admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2018/1000xxx/CVE-2018-1000156.json
CVE Team d25adb70d7
"-Synchronized-Data."
2019-08-16 18:00:48 +00:00

159 lines
5.8 KiB
JSON
Raw Blame History

{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "4/5/2018 18:20:32",
"ID": "CVE-2018-1000156",
"REQUESTER": "kurt@seifried.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://savannah.gnu.org/bugs/index.php?53566",
"refsource": "CONFIRM",
"url": "https://savannah.gnu.org/bugs/index.php?53566"
},
{
"name": "[debian-lts-announce] 20180416 [SECURITY] [DLA 1348-1] patch security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00013.html"
},
{
"name": "USN-3624-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3624-2/"
},
{
"name": "USN-3624-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3624-1/"
},
{
"name": "https://twitter.com/kurtseifried/status/982028968877436928",
"refsource": "MISC",
"url": "https://twitter.com/kurtseifried/status/982028968877436928"
},
{
"name": "http://rachelbythebay.com/w/2018/04/05/bangpatch/",
"refsource": "MISC",
"url": "http://rachelbythebay.com/w/2018/04/05/bangpatch/"
},
{
"name": "RHSA-2018:2091",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2091"
},
{
"name": "RHSA-2018:2094",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2094"
},
{
"name": "RHSA-2018:2093",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2093"
},
{
"name": "RHSA-2018:1200",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1200"
},
{
"name": "RHSA-2018:2095",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2095"
},
{
"name": "RHSA-2018:1199",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1199"
},
{
"name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894667#19",
"refsource": "MISC",
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894667#19"
},
{
"name": "RHSA-2018:2092",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2092"
},
{
"name": "RHSA-2018:2097",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2097"
},
{
"name": "RHSA-2018:2096",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2096"
},
{
"refsource": "GENTOO",
"name": "GLSA-201904-17",
"url": "https://security.gentoo.org/glsa/201904-17"
},
{
"refsource": "BUGTRAQ",
"name": "20190730 [SECURITY] [DSA 4489-1] patch security update",
"url": "https://seclists.org/bugtraq/2019/Jul/54"
},
{
"refsource": "BUGTRAQ",
"name": "20190816 Details about recent GNU patch vulnerabilities",
"url": "https://seclists.org/bugtraq/2019/Aug/29"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html",
"url": "http://packetstormsecurity.com/files/154124/GNU-patch-Command-Injection-Directory-Traversal.html"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink