mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
a87c8c972e
Committer: Bill Situ <Bill.Situ@.oracle.com> On branch cna/Oracle/CPU2022Jan3rd Changes to be committed: modified: 2013/6xxx/CVE-2013-6440.json modified: 2016/7xxx/CVE-2016-7103.json modified: 2017/5xxx/CVE-2017-5645.json modified: 2018/11xxx/CVE-2018-11771.json modified: 2018/1xxx/CVE-2018-1311.json modified: 2018/1xxx/CVE-2018-1324.json modified: 2019/10xxx/CVE-2019-10086.json modified: 2019/10xxx/CVE-2019-10219.json modified: 2019/11xxx/CVE-2019-11358.json modified: 2019/13xxx/CVE-2019-13734.json modified: 2019/17xxx/CVE-2019-17091.json modified: 2019/17xxx/CVE-2019-17195.json modified: 2019/17xxx/CVE-2019-17495.json modified: 2019/17xxx/CVE-2019-17566.json modified: 2020/10xxx/CVE-2020-10543.json modified: 2020/10xxx/CVE-2020-10683.json modified: 2020/10xxx/CVE-2020-10878.json modified: 2020/11xxx/CVE-2020-11022.json modified: 2020/11xxx/CVE-2020-11023.json modified: 2020/11xxx/CVE-2020-11979.json modified: 2020/11xxx/CVE-2020-11987.json modified: 2020/12xxx/CVE-2020-12723.json modified: 2020/13xxx/CVE-2020-13817.json modified: 2020/13xxx/CVE-2020-13934.json modified: 2020/13xxx/CVE-2020-13935.json modified: 2020/13xxx/CVE-2020-13936.json modified: 2020/13xxx/CVE-2020-13949.json modified: 2020/13xxx/CVE-2020-13956.json modified: 2020/14xxx/CVE-2020-14340.json modified: 2020/15xxx/CVE-2020-15824.json modified: 2020/17xxx/CVE-2020-17521.json modified: 2020/17xxx/CVE-2020-17527.json modified: 2020/17xxx/CVE-2020-17530.json modified: 2020/1xxx/CVE-2020-1945.json modified: 2020/1xxx/CVE-2020-1963.json modified: 2020/24xxx/CVE-2020-24616.json modified: 2020/24xxx/CVE-2020-24750.json modified: 2020/25xxx/CVE-2020-25649.json modified: 2020/26xxx/CVE-2020-26217.json modified: 2020/27xxx/CVE-2020-27216.json modified: 2020/27xxx/CVE-2020-27618.json modified: 2020/28xxx/CVE-2020-28052.json modified: 2020/28xxx/CVE-2020-28469.json modified: 2020/28xxx/CVE-2020-28500.json modified: 2020/29xxx/CVE-2020-29582.json modified: 2020/35xxx/CVE-2020-35490.json modified: 2020/35xxx/CVE-2020-35491.json modified: 2020/35xxx/CVE-2020-35728.json modified: 2020/36xxx/CVE-2020-36179.json modified: 2020/36xxx/CVE-2020-36180.json modified: 2020/36xxx/CVE-2020-36181.json modified: 2020/36xxx/CVE-2020-36182.json modified: 2020/36xxx/CVE-2020-36183.json modified: 2020/36xxx/CVE-2020-36184.json modified: 2020/36xxx/CVE-2020-36185.json modified: 2020/36xxx/CVE-2020-36186.json modified: 2020/36xxx/CVE-2020-36187.json modified: 2020/36xxx/CVE-2020-36188.json modified: 2020/36xxx/CVE-2020-36189.json modified: 2020/5xxx/CVE-2020-5258.json modified: 2020/5xxx/CVE-2020-5421.json modified: 2020/6xxx/CVE-2020-6950.json modified: 2020/7xxx/CVE-2020-7712.json modified: 2020/8xxx/CVE-2020-8177.json modified: 2020/8xxx/CVE-2020-8203.json modified: 2020/8xxx/CVE-2020-8284.json modified: 2020/8xxx/CVE-2020-8285.json modified: 2020/8xxx/CVE-2020-8554.json modified: 2020/8xxx/CVE-2020-8908.json