From d2dfa64e8d8d903fc94e2a378be5c1202badac76 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 18 Jul 2019 17:00:49 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2013/7xxx/CVE-2013-7285.json | 5 +++ 2018/1xxx/CVE-2018-1199.json | 12 +++++- 2018/1xxx/CVE-2018-1270.json | 12 +++++- 2018/1xxx/CVE-2018-1275.json | 7 +++- 2019/1010xxx/CVE-2019-1010065.json | 61 ++++++++++++++++++++++++--- 2019/1010xxx/CVE-2019-1010259.json | 66 +++++++++++++++++++++++++++--- 2019/1010xxx/CVE-2019-1010261.json | 56 ++++++++++++++++++++++--- 2019/1010xxx/CVE-2019-1010262.json | 61 ++++++++++++++++++++++++--- 2019/1010xxx/CVE-2019-1010268.json | 61 ++++++++++++++++++++++++--- 2019/11xxx/CVE-2019-11230.json | 56 ++++++++++++++++++++++--- 2019/13xxx/CVE-2019-13575.json | 5 +++ 2019/13xxx/CVE-2019-13951.json | 62 ++++++++++++++++++++++++++++ 2019/13xxx/CVE-2019-13952.json | 62 ++++++++++++++++++++++++++++ 13 files changed, 487 insertions(+), 39 deletions(-) create mode 100644 2019/13xxx/CVE-2019-13951.json create mode 100644 2019/13xxx/CVE-2019-13952.json diff --git a/2013/7xxx/CVE-2013-7285.json b/2013/7xxx/CVE-2013-7285.json index dc576bf9d9b..db3d4298f9d 100644 --- a/2013/7xxx/CVE-2013-7285.json +++ b/2013/7xxx/CVE-2013-7285.json @@ -76,6 +76,11 @@ "refsource": "CONFIRM", "name": "https://x-stream.github.io/CVE-2013-7285.html", "url": "https://x-stream.github.io/CVE-2013-7285.html" + }, + { + "refsource": "MLIST", + "name": "[activemq-issues] 20190718 [jira] [Updated] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework) and xstream-1.4.10.jar", + "url": "https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E" } ] } diff --git a/2018/1xxx/CVE-2018-1199.json b/2018/1xxx/CVE-2018-1199.json index 3c0c3b845df..052af2fa6af 100644 --- a/2018/1xxx/CVE-2018-1199.json +++ b/2018/1xxx/CVE-2018-1199.json @@ -1,6 +1,6 @@ { "CVE_data_meta": { - "ASSIGNER": "security_alert@emc.com", + "ASSIGNER": "secure@dell.com", "DATE_PUBLIC": "2018-01-29T00:00:00", "ID": "CVE-2018-1199", "STATE": "PUBLIC" @@ -73,6 +73,16 @@ "refsource": "MLIST", "name": "[activemq-issues] 20190703 [jira] [Created] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework)", "url": "https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe@%3Cissues.activemq.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[activemq-issues] 20190703 [jira] [Updated] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework) and xstream-1.4.10.jar", + "url": "https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c@%3Cissues.activemq.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[activemq-issues] 20190718 [jira] [Updated] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework) and xstream-1.4.10.jar", + "url": "https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E" } ] } diff --git a/2018/1xxx/CVE-2018-1270.json b/2018/1xxx/CVE-2018-1270.json index c990ee684a0..255ec7a502f 100644 --- a/2018/1xxx/CVE-2018-1270.json +++ b/2018/1xxx/CVE-2018-1270.json @@ -1,6 +1,6 @@ { "CVE_data_meta": { - "ASSIGNER": "security_alert@emc.com", + "ASSIGNER": "secure@dell.com", "DATE_PUBLIC": "2018-04-05T00:00:00", "ID": "CVE-2018-1270", "STATE": "PUBLIC" @@ -92,6 +92,16 @@ "refsource": "MLIST", "name": "[activemq-issues] 20190703 [jira] [Created] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework)", "url": "https://lists.apache.org/thread.html/4ed49b103f64a0cecb38064f26cbf1389afc12124653da2d35166dbe@%3Cissues.activemq.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[activemq-issues] 20190703 [jira] [Updated] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework) and xstream-1.4.10.jar", + "url": "https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c@%3Cissues.activemq.