Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    43 vulnerabilities by joyent

    VAR-201505-0417

    Vulnerability from variot - Updated: 2024-06-12 21:47

    The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM. QEMU is prone to a remote memory-corruption vulnerability because the application fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts may result in a denial-of-service condition. Relevant releases/architectures:

    RHEV Agents (vdsm) - x86_64

    1. After installing this update, shut down all running virtual machines.

    Background

    VirtualBox is a powerful virtualization product from Oracle.

    http://creativecommons.org/licenses/by-sa/2.5

    . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Important: kvm security update Advisory ID: RHSA-2015:1003-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2015-1003.html Issue date: 2015-05-13 CVE Names: CVE-2015-3456 =====================================================================

    1. Summary:

    Updated kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 5.

    Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

    1. Relevant releases/architectures:

    RHEL Desktop Multi OS (v. 5 client) - x86_64 RHEL Virtualization (v. 5 server) - x86_64

    1. Description:

    KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on AMD64 and Intel 64 systems.

    An out-of-bounds memory access flaw was found in the way QEMU's virtual Floppy Disk Controller (FDC) handled FIFO buffer access while processing certain FDC commands. A privileged guest user could use this flaw to crash the guest or, potentially, execute arbitrary code on the host with the privileges of the host's QEMU process corresponding to the guest. (CVE-2015-3456)

    Red Hat would like to thank Jason Geffner of CrowdStrike for reporting this issue.

    All kvm users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. Note: The procedure in the Solution section must be performed before this update will take effect.

    1. Solution:

    Before applying this update, make sure all previously released errata relevant to your system have been applied.

    For details on how to apply this update, refer to:

    https://access.redhat.com/articles/11258

    The following procedure must be performed before this update will take effect:

    1) Stop all KVM guest virtual machines.

    2) Either reboot the hypervisor machine or, as the root user, remove (using "modprobe -r [module]") and reload (using "modprobe [module]") all of the following modules which are currently running (determined using "lsmod"): kvm, ksm, kvm-intel or kvm-amd.

    3) Restart the KVM guest virtual machines.

    1. Bugs fixed (https://bugzilla.redhat.com/):

    1218611 - CVE-2015-3456 qemu: fdc: out-of-bounds fifo buffer memory access

    1. Package List:

    RHEL Desktop Multi OS (v. 5 client):

    Source: kvm-83-272.el5_11.src.rpm

    x86_64: kmod-kvm-83-272.el5_11.x86_64.rpm kmod-kvm-debug-83-272.el5_11.x86_64.rpm kvm-83-272.el5_11.x86_64.rpm kvm-debuginfo-83-272.el5_11.x86_64.rpm kvm-qemu-img-83-272.el5_11.x86_64.rpm kvm-tools-83-272.el5_11.x86_64.rpm

    RHEL Virtualization (v. 5 server):

    Source: kvm-83-272.el5_11.src.rpm

    x86_64: kmod-kvm-83-272.el5_11.x86_64.rpm kmod-kvm-debug-83-272.el5_11.x86_64.rpm kvm-83-272.el5_11.x86_64.rpm kvm-debuginfo-83-272.el5_11.x86_64.rpm kvm-qemu-img-83-272.el5_11.x86_64.rpm kvm-tools-83-272.el5_11.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2015-3456 https://access.redhat.com/security/updates/classification/#important

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

    iD8DBQFVU1nfXlSAg2UNWIIRAtvxAKCVxqsaYdrCQN16dcpCIKajKnUzHgCfVy1r 6y8+9uFGI3F4Epc74lb8mrg= =sjA3 -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . From: Yury German blueknight@gentoo.org To: gentoo-announce@lists.gentoo.org Message-ID: 57035F2D.8090108@gentoo.org Subject: [ GLSA 201604-03 ] Xen: Multiple vulnerabilities


    Gentoo Linux Security Advisory GLSA 201604-03


                                           https://security.gentoo.org/
    

    Severity: Normal Title: Xen: Multiple vulnerabilities Date: April 05, 2016 Bugs: #445254, #513832, #547202, #549200, #549950, #550658, #553664, #553718, #555532, #556304, #561110, #564472, #564932, #566798, #566838, #566842, #567962, #571552, #571556, #574012 ID: 201604-03


    Synopsis

    Multiple vulnerabilities have been found in Xen, the worst of which cause a Denial of Service.

    Background

    Xen is a bare-metal hypervisor.

    Affected packages

    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
    

    1 app-emulation/xen < 4.6.0-r9 >= 4.6.0-r9 >= 4.5.2-r5 2 app-emulation/xen-pvgrub < 4.6.0 Vulnerable! 3 app-emulation/xen-tools < 4.6.0-r9 >= 4.6.0-r9 >= 4.5.2-r5 4 app-emulation/pvgrub >= 4.6.0 *>= 4.5.2 ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- 4 affected packages

    Description

    Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details.

    Impact

    A local attacker could possibly cause a Denial of Service condition or obtain sensitive information.

    Workaround

    There is no known workaround at this time.

    Resolution

    All Xen 4.5 users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/xen-4.5.2-r5"

    All Xen 4.6 users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/xen-4.6.0-r9"

    All Xen tools 4.5 users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot -v ">=app-emulation/xen-tools-4.5.2-r5"

    All Xen tools 4.6 users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot -v ">=app-emulation/xen-tools-4.6.0-r9"

    All Xen pvgrub users should upgrade to the latest version:

    # emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/xen-pvgrub-4.6.0"=

    References

    [ 1 ] CVE-2012-3494 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3494 [ 2 ] CVE-2012-3495 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3495 [ 3 ] CVE-2012-3496 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3496 [ 4 ] CVE-2012-3497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3497 [ 5 ] CVE-2012-3498 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3498 [ 6 ] CVE-2012-3515 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3515 [ 7 ] CVE-2012-4411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4411 [ 8 ] CVE-2012-4535 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4535 [ 9 ] CVE-2012-4536 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4536 [ 10 ] CVE-2012-4537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4537 [ 11 ] CVE-2012-4538 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4538 [ 12 ] CVE-2012-4539 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4539 [ 13 ] CVE-2012-6030 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6030 [ 14 ] CVE-2012-6031 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6031 [ 15 ] CVE-2012-6032 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6032 [ 16 ] CVE-2012-6033 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6033 [ 17 ] CVE-2012-6034 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6034 [ 18 ] CVE-2012-6035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6035 [ 19 ] CVE-2012-6036 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6036 [ 20 ] CVE-2015-2151 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2151 [ 21 ] CVE-2015-3209 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3209 [ 22 ] CVE-2015-3259 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3259 [ 23 ] CVE-2015-3340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3340 [ 24 ] CVE-2015-3456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3456 [ 25 ] CVE-2015-4103 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4103 [ 26 ] CVE-2015-4104 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4104 [ 27 ] CVE-2015-4105 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4105 [ 28 ] CVE-2015-4106 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4106 [ 29 ] CVE-2015-4163 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4163 [ 30 ] CVE-2015-4164 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4164 [ 31 ] CVE-2015-5154 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5154 [ 32 ] CVE-2015-7311 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7311 [ 33 ] CVE-2015-7504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7504 [ 34 ] CVE-2015-7812 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7812 [ 35 ] CVE-2015-7813 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7813 [ 36 ] CVE-2015-7814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7814 [ 37 ] CVE-2015-7835 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7835 [ 38 ] CVE-2015-7871 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7871 [ 39 ] CVE-2015-7969 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7969 [ 40 ] CVE-2015-7970 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7970 [ 41 ] CVE-2015-7971 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7971 [ 42 ] CVE-2015-7972 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7972 [ 43 ] CVE-2015-8339 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8339 [ 44 ] CVE-2015-8340 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8340 [ 45 ] CVE-2015-8341 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8341 [ 46 ] CVE-2015-8550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8550 [ 47 ] CVE-2015-8551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8551 [ 48 ] CVE-2015-8552 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8552 [ 49 ] CVE-2015-8554 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8554 [ 50 ] CVE-2015-8555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8555 [ 51 ] CVE-2016-2270 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2270 [ 52 ] CVE-2016-2271 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2271

    Availability

    This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

    https://security.gentoo.org/glsa/201604-03

    Concerns?

    Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

    License

    Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

    The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

    http://creativecommons.org/licenses/by-sa/2.5

    --roWGDR0oQEDLX1s6lNAQV7ISgI2Pjo8Pc .

    CVE-2015-1779

    Daniel P. Berrange discovered a denial of service vulnerability in
    the VNC web socket decoder.
    

    CVE-2015-2756

    Jan Beulich discovered that unmediated PCI command register could
    result in denial of service.
    

    CVE-2015-3456

    Jason Geffner discovered a buffer overflow in the emulated floppy
    disk drive, resulting in the potential execution of arbitrary code.
    

    For the oldstable distribution (wheezy), these problems have been fixed in version 1.1.2+dfsg-6a+deb7u7 of the qemu source package and in version 1.1.2+dfsg-6+deb7u7 of the qemu-kvm source package. Only CVE-2015-3456 affects oldstable.

    For the stable distribution (jessie), these problems have been fixed in version 1:2.1+dfsg-12.

    For the unstable distribution (sid), these problems will be fixed soon.

    We recommend that you upgrade your qemu packages

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201505-0417",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "xen",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "xen",
            "version": "4.5.0"
          },
          {
            "model": "openstack",
            "scope": "eq",
            "trust": 1.3,
            "vendor": "redhat",
            "version": "4.0"
          },
          {
            "model": "openstack",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "5.0"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0"
          },
          {
            "model": "openstack",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "model": "openstack",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "7.0"
          },
          {
            "model": "qemu",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "qemu",
            "version": "2.3.0"
          },
          {
            "model": "enterprise virtualization",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "3.0"
          },
          {
            "model": "peoplesoft products",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "of  peoplesoft enterprise pt peopletools 8.53"
          },
          {
            "model": "peoplesoft products",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "of  peoplesoft enterprise pt peopletools 8.54"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "(v. 7)"
          },
          {
            "model": "hp helion openstack",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "1.0.0"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "(v. 5 client)"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "(v. 7)"
          },
          {
            "model": "enterprise linux hpc node",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "(v. 6)"
          },
          {
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "4.0"
          },
          {
            "model": "qemu",
            "scope": null,
            "trust": 0.8,
            "vendor": "fabrice bellard",
            "version": null
          },
          {
            "model": "openstack",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5.0 for rhel 6"
          },
          {
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "4.1"
          },
          {
            "model": "enterprise virtualization",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "3"
          },
          {
            "model": "enterprise linux server eus",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "(v. 6.6.z)"
          },
          {
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "4.3.28"
          },
          {
            "model": "openstack",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "4.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "5"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "(v. 5 server)"
          },
          {
            "model": "rhel virtualization",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "(v. 5 server)"
          },
          {
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "4.2"
          },
          {
            "model": "xen",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "xen",
            "version": "4.5.x and earlier"
          },
          {
            "model": "vm server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "3.2"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "(v. 6)"
          },
          {
            "model": "vm virtualbox",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "4.3"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "(v. 7)"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "(v. 6)"
          },
          {
            "model": "vm server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "3.3"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "7"
          },
          {
            "model": "openstack",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "6.0 for rhel 7"
          },
          {
            "model": "enterprise linux hpc node",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "(v. 7)"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "6"
          },
          {
            "model": "vm virtualbox",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "3.2"
          },
          {
            "model": "hp helion openstack",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": "1.1.0"
          },
          {
            "model": "vm server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "oracle",
            "version": "2.2"
          },
          {
            "model": "openstack",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "5.0 for rhel 7"
          },
          {
            "model": "rhel desktop multi os",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "(v. 5 client)"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "red hat",
            "version": "(v. 6)"
          },
          {
            "model": "qemu",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "qemu",
            "version": "2.3.0"
          },
          {
            "model": "xen",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xen",
            "version": "4.4.1"
          },
          {
            "model": "rc1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xen",
            "version": "4.4.0"
          },
          {
            "model": "xen",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xen",
            "version": "4.4.0"
          },
          {
            "model": "xen",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xen",
            "version": "4.3.1"
          },
          {
            "model": "xen",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xen",
            "version": "4.3.0"
          },
          {
            "model": "xen",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xen",
            "version": "4.2.3"
          },
          {
            "model": "xen",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xen",
            "version": "4.2.2"
          },
          {
            "model": "xen",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xen",
            "version": "4.2.1"
          },
          {
            "model": "xen",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "xen",
            "version": "4.2.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "15.04"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "14.10"
          },
          {
            "model": "linux lts",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "14.04"
          },
          {
            "model": "linux lts i386",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "12.04"
          },
          {
            "model": "linux lts amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ubuntu",
            "version": "12.04"
          },
          {
            "model": "linux enterprise software development kit sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "linux enterprise server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "linux enterprise server sp2",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "linux enterprise server sp1",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "linux enterprise server sp4 ltss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "model": "linux enterprise server sp4",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "model": "linux enterprise server sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "10"
          },
          {
            "model": "linux enterprise software development kit",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "12"
          },
          {
            "model": "linux enterprise server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "12"
          },
          {
            "model": "linux enterprise server sp2 ltss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "linux enterprise server sp1 ltss",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "linux enterprise expanded support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "7"
          },
          {
            "model": "linux enterprise expanded support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "6"
          },
          {
            "model": "linux enterprise expanded support",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "5"
          },
          {
            "model": "linux enterprise desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "12"
          },
          {
            "model": "linux enterprise desktop sp3",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "suse",
            "version": "11"
          },
          {
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "13.2"
          },
          {
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "13.1"
          },
          {
            "model": "openstack for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.07"
          },
          {
            "model": "openstack for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5.07"
          },
          {
            "model": "openstack for rhel",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5.06"
          },
          {
            "model": "enterprise virtualization",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "3"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux virtualization server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "enterprise linux server eus 6.5.z",
            "scope": null,
            "trust": 0.3,
            "vendor": "redhat",
            "version": null
          },
          {
            "model": "enterprise linux server aus",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6.5"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux hpc node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux hpc node",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux desktop multi os client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "7"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "6"
          },
          {
            "model": "enterprise linux desktop client",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "redhat",
            "version": "5"
          },
          {
            "model": "qemu",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "qemu",
            "version": "0"
          },
          {
            "model": "peoplesoft enterprise peopletools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.54"
          },
          {
            "model": "peoplesoft enterprise peopletools",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "8.53"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "7"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6.2"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "6"
          },
          {
            "model": "enterprise linux",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "oracle",
            "version": "5"
          },
          {
            "model": "northstar controller application",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "2.1.0"
          },
          {
            "model": "smartdatacenter",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "joyent",
            "version": "0"
          },
          {
            "model": "public cloud",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "joyent",
            "version": "0"
          },
          {
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1"
          },
          {
            "model": "pureapplication system",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.0"
          },
          {
            "model": "powerkvm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "2.1"
          },
          {
            "model": "flex system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.20"
          },
          {
            "model": "flex system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.3.0"
          },
          {
            "model": "flex system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.1.0"
          },
          {
            "model": "flex system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.0.1"
          },
          {
            "model": "flex system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.3.0.0"
          },
          {
            "model": "flex system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.2.1.0"
          },
          {
            "model": "flex system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.2.0.0"
          },
          {
            "model": "flex system manager",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "ibm",
            "version": "1.1.0.0"
          },
          {
            "model": "fusioncompute v100r005c10",
            "scope": null,
            "trust": 0.3,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "fusioncompute v100r005c00spc300",
            "scope": null,
            "trust": 0.3,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "fusioncompute v100r005c00",
            "scope": null,
            "trust": 0.3,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "fusioncompute v100r003c10spc600",
            "scope": null,
            "trust": 0.3,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "fusioncompute v100r003c10cp6001",
            "scope": null,
            "trust": 0.3,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "fusioncompute v100r003c10",
            "scope": null,
            "trust": 0.3,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "fusioncompute v100r003c00spc300",
            "scope": null,
            "trust": 0.3,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "fusioncompute v100r003c00",
            "scope": null,
            "trust": 0.3,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "helion openstack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.1.0"
          },
          {
            "model": "helion openstack",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "1.0.0"
          },
          {
            "model": "helion cloudsystem",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "hp",
            "version": "8.1"
          },
          {
            "model": "linux",
            "scope": null,
            "trust": 0.3,
            "vendor": "gentoo",
            "version": null
          },
          {
            "model": "fortisandbox",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "2.0.2"
          },
          {
            "model": "linux sparc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux s/390",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux powerpc",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux mips",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux ia-32",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux arm",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "linux amd64",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "debian",
            "version": "6.0"
          },
          {
            "model": "xenserver",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "6.0.2"
          },
          {
            "model": "xenserver",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "6.5"
          },
          {
            "model": "xenserver",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "6.2"
          },
          {
            "model": "xenserver",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "6.1"
          },
          {
            "model": "xenserver",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "citrix",
            "version": "6.0"
          },
          {
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "7"
          },
          {
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "6"
          },
          {
            "model": "centos",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "centos",
            "version": "5"
          },
          {
            "model": "northstar controller application service pack",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "2.1.01"
          },
          {
            "model": "fusioncompute v100r005c00cp3001",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "huawei",
            "version": null
          },
          {
            "model": "fortisandbox",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "fortinet",
            "version": "2.0.3"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "74640"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002668"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-207"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3456"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "2.3.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:openstack:4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:enterprise_virtualization:3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:xen:xen:4.5.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-3456"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Jason Geffner, CrowdStrike Senior Security Researcher",
        "sources": [
          {
            "db": "BID",
            "id": "74640"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2015-3456",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "ADJACENT_NETWORK",
                "authentication": "SINGLE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.7,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 5.1,
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Adjacent Network",
                "authentication": "Single",
                "author": "NVD",
                "availabilityImpact": "Complete",
                "baseScore": 7.7,
                "confidentialityImpact": "Complete",
                "exploitabilityScore": null,
                "id": "CVE-2015-3456",
                "impactScore": null,
                "integrityImpact": "Complete",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.9,
                "userInteractionRequired": null,
                "vectorString": "AV:A/AC:L/Au:S/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2015-3456",
                "trust": 1.8,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201505-207",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULMON",
                "id": "CVE-2015-3456",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2015-3456"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002668"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-207"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3456"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM. QEMU is prone to a remote memory-corruption vulnerability because the application fails to perform adequate boundary-checks on user-supplied data. \nAn attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts may result in a denial-of-service condition. Relevant releases/architectures:\n\nRHEV Agents (vdsm) - x86_64\n\n3. After installing\nthis update, shut down all running virtual machines. \n\nBackground\n==========\n\nVirtualBox is a powerful virtualization product from Oracle. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: kvm security update\nAdvisory ID:       RHSA-2015:1003-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2015-1003.html\nIssue date:        2015-05-13\nCVE Names:         CVE-2015-3456 \n=====================================================================\n\n1. Summary:\n\nUpdated kvm packages that fix one security issue are now available for Red\nHat Enterprise Linux 5. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section. \n\n2. Relevant releases/architectures:\n\nRHEL Desktop Multi OS (v. 5 client) - x86_64\nRHEL Virtualization (v. 5 server) - x86_64\n\n3. Description:\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution for\nLinux on AMD64 and Intel 64 systems. \n\nAn out-of-bounds memory access flaw was found in the way QEMU\u0027s virtual\nFloppy Disk Controller (FDC) handled FIFO buffer access while processing\ncertain FDC commands. A privileged guest user could use this flaw to crash\nthe guest or, potentially, execute arbitrary code on the host with the\nprivileges of the host\u0027s QEMU process corresponding to the guest. \n(CVE-2015-3456)\n\nRed Hat would like to thank Jason Geffner of CrowdStrike for reporting\nthis issue. \n\nAll kvm users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. Note: The procedure in\nthe Solution section must be performed before this update will take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe following procedure must be performed before this update will take\neffect:\n\n1) Stop all KVM guest virtual machines. \n\n2) Either reboot the hypervisor machine or, as the root user, remove (using\n\"modprobe -r [module]\") and reload (using \"modprobe [module]\") all of the\nfollowing modules which are currently running (determined using \"lsmod\"):\nkvm, ksm, kvm-intel or kvm-amd. \n\n3) Restart the KVM guest virtual machines. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1218611 - CVE-2015-3456 qemu: fdc: out-of-bounds fifo buffer memory access\n\n6. Package List:\n\nRHEL Desktop Multi OS (v. 5 client):\n\nSource:\nkvm-83-272.el5_11.src.rpm\n\nx86_64:\nkmod-kvm-83-272.el5_11.x86_64.rpm\nkmod-kvm-debug-83-272.el5_11.x86_64.rpm\nkvm-83-272.el5_11.x86_64.rpm\nkvm-debuginfo-83-272.el5_11.x86_64.rpm\nkvm-qemu-img-83-272.el5_11.x86_64.rpm\nkvm-tools-83-272.el5_11.x86_64.rpm\n\nRHEL Virtualization (v. 5 server):\n\nSource:\nkvm-83-272.el5_11.src.rpm\n\nx86_64:\nkmod-kvm-83-272.el5_11.x86_64.rpm\nkmod-kvm-debug-83-272.el5_11.x86_64.rpm\nkvm-83-272.el5_11.x86_64.rpm\nkvm-debuginfo-83-272.el5_11.x86_64.rpm\nkvm-qemu-img-83-272.el5_11.x86_64.rpm\nkvm-tools-83-272.el5_11.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2015-3456\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2015 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFVU1nfXlSAg2UNWIIRAtvxAKCVxqsaYdrCQN16dcpCIKajKnUzHgCfVy1r\n6y8+9uFGI3F4Epc74lb8mrg=\n=sjA3\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. From: Yury German \u003cblueknight@gentoo.org\u003e\nTo: gentoo-announce@lists.gentoo.org\nMessage-ID: \u003c57035F2D.8090108@gentoo.org\u003e\nSubject: [ GLSA 201604-03 ] Xen: Multiple vulnerabilities\n\n\n\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201604-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                           https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n    Title: Xen: Multiple vulnerabilities\n     Date: April 05, 2016\n     Bugs: #445254, #513832, #547202, #549200, #549950, #550658,\n           #553664, #553718, #555532, #556304, #561110, #564472,\n           #564932, #566798, #566838, #566842, #567962, #571552,\n           #571556, #574012\n       ID: 201604-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Xen, the worst of which\ncause a Denial of Service. \n\nBackground\n==========\n\nXen is a bare-metal hypervisor. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  app-emulation/xen           \u003c 4.6.0-r9               \u003e= 4.6.0-r9\n                                                         *\u003e= 4.5.2-r5\n  2  app-emulation/xen-pvgrub\n                                  \u003c 4.6.0                  Vulnerable!\n  3  app-emulation/xen-tools     \u003c 4.6.0-r9               \u003e= 4.6.0-r9\n                                                         *\u003e= 4.5.2-r5\n  4  app-emulation/pvgrub                                    \u003e= 4.6.0\n                                                            *\u003e= 4.5.2\n    -------------------------------------------------------------------\n     NOTE: Certain packages are still vulnerable. Users should migrate\n           to another package if one is available or wait for the\n           existing packages to be marked stable by their\n           architecture maintainers. \n    -------------------------------------------------------------------\n     4 affected packages\n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Xen. Please review the\nCVE identifiers referenced below for details. \n\nImpact\n======\n\nA local attacker could possibly cause a Denial of Service condition or\nobtain sensitive information. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Xen 4.5 users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=app-emulation/xen-4.5.2-r5\"\n\nAll Xen 4.6 users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=app-emulation/xen-4.6.0-r9\"\n\nAll Xen tools 4.5 users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot -v \"\u003e=app-emulation/xen-tools-4.5.2-r5\"\n\nAll Xen tools 4.6 users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot -v \"\u003e=app-emulation/xen-tools-4.6.0-r9\"\n\nAll Xen pvgrub users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=app-emulation/xen-pvgrub-4.6.0\"=\n\n\nReferences\n==========\n\n[  1 ] CVE-2012-3494\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3494\n[  2 ] CVE-2012-3495\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3495\n[  3 ] CVE-2012-3496\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3496\n[  4 ] CVE-2012-3497\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3497\n[  5 ] CVE-2012-3498\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3498\n[  6 ] CVE-2012-3515\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3515\n[  7 ] CVE-2012-4411\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4411\n[  8 ] CVE-2012-4535\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4535\n[  9 ] CVE-2012-4536\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4536\n[ 10 ] CVE-2012-4537\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4537\n[ 11 ] CVE-2012-4538\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4538\n[ 12 ] CVE-2012-4539\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4539\n[ 13 ] CVE-2012-6030\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6030\n[ 14 ] CVE-2012-6031\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6031\n[ 15 ] CVE-2012-6032\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6032\n[ 16 ] CVE-2012-6033\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6033\n[ 17 ] CVE-2012-6034\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6034\n[ 18 ] CVE-2012-6035\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6035\n[ 19 ] CVE-2012-6036\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6036\n[ 20 ] CVE-2015-2151\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2151\n[ 21 ] CVE-2015-3209\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3209\n[ 22 ] CVE-2015-3259\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3259\n[ 23 ] CVE-2015-3340\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3340\n[ 24 ] CVE-2015-3456\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3456\n[ 25 ] CVE-2015-4103\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4103\n[ 26 ] CVE-2015-4104\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4104\n[ 27 ] CVE-2015-4105\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4105\n[ 28 ] CVE-2015-4106\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4106\n[ 29 ] CVE-2015-4163\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4163\n[ 30 ] CVE-2015-4164\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-4164\n[ 31 ] CVE-2015-5154\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-5154\n[ 32 ] CVE-2015-7311\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7311\n[ 33 ] CVE-2015-7504\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7504\n[ 34 ] CVE-2015-7812\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7812\n[ 35 ] CVE-2015-7813\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7813\n[ 36 ] CVE-2015-7814\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7814\n[ 37 ] CVE-2015-7835\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7835\n[ 38 ] CVE-2015-7871\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7871\n[ 39 ] CVE-2015-7969\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7969\n[ 40 ] CVE-2015-7970\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7970\n[ 41 ] CVE-2015-7971\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7971\n[ 42 ] CVE-2015-7972\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7972\n[ 43 ] CVE-2015-8339\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8339\n[ 44 ] CVE-2015-8340\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8340\n[ 45 ] CVE-2015-8341\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8341\n[ 46 ] CVE-2015-8550\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8550\n[ 47 ] CVE-2015-8551\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8551\n[ 48 ] CVE-2015-8552\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8552\n[ 49 ] CVE-2015-8554\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8554\n[ 50 ] CVE-2015-8555\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8555\n[ 51 ] CVE-2016-2270\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2270\n[ 52 ] CVE-2016-2271\n       http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2271\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201604-03\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2016 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n\n--roWGDR0oQEDLX1s6lNAQV7ISgI2Pjo8Pc\n. \n\nCVE-2015-1779\n\n    Daniel P. Berrange discovered a denial of service vulnerability in\n    the VNC web socket decoder. \n\nCVE-2015-2756\n\n    Jan Beulich discovered that unmediated PCI command register could\n    result in denial of service. \n\nCVE-2015-3456\n\n    Jason Geffner discovered a buffer overflow in the emulated floppy\n    disk drive, resulting in the potential execution of arbitrary code. \n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 1.1.2+dfsg-6a+deb7u7 of the qemu source package and in version\n1.1.2+dfsg-6+deb7u7 of the qemu-kvm source package. Only CVE-2015-3456\naffects oldstable. \n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 1:2.1+dfsg-12. \n\nFor the unstable distribution (sid), these problems will be fixed soon. \n\nWe recommend that you upgrade your qemu packages",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2015-3456"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002668"
          },
          {
            "db": "BID",
            "id": "74640"
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3456"
          },
          {
            "db": "PACKETSTORM",
            "id": "131894"
          },
          {
            "db": "PACKETSTORM",
            "id": "131890"
          },
          {
            "db": "PACKETSTORM",
            "id": "140113"
          },
          {
            "db": "PACKETSTORM",
            "id": "131889"
          },
          {
            "db": "PACKETSTORM",
            "id": "136587"
          },
          {
            "db": "PACKETSTORM",
            "id": "131879"
          }
        ],
        "trust": 2.52
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=37053",
            "trust": 0.1,
            "type": "exploit"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2015-3456"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2015-3456",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "74640",
            "trust": 2.0
          },
          {
            "db": "JUNIPER",
            "id": "JSA10783",
            "trust": 2.0
          },
          {
            "db": "SECTRACK",
            "id": "1032917",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1032306",
            "trust": 1.7
          },
          {
            "db": "SECTRACK",
            "id": "1032311",
            "trust": 1.7
          },
          {
            "db": "EXPLOIT-DB",
            "id": "37053",
            "trust": 1.7
          },
          {
            "db": "JUNIPER",
            "id": "JSA10693",
            "trust": 1.7
          },
          {
            "db": "MCAFEE",
            "id": "SB10118",
            "trust": 1.7
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002668",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-207",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2015-3456",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "131894",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "131890",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "140113",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "131889",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "136587",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "131879",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2015-3456"
          },
          {
            "db": "BID",
            "id": "74640"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002668"
          },
          {
            "db": "PACKETSTORM",
            "id": "131894"
          },
          {
            "db": "PACKETSTORM",
            "id": "131890"
          },
          {
            "db": "PACKETSTORM",
            "id": "140113"
          },
          {
            "db": "PACKETSTORM",
            "id": "131889"
          },
          {
            "db": "PACKETSTORM",
            "id": "136587"
          },
          {
            "db": "PACKETSTORM",
            "id": "131879"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-207"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3456"
          }
        ]
      },
      "id": "VAR-201505-0417",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.3808862333333334
      },
      "last_update_date": "2024-06-12T21:47:20.585000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "HPSBMU03336",
            "trust": 0.8,
            "url": "http://marc.info/?l=bugtraq\u0026m=143229451215900\u0026w=2"
          },
          {
            "title": "Oracle Critical Patch Update Advisory - July 2015",
            "trust": 0.8,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
          },
          {
            "title": "Text Form of Oracle Critical Patch Update - July 2015 Risk Matrices",
            "trust": 0.8,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015verbose-2367947.html"
          },
          {
            "title": "Oracle Security Alert for CVE-2015-3456",
            "trust": 0.8,
            "url": "http://www.oracle.com/technetwork/topics/security/alert-cve-2015-3456-2542656.html"
          },
          {
            "title": "fdc: force the fifo access to be in bounds of the allocated buffer",
            "trust": 0.8,
            "url": "http://git.qemu.org/?p=qemu.git;a=commitdiff;h=e907746266721f305d67bc0718795fedee2e824c"
          },
          {
            "title": "VENOM: QEMU vulnerability (CVE-2015-3456)",
            "trust": 0.8,
            "url": "https://access.redhat.com/articles/1444903"
          },
          {
            "title": "RHSA-2015:1002",
            "trust": 0.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-1002.html"
          },
          {
            "title": "RHSA-2015:1003",
            "trust": 0.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-1003.html"
          },
          {
            "title": "RHSA-2015:1004",
            "trust": 0.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-1004.html"
          },
          {
            "title": "RHSA-2015:0998",
            "trust": 0.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-0998.html"
          },
          {
            "title": "RHSA-2015:0999",
            "trust": 0.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-0999.html"
          },
          {
            "title": "RHSA-2015:1000",
            "trust": 0.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-1000.html"
          },
          {
            "title": "RHSA-2015:1001",
            "trust": 0.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-1001.html"
          },
          {
            "title": "VENOM, don\u2019t get bitten.",
            "trust": 0.8,
            "url": "http://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/"
          },
          {
            "title": "July 2015 Critical Patch Update Released",
            "trust": 0.8,
            "url": "https://blogs.oracle.com/security/entry/july_2015_critical_patch_update"
          },
          {
            "title": " CVE-2015-3456",
            "trust": 0.8,
            "url": "https://www.suse.com/security/cve/cve-2015-3456.html"
          },
          {
            "title": "XSA-133",
            "trust": 0.8,
            "url": "http://xenbits.xen.org/xsa/advisory-133.html"
          },
          {
            "title": "xsa133-qemuu",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=55519"
          },
          {
            "title": "xsa133-qemut",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=55518"
          },
          {
            "title": "xsa133-qemuu-4.3-4.2",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=55520"
          },
          {
            "title": "qemu.git-e907746266721f305d67bc0718795fedee2e824c",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=55517"
          },
          {
            "title": "The Register",
            "trust": 0.2,
            "url": "https://www.theregister.co.uk/2016/05/05/poc_exploit_tripled_2015_study/"
          },
          {
            "title": "The Register",
            "trust": 0.2,
            "url": "https://www.theregister.co.uk/2015/05/19/oracle_patches_venom/"
          },
          {
            "title": "The Register",
            "trust": 0.2,
            "url": "https://www.theregister.co.uk/2015/05/14/venom_analysis/"
          },
          {
            "title": "Debian CVElist Bug Report Logs: virtualbox: CVE-2015-3456: floppy driver host code execution",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=1e9cefc84b9a72ae90225e9ff55d95b7"
          },
          {
            "title": "Debian Security Advisories: DSA-3262-1 xen -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=062e555c99e007ed070757c824f250eb"
          },
          {
            "title": "Debian Security Advisories: DSA-3274-1 virtualbox -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=13673fabccef0c794fd2bc2944597470"
          },
          {
            "title": "Ubuntu Security Notice: qemu, qemu-kvm vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-2608-1"
          },
          {
            "title": "Debian Security Advisories: DSA-3259-1 qemu -- security update",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=57edcd554beef990c5db7c77e4410e91"
          },
          {
            "title": "Debian CVElist Bug Report Logs: qemu: CVE-2014-9718 CVE-2015-1779",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=a8c61c5fbe108faa83788a9a61ccb677"
          },
          {
            "title": "Symantec Security Advisories: SA95 : VENOM Vulnerability in Virtualization Platforms",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=015b922e5570d0f4c9f66b103d8e694a"
          },
          {
            "title": "Oracle: Oracle Security Alert for CVE-2015-3456",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=222bdb74a04df3dae048eda54c80f9ea"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - July 2015",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=459961024c4bdce7bb3a1a40a65a6f2e"
          },
          {
            "title": "elysiumVM",
            "trust": 0.1,
            "url": "https://github.com/cyberlifetech/elysiumvm "
          },
          {
            "title": "cve-2015-3456",
            "trust": 0.1,
            "url": "https://github.com/vincentbernat/cve-2015-3456 "
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/rub-syssec/hypercube "
          },
          {
            "title": "laputa",
            "trust": 0.1,
            "url": "https://github.com/takuzoo3868/laputa "
          },
          {
            "title": "cookbook-xs-maintenance",
            "trust": 0.1,
            "url": "https://github.com/pigram86/cookbook-xs-maintenance "
          },
          {
            "title": "rhsecapi",
            "trust": 0.1,
            "url": "https://github.com/redhatofficial/rhsecapi "
          },
          {
            "title": "cve-pylib",
            "trust": 0.1,
            "url": "https://github.com/redhatproductsecurity/cve-pylib "
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2015-3456"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002668"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-207"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-119",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002668"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3456"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.8,
            "url": "http://venom.crowdstrike.com/"
          },
          {
            "trust": 2.6,
            "url": "http://support.citrix.com/article/ctx201078"
          },
          {
            "trust": 2.3,
            "url": "http://www.debian.org/security/2015/dsa-3274"
          },
          {
            "trust": 2.3,
            "url": "http://www.securityfocus.com/bid/74640"
          },
          {
            "trust": 2.3,
            "url": "http://www.debian.org/security/2015/dsa-3259"
          },
          {
            "trust": 2.3,
            "url": "http://www.debian.org/security/2015/dsa-3262"
          },
          {
            "trust": 2.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-1001.html"
          },
          {
            "trust": 2.1,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-1004.html"
          },
          {
            "trust": 2.0,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-1000.html"
          },
          {
            "trust": 2.0,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-0999.html"
          },
          {
            "trust": 2.0,
            "url": "http://xenbits.xen.org/xsa/advisory-133.html"
          },
          {
            "trust": 2.0,
            "url": "https://securityblog.redhat.com/2015/05/13/venom-dont-get-bitten/"
          },
          {
            "trust": 2.0,
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
          },
          {
            "trust": 2.0,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-1011.html"
          },
          {
            "trust": 1.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-1003.html"
          },
          {
            "trust": 1.8,
            "url": "https://www.exploit-db.com/exploits/37053/"
          },
          {
            "trust": 1.8,
            "url": "https://security.gentoo.org/glsa/201612-27"
          },
          {
            "trust": 1.8,
            "url": "https://security.gentoo.org/glsa/201604-03"
          },
          {
            "trust": 1.7,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-1002.html"
          },
          {
            "trust": 1.7,
            "url": "http://rhn.redhat.com/errata/rhsa-2015-0998.html"
          },
          {
            "trust": 1.7,
            "url": "https://access.redhat.com/articles/1444903"
          },
          {
            "trust": 1.7,
            "url": "https://www.suse.com/security/cve/cve-2015-3456.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html"
          },
          {
            "trust": 1.7,
            "url": "http://marc.info/?l=bugtraq\u0026m=143229451215900\u0026w=2"
          },
          {
            "trust": 1.7,
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10118"
          },
          {
            "trust": 1.7,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-may/158072.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.ubuntu.com/usn/usn-2608-1"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00042.html"
          },
          {
            "trust": 1.7,
            "url": "https://support.lenovo.com/us/en/product_security/venom"
          },
          {
            "trust": 1.7,
            "url": "http://marc.info/?l=bugtraq\u0026m=143387998230996\u0026w=2"
          },
          {
            "trust": 1.7,
            "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-438937.htm"
          },
          {
            "trust": 1.7,
            "url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10693"
          },
          {
            "trust": 1.7,
            "url": "https://bto.bluecoat.com/security-advisory/sa95"
          },
          {
            "trust": 1.7,
            "url": "http://www.fortiguard.com/advisory/2015-05-19-cve-2015-3456-venom-vulnerability"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-updates/2015-08/msg00021.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1032311"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1032306"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00014.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00013.html"
          },
          {
            "trust": 1.7,
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00009.html"
          },
          {
            "trust": 1.7,
            "url": "https://kb.juniper.net/jsa10783"
          },
          {
            "trust": 1.7,
            "url": "https://security.gentoo.org/glsa/201602-01"
          },
          {
            "trust": 1.7,
            "url": "http://www.securitytracker.com/id/1032917"
          },
          {
            "trust": 1.7,
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1128-security-advisory-10"
          },
          {
            "trust": 1.0,
            "url": "http://git.qemu.org/?p=qemu.git%3ba=commitdiff%3bh=e907746266721f305d67bc0718795fedee2e824c"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-3456"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-3456"
          },
          {
            "trust": 0.7,
            "url": "http://git.qemu.org/?p=qemu.git;a=commitdiff;h=e907746266721f305d67bc0718795fedee2e824c"
          },
          {
            "trust": 0.6,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3456"
          },
          {
            "trust": 0.3,
            "url": "http://git.qemu.org/?p=qemu.git;a=commit;h=e907746266721f305d67bc0718795fedee2e824c"
          },
          {
            "trust": 0.3,
            "url": "http://wiki.qemu.org/main_page"
          },
          {
            "trust": 0.3,
            "url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10783\u0026cat=sirt_1\u0026actp=list"
          },
          {
            "trust": 0.3,
            "url": "http://www.fortiguard.com/advisory/fg-ir-15-012/"
          },
          {
            "trust": 0.3,
            "url": "http://seclists.org/bugtraq/2015/may/129"
          },
          {
            "trust": 0.3,
            "url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04706564"
          },
          {
            "trust": 0.3,
            "url": "https://www.suse.com/support/kb/doc.php?id=7016497"
          },
          {
            "trust": 0.3,
            "url": "https://rhn.redhat.com/errata/rhsa-2015-1031.html"
          },
          {
            "trust": 0.3,
            "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-438937.htm"
          },
          {
            "trust": 0.3,
            "url": "https://help.joyent.com/entries/68099220-security-advisory-on-venom-cve-2015-3456-in-kvm-qemu"
          },
          {
            "trust": 0.3,
            "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5098681"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21903743"
          },
          {
            "trust": 0.3,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3t1022292"
          },
          {
            "trust": 0.3,
            "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-notices/archive/hw-428704.htm"
          },
          {
            "trust": 0.3,
            "url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150889-1.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150943-1.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150896-1.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150889-2.html"
          },
          {
            "trust": 0.3,
            "url": "https://www.suse.com/support/update/announcement/2015/suse-su-20150944-1.html"
          },
          {
            "trust": 0.3,
            "url": "https://www-304.ibm.com/connections/blogs/psirt/entry/venom_cve_2015_3456?lang=en_us"
          },
          {
            "trust": 0.3,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.3,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/cve/cve-2015-3456"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.3,
            "url": "https://access.redhat.com/security/updates/classification/#important"
          },
          {
            "trust": 0.2,
            "url": "https://security.gentoo.org/"
          },
          {
            "trust": 0.2,
            "url": "http://creativecommons.org/licenses/by-sa/2.5"
          },
          {
            "trust": 0.2,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3456"
          },
          {
            "trust": 0.2,
            "url": "https://bugs.gentoo.org."
          },
          {
            "trust": 0.2,
            "url": "http://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/119.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/cyberlifetech/elysiumvm"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=38855"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/2608-1/"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-5611"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-5610"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0981"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6595"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0418"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6590"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0983"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5608"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-0981"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0377"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0377"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0427"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-5613"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6588"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6595"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0427"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6589"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0983"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5610"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-5608"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-0418"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-6588"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6590"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5613"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5611"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6589"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4536"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-5154"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7504"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4535"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-4103"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4105"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4535"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6030"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7835"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8551"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4538"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8552"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6036"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-6036"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7814"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4106"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7970"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8550"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3497"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4536"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3495"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6031"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-4106"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4537"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-6034"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3259"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3340"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-2151"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4411"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7972"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4538"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-6035"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3495"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4539"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3494"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7871"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6033"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-6032"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4537"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6035"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6032"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7813"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3515"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7971"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3498"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2270"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3209"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-6031"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-6030"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3498"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3497"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3494"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8555"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4163"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8340"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-4104"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7311"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-3259"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-2151"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8339"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-6033"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8554"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4411"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-6034"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-4105"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8341"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4539"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3340"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4164"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3515"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4103"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3496"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3209"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7969"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-4104"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3496"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2271"
          },
          {
            "trust": 0.1,
            "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7812"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-9718"
          },
          {
            "trust": 0.1,
            "url": "http://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-1779"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-2756"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2015-3456"
          },
          {
            "db": "BID",
            "id": "74640"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002668"
          },
          {
            "db": "PACKETSTORM",
            "id": "131894"
          },
          {
            "db": "PACKETSTORM",
            "id": "131890"
          },
          {
            "db": "PACKETSTORM",
            "id": "140113"
          },
          {
            "db": "PACKETSTORM",
            "id": "131889"
          },
          {
            "db": "PACKETSTORM",
            "id": "136587"
          },
          {
            "db": "PACKETSTORM",
            "id": "131879"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-207"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3456"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULMON",
            "id": "CVE-2015-3456"
          },
          {
            "db": "BID",
            "id": "74640"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002668"
          },
          {
            "db": "PACKETSTORM",
            "id": "131894"
          },
          {
            "db": "PACKETSTORM",
            "id": "131890"
          },
          {
            "db": "PACKETSTORM",
            "id": "140113"
          },
          {
            "db": "PACKETSTORM",
            "id": "131889"
          },
          {
            "db": "PACKETSTORM",
            "id": "136587"
          },
          {
            "db": "PACKETSTORM",
            "id": "131879"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-207"
          },
          {
            "db": "NVD",
            "id": "CVE-2015-3456"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2015-05-13T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-3456"
          },
          {
            "date": "2015-05-13T00:00:00",
            "db": "BID",
            "id": "74640"
          },
          {
            "date": "2015-05-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-002668"
          },
          {
            "date": "2015-05-13T19:45:39",
            "db": "PACKETSTORM",
            "id": "131894"
          },
          {
            "date": "2015-05-13T19:45:08",
            "db": "PACKETSTORM",
            "id": "131890"
          },
          {
            "date": "2016-12-12T04:22:22",
            "db": "PACKETSTORM",
            "id": "140113"
          },
          {
            "date": "2015-05-13T19:44:59",
            "db": "PACKETSTORM",
            "id": "131889"
          },
          {
            "date": "2016-04-06T13:30:13",
            "db": "PACKETSTORM",
            "id": "136587"
          },
          {
            "date": "2015-05-13T17:43:32",
            "db": "PACKETSTORM",
            "id": "131879"
          },
          {
            "date": "2015-05-14T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201505-207"
          },
          {
            "date": "2015-05-13T18:59:00.157000",
            "db": "NVD",
            "id": "CVE-2015-3456"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-11-17T00:00:00",
            "db": "VULMON",
            "id": "CVE-2015-3456"
          },
          {
            "date": "2017-04-18T00:05:00",
            "db": "BID",
            "id": "74640"
          },
          {
            "date": "2015-07-29T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2015-002668"
          },
          {
            "date": "2021-11-08T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201505-207"
          },
          {
            "date": "2023-11-07T02:25:38.537000",
            "db": "NVD",
            "id": "CVE-2015-3456"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "specific network environment",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-207"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Xen and  KVM Used in  QEMU Service disruption in floppy disk controllers in Japan  (DoS) Vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2015-002668"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "buffer error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201505-207"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201410-0935

