Vulnerability-Lookup

WID-SEC-W-2025-2548

Vulnerability from csaf_certbund - Published: 2020-03-31 22:00 - Updated: 2025-12-02 23:00

Summary

Red Hat Enterprise Linux: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.

Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um beliebigen Programmcode auszuführen, einen Denial of Service Zustand herbeizuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, Dateien zu manipulieren oder Sicherheitsvorkehrungen zu umgehen.

Betroffene Betriebssysteme: - Linux

CVE-2016-10245

CVE-2017-6519

CVE-2018-1000801

CVE-2018-10360

CVE-2018-10910

CVE-2018-10916

CVE-2018-11439

CVE-2018-17407

CVE-2018-17828

CVE-2019-12387

CVE-2019-13038

CVE-2019-14850

CVE-2019-3820

CVE-2019-9210

References

URL

CVE-2018-17407 (GCVE-0-2018-17407)

Vulnerability from cvelistv5 – Published: 2018-09-23 21:00 – Updated: 2024-08-05 10:47

Summary

An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/TeX-Live/texlive-source/commit…	x_refsource_MISC
	https://www.debian.org/security/2018/dsa-4299	vendor-advisoryx_refsource_DEBIAN
	https://lists.debian.org/debian-security-announce…	x_refsource_MISC
	https://usn.ubuntu.com/3788-1/	vendor-advisoryx_refsource_UBUNTU
	https://usn.ubuntu.com/3788-2/	vendor-advisoryx_refsource_UBUNTU

Date Public ?

2018-09-23 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T10:47:04.498Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/TeX-Live/texlive-source/commit/6ed0077520e2b0da1fd060c7f88db7b2e6068e4c"
          },
          {
            "name": "DSA-4299",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4299"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-security-announce/2018/msg00230.html"
          },
          {
            "name": "USN-3788-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3788-1/"
          },
          {
            "name": "USN-3788-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3788-2/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-09-23T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-24T09:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/TeX-Live/texlive-source/commit/6ed0077520e2b0da1fd060c7f88db7b2e6068e4c"
        },
        {
          "name": "DSA-4299",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4299"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://lists.debian.org/debian-security-announce/2018/msg00230.html"
        },
        {
          "name": "USN-3788-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3788-1/"
        },
        {
          "name": "USN-3788-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3788-2/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-17407",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/TeX-Live/texlive-source/commit/6ed0077520e2b0da1fd060c7f88db7b2e6068e4c",
              "refsource": "MISC",
              "url": "https://github.com/TeX-Live/texlive-source/commit/6ed0077520e2b0da1fd060c7f88db7b2e6068e4c"
            },
            {
              "name": "DSA-4299",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4299"
            },
            {
              "name": "https://lists.debian.org/debian-security-announce/2018/msg00230.html",
              "refsource": "MISC",
              "url": "https://lists.debian.org/debian-security-announce/2018/msg00230.html"
            },
            {
              "name": "USN-3788-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3788-1/"
            },
            {
              "name": "USN-3788-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3788-2/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-17407",
    "datePublished": "2018-09-23T21:00:00.000Z",
    "dateReserved": "2018-09-23T00:00:00.000Z",
    "dateUpdated": "2024-08-05T10:47:04.498Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-10360 (GCVE-0-2018-10360)

Vulnerability from cvelistv5 – Published: 2018-06-11 10:00 – Updated: 2024-08-05 07:39

Summary

The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://usn.ubuntu.com/3686-1/	vendor-advisoryx_refsource_UBUNTU
	https://github.com/file/file/commit/a642587a9c9e2…	x_refsource_CONFIRM
	https://usn.ubuntu.com/3686-2/	vendor-advisoryx_refsource_UBUNTU
	https://security.gentoo.org/glsa/201806-08	vendor-advisoryx_refsource_GENTOO
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE

Date Public ?