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[activemq-issues] 20190718 [jira] [Updated] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework) and xstream-1.4.10.jar", + "url": "https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E" } ] } diff --git a/2018/1xxx/CVE-2018-1275.json b/2018/1xxx/CVE-2018-1275.json index 8868943c286..715be011be5 100644 --- a/2018/1xxx/CVE-2018-1275.json +++ b/2018/1xxx/CVE-2018-1275.json @@ -1,6 +1,6 @@ { "CVE_data_meta": { - "ASSIGNER": "security_alert@emc.com", + "ASSIGNER": "secure@dell.com", "DATE_PUBLIC": "2018-04-09T00:00:00", "ID": "CVE-2018-1275", "STATE": "PUBLIC" @@ -102,6 +102,11 @@ "refsource": "MLIST", "name": "[activemq-issues] 20190703 [jira] [Updated] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework) and xstream-1.4.10.jar", "url": "https://lists.apache.org/thread.html/ab825fcade0b49becfa30235b3d54f4a51bb74ea96b6c9adb5d1378c@%3Cissues.activemq.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[activemq-issues] 20190718 [jira] [Updated] (AMQ-7236) SEV-1 Security vulnerability in spring-expression-4.3.11.RELEASE.jar (spring framework) and xstream-1.4.10.jar", + "url": "https://lists.apache.org/thread.html/dcf8599b80e43a6b60482607adb76c64672772dc2d9209ae2170f369@%3Cissues.activemq.apache.org%3E" } ] } diff --git a/2019/1010xxx/CVE-2019-1010065.json b/2019/1010xxx/CVE-2019-1010065.json index 47a17227329..d7ef6324f6f 100644 --- a/2019/1010xxx/CVE-2019-1010065.json +++ b/2019/1010xxx/CVE-2019-1010065.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cve-assign@distributedweaknessfiling.org", "ID": "CVE-2019-1010065", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "The Sleuth Kit", + "product": { + "product_data": [ + { + "product_name": "The Sleuth Kit", + "version": { + "version_data": [ + { + "version_value": "\u2264 4.6.0" + } + ] + } + } + ] + } + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Sleuth Kit 4.6.0 and earlier is affected by: Integer Overflow. The impact is: Opening crafted disk image triggers crash in tsk/fs/hfs_dent.c:237. The component is: Overflow in fls tool used on HFS image. Bug is in tsk/fs/hfs.c file in function hfs_cat_traverse() in lines: 952, 1062. The attack vector is: Victim must open a crafted HFS filesystem image." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Integer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://issuetracker.google.com/issues/77809383", + "refsource": "MISC", + "name": "https://issuetracker.google.com/issues/77809383" + }, + { + "refsource": "MISC", + "name": "https://github.com/sleuthkit/sleuthkit/commit/114cd3d0aac8bd1aeaf4b33840feb0163d342d5b", + "url": "https://github.com/sleuthkit/sleuthkit/commit/114cd3d0aac8bd1aeaf4b33840feb0163d342d5b" } ] } diff --git a/2019/1010xxx/CVE-2019-1010259.json b/2019/1010xxx/CVE-2019-1010259.json index 3066fc52017..7e0b2248745 100644 --- a/2019/1010xxx/CVE-2019-1010259.json +++ b/2019/1010xxx/CVE-2019-1010259.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cve-assign@distributedweaknessfiling.org", "ID": "CVE-2019-1010259", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Salt", + "version": { + "version_data": [ + { + "version_value": "2018.3, 2019.2 [fixed: 2018.3.4]" + } + ] + } + } + ] + }, + "vendor_name": "SaltStack" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SaltStack Salt 2018.3, 2019.2 is affected by: SQL Injection. The impact is: An attacker could escalate privileges on MySQL server deployed by cloud provider. It leads to RCE. The component is: The mysql.user_chpass function from the MySQL module for Salt (https://github.com/saltstack/salt/blob/develop/salt/modules/mysql.py#L1462). The attack vector is: specially crafted password string. The fixed version is: 2018.3.4." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL Injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/saltstack/salt/blob/f22de0887cd7167887f113bf394244b74fb36b6b/salt/modules/mysql.py#L1534", + "refsource": "MISC", + "name": "https://github.com/saltstack/salt/blob/f22de0887cd7167887f113bf394244b74fb36b6b/salt/modules/mysql.py#L1534" + }, + { + "url": "https://github.com/ShantonRU/salt/commit/a46c86a987c78e74e87969d8d3b27094e6544b7a", + "refsource": "MISC", + "name": "https://github.com/ShantonRU/salt/commit/a46c86a987c78e74e87969d8d3b27094e6544b7a" + }, + { + "url": "https://github.com/saltstack/salt/pull/51462", + "refsource": "MISC", + "name": "https://github.com/saltstack/salt/pull/51462" } ] } diff --git a/2019/1010xxx/CVE-2019-1010261.json b/2019/1010xxx/CVE-2019-1010261.json index 40fa96f8d7e..f3831638d12 100644 --- a/2019/1010xxx/CVE-2019-1010261.json +++ b/2019/1010xxx/CVE-2019-1010261.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cve-assign@distributedweaknessfiling.org", "ID": "CVE-2019-1010261", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Gitea", + "version": { + "version_data": [ + { + "version_value": "1.7.0 and earlier [fixed: 1.7.1 and later]" + } + ] + } + } + ] + }, + "vendor_name": "Gitea" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Gitea 1.7.0 and earlier is affected by: Cross Site Scripting (XSS). The impact is: Attacker is able to have victim execute arbitrary JS in browser. The component is: go-get URL generation - PR to fix: https://github.com/go-gitea/gitea/pull/5905. The attack vector is: victim must open a specifically crafted URL. The fixed version is: 1.7.1 and later." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross Site Scripting (XSS)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/go-gitea/gitea/pull/5905", + "refsource": "MISC", + "name": "https://github.com/go-gitea/gitea/pull/5905" } ] } diff --git a/2019/1010xxx/CVE-2019-1010262.json b/2019/1010xxx/CVE-2019-1010262.json index 12786300445..e13c66238fe 100644 --- a/2019/1010xxx/CVE-2019-1010262.json +++ b/2019/1010xxx/CVE-2019-1010262.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cve-assign@distributedweaknessfiling.org", "ID": "CVE-2019-1010262", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "scapy", + "version": { + "version_data": [ + { + "version_value": "2.4.0 and earlier [fixed: after commit 0d7ae2b039f650a40e511d09eb961c782da025d9]" + } + ] + } + } + ] + }, + "vendor_name": "scapy" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "scapy 2.4.0 and earlier is affected by: Denial of Services. The impact is: busy loop forever. The component is: _RADIUSAttrPacketListField class. The attack vector is: a packet sent over the network or in a pcap. The fixed version is: after commit 0d7ae2b039f650a40e511d09eb961c782da025d9." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Services" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/secdev/scapy/pull/1409/files#diff-441eff981e466959968111fc6314fe93L1058", + "refsource": "MISC", + "name": "https://github.com/secdev/scapy/pull/1409/files#diff-441eff981e466959968111fc6314fe93L1058" + }, + { + "url": "https://www.imperva.com/blog/scapy-sploit-python-network-tool-is-vulnerable-to-denial-of-service-dos-attack-cve-pending/", + "refsource": "MISC", + "name": "https://www.imperva.com/blog/scapy-sploit-python-network-tool-is-vulnerable-to-denial-of-service-dos-attack-cve-pending/" } ] } diff --git a/2019/1010xxx/CVE-2019-1010268.json b/2019/1010xxx/CVE-2019-1010268.json index 1170ca801ce..1bea9dc9848 100644 --- a/2019/1010xxx/CVE-2019-1010268.json +++ b/2019/1010xxx/CVE-2019-1010268.