    Vulnerability from variot - Updated: 2023-12-18 11:51

    visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote attackers to access restricted directories, as demonstrated using "public-restricted" under a "public" directory. Node.js is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can use specially crafted requests with directory-traversal sequences ('../') to create or overwrite arbitrary files in the context of the application. This may aid in further attacks. Versions prior to Node.js 0.8.4 are vulnerable. Joyent Node.js is a set of network application platforms built on the Google V8 JavaScript engine by the American Joyent company. The platform is mainly used to build highly scalable applications and write connection code that can handle tens of thousands of connections to a physical machine at the same time. A remote attacker could exploit this vulnerability to access restricted directories. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

    APPLE-SA-2015-09-16-2 Xcode 7.0

    Xcode 7.0 is now available and addresses the following:

    DevTools Available for: OS X Yosemite v10.10.4 or later Impact: An attacker may be able to bypass access restrictions Description: An API issue existed in the apache configuration. This issue was addressed by updating header files to use the latest version. CVE-ID CVE-2015-3185 : Branko Aibej of the Apache Software Foundation

    IDE Xcode Server Available for: OS X Yosemite 10.10 or later Impact: An attacker may be able to access restricted parts of the filesystem Description: A comparison issue existed in the node.js send module prior to version 0.8.4. This issue was addressed by upgrading to version 0.12.3. CVE-ID CVE-2014-6394 : Ilya Kantor

    IDE Xcode Server Available for: OS X Yosemite v10.10.4 or later Impact: Multiple vulnerabilties in OpenSSL Description: Multiple vulnerabilties existed in the node.js OpenSSL module prior to version 1.0.1j. These issues were addressed by updating openssl to version 1.0.1j. CVE-ID CVE-2014-3513 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568

    IDE Xcode Server Available for: OS X Yosemite v10.10.4 or later Impact: An attacker with a privileged network position may be able to inspect traffic to Xcode Server Description: Connections to Xcode Server may have been made without encryption. This issue was addressed through improved network connection logic. CVE-ID CVE-2015-5910 : an anonymous researcher

    IDE Xcode Server Available for: OS X Yosemite v10.10.4 or later Impact: Build notifications may be sent to unintended recipients Description: An access issue existed in the handling of repository email lists. This issue was addressed through improved validation. CVE-ID CVE-2015-5909 : Daniel Tomlinson of Rocket Apps, David Gatwood of Anchorfree

    subversion Available for: OS X Yosemite v10.10.4 or later Impact: Multiple vulnerabilities existed in svn versions prior to 1.7.19 Description: Multiple vulnerabilities existed in svn versions prior to 1.7.19. These issues were addressed by updating svn to version 1.7.20. CVE-ID CVE-2015-0248 CVE-2015-0251

    Xcode 7.0 may be obtained from: https://developer.apple.com/xcode/downloads/

    To check that the Xcode has been updated:

    • Select Xcode in the menu bar
    • Select About Xcode
    • The version after applying this update will be "7.0".

    Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222

    This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/

    -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org

    iQIcBAEBCAAGBQJV+axlAAoJEBcWfLTuOo7tzuMQAJhCQaeClT0rDozh+WlKgM6f X86xFeXLJ1gjlPKH183Bvm2gTW0m5kQuoNK1grarMB+rEeb8mPsOczwrIJisxVlr 5zkW/7JktHcsBU5vUa4j4T/CEJjp92VPZ4ub3k3eQOrhinn4E86uKcMxrYoQOAE0 YFMSDaPBFy+LIJ08ROB/AH8fkGJMLRCRAp43IGgzNuxCDx9jzW97m1dh86mR1CxP GdhWRvN7T5YqXyJTw6pZbEHtVXjty8appe2ScvHByCRxa4gZq+/JinHInLjaB4p7 3o58rAWh7lDhcEi3HqkIu0YW6fLslPydCHTI4cH1PCHTuevNjjvK34IqMbD0jG/t tO+vQFhwXpD5chsSB2oP2zLOWAJ7BA5uwvArkJhGKKzQ5DEI0soLBWG7Koe3RitO HokIMyx0r+sf4YD+OP4RVPU9bU4FpayXZnECmHzWmK2vguihbIzjxq+Knvx7aiF9 js1Qn0DxT2puVYdhixtkvYKT7r8XRjI8MPLEwS+tX1Yg1Lqhz2G1MR6mO9iBW56L g5deOuCVc56qeaobuUK0clvdFYtyd5jIXgh0zspZ4ssCbbdCOTZUQaG1mBGkIf3R JgWTX8ny1Fdk9om3dmZVWUCzzqxJR/tm5M7kjGc425ZGaoBRWLga1VIjNz7MEfKS YMBNmqt6weEewNqyDMnX =SGgX -----END PGP SIGNATURE-----

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201410-0935",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "fedora",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "fedoraproject",
            "version": "19"
          },
          {
            "model": "fedora",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "fedoraproject",
            "version": "20"
          },
          {
            "model": "fedora",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "fedoraproject",
            "version": "21"
          },
          {
            "model": "node.js",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "joyent",
            "version": "0.8.0"
          },
          {
            "model": "node.js",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "joyent",
            "version": "0.8.1"
          },
          {
            "model": "node.js",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "joyent",
            "version": "0.8.2"
          },
          {
            "model": "node.js",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "joyent",
            "version": "0.8.3"
          },
          {
            "model": "xcode",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "apple",
            "version": "7.0"
          },
          {
            "model": "node.js",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "node js",
            "version": "0.8.4"
          },
          {
            "model": "xcode",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "apple",
            "version": "7.0   (os x yosemite v10.10.4 or later )"
          },
          {
            "model": "xcode",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.4.1"
          },
          {
            "model": "xcode",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.1"
          },
          {
            "model": "xcode",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "3.0"
          },
          {
            "model": "xcode",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.3"
          },
          {
            "model": "xcode",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.2"
          },
          {
            "model": "xcode",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.1"
          },
          {
            "model": "xcode",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "apple",
            "version": "2.0"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "70100"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004624"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-6394"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-165"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:apple:xcode:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:joyent:node.js:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "0.8.3",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:joyent:node.js:0.8.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:joyent:node.js:0.8.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:joyent:node.js:0.8.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2014-6394"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Ilya Kantor",
        "sources": [
          {
            "db": "BID",
            "id": "70100"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2014-6394",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 7.5,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2014-6394",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "VHN-74338",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2014-6394",
                "trust": 1.8,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201410-165",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-74338",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-74338"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004624"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-6394"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-165"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote attackers to access restricted directories, as demonstrated using \"public-restricted\" under a \"public\" directory. Node.js is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. \nRemote attackers can use specially crafted requests with directory-traversal sequences (\u0027../\u0027) to create or overwrite arbitrary files in the context of the application. This may aid in further attacks. \nVersions prior to Node.js 0.8.4 are vulnerable. Joyent Node.js is a set of network application platforms built on the Google V8 JavaScript engine by the American Joyent company. The platform is mainly used to build highly scalable applications and write connection code that can handle tens of thousands of connections to a physical machine at the same time. A remote attacker could exploit this vulnerability to access restricted directories. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2015-09-16-2 Xcode 7.0\n\nXcode 7.0 is now available and addresses the following:\n\nDevTools\nAvailable for:  OS X Yosemite v10.10.4 or later\nImpact:  An attacker may be able to bypass access restrictions\nDescription:  An API issue existed in the apache configuration. This\nissue was addressed by updating header files to use the latest\nversion. \nCVE-ID\nCVE-2015-3185 : Branko Aibej of the Apache Software Foundation\n\nIDE Xcode Server\nAvailable for:  OS X Yosemite 10.10 or later\nImpact:  An attacker may be able to access restricted parts of the\nfilesystem\nDescription:  A comparison issue existed in the node.js send module\nprior to version 0.8.4. This issue was addressed by upgrading to\nversion 0.12.3. \nCVE-ID\nCVE-2014-6394 : Ilya Kantor\n\nIDE Xcode Server\nAvailable for:  OS X Yosemite v10.10.4 or later\nImpact:  Multiple vulnerabilties in OpenSSL\nDescription:  Multiple vulnerabilties existed in the node.js OpenSSL\nmodule prior to version 1.0.1j. These issues were addressed by\nupdating openssl to version 1.0.1j. \nCVE-ID\nCVE-2014-3513\nCVE-2014-3566\nCVE-2014-3567\nCVE-2014-3568\n\nIDE Xcode Server\nAvailable for:  OS X Yosemite v10.10.4 or later\nImpact:  An attacker with a privileged network position may be able\nto inspect traffic to Xcode Server\nDescription:  Connections to Xcode Server may have been made without\nencryption. This issue was addressed through improved network\nconnection logic. \nCVE-ID\nCVE-2015-5910 : an anonymous researcher\n\nIDE Xcode Server\nAvailable for:  OS X Yosemite v10.10.4 or later\nImpact:  Build notifications may be sent to unintended recipients\nDescription:  An access issue existed in the handling of repository\nemail lists. This issue was addressed through improved validation. \nCVE-ID\nCVE-2015-5909 : Daniel Tomlinson of Rocket Apps, David Gatwood of\nAnchorfree\n\nsubversion\nAvailable for:  OS X Yosemite v10.10.4 or later\nImpact:  Multiple vulnerabilities existed in svn versions prior to\n1.7.19\nDescription:  Multiple vulnerabilities existed in svn versions prior\nto 1.7.19. These issues were addressed by updating svn to version\n1.7.20. \nCVE-ID\nCVE-2015-0248\nCVE-2015-0251\n\n\nXcode 7.0 may be obtained from:\nhttps://developer.apple.com/xcode/downloads/\n\nTo check that the Xcode has been updated:\n\n* Select Xcode in the menu bar\n* Select About Xcode\n* The version after applying this update will be \"7.0\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBCAAGBQJV+axlAAoJEBcWfLTuOo7tzuMQAJhCQaeClT0rDozh+WlKgM6f\nX86xFeXLJ1gjlPKH183Bvm2gTW0m5kQuoNK1grarMB+rEeb8mPsOczwrIJisxVlr\n5zkW/7JktHcsBU5vUa4j4T/CEJjp92VPZ4ub3k3eQOrhinn4E86uKcMxrYoQOAE0\nYFMSDaPBFy+LIJ08ROB/AH8fkGJMLRCRAp43IGgzNuxCDx9jzW97m1dh86mR1CxP\nGdhWRvN7T5YqXyJTw6pZbEHtVXjty8appe2ScvHByCRxa4gZq+/JinHInLjaB4p7\n3o58rAWh7lDhcEi3HqkIu0YW6fLslPydCHTI4cH1PCHTuevNjjvK34IqMbD0jG/t\ntO+vQFhwXpD5chsSB2oP2zLOWAJ7BA5uwvArkJhGKKzQ5DEI0soLBWG7Koe3RitO\nHokIMyx0r+sf4YD+OP4RVPU9bU4FpayXZnECmHzWmK2vguihbIzjxq+Knvx7aiF9\njs1Qn0DxT2puVYdhixtkvYKT7r8XRjI8MPLEwS+tX1Yg1Lqhz2G1MR6mO9iBW56L\ng5deOuCVc56qeaobuUK0clvdFYtyd5jIXgh0zspZ4ssCbbdCOTZUQaG1mBGkIf3R\nJgWTX8ny1Fdk9om3dmZVWUCzzqxJR/tm5M7kjGc425ZGaoBRWLga1VIjNz7MEfKS\nYMBNmqt6weEewNqyDMnX\n=SGgX\n-----END PGP SIGNATURE-----\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2014-6394"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004624"
          },
          {
            "db": "BID",
            "id": "70100"
          },
          {
            "db": "VULHUB",
            "id": "VHN-74338"
          },
          {
            "db": "PACKETSTORM",
            "id": "133617"
          }
        ],
        "trust": 2.07
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2014-6394",
            "trust": 2.9
          },
          {
            "db": "BID",
            "id": "70100",
            "trust": 1.4
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2014/09/30/10",
            "trust": 1.1
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2014/09/24/1",
            "trust": 1.1
          },
          {
            "db": "SECUNIA",
            "id": "62170",
            "trust": 1.1
          },
          {
            "db": "JVN",
            "id": "JVNVU99970459",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004624",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-165",
            "trust": 0.7
          },
          {
            "db": "AUSCERT",
            "id": "ESB-2020.4254",
            "trust": 0.6
          },
          {
            "db": "VULHUB",
            "id": "VHN-74338",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "133617",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-74338"
          },
          {
            "db": "BID",
            "id": "70100"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004624"
          },
          {
            "db": "PACKETSTORM",
            "id": "133617"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-6394"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-165"
          }
        ]
      },
      "id": "VAR-201410-0935",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-74338"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2023-12-18T11:51:15.964000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "APPLE-SA-2015-09-16-2 Xcode 7.0",
            "trust": 0.8,
            "url": "http://lists.apple.com/archives/security-announce/2015/sep/msg00002.html"
          },
          {
            "title": "HT205217",
            "trust": 0.8,
            "url": "https://support.apple.com/en-us/ht205217"
          },
          {
            "title": "HT205217",
            "trust": 0.8,
            "url": "http://support.apple.com/ja-jp/ht205217"
          },
          {
            "title": "FEDORA-2014-11495",
            "trust": 0.8,
            "url": "https://lists.fedoraproject.org/pipermail/package-announce/2014-october/139938.html"
          },
          {
            "title": "FEDORA-2014-11421",
            "trust": 0.8,
            "url": "https://lists.fedoraproject.org/pipermail/package-announce/2014-october/140020.html"
          },
          {
            "title": "FEDORA-2014-11289",
            "trust": 0.8,
            "url": "https://lists.fedoraproject.org/pipermail/package-announce/2014-september/139415.html"
          },
          {
            "title": "Fix a path traversal issue when using root",
            "trust": 0.8,
            "url": "https://github.com/pillarjs/send/commit/9c6ca9b2c0b880afd3ff91ce0d211213c5fa5f9a"
          },
          {
            "title": "Insecure comparison #59",
            "trust": 0.8,
            "url": "https://github.com/pillarjs/send/pull/59"
          },
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://nodejs.org/en/"
          },
          {
            "title": "Bug 1146063",
            "trust": 0.8,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1146063"
          },
          {
            "title": "send-0.8.4",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=51809"
          },
          {
            "title": "send-0.8.4",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=51808"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004624"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-165"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-22",
            "trust": 1.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-74338"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004624"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-6394"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.1,
            "url": "http://lists.apple.com/archives/security-announce/2015/sep/msg00002.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.securityfocus.com/bid/70100"
          },
          {
            "trust": 1.1,
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687263"
          },
          {
            "trust": 1.1,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1146063"
          },
          {
            "trust": 1.1,
            "url": "https://github.com/visionmedia/send/commit/9c6ca9b2c0b880afd3ff91ce0d211213c5fa5f9a"
          },
          {
            "trust": 1.1,
            "url": "https://support.apple.com/ht205217"
          },
          {
            "trust": 1.1,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-september/139415.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-october/140020.html"
          },
          {
            "trust": 1.1,
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-october/139938.html"
          },
          {
            "trust": 1.1,
            "url": "https://github.com/visionmedia/send/pull/59"
          },
          {
            "trust": 1.1,
            "url": "https://nodesecurity.io/advisories/send-directory-traversal"
          },
          {
            "trust": 1.1,
            "url": "http://www.openwall.com/lists/oss-security/2014/09/24/1"
          },
          {
            "trust": 1.1,
            "url": "http://www.openwall.com/lists/oss-security/2014/09/30/10"
          },
          {
            "trust": 1.1,
            "url": "http://secunia.com/advisories/62170"
          },
          {
            "trust": 1.1,
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96727"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-6394"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/vu/jvnvu99970459/index.html"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-6394"
          },
          {
            "trust": 0.6,
            "url": "https://www.auscert.org.au/bulletins/esb-2020.4254/"
          },
          {
            "trust": 0.3,
            "url": "http://nodejs.org"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0248"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3567"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5910"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-3185"
          },
          {
            "trust": 0.1,
            "url": "https://support.apple.com/kb/ht201222"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3568"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3513"
          },
          {
            "trust": 0.1,
            "url": "https://www.apple.com/support/security/pgp/"
          },
          {
            "trust": 0.1,
            "url": "https://developer.apple.com/xcode/downloads/"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-6394"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-0251"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-5909"
          },
          {
            "trust": 0.1,
            "url": "http://gpgtools.org"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2014-3566"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-74338"
          },
          {
            "db": "BID",
            "id": "70100"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004624"
          },
          {
            "db": "PACKETSTORM",
            "id": "133617"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-6394"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-165"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-74338"
          },
          {
            "db": "BID",
            "id": "70100"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004624"
          },
          {
            "db": "PACKETSTORM",
            "id": "133617"
          },
          {
            "db": "NVD",
            "id": "CVE-2014-6394"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-165"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2014-10-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-74338"
          },
          {
            "date": "2014-09-12T00:00:00",
            "db": "BID",
            "id": "70100"
          },
          {
            "date": "2014-10-10T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-004624"
          },
          {
            "date": "2015-09-19T15:31:48",
            "db": "PACKETSTORM",
            "id": "133617"
          },
          {
            "date": "2014-10-08T17:55:05.123000",
            "db": "NVD",
            "id": "CVE-2014-6394"
          },
          {
            "date": "2014-10-13T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201410-165"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-09-08T00:00:00",
            "db": "VULHUB",
            "id": "VHN-74338"
          },
          {
            "date": "2015-11-03T19:43:00",
            "db": "BID",
            "id": "70100"
          },
          {
            "date": "2015-10-05T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2014-004624"
          },
          {
            "date": "2017-09-08T01:29:14.403000",
            "db": "NVD",
            "id": "CVE-2014-6394"
          },
          {
            "date": "2020-12-02T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201410-165"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-165"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Node.js for  visionmedia send Vulnerable to restricted directory access",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2014-004624"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "path traversal",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201410-165"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201310-0437

