From e2c5b1a06c9ac5f61fbecce36dcef9bbe4a6ddcb Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 15 Aug 2019 18:01:07 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2018/14xxx/CVE-2018-14668.json | 58 ++++++++++++++++++++++++++++++---- 2018/14xxx/CVE-2018-14669.json | 58 ++++++++++++++++++++++++++++++---- 2018/14xxx/CVE-2018-14670.json | 58 ++++++++++++++++++++++++++++++---- 2018/14xxx/CVE-2018-14671.json | 58 ++++++++++++++++++++++++++++++---- 2018/14xxx/CVE-2018-14672.json | 58 ++++++++++++++++++++++++++++++---- 2018/3xxx/CVE-2018-3139.json | 5 +++ 2018/3xxx/CVE-2018-3209.json | 5 +++ 2019/11xxx/CVE-2019-11707.json | 5 +++ 2019/11xxx/CVE-2019-11708.json | 5 +++ 2019/11xxx/CVE-2019-11709.json | 5 +++ 2019/11xxx/CVE-2019-11710.json | 5 +++ 2019/11xxx/CVE-2019-11711.json | 5 +++ 2019/11xxx/CVE-2019-11712.json | 5 +++ 2019/11xxx/CVE-2019-11713.json | 5 +++ 2019/11xxx/CVE-2019-11714.json | 5 +++ 2019/11xxx/CVE-2019-11715.json | 5 +++ 2019/11xxx/CVE-2019-11716.json | 5 +++ 2019/11xxx/CVE-2019-11717.json | 5 +++ 2019/11xxx/CVE-2019-11718.json | 5 +++ 2019/11xxx/CVE-2019-11719.json | 5 +++ 2019/11xxx/CVE-2019-11720.json | 5 +++ 2019/11xxx/CVE-2019-11721.json | 5 +++ 2019/11xxx/CVE-2019-11723.json | 5 +++ 2019/11xxx/CVE-2019-11724.json | 5 +++ 2019/11xxx/CVE-2019-11725.json | 5 +++ 2019/11xxx/CVE-2019-11727.json | 5 +++ 2019/11xxx/CVE-2019-11728.json | 5 +++ 2019/11xxx/CVE-2019-11729.json | 5 +++ 2019/11xxx/CVE-2019-11730.json | 5 +++ 2019/2xxx/CVE-2019-2602.json | 5 +++ 2019/2xxx/CVE-2019-2699.json | 5 +++ 2019/9xxx/CVE-2019-9010.json | 48 ++++++++++++++++++++++++++-- 2019/9xxx/CVE-2019-9012.json | 48 ++++++++++++++++++++++++++-- 2019/9xxx/CVE-2019-9811.json | 5 +++ 34 files changed, 482 insertions(+), 39 deletions(-) diff --git a/2018/14xxx/CVE-2018-14668.json b/2018/14xxx/CVE-2018-14668.json index 111122d924e..ccd3576dac6 100644 --- a/2018/14xxx/CVE-2018-14668.json +++ b/2018/14xxx/CVE-2018-14668.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-14668", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-14668", + "ASSIGNER": "browser-security@yandex-team.ru", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "ClickHouse", + "version": { + "version_data": [ + { + "version_value": "All versions prior to version 1.1.54388." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross Protocol Request Forgery" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://clickhouse.yandex/docs/en/security_changelog/", + "url": "https://clickhouse.yandex/docs/en/security_changelog/" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In ClickHouse before 1.1.54388, \"remote\" table function allowed arbitrary symbols in \"user\", \"password\" and \"default_database\" fields which led to Cross Protocol Request Forgery Attacks." } ] } diff --git a/2018/14xxx/CVE-2018-14669.json b/2018/14xxx/CVE-2018-14669.json index 7bd2549bd75..12fbee4c3f4 100644 --- a/2018/14xxx/CVE-2018-14669.json +++ b/2018/14xxx/CVE-2018-14669.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-14669", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-14669", + "ASSIGNER": "browser-security@yandex-team.ru", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "ClickHouse", + "version": { + "version_data": [ + { + "version_value": "All versions prior to version 1.1.54390." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Local File Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://clickhouse.yandex/docs/en/security_changelog/", + "url": "https://clickhouse.yandex/docs/en/security_changelog/" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "ClickHouse MySQL client before versions 1.1.54390 had \"LOAD DATA LOCAL INFILE\" functionality enabled that allowed a malicious MySQL database read arbitrary files from the connected ClickHouse server." } ] } diff --git a/2018/14xxx/CVE-2018-14670.json b/2018/14xxx/CVE-2018-14670.json index 7d2dd145a35..5367afda75b 100644 --- a/2018/14xxx/CVE-2018-14670.json +++ b/2018/14xxx/CVE-2018-14670.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-14670", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-14670", + "ASSIGNER": "browser-security@yandex-team.ru", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ClickHouse", + "product": { + "product_data": [ + { + "product_name": "ClickHouse", + "version": { + "version_data": [ + { + "version_value": "All versions prior to version 1.1.54131." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Execution with Unnecessary Privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://clickhouse.yandex/docs/en/security_changelog/", + "url": "https://clickhouse.yandex/docs/en/security_changelog/" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect configuration in deb package in ClickHouse before 1.1.54131 could lead to unauthorized use of the database." } ] } diff --git a/2018/14xxx/CVE-2018-14671.json b/2018/14xxx/CVE-2018-14671.json index 5cb260d984b..11ae6c4ed9f 100644 --- a/2018/14xxx/CVE-2018-14671.json +++ b/2018/14xxx/CVE-2018-14671.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-14671", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-14671", + "ASSIGNER": "browser-security@yandex-team.ru", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ClickHouse", + "product": { + "product_data": [ + { + "product_name": "ClickHouse", + "version": { + "version_data": [ + { + "version_value": "All versions prior to version 18.10.3." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://clickhouse.yandex/docs/en/security_changelog/", + "url": "https://clickhouse.yandex/docs/en/security_changelog/" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In ClickHouse before 18.10.3, unixODBC allowed loading arbitrary shared objects from the file system which led to a Remote Code Execution vulnerability." } ] } diff --git a/2018/14xxx/CVE-2018-14672.json b/2018/14xxx/CVE-2018-14672.json index 29a0e738fa5..d89faae6bbe 100644 --- a/2018/14xxx/CVE-2018-14672.json +++ b/2018/14xxx/CVE-2018-14672.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-14672", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-14672", + "ASSIGNER": "browser-security@yandex-team.ru", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "ClickHouse", + "version": { + "version_data": [ + { + "version_value": "All versions prior to version 18.12.13." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Path Traversal" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://clickhouse.yandex/docs/en/security_changelog/", + "url": "https://clickhouse.yandex/docs/en/security_changelog/" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In ClickHouse before 18.12.13, functions for loading CatBoost models allowed path traversal and reading arbitrary files through error messages." } ] } diff --git a/2018/3xxx/CVE-2018-3139.json b/2018/3xxx/CVE-2018-3139.json index d71ab3ebf43..ba93717b707 100644 --- a/2018/3xxx/CVE-2018-3139.json +++ b/2018/3xxx/CVE-2018-3139.json @@ -181,6 +181,11 @@ "name": "RHSA-2018:3521", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3521" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-10", + "url": "https://security.gentoo.org/glsa/201908-10" } ] } diff --git a/2018/3xxx/CVE-2018-3209.json b/2018/3xxx/CVE-2018-3209.json index 75c355dc4b8..10742e50bb5 100644 --- a/2018/3xxx/CVE-2018-3209.json +++ b/2018/3xxx/CVE-2018-3209.json @@ -81,6 +81,11 @@ "name": "1041889", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041889" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-10", + "url": "https://security.gentoo.org/glsa/201908-10" } ] } diff --git a/2019/11xxx/CVE-2019-11707.json b/2019/11xxx/CVE-2019-11707.json index 22292379efd..b2b449cbc79 100644 --- a/2019/11xxx/CVE-2019-11707.json +++ b/2019/11xxx/CVE-2019-11707.json @@ -81,6 +81,11 @@ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1544386", "refsource": "MISC", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1544386" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-12", + "url": "https://security.gentoo.org/glsa/201908-12" } ] }, diff --git a/2019/11xxx/CVE-2019-11708.json b/2019/11xxx/CVE-2019-11708.json index 7d7cbf123fa..235d2275e9b 100644 --- a/2019/11xxx/CVE-2019-11708.json +++ b/2019/11xxx/CVE-2019-11708.json @@ -81,6 +81,11 @@ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1559858", "refsource": "MISC", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1559858" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-12", + "url": "https://security.gentoo.org/glsa/201908-12" } ] }, diff --git a/2019/11xxx/CVE-2019-11709.json b/2019/11xxx/CVE-2019-11709.json index 4a793bb922d..10b09c5fb16 100644 --- a/2019/11xxx/CVE-2019-11709.json +++ b/2019/11xxx/CVE-2019-11709.json @@ -106,6 +106,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190802 [SECURITY] [DLA 1870-1] thunderbird security update", "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00002.html" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-12", + "url": "https://security.gentoo.org/glsa/201908-12" } ] }, diff --git a/2019/11xxx/CVE-2019-11710.json b/2019/11xxx/CVE-2019-11710.json index a619218f487..03b16577c4d 100644 --- a/2019/11xxx/CVE-2019-11710.json +++ b/2019/11xxx/CVE-2019-11710.json @@ -54,6 +54,11 @@ "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1549768%2C1548611%2C1533842%2C1537692%2C1540590%2C1551907%2C1510345%2C1535482%2C1535848%2C1547472%2C1547760%2C1507696%2C1544180", "refsource": "MISC", "name": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1549768%2C1548611%2C1533842%2C1537692%2C1540590%2C1551907%2C1510345%2C1535482%2C1535848%2C1547472%2C1547760%2C1507696%2C1544180" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-12", + "url": "https://security.gentoo.org/glsa/201908-12" } ] }, diff --git a/2019/11xxx/CVE-2019-11711.json b/2019/11xxx/CVE-2019-11711.json index 97e8f423880..e956277ca89 100644 --- a/2019/11xxx/CVE-2019-11711.json +++ b/2019/11xxx/CVE-2019-11711.json @@ -106,6 +106,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190802 [SECURITY] [DLA 1870-1] thunderbird security update", "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00002.html" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-12", + "url": "https://security.gentoo.org/glsa/201908-12" } ] }, diff --git a/2019/11xxx/CVE-2019-11712.json b/2019/11xxx/CVE-2019-11712.json index 0f0eec895c0..0a8d5593179 100644 --- a/2019/11xxx/CVE-2019-11712.json +++ b/2019/11xxx/CVE-2019-11712.json @@ -106,6 +106,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190802 [SECURITY] [DLA 1870-1] thunderbird security update", "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00002.html" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-12", + "url": "https://security.gentoo.org/glsa/201908-12" } ] }, diff --git a/2019/11xxx/CVE-2019-11713.json b/2019/11xxx/CVE-2019-11713.json index 03ae5ce6f7c..836787fb2bc 100644 --- a/2019/11xxx/CVE-2019-11713.json +++ b/2019/11xxx/CVE-2019-11713.json @@ -106,6 +106,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190802 [SECURITY] [DLA 1870-1] thunderbird security update", "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00002.html" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-12", + "url": "https://security.gentoo.org/glsa/201908-12" } ] }, diff --git a/2019/11xxx/CVE-2019-11714.json b/2019/11xxx/CVE-2019-11714.json index eb303227b20..62e09fe85ee 100644 --- a/2019/11xxx/CVE-2019-11714.json +++ b/2019/11xxx/CVE-2019-11714.json @@ -54,6 +54,11 @@ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1542593", "refsource": "MISC", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1542593" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-12", + "url": "https://security.gentoo.org/glsa/201908-12" } ] }, diff --git a/2019/11xxx/CVE-2019-11715.json b/2019/11xxx/CVE-2019-11715.json index 4805e05eac7..dba01130a08 100644 --- a/2019/11xxx/CVE-2019-11715.json +++ b/2019/11xxx/CVE-2019-11715.json @@ -106,6 +106,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190802 [SECURITY] [DLA 1870-1] thunderbird security update", "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00002.html" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-12", + "url": "https://security.gentoo.org/glsa/201908-12" } ] }, diff --git a/2019/11xxx/CVE-2019-11716.json b/2019/11xxx/CVE-2019-11716.json index 227cf43ff61..d30761f8192 100644 --- a/2019/11xxx/CVE-2019-11716.json +++ b/2019/11xxx/CVE-2019-11716.json @@ -54,6 +54,11 @@ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1552632", "refsource": "MISC", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1552632" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-12", + "url": "https://security.gentoo.org/glsa/201908-12" } ] }, diff --git a/2019/11xxx/CVE-2019-11717.json b/2019/11xxx/CVE-2019-11717.json index d40e084fb3d..abc9fb4a62e 100644 --- a/2019/11xxx/CVE-2019-11717.json +++ b/2019/11xxx/CVE-2019-11717.json @@ -106,6 +106,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190802 [SECURITY] [DLA 1870-1] thunderbird security