modified: 2020/9xxx/CVE-2020-9281.json modified: 2020/9xxx/CVE-2020-9484.json modified: 2021/20xxx/CVE-2021-20718.json modified: 2021/21xxx/CVE-2021-21341.json modified: 2021/21xxx/CVE-2021-21342.json modified: 2021/21xxx/CVE-2021-21343.json modified: 2021/21xxx/CVE-2021-21344.json modified: 2021/21xxx/CVE-2021-21345.json modified: 2021/21xxx/CVE-2021-21346.json modified: 2021/21xxx/CVE-2021-21347.json modified: 2021/21xxx/CVE-2021-21348.json modified: 2021/21xxx/CVE-2021-21349.json modified: 2021/21xxx/CVE-2021-21350.json modified: 2021/21xxx/CVE-2021-21351.json modified: 2021/21xxx/CVE-2021-21409.json modified: 2021/21xxx/CVE-2021-21703.json modified: 2021/21xxx/CVE-2021-21705.json modified: 2021/21xxx/CVE-2021-21783.json modified: 2021/22xxx/CVE-2021-22118.json modified: 2021/22xxx/CVE-2021-22119.json modified: 2021/22xxx/CVE-2021-22298.json modified: 2021/22xxx/CVE-2021-22897.json modified: 2021/22xxx/CVE-2021-22898.json modified: 2021/22xxx/CVE-2021-22901.json modified: 2021/22xxx/CVE-2021-22924.json modified: 2021/22xxx/CVE-2021-22925.json modified: 2021/22xxx/CVE-2021-22926.json modified: 2021/22xxx/CVE-2021-22931.json modified: 2021/22xxx/CVE-2021-22939.json modified: 2021/22xxx/CVE-2021-22940.json modified: 2021/22xxx/CVE-2021-22946.json modified: 2021/22xxx/CVE-2021-22947.json modified: 2021/22xxx/CVE-2021-22959.json modified: 2021/22xxx/CVE-2021-22960.json modified: 2021/23xxx/CVE-2021-23017.json modified: 2021/23xxx/CVE-2021-23336.json modified: 2021/23xxx/CVE-2021-23337.json modified: 2021/23xxx/CVE-2021-23440.json modified: 2021/23xxx/CVE-2021-23840.json modified: 2021/25xxx/CVE-2021-25122.json modified: 2021/25xxx/CVE-2021-25329.json modified: 2021/26xxx/CVE-2021-26272.json modified: 2021/26xxx/CVE-2021-26691.json modified: 2021/27xxx/CVE-2021-27568.json modified: 2021/28xxx/CVE-2021-28163.json modified: 2021/28xxx/CVE-2021-28164.json modified: 2021/28xxx/CVE-2021-28165.json modified: 2021/28xxx/CVE-2021-28169.json modified: 2021/29xxx/CVE-2021-29425.json modified: 2021/29xxx/CVE-2021-29505.json modified: 2021/29xxx/CVE-2021-29921.json modified: 2021/29xxx/CVE-2021-29923.json modified: 2021/30xxx/CVE-2021-30639.json modified: 2021/30xxx/CVE-2021-30640.json modified: 2021/31xxx/CVE-2021-31684.json modified: 2021/31xxx/CVE-2021-31811.json modified: 2021/31xxx/CVE-2021-31812.json modified: 2021/32xxx/CVE-2021-32012.json modified: 2021/32xxx/CVE-2021-32013.json modified: 2021/32xxx/CVE-2021-32014.json modified: 2021/32xxx/CVE-2021-32723.json modified: 2021/32xxx/CVE-2021-32808.json modified: 2021/32xxx/CVE-2021-32809.json modified: 2021/32xxx/CVE-2021-32827.json modified: 2021/33xxx/CVE-2021-33037.json modified: 2021/33xxx/CVE-2021-33193.json modified: 2021/33xxx/CVE-2021-33560.json modified: 2021/33xxx/CVE-2021-33880.json modified: 2021/33xxx/CVE-2021-33909.json modified: 2021/34xxx/CVE-2021-34428.json modified: 2021/34xxx/CVE-2021-34429.json modified: 2021/34xxx/CVE-2021-34558.json modified: 