    Vulnerability from variot - Updated: 2023-12-18 11:29

    The HTTP server in Node.js 0.10.x before 0.10.21 and 0.8.x before 0.8.26 allows remote attackers to cause a denial of service (memory and CPU consumption) by sending a large number of pipelined requests without reading the response. Node.js is prone to a denial-of-service vulnerability. Remote attackers can exploit this issue to cause denial-of-service conditions. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Moderate: nodejs010-nodejs security update Advisory ID: RHSA-2013:1842-01 Product: Red Hat Software Collections Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-1842.html Issue date: 2013-12-16 CVE Names: CVE-2013-4450 =====================================================================

    1. Summary:

    Updated nodejs010-nodejs packages that fix one security issue are now available for Red Hat Software Collections 1.

    The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

    1. Relevant releases/architectures:

    Red Hat Software Collections for RHEL 6 Server - x86_64 Red Hat Software Collections for RHEL 6 Workstation - x86_64

    1. Description:

    Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. (CVE-2013-4450)

    Node.js is included in Red Hat Software Collections 1.0 as a Technology Preview. More information about Red Hat Technology Previews is available here: https://access.redhat.com/support/offerings/techpreview/

    All nodejs010-nodejs users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.

    1. Solution:

    Before applying this update, make sure all previously released errata relevant to your system have been applied.

    This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258

    1. Bugs fixed (https://bugzilla.redhat.com/):

    1021170 - CVE-2013-4450 NodeJS: HTTP Pipelining DoS

    1. Package List:

    Red Hat Software Collections for RHEL 6 Server:

    Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/RHSCL/SRPMS/nodejs010-nodejs-0.10.5-8.el6.src.rpm

    x86_64: nodejs010-nodejs-0.10.5-8.el6.x86_64.rpm nodejs010-nodejs-debuginfo-0.10.5-8.el6.x86_64.rpm nodejs010-nodejs-devel-0.10.5-8.el6.x86_64.rpm nodejs010-nodejs-docs-0.10.5-8.el6.x86_64.rpm

    Red Hat Software Collections for RHEL 6 Workstation:

    Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/RHSCL/SRPMS/nodejs010-nodejs-0.10.5-8.el6.src.rpm

    x86_64: nodejs010-nodejs-0.10.5-8.el6.x86_64.rpm nodejs010-nodejs-debuginfo-0.10.5-8.el6.x86_64.rpm nodejs010-nodejs-devel-0.10.5-8.el6.x86_64.rpm nodejs010-nodejs-docs-0.10.5-8.el6.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package

    1. References:

    https://www.redhat.com/security/data/cve/CVE-2013-4450.html https://access.redhat.com/security/updates/classification/#moderate

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)

    iD8DBQFSr0q9XlSAg2UNWIIRAplZAKCNJooZ8mJA2a/ke2+zDonkXBgQMACgjYHJ q5tCftH+wfTRq0Xalgs8iMM= =7XqG -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201310-0437",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "nodejs",
            "version": "0.8.20"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "nodejs",
            "version": "0.10.19"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "nodejs",
            "version": "0.8.22"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "nodejs",
            "version": "0.8.0"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "nodejs",
            "version": "0.8.2"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "nodejs",
            "version": "0.10.18"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "nodejs",
            "version": "0.10.16"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "nodejs",
            "version": "0.8.23"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "nodejs",
            "version": "0.10.15"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.6,
            "vendor": "nodejs",
            "version": "0.8.1"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.8.6"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.8.15"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.10.1"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.10.4"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.10.10"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.8.16"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.10.6"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.8.18"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.10.20"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.8.14"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.10.7"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.8.8"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.8.3"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.8.10"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.10.5"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.10.0"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.10.17"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.10.13"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.8.4"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.10.3"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.8.5"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.8.9"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.8.21"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.10.2"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.10.14"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.8.12"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.8.19"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.8.24"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.8.13"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.10.8"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.10.11"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.10.12"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.8.25"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.8.7"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.8.17"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.8.11"
          },
          {
            "model": "nodejs",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "nodejs",
            "version": "0.10.9"
          },
          {
            "model": "node.js",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "node js",
            "version": "0.10.x"
          },
          {
            "model": "node.js",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "node js",
            "version": "0.10.21"
          },
          {
            "model": "node.js",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "node js",
            "version": "0.8.26"
          },
          {
            "model": "node.js",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "node js",
            "version": "0.8.x"
          },
          {
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "12.3"
          },
          {
            "model": "opensuse",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "s u s e",
            "version": "12.2"
          },
          {
            "model": "northstar controller application",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "2.1.0"
          },
          {
            "model": "node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "joyent",
            "version": "0.10.20"
          },
          {
            "model": "node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "joyent",
            "version": "0.8.25"
          },
          {
            "model": "node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "joyent",
            "version": "0.7.8"
          },
          {
            "model": "node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "joyent",
            "version": "0.7.7"
          },
          {
            "model": "node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "joyent",
            "version": "0.6.16"
          },
          {
            "model": "node.js",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "joyent",
            "version": "0.6.15"
          },
          {
            "model": "northstar controller application service pack",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "juniper",
            "version": "2.1.01"
          },
          {
            "model": "node.js",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "joyent",
            "version": "0.10.21"
          },
          {
            "model": "node.js",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "joyent",
            "version": "0.8.26"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "63229"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-004826"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-4450"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201310-496"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.10.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.14:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.10.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.22:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.10.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.10.14:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.10.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.10.15:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.19:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.10.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.10.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.10.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.10.20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.10.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.10.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.10.18:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.23:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.10.17:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.17:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.21:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.16:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.10.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.15:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.10.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.18:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.24:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.10.16:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.10.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.25:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.10.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.10.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.10.19:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:nodejs:nodejs:0.8.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-4450"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "isaacs",
        "sources": [
          {
            "db": "BID",
            "id": "63229"
          }
        ],
        "trust": 0.3
      },
      "cve": "CVE-2013-4450",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "exploitabilityScore": 10.0,
                "impactScore": 2.9,
                "integrityImpact": "NONE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "MEDIUM",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.0,
                "confidentialityImpact": "None",
                "exploitabilityScore": null,
                "id": "CVE-2013-4450",
                "impactScore": null,
                "integrityImpact": "None",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2013-4450",
                "trust": 1.8,
                "value": "MEDIUM"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201310-496",
                "trust": 0.6,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-004826"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-4450"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201310-496"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The HTTP server in Node.js 0.10.x before 0.10.21 and 0.8.x before 0.8.26 allows remote attackers to cause a denial of service (memory and CPU consumption) by sending a large number of pipelined requests without reading the response. Node.js is prone to a denial-of-service vulnerability. \nRemote attackers can exploit this issue to cause denial-of-service conditions. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Moderate: nodejs010-nodejs security update\nAdvisory ID:       RHSA-2013:1842-01\nProduct:           Red Hat Software Collections\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2013-1842.html\nIssue date:        2013-12-16\nCVE Names:         CVE-2013-4450 \n=====================================================================\n\n1. Summary:\n\nUpdated nodejs010-nodejs packages that fix one security issue are now\navailable for Red Hat Software Collections 1. \n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Software Collections for RHEL 6 Server - x86_64\nRed Hat Software Collections for RHEL 6 Workstation - x86_64\n\n3. Description:\n\nNode.js is a software development platform for building fast and scalable\nnetwork applications in the JavaScript programming language. (CVE-2013-4450)\n\nNode.js is included in Red Hat Software Collections 1.0 as a Technology\nPreview. More information about Red Hat Technology Previews is available\nhere: https://access.redhat.com/support/offerings/techpreview/\n\nAll nodejs010-nodejs users are advised to upgrade to these updated\npackages, which contain a backported patch to correct this issue. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1021170 - CVE-2013-4450 NodeJS: HTTP Pipelining DoS\n\n6. Package List:\n\nRed Hat Software Collections for RHEL 6 Server:\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/RHSCL/SRPMS/nodejs010-nodejs-0.10.5-8.el6.src.rpm\n\nx86_64:\nnodejs010-nodejs-0.10.5-8.el6.x86_64.rpm\nnodejs010-nodejs-debuginfo-0.10.5-8.el6.x86_64.rpm\nnodejs010-nodejs-devel-0.10.5-8.el6.x86_64.rpm\nnodejs010-nodejs-docs-0.10.5-8.el6.x86_64.rpm\n\nRed Hat Software Collections for RHEL 6 Workstation:\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/RHSCL/SRPMS/nodejs010-nodejs-0.10.5-8.el6.src.rpm\n\nx86_64:\nnodejs010-nodejs-0.10.5-8.el6.x86_64.rpm\nnodejs010-nodejs-debuginfo-0.10.5-8.el6.x86_64.rpm\nnodejs010-nodejs-devel-0.10.5-8.el6.x86_64.rpm\nnodejs010-nodejs-docs-0.10.5-8.el6.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-4450.html\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e.  More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFSr0q9XlSAg2UNWIIRAplZAKCNJooZ8mJA2a/ke2+zDonkXBgQMACgjYHJ\nq5tCftH+wfTRq0Xalgs8iMM=\n=7XqG\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2013-4450"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-004826"
          },
          {
            "db": "BID",
            "id": "63229"
          },
          {
            "db": "PACKETSTORM",
            "id": "124472"
          }
        ],
        "trust": 1.98
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2013-4450",
            "trust": 2.8
          },
          {
            "db": "BID",
            "id": "63229",
            "trust": 1.9
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2013/10/20/1",
            "trust": 1.6
          },
          {
            "db": "JUNIPER",
            "id": "JSA10783",
            "trust": 1.3
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-004826",
            "trust": 0.8
          },
          {
            "db": "MLIST",
            "id": "[OSS-SECURITY] 20131019 RE: CVE REQUEST: NODE.JS HTTP PIPELINING DOS",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201310-496",
            "trust": 0.6
          },
          {
            "db": "PACKETSTORM",
            "id": "124472",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "63229"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-004826"
          },
          {
            "db": "PACKETSTORM",
            "id": "124472"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-4450"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201310-496"
          }
        ]
      },
      "id": "VAR-201310-0437",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VARIoT devices database",
            "id": null
          }
        ],
        "trust": 0.55138886
      },
      "last_update_date": "2023-12-18T11:29:32.214000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Bump Node version to one with a fix for CVE-2013-4450, non-specific HTTP DoS.",
            "trust": 0.8,
            "url": "https://github.com/bazbremner/drivebot/commit/3581fd765cf8e046cc86eed1d355345733a200c5"
          },
          {
            "title": "[DoS security vulnerability. Original title redacted]",
            "trust": 0.8,
            "url": "https://github.com/joyent/node/issues/6214"
          },
          {
            "title": "Node v0.8.26 (Maintenance)",
            "trust": 0.8,
            "url": "http://blog.nodejs.org/2013/10/18/node-v0-8-26-maintenance/"
          },
          {
            "title": "Node v0.10.21 (Stable)",
            "trust": 0.8,
            "url": "http://blog.nodejs.org/2013/10/18/node-v0-10-21-stable/"
          },
          {
            "title": "openSUSE-SU-2013:1863",
            "trust": 0.8,
            "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00051.html"
          },
          {
            "title": "Bug 1021170",
            "trust": 0.8,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1021170"
          },
          {
            "title": "RHSA-2013:1842",
            "trust": 0.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2013-1842.html"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-004826"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-20",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-004826"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-4450"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 1.9,
            "url": "http://blog.nodejs.org/2013/10/18/node-v0-10-21-stable/"
          },
          {
            "trust": 1.9,
            "url": "http://blog.nodejs.org/2013/10/18/node-v0-8-26-maintenance/"
          },
          {
            "trust": 1.6,
            "url": "http://www.openwall.com/lists/oss-security/2013/10/20/1"
          },
          {
            "trust": 1.6,
            "url": "http://www.securityfocus.com/bid/63229"
          },
          {
            "trust": 1.6,
            "url": "https://github.com/joyent/node/issues/6214"
          },
          {
            "trust": 1.6,
            "url": "https://github.com/rapid7/metasploit-framework/pull/2548"
          },
          {
            "trust": 1.4,
            "url": "http://rhn.redhat.com/errata/rhsa-2013-1842.html"
          },
          {
            "trust": 1.3,
            "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00051.html"
          },
          {
            "trust": 1.0,
            "url": "https://groups.google.com/forum/#%21topic/nodejs/nebweyb0ei0"
          },
          {
            "trust": 1.0,
            "url": "https://kb.juniper.net/jsa10783"
          },
          {
            "trust": 0.8,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4450"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4450"
          },
          {
            "trust": 0.6,
            "url": "https://groups.google.com/forum/#!topic/nodejs/nebweyb0ei0"
          },
          {
            "trust": 0.3,
            "url": "https://github.com/joyent/node/commit/085dd30e93da67362f044ad1b3b6b2d997064692"
          },
          {
            "trust": 0.3,
            "url": "http://nodejs.org"
          },
          {
            "trust": 0.3,
            "url": "http://seclists.org/oss-sec/2013/q4/134"
          },
          {
            "trust": 0.3,
            "url": "https://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10783\u0026cat=sirt_1\u0026actp=list"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/support/offerings/techpreview/"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/security/data/cve/cve-2013-4450.html"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/key/#package"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/site/articles/11258"
          },
          {
            "trust": 0.1,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-4450"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#moderate"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/contact/"
          }
        ],
        "sources": [
          {
            "db": "BID",
            "id": "63229"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-004826"
          },
          {
            "db": "PACKETSTORM",
            "id": "124472"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-4450"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201310-496"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "BID",
            "id": "63229"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-004826"
          },
          {
            "db": "PACKETSTORM",
            "id": "124472"
          },
          {
            "db": "NVD",
            "id": "CVE-2013-4450"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201310-496"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2013-10-18T00:00:00",
            "db": "BID",
            "id": "63229"
          },
          {
            "date": "2013-10-23T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-004826"
          },
          {
            "date": "2013-12-17T03:38:42",
            "db": "PACKETSTORM",
            "id": "124472"
          },
          {
            "date": "2013-10-21T17:55:03.537000",
            "db": "NVD",
            "id": "CVE-2013-4450"
          },
          {
            "date": "2013-10-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201310-496"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2017-04-18T01:05:00",
            "db": "BID",
            "id": "63229"
          },
          {
            "date": "2014-01-17T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2013-004826"
          },
          {
            "date": "2023-11-07T02:16:17.853000",
            "db": "NVD",
            "id": "CVE-2013-4450"
          },
          {
            "date": "2013-10-22T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201310-496"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "124472"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201310-496"
          }
        ],
        "trust": 0.7
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Node.js of  HTTP Service disruption at the server  (DoS) Vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2013-004826"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201310-496"
          }
        ],
        "trust": 0.6
      }
    }

    CVE-2021-43395 (GCVE-0-2021-43395)

    Vulnerability from nvd – Published: 2022-12-26 00:00 – Updated: 2025-04-14 16:10
    VLAI
    Summary
    An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems. Oracle Solaris 10 and 11 is also affected.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T03:55:28.486Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/illumos/illumos-gate/blob/069654420de4aade43c63c43cd2896e66945fc8a/usr/src/uts/common/fs/tmpfs/tmp_vnops.c"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/illumos/illumos-gate/blob/b3403853e80914bd0aade9b5b605da4878078173/usr/src/uts/common/fs/tmpfs/tmp_dir.c"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.tribblix.org/relnotes.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jgardner100.wordpress.com/2022/01/20/security-heads-up/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://illumos.topicbox.com/groups/developer/T1c9e4f27f8c2f959/security-heads-up-illumos14424"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.illumos.org/issues/14424"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/illumos/illumos-gate/commit/f859e7171bb5db34321e45585839c6c3200ebb90"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://kebe.com/blog/?p=505"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 5.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-43395",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-14T16:09:04.387669Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-667",
                    "description": "CWE-667 Improper Locking",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-14T16:10:08.182Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems. Oracle Solaris 10 and 11 is also affected."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-12-26T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/illumos/illumos-gate/blob/069654420de4aade43c63c43cd2896e66945fc8a/usr/src/uts/common/fs/tmpfs/tmp_vnops.c"
            },
            {
              "url": "https://github.com/illumos/illumos-gate/blob/b3403853e80914bd0aade9b5b605da4878078173/usr/src/uts/common/fs/tmpfs/tmp_dir.c"
            },
            {
              "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
            },
            {
              "url": "http://www.tribblix.org/relnotes.html"
            },
            {
              "url": "https://jgardner100.wordpress.com/2022/01/20/security-heads-up/"
            },
            {
              "url": "https://illumos.topicbox.com/groups/developer/T1c9e4f27f8c2f959/security-heads-up-illumos14424"
            },
            {
              "url": "https://www.illumos.org/issues/14424"
            },
            {
              "url": "https://github.com/illumos/illumos-gate/commit/f859e7171bb5db34321e45585839c6c3200ebb90"
            },
            {
              "url": "https://kebe.com/blog/?p=505"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-43395",
        "datePublished": "2022-12-26T00:00:00.000Z",
        "dateReserved": "2021-11-04T00:00:00.000Z",
        "dateUpdated": "2025-04-14T16:10:08.182Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-27678 (GCVE-0-2020-27678)

    Vulnerability from nvd – Published: 2020-10-23 20:25 – Updated: 2024-08-04 16:18
    VLAI
    Summary
    An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. There is a buffer overflow in parse_user_name in lib/libpam/pam_framework.c.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T16:18:45.659Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/illumos/illumos-gate/commit/1d276e0b382cf066dae93640746d8b4c54d15452"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. There is a buffer overflow in parse_user_name in lib/libpam/pam_framework.c."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-10-23T20:25:17.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/illumos/illumos-gate/commit/1d276e0b382cf066dae93640746d8b4c54d15452"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-27678",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. There is a buffer overflow in parse_user_name in lib/libpam/pam_framework.c."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/illumos/illumos-gate/commit/1d276e0b382cf066dae93640746d8b4c54d15452",
                  "refsource": "MISC",
                  "url": "https://github.com/illumos/illumos-gate/commit/1d276e0b382cf066dae93640746d8b4c54d15452"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-27678",
        "datePublished": "2020-10-23T20:25:17.000Z",
        "dateReserved": "2020-10-23T00:00:00.000Z",
        "dateUpdated": "2024-08-04T16:18:45.659Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-7712 (GCVE-0-2020-7712)

    Vulnerability from nvd – Published: 2020-08-30 07:15 – Updated: 2024-09-17 02:46
    VLAI
    Title
    Command Injection
    Summary
    This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function.
    CWE
    • Command Injection
    Assigner
    References
    URL Tags
    https://snyk.io/vuln/SNYK-JS-JSON-597481 x_refsource_MISC
    https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-608931 x_refsource_MISC
    https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-608932 x_refsource_MISC
    https://github.com/trentm/json/issues/144 x_refsource_MISC
    https://github.com/trentm/json/pull/145 x_refsource_MISC
    https://lists.apache.org/thread.html/r8d2e174230f… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/rd9b9cc843f5… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/ree3abcd33c0… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/rb023d54a46d… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/rb2b98191244… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/r9c6d28e5b9a… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/r977a907ecbe… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/r5f17bfca1d6… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/ra890c24b3d9… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/rba7ea4d75d6… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/rb89bd82dffe… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/rec8bb4d637b… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/r37c0e1807da… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/r3b04f4e99a1… mailing-listx_refsource_MLIST
    https://www.oracle.com//security-alerts/cpujul2021.html x_refsource_MISC
    https://www.oracle.com/security-alerts/cpujan2022.html x_refsource_MISC
    https://www.oracle.com/security-alerts/cpujul2022.html x_refsource_MISC
    Impacted products
    Vendor Product Version
    n/a json Affected: unspecified , < 10.0.0 (custom)
    Date Public
    2020-08-30 00:00
    Credits
    po6ix
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T09:41:00.874Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://snyk.io/vuln/SNYK-JS-JSON-597481"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-608931"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-608932"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/trentm/json/issues/144"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/trentm/json/pull/145"
              },
              {
                "name": "[zookeeper-dev] 20200913 [jira] [Created] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/r8d2e174230f6d26e16c007546e804c343f1f68956f526daaafa4aaae%40%3Cdev.zookeeper.apache.org%3E"
              },
              {
                "name": "[zookeeper-issues] 20200913 [jira] [Created] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/rd9b9cc843f5cf5b532bdad9e87a817967efcf52b917e8c43b6df4cc7%40%3Cissues.zookeeper.apache.org%3E"
              },
              {
                "name": "[zookeeper-issues] 20200913 [jira] [Resolved] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/ree3abcd33c06ee95ab59faa1751198a1186d8941ddc2c2562c12966c%40%3Cissues.zookeeper.apache.org%3E"
              },
              {
                "name": "[zookeeper-issues] 20200930 [jira] [Comment Edited] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/rb023d54a46da1ac0d8969097f5fecc79636b07d3b80db7b818a5c55c%40%3Cissues.zookeeper.apache.org%3E"
              },
              {
                "name": "[zookeeper-issues] 20200930 [jira] [Commented] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/rb2b981912446a74e14fe6076c4b7c7d8502727ea0718e6a65a9b1be5%40%3Cissues.zookeeper.apache.org%3E"
              },
              {
                "name": "[flink-dev] 20200930 [jira] [Created] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/r9c6d28e5b9a9b3481b7d1f90f1c2f75cd1a5ade91038426e0fb095da%40%3Cdev.flink.apache.org%3E"
              },
              {
                "name": "[flink-issues] 20200930 [jira] [Created] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/r977a907ecbedf87ae5ba47d4c77639efb120f74d4d1b3de14a4ef4da%40%3Cissues.flink.apache.org%3E"
              },
              {
                "name": "[zookeeper-issues] 20200930 [jira] [Issue Comment Deleted] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/r5f17bfca1d6e7f4b33ae978725b2fd62a9f1b3111696eafa9add802d%40%3Cissues.zookeeper.apache.org%3E"
              },
              {
                "name": "[flink-issues] 20200930 [jira] [Commented] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/ra890c24b3d90be36daf48ae76b263acb297003db24c1122f8e4aaef2%40%3Cissues.flink.apache.org%3E"
              },
              {
                "name": "[flink-issues] 20200930 [jira] [Updated] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/rba7ea4d75d6a8e5b935991d960d9b893fd30e576c4d3b531084ebd7d%40%3Cissues.flink.apache.org%3E"
              },
              {
                "name": "[flink-issues] 20201014 [jira] [Closed] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/rb89bd82dffec49f83b49e9ad625b1b63a408b3c7d1a60d6f049142a0%40%3Cissues.flink.apache.org%3E"
              },
              {
                "name": "[zookeeper-issues] 20210106 [jira] [Updated] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/rec8bb4d637b04575da41cfae49118e108e95d43bfac39b7b698ee4db%40%3Cissues.zookeeper.apache.org%3E"
              },
              {
                "name": "[zookeeper-issues] 20210404 [jira] [Updated] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/r37c0e1807da7ff2bdd028bbe296465a6bbb99e2320dbe661d5d8b33b%40%3Cissues.zookeeper.apache.org%3E"
              },
              {
                "name": "[zookeeper-issues] 20210404 [jira] [Assigned] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/r3b04f4e99a19613f88ae088aa18cd271231a3c79dfff8f5efa8cda61%40%3Cissues.zookeeper.apache.org%3E"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "json",
              "vendor": "n/a",
              "versions": [
                {
                  "lessThan": "10.0.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "po6ix"
            }
          ],
          "datePublic": "2020-08-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-07-25T16:23:56.000Z",
            "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
            "shortName": "snyk"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://snyk.io/vuln/SNYK-JS-JSON-597481"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-608931"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-608932"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/trentm/json/issues/144"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/trentm/json/pull/145"
            },
            {
              "name": "[zookeeper-dev] 20200913 [jira] [Created] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/r8d2e174230f6d26e16c007546e804c343f1f68956f526daaafa4aaae%40%3Cdev.zookeeper.apache.org%3E"
            },
            {
              "name": "[zookeeper-issues] 20200913 [jira] [Created] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/rd9b9cc843f5cf5b532bdad9e87a817967efcf52b917e8c43b6df4cc7%40%3Cissues.zookeeper.apache.org%3E"
            },
            {
              "name": "[zookeeper-issues] 20200913 [jira] [Resolved] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/ree3abcd33c06ee95ab59faa1751198a1186d8941ddc2c2562c12966c%40%3Cissues.zookeeper.apache.org%3E"
            },
            {
              "name": "[zookeeper-issues] 20200930 [jira] [Comment Edited] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/rb023d54a46da1ac0d8969097f5fecc79636b07d3b80db7b818a5c55c%40%3Cissues.zookeeper.apache.org%3E"
            },
            {
              "name": "[zookeeper-issues] 20200930 [jira] [Commented] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/rb2b981912446a74e14fe6076c4b7c7d8502727ea0718e6a65a9b1be5%40%3Cissues.zookeeper.apache.org%3E"
            },
            {
              "name": "[flink-dev] 20200930 [jira] [Created] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/r9c6d28e5b9a9b3481b7d1f90f1c2f75cd1a5ade91038426e0fb095da%40%3Cdev.flink.apache.org%3E"
            },
            {
              "name": "[flink-issues] 20200930 [jira] [Created] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/r977a907ecbedf87ae5ba47d4c77639efb120f74d4d1b3de14a4ef4da%40%3Cissues.flink.apache.org%3E"
            },
            {
              "name": "[zookeeper-issues] 20200930 [jira] [Issue Comment Deleted] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/r5f17bfca1d6e7f4b33ae978725b2fd62a9f1b3111696eafa9add802d%40%3Cissues.zookeeper.apache.org%3E"
            },
            {
              "name": "[flink-issues] 20200930 [jira] [Commented] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/ra890c24b3d90be36daf48ae76b263acb297003db24c1122f8e4aaef2%40%3Cissues.flink.apache.org%3E"
            },
            {
              "name": "[flink-issues] 20200930 [jira] [Updated] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/rba7ea4d75d6a8e5b935991d960d9b893fd30e576c4d3b531084ebd7d%40%3Cissues.flink.apache.org%3E"
            },
            {
              "name": "[flink-issues] 20201014 [jira] [Closed] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/rb89bd82dffec49f83b49e9ad625b1b63a408b3c7d1a60d6f049142a0%40%3Cissues.flink.apache.org%3E"
            },
            {
              "name": "[zookeeper-issues] 20210106 [jira] [Updated] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/rec8bb4d637b04575da41cfae49118e108e95d43bfac39b7b698ee4db%40%3Cissues.zookeeper.apache.org%3E"
            },
            {
              "name": "[zookeeper-issues] 20210404 [jira] [Updated] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/r37c0e1807da7ff2bdd028bbe296465a6bbb99e2320dbe661d5d8b33b%40%3Cissues.zookeeper.apache.org%3E"
            },
            {
              "name": "[zookeeper-issues] 20210404 [jira] [Assigned] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/r3b04f4e99a19613f88ae088aa18cd271231a3c79dfff8f5efa8cda61%40%3Cissues.zookeeper.apache.org%3E"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
            }
          ],
          "title": "Command Injection",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "report@snyk.io",
              "DATE_PUBLIC": "2020-08-30T07:13:25.668015Z",
              "ID": "CVE-2020-7712",
              "STATE": "PUBLIC",
              "TITLE": "Command Injection"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "json",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "10.0.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "po6ix"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Command Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://snyk.io/vuln/SNYK-JS-JSON-597481",
                  "refsource": "MISC",
                  "url": "https://snyk.io/vuln/SNYK-JS-JSON-597481"
                },
                {
                  "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-608931",
                  "refsource": "MISC",
                  "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-608931"
                },
                {
                  "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-608932",
                  "refsource": "MISC",
                  "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-608932"
                },
                {
                  "name": "https://github.com/trentm/json/issues/144",
                  "refsource": "MISC",
                  "url": "https://github.com/trentm/json/issues/144"
                },
                {
                  "name": "https://github.com/trentm/json/pull/145",
                  "refsource": "MISC",
                  "url": "https://github.com/trentm/json/pull/145"
                },
                {
                  "name": "[zookeeper-dev] 20200913 [jira] [Created] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/r8d2e174230f6d26e16c007546e804c343f1f68956f526daaafa4aaae@%3Cdev.zookeeper.apache.org%3E"
                },
                {
                  "name": "[zookeeper-issues] 20200913 [jira] [Created] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/rd9b9cc843f5cf5b532bdad9e87a817967efcf52b917e8c43b6df4cc7@%3Cissues.zookeeper.apache.org%3E"
                },
                {
                  "name": "[zookeeper-issues] 20200913 [jira] [Resolved] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/ree3abcd33c06ee95ab59faa1751198a1186d8941ddc2c2562c12966c@%3Cissues.zookeeper.apache.org%3E"
                },
                {
                  "name": "[zookeeper-issues] 20200930 [jira] [Comment Edited] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/rb023d54a46da1ac0d8969097f5fecc79636b07d3b80db7b818a5c55c@%3Cissues.zookeeper.apache.org%3E"
                },
                {
                  "name": "[zookeeper-issues] 20200930 [jira] [Commented] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/rb2b981912446a74e14fe6076c4b7c7d8502727ea0718e6a65a9b1be5@%3Cissues.zookeeper.apache.org%3E"
                },
                {
                  "name": "[flink-dev] 20200930 [jira] [Created] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/r9c6d28e5b9a9b3481b7d1f90f1c2f75cd1a5ade91038426e0fb095da@%3Cdev.flink.apache.org%3E"
                },
                {
                  "name": "[flink-issues] 20200930 [jira] [Created] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/r977a907ecbedf87ae5ba47d4c77639efb120f74d4d1b3de14a4ef4da@%3Cissues.flink.apache.org%3E"
                },
                {
                  "name": "[zookeeper-issues] 20200930 [jira] [Issue Comment Deleted] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/r5f17bfca1d6e7f4b33ae978725b2fd62a9f1b3111696eafa9add802d@%3Cissues.zookeeper.apache.org%3E"
                },
                {
                  "name": "[flink-issues] 20200930 [jira] [Commented] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/ra890c24b3d90be36daf48ae76b263acb297003db24c1122f8e4aaef2@%3Cissues.flink.apache.org%3E"
                },
                {
                  "name": "[flink-issues] 20200930 [jira] [Updated] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/rba7ea4d75d6a8e5b935991d960d9b893fd30e576c4d3b531084ebd7d@%3Cissues.flink.apache.org%3E"
                },
                {
                  "name": "[flink-issues] 20201014 [jira] [Closed] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/rb89bd82dffec49f83b49e9ad625b1b63a408b3c7d1a60d6f049142a0@%3Cissues.flink.apache.org%3E"
                },
                {
                  "name": "[zookeeper-issues] 20210106 [jira] [Updated] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/rec8bb4d637b04575da41cfae49118e108e95d43bfac39b7b698ee4db@%3Cissues.zookeeper.apache.org%3E"
                },
                {
                  "name": "[zookeeper-issues] 20210404 [jira] [Updated] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/r37c0e1807da7ff2bdd028bbe296465a6bbb99e2320dbe661d5d8b33b@%3Cissues.zookeeper.apache.org%3E"
                },
                {
                  "name": "[zookeeper-issues] 20210404 [jira] [Assigned] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/r3b04f4e99a19613f88ae088aa18cd271231a3c79dfff8f5efa8cda61@%3Cissues.zookeeper.apache.org%3E"
                },
                {
                  "name": "https://www.oracle.com//security-alerts/cpujul2021.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
                },
                {
                  "name": "https://www.oracle.com/security-alerts/cpujan2022.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
                },
                {
                  "name": "https://www.oracle.com/security-alerts/cpujul2022.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
        "assignerShortName": "snyk",
        "cveId": "CVE-2020-7712",
        "datePublished": "2020-08-30T07:15:16.008Z",
        "dateReserved": "2020-01-21T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:46:56.982Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-9040 (GCVE-0-2016-9040)

    Vulnerability from nvd – Published: 2018-09-07 12:00 – Updated: 2024-09-16 22:19
    VLAI
    Summary
    An exploitable denial of service exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when used with a 32 bit model. An attacker can cause a buffer to be allocated and never freed. When repeatedly exploit this will result in memory exhaustion, resulting in a full system denial of service.
    CWE
    • denial of service
    Assigner
    References
    Impacted products
    Vendor Product Version
    Joyent SmartOS Affected: 20161110T013148Z
    Create a notification for this product.
    Date Public
    2016-12-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:42:09.935Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0258"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SmartOS",
              "vendor": "Joyent",
              "versions": [
                {
                  "status": "affected",
                  "version": "20161110T013148Z"
                }
              ]
            }
          ],
          "datePublic": "2016-12-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An exploitable denial of service exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when used with a 32 bit model. An attacker can cause a buffer to be allocated and never freed. When repeatedly exploit this will result in memory exhaustion, resulting in a full system denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "denial of service",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T19:17:21.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0258"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "talos-cna@cisco.com",
              "DATE_PUBLIC": "2016-12-12T00:00:00",
              "ID": "CVE-2016-9040",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "SmartOS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "20161110T013148Z"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Joyent"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An exploitable denial of service exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when used with a 32 bit model. An attacker can cause a buffer to be allocated and never freed. When repeatedly exploit this will result in memory exhaustion, resulting in a full system denial of service."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 6.2,
                "baseSeverity": "Medium",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "denial of service"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0258",
                  "refsource": "MISC",
                  "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0258"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2016-9040",
        "datePublished": "2018-09-07T12:00:00.000Z",
        "dateReserved": "2016-10-26T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:19:52.247Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-3737 (GCVE-0-2018-3737)

    Vulnerability from nvd – Published: 2018-06-07 02:00 – Updated: 2024-09-17 03:42
    VLAI
    Summary
    sshpk is vulnerable to ReDoS when parsing crafted invalid public keys.
    Severity
    No CVSS data available.
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling (CWE-770)
    Assigner
    References
    URL Tags
    https://hackerone.com/reports/319593 x_refsource_MISC
    Impacted products
    Vendor Product Version
    HackerOne sshpk node module Affected: Versions up to and including 1.13.1
    Create a notification for this product.
    Date Public
    2018-04-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T04:50:30.537Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://hackerone.com/reports/319593"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "sshpk node module",
              "vendor": "HackerOne",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions up to and including 1.13.1"
                }
              ]
            }
          ],
          "datePublic": "2018-04-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "sshpk is vulnerable to ReDoS when parsing crafted invalid public keys."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "Allocation of Resources Without Limits or Throttling (CWE-770)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-06-07T01:57:01.000Z",
            "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
            "shortName": "hackerone"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://hackerone.com/reports/319593"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "support@hackerone.com",
              "DATE_PUBLIC": "2018-04-26T00:00:00",
              "ID": "CVE-2018-3737",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "sshpk node module",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions up to and including 1.13.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "HackerOne"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "sshpk is vulnerable to ReDoS when parsing crafted invalid public keys."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Allocation of Resources Without Limits or Throttling (CWE-770)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://hackerone.com/reports/319593",
                  "refsource": "MISC",
                  "url": "https://hackerone.com/reports/319593"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "assignerShortName": "hackerone",
        "cveId": "CVE-2018-3737",
        "datePublished": "2018-06-07T02:00:00.000Z",
        "dateReserved": "2017-12-28T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:42:53.453Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-16005 (GCVE-0-2017-16005)

