admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-02-13 04:01:44 +00:00
parent 56761d165b
commit efd387d362
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
36 changed files with 1690 additions and 2172 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

141
2012/4xxx/CVE-2012-4444.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4444",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,57 +27,81 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36",
"refsource": "CONFIRM",
"url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36"
},
{
"name": "SUSE-SU-2013:0856",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00000.html"
},
{
"name": "RHSA-2012:1580",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1580.html"
},
{
"name": "[oss-security] 20121109 Re: CVE request --- acceptation of overlapping ipv6 fragments",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/11/09/2"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=874835",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=874835"
},
{
"name": "https://github.com/torvalds/linux/commit/70789d7052239992824628db8133de08dc78e593",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/70789d7052239992824628db8133de08dc78e593"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=70789d7052239992824628db8133de08dc78e593",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=70789d7052239992824628db8133de08dc78e593"
},
{
"name": "https://media.blackhat.com/bh-eu-12/Atlasis/bh-eu-12-Atlasis-Attacking_IPv6-WP.pdf",
"url": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36",
"refsource": "MISC",
"url": "https://media.blackhat.com/bh-eu-12/Atlasis/bh-eu-12-Atlasis-Attacking_IPv6-WP.pdf"
"name": "http://ftp.osuosl.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36"
},
{
"name": "USN-1661-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1661-1"
"url": "http://rhn.redhat.com/errata/RHSA-2012-1580.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2012-1580.html"
},
{
"name": "USN-1660-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1660-1"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=70789d7052239992824628db8133de08dc78e593",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=70789d7052239992824628db8133de08dc78e593"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00000.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/11/09/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/11/09/2"
},
{
"url": "http://www.ubuntu.com/usn/USN-1660-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1660-1"
},
{
"url": "http://www.ubuntu.com/usn/USN-1661-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1661-1"
},
{
"url": "https://github.com/torvalds/linux/commit/70789d7052239992824628db8133de08dc78e593",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/70789d7052239992824628db8133de08dc78e593"
},
{
"url": "https://media.blackhat.com/bh-eu-12/Atlasis/bh-eu-12-Atlasis-Attacking_IPv6-WP.pdf",
"refsource": "MISC",
"name": "https://media.blackhat.com/bh-eu-12/Atlasis/bh-eu-12-Atlasis-Attacking_IPv6-WP.pdf"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=874835",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=874835"
}
]
}

129
2012/4xxx/CVE-2012-4445.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4445",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,67 +27,91 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://w1.fi/gitweb/gitweb.cgi?p=hostap.git;a=commitdiff;h=586c446e0ff42ae00315b014924ec669023bd8de",
"refsource": "CONFIRM",
"url": "http://w1.fi/gitweb/gitweb.cgi?p=hostap.git;a=commitdiff;h=586c446e0ff42ae00315b014924ec669023bd8de"
},
{
"name": "http://www.pre-cert.de/advisories/PRE-SA-2012-07.txt",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:168",
"refsource": "MISC",
"url": "http://www.pre-cert.de/advisories/PRE-SA-2012-07.txt"
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:168"
},
{
"name": "[oss-security] 20121008 [PRE-SA-2012-07] hostapd: Missing EAP-TLS message length validation",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/10/08/3"
"url": "http://osvdb.org/86051",
"refsource": "MISC",
"name": "http://osvdb.org/86051"
},
{
"name": "50805",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50805"
"url": "http://secunia.com/advisories/50805",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50805"
},
{
"name": "DSA-2557",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2557"
"url": "http://secunia.com/advisories/50888",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50888"
},
{
"name": "1027808",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027808"
"url": "http://w1.fi/gitweb/gitweb.cgi?p=hostap.git%3Ba=commitdiff%3Bh=586c446e0ff42ae00315b014924ec669023bd8de",
"refsource": "MISC",
"name": "http://w1.fi/gitweb/gitweb.cgi?p=hostap.git%3Ba=commitdiff%3Bh=586c446e0ff42ae00315b014924ec669023bd8de"
},
{
"name": "MDVSA-2012:168",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:168"
"url": "http://www.debian.org/security/2012/dsa-2557",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2557"
},
{
"name": "86051",
"refsource": "OSVDB",
"url": "http://osvdb.org/86051"
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-12:07.hostapd.asc",
"refsource": "MISC",
"name": "http://www.freebsd.org/security/advisories/FreeBSD-SA-12:07.hostapd.asc"
},
{
"name": "55826",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55826"
"url": "http://www.openwall.com/lists/oss-security/2012/10/08/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/10/08/3"
},
{
"name": "FreeBSD-SA-12:07",
"refsource": "FREEBSD",
"url": "http://www.freebsd.org/security/advisories/FreeBSD-SA-12:07.hostapd.asc"
"url": "http://www.pre-cert.de/advisories/PRE-SA-2012-07.txt",
"refsource": "MISC",
"name": "http://www.pre-cert.de/advisories/PRE-SA-2012-07.txt"
},
{
"name": "hostapd-eaptls-dos(79104)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79104"
"url": "http://www.securityfocus.com/bid/55826",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55826"
},
{
"name": "50888",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50888"
"url": "http://www.securitytracker.com/id?1027808",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id?1027808"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79104",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79104"
}
]
}

59
2012/4xxx/CVE-2012-4447.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2012-4447 libtiff: Heap-buffer overflow when processing a TIFF image with PixarLog Compression"
"value": "Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
"value": "n/a"
}
]
}
@ -32,27 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:3.8.2-18.el5_8",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:3.9.4-9.el6_3",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -75,11 +63,6 @@
"refsource": "MISC",
"name": "http://secunia.com/advisories/49938"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1590",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1590"
},
{
"url": "http://lists.opensuse.org/opensuse-updates/2013-01/msg00076.html",
"refsource": "MISC",
@ -120,41 +103,11 @@
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55673"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-4447",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-4447"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=860198",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=860198"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}
}

91
2012/4xxx/CVE-2012-4448.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4448",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugs.gentoo.org/show_bug.cgi?id=436198",
"refsource": "CONFIRM",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=436198"
},
{
"name": "50715",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50715"
},
{
"name": "http://packetstormsecurity.org/files/116785/WordPress-3.4.2-Cross-Site-Request-Forgery.html",
"url": "http://openwall.com/lists/oss-security/2012/09/25/15",
"refsource": "MISC",
"url": "http://packetstormsecurity.org/files/116785/WordPress-3.4.2-Cross-Site-Request-Forgery.html"
"name": "http://openwall.com/lists/oss-security/2012/09/25/15"
},
{
"name": "[oss-security] 20120925 Re: CVE Request -- WordPress (3,4.2): CSRF in the incoming links section of the dashboard",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2012/09/25/15"
"url": "http://packetstormsecurity.org/files/116785/WordPress-3.4.2-Cross-Site-Request-Forgery.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.org/files/116785/WordPress-3.4.2-Cross-Site-Request-Forgery.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=860261",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=860261"
"url": "http://secunia.com/advisories/50715",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50715"
},
{
"url": "https://bugs.gentoo.org/show_bug.cgi?id=436198",
"refsource": "MISC",
"name": "https://bugs.gentoo.org/show_bug.cgi?id=436198"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=860261",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=860261"
}
]
}