2021/34xxx/CVE-2021-34798.json modified: 2021/35xxx/CVE-2021-35043.json modified: 2021/35xxx/CVE-2021-35515.json modified: 2021/35xxx/CVE-2021-35516.json modified: 2021/35xxx/CVE-2021-35517.json modified: 2021/36xxx/CVE-2021-36090.json modified: 2021/36xxx/CVE-2021-36160.json modified: 2021/36xxx/CVE-2021-36221.json modified: 2021/36xxx/CVE-2021-36373.json modified: 2021/36xxx/CVE-2021-36374.json modified: 2021/36xxx/CVE-2021-36690.json modified: 2021/37xxx/CVE-2021-37136.json modified: 2021/37xxx/CVE-2021-37137.json modified: 2021/37xxx/CVE-2021-37695.json modified: 2021/37xxx/CVE-2021-37714.json modified: 2021/38xxx/CVE-2021-38153.json modified: 2021/39xxx/CVE-2021-39139.json modified: 2021/39xxx/CVE-2021-39140.json modified: 2021/39xxx/CVE-2021-39141.json modified: 2021/39xxx/CVE-2021-39144.json modified: 2021/39xxx/CVE-2021-39145.json modified: 2021/39xxx/CVE-2021-39146.json modified: 2021/39xxx/CVE-2021-39147.json modified: 2021/39xxx/CVE-2021-39148.json modified: 2021/39xxx/CVE-2021-39149.json modified: 2021/39xxx/CVE-2021-39150.json modified: 2021/39xxx/CVE-2021-39151.json modified: 2021/39xxx/CVE-2021-39152.json modified: 2021/39xxx/CVE-2021-39153.json modified: 2021/39xxx/CVE-2021-39154.json modified: 2021/39xxx/CVE-2021-39275.json modified: 2021/3xxx/CVE-2021-3177.json modified: 2021/3xxx/CVE-2021-3326.json modified: 2021/3xxx/CVE-2021-3426.json modified: 2021/3xxx/CVE-2021-3448.json modified: 2021/3xxx/CVE-2021-3516.json modified: 2021/3xxx/CVE-2021-3517.json modified: 2021/3xxx/CVE-2021-3541.json modified: 2021/3xxx/CVE-2021-3634.json modified: 2021/3xxx/CVE-2021-3711.json modified: 2021/3xxx/CVE-2021-3712.json modified: 2021/40xxx/CVE-2021-40438.json modified: 2021/41xxx/CVE-2021-41164.json modified: 2021/41xxx/CVE-2021-41165.json modified: 2021/41xxx/CVE-2021-41355.json modified: 2021/41xxx/CVE-2021-41524.json modified: 2021/41xxx/CVE-2021-41773.json modified: 2021/42xxx/CVE-2021-42013.json modified: 2021/42xxx/CVE-2021-42340.json modified: 2021/42xxx/CVE-2021-42575.json modified: 2021/44xxx/CVE-2021-44224.json modified: 2021/44xxx/CVE-2021-44228.json modified: 2021/44xxx/CVE-2021-44790.json modified: 2021/44xxx/CVE-2021-44832.json modified: 2021/45xxx/CVE-2021-45046.json modified: 2021/45xxx/CVE-2021-45105.json modified: 2021/4xxx/CVE-2021-4104.json
130 lines
5.5 KiB
JSON
130 lines
5.5 KiB
JSON
{
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"data_version": "4.0",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2019-10219",
|
|
"ASSIGNER": "secalert@redhat.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Hibernate",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "hibernate-validator",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-79"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219",
|
|
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10219",
|
|
"refsource": "CONFIRM"
|
|
},
|
|
{
|
|
"refsource": "MLIST",
|
|