    Vulnerability from nvd – Published: 2018-06-04 19:00 – Updated: 2024-09-16 19:19
    VLAI
    Summary
    Http-signature is a "Reference implementation of Joyent's HTTP Signature Scheme". In versions <=0.9.11, http-signature signs only the header values, but not the header names. This makes http-signature vulnerable to header forgery. Thus, if an attacker can intercept a request, he can swap header names and change the meaning of the request without changing the signature.
    Severity
    No CVSS data available.
    CWE
    • CWE-20 - Improper Input Validation (CWE-20)
    Assigner
    References
    Impacted products
    Date Public
    2018-04-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:13:06.813Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/joyent/node-http-signature/issues/10"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://nodesecurity.io/advisories/318"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "http-signature node module",
              "vendor": "HackerOne",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c=0.9.11"
                }
              ]
            }
          ],
          "datePublic": "2018-04-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Http-signature is a \"Reference implementation of Joyent\u0027s HTTP Signature Scheme\". In versions \u003c=0.9.11, http-signature signs only the header values, but not the header names. This makes http-signature vulnerable to header forgery. Thus, if an attacker can intercept a request, he can swap header names and change the meaning of the request without changing the signature."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "Improper Input Validation (CWE-20)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-06-04T18:57:01.000Z",
            "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
            "shortName": "hackerone"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/joyent/node-http-signature/issues/10"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://nodesecurity.io/advisories/318"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "support@hackerone.com",
              "DATE_PUBLIC": "2018-04-26T00:00:00",
              "ID": "CVE-2017-16005",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "http-signature node module",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u003c=0.9.11"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "HackerOne"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Http-signature is a \"Reference implementation of Joyent\u0027s HTTP Signature Scheme\". In versions \u003c=0.9.11, http-signature signs only the header values, but not the header names. This makes http-signature vulnerable to header forgery. Thus, if an attacker can intercept a request, he can swap header names and change the meaning of the request without changing the signature."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Input Validation (CWE-20)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/joyent/node-http-signature/issues/10",
                  "refsource": "MISC",
                  "url": "https://github.com/joyent/node-http-signature/issues/10"
                },
                {
                  "name": "https://nodesecurity.io/advisories/318",
                  "refsource": "MISC",
                  "url": "https://nodesecurity.io/advisories/318"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "assignerShortName": "hackerone",
        "cveId": "CVE-2017-16005",
        "datePublished": "2018-06-04T19:00:00.000Z",
        "dateReserved": "2017-10-29T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:19:33.991Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-1171 (GCVE-0-2018-1171)

    Vulnerability from nvd – Published: 2018-03-19 18:00 – Updated: 2024-08-05 03:51
    VLAI
    Summary
    This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DTrace DOF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code under the context of the host OS. Was ZDI-CAN-5106.
    Severity
    No CVSS data available.
    CWE
    Assigner
    zdi
    Impacted products
    Vendor Product Version
    Joyent Joyent SmartOS Affected: release-20170803-20170803T064301Z
    Create a notification for this product.
    Date Public
    2017-03-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:51:49.003Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://help.joyent.com/hc/en-us/articles/360000608188"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
              },
              {
                "name": "1041303",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1041303"
              },
              {
                "name": "104799",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/104799"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://zerodayinitiative.com/advisories/ZDI-18-236"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Joyent SmartOS",
              "vendor": "Joyent",
              "versions": [
                {
                  "status": "affected",
                  "version": "release-20170803-20170803T064301Z"
                }
              ]
            }
          ],
          "datePublic": "2017-03-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DTrace DOF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code under the context of the host OS. Was ZDI-CAN-5106."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787-Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-07-27T09:57:01.000Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://help.joyent.com/hc/en-us/articles/360000608188"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
            },
            {
              "name": "1041303",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1041303"
            },
            {
              "name": "104799",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/104799"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://zerodayinitiative.com/advisories/ZDI-18-236"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "zdi-disclosures@trendmicro.com",
              "ID": "CVE-2018-1171",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Joyent SmartOS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "release-20170803-20170803T064301Z"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Joyent"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DTrace DOF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code under the context of the host OS. Was ZDI-CAN-5106."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-787-Out-of-bounds Write"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://help.joyent.com/hc/en-us/articles/360000608188",
                  "refsource": "CONFIRM",
                  "url": "https://help.joyent.com/hc/en-us/articles/360000608188"
                },
                {
                  "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
                },
                {
                  "name": "1041303",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1041303"
                },
                {
                  "name": "104799",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/104799"
                },
                {
                  "name": "https://zerodayinitiative.com/advisories/ZDI-18-236",
                  "refsource": "MISC",
                  "url": "https://zerodayinitiative.com/advisories/ZDI-18-236"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2018-1171",
        "datePublished": "2018-03-19T18:00:00.000Z",
        "dateReserved": "2017-12-05T00:00:00.000Z",
        "dateUpdated": "2024-08-05T03:51:49.003Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-1166 (GCVE-0-2018-1166)

    Vulnerability from nvd – Published: 2018-02-21 14:00 – Updated: 2024-08-05 03:51
    VLAI
    Summary
    This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SMBIOC_TREE_RELE ioctl. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the host OS. Was ZDI-CAN-4984.
    Severity
    No CVSS data available.
    CWE
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    Joyent Joyent SmartOS Affected: release-20170803-20170803T064301Z
    Create a notification for this product.
    Date Public
    2018-01-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:51:48.929Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://help.joyent.com/hc/en-us/articles/360000124928"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://zerodayinitiative.com/advisories/ZDI-18-159"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Joyent SmartOS",
              "vendor": "Joyent",
              "versions": [
                {
                  "status": "affected",
                  "version": "release-20170803-20170803T064301Z"
                }
              ]
            }
          ],
          "datePublic": "2018-01-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SMBIOC_TREE_RELE ioctl. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the host OS. Was ZDI-CAN-4984."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416-Use After Free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-21T13:57:01.000Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://help.joyent.com/hc/en-us/articles/360000124928"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://zerodayinitiative.com/advisories/ZDI-18-159"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "zdi-disclosures@trendmicro.com",
              "ID": "CVE-2018-1166",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Joyent SmartOS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "release-20170803-20170803T064301Z"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Joyent"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SMBIOC_TREE_RELE ioctl. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the host OS. Was ZDI-CAN-4984."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-416-Use After Free"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://help.joyent.com/hc/en-us/articles/360000124928",
                  "refsource": "CONFIRM",
                  "url": "https://help.joyent.com/hc/en-us/articles/360000124928"
                },
                {
                  "name": "https://zerodayinitiative.com/advisories/ZDI-18-159",
                  "refsource": "MISC",
                  "url": "https://zerodayinitiative.com/advisories/ZDI-18-159"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2018-1166",
        "datePublished": "2018-02-21T14:00:00.000Z",
        "dateReserved": "2017-12-05T00:00:00.000Z",
        "dateUpdated": "2024-08-05T03:51:48.929Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-1165 (GCVE-0-2018-1165)

    Vulnerability from nvd – Published: 2018-02-21 14:00 – Updated: 2024-08-05 03:51
    VLAI
    Summary
    This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SMB_IOC_SVCENUM IOCTL. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the host OS. Was ZDI-CAN-4983.
    Severity
    No CVSS data available.
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    zdi
    Impacted products
    Vendor Product Version
    Joyent Joyent SmartOS Affected: release-20170803-20170803T064301Z
    Create a notification for this product.
    Date Public
    2018-01-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:51:48.985Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://help.joyent.com/hc/en-us/articles/360000124928"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://zerodayinitiative.com/advisories/ZDI-18-158"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Joyent SmartOS",
              "vendor": "Joyent",
              "versions": [
                {
                  "status": "affected",
                  "version": "release-20170803-20170803T064301Z"
                }
              ]
            }
          ],
          "datePublic": "2018-01-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SMB_IOC_SVCENUM IOCTL. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the host OS. Was ZDI-CAN-4983."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122-Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-04-15T21:06:45.000Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://help.joyent.com/hc/en-us/articles/360000124928"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://zerodayinitiative.com/advisories/ZDI-18-158"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "zdi-disclosures@trendmicro.com",
              "ID": "CVE-2018-1165",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Joyent SmartOS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "release-20170803-20170803T064301Z"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Joyent"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SMB_IOC_SVCENUM IOCTL. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the host OS. Was ZDI-CAN-4983."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-122-Heap-based Buffer Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://help.joyent.com/hc/en-us/articles/360000124928",
                  "refsource": "CONFIRM",
                  "url": "https://help.joyent.com/hc/en-us/articles/360000124928"
                },
                {
                  "name": "https://zerodayinitiative.com/advisories/ZDI-18-158",
                  "refsource": "MISC",
                  "url": "https://zerodayinitiative.com/advisories/ZDI-18-158"
                },
                {
                  "name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2018-1165",
        "datePublished": "2018-02-21T14:00:00.000Z",
        "dateReserved": "2017-12-05T00:00:00.000Z",
        "dateUpdated": "2024-08-05T03:51:48.985Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-10940 (GCVE-0-2017-10940)

    Vulnerability from nvd – Published: 2017-10-31 19:00 – Updated: 2024-08-05 17:50
    VLAI
    Summary
    This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center prior to agentsshar@1.0.0-release-20160901-20160901T051624Z-g3fd5adf (e469cf49-4de3-4658-8419-ab42837916ad). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the docker API. The process does not properly validate user-supplied data which can allow for the upload of arbitrary files. An attacker can leverage this vulnerability to execute arbitrary code under the context of root. Was ZDI-CAN-3853.
    Severity
    No CVSS data available.
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    Joyent Joyent Smart Data Center Affected: prior to agentsshar@1.0.0-release-20160901-20160901T051624Z-g3fd5adf (e469cf49-4de3-4658-8419-ab42837916ad)
    Create a notification for this product.
    Date Public
    2017-10-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T17:50:12.720Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://zerodayinitiative.com/advisories/ZDI-17-453"
              },
              {
                "name": "99510",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/99510"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://help.joyent.com/hc/en-us/articles/115009649927-Security-Advisory-ZDI-CAN-3853-Docker-File-Overwrite-Vulnerability"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Joyent Smart Data Center",
              "vendor": "Joyent",
              "versions": [
                {
                  "status": "affected",
                  "version": "prior to agentsshar@1.0.0-release-20160901-20160901T051624Z-g3fd5adf (e469cf49-4de3-4658-8419-ab42837916ad)"
                }
              ]
            }
          ],
          "datePublic": "2017-10-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center prior to agentsshar@1.0.0-release-20160901-20160901T051624Z-g3fd5adf (e469cf49-4de3-4658-8419-ab42837916ad). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the docker API. The process does not properly validate user-supplied data which can allow for the upload of arbitrary files. An attacker can leverage this vulnerability to execute arbitrary code under the context of root. Was ZDI-CAN-3853."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22-Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-11-01T09:57:01.000Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://zerodayinitiative.com/advisories/ZDI-17-453"
            },
            {
              "name": "99510",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/99510"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://help.joyent.com/hc/en-us/articles/115009649927-Security-Advisory-ZDI-CAN-3853-Docker-File-Overwrite-Vulnerability"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "zdi-disclosures@trendmicro.com",
              "ID": "CVE-2017-10940",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Joyent Smart Data Center",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "prior to agentsshar@1.0.0-release-20160901-20160901T051624Z-g3fd5adf (e469cf49-4de3-4658-8419-ab42837916ad)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Joyent"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center prior to agentsshar@1.0.0-release-20160901-20160901T051624Z-g3fd5adf (e469cf49-4de3-4658-8419-ab42837916ad). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the docker API. The process does not properly validate user-supplied data which can allow for the upload of arbitrary files. An attacker can leverage this vulnerability to execute arbitrary code under the context of root. Was ZDI-CAN-3853."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-22-Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://zerodayinitiative.com/advisories/ZDI-17-453",
                  "refsource": "MISC",
                  "url": "https://zerodayinitiative.com/advisories/ZDI-17-453"
                },
                {
                  "name": "99510",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/99510"
                },
                {
                  "name": "https://help.joyent.com/hc/en-us/articles/115009649927-Security-Advisory-ZDI-CAN-3853-Docker-File-Overwrite-Vulnerability",
                  "refsource": "CONFIRM",
                  "url": "https://help.joyent.com/hc/en-us/articles/115009649927-Security-Advisory-ZDI-CAN-3853-Docker-File-Overwrite-Vulnerability"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2017-10940",
        "datePublished": "2017-10-31T19:00:00.000Z",
        "dateReserved": "2017-07-05T00:00:00.000Z",
        "dateUpdated": "2024-08-05T17:50:12.720Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-9039 (GCVE-0-2016-9039)

    Vulnerability from nvd – Published: 2017-01-31 21:00 – Updated: 2024-08-06 02:42
    VLAI
    Summary
    An exploitable denial of service exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES. An attacker can cause a buffer to be allocated and never freed. When repeatedly exploited this will result in memory exhaustion, resulting in a full system denial of service.
    CWE
    • remote code execution
    Assigner
    References
    Impacted products
    Vendor Product Version
    Joyent SmartOS Affected: OS 20161110T013148Z
    Create a notification for this product.
    Date Public
    2016-12-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:42:09.806Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "95916",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/95916"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.talosintelligence.com/reports/TALOS-2016-0257/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SmartOS",
              "vendor": "Joyent",
              "versions": [
                {
                  "status": "affected",
                  "version": "OS 20161110T013148Z"
                }
              ]
            }
          ],
          "datePublic": "2016-12-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An exploitable denial of service exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES. An attacker can cause a buffer to be allocated and never freed. When repeatedly exploited this will result in memory exhaustion, resulting in a full system denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "remote code execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T19:17:20.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "name": "95916",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/95916"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.talosintelligence.com/reports/TALOS-2016-0257/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "talos-cna@cisco.com",
              "ID": "CVE-2016-9039",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "SmartOS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "OS 20161110T013148Z"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Joyent"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An exploitable denial of service exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES. An attacker can cause a buffer to be allocated and never freed. When repeatedly exploited this will result in memory exhaustion, resulting in a full system denial of service."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 6.2,
                "baseSeverity": "Medium",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "remote code execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "95916",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/95916"
                },
                {
                  "name": "http://www.talosintelligence.com/reports/TALOS-2016-0257/",
                  "refsource": "MISC",
                  "url": "http://www.talosintelligence.com/reports/TALOS-2016-0257/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2016-9039",
        "datePublished": "2017-01-31T21:00:00.000Z",
        "dateReserved": "2016-10-26T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:42:09.806Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-9035 (GCVE-0-2016-9035)

    Vulnerability from nvd – Published: 2016-12-14 17:00 – Updated: 2024-08-06 02:42
    VLAI
    Summary
    An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with native file systems. An attacker can craft an input that can cause a buffer overflow in the path variable leading to an out of bounds memory access and could result in potential privilege escalation. This vulnerability is distinct from CVE-2016-9033.
    CWE
    • buffer overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Joyent SmartOS Affected: OS 20161110T013148Z
    Create a notification for this product.
    Date Public
    2016-12-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:42:09.422Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94926",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94926"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.talosintelligence.com/reports/TALOS-2016-0253/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SmartOS",
              "vendor": "Joyent",
              "versions": [
                {
                  "status": "affected",
                  "version": "OS 20161110T013148Z"
                }
              ]
            }
          ],
          "datePublic": "2016-12-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with native file systems. An attacker can craft an input that can cause a buffer overflow in the path variable leading to an out of bounds memory access and could result in potential privilege escalation. This vulnerability is distinct from CVE-2016-9033."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "buffer overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T19:17:15.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "name": "94926",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94926"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.talosintelligence.com/reports/TALOS-2016-0253/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "talos-cna@cisco.com",
              "ID": "CVE-2016-9035",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "SmartOS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "OS 20161110T013148Z"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Joyent"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with native file systems. An attacker can craft an input that can cause a buffer overflow in the path variable leading to an out of bounds memory access and could result in potential privilege escalation. This vulnerability is distinct from CVE-2016-9033."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 7,
                "baseSeverity": "High",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "buffer overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94926",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94926"
                },
                {
                  "name": "http://www.talosintelligence.com/reports/TALOS-2016-0253/",
                  "refsource": "MISC",
                  "url": "http://www.talosintelligence.com/reports/TALOS-2016-0253/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2016-9035",
        "datePublished": "2016-12-14T17:00:00.000Z",
        "dateReserved": "2016-10-26T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:42:09.422Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-9034 (GCVE-0-2016-9034)

    Vulnerability from nvd – Published: 2016-12-14 17:00 – Updated: 2024-08-06 02:42
    VLAI
    Summary
    An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with 32-bit file systems. An attacker can craft an input that can cause a buffer overflow in the nm variable leading to an out of bounds memory access and could result in potential privilege escalation. This vulnerability is distinct from CVE-2016-9032.
    CWE
    • buffer overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Joyent SmartOS Affected: OS 20161110T013148Z
    Create a notification for this product.
    Date Public
    2016-12-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:42:09.764Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94930",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94930"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.talosintelligence.com/reports/TALOS-2016-0252/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SmartOS",
              "vendor": "Joyent",
              "versions": [
                {
                  "status": "affected",
                  "version": "OS 20161110T013148Z"
                }
              ]
            }
          ],
          "datePublic": "2016-12-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with 32-bit file systems. An attacker can craft an input that can cause a buffer overflow in the nm variable leading to an out of bounds memory access and could result in potential privilege escalation. This vulnerability is distinct from CVE-2016-9032."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "buffer overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T19:17:14.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "name": "94930",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94930"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.talosintelligence.com/reports/TALOS-2016-0252/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "talos-cna@cisco.com",
              "ID": "CVE-2016-9034",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "SmartOS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "OS 20161110T013148Z"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Joyent"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with 32-bit file systems. An attacker can craft an input that can cause a buffer overflow in the nm variable leading to an out of bounds memory access and could result in potential privilege escalation. This vulnerability is distinct from CVE-2016-9032."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 7,
                "baseSeverity": "High",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "buffer overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94930",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94930"
                },
                {
                  "name": "http://www.talosintelligence.com/reports/TALOS-2016-0252/",
                  "refsource": "MISC",
                  "url": "http://www.talosintelligence.com/reports/TALOS-2016-0252/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2016-9034",
        "datePublished": "2016-12-14T17:00:00.000Z",
        "dateReserved": "2016-10-26T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:42:09.764Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-9033 (GCVE-0-2016-9033)

    Vulnerability from nvd – Published: 2016-12-14 17:00 – Updated: 2024-08-06 02:42
    VLAI
    Summary
    An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with native file systems. An attacker can craft an input that can cause a buffer overflow in the path variable leading to an out of bounds memory access and could result in potential privilege escalation. This vulnerability is distinct from CVE-2016-9035.
    CWE
    • buffer overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Joyent SmartOS Affected: OS 20161110T013148Z
    Create a notification for this product.
    Date Public
    2016-12-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:42:09.431Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94928",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94928"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.talosintelligence.com/reports/TALOS-2016-0251/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SmartOS",
              "vendor": "Joyent",
              "versions": [
                {
                  "status": "affected",
                  "version": "OS 20161110T013148Z"
                }
              ]
            }
          ],
          "datePublic": "2016-12-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with native file systems. An attacker can craft an input that can cause a buffer overflow in the path variable leading to an out of bounds memory access and could result in potential privilege escalation. This vulnerability is distinct from CVE-2016-9035."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "buffer overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T19:17:12.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "name": "94928",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94928"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.talosintelligence.com/reports/TALOS-2016-0251/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "talos-cna@cisco.com",
              "ID": "CVE-2016-9033",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "SmartOS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "OS 20161110T013148Z"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Joyent"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with native file systems. An attacker can craft an input that can cause a buffer overflow in the path variable leading to an out of bounds memory access and could result in potential privilege escalation. This vulnerability is distinct from CVE-2016-9035."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 7,
                "baseSeverity": "High",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "buffer overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94928",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94928"
                },
                {
                  "name": "http://www.talosintelligence.com/reports/TALOS-2016-0251/",
                  "refsource": "MISC",
                  "url": "http://www.talosintelligence.com/reports/TALOS-2016-0251/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2016-9033",
        "datePublished": "2016-12-14T17:00:00.000Z",
        "dateReserved": "2016-10-26T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:42:09.431Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-9032 (GCVE-0-2016-9032)