2018-06-11 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:39:07.370Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3686-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3686-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22"
          },
          {
            "name": "USN-3686-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3686-2/"
          },
          {
            "name": "GLSA-201806-08",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201806-08"
          },
          {
            "name": "openSUSE-SU-2019:0345",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html"
          },
          {
            "name": "openSUSE-SU-2019:1197",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-06-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-12T11:06:03.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-3686-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3686-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22"
        },
        {
          "name": "USN-3686-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3686-2/"
        },
        {
          "name": "GLSA-201806-08",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201806-08"
        },
        {
          "name": "openSUSE-SU-2019:0345",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html"
        },
        {
          "name": "openSUSE-SU-2019:1197",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-10360",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3686-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3686-1/"
            },
            {
              "name": "https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22",
              "refsource": "CONFIRM",
              "url": "https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22"
            },
            {
              "name": "USN-3686-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3686-2/"
            },
            {
              "name": "GLSA-201806-08",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201806-08"
            },
            {
              "name": "openSUSE-SU-2019:0345",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html"
            },
            {
              "name": "openSUSE-SU-2019:1197",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-10360",
    "datePublished": "2018-06-11T10:00:00.000Z",
    "dateReserved": "2018-04-24T00:00:00.000Z",
    "dateUpdated": "2024-08-05T07:39:07.370Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-14850 (GCVE-0-2019-14850)

Vulnerability from cvelistv5 – Published: 2021-03-18 18:56 – Updated: 2024-08-05 00:26

Summary

A denial of service vulnerability was discovered in nbdkit 1.12.7, 1.14.1 and 1.15.1. An attacker could connect to the nbdkit service and cause it to perform a large amount of work in initializing backend plugins, by simply opening a connection to the service. This vulnerability could cause resource consumption and degradation of service in nbdkit, depending on the plugins configured on the server-side.

Severity ?

No CVSS data available.

CWE

CWE-406

Assigner

redhat

References

URL

Tags

	https://bugzilla.redhat.com/show_bug.cgi?id=1757258	x_refsource_MISC
	https://www.redhat.com/archives/libguestfs/2019-S…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	nbdkit	Affected: nbdkit 1.12.7, nbdkit 1.14.1, nbdkit 1.15.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:26:39.144Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757258"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/libguestfs/2019-September/msg00084.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "nbdkit",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "nbdkit 1.12.7, nbdkit 1.14.1, nbdkit 1.15.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A denial of service vulnerability was discovered in nbdkit 1.12.7, 1.14.1 and 1.15.1. An attacker could connect to the nbdkit service and cause it to perform a large amount of work in initializing backend plugins, by simply opening a connection to the service. This vulnerability could cause resource consumption and degradation of service in nbdkit, depending on the plugins configured on the server-side."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-406",
              "description": "CWE-406",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-03-18T18:56:42.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757258"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.redhat.com/archives/libguestfs/2019-September/msg00084.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2019-14850",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "nbdkit",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "nbdkit 1.12.7, nbdkit 1.14.1, nbdkit 1.15.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A denial of service vulnerability was discovered in nbdkit 1.12.7, 1.14.1 and 1.15.1. An attacker could connect to the nbdkit service and cause it to perform a large amount of work in initializing backend plugins, by simply opening a connection to the service. This vulnerability could cause resource consumption and degradation of service in nbdkit, depending on the plugins configured on the server-side."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-406"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1757258",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757258"
            },
            {
              "name": "https://www.redhat.com/archives/libguestfs/2019-September/msg00084.html",
              "refsource": "MISC",
              "url": "https://www.redhat.com/archives/libguestfs/2019-September/msg00084.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2019-14850",
    "datePublished": "2021-03-18T18:56:42.000Z",
    "dateReserved": "2019-08-10T00:00:00.000Z",
    "dateUpdated": "2024-08-05T00:26:39.144Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-9210 (GCVE-0-2019-9210)

Vulnerability from cvelistv5 – Published: 2019-02-27 14:00 – Updated: 2024-08-04 21:38

Summary

In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. (There is also a heap-based buffer over-read.)

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://lists.debian.org/debian-lts-announce/2019…	mailing-listx_refsource_MLIST
	https://sourceforge.net/p/advancemame/bugs/277/	x_refsource_MISC
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
	https://usn.ubuntu.com/3936-1/	vendor-advisoryx_refsource_UBUNTU
	https://usn.ubuntu.com/3936-2/	vendor-advisoryx_refsource_UBUNTU
	https://lists.debian.org/debian-lts-announce/2021…	mailing-listx_refsource_MLIST

Date Public ?