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cve-assign@distributedweaknessfiling.org", "ID": "CVE-2019-1010268", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Ladon", + "product": { + "product_data": [ + { + "product_name": "Ladon", + "version": { + "version_data": [ + { + "version_value": "0.9.40 and previous (since ebef0aae48af78c159b6fce81bc6f5e7e0ddb059)" + } + ] + } + } + ] + } + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Ladon since 0.6.1 (since ebef0aae48af78c159b6fce81bc6f5e7e0ddb059) is affected by: XML External Entity (XXE). The impact is: Information Disclosure, reading files and reaching internal network endpoints. The component is: SOAP request handlers. For instance: https://bitbucket.org/jakobsg/ladon/src/42944fc012a3a48214791c120ee5619434505067/src/ladon/interfaces/soap.py#lines-688. The attack vector is: Send a specially crafted SOAP call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "XML External Entity (XXE)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.exploit-db.com/exploits/43113", + "refsource": "MISC", + "name": "https://www.exploit-db.com/exploits/43113" + }, + { + "refsource": "MISC", + "name": "https://bitbucket.org/jakobsg/ladon/src/42944fc012a3a48214791c120ee5619434505067/src/ladon/interfaces/soap.py#lines-688", + "url": "https://bitbucket.org/jakobsg/ladon/src/42944fc012a3a48214791c120ee5619434505067/src/ladon/interfaces/soap.py#lines-688" } ] } diff --git a/2019/11xxx/CVE-2019-11230.json b/2019/11xxx/CVE-2019-11230.json index 5d53dc8a20a..5b6b3d2541a 100644 --- a/2019/11xxx/CVE-2019-11230.json +++ b/2019/11xxx/CVE-2019-11230.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-11230", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-11230", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Avast Antivirus before 19.4, a local administrator can trick the product into renaming arbitrary files by replacing the Logs\\Update.log file with a symlink. The next time the product attempts to write to the log file, the target of the symlink is renamed. This defect can be exploited to rename a critical product file (e.g., AvastSvc.exe), causing the product to fail to start on the next system restart." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://www.mcerlane.co.uk/CVE-2019-11230/", + "url": "http://www.mcerlane.co.uk/CVE-2019-11230/" } ] } diff --git a/2019/13xxx/CVE-2019-13575.json b/2019/13xxx/CVE-2019-13575.json index a9e2178d50d..955420fbec2 100644 --- a/2019/13xxx/CVE-2019-13575.json +++ b/2019/13xxx/CVE-2019-13575.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "https://github.com/wpeverest/everest-forms/commit/755d095fe0d9a756a13800d1513cf98219e4a3f9#diff-bb2b21ef7774df8687ff02b0284505c6", "url": "https://github.com/wpeverest/everest-forms/commit/755d095fe0d9a756a13800d1513cf98219e4a3f9#diff-bb2b21ef7774df8687ff02b0284505c6" + }, + { + "refsource": "MISC", + "name": "https://wpvulndb.com/vulnerabilities/9466", + "url": "https://wpvulndb.com/vulnerabilities/9466" } ] } diff --git a/2019/13xxx/CVE-2019-13951.json b/2019/13xxx/CVE-2019-13951.json new file mode 100644 index 00000000000..a8ae10eb640 --- /dev/null +++ b/2019/13xxx/CVE-2019-13951.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-13951", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The set_ipv4() function in zscan_rfc1035.rl in gdnsd 3.2.0 has a stack-based buffer overflow via a long and malformed IPv4 address in zone data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/gdnsd/gdnsd/issues/185", + "refsource": "MISC", + "name": "https://github.com/gdnsd/gdnsd/issues/185" + } + ] + } +} \ No newline at end of file diff --git a/2019/13xxx/CVE-2019-13952.json b/2019/13xxx/CVE-2019-13952.json new file mode 100644 index 00000000000..50093864bfc --- /dev/null +++ b/2019/13xxx/CVE-2019-13952.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-13952", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The set_ipv6() function in zscan_rfc1035.rl in gdnsd 3.2.0 has a stack-based buffer overflow via a long and malformed IPv6 address in zone data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/gdnsd/gdnsd/issues/185", + "refsource": "MISC", + "name": "https://github.com/gdnsd/gdnsd/issues/185" + } + ] + } +} \ No newline at end of file