    Vulnerability from nvd – Published: 2016-12-14 17:00 – Updated: 2024-08-06 02:42
    VLAI
    Summary
    An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with native file systems. An attacker can craft an input that can cause a buffer overflow in the nm variable leading to an out of bounds memory access and could result in potential privilege escalation. This vulnerability is distinct from CVE-2016-9034.
    CWE
    • buffer overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Joyent SmartOS Affected: OS 20161110T013148Z
    Create a notification for this product.
    Date Public
    2016-12-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:42:09.441Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94923",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94923"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.talosintelligence.com/reports/TALOS-2016-0250/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SmartOS",
              "vendor": "Joyent",
              "versions": [
                {
                  "status": "affected",
                  "version": "OS 20161110T013148Z"
                }
              ]
            }
          ],
          "datePublic": "2016-12-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with native file systems. An attacker can craft an input that can cause a buffer overflow in the nm variable leading to an out of bounds memory access and could result in potential privilege escalation. This vulnerability is distinct from CVE-2016-9034."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "buffer overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T19:17:11.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "name": "94923",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94923"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.talosintelligence.com/reports/TALOS-2016-0250/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "talos-cna@cisco.com",
              "ID": "CVE-2016-9032",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "SmartOS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "OS 20161110T013148Z"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Joyent"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An exploitable buffer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with native file systems. An attacker can craft an input that can cause a buffer overflow in the nm variable leading to an out of bounds memory access and could result in potential privilege escalation. This vulnerability is distinct from CVE-2016-9034."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 7,
                "baseSeverity": "High",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "buffer overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94923",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94923"
                },
                {
                  "name": "http://www.talosintelligence.com/reports/TALOS-2016-0250/",
                  "refsource": "MISC",
                  "url": "http://www.talosintelligence.com/reports/TALOS-2016-0250/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2016-9032",
        "datePublished": "2016-12-14T17:00:00.000Z",
        "dateReserved": "2016-10-26T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:42:09.441Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-9031 (GCVE-0-2016-9031)

    Vulnerability from nvd – Published: 2016-12-14 17:00 – Updated: 2024-08-06 02:35
    VLAI
    Summary
    An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with 32-bit file systems. An attacker can craft an input that can cause a kernel panic and potentially be leveraged into a full privilege escalation vulnerability. This vulnerability is distinct from CVE-2016-8733.
    CWE
    • integer overflow
    Assigner
    References
    Impacted products
    Vendor Product Version
    Joyent SmartOS Affected: OS 20161110T013148Z
    Create a notification for this product.
    Date Public
    2016-12-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:35:02.561Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94921",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94921"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.talosintelligence.com/reports/TALOS-2016-0249/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SmartOS",
              "vendor": "Joyent",
              "versions": [
                {
                  "status": "affected",
                  "version": "OS 20161110T013148Z"
                }
              ]
            }
          ],
          "datePublic": "2016-12-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with 32-bit file systems. An attacker can craft an input that can cause a kernel panic and potentially be leveraged into a full privilege escalation vulnerability. This vulnerability is distinct from CVE-2016-8733."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "integer overflow",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T19:17:10.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "name": "94921",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94921"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.talosintelligence.com/reports/TALOS-2016-0249/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "talos-cna@cisco.com",
              "ID": "CVE-2016-9031",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "SmartOS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "OS 20161110T013148Z"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Joyent"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An exploitable integer overflow exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES when dealing with 32-bit file systems. An attacker can craft an input that can cause a kernel panic and potentially be leveraged into a full privilege escalation vulnerability. This vulnerability is distinct from CVE-2016-8733."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 7.8,
                "baseSeverity": "High",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "integer overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94921",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94921"
                },
                {
                  "name": "http://www.talosintelligence.com/reports/TALOS-2016-0249/",
                  "refsource": "MISC",
                  "url": "http://www.talosintelligence.com/reports/TALOS-2016-0249/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2016-9031",
        "datePublished": "2016-12-14T17:00:00.000Z",
        "dateReserved": "2016-10-26T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:35:02.561Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-43395 (GCVE-0-2021-43395)

    Vulnerability from cvelistv5 – Published: 2022-12-26 00:00 – Updated: 2025-04-14 16:10
    VLAI
    Summary
    An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems. Oracle Solaris 10 and 11 is also affected.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T03:55:28.486Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/illumos/illumos-gate/blob/069654420de4aade43c63c43cd2896e66945fc8a/usr/src/uts/common/fs/tmpfs/tmp_vnops.c"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/illumos/illumos-gate/blob/b3403853e80914bd0aade9b5b605da4878078173/usr/src/uts/common/fs/tmpfs/tmp_dir.c"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "http://www.tribblix.org/relnotes.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://jgardner100.wordpress.com/2022/01/20/security-heads-up/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://illumos.topicbox.com/groups/developer/T1c9e4f27f8c2f959/security-heads-up-illumos14424"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.illumos.org/issues/14424"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/illumos/illumos-gate/commit/f859e7171bb5db34321e45585839c6c3200ebb90"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://kebe.com/blog/?p=505"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "LOCAL",
                  "availabilityImpact": "HIGH",
                  "baseScore": 5.5,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "NONE",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "LOW",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-43395",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-14T16:09:04.387669Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-667",
                    "description": "CWE-667 Improper Locking",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-14T16:10:08.182Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems. Oracle Solaris 10 and 11 is also affected."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-12-26T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://github.com/illumos/illumos-gate/blob/069654420de4aade43c63c43cd2896e66945fc8a/usr/src/uts/common/fs/tmpfs/tmp_vnops.c"
            },
            {
              "url": "https://github.com/illumos/illumos-gate/blob/b3403853e80914bd0aade9b5b605da4878078173/usr/src/uts/common/fs/tmpfs/tmp_dir.c"
            },
            {
              "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
            },
            {
              "url": "http://www.tribblix.org/relnotes.html"
            },
            {
              "url": "https://jgardner100.wordpress.com/2022/01/20/security-heads-up/"
            },
            {
              "url": "https://illumos.topicbox.com/groups/developer/T1c9e4f27f8c2f959/security-heads-up-illumos14424"
            },
            {
              "url": "https://www.illumos.org/issues/14424"
            },
            {
              "url": "https://github.com/illumos/illumos-gate/commit/f859e7171bb5db34321e45585839c6c3200ebb90"
            },
            {
              "url": "https://kebe.com/blog/?p=505"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2021-43395",
        "datePublished": "2022-12-26T00:00:00.000Z",
        "dateReserved": "2021-11-04T00:00:00.000Z",
        "dateUpdated": "2025-04-14T16:10:08.182Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-27678 (GCVE-0-2020-27678)

    Vulnerability from cvelistv5 – Published: 2020-10-23 20:25 – Updated: 2024-08-04 16:18
    VLAI
    Summary
    An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. There is a buffer overflow in parse_user_name in lib/libpam/pam_framework.c.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T16:18:45.659Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/illumos/illumos-gate/commit/1d276e0b382cf066dae93640746d8b4c54d15452"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. There is a buffer overflow in parse_user_name in lib/libpam/pam_framework.c."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-10-23T20:25:17.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/illumos/illumos-gate/commit/1d276e0b382cf066dae93640746d8b4c54d15452"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-27678",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. There is a buffer overflow in parse_user_name in lib/libpam/pam_framework.c."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/illumos/illumos-gate/commit/1d276e0b382cf066dae93640746d8b4c54d15452",
                  "refsource": "MISC",
                  "url": "https://github.com/illumos/illumos-gate/commit/1d276e0b382cf066dae93640746d8b4c54d15452"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-27678",
        "datePublished": "2020-10-23T20:25:17.000Z",
        "dateReserved": "2020-10-23T00:00:00.000Z",
        "dateUpdated": "2024-08-04T16:18:45.659Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-7712 (GCVE-0-2020-7712)

    Vulnerability from cvelistv5 – Published: 2020-08-30 07:15 – Updated: 2024-09-17 02:46
    VLAI
    Title
    Command Injection
    Summary
    This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function.
    CWE
    • Command Injection
    Assigner
    References
    URL Tags
    https://snyk.io/vuln/SNYK-JS-JSON-597481 x_refsource_MISC
    https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-608931 x_refsource_MISC
    https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-608932 x_refsource_MISC
    https://github.com/trentm/json/issues/144 x_refsource_MISC
    https://github.com/trentm/json/pull/145 x_refsource_MISC
    https://lists.apache.org/thread.html/r8d2e174230f… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/rd9b9cc843f5… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/ree3abcd33c0… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/rb023d54a46d… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/rb2b98191244… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/r9c6d28e5b9a… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/r977a907ecbe… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/r5f17bfca1d6… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/ra890c24b3d9… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/rba7ea4d75d6… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/rb89bd82dffe… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/rec8bb4d637b… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/r37c0e1807da… mailing-listx_refsource_MLIST
    https://lists.apache.org/thread.html/r3b04f4e99a1… mailing-listx_refsource_MLIST
    https://www.oracle.com//security-alerts/cpujul2021.html x_refsource_MISC
    https://www.oracle.com/security-alerts/cpujan2022.html x_refsource_MISC
    https://www.oracle.com/security-alerts/cpujul2022.html x_refsource_MISC
    Impacted products
    Vendor Product Version
    n/a json Affected: unspecified , < 10.0.0 (custom)
    Date Public
    2020-08-30 00:00
    Credits
    po6ix
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T09:41:00.874Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://snyk.io/vuln/SNYK-JS-JSON-597481"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-608931"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-608932"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/trentm/json/issues/144"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/trentm/json/pull/145"
              },
              {
                "name": "[zookeeper-dev] 20200913 [jira] [Created] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/r8d2e174230f6d26e16c007546e804c343f1f68956f526daaafa4aaae%40%3Cdev.zookeeper.apache.org%3E"
              },
              {
                "name": "[zookeeper-issues] 20200913 [jira] [Created] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/rd9b9cc843f5cf5b532bdad9e87a817967efcf52b917e8c43b6df4cc7%40%3Cissues.zookeeper.apache.org%3E"
              },
              {
                "name": "[zookeeper-issues] 20200913 [jira] [Resolved] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/ree3abcd33c06ee95ab59faa1751198a1186d8941ddc2c2562c12966c%40%3Cissues.zookeeper.apache.org%3E"
              },
              {
                "name": "[zookeeper-issues] 20200930 [jira] [Comment Edited] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/rb023d54a46da1ac0d8969097f5fecc79636b07d3b80db7b818a5c55c%40%3Cissues.zookeeper.apache.org%3E"
              },
              {
                "name": "[zookeeper-issues] 20200930 [jira] [Commented] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/rb2b981912446a74e14fe6076c4b7c7d8502727ea0718e6a65a9b1be5%40%3Cissues.zookeeper.apache.org%3E"
              },
              {
                "name": "[flink-dev] 20200930 [jira] [Created] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/r9c6d28e5b9a9b3481b7d1f90f1c2f75cd1a5ade91038426e0fb095da%40%3Cdev.flink.apache.org%3E"
              },
              {
                "name": "[flink-issues] 20200930 [jira] [Created] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/r977a907ecbedf87ae5ba47d4c77639efb120f74d4d1b3de14a4ef4da%40%3Cissues.flink.apache.org%3E"
              },
              {
                "name": "[zookeeper-issues] 20200930 [jira] [Issue Comment Deleted] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/r5f17bfca1d6e7f4b33ae978725b2fd62a9f1b3111696eafa9add802d%40%3Cissues.zookeeper.apache.org%3E"
              },
              {
                "name": "[flink-issues] 20200930 [jira] [Commented] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/ra890c24b3d90be36daf48ae76b263acb297003db24c1122f8e4aaef2%40%3Cissues.flink.apache.org%3E"
              },
              {
                "name": "[flink-issues] 20200930 [jira] [Updated] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/rba7ea4d75d6a8e5b935991d960d9b893fd30e576c4d3b531084ebd7d%40%3Cissues.flink.apache.org%3E"
              },
              {
                "name": "[flink-issues] 20201014 [jira] [Closed] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/rb89bd82dffec49f83b49e9ad625b1b63a408b3c7d1a60d6f049142a0%40%3Cissues.flink.apache.org%3E"
              },
              {
                "name": "[zookeeper-issues] 20210106 [jira] [Updated] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/rec8bb4d637b04575da41cfae49118e108e95d43bfac39b7b698ee4db%40%3Cissues.zookeeper.apache.org%3E"
              },
              {
                "name": "[zookeeper-issues] 20210404 [jira] [Updated] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/r37c0e1807da7ff2bdd028bbe296465a6bbb99e2320dbe661d5d8b33b%40%3Cissues.zookeeper.apache.org%3E"
              },
              {
                "name": "[zookeeper-issues] 20210404 [jira] [Assigned] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.apache.org/thread.html/r3b04f4e99a19613f88ae088aa18cd271231a3c79dfff8f5efa8cda61%40%3Cissues.zookeeper.apache.org%3E"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "json",
              "vendor": "n/a",
              "versions": [
                {
                  "lessThan": "10.0.0",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "po6ix"
            }
          ],
          "datePublic": "2020-08-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Command Injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-07-25T16:23:56.000Z",
            "orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
            "shortName": "snyk"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://snyk.io/vuln/SNYK-JS-JSON-597481"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-608931"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-608932"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/trentm/json/issues/144"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/trentm/json/pull/145"
            },
            {
              "name": "[zookeeper-dev] 20200913 [jira] [Created] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/r8d2e174230f6d26e16c007546e804c343f1f68956f526daaafa4aaae%40%3Cdev.zookeeper.apache.org%3E"
            },
            {
              "name": "[zookeeper-issues] 20200913 [jira] [Created] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/rd9b9cc843f5cf5b532bdad9e87a817967efcf52b917e8c43b6df4cc7%40%3Cissues.zookeeper.apache.org%3E"
            },
            {
              "name": "[zookeeper-issues] 20200913 [jira] [Resolved] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/ree3abcd33c06ee95ab59faa1751198a1186d8941ddc2c2562c12966c%40%3Cissues.zookeeper.apache.org%3E"
            },
            {
              "name": "[zookeeper-issues] 20200930 [jira] [Comment Edited] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/rb023d54a46da1ac0d8969097f5fecc79636b07d3b80db7b818a5c55c%40%3Cissues.zookeeper.apache.org%3E"
            },
            {
              "name": "[zookeeper-issues] 20200930 [jira] [Commented] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/rb2b981912446a74e14fe6076c4b7c7d8502727ea0718e6a65a9b1be5%40%3Cissues.zookeeper.apache.org%3E"
            },
            {
              "name": "[flink-dev] 20200930 [jira] [Created] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/r9c6d28e5b9a9b3481b7d1f90f1c2f75cd1a5ade91038426e0fb095da%40%3Cdev.flink.apache.org%3E"
            },
            {
              "name": "[flink-issues] 20200930 [jira] [Created] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/r977a907ecbedf87ae5ba47d4c77639efb120f74d4d1b3de14a4ef4da%40%3Cissues.flink.apache.org%3E"
            },
            {
              "name": "[zookeeper-issues] 20200930 [jira] [Issue Comment Deleted] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/r5f17bfca1d6e7f4b33ae978725b2fd62a9f1b3111696eafa9add802d%40%3Cissues.zookeeper.apache.org%3E"
            },
            {
              "name": "[flink-issues] 20200930 [jira] [Commented] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/ra890c24b3d90be36daf48ae76b263acb297003db24c1122f8e4aaef2%40%3Cissues.flink.apache.org%3E"
            },
            {
              "name": "[flink-issues] 20200930 [jira] [Updated] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/rba7ea4d75d6a8e5b935991d960d9b893fd30e576c4d3b531084ebd7d%40%3Cissues.flink.apache.org%3E"
            },
            {
              "name": "[flink-issues] 20201014 [jira] [Closed] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/rb89bd82dffec49f83b49e9ad625b1b63a408b3c7d1a60d6f049142a0%40%3Cissues.flink.apache.org%3E"
            },
            {
              "name": "[zookeeper-issues] 20210106 [jira] [Updated] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/rec8bb4d637b04575da41cfae49118e108e95d43bfac39b7b698ee4db%40%3Cissues.zookeeper.apache.org%3E"
            },
            {
              "name": "[zookeeper-issues] 20210404 [jira] [Updated] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/r37c0e1807da7ff2bdd028bbe296465a6bbb99e2320dbe661d5d8b33b%40%3Cissues.zookeeper.apache.org%3E"
            },
            {
              "name": "[zookeeper-issues] 20210404 [jira] [Assigned] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.apache.org/thread.html/r3b04f4e99a19613f88ae088aa18cd271231a3c79dfff8f5efa8cda61%40%3Cissues.zookeeper.apache.org%3E"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
            }
          ],
          "title": "Command Injection",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "report@snyk.io",
              "DATE_PUBLIC": "2020-08-30T07:13:25.668015Z",
              "ID": "CVE-2020-7712",
              "STATE": "PUBLIC",
              "TITLE": "Command Injection"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "json",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c",
                                "version_value": "10.0.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "po6ix"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function."
                }
              ]
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Command Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://snyk.io/vuln/SNYK-JS-JSON-597481",
                  "refsource": "MISC",
                  "url": "https://snyk.io/vuln/SNYK-JS-JSON-597481"
                },
                {
                  "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-608931",
                  "refsource": "MISC",
                  "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-608931"
                },
                {
                  "name": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-608932",
                  "refsource": "MISC",
                  "url": "https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-608932"
                },
                {
                  "name": "https://github.com/trentm/json/issues/144",
                  "refsource": "MISC",
                  "url": "https://github.com/trentm/json/issues/144"
                },
                {
                  "name": "https://github.com/trentm/json/pull/145",
                  "refsource": "MISC",
                  "url": "https://github.com/trentm/json/pull/145"
                },
                {
                  "name": "[zookeeper-dev] 20200913 [jira] [Created] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/r8d2e174230f6d26e16c007546e804c343f1f68956f526daaafa4aaae@%3Cdev.zookeeper.apache.org%3E"
                },
                {
                  "name": "[zookeeper-issues] 20200913 [jira] [Created] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/rd9b9cc843f5cf5b532bdad9e87a817967efcf52b917e8c43b6df4cc7@%3Cissues.zookeeper.apache.org%3E"
                },
                {
                  "name": "[zookeeper-issues] 20200913 [jira] [Resolved] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/ree3abcd33c06ee95ab59faa1751198a1186d8941ddc2c2562c12966c@%3Cissues.zookeeper.apache.org%3E"
                },
                {
                  "name": "[zookeeper-issues] 20200930 [jira] [Comment Edited] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/rb023d54a46da1ac0d8969097f5fecc79636b07d3b80db7b818a5c55c@%3Cissues.zookeeper.apache.org%3E"
                },
                {
                  "name": "[zookeeper-issues] 20200930 [jira] [Commented] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/rb2b981912446a74e14fe6076c4b7c7d8502727ea0718e6a65a9b1be5@%3Cissues.zookeeper.apache.org%3E"
                },
                {
                  "name": "[flink-dev] 20200930 [jira] [Created] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/r9c6d28e5b9a9b3481b7d1f90f1c2f75cd1a5ade91038426e0fb095da@%3Cdev.flink.apache.org%3E"
                },
                {
                  "name": "[flink-issues] 20200930 [jira] [Created] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/r977a907ecbedf87ae5ba47d4c77639efb120f74d4d1b3de14a4ef4da@%3Cissues.flink.apache.org%3E"
                },
                {
                  "name": "[zookeeper-issues] 20200930 [jira] [Issue Comment Deleted] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/r5f17bfca1d6e7f4b33ae978725b2fd62a9f1b3111696eafa9add802d@%3Cissues.zookeeper.apache.org%3E"
                },
                {
                  "name": "[flink-issues] 20200930 [jira] [Commented] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/ra890c24b3d90be36daf48ae76b263acb297003db24c1122f8e4aaef2@%3Cissues.flink.apache.org%3E"
                },
                {
                  "name": "[flink-issues] 20200930 [jira] [Updated] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/rba7ea4d75d6a8e5b935991d960d9b893fd30e576c4d3b531084ebd7d@%3Cissues.flink.apache.org%3E"
                },
                {
                  "name": "[flink-issues] 20201014 [jira] [Closed] (FLINK-19471) CVE-2020-7712 is reported for flink-streaming-java_2.11:jar:1.11.1",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/rb89bd82dffec49f83b49e9ad625b1b63a408b3c7d1a60d6f049142a0@%3Cissues.flink.apache.org%3E"
                },
                {
                  "name": "[zookeeper-issues] 20210106 [jira] [Updated] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/rec8bb4d637b04575da41cfae49118e108e95d43bfac39b7b698ee4db@%3Cissues.zookeeper.apache.org%3E"
                },
                {
                  "name": "[zookeeper-issues] 20210404 [jira] [Updated] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/r37c0e1807da7ff2bdd028bbe296465a6bbb99e2320dbe661d5d8b33b@%3Cissues.zookeeper.apache.org%3E"
                },
                {
                  "name": "[zookeeper-issues] 20210404 [jira] [Assigned] (ZOOKEEPER-3933) owasp failing with json-simple-1.1.1.jar: CVE-2020-10663, CVE-2020-7712",
                  "refsource": "MLIST",
                  "url": "https://lists.apache.org/thread.html/r3b04f4e99a19613f88ae088aa18cd271231a3c79dfff8f5efa8cda61@%3Cissues.zookeeper.apache.org%3E"
                },
                {
                  "name": "https://www.oracle.com//security-alerts/cpujul2021.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
                },
                {
                  "name": "https://www.oracle.com/security-alerts/cpujan2022.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
                },
                {
                  "name": "https://www.oracle.com/security-alerts/cpujul2022.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
        "assignerShortName": "snyk",
        "cveId": "CVE-2020-7712",
        "datePublished": "2020-08-30T07:15:16.008Z",
        "dateReserved": "2020-01-21T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:46:56.982Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-9040 (GCVE-0-2016-9040)