101
2012/4xxx/CVE-2012-4450.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4450",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=860772",
"url": "http://git.fedorahosted.org/cgit/389/ds.git/commit/?id=5beb93d42efb807838c09c5fab898876876f8d09",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=860772"
"name": "http://git.fedorahosted.org/cgit/389/ds.git/commit/?id=5beb93d42efb807838c09c5fab898876876f8d09"
},
{
"name": "https://fedorahosted.org/389/ticket/340",
"refsource": "CONFIRM",
"url": "https://fedorahosted.org/389/ticket/340"
"url": "http://rhn.redhat.com/errata/RHSA-2013-0503.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0503.html"
},
{
"name": "http://git.fedorahosted.org/cgit/389/ds.git/commit/?id=5beb93d42efb807838c09c5fab898876876f8d09",
"refsource": "CONFIRM",
"url": "http://git.fedorahosted.org/cgit/389/ds.git/commit/?id=5beb93d42efb807838c09c5fab898876876f8d09"
"url": "http://secunia.com/advisories/50713",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50713"
},
{
"name": "50713",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50713"
"url": "http://www.openwall.com/lists/oss-security/2012/09/26/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/26/3"
},
{
"name": "RHSA-2013:0503",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0503.html"
"url": "http://www.openwall.com/lists/oss-security/2012/09/26/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/26/5"
},
{
"name": "[oss-security] 20120926 CVE Request -- 389-ds-base: Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL (ACL rules bypass possible)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/26/3"
"url": "http://www.securityfocus.com/bid/55690",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55690"
},
{
"name": "[oss-security] 20120926 Re: CVE Request -- 389-ds-base: Change on SLAPI_MODRDN_NEWSUPERIOR is not evaluated in ACL (ACL rules bypass possible)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/26/5"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=860772",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=860772"
},
{
"name": "55690",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55690"
"url": "https://fedorahosted.org/389/ticket/340",
"refsource": "MISC",
"name": "https://fedorahosted.org/389/ticket/340"
}
]
}

159
2012/4xxx/CVE-2012-4454.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4454",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,72 +27,96 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120909 Re: CVE request: opencryptoki insecure lock files handling",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/09/2"
},
{
"name": "[oss-security] 20120924 Re: CVE request: opencryptoki insecure lock files handling",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/25/5"
},
{
"name": "50702",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50702"
},
{
"name": "55627",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55627"
},
{
"name": "[oss-security] 20120927 Re: CVE request: opencryptoki insecure lock files handling",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/27/2"
},
{
"name": "[Opencryptoki-tech] 20120223 opencryptoki version 2.4.1 released",
"refsource": "MLIST",
"url": "http://sourceforge.net/mailarchive/message.php?msg_id=28878345"
},
{
"name": "[oss-security] 20120920 Re: CVE request: opencryptoki insecure lock files handling",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/6"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=730636",
"url": "http://opencryptoki.git.sourceforge.net/git/gitweb.cgi?p=opencryptoki/opencryptoki%3Ba=commitdiff%3Bh=58345488c9351d9be9a4be27c8b407c2706a33a9",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=730636"
"name": "http://opencryptoki.git.sourceforge.net/git/gitweb.cgi?p=opencryptoki/opencryptoki%3Ba=commitdiff%3Bh=58345488c9351d9be9a4be27c8b407c2706a33a9"
},
{
"name": "opencryptoki-mutliple-symlink(78797)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78797"
"url": "http://opencryptoki.git.sourceforge.net/git/gitweb.cgi?p=opencryptoki/opencryptoki%3Ba=commitdiff%3Bh=b7fcb3eb0319183348f1f4fb90ede4edd6487c30",
"refsource": "MISC",
"name": "http://opencryptoki.git.sourceforge.net/git/gitweb.cgi?p=opencryptoki/opencryptoki%3Ba=commitdiff%3Bh=b7fcb3eb0319183348f1f4fb90ede4edd6487c30"
},
{
"name": "[oss-security] 20120906 CVE request: opencryptoki insecure lock files handling",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/07/2"
"url": "http://secunia.com/advisories/50702",
"refsource": "MISC",
"name": "http://secunia.com/advisories/50702"
},
{
"name": "http://opencryptoki.git.sourceforge.net/git/gitweb.cgi?p=opencryptoki/opencryptoki;a=commitdiff;h=b7fcb3eb0319183348f1f4fb90ede4edd6487c30",
"refsource": "CONFIRM",
"url": "http://opencryptoki.git.sourceforge.net/git/gitweb.cgi?p=opencryptoki/opencryptoki;a=commitdiff;h=b7fcb3eb0319183348f1f4fb90ede4edd6487c30"
"url": "http://sourceforge.net/mailarchive/message.php?msg_id=28878345",
"refsource": "MISC",
"name": "http://sourceforge.net/mailarchive/message.php?msg_id=28878345"
},
{
"name": "http://opencryptoki.git.sourceforge.net/git/gitweb.cgi?p=opencryptoki/opencryptoki;a=commitdiff;h=58345488c9351d9be9a4be27c8b407c2706a33a9",
"refsource": "CONFIRM",
"url": "http://opencryptoki.git.sourceforge.net/git/gitweb.cgi?p=opencryptoki/opencryptoki;a=commitdiff;h=58345488c9351d9be9a4be27c8b407c2706a33a9"
"url": "http://www.openwall.com/lists/oss-security/2012/09/07/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/07/2"
},
{
"name": "[oss-security] 20120907 Re: CVE request: opencryptoki insecure lock files handling",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/07/6"
"url": "http://www.openwall.com/lists/oss-security/2012/09/07/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/07/6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/09/09/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/09/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/20/6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/09/25/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/25/5"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/09/27/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/27/2"
},
{
"url": "http://www.securityfocus.com/bid/55627",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55627"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78797",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78797"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=730636",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=730636"
}
]
}

153
2012/4xxx/CVE-2012-4455.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4455",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,67 +27,91 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20120909 Re: CVE request: opencryptoki insecure lock files handling",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/09/2"
},
{
"name": "[oss-security] 20120924 Re: CVE request: opencryptoki insecure lock files handling",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/25/5"
},
{
"name": "50702",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50702"
},
{
"name": "55627",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55627"
},
{
"name": "[oss-security] 20120927 Re: CVE request: opencryptoki insecure lock files handling",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/27/2"
},
{
"name": "opencryptoki-file-symlink(78943)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78943"
},
{
"name": "[oss-security] 20120920 Re: CVE request: opencryptoki insecure lock files handling",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/6"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=730636",
"url": "http://secunia.com/advisories/50702",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=730636"
"name": "http://secunia.com/advisories/50702"
},
{
"name": "[Opencryptoki-tech] 20120427 opencryptoki release 2.4.2",
"refsource": "MLIST",
"url": "http://sourceforge.net/mailarchive/message.php?msg_id=29191022"
"url": "http://www.openwall.com/lists/oss-security/2012/09/07/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/07/2"
},
{
"name": "http://opencryptoki.git.sourceforge.net/git/gitweb.cgi?p=opencryptoki/opencryptoki;a=commitdiff;h=5667edb52cd27b7e512f48f823b4bcc6b872ab15",
"refsource": "CONFIRM",
"url": "http://opencryptoki.git.sourceforge.net/git/gitweb.cgi?p=opencryptoki/opencryptoki;a=commitdiff;h=5667edb52cd27b7e512f48f823b4bcc6b872ab15"
"url": "http://www.openwall.com/lists/oss-security/2012/09/07/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/07/6"
},
{
"name": "[oss-security] 20120906 CVE request: opencryptoki insecure lock files handling",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/07/2"
"url": "http://www.openwall.com/lists/oss-security/2012/09/09/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/09/2"
},
{
"name": "[oss-security] 20120907 Re: CVE request: opencryptoki insecure lock files handling",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/07/6"
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/20/6"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/09/25/5",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/25/5"
},
{
"url": "http://www.openwall.com/lists/oss-security/2012/09/27/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/27/2"
},
{
"url": "http://www.securityfocus.com/bid/55627",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55627"
},
{
"url": "http://opencryptoki.git.sourceforge.net/git/gitweb.cgi?p=opencryptoki/opencryptoki%3Ba=commitdiff%3Bh=5667edb52cd27b7e512f48f823b4bcc6b872ab15",
"refsource": "MISC",
"name": "http://opencryptoki.git.sourceforge.net/git/gitweb.cgi?p=opencryptoki/opencryptoki%3Ba=commitdiff%3Bh=5667edb52cd27b7e512f48f823b4bcc6b872ab15"
},
{
"url": "http://sourceforge.net/mailarchive/message.php?msg_id=29191022",
"refsource": "MISC",
"name": "http://sourceforge.net/mailarchive/message.php?msg_id=29191022"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78943",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78943"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=730636",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=730636"
}
]
}

