mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
117 lines
4.7 KiB
JSON
117 lines
4.7 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2019-12290",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels to U-labels. This makes it possible in some circumstances for one domain to impersonate another. By creating a malicious domain that matches a target domain except for the inclusion of certain punycoded Unicode characters (that would be discarded when converted first to a Unicode label and then back to an ASCII label), arbitrary domains can be impersonated."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://gitlab.com/libidn/libidn2/merge_requests/71",
|
|
"refsource": "MISC",
|
|
"name": "https://gitlab.com/libidn/libidn2/merge_requests/71"
|
|
},
|
|
{
|
|
"url": "https://gitlab.com/libidn/libidn2/commit/241e8f486134793cb0f4a5b0e5817a97883401f5",
|
|
"refsource": "MISC",
|
|
"name": "https://gitlab.com/libidn/libidn2/commit/241e8f486134793cb0f4a5b0e5817a97883401f5"
|
|
},
|
|
{
|
|
"refsource": "CONFIRM",
|
|
"name": "https://gitlab.com/libidn/libidn2/commit/614117ef6e4c60e1950d742e3edf0a0ef8d389de",
|
|
"url": "https://gitlab.com/libidn/libidn2/commit/614117ef6e4c60e1950d742e3edf0a0ef8d389de"
|
|
},
|
|
{
|
|
"refsource": "UBUNTU",
|
|
"name": "USN-4168-1",
|
|
"url": "https://usn.ubuntu.com/4168-1/"
|
|
},
|
|
{
|
|
"refsource": "FEDORA",
|
|
"name": "FEDORA-2019-f454c7a118",
|
|
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6ZXL2RDNQRAHCMKWPOMJFKYJ344X4HL/"
|
|
},
|
|
{
|
|
"refsource": "FEDORA",
|
|
"name": "FEDORA-2019-20e9736c97",
|
|
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFT76Y7OSGPZV3EBEHD6ISVUM3DLARM/"
|
|
},
|
|
{
|
|
"refsource": "FEDORA",
|
|
"name": "FEDORA-2019-28d3cd20c0",
|
|
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KXDKYWFV6N2HHVSE67FFDM7G3FEL2ZNE/"
|
|
},
|
|
{
|
|
"refsource": "FEDORA",
|
|
"name": "FEDORA-2019-1ebb5c928e",
|
|
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSI4TI2JTQWQ3YEUX5X36GTVGKO4QKZ5/"
|
|
},
|
|
{
|
|
"refsource": "SUSE",
|
|
"name": "openSUSE-SU-2019:2611",
|
|
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00009.html"
|
|
},
|
|
{
|
|
"refsource": "SUSE",
|
|
"name": "openSUSE-SU-2019:2613",
|
|
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00008.html"
|
|
},
|
|
{
|
|
"refsource": "FEDORA",
|
|
"name": "FEDORA-2019-160303ebeb",
|
|
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ONG3GJRRJO35COPGVJXXSZLU4J5Y42AT/"
|
|
},
|
|
{
|
|
"refsource": "GENTOO",
|
|
"name": "GLSA-202003-63",
|
|
"url": "https://security.gentoo.org/glsa/202003-63"
|
|
}
|
|
]
|
|
}
|
|
} |