "refsource": "MISC", "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.14" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", + "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html" } ] }