mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
68 lines
2.1 KiB
JSON
68 lines
2.1 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "secalert@redhat.com",
|
|
"DATE_PUBLIC": "2018-02-25T00:00:00",
|
|
"ID": "CVE-2018-1099",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "etcd",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "3.3.1 and earlier"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "Red Hat, Inc."
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "DNS rebinding vulnerability found in etcd 3.3.1 and earlier. An attacker can control his DNS records to direct to localhost, and trick the browser into sending requests to localhost (or any other address)."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-20"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1552717",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552717"
|
|
},
|
|
{
|
|
"name": "https://github.com/coreos/etcd/issues/9353",
|
|
"refsource": "CONFIRM",
|
|
"url": "https://github.com/coreos/etcd/issues/9353"
|
|
}
|
|
]
|
|
}
|
|
} |