admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-12-30 05:58:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-08-25 16:00:47 +00:00
parent c35d9f6dc6
commit d059e01158
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
3 changed files with 79 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2018/1000xxx/CVE-2018-1000656.json
View File

@ -37,7 +37,7 @@
"description_data": [
{
"lang": "eng",
"value": "The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory usage possibly leading to denial of service. This attack appear to be exploitable via Attacker provides JSON data in incorrect encoding. This vulnerability appears to have been fixed in 0.12.3."
"value": "The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory usage possibly leading to denial of service. This attack appear to be exploitable via Attacker provides JSON data in incorrect encoding. This vulnerability appears to have been fixed in 0.12.3. NOTE: this may overlap CVE-2019-1010083."
}
]
},

2
2019/1010xxx/CVE-2019-1010083.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "The Pallets Project Flask before 1.0 is affected by: unexpected memory usage. The impact is: denial of service. The attack vector is: crafted encoded JSON data. The fixed version is: 1."
"value": "The Pallets Project Flask before 1.0 is affected by: unexpected memory usage. The impact is: denial of service. The attack vector is: crafted encoded JSON data. The fixed version is: 1. NOTE: this may overlap CVE-2018-1000656."
}
]
},

77
2019/15xxx/CVE-2019-15538.json Normal file
View File

@ -0,0 +1,77 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-15538",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://lore.kernel.org/linux-xfs/20190823035528.GH1037422@magnolia/",
"refsource": "MISC",
"name": "https://lore.kernel.org/linux-xfs/20190823035528.GH1037422@magnolia/"
},
{
"url": "https://lore.kernel.org/linux-xfs/20190823192433.GA8736@eldamar.local",
"refsource": "MISC",
"name": "https://lore.kernel.org/linux-xfs/20190823192433.GA8736@eldamar.local"
},
{
"url": "https://github.com/torvalds/linux/commit/1fb254aa983bf190cfd685d40c64a480a9bafaee",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/1fb254aa983bf190cfd685d40c64a480a9bafaee"
},
{
"url": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1fb254aa983bf190cfd685d40c64a480a9bafaee",
"refsource": "MISC",
"name": "https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1fb254aa983bf190cfd685d40c64a480a9bafaee"
}
]
}
}