mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
Merge branch 'CVE-2018-14642' of https://github.com/RedHatProductSecurity/cvelist
This commit is contained in:
commit
e8ad541d96
@ -1,18 +1,71 @@
|
||||
{
|
||||
"CVE_data_meta" : {
|
||||
"ASSIGNER" : "cve@mitre.org",
|
||||
"ID" : "CVE-2018-14642",
|
||||
"STATE" : "RESERVED"
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"data_type" : "CVE",
|
||||
"data_version" : "4.0",
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2018-14642",
|
||||
"ASSIGNER": "anemec@redhat.com"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Red Hat",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "undertow",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-200"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14642",
|
||||
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14642",
|
||||
"refsource": "CONFIRM"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "An information leak vulnerability was found in Undertow. If all headers are not written out in the first write() call then the code that handles flushing the buffer will always write out the full contents of the writevBuffer buffer, which may contain data from previous requests. "
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": [
|
||||
[
|
||||
{
|
||||
"vectorString": "5.3/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
|
||||
"version": "3.0"
|
||||
}
|
||||
]
|
||||
]
|
||||
}
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user