"-Synchronized-Data."

2025-06-21 05:40:25 +00:00 · 2019-10-30 00:01:13 +00:00 · 2019-10-30 00:01:13 +00:00 · e0833a4f9f
commit e0833a4f9f
parent b9689a06cd
6 changed files with 82 additions and 7 deletions
--- a/2017/11xxx/CVE-2017-11479.json
+++ b/2017/11xxx/CVE-2017-11479.json
@ -61,6 +61,11 @@
                "refsource": "MLIST",
                "name": "[oss-security] 20191023 Membership application for linux-distros - VMware",
                "url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
            },
            {
                "refsource": "MLIST",
                "name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
                "url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
            }
        ]
    }
--- a/2019/11xxx/CVE-2019-11477.json
+++ b/2019/11xxx/CVE-2019-11477.json
@ -221,6 +221,11 @@
                "refsource": "MLIST",
                "name": "[oss-security] 20191023 Membership application for linux-distros - VMware",
                "url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
            },
            {
                "refsource": "MLIST",
                "name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
                "url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
            }
        ]
    },
--- a/2019/11xxx/CVE-2019-11478.json
+++ b/2019/11xxx/CVE-2019-11478.json
@ -225,6 +225,11 @@
                "refsource": "MLIST",
                "name": "[oss-security] 20191023 Membership application for linux-distros - VMware",
                "url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
            },
            {
                "refsource": "MLIST",
                "name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
                "url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
            }
        ]
    },
--- a/2019/14xxx/CVE-2019-14287.json
+++ b/2019/14xxx/CVE-2019-14287.json
@ -156,6 +156,11 @@
                "refsource": "REDHAT",
                "name": "RHSA-2019:3219",
                "url": "https://access.redhat.com/errata/RHSA-2019:3219"
            },
            {
                "refsource": "MLIST",
                "name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
                "url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
            }
        ]
    }
--- a/2019/5xxx/CVE-2019-5736.json
+++ b/2019/5xxx/CVE-2019-5736.json
@ -341,6 +341,11 @@
                "refsource": "MLIST",
                "name": "[oss-security] 20191023 Membership application for linux-distros - VMware",
                "url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"
            },
            {
                "refsource": "MLIST",
                "name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware",
                "url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"
            }
        ]
    }
--- a/2019/8xxx/CVE-2019-8235.json
+++ b/2019/8xxx/CVE-2019-8235.json
@ -1,17 +1,67 @@
 {
    "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2019-8235",
        "STATE": "RESERVED"
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_format": "MITRE",
    "data_version": "4.0",
    "CVE_data_meta": {
        "ID": "CVE-2019-8235",
        "ASSIGNER": "psirt@adobe.com",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "Adobe",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Magento",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "2.3 prior to 2.3.1"
                                        },
                                        {
                                            "version_value": "2.2 prior to 2.2.8"
                                        },
                                        {
                                            "version_value": "2.1 prior to 2.1.17"
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "Insecure Direct Object Reference (IDOR)"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "refsource": "CONFIRM",
                "name": "https://magento.com/security/patches/magento-2.3.1-2.2.8-and-2.1.17-security-update",
                "url": "https://magento.com/security/patches/magento-2.3.1-2.2.8-and-2.1.17-security-update"
            }
        ]
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "An insecure direct object reference (IDOR) vulnerability exists in Magento 2.3 prior to 2.3.1, 2.2 prior to 2.2.8, and 2.1 prior to 2.1.17 versions. An authenticated user may be able to view personally identifiable shipping details of another user due to insufficient validation of user controlled input."
            }
        ]
    }