"-Synchronized-Data."

2025-12-30 05:58:39 +00:00 · 2019-07-22 19:00:52 +00:00 · 2019-07-22 19:00:52 +00:00 · d789736311
commit d789736311
parent 516322f4cd
11 changed files with 117 additions and 3 deletions
--- a/2015/4xxx/CVE-2015-4645.json
+++ b/2015/4xxx/CVE-2015-4645.json
@ -81,6 +81,11 @@
                "name": "GLSA-201701-73",
                "refsource": "GENTOO",
                "url": "https://security.gentoo.org/glsa/201701-73"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://github.com/plougher/squashfs-tools/commit/f95864afe8833fe3ad782d714b41378e860977b1",
+                "url": "https://github.com/plougher/squashfs-tools/commit/f95864afe8833fe3ad782d714b41378e860977b1"
            }
        ]
    }
--- a/2015/4xxx/CVE-2015-4646.json
+++ b/2015/4xxx/CVE-2015-4646.json
@ -66,6 +66,11 @@
                "name": "[oss-security] 20150618 Re: Possible CVE Request: Multiple stack overflows in squashfs-tools and sasquatch",
                "refsource": "MLIST",
                "url": "http://seclists.org/oss-sec/2015/q2/756"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://github.com/plougher/squashfs-tools/commit/f95864afe8833fe3ad782d714b41378e860977b1",
+                "url": "https://github.com/plougher/squashfs-tools/commit/f95864afe8833fe3ad782d714b41378e860977b1"
            }
        ]
    }
--- a/2016/4xxx/CVE-2016-4609.json
+++ b/2016/4xxx/CVE-2016-4609.json
@ -121,6 +121,11 @@
                "refsource": "FEDORA",
                "name": "FEDORA-2019-320d5295fc",
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[debian-lts-announce] 20190722 [SECURITY] [DLA 1860-1] libxslt security update",
+                "url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html"
            }
        ]
    }
--- a/2016/4xxx/CVE-2016-4610.json
+++ b/2016/4xxx/CVE-2016-4610.json
@ -121,6 +121,11 @@
                "refsource": "FEDORA",
                "name": "FEDORA-2019-320d5295fc",
                "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SK4YNISS22MJY22YX5I6V2U63QZAUEHA/"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[debian-lts-announce] 20190722 [SECURITY] [DLA 1860-1] libxslt security update",
+                "url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html"
            }
        ]
    }
--- a/2018/19xxx/CVE-2018-19860.json
+++ b/2018/19xxx/CVE-2018-19860.json
@ -61,6 +61,11 @@
                "refsource": "CONFIRM",
                "name": "https://source.android.com/security/bulletin/2019-05-01",
                "url": "https://source.android.com/security/bulletin/2019-05-01"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://support.apple.com/kb/HT210348",
+                "url": "https://support.apple.com/kb/HT210348"
            }
        ]
    }
--- a/2019/12xxx/CVE-2019-12525.json
+++ b/2019/12xxx/CVE-2019-12525.json
@ -76,6 +76,11 @@
                "refsource": "MLIST",
                "name": "[debian-lts-announce] 20190720 [SECURITY] [DLA 1858-1] squid3 security update",
                "url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00018.html"
+            },
+            {
+                "refsource": "UBUNTU",
+                "name": "USN-4065-2",
+                "url": "https://usn.ubuntu.com/4065-2/"
            }
        ]
    }
--- a/2019/12xxx/CVE-2019-12529.json
+++ b/2019/12xxx/CVE-2019-12529.json
@ -76,6 +76,11 @@
                "refsource": "MLIST",
                "name": "[debian-lts-announce] 20190720 [SECURITY] [DLA 1858-1] squid3 security update",
                "url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00018.html"
+            },
+            {
+                "refsource": "UBUNTU",
+                "name": "USN-4065-2",
+                "url": "https://usn.ubuntu.com/4065-2/"
            }
        ]
    }
--- a/2019/13xxx/CVE-2019-13117.json
+++ b/2019/13xxx/CVE-2019-13117.json
@ -66,6 +66,11 @@
                "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14471",
                "refsource": "MISC",
                "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14471"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[debian-lts-announce] 20190722 [SECURITY] [DLA 1860-1] libxslt security update",
+                "url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html"
            }
        ]
    }
--- a/2019/13xxx/CVE-2019-13118.json
+++ b/2019/13xxx/CVE-2019-13118.json
@ -66,6 +66,31 @@
                "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15069",
                "refsource": "MISC",
                "name": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15069"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://support.apple.com/kb/HT210348",
+                "url": "https://support.apple.com/kb/HT210348"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://support.apple.com/kb/HT210353",
+                "url": "https://support.apple.com/kb/HT210353"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://support.apple.com/kb/HT210351",
+                "url": "https://support.apple.com/kb/HT210351"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[debian-lts-announce] 20190722 [SECURITY] [DLA 1860-1] libxslt security update",
+                "url": "https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://support.apple.com/kb/HT210346",
+                "url": "https://support.apple.com/kb/HT210346"
            }
        ]
    }
--- a/2019/3xxx/CVE-2019-3414.json
+++ b/2019/3xxx/CVE-2019-3414.json
@ -1,8 +1,8 @@
 {
    "CVE_data_meta": {
-        "ASSIGNER": "cve@mitre.org",
+        "ASSIGNER": "psirt@zte.com.cn",
        "ID": "CVE-2019-3414",
-        "STATE": "RESERVED"
+        "STATE": "PUBLIC"
    },
    "data_format": "MITRE",
    "data_type": "CVE",
@ -11,7 +11,51 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "All versions up to V1.19.20.02 of ZTE OTCP product are impacted by XSS vulnerability. Due to XSS, when an attacker invokes the security management to obtain the resources of the specified operation code owned by a user, the malicious script code could be transmitted in the parameter. If the front end does not process the returned result from the interface properly, the malicious script may be executed and the user cookie or other important information may be stolen."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "Cross-Site Scripting"
+                    }
+                ]
+            }
+        ]
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "ZTE",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "OTCP",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "< 1.19.20.02"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "references": {
+        "reference_data": [
+            {
+                "refsource": "CONFIRM",
+                "name": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1010883",
+                "url": "http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1010883"
            }
        ]
    }
--- a/2019/6xxx/CVE-2019-6827.json
+++ b/2019/6xxx/CVE-2019-6827.json
@ -48,6 +48,11 @@
                "refsource": "MISC",
                "name": "https://www.schneider-electric.com/ww/en/download/document/SEVD-2019-190-02",
                "url": "https://www.schneider-electric.com/ww/en/download/document/SEVD-2019-190-02"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://www.zerodayinitiative.com/advisories/ZDI-19-671/",
+                "url": "https://www.zerodayinitiative.com/advisories/ZDI-19-671/"
            }
        ]
    },