56
2012/4xxx/CVE-2012-4456.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2012-4456 Openstack Keystone 2012.1.1: fails to validate tokens in Admin API"
"value": "The (1) OS-KSADM/services and (2) tenant APIs in OpenStack Keystone Essex before 2012.1.2 and Folsom before folsom-2 do not properly validate X-Auth-Token, which allow remote attackers to read the roles for an arbitrary user or get, create, or delete arbitrary services."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Missing Critical Step in Authentication",
"cweId": "CWE-304"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "OpenStack Essex for RHEL 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:2012.1.2-4.el6",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -69,16 +68,6 @@
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55716"
},
{
"url": "https://access.redhat.com/errata/RHSA-2012:1378",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2012:1378"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2012-4456",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2012-4456"
},
{
"url": "https://bugs.launchpad.net/keystone/+bug/1006815",
"refsource": "MISC",
@ -89,11 +78,6 @@
"refsource": "MISC",
"name": "https://bugs.launchpad.net/keystone/+bug/1006822"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=861179",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=861179"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78944",
"refsource": "MISC",
@ -123,31 +107,11 @@
"url": "https://lists.launchpad.net/openstack/msg17034.html",
"refsource": "MISC",
"name": "https://lists.launchpad.net/openstack/msg17034.html"
}
]
},
"impact": {
"cvss": [
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.5,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=861179",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=861179"
}
]
}

105
2012/4xxx/CVE-2012-4457.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-4457",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "50665",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50665"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=861180",
"url": "http://secunia.com/advisories/50665",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=861180"
"name": "http://secunia.com/advisories/50665"
},
{
"name": "[openstack] 20120928 [OSSA 2012-016] Token authorization for a user in a disabled tenant is allowed (CVE-2012-4457)",
"refsource": "MLIST",
"url": "https://lists.launchpad.net/openstack/msg17035.html"
"url": "http://www.securityfocus.com/bid/55716",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/55716"
},
{
"name": "keystone-xauth-token-sec-bypass(78947)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78947"
"url": "http://www.openwall.com/lists/oss-security/2012/09/28/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2012/09/28/6"
},
{
"name": "[oss-security] 20120928 [OSSA 2012-016] Token authorization for a user in a disabled tenant is allowed (CVE-2012-4457)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/28/6"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78947",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78947"
},
{
"name": "55716",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55716"
"url": "https://github.com/openstack/keystone/commit/4ebfdfaf23c6da8e3c182bf3ec2cb2b7132ef685",
"refsource": "MISC",
"name": "https://github.com/openstack/keystone/commit/4ebfdfaf23c6da8e3c182bf3ec2cb2b7132ef685"
},
{
"name": "https://github.com/openstack/keystone/commit/5373601bbdda10f879c08af1698852142b75f8d5",
"refsource": "CONFIRM",
"url": "https://github.com/openstack/keystone/commit/5373601bbdda10f879c08af1698852142b75f8d5"
"url": "https://github.com/openstack/keystone/commit/5373601bbdda10f879c08af1698852142b75f8d5",
"refsource": "MISC",
"name": "https://github.com/openstack/keystone/commit/5373601bbdda10f879c08af1698852142b75f8d5"
},
{
"name": "https://github.com/openstack/keystone/commit/4ebfdfaf23c6da8e3c182bf3ec2cb2b7132ef685",
"refsource": "CONFIRM",
"url": "https://github.com/openstack/keystone/commit/4ebfdfaf23c6da8e3c182bf3ec2cb2b7132ef685"
"url": "https://lists.launchpad.net/openstack/msg17035.html",
"refsource": "MISC",
"name": "https://lists.launchpad.net/openstack/msg17035.html"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=861180",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=861180"
}
]
}

237
2013/1xxx/CVE-2013-1914.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1914",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,107 +27,131 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/security/advisories/VMSA-2014-0008.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0008.html"
},
{
"name": "RHSA-2013:1605",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1605.html"
},
{
"name": "55113",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55113"
},
{
"name": "[oss-security] 20130403 CVE Request: glibc getaddrinfo() stack overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/04/03/2"
},
{
"name": "USN-1991-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=947882",
"url": "https://security.gentoo.org/glsa/201503-04",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=947882"
"name": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "MDVSA-2013:284",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"name": "58839",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/58839"
},
{
"name": "http://sourceware.org/bugzilla/show_bug.cgi?id=15330",
"refsource": "CONFIRM",
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=15330"
},
{
"name": "http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=1cef1b19089528db11f221e938f60b9b048945d7",
"refsource": "CONFIRM",
"url": "http://sourceware.org/git/?p=glibc.git;a=commitdiff;h=1cef1b19089528db11f221e938f60b9b048945d7"
},
{
"name": "[oss-security] 20130403 Re: CVE Request: glibc getaddrinfo() stack overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/04/03/8"
},
{
"name": "[oss-security] 20130405 Re: CVE Request: glibc getaddrinfo() stack overflow",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/04/05/1"
},
{
"name": "GLSA-201503-04",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201503-04"
},
{
"name": "MDVSA-2013:283",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"name": "52817",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/52817"
},
{
"name": "RHSA-2013:0769",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0769.html"
},
{
"name": "MDVSA-2013:163",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:163"
},
{
"name": "https://bugzilla.novell.com/show_bug.cgi?id=813121",
"url": "http://secunia.com/advisories/55113",
"refsource": "MISC",
"url": "https://bugzilla.novell.com/show_bug.cgi?id=813121"
},
{
"refsource": "FULLDISC",
"name": "20210901 SEC Consult SA-20210901-0 :: Multiple vulnerabilities in MOXA devices",
"url": "http://seclists.org/fulldisclosure/2021/Sep/0"
"name": "http://secunia.com/advisories/55113"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html",
"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html"
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:283"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:284"
},
{
"url": "http://www.ubuntu.com/usn/USN-1991-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1991-1"
},
{
"url": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/164014/Moxa-Command-Injection-Cross-Site-Scripting-Vulnerable-Software.html"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-0769.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-0769.html"
},
{
"url": "http://rhn.redhat.com/errata/RHSA-2013-1605.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1605.html"
},
{
"url": "http://seclists.org/fulldisclosure/2021/Sep/0",
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2021/Sep/0"
},
{
"url": "http://secunia.com/advisories/52817",
"refsource": "MISC",
"name": "http://secunia.com/advisories/52817"
},
{
"url": "http://sourceware.org/bugzilla/show_bug.cgi?id=15330",
"refsource": "MISC",
"name": "http://sourceware.org/bugzilla/show_bug.cgi?id=15330"
},
{
"url": "http://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=1cef1b19089528db11f221e938f60b9b048945d7",
"refsource": "MISC",
"name": "http://sourceware.org/git/?p=glibc.git%3Ba=commitdiff%3Bh=1cef1b19089528db11f221e938f60b9b048945d7"
},
{
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:163",
"refsource": "MISC",
"name": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:163"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/04/03/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/04/03/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/04/03/8",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/04/03/8"
},
{
"url": "http://www.openwall.com/lists/oss-security/2013/04/05/1",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/04/05/1"
},
{
"url": "http://www.securityfocus.com/bid/58839",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/58839"
},
{
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0008.html",
"refsource": "MISC",
"name": "http://www.vmware.com/security/advisories/VMSA-2014-0008.html"
},
{
"url": "https://bugzilla.novell.com/show_bug.cgi?id=813121",
"refsource": "MISC",
"name": "https://bugzilla.novell.com/show_bug.cgi?id=813121"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=947882",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=947882"
}
]
}

