From d53da0b4a60340cdbe58398c7ddad7f58cdc3d0f Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 3 Jan 2020 17:01:04 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2012/4xxx/CVE-2012-4451.json | 85 ++++++++++++++++++++++++++++++++-- 2019/19xxx/CVE-2019-19255.json | 61 +++++++++++++++++++++--- 2019/19xxx/CVE-2019-19256.json | 61 +++++++++++++++++++++--- 2019/19xxx/CVE-2019-19257.json | 61 +++++++++++++++++++++--- 2019/19xxx/CVE-2019-19258.json | 61 +++++++++++++++++++++--- 2019/19xxx/CVE-2019-19259.json | 61 +++++++++++++++++++++--- 2019/19xxx/CVE-2019-19260.json | 61 +++++++++++++++++++++--- 2019/19xxx/CVE-2019-19261.json | 61 +++++++++++++++++++++--- 2019/19xxx/CVE-2019-19262.json | 66 +++++++++++++++++++++++--- 2019/19xxx/CVE-2019-19263.json | 61 +++++++++++++++++++++--- 2019/19xxx/CVE-2019-19309.json | 61 +++++++++++++++++++++--- 2019/19xxx/CVE-2019-19310.json | 61 +++++++++++++++++++++--- 2019/5xxx/CVE-2019-5063.json | 58 ++++++++++++++++++++--- 2019/5xxx/CVE-2019-5064.json | 58 ++++++++++++++++++++--- 14 files changed, 794 insertions(+), 83 deletions(-) diff --git a/2012/4xxx/CVE-2012-4451.json b/2012/4xxx/CVE-2012-4451.json index 0925b93fa7b..7b31ae8ed06 100644 --- a/2012/4xxx/CVE-2012-4451.json +++ b/2012/4xxx/CVE-2012-4451.json @@ -1,8 +1,8 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-4451", - "STATE": "RESERVED" + "STATE": "PUBLIC" }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +11,86 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Zend Framework 2.0.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified input to (1) Debug, (2) Feed\\PubSubHubbub, (3) Log\\Formatter\\Xml, (4) Tag\\Cloud\\Decorator, (5) Uri, (6) View\\Helper\\HeadStyle, (7) View\\Helper\\Navigation\\Sitemap, or (8) View\\Helper\\Placeholder\\Container\\AbstractStandalone, related to Escaper." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Zend Technologies", + "product": { + "product_data": [ + { + "product_name": "Zend Framework", + "version": { + "version_data": [ + { + "version_value": "2.0.x before 2.0.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688946#10", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688946#10" + }, + { + "refsource": "MISC", + "name": "https://bugs.gentoo.org/show_bug.cgi?id=436210", + "url": "https://bugs.gentoo.org/show_bug.cgi?id=436210" + }, + { + "refsource": "MISC", + "name": "http://seclists.org/oss-sec/2012/q3/571", + "url": "http://seclists.org/oss-sec/2012/q3/571" + }, + { + "refsource": "MISC", + "name": "http://seclists.org/oss-sec/2012/q3/573", + "url": "http://seclists.org/oss-sec/2012/q3/573" + }, + { + "refsource": "MISC", + "name": "http://framework.zend.com/security/advisory/ZF2012-03", + "url": "http://framework.zend.com/security/advisory/ZF2012-03" + }, + { + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=860738", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=860738" + }, + { + "refsource": "MISC", + "name": "https://github.com/zendframework/zf2/commit/27131ca9520bdf1d4c774c71459eba32f2b10733", + "url": "https://github.com/zendframework/zf2/commit/27131ca9520bdf1d4c774c71459eba32f2b10733" + }, + { + "refsource": "MISC", + "name": "http://www.securityfocus.com/bid/55636", + "url": "http://www.securityfocus.com/bid/55636" } ] } diff --git a/2019/19xxx/CVE-2019-19255.json b/2019/19xxx/CVE-2019-19255.json index 40c12aa3521..40cef87d1a3 100644 --- a/2019/19xxx/CVE-2019-19255.json +++ b/2019/19xxx/CVE-2019-19255.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-19255", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-19255", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "GitLab Enterprise Edition (EE) 12.3 and later through 12.5 has Incorrect Access Control." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/blog/categories/releases/", + "refsource": "MISC", + "name": "https://about.gitlab.com/blog/categories/releases/" + }, + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/", + "url": "https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/" } ] } diff --git a/2019/19xxx/CVE-2019-19256.json b/2019/19xxx/CVE-2019-19256.json index cd63acb3457..19a9e583a14 100644 --- a/2019/19xxx/CVE-2019-19256.json +++ b/2019/19xxx/CVE-2019-19256.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-19256", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-19256", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "GitLab Enterprise Edition (EE) 12.2 and later through 12.5 has Incorrect Access Control." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/blog/categories/releases/", + "refsource": "MISC", + "name": "https://about.gitlab.com/blog/categories/releases/" + }, + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/", + "url": "https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/" } ] } diff --git a/2019/19xxx/CVE-2019-19257.json b/2019/19xxx/CVE-2019-19257.json index fd9321e088b..0879bd74656 100644 --- a/2019/19xxx/CVE-2019-19257.json +++ b/2019/19xxx/CVE-2019-19257.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-19257", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-19257", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 1 of 2)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/blog/categories/releases/", + "refsource": "MISC", + "name": "https://about.gitlab.com/blog/categories/releases/" + }, + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/", + "url": "https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/" } ] } diff --git a/2019/19xxx/CVE-2019-19258.json b/2019/19xxx/CVE-2019-19258.json index 2d021f7aafa..eb98c437460 100644 --- a/2019/19xxx/CVE-2019-19258.json +++ b/2019/19xxx/CVE-2019-19258.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-19258", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-19258", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "GitLab Enterprise Edition (EE) 10.8 and later through 12.5 has Incorrect Access Control." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/blog/categories/releases/", + "refsource": "MISC", + "name": "https://about.gitlab.com/blog/categories/releases/" + }, + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/", + "url": "https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/" } ] } diff --git a/2019/19xxx/CVE-2019-19259.json b/2019/19xxx/CVE-2019-19259.json index 133904ca66a..8f54c1f6fd5 100644 --- a/2019/19xxx/CVE-2019-19259.json +++ b/2019/19xxx/CVE-2019-19259.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-19259", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-19259", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "GitLab Enterprise Edition (EE) 11.3 and later through 12.5 allows an Insecure Direct Object Reference (IDOR)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/blog/categories/releases/", + "refsource": "MISC", + "name": "https://about.gitlab.com/blog/categories/releases/" + }, + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/", + "url": "https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/" } ] } diff --git a/2019/19xxx/CVE-2019-19260.json b/2019/19xxx/CVE-2019-19260.json index fcc990bc539..4275ce04c21 100644 --- a/2019/19xxx/CVE-2019-19260.json +++ b/2019/19xxx/CVE-2019-19260.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-19260", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-19260", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 2 of 2)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/blog/categories/releases/", + "refsource": "MISC", + "name": "https://about.gitlab.com/blog/categories/releases/" + }, + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/", + "url": "https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/" } ] } diff --git a/2019/19xxx/CVE-2019-19261.json b/2019/19xxx/CVE-2019-19261.json index b886b4dc8ef..984d03a45cd 100644 --- a/2019/19xxx/CVE-2019-19261.json +++ b/2019/19xxx/CVE-2019-19261.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-19261", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-19261", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "GitLab Enterprise Edition (EE) 6.7 and later through 12.5 allows SSRF." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/blog/categories/releases/", + "refsource": "MISC", + "name": "https://about.gitlab.com/blog/categories/releases/" + }, + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/", + "url": "https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/" } ] } diff --git a/2019/19xxx/CVE-2019-19262.json b/2019/19xxx/CVE-2019-19262.json index 16497bf6cd4..9b50f16ce5b 100644 --- a/2019/19xxx/CVE-2019-19262.json +++ b/2019/19xxx/CVE-2019-19262.