"name": "[accumulo-notifications] 20200108 [GitHub] [accumulo] milleruntime opened a new pull request #1469: Update hibernate-validator. Fixes CVE-2019-10219",
|
|
"url": "https://lists.apache.org/thread.html/r87b7e2d22982b4ca9f88f5f4f22a19b394d2662415b233582ed22ebf@%3Cnotifications.accumulo.apache.org%3E"
|
|
},
|
|
{
|
|
"refsource": "MLIST",
|
|
"name": "[accumulo-notifications] 20200109 [GitHub] [accumulo] milleruntime closed pull request #1469: Update hibernate-validator. Fixes CVE-2019-10219",
|
|
"url": "https://lists.apache.org/thread.html/r4f8b4e2541be4234946e40d55859273a7eec0f4901e8080ce2406fe6@%3Cnotifications.accumulo.apache.org%3E"
|
|
},
|
|
{
|
|
"refsource": "MLIST",
|
|
"name": "[accumulo-notifications] 20200109 [GitHub] [accumulo] milleruntime commented on issue #1469: Update hibernate-validator. Fixes CVE-2019-10219",
|
|
"url": "https://lists.apache.org/thread.html/r4f92d7f7682dcff92722fa947f9e6f8ba2227c5dc3e11ba09114897d@%3Cnotifications.accumulo.apache.org%3E"
|
|
},
|
|
{
|
|
"refsource": "REDHAT",
|
|
"name": "RHSA-2020:0164",
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0164"
|
|
},
|
|
{
|
|
"refsource": "REDHAT",
|
|
"name": "RHSA-2020:0159",
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0159"
|
|
},
|
|
{
|
|
"refsource": "REDHAT",
|
|
"name": "RHSA-2020:0160",
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0160"
|
|
},
|
|
{
|
|
"refsource": "REDHAT",
|
|
"name": "RHSA-2020:0161",
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0161"
|
|
},
|
|
{
|
|
"refsource": "REDHAT",
|
|
"name": "RHSA-2020:0445",
|
|
"url": "https://access.redhat.com/errata/RHSA-2020:0445"
|
|
},
|
|
{
|
|
"refsource": "MLIST",
|
|
"name": "[portals-pluto-dev] 20210714 [jira] [Created] (PLUTO-791) Upgrade to hibernate-validator-6.0.20.Final due to CVE-2020-10693 and CVE-2019-10219",
|
|
"url": "https://lists.apache.org/thread.html/rf9c17c3efc4a376a96e9e2777eee6acf0bec28e2200e4b35da62de4a@%3Cpluto-dev.portals.apache.org%3E"
|
|
},
|
|
{
|
|
"refsource": "MLIST",
|
|
"name": "[portals-pluto-dev] 20210714 [jira] [Closed] (PLUTO-791) Upgrade to hibernate-validator-6.0.20.Final due to CVE-2020-10693 and CVE-2019-10219",
|
|
"url": "https://lists.apache.org/thread.html/rd418deda6f0ebe658c2015f43a14d03acb8b8c2c093c5bf6b880cd7c@%3Cpluto-dev.portals.apache.org%3E"
|
|
},
|
|
{
|
|
"refsource": "MLIST",
|
|
"name": "[portals-pluto-scm] 20210714 [portals-pluto] branch master updated: PLUTO-791 Upgrade to hibernate-validator-6.0.20.Final due to CVE-2020-10693 and CVE-2019-10219",
|
|
"url": "https://lists.apache.org/thread.html/rb8dca19a4e52b60dab0ab21e2ff9968d78f4b84e4033824db1dd24b4@%3Cpluto-scm.portals.apache.org%3E"
|
|
},
|
|
{
|
|
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
|
|
}
|
|
]
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack."
|
|
}
|
|
]
|
|
},
|
|
"impact": {
|
|
"cvss": [
|
|
[
|
|
{
|
|
"vectorString": "6.5/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
|
|
"version": "3.0"
|
|
}
|
|
]
|
|
]
|
|
}
|
|
} |