    Vulnerability from cvelistv5 – Published: 2018-09-07 12:00 – Updated: 2024-09-16 22:19
    VLAI
    Summary
    An exploitable denial of service exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when used with a 32 bit model. An attacker can cause a buffer to be allocated and never freed. When repeatedly exploit this will result in memory exhaustion, resulting in a full system denial of service.
    CWE
    • denial of service
    Assigner
    References
    Impacted products
    Vendor Product Version
    Joyent SmartOS Affected: 20161110T013148Z
    Create a notification for this product.
    Date Public
    2016-12-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:42:09.935Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0258"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SmartOS",
              "vendor": "Joyent",
              "versions": [
                {
                  "status": "affected",
                  "version": "20161110T013148Z"
                }
              ]
            }
          ],
          "datePublic": "2016-12-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An exploitable denial of service exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when used with a 32 bit model. An attacker can cause a buffer to be allocated and never freed. When repeatedly exploit this will result in memory exhaustion, resulting in a full system denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "denial of service",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T19:17:21.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0258"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "talos-cna@cisco.com",
              "DATE_PUBLIC": "2016-12-12T00:00:00",
              "ID": "CVE-2016-9040",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "SmartOS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "20161110T013148Z"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Joyent"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An exploitable denial of service exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when used with a 32 bit model. An attacker can cause a buffer to be allocated and never freed. When repeatedly exploit this will result in memory exhaustion, resulting in a full system denial of service."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 6.2,
                "baseSeverity": "Medium",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "denial of service"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0258",
                  "refsource": "MISC",
                  "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0258"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2016-9040",
        "datePublished": "2018-09-07T12:00:00.000Z",
        "dateReserved": "2016-10-26T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:19:52.247Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-3737 (GCVE-0-2018-3737)

    Vulnerability from cvelistv5 – Published: 2018-06-07 02:00 – Updated: 2024-09-17 03:42
    VLAI
    Summary
    sshpk is vulnerable to ReDoS when parsing crafted invalid public keys.
    Severity
    No CVSS data available.
    CWE
    • CWE-770 - Allocation of Resources Without Limits or Throttling (CWE-770)
    Assigner
    References
    URL Tags
    https://hackerone.com/reports/319593 x_refsource_MISC
    Impacted products
    Vendor Product Version
    HackerOne sshpk node module Affected: Versions up to and including 1.13.1
    Create a notification for this product.
    Date Public
    2018-04-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T04:50:30.537Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://hackerone.com/reports/319593"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "sshpk node module",
              "vendor": "HackerOne",
              "versions": [
                {
                  "status": "affected",
                  "version": "Versions up to and including 1.13.1"
                }
              ]
            }
          ],
          "datePublic": "2018-04-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "sshpk is vulnerable to ReDoS when parsing crafted invalid public keys."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-770",
                  "description": "Allocation of Resources Without Limits or Throttling (CWE-770)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-06-07T01:57:01.000Z",
            "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
            "shortName": "hackerone"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://hackerone.com/reports/319593"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "support@hackerone.com",
              "DATE_PUBLIC": "2018-04-26T00:00:00",
              "ID": "CVE-2018-3737",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "sshpk node module",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Versions up to and including 1.13.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "HackerOne"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "sshpk is vulnerable to ReDoS when parsing crafted invalid public keys."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Allocation of Resources Without Limits or Throttling (CWE-770)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://hackerone.com/reports/319593",
                  "refsource": "MISC",
                  "url": "https://hackerone.com/reports/319593"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "assignerShortName": "hackerone",
        "cveId": "CVE-2018-3737",
        "datePublished": "2018-06-07T02:00:00.000Z",
        "dateReserved": "2017-12-28T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:42:53.453Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-16005 (GCVE-0-2017-16005)

    Vulnerability from cvelistv5 – Published: 2018-06-04 19:00 – Updated: 2024-09-16 19:19
    VLAI
    Summary
    Http-signature is a "Reference implementation of Joyent's HTTP Signature Scheme". In versions <=0.9.11, http-signature signs only the header values, but not the header names. This makes http-signature vulnerable to header forgery. Thus, if an attacker can intercept a request, he can swap header names and change the meaning of the request without changing the signature.
    Severity
    No CVSS data available.
    CWE
    • CWE-20 - Improper Input Validation (CWE-20)
    Assigner
    References
    Impacted products
    Date Public
    2018-04-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T20:13:06.813Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/joyent/node-http-signature/issues/10"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://nodesecurity.io/advisories/318"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "http-signature node module",
              "vendor": "HackerOne",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c=0.9.11"
                }
              ]
            }
          ],
          "datePublic": "2018-04-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Http-signature is a \"Reference implementation of Joyent\u0027s HTTP Signature Scheme\". In versions \u003c=0.9.11, http-signature signs only the header values, but not the header names. This makes http-signature vulnerable to header forgery. Thus, if an attacker can intercept a request, he can swap header names and change the meaning of the request without changing the signature."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-20",
                  "description": "Improper Input Validation (CWE-20)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-06-04T18:57:01.000Z",
            "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
            "shortName": "hackerone"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/joyent/node-http-signature/issues/10"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://nodesecurity.io/advisories/318"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "support@hackerone.com",
              "DATE_PUBLIC": "2018-04-26T00:00:00",
              "ID": "CVE-2017-16005",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "http-signature node module",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u003c=0.9.11"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "HackerOne"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Http-signature is a \"Reference implementation of Joyent\u0027s HTTP Signature Scheme\". In versions \u003c=0.9.11, http-signature signs only the header values, but not the header names. This makes http-signature vulnerable to header forgery. Thus, if an attacker can intercept a request, he can swap header names and change the meaning of the request without changing the signature."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Improper Input Validation (CWE-20)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/joyent/node-http-signature/issues/10",
                  "refsource": "MISC",
                  "url": "https://github.com/joyent/node-http-signature/issues/10"
                },
                {
                  "name": "https://nodesecurity.io/advisories/318",
                  "refsource": "MISC",
                  "url": "https://nodesecurity.io/advisories/318"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "assignerShortName": "hackerone",
        "cveId": "CVE-2017-16005",
        "datePublished": "2018-06-04T19:00:00.000Z",
        "dateReserved": "2017-10-29T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:19:33.991Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-1171 (GCVE-0-2018-1171)

    Vulnerability from cvelistv5 – Published: 2018-03-19 18:00 – Updated: 2024-08-05 03:51
    VLAI
    Summary
    This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DTrace DOF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code under the context of the host OS. Was ZDI-CAN-5106.
    Severity
    No CVSS data available.
    CWE
    Assigner
    zdi
    Impacted products
    Vendor Product Version
    Joyent Joyent SmartOS Affected: release-20170803-20170803T064301Z
    Create a notification for this product.
    Date Public
    2017-03-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:51:49.003Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://help.joyent.com/hc/en-us/articles/360000608188"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
              },
              {
                "name": "1041303",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1041303"
              },
              {
                "name": "104799",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/104799"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://zerodayinitiative.com/advisories/ZDI-18-236"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Joyent SmartOS",
              "vendor": "Joyent",
              "versions": [
                {
                  "status": "affected",
                  "version": "release-20170803-20170803T064301Z"
                }
              ]
            }
          ],
          "datePublic": "2017-03-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DTrace DOF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code under the context of the host OS. Was ZDI-CAN-5106."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-787",
                  "description": "CWE-787-Out-of-bounds Write",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-07-27T09:57:01.000Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://help.joyent.com/hc/en-us/articles/360000608188"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
            },
            {
              "name": "1041303",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1041303"
            },
            {
              "name": "104799",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/104799"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://zerodayinitiative.com/advisories/ZDI-18-236"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "zdi-disclosures@trendmicro.com",
              "ID": "CVE-2018-1171",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Joyent SmartOS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "release-20170803-20170803T064301Z"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Joyent"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DTrace DOF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code under the context of the host OS. Was ZDI-CAN-5106."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-787-Out-of-bounds Write"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://help.joyent.com/hc/en-us/articles/360000608188",
                  "refsource": "CONFIRM",
                  "url": "https://help.joyent.com/hc/en-us/articles/360000608188"
                },
                {
                  "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
                },
                {
                  "name": "1041303",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1041303"
                },
                {
                  "name": "104799",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/104799"
                },
                {
                  "name": "https://zerodayinitiative.com/advisories/ZDI-18-236",
                  "refsource": "MISC",
                  "url": "https://zerodayinitiative.com/advisories/ZDI-18-236"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2018-1171",
        "datePublished": "2018-03-19T18:00:00.000Z",
        "dateReserved": "2017-12-05T00:00:00.000Z",
        "dateUpdated": "2024-08-05T03:51:49.003Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-1166 (GCVE-0-2018-1166)

    Vulnerability from cvelistv5 – Published: 2018-02-21 14:00 – Updated: 2024-08-05 03:51
    VLAI
    Summary
    This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SMBIOC_TREE_RELE ioctl. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the host OS. Was ZDI-CAN-4984.
    Severity
    No CVSS data available.
    CWE
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    Joyent Joyent SmartOS Affected: release-20170803-20170803T064301Z
    Create a notification for this product.
    Date Public
    2018-01-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:51:48.929Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://help.joyent.com/hc/en-us/articles/360000124928"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://zerodayinitiative.com/advisories/ZDI-18-159"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Joyent SmartOS",
              "vendor": "Joyent",
              "versions": [
                {
                  "status": "affected",
                  "version": "release-20170803-20170803T064301Z"
                }
              ]
            }
          ],
          "datePublic": "2018-01-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SMBIOC_TREE_RELE ioctl. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the host OS. Was ZDI-CAN-4984."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-416",
                  "description": "CWE-416-Use After Free",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-21T13:57:01.000Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://help.joyent.com/hc/en-us/articles/360000124928"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://zerodayinitiative.com/advisories/ZDI-18-159"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "zdi-disclosures@trendmicro.com",
              "ID": "CVE-2018-1166",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Joyent SmartOS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "release-20170803-20170803T064301Z"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Joyent"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SMBIOC_TREE_RELE ioctl. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code under the context of the host OS. Was ZDI-CAN-4984."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-416-Use After Free"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://help.joyent.com/hc/en-us/articles/360000124928",
                  "refsource": "CONFIRM",
                  "url": "https://help.joyent.com/hc/en-us/articles/360000124928"
                },
                {
                  "name": "https://zerodayinitiative.com/advisories/ZDI-18-159",
                  "refsource": "MISC",
                  "url": "https://zerodayinitiative.com/advisories/ZDI-18-159"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2018-1166",
        "datePublished": "2018-02-21T14:00:00.000Z",
        "dateReserved": "2017-12-05T00:00:00.000Z",
        "dateUpdated": "2024-08-05T03:51:48.929Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-1165 (GCVE-0-2018-1165)

    Vulnerability from cvelistv5 – Published: 2018-02-21 14:00 – Updated: 2024-08-05 03:51
    VLAI
    Summary
    This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SMB_IOC_SVCENUM IOCTL. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the host OS. Was ZDI-CAN-4983.
    Severity
    No CVSS data available.
    CWE
    • CWE-122 - Heap-based Buffer Overflow
    Assigner
    zdi
    Impacted products
    Vendor Product Version
    Joyent Joyent SmartOS Affected: release-20170803-20170803T064301Z
    Create a notification for this product.
    Date Public
    2018-01-26 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T03:51:48.985Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://help.joyent.com/hc/en-us/articles/360000124928"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://zerodayinitiative.com/advisories/ZDI-18-158"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Joyent SmartOS",
              "vendor": "Joyent",
              "versions": [
                {
                  "status": "affected",
                  "version": "release-20170803-20170803T064301Z"
                }
              ]
            }
          ],
          "datePublic": "2018-01-26T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SMB_IOC_SVCENUM IOCTL. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the host OS. Was ZDI-CAN-4983."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-122",
                  "description": "CWE-122-Heap-based Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-04-15T21:06:45.000Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://help.joyent.com/hc/en-us/articles/360000124928"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://zerodayinitiative.com/advisories/ZDI-18-158"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "zdi-disclosures@trendmicro.com",
              "ID": "CVE-2018-1165",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Joyent SmartOS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "release-20170803-20170803T064301Z"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Joyent"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the SMB_IOC_SVCENUM IOCTL. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the host OS. Was ZDI-CAN-4983."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-122-Heap-based Buffer Overflow"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://help.joyent.com/hc/en-us/articles/360000124928",
                  "refsource": "CONFIRM",
                  "url": "https://help.joyent.com/hc/en-us/articles/360000124928"
                },
                {
                  "name": "https://zerodayinitiative.com/advisories/ZDI-18-158",
                  "refsource": "MISC",
                  "url": "https://zerodayinitiative.com/advisories/ZDI-18-158"
                },
                {
                  "name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2018-1165",
        "datePublished": "2018-02-21T14:00:00.000Z",
        "dateReserved": "2017-12-05T00:00:00.000Z",
        "dateUpdated": "2024-08-05T03:51:48.985Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-10940 (GCVE-0-2017-10940)

    Vulnerability from cvelistv5 – Published: 2017-10-31 19:00 – Updated: 2024-08-05 17:50
    VLAI
    Summary
    This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center prior to agentsshar@1.0.0-release-20160901-20160901T051624Z-g3fd5adf (e469cf49-4de3-4658-8419-ab42837916ad). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the docker API. The process does not properly validate user-supplied data which can allow for the upload of arbitrary files. An attacker can leverage this vulnerability to execute arbitrary code under the context of root. Was ZDI-CAN-3853.
    Severity
    No CVSS data available.
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    zdi
    References
    Impacted products
    Vendor Product Version
    Joyent Joyent Smart Data Center Affected: prior to agentsshar@1.0.0-release-20160901-20160901T051624Z-g3fd5adf (e469cf49-4de3-4658-8419-ab42837916ad)
    Create a notification for this product.
    Date Public
    2017-10-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T17:50:12.720Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://zerodayinitiative.com/advisories/ZDI-17-453"
              },
              {
                "name": "99510",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/99510"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://help.joyent.com/hc/en-us/articles/115009649927-Security-Advisory-ZDI-CAN-3853-Docker-File-Overwrite-Vulnerability"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Joyent Smart Data Center",
              "vendor": "Joyent",
              "versions": [
                {
                  "status": "affected",
                  "version": "prior to agentsshar@1.0.0-release-20160901-20160901T051624Z-g3fd5adf (e469cf49-4de3-4658-8419-ab42837916ad)"
                }
              ]
            }
          ],
          "datePublic": "2017-10-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center prior to agentsshar@1.0.0-release-20160901-20160901T051624Z-g3fd5adf (e469cf49-4de3-4658-8419-ab42837916ad). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the docker API. The process does not properly validate user-supplied data which can allow for the upload of arbitrary files. An attacker can leverage this vulnerability to execute arbitrary code under the context of root. Was ZDI-CAN-3853."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22-Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-11-01T09:57:01.000Z",
            "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
            "shortName": "zdi"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://zerodayinitiative.com/advisories/ZDI-17-453"
            },
            {
              "name": "99510",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/99510"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://help.joyent.com/hc/en-us/articles/115009649927-Security-Advisory-ZDI-CAN-3853-Docker-File-Overwrite-Vulnerability"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "zdi-disclosures@trendmicro.com",
              "ID": "CVE-2017-10940",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Joyent Smart Data Center",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "prior to agentsshar@1.0.0-release-20160901-20160901T051624Z-g3fd5adf (e469cf49-4de3-4658-8419-ab42837916ad)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Joyent"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center prior to agentsshar@1.0.0-release-20160901-20160901T051624Z-g3fd5adf (e469cf49-4de3-4658-8419-ab42837916ad). An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the docker API. The process does not properly validate user-supplied data which can allow for the upload of arbitrary files. An attacker can leverage this vulnerability to execute arbitrary code under the context of root. Was ZDI-CAN-3853."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-22-Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://zerodayinitiative.com/advisories/ZDI-17-453",
                  "refsource": "MISC",
                  "url": "https://zerodayinitiative.com/advisories/ZDI-17-453"
                },
                {
                  "name": "99510",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/99510"
                },
                {
                  "name": "https://help.joyent.com/hc/en-us/articles/115009649927-Security-Advisory-ZDI-CAN-3853-Docker-File-Overwrite-Vulnerability",
                  "refsource": "CONFIRM",
                  "url": "https://help.joyent.com/hc/en-us/articles/115009649927-Security-Advisory-ZDI-CAN-3853-Docker-File-Overwrite-Vulnerability"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "assignerShortName": "zdi",
        "cveId": "CVE-2017-10940",
        "datePublished": "2017-10-31T19:00:00.000Z",
        "dateReserved": "2017-07-05T00:00:00.000Z",
        "dateUpdated": "2024-08-05T17:50:12.720Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-9039 (GCVE-0-2016-9039)

    Vulnerability from cvelistv5 – Published: 2017-01-31 21:00 – Updated: 2024-08-06 02:42
    VLAI
    Summary
    An exploitable denial of service exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES. An attacker can cause a buffer to be allocated and never freed. When repeatedly exploited this will result in memory exhaustion, resulting in a full system denial of service.
    CWE
    • remote code execution
    Assigner
    References
    Impacted products
    Vendor Product Version
    Joyent SmartOS Affected: OS 20161110T013148Z
    Create a notification for this product.
    Date Public
    2016-12-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:42:09.806Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "95916",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/95916"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.talosintelligence.com/reports/TALOS-2016-0257/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SmartOS",
              "vendor": "Joyent",
              "versions": [
                {
                  "status": "affected",
                  "version": "OS 20161110T013148Z"
                }
              ]
            }
          ],
          "datePublic": "2016-12-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An exploitable denial of service exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES. An attacker can cause a buffer to be allocated and never freed. When repeatedly exploited this will result in memory exhaustion, resulting in a full system denial of service."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.2,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "remote code execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T19:17:20.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "name": "95916",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/95916"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.talosintelligence.com/reports/TALOS-2016-0257/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "talos-cna@cisco.com",
              "ID": "CVE-2016-9039",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "SmartOS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "OS 20161110T013148Z"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Joyent"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An exploitable denial of service exists in the Joyent SmartOS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFS_ADD_ENTRIES. An attacker can cause a buffer to be allocated and never freed. When repeatedly exploited this will result in memory exhaustion, resulting in a full system denial of service."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 6.2,
                "baseSeverity": "Medium",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "remote code execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "95916",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/95916"
                },
                {
                  "name": "http://www.talosintelligence.com/reports/TALOS-2016-0257/",
                  "refsource": "MISC",
                  "url": "http://www.talosintelligence.com/reports/TALOS-2016-0257/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2016-9039",
        "datePublished": "2017-01-31T21:00:00.000Z",
        "dateReserved": "2016-10-26T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:42:09.806Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }