diff --git a/2017/18xxx/CVE-2017-18359.json b/2017/18xxx/CVE-2017-18359.json new file mode 100644 index 00000000000..5f84fb4116c --- /dev/null +++ b/2017/18xxx/CVE-2017-18359.json @@ -0,0 +1,72 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2017-18359", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "PostGIS 2.x before 2.3.3, as used with PostgreSQL, allows remote attackers to cause a denial of service via crafted ST_AsX3D function input, as demonstrated by an abnormal server termination for \"SELECT ST_AsX3D('LINESTRING EMPTY');\" because empty geometries are mishandled." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://trac.osgeo.org/postgis/changeset/15444", + "refsource" : "MISC", + "url" : "https://trac.osgeo.org/postgis/changeset/15444" + }, + { + "name" : "https://trac.osgeo.org/postgis/changeset/15445", + "refsource" : "MISC", + "url" : "https://trac.osgeo.org/postgis/changeset/15445" + }, + { + "name" : "https://trac.osgeo.org/postgis/ticket/3704", + "refsource" : "MISC", + "url" : "https://trac.osgeo.org/postgis/ticket/3704" + } + ] + } +} diff --git a/2019/6xxx/CVE-2019-6803.json b/2019/6xxx/CVE-2019-6803.json new file mode 100644 index 00000000000..e35a869d483 --- /dev/null +++ b/2019/6xxx/CVE-2019-6803.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-6803", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "typora through 0.9.9.20.3 beta has XSS, with resultant remote command execution, via the left outline bar." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/typora/typora-issues/issues/2124", + "refsource" : "MISC", + "url" : "https://github.com/typora/typora-issues/issues/2124" + } + ] + } +} diff --git a/2019/6xxx/CVE-2019-6804.json b/2019/6xxx/CVE-2019-6804.json new file mode 100644 index 00000000000..7d1ab9a73c0 --- /dev/null +++ b/2019/6xxx/CVE-2019-6804.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-6804", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An XSS issue was discovered on the Job Edit page in Rundeck Community Edition before 3.0.13, related to assets/javascripts/workflowStepEditorKO.js and views/execution/_wfitemEdit.gsp." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://docs.rundeck.com/docs/history/version-3.0.13.html", + "refsource" : "MISC", + "url" : "https://docs.rundeck.com/docs/history/version-3.0.13.html" + }, + { + "name" : "https://github.com/rundeck/rundeck/issues/4406", + "refsource" : "MISC", + "url" : "https://github.com/rundeck/rundeck/issues/4406" + } + ] + } +}