update", "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00002.html" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-12", + "url": "https://security.gentoo.org/glsa/201908-12" } ] }, diff --git a/2019/11xxx/CVE-2019-11718.json b/2019/11xxx/CVE-2019-11718.json index 7d622d9d0f8..fde31233b42 100644 --- a/2019/11xxx/CVE-2019-11718.json +++ b/2019/11xxx/CVE-2019-11718.json @@ -54,6 +54,11 @@ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1408349", "refsource": "MISC", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1408349" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-12", + "url": "https://security.gentoo.org/glsa/201908-12" } ] }, diff --git a/2019/11xxx/CVE-2019-11719.json b/2019/11xxx/CVE-2019-11719.json index aff43eb5e27..96b953ac17a 100644 --- a/2019/11xxx/CVE-2019-11719.json +++ b/2019/11xxx/CVE-2019-11719.json @@ -101,6 +101,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:1951", "url": "https://access.redhat.com/errata/RHSA-2019:1951" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-12", + "url": "https://security.gentoo.org/glsa/201908-12" } ] }, diff --git a/2019/11xxx/CVE-2019-11720.json b/2019/11xxx/CVE-2019-11720.json index 080b62e7abd..199f72f33f6 100644 --- a/2019/11xxx/CVE-2019-11720.json +++ b/2019/11xxx/CVE-2019-11720.json @@ -54,6 +54,11 @@ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1556230", "refsource": "MISC", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1556230" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-12", + "url": "https://security.gentoo.org/glsa/201908-12" } ] }, diff --git a/2019/11xxx/CVE-2019-11721.json b/2019/11xxx/CVE-2019-11721.json index 69a8b3fdeb3..4cbd88c6047 100644 --- a/2019/11xxx/CVE-2019-11721.json +++ b/2019/11xxx/CVE-2019-11721.json @@ -54,6 +54,11 @@ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1256009", "refsource": "MISC", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1256009" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-12", + "url": "https://security.gentoo.org/glsa/201908-12" } ] }, diff --git a/2019/11xxx/CVE-2019-11723.json b/2019/11xxx/CVE-2019-11723.json index a7d52be57d3..27534ae3b09 100644 --- a/2019/11xxx/CVE-2019-11723.json +++ b/2019/11xxx/CVE-2019-11723.json @@ -54,6 +54,11 @@ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1528335", "refsource": "MISC", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1528335" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-12", + "url": "https://security.gentoo.org/glsa/201908-12" } ] }, diff --git a/2019/11xxx/CVE-2019-11724.json b/2019/11xxx/CVE-2019-11724.json index 0c661d80010..47a41859879 100644 --- a/2019/11xxx/CVE-2019-11724.json +++ b/2019/11xxx/CVE-2019-11724.json @@ -54,6 +54,11 @@ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1512511", "refsource": "MISC", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1512511" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-12", + "url": "https://security.gentoo.org/glsa/201908-12" } ] }, diff --git a/2019/11xxx/CVE-2019-11725.json b/2019/11xxx/CVE-2019-11725.json index 033226f729e..5bdea80d628 100644 --- a/2019/11xxx/CVE-2019-11725.json +++ b/2019/11xxx/CVE-2019-11725.json @@ -54,6 +54,11 @@ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1483510", "refsource": "MISC", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1483510" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-12", + "url": "https://security.gentoo.org/glsa/201908-12" } ] }, diff --git a/2019/11xxx/CVE-2019-11727.json b/2019/11xxx/CVE-2019-11727.json index 7ed5a019055..2507d4e60b0 100644 --- a/2019/11xxx/CVE-2019-11727.json +++ b/2019/11xxx/CVE-2019-11727.json @@ -59,6 +59,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:1951", "url": "https://access.redhat.com/errata/RHSA-2019:1951" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-12", + "url": "https://security.gentoo.org/glsa/201908-12" } ] }, diff --git a/2019/11xxx/CVE-2019-11728.json b/2019/11xxx/CVE-2019-11728.json index d8c1a832655..1ff60957935 100644 --- a/2019/11xxx/CVE-2019-11728.json +++ b/2019/11xxx/CVE-2019-11728.json @@ -54,6 +54,11 @@ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1552993", "refsource": "MISC", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1552993" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-12", + "url": "https://security.gentoo.org/glsa/201908-12" } ] }, diff --git a/2019/11xxx/CVE-2019-11729.json b/2019/11xxx/CVE-2019-11729.json index 5d6b6869d77..191640f977a 100644 --- a/2019/11xxx/CVE-2019-11729.json +++ b/2019/11xxx/CVE-2019-11729.json @@ -101,6 +101,11 @@ "refsource": "REDHAT", "name": "RHSA-2019:1951", "url": "https://access.redhat.com/errata/RHSA-2019:1951" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-12", + "url": "https://security.gentoo.org/glsa/201908-12" } ] }, diff --git a/2019/11xxx/CVE-2019-11730.json b/2019/11xxx/CVE-2019-11730.json index 7973e99504d..d08e2d82413 100644 --- a/2019/11xxx/CVE-2019-11730.json +++ b/2019/11xxx/CVE-2019-11730.json @@ -106,6 +106,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190802 [SECURITY] [DLA 1870-1] thunderbird security update", "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00002.html" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-12", + "url": "https://security.gentoo.org/glsa/201908-12" } ] }, diff --git a/2019/2xxx/CVE-2019-2602.json b/2019/2xxx/CVE-2019-2602.json index 42a3fa27e4b..eb121569808 100644 --- a/2019/2xxx/CVE-2019-2602.json +++ b/2019/2xxx/CVE-2019-2602.json @@ -151,6 +151,11 @@ "refsource": "CONFIRM", "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10285", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10285" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-10", + "url": "https://security.gentoo.org/glsa/201908-10" } ] } diff --git a/2019/2xxx/CVE-2019-2699.json b/2019/2xxx/CVE-2019-2699.json index 51b6e7c48ec..b56995e1c7b 100644 --- a/2019/2xxx/CVE-2019-2699.json +++ b/2019/2xxx/CVE-2019-2699.json @@ -62,6 +62,11 @@ "refsource": "CONFIRM", "name": "https://support.f5.com/csp/article/K02771314", "url": "https://support.f5.com/csp/article/K02771314" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-10", + "url": "https://security.gentoo.org/glsa/201908-10" } ] } diff --git a/2019/9xxx/CVE-2019-9010.json b/2019/9xxx/CVE-2019-9010.json index 2bc5b435c1a..f3e2216523a 100644 --- a/2019/9xxx/CVE-2019-9010.json +++ b/2019/9xxx/CVE-2019-9010.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-9010", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in 3S-Smart CODESYS V3 products. The CODESYS Gateway does not correctly verify the ownership of a communication channel. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.20 that contain the CmpGateway component are affected, regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control V3 Runtime System Toolkit, CODESYS Gateway V3, CODESYS V3 Development System." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.us-cert.gov/ics/advisories/icsa-19-213-03", + "url": "https://www.us-cert.gov/ics/advisories/icsa-19-213-03" } ] } diff --git a/2019/9xxx/CVE-2019-9012.json b/2019/9xxx/CVE-2019-9012.json index f6dc1d1a391..2b89e5e32b2 100644 --- a/2019/9xxx/CVE-2019-9012.json +++ b/2019/9xxx/CVE-2019-9012.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-9012", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in 3S-Smart CODESYS V3 products. A crafted communication request may cause uncontrolled memory allocations in the affected CODESYS products and may result in a denial-of-service condition. All variants of the following CODESYS V3 products in all versions prior to v3.5.14.20 that contain the CmpGateway component are affected, regardless of the CPU type or operating system: CODESYS Control for BeagleBone, CODESYS Control for emPC-A/iMX6, CODESYS Control for IOT2000, CODESYS Control for Linux, CODESYS Control for PFC100, CODESYS Control for PFC200, CODESYS Control for Raspberry Pi, CODESYS Control V3 Runtime System Toolkit, CODESYS Gateway V3, CODESYS V3 Development System." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.us-cert.gov/ics/advisories/icsa-19-213-03", + "url": "https://www.us-cert.gov/ics/advisories/icsa-19-213-03" } ] } diff --git a/2019/9xxx/CVE-2019-9811.json b/2019/9xxx/CVE-2019-9811.json index b436fd9ab41..f25e84bb52b 100644 --- a/2019/9xxx/CVE-2019-9811.json +++ b/2019/9xxx/CVE-2019-9811.json @@ -116,6 +116,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20190802 [SECURITY] [DLA 1870-1] thunderbird security update", "url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00002.html" + }, + { + "refsource": "GENTOO", + "name": "GLSA-201908-12", + "url": "https://security.gentoo.org/glsa/201908-12" } ] },