2019-02-27 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T21:38:46.577Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[debian-lts-announce] 20190302 [SECURITY] [DLA 1702-1] advancecomp security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00004.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://sourceforge.net/p/advancemame/bugs/277/"
          },
          {
            "name": "FEDORA-2019-ee98058a22",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R56LVWC7KUNXFRKQB3Y5NX2YHFJKYZB4/"
          },
          {
            "name": "USN-3936-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3936-1/"
          },
          {
            "name": "USN-3936-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3936-2/"
          },
          {
            "name": "[debian-lts-announce] 20211229 [SECURITY] [DLA 2868-1] advancecomp security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00034.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2019-02-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. (There is also a heap-based buffer over-read.)"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-12-29T23:06:32.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[debian-lts-announce] 20190302 [SECURITY] [DLA 1702-1] advancecomp security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00004.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://sourceforge.net/p/advancemame/bugs/277/"
        },
        {
          "name": "FEDORA-2019-ee98058a22",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R56LVWC7KUNXFRKQB3Y5NX2YHFJKYZB4/"
        },
        {
          "name": "USN-3936-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3936-1/"
        },
        {
          "name": "USN-3936-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3936-2/"
        },
        {
          "name": "[debian-lts-announce] 20211229 [SECURITY] [DLA 2868-1] advancecomp security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00034.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-9210",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer overflow upon encountering an invalid PNG size, which results in an attempted memcpy to write into a buffer that is too small. (There is also a heap-based buffer over-read.)"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[debian-lts-announce] 20190302 [SECURITY] [DLA 1702-1] advancecomp security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00004.html"
            },
            {
              "name": "https://sourceforge.net/p/advancemame/bugs/277/",
              "refsource": "MISC",
              "url": "https://sourceforge.net/p/advancemame/bugs/277/"
            },
            {
              "name": "FEDORA-2019-ee98058a22",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R56LVWC7KUNXFRKQB3Y5NX2YHFJKYZB4/"
            },
            {
              "name": "USN-3936-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3936-1/"
            },
            {
              "name": "USN-3936-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3936-2/"
            },
            {
              "name": "[debian-lts-announce] 20211229 [SECURITY] [DLA 2868-1] advancecomp security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2021/12/msg00034.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-9210",
    "datePublished": "2019-02-27T14:00:00.000Z",
    "dateReserved": "2019-02-27T00:00:00.000Z",
    "dateUpdated": "2024-08-04T21:38:46.577Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-1000801 (GCVE-0-2018-1000801)

Vulnerability from cvelistv5 – Published: 2018-09-06 18:00 – Updated: 2024-08-05 12:40

Summary

okular version 18.08 and earlier contains a Directory Traversal vulnerability in function "unpackDocumentArchive(...)" in "core/document.cpp" that can result in Arbitrary file creation on the user workstation. This attack appear to be exploitable via he victim must open a specially crafted Okular archive. This issue appears to have been corrected in version 18.08.1

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://lists.debian.org/debian-lts-announce/2018…	mailing-listx_refsource_MLIST
	https://cgit.kde.org/okular.git/commit/?id=8ff7ab…	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201811-08	vendor-advisoryx_refsource_GENTOO
	https://bugs.kde.org/show_bug.cgi?id=398096	x_refsource_CONFIRM
	https://www.debian.org/security/2018/dsa-4303	vendor-advisoryx_refsource_DEBIAN

Date Public ?

2018-08-31 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T12:40:47.881Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[debian-lts-announce] 20180923 [SECURITY] [DLA 1516-1] okular security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00027.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cgit.kde.org/okular.git/commit/?id=8ff7abc14d41906ad978b6bc67e69693863b9d47"
          },
          {
            "name": "GLSA-201811-08",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201811-08"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugs.kde.org/show_bug.cgi?id=398096"
          },
          {
            "name": "DSA-4303",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2018/dsa-4303"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "dateAssigned": "2018-09-03T00:00:00.000Z",
      "datePublic": "2018-08-31T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "okular version 18.08 and earlier contains a Directory Traversal vulnerability in function \"unpackDocumentArchive(...)\" in \"core/document.cpp\" that can result in Arbitrary file creation on the user workstation. This attack appear to be exploitable via he victim must open a specially crafted Okular archive. This issue appears to have been corrected in version 18.08.1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-11-10T10:57:02.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[debian-lts-announce] 20180923 [SECURITY] [DLA 1516-1] okular security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00027.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cgit.kde.org/okular.git/commit/?id=8ff7abc14d41906ad978b6bc67e69693863b9d47"
        },
        {
          "name": "GLSA-201811-08",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201811-08"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugs.kde.org/show_bug.cgi?id=398096"
        },
        {
          "name": "DSA-4303",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2018/dsa-4303"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "DATE_ASSIGNED": "2018-09-03T16:07:16.983221",
          "DATE_REQUESTED": "2018-09-01T10:41:39",
          "ID": "CVE-2018-1000801",
          "REQUESTER": "joran.herve@gmail.com",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "okular version 18.08 and earlier contains a Directory Traversal vulnerability in function \"unpackDocumentArchive(...)\" in \"core/document.cpp\" that can result in Arbitrary file creation on the user workstation. This attack appear to be exploitable via he victim must open a specially crafted Okular archive. This issue appears to have been corrected in version 18.08.1"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[debian-lts-announce] 20180923 [SECURITY] [DLA 1516-1] okular security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00027.html"
            },
            {
              "name": "https://cgit.kde.org/okular.git/commit/?id=8ff7abc14d41906ad978b6bc67e69693863b9d47",
              "refsource": "CONFIRM",
              "url": "https://cgit.kde.org/okular.git/commit/?id=8ff7abc14d41906ad978b6bc67e69693863b9d47"
            },
            {
              "name": "GLSA-201811-08",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201811-08"
            },
            {
              "name": "https://bugs.kde.org/show_bug.cgi?id=398096",
              "refsource": "CONFIRM",
              "url": "https://bugs.kde.org/show_bug.cgi?id=398096"
            },
            {
              "name": "DSA-4303",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2018/dsa-4303"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-1000801",
    "datePublished": "2018-09-06T18:00:00.000Z",
    "dateReserved": "2018-09-01T00:00:00.000Z",
    "dateUpdated": "2024-08-05T12:40:47.881Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-10245 (GCVE-0-2016-10245)

Vulnerability from cvelistv5 – Published: 2019-05-24 16:24 – Updated: 2024-08-06 03:14

Summary

Insufficient sanitization of the query parameter in templates/html/search_opensearch.php could lead to reflected cross-site scripting or iframe injection.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://bugzilla.gnome.org/show_bug.cgi?id=762934	x_refsource_MISC
	https://github.com/doxygen/doxygen/commit/1cc1ada…	x_refsource_MISC
	http://www.stack.nl/~dimitri/doxygen/manual/chang…	x_refsource_MISC
	http://www.securityfocus.com/bid/108476	vdb-entryx_refsource_BID
	https://lists.debian.org/debian-lts-announce/2019…	mailing-listx_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://usn.ubuntu.com/4002-1/	vendor-advisoryx_refsource_UBUNTU