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-19262", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-19262", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "GitLab Enterprise Edition (EE) 11.9 and later through 12.5 has Insecure Permissions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/blog/categories/releases/", + "refsource": "MISC", + "name": "https://about.gitlab.com/blog/categories/releases/" + }, + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/", + "url": "https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/" + }, + { + "refsource": "MISC", + "name": "https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-2-released/", + "url": "https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-2-released/" } ] } diff --git a/2019/19xxx/CVE-2019-19263.json b/2019/19xxx/CVE-2019-19263.json index 64c4253083b..878a3f97de4 100644 --- a/2019/19xxx/CVE-2019-19263.json +++ b/2019/19xxx/CVE-2019-19263.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-19263", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-19263", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "GitLab Enterprise Edition (EE) 8.2 and later through 12.5 has Insecure Permissions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/blog/categories/releases/", + "refsource": "MISC", + "name": "https://about.gitlab.com/blog/categories/releases/" + }, + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/", + "url": "https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/" } ] } diff --git a/2019/19xxx/CVE-2019-19309.json b/2019/19xxx/CVE-2019-19309.json index 7a370201d6e..d19504983d4 100644 --- a/2019/19xxx/CVE-2019-19309.json +++ b/2019/19xxx/CVE-2019-19309.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-19309", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-19309", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "GitLab Enterprise Edition (EE) 8.90 and later through 12.5 has Incorrect Access Control." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/blog/categories/releases/", + "refsource": "MISC", + "name": "https://about.gitlab.com/blog/categories/releases/" + }, + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/", + "url": "https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/" } ] } diff --git a/2019/19xxx/CVE-2019-19310.json b/2019/19xxx/CVE-2019-19310.json index 4398cf62956..0fd224a2f58 100644 --- a/2019/19xxx/CVE-2019-19310.json +++ b/2019/19xxx/CVE-2019-19310.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2019-19310", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2019-19310", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "GitLab Enterprise Edition (EE) 9.0 and later through 12.5 allows Information Disclosure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://about.gitlab.com/blog/categories/releases/", + "refsource": "MISC", + "name": "https://about.gitlab.com/blog/categories/releases/" + }, + { + "refsource": "CONFIRM", + "name": "https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/", + "url": "https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/" } ] } diff --git a/2019/5xxx/CVE-2019-5063.json b/2019/5xxx/CVE-2019-5063.json index b3aa34bc889..79340770a65 100644 --- a/2019/5xxx/CVE-2019-5063.json +++ b/2019/5xxx/CVE-2019-5063.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5063", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5063", + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "OpenCV", + "version": { + "version_data": [ + { + "version_value": "OpenCV 4.1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0852", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0852" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV 4.1.0. A specially crafted XML file can cause a buffer overflow, resulting in multiple heap corruptions and potential code execution. An attacker can provide a specially crafted file to trigger this vulnerability." } ] } diff --git a/2019/5xxx/CVE-2019-5064.json b/2019/5xxx/CVE-2019-5064.json index ca6cfe8d8cd..492eb4f6ad5 100644 --- a/2019/5xxx/CVE-2019-5064.json +++ b/2019/5xxx/CVE-2019-5064.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2019-5064", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2019-5064", + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "OpenCV", + "version": { + "version_data": [ + { + "version_value": "OpenCV 4.1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "heap buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0853", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0853" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An exploitable heap buffer overflow vulnerability exists in the data structure persistence functionality of OpenCV, version 4.1.0. A specially crafted JSON file can cause a buffer overflow, resulting in multiple heap corruptions and potentially code execution. An attacker can provide a specially crafted file to trigger this vulnerability." } ] }