115
2013/1xxx/CVE-2013-1917.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1917",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,57 +27,81 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2014:0470",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html"
"url": "http://secunia.com/advisories/55082",
"refsource": "MISC",
"name": "http://secunia.com/advisories/55082"
},
{
"name": "55082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55082"
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "1028455",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1028455"
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
},
{
"name": "GLSA-201309-24",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html"
},
{
"name": "openSUSE-SU-2013:0912",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00049.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html"
},
{
"name": "[oss-security] 20130418 Xen Security Advisory 44 (CVE-2013-1917) - Xen PV DoS vulnerability with SYSENTER",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/04/18/8"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104537.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104537.html"
},
{
"name": "DSA-2662",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2662"
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00049.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00049.html"
},
{
"name": "SUSE-SU-2014:0446",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
"url": "http://www.debian.org/security/2012/dsa-2662",
"refsource": "MISC",
"name": "http://www.debian.org/security/2012/dsa-2662"
},
{
"name": "FEDORA-2013-6723",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104537.html"
"url": "http://www.openwall.com/lists/oss-security/2013/04/18/8",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/04/18/8"
},
{
"name": "SUSE-SU-2014:0411",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html"
"url": "http://www.securitytracker.com/id/1028455",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1028455"
}
]
}

103
2013/1xxx/CVE-2013-1918.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1918",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "55082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55082"
"url": "http://secunia.com/advisories/55082",
"refsource": "MISC",
"name": "http://secunia.com/advisories/55082"
},
{
"name": "FEDORA-2013-7432",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105533.html"
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "GLSA-201309-24",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
},
{
"name": "53187",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/53187"
"url": "http://www.debian.org/security/2013/dsa-2666",
"refsource": "MISC",
"name": "http://www.debian.org/security/2013/dsa-2666"
},
{
"name": "DSA-2666",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2666"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105533.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105533.html"
},
{
"name": "SUSE-SU-2014:0446",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
"url": "http://secunia.com/advisories/53187",
"refsource": "MISC",
"name": "http://secunia.com/advisories/53187"
},
{
"name": "[oss-security] 20130502 Xen Security Advisory 45 (CVE-2013-1918) - Several long latency operations are not preemptible",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/05/02/8"
"url": "http://www.openwall.com/lists/oss-security/2013/05/02/8",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/05/02/8"
},
{
"name": "59615",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/59615"
"url": "http://www.securityfocus.com/bid/59615",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/59615"
}
]
}

109
2013/1xxx/CVE-2013-1919.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1919",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,52 +27,76 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "55082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55082"
"url": "http://secunia.com/advisories/55082",
"refsource": "MISC",
"name": "http://secunia.com/advisories/55082"
},
{
"name": "GLSA-201309-24",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "openSUSE-SU-2013:0912",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00049.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
},
{
"name": "DSA-2662",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2662"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104537.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104537.html"
},
{
"name": "SUSE-SU-2014:0446",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00049.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00049.html"
},
{
"name": "FEDORA-2013-6723",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104537.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104538.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104538.html"
},
{
"name": "[oss-security] 20130418 Xen Security Advisory 46 (CVE-2013-1919) - Several access permission issues with IRQs for unprivileged guests",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/04/18/6"
"url": "http://www.debian.org/security/2013/dsa-2662",
"refsource": "MISC",
"name": "http://www.debian.org/security/2013/dsa-2662"
},
{
"name": "59292",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/59292"
"url": "http://www.openwall.com/lists/oss-security/2013/04/18/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/04/18/6"
},
{
"name": "FEDORA-2013-6641",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104538.html"
"url": "http://www.securityfocus.com/bid/59292",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/59292"
}
]
}

133
2013/1xxx/CVE-2013-1920.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1920",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,72 +27,96 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2014:0470",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html"
"url": "http://secunia.com/advisories/55082",
"refsource": "MISC",
"name": "http://secunia.com/advisories/55082"
},
{
"name": "55082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55082"
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "GLSA-201309-24",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
},
{
"name": "[Xen-announce] 20130404 Xen Security Advisory 47 (CVE-2013-1920) - Potential use of freed memory in event channel operations",
"refsource": "MLIST",
"url": "http://lists.xen.org/archives/html/xen-announce/2013-04/msg00000.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html"
},
{
"name": "92050",
"refsource": "OSVDB",
"url": "http://osvdb.org/92050"
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html"
},
{
"name": "xen-cve20131920-code-exec(83226)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83226"
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00049.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00049.html"
},
{
"name": "openSUSE-SU-2013:0912",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00049.html"
"url": "http://lists.xen.org/archives/html/xen-announce/2013-04/msg00000.html",
"refsource": "MISC",
"name": "http://lists.xen.org/archives/html/xen-announce/2013-04/msg00000.html"
},
{
"name": "52857",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/52857"
"url": "http://osvdb.org/92050",
"refsource": "MISC",
"name": "http://osvdb.org/92050"
},
{
"name": "58880",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/58880"
"url": "http://secunia.com/advisories/52857",
"refsource": "MISC",
"name": "http://secunia.com/advisories/52857"
},
{
"name": "SUSE-SU-2014:0446",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html"
"url": "http://www.openwall.com/lists/oss-security/2013/04/04/7",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/04/04/7"
},
{
"name": "SUSE-SU-2014:0411",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html"
"url": "http://www.securityfocus.com/bid/58880",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/58880"
},
{
"name": "1028388",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1028388"
"url": "http://www.securitytracker.com/id/1028388",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1028388"
},
{
"name": "[oss-security] 20130404 Xen Security Advisory 47 (CVE-2013-1920) - Potential use of freed memory in event channel operations",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/04/04/7"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83226",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/83226"
}
]
}

91
2013/1xxx/CVE-2013-1921.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1921",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,37 +27,61 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:0029",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0029.html"
"url": "http://rhn.redhat.com/errata/RHSA-2013-1437.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1437.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=948106",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=948106"
"url": "http://rhn.redhat.com/errata/RHSA-2013-1207.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1207.html"
},
{
"name": "RHSA-2013:1209",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1209.html"
"url": "http://rhn.redhat.com/errata/RHSA-2013-1208.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1208.html"
},
{
"name": "RHSA-2013:1437",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1437.html"
"url": "http://rhn.redhat.com/errata/RHSA-2013-1209.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1209.html"
},
{
"name": "RHSA-2013:1207",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1207.html"
"url": "http://rhn.redhat.com/errata/RHSA-2014-0029.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2014-0029.html"
},
{
"name": "RHSA-2013:1208",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1208.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=948106",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=948106"
}
]
}

103
2013/1xxx/CVE-2013-1922.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1922",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "FEDORA-2013-6221",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103637.html"
"url": "http://secunia.com/advisories/55082",
"refsource": "MISC",
"name": "http://secunia.com/advisories/55082"
},
{
"name": "55082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55082"
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
},
{
"name": "FEDORA-2013-6185",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103621.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103621.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103621.html"
},
{
"name": "GLSA-201309-24",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201309-24.xml"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103637.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103637.html"
},
{
"name": "FEDORA-2013-6211",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/104036.html"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/104036.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-April/104036.html"
},
{
"name": "[oss-security] 20130416 CVE-2013-1922 -- qemu: qemu-nbd block format auto-detection vulnerability",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/04/16/2"
"url": "http://www.openwall.com/lists/oss-security/2013/04/15/3",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/04/15/3"
},
{
"name": "1028426",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1028426"
"url": "http://www.openwall.com/lists/oss-security/2013/04/16/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/04/16/2"
},
{
"name": "[oss-security] 20130415 Xen Security Advisory 48 (CVE-2013-1922) - qemu-nbd format-guessing due to missing format specification",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/04/15/3"
"url": "http://www.securitytracker.com/id/1028426",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1028426"
}
]
}

103
2013/1xxx/CVE-2013-1923.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1923",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "58854",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/58854"
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00142.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00142.html"
},
{
"name": "[linux-nfs] 20130403 Re: [PATCH] Avoid PTR lookups when possible",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-nfs&m=136500502805121&w=2"
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00146.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00146.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=948072",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=948072"
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00172.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00172.html"
},
{
"name": "openSUSE-SU-2013:1048",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00172.html"
"url": "http://marc.info/?l=linux-nfs&m=136491998607561&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=linux-nfs&m=136491998607561&w=2"
},
{
"name": "openSUSE-SU-2013:1012",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00142.html"
"url": "http://marc.info/?l=linux-nfs&m=136500502805121&w=2",
"refsource": "MISC",
"name": "http://marc.info/?l=linux-nfs&m=136500502805121&w=2"
},
{
"name": "openSUSE-SU-2013:1016",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00146.html"
"url": "http://www.securityfocus.com/bid/58854",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/58854"
},
{
"name": "nfsutils-cve20131923-spoofing(85331)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85331"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85331",
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85331"
},
{
"name": "[linux-nfs] 20130402 Re: [PATCH] Avoid PTR lookups when possible",
"refsource": "MLIST",
"url": "http://marc.info/?l=linux-nfs&m=136491998607561&w=2"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=948072",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=948072"
}
]
}

115
2013/1xxx/CVE-2013-1928.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1928",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,57 +27,81 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2013:0847",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html"
"url": "http://rhn.redhat.com/errata/RHSA-2013-1645.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1645.html"
},
{
"name": "https://github.com/torvalds/linux/commit/12176503366885edd542389eed3aaf94be163fdb",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/12176503366885edd542389eed3aaf94be163fdb"
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html"
},
{
"name": "[oss-security] 20130405 Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/04/06/2"
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00000.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00000.html"
},
{
"name": "SUSE-SU-2013:0856",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00000.html"
"url": "http://www.ubuntu.com/usn/USN-1829-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-1829-1"
},
{
"name": "USN-1829-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1829-1"
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=12176503366885edd542389eed3aaf94be163fdb",
"refsource": "MISC",
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=12176503366885edd542389eed3aaf94be163fdb"
},
{
"name": "[oss-security] 20130409 Re: CVE Request: kernel information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/04/09/6"
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.6.5",
"refsource": "MISC",
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.6.5"
},
{
"name": "RHSA-2013:1645",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1645.html"
"url": "http://www.openwall.com/lists/oss-security/2013/04/06/2",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/04/06/2"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=949567",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=949567"
"url": "http://www.openwall.com/lists/oss-security/2013/04/09/6",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/04/09/6"
},
{
"name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=12176503366885edd542389eed3aaf94be163fdb",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=12176503366885edd542389eed3aaf94be163fdb"
"url": "https://github.com/torvalds/linux/commit/12176503366885edd542389eed3aaf94be163fdb",
"refsource": "MISC",
"name": "https://github.com/torvalds/linux/commit/12176503366885edd542389eed3aaf94be163fdb"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.6.5",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.6.5"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=949567",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=949567"
}
]
}

79
2013/4xxx/CVE-2013-4393.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4393",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,27 +27,51 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "GLSA-201612-34",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-34"
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357",
"refsource": "MISC",
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357"
"url": "http://www.openwall.com/lists/oss-security/2013/10/01/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/10/01/9"
},
{
"name": "[oss-security] 20131001 Re: [CVE request] systemd",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/10/01/9"
"url": "https://security.gentoo.org/glsa/201612-34",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201612-34"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=859104",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=859104"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=859104",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=859104"
}
]
}

85
2013/4xxx/CVE-2013-4394.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4394",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,32 +27,56 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "GLSA-201612-34",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201612-34"
"url": "http://www.debian.org/security/2013/dsa-2777",
"refsource": "MISC",
"name": "http://www.debian.org/security/2013/dsa-2777"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357"
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357",
"refsource": "MISC",
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=862324",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=862324"
"url": "http://www.openwall.com/lists/oss-security/2013/10/01/9",
"refsource": "MISC",
"name": "http://www.openwall.com/lists/oss-security/2013/10/01/9"
},
{
"name": "DSA-2777",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2777"
"url": "https://security.gentoo.org/glsa/201612-34",
"refsource": "MISC",
"name": "https://security.gentoo.org/glsa/201612-34"
},
{
"name": "[oss-security] 20131001 Re: [CVE request] systemd",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2013/10/01/9"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=862324",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=862324"
}
]
}

53
2013/4xxx/CVE-2013-4397.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2013-4397 libtar: Heap-based buffer overflows by expanding a specially-crafted archive"
"value": "Multiple integer overflows in the th_read function in lib/block.c in libtar before 1.2.20 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long (1) name or (2) link in an archive, which triggers a heap-based buffer overflow."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
"value": "n/a"
}
]
}
@ -32,16 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 6",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:1.2.11-17.el6_4.1",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -104,21 +103,6 @@
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1040106"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:1418",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:1418"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-4397",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-4397"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1014492",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1014492"
},
{
"url": "https://lists.feep.net:8080/pipermail/libtar/2013-October/000361.html",
"refsource": "MISC",
@ -130,30 +114,5 @@
"name": "https://source.android.com/security/bulletin/2018-01-01"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}
}

103
2013/4xxx/CVE-2013-4400.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4400",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "60895",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60895"
"url": "http://wiki.libvirt.org/page/Maintenance_Releases",
"refsource": "MISC",
"name": "http://wiki.libvirt.org/page/Maintenance_Releases"
},
{
"name": "GLSA-201412-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
"url": "http://secunia.com/advisories/60895",
"refsource": "MISC",
"name": "http://secunia.com/advisories/60895"
},
{
"name": "http://libvirt.org/git/?p=libvirt.git;a=commit;h=3e2f27e13b94f7302ad948bcacb5e02c859a25fc",
"refsource": "CONFIRM",
"url": "http://libvirt.org/git/?p=libvirt.git;a=commit;h=3e2f27e13b94f7302ad948bcacb5e02c859a25fc"
"url": "http://security.gentoo.org/glsa/glsa-201412-04.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
},
{
"name": "http://libvirt.org/git/?p=libvirt.git;a=commit;h=b7fcc799ad5d8f3e55b89b94e599903e3c092467",
"refsource": "CONFIRM",
"url": "http://libvirt.org/git/?p=libvirt.git;a=commit;h=b7fcc799ad5d8f3e55b89b94e599903e3c092467"
"url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=3e2f27e13b94f7302ad948bcacb5e02c859a25fc",
"refsource": "MISC",
"name": "http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=3e2f27e13b94f7302ad948bcacb5e02c859a25fc"
},
{
"name": "http://wiki.libvirt.org/page/Maintenance_Releases",
"refsource": "CONFIRM",
"url": "http://wiki.libvirt.org/page/Maintenance_Releases"
"url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=8c3586ea755c40d5e01b22cb7b5c1e668cdec994",
"refsource": "MISC",
"name": "http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=8c3586ea755c40d5e01b22cb7b5c1e668cdec994"
},
{
"name": "http://libvirt.org/git/?p=libvirt.git;a=commit;h=8c3586ea755c40d5e01b22cb7b5c1e668cdec994",
"refsource": "CONFIRM",
"url": "http://libvirt.org/git/?p=libvirt.git;a=commit;h=8c3586ea755c40d5e01b22cb7b5c1e668cdec994"
"url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=b7fcc799ad5d8f3e55b89b94e599903e3c092467",
"refsource": "MISC",
"name": "http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=b7fcc799ad5d8f3e55b89b94e599903e3c092467"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1015228",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015228"
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/121370.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/121370.html"
},
{
"name": "FEDORA-2013-20869",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/121370.html"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015228",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1015228"
}
]
}

111
2013/4xxx/CVE-2013-4401.json
View File

@ -1,40 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4401",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The virConnectDomainXMLToNative API function in libvirt 1.1.0 through 1.1.3 checks for the connect:read permission instead of the connect:write permission, which allows attackers to gain domain:write privileges and execute Qemu binaries via crafted XML. NOTE: some of these details are obtained from third party information."
"value": "The virConnectDomainXMLToNative API function in libvirt 1.1.0 through 1.1.3 checks for the connect:read permission instead of the connect:write permission, which allows attackers to gain domain:write privileges and execute Qemu binaries via crafted XML. NOTE: some of these details are obtained from third party information."
}
]
},
@ -50,47 +27,71 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "60895",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/60895"
},
{
"name": "GLSA-201412-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1015259",
"url": "http://wiki.libvirt.org/page/Maintenance_Releases",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015259"
"name": "http://wiki.libvirt.org/page/Maintenance_Releases"
},
{
"name": "http://wiki.libvirt.org/page/Maintenance_Releases",
"refsource": "CONFIRM",
"url": "http://wiki.libvirt.org/page/Maintenance_Releases"
"url": "http://secunia.com/advisories/60895",
"refsource": "MISC",
"name": "http://secunia.com/advisories/60895"
},
{
"name": "http://libvirt.org/git/?p=libvirt.git;a=commit;h=57687fd6bf7f6e1b3662c52f3f26c06ab19dc96c",
"refsource": "CONFIRM",
"url": "http://libvirt.org/git/?p=libvirt.git;a=commit;h=57687fd6bf7f6e1b3662c52f3f26c06ab19dc96c"
"url": "http://security.gentoo.org/glsa/glsa-201412-04.xml",
"refsource": "MISC",
"name": "http://security.gentoo.org/glsa/glsa-201412-04.xml"
},
{
"name": "USN-2026-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2026-1"
"url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=57687fd6bf7f6e1b3662c52f3f26c06ab19dc96c",
"refsource": "MISC",
"name": "http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=57687fd6bf7f6e1b3662c52f3f26c06ab19dc96c"
},
{
"name": "55210",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55210"
"url": "http://secunia.com/advisories/55210",
"refsource": "MISC",
"name": "http://secunia.com/advisories/55210"
},
{
"name": "1029241",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029241"
"url": "http://www.securitytracker.com/id/1029241",
"refsource": "MISC",
"name": "http://www.securitytracker.com/id/1029241"
},
{
"url": "http://www.ubuntu.com/usn/USN-2026-1",
"refsource": "MISC",
"name": "http://www.ubuntu.com/usn/USN-2026-1"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015259",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1015259"
}
]
}

73
2013/4xxx/CVE-2013-4404.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4404",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=995038",
"refsource": "CONFIRM",
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=995038"
"url": "http://rhn.redhat.com/errata/RHSA-2013-1851.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1851.html"
},
{
"name": "RHSA-2013:1851",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1851.html"
"url": "http://rhn.redhat.com/errata/RHSA-2013-1852.html",
"refsource": "MISC",
"name": "http://rhn.redhat.com/errata/RHSA-2013-1852.html"
},
{
"name": "RHSA-2013:1852",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1852.html"
"url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=995038",
"refsource": "MISC",
"name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=995038"
}
]
}

73
2013/4xxx/CVE-2013-4407.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4407",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -50,22 +27,46 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721634",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721634"
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721634",
"refsource": "MISC",
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721634"
},
{
"name": "openSUSE-SU-2014:0433",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00018.html"
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00018.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00018.html"
},
{
"name": "DSA-2801",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2801"
"url": "http://www.debian.org/security/2013/dsa-2801",
"refsource": "MISC",
"name": "http://www.debian.org/security/2013/dsa-2801"
}
]
}

89
2013/4xxx/CVE-2013-4408.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "CVE-2013-4408 samba: Heap-based buffer overflow due to incorrect DCE-RPC fragment length field check"
"value": "Heap-based buffer overflow in the dcerpc_read_ncacn_packet_done function in librpc/rpc/dcerpc_util.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet."
}
]
},
@ -21,8 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Heap-based Buffer Overflow",
"cweId": "CWE-122"
"value": "n/a"
}
]
}
@ -32,42 +31,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 5",
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "0:3.6.6-0.138.el5_10",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "0:4.0.0-60.el6_5.rc4",
"version_affected": "!"
},
{
"version_value": "0:3.6.9-167.el6_5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Storage 2.1",
"version": {
"version_data": [
{
"version_value": "0:3.6.9-167.5.1.el6rhs",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -169,56 +142,6 @@
"url": "http://www.securityfocus.com/bid/64191",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/64191"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:1805",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:1805"
},
{
"url": "https://access.redhat.com/errata/RHSA-2013:1806",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2013:1806"
},
{
"url": "https://access.redhat.com/errata/RHSA-2014:0009",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2014:0009"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2013-4408",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2013-4408"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018032",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1018032"
}
]
},
"impact": {
"cvss": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
]
}

136
2013/4xxx/CVE-2013-4409.json
View File

@ -1,45 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4409",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Python Software Foundation; Beanbag",
"product": {
"product_data": [
{
"product_name": "Djblets",
"version": {
"version_data": [
{
"version_value": "0.7.21"
}
]
}
},
{
"product_name": "Review Board",
"version": {
"version_data": [
{
"version_value": "before 1.7.15"
}
]
}
}
]
}
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -60,17 +27,72 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Python Software Foundation; Beanbag",
"product": {
"product_data": [
{
"product_name": "Djblets",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0.7.21"
}
]
}
},
{
"product_name": "Review Board",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "before 1.7.15"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4409",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120619.html",
"refsource": "MISC",
"name": "https://security-tracker.debian.org/tracker/CVE-2013-4409"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120619.html"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4409",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119819.html",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4409"
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119819.html"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119820.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119820.html"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119830.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119830.html"
},
{
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119831.html",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119831.html"
},
{
"url": "http://www.securityfocus.com/bid/63029",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/63029"
},
{
"url": "https://access.redhat.com/security/cve/cve-2013-4409",
@ -78,39 +100,19 @@
"name": "https://access.redhat.com/security/cve/cve-2013-4409"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4409",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119820.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119820.html"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4409"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88059",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120619.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-November/120619.html"
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88059"
},
{
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4409",
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119819.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119819.html"
},
{
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119830.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119830.html"
},
{
"refsource": "MISC",
"name": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119831.html",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-October/119831.html"
},
{
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/63029",
"url": "http://www.securityfocus.com/bid/63029"
},
{
"refsource": "MISC",
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88059",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88059"
"name": "https://security-tracker.debian.org/tracker/CVE-2013-4409"
}
]
}

122
2018/16xxx/CVE-2018-16847.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-16847",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "QEMU:",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "[UNKNOWN]"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -38,54 +15,87 @@
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "7/CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787"
"value": "CWE-787",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "[UNKNOWN]",
"product": {
"product_data": [
{
"product_name": "QEMU:",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16847",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16847"
},
{
"name": "[oss-security] 20181102 CVE-2018-16847 QEMU: nvme: Out-of-bounds r/w buffer access in cmb operations",
"refsource": "MLIST",
"url": "https://www.openwall.com/lists/oss-security/2018/11/02/1"
},
{
"name": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg00200.html",
"url": "http://www.securityfocus.com/bid/105866",
"refsource": "MISC",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg00200.html"
"name": "http://www.securityfocus.com/bid/105866"
},
{
"name": "USN-3826-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3826-1/"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16847",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16847"
},
{
"name": "105866",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105866"
"url": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg00200.html",
"refsource": "MISC",
"name": "https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg00200.html"
},
{
"url": "https://usn.ubuntu.com/3826-1/",
"refsource": "MISC",
"name": "https://usn.ubuntu.com/3826-1/"
},
{
"url": "https://www.openwall.com/lists/oss-security/2018/11/02/1",
"refsource": "MISC",
"name": "https://www.openwall.com/lists/oss-security/2018/11/02/1"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H",
"version": "3.0"
}
]
}

71
2018/16xxx/CVE-2018-16848.json
View File

@ -1,34 +1,19 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2018-16848",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "openstack-mistral",
"version": {
"version_data": [
{
"version_value": "up to and including 7.0.3"
}
]
}
}
]
}
}
]
}
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Denial of Service (DoS) condition is possible in OpenStack Mistral in versions up to and including 7.0.3. Submitting a specially crafted workflow definition YAML file containing nested anchors can lead to resource exhaustion culminating in a denial of service."
}
]
},
"problemtype": {
"problemtype_data": [
@ -42,25 +27,41 @@
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "openstack-mistral",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "up to and including 7.0.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1645332",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1645332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1645332"
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1645332"
},
{
"url": "https://bugs.launchpad.net/mistral/+bug/1785657",
"refsource": "MISC",
"name": "https://bugs.launchpad.net/mistral/+bug/1785657",
"url": "https://bugs.launchpad.net/mistral/+bug/1785657"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Denial of Service (DoS) condition is possible in OpenStack Mistral in versions up to and including 7.0.3. Submitting a specially crafted workflow definition YAML file containing nested anchors can lead to resource exhaustion culminating in a denial of service."
"name": "https://bugs.launchpad.net/mistral/+bug/1785657"
}
]
}

108
2018/16xxx/CVE-2018-16864.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate privileges."
"value": "An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Allocation of Resources Without Limits or Throttling",
"value": "CWE-770",
"cweId": "CWE-770"
}
]
@ -32,90 +32,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "The systemd Project",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"product_name": "systemd",
"version": {
"version_data": [
{
"version_value": "0:219-62.el7_6.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.3 Advanced Update Support",
"version": {
"version_data": [
{
"version_value": "0:219-30.el7_3.13",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.3 Telco Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:219-30.el7_3.13",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions",
"version": {
"version_data": [
{
"version_value": "0:219-30.el7_3.13",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.4 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:219-42.el7_4.13",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.5 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:219-57.el7_5.5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:4.2-8.1.el7",
"version_affected": "!"
},
{
"version_value": "0:4.2-20190129.0.el7_6",
"version_affected": "!"
},
{
"version_value": "0:4.2-20190129.0.el7",
"version_affected": "!"
"version_affected": "=",
"version_value": "through v240"
}
]
}
@ -203,16 +129,6 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2019:2402"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2018-16864",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2018-16864"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1653855",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1653855"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16864",
"refsource": "MISC",
@ -225,18 +141,6 @@
}
]
},
"work_around": [
{
"lang": "en",
"value": "To increase the time an attacker needs to exploit this flaw you could override the `StartLimitInterval=` (called StartLimitIntervalSec in newer systemd versions) and `StartLimitBurst=` settings. In this way the attack may require much longer to be successful.\n\nTo edit the journald service use `sudo systemctl edit systemd-journald.service` and add:\n```\n[Service]\nStartLimitInterval=120\nStartLimitBurst=3\n```"
}
],
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Qualys Research Labs for reporting this issue."
}
],
"impact": {
"cvss": [
{

102
2018/16xxx/CVE-2018-16865.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges."
"value": "An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Allocation of Resources Without Limits or Throttling",
"value": "CWE-770",
"cweId": "CWE-770"
}
]
@ -32,90 +32,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "The systemd Project",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"product_name": "systemd",
"version": {
"version_data": [
{
"version_value": "0:219-62.el7_6.2",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.3 Advanced Update Support",
"version": {
"version_data": [
{
"version_value": "0:219-30.el7_3.13",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.3 Telco Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:219-30.el7_3.13",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions",
"version": {
"version_data": [
{
"version_value": "0:219-30.el7_3.13",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.4 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:219-42.el7_4.13",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.5 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:219-57.el7_5.5",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:4.2-8.1.el7",
"version_affected": "!"
},
{
"version_value": "0:4.2-20190129.0.el7_6",
"version_affected": "!"
},
{
"version_value": "0:4.2-20190129.0.el7",
"version_affected": "!"
"version_affected": "=",
"version_value": "through v240"
}
]
}
@ -228,16 +154,6 @@
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/106525"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2018-16865",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2018-16865"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1653861",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1653861"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16865",
"refsource": "MISC",
@ -245,12 +161,6 @@
}
]
},
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Qualys Research Labs for reporting this issue."
}
],
"impact": {
"cvss": [
{

113
2018/16xxx/CVE-2018-16866.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data."
"value": "An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable."
}
]
},
@ -21,7 +21,16 @@
"description": [
{
"lang": "eng",
"value": "Exposure of Sensitive Information to an Unauthorized Actor",
"value": "CWE-125",
"cweId": "CWE-125"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-200",
"cweId": "CWE-200"
}
]
@ -32,82 +41,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "The systemd Project",
"product": {
"product_data": [
{
"product_name": "Red Hat Ansible Tower 3.4 for RHEL 7",
"product_name": "systemd",
"version": {
"version_data": [
{
"version_value": "1.4.15-28",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "0:219-67.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.4 Advanced Update Support",
"version": {
"version_data": [
{
"version_value": "0:219-42.el7_4.20",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.4 Telco Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:219-42.el7_4.20",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions",
"version": {
"version_data": [
{
"version_value": "0:219-42.el7_4.20",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.5 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:219-57.el7_5.9",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.6 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:219-62.el7_6.11",
"version_affected": "!"
"version_affected": "=",
"version_value": "from v221 to v239"
}
]
}
@ -140,11 +83,6 @@
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/106527"
},
{
"url": "https://access.redhat.com/errata/RHBA-2020:0547",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHBA-2020:0547"
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:2091",
"refsource": "MISC",
@ -160,21 +98,6 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2020:0593"
},
{
"url": "https://access.redhat.com/errata/RHSA-2020:1264",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2020:1264"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2018-16866",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2018-16866"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1653867",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1653867"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16866",
"refsource": "MISC",
@ -212,12 +135,6 @@
}
]
},
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Qualys Research Labs for reporting this issue."
}
],
"impact": {
"cvss": [
{

126
2018/16xxx/CVE-2018-16868.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-16868",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "gnutls",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "[UNKNOWN]"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -38,54 +15,87 @@
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "4.7/CVSS:3.0/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-203"
"value": "CWE-203",
"cweId": "CWE-203"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "[UNKNOWN]",
"product": {
"product_data": [
{
"product_name": "gnutls",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "106080",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106080"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1353",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00017.html"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1477",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00068.html"
},
{
"name": "http://cat.eyalro.net/",
"url": "http://cat.eyalro.net/",
"refsource": "MISC",
"url": "http://cat.eyalro.net/"
"name": "http://cat.eyalro.net/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16868",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16868"
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00017.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00017.html"
},
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00068.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00068.html"
},
{
"url": "http://www.securityfocus.com/bid/106080",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/106080"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16868",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16868"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
]
}

106
2018/16xxx/CVE-2018-16869.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-16869",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "nettle",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "[UNKNOWN]"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -38,44 +15,77 @@
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "4.7/CVSS:3.0/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-203"
"value": "CWE-203",
"cweId": "CWE-203"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "[UNKNOWN]",
"product": {
"product_data": [
{
"product_name": "nettle",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "106092",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106092"
},
{
"name": "http://cat.eyalro.net/",
"url": "http://cat.eyalro.net/",
"refsource": "MISC",
"url": "http://cat.eyalro.net/"
"name": "http://cat.eyalro.net/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16869",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16869"
"url": "http://www.securityfocus.com/bid/106092",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/106092"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16869",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16869"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
}
]
}

122
2018/16xxx/CVE-2018-16880.json
View File

@ -1,35 +1,12 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-16880",
"ASSIGNER": "secalert@redhat.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_value": "from v4.16 and newer"
}
]
}
}
]
},
"vendor_name": "The Linux Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
@ -38,59 +15,92 @@
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "5.9/CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-787"
"value": "CWE-787",
"cweId": "CWE-787"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "The Linux Foundation",
"product": {
"product_data": [
{
"product_name": "kernel",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "from v4.16 and newer"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"name": "USN-3903-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3903-2/"
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00037.html",
"refsource": "MISC",
"name": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00037.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16880",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16880"
"url": "http://www.securityfocus.com/bid/106735",
"refsource": "MISC",
"name": "http://www.securityfocus.com/bid/106735"
},
{
"name": "106735",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106735"
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16880",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16880"
},
{
"name": "USN-3903-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3903-1/"
"url": "https://support.f5.com/csp/article/K03593314",
"refsource": "MISC",
"name": "https://support.f5.com/csp/article/K03593314"
},
{
"refsource": "CONFIRM",
"name": "https://support.f5.com/csp/article/K03593314",
"url": "https://support.f5.com/csp/article/K03593314"
"url": "https://usn.ubuntu.com/3903-1/",
"refsource": "MISC",
"name": "https://usn.ubuntu.com/3903-1/"
},
{
"refsource": "SUSE",
"name": "openSUSE-SU-2019:1404",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00037.html"
"url": "https://usn.ubuntu.com/3903-2/",
"refsource": "MISC",
"name": "https://usn.ubuntu.com/3903-2/"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
}
]
}

87
2018/16xxx/CVE-2018-16884.json
View File

@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Use After Free",
"value": "CWE-416",
"cweId": "CWE-416"
}
]
@ -32,72 +32,16 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Red Hat",
"vendor_name": "[UNKNOWN]",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"product_name": "kernel:",
"version": {
"version_data": [
{
"version_value": "0:3.10.0-957.27.2.rt56.940.el7",
"version_affected": "!"
},
{
"version_value": "0:3.10.0-957.27.2.el7",
"version_affected": "!"
},
{
"version_value": "0:4.14.0-115.26.1.el7a",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7.4 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "0:3.10.0-693.58.1.el7",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "0:4.18.0-147.rt24.93.el8",
"version_affected": "!"
},
{
"version_value": "0:4.18.0-147.el8",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions",
"version": {
"version_data": [
{
"version_value": "0:4.18.0-80.15.1.el8_0",
"version_affected": "!"
}
]
}
},
{
"product_name": "Red Hat Enterprise MRG 2",
"version": {
"version_data": [
{
"version_value": "1:3.10.0-693.58.1.rt56.652.el6rt",
"version_affected": "!"
"version_affected": "=",
"version_value": "n/a"
}
]
}
@ -170,21 +114,6 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2020:0204"
},
{
"url": "https://access.redhat.com/errata/RHSA-2020:2854",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2020:2854"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2018-16884",
"refsource": "MISC",
"name": "https://access.redhat.com/security/cve/CVE-2018-16884"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660375",
"refsource": "MISC",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1660375"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16884",
"refsource": "MISC",
@ -237,12 +166,6 @@
}
]
},
"credits": [
{
"lang": "en",
"value": "Red Hat would like to thank Evgenii Shatokhin (Virtuozzo) and Vasily Averin (Virtuozzo) for reporting this issue."
}
],
"impact": {
"cvss": [
{