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T03:14:42.797Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.gnome.org/show_bug.cgi?id=762934"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/doxygen/doxygen/commit/1cc1adad2de03a0f013881b8960daf89aa155081"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.stack.nl/~dimitri/doxygen/manual/changelog.html#log_1_8_12"
          },
          {
            "name": "108476",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108476"
          },
          {
            "name": "[debian-lts-announce] 20190531 [SECURITY] [DLA 1812-1] doxygen security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00046.html"
          },
          {
            "name": "openSUSE-SU-2019:1486",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00000.html"
          },
          {
            "name": "USN-4002-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4002-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Insufficient sanitization of the query parameter in templates/html/search_opensearch.php could lead to reflected cross-site scripting or iframe injection."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-03T14:06:11.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.gnome.org/show_bug.cgi?id=762934"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/doxygen/doxygen/commit/1cc1adad2de03a0f013881b8960daf89aa155081"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.stack.nl/~dimitri/doxygen/manual/changelog.html#log_1_8_12"
        },
        {
          "name": "108476",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108476"
        },
        {
          "name": "[debian-lts-announce] 20190531 [SECURITY] [DLA 1812-1] doxygen security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00046.html"
        },
        {
          "name": "openSUSE-SU-2019:1486",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00000.html"
        },
        {
          "name": "USN-4002-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4002-1/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2016-10245",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Insufficient sanitization of the query parameter in templates/html/search_opensearch.php could lead to reflected cross-site scripting or iframe injection."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.gnome.org/show_bug.cgi?id=762934",
              "refsource": "MISC",
              "url": "https://bugzilla.gnome.org/show_bug.cgi?id=762934"
            },
            {
              "name": "https://github.com/doxygen/doxygen/commit/1cc1adad2de03a0f013881b8960daf89aa155081",
              "refsource": "MISC",
              "url": "https://github.com/doxygen/doxygen/commit/1cc1adad2de03a0f013881b8960daf89aa155081"
            },
            {
              "name": "http://www.stack.nl/~dimitri/doxygen/manual/changelog.html#log_1_8_12",
              "refsource": "MISC",
              "url": "http://www.stack.nl/~dimitri/doxygen/manual/changelog.html#log_1_8_12"
            },
            {
              "name": "108476",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108476"
            },
            {
              "name": "[debian-lts-announce] 20190531 [SECURITY] [DLA 1812-1] doxygen security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00046.html"
            },
            {
              "name": "openSUSE-SU-2019:1486",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00000.html"
            },
            {
              "name": "USN-4002-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4002-1/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2016-10245",
    "datePublished": "2019-05-24T16:24:38.000Z",
    "dateReserved": "2017-03-07T00:00:00.000Z",
    "dateUpdated": "2024-08-06T03:14:42.797Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-11439 (GCVE-0-2018-11439)

Vulnerability from cvelistv5 – Published: 2018-05-30 13:00 – Updated: 2024-08-05 08:10

Summary

The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://lists.debian.org/debian-lts-announce/2018…	mailing-listx_refsource_MLIST
	http://seclists.org/fulldisclosure/2018/May/49	mailing-listx_refsource_FULLDISC
	https://lists.debian.org/debian-lts-announce/2021…	mailing-listx_refsource_MLIST

Date Public ?

2018-05-28 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:10:14.085Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1430-1] taglib security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00022.html"
          },
          {
            "name": "20180528 taglib 1.11.1 vuln",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2018/May/49"
          },
          {
            "name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2772-1] taglib security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-05-28T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-30T22:06:17.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1430-1] taglib security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00022.html"
        },
        {
          "name": "20180528 taglib 1.11.1 vuln",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2018/May/49"
        },
        {
          "name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2772-1] taglib security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00020.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-11439",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[debian-lts-announce] 20180718 [SECURITY] [DLA 1430-1] taglib security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00022.html"
            },
            {
              "name": "20180528 taglib 1.11.1 vuln",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2018/May/49"
            },
            {
              "name": "[debian-lts-announce] 20210930 [SECURITY] [DLA 2772-1] taglib security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2021/09/msg00020.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-11439",
    "datePublished": "2018-05-30T13:00:00.000Z",
    "dateReserved": "2018-05-24T00:00:00.000Z",
    "dateUpdated": "2024-08-05T08:10:14.085Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-12387 (GCVE-0-2019-12387)

Vulnerability from cvelistv5 – Published: 2019-06-10 11:34 – Updated: 2024-08-04 23:17

Summary

In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://labs.twistedmatrix.com/2019/06/twisted-19…	x_refsource_CONFIRM
	https://github.com/twisted/twisted/commit/6c61fc4…	x_refsource_CONFIRM
	https://twistedmatrix.com/pipermail/twisted-pytho…	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
	https://usn.ubuntu.com/4308-2/	vendor-advisoryx_refsource_UBUNTU
	https://usn.ubuntu.com/4308-1/	vendor-advisoryx_refsource_UBUNTU
	https://www.oracle.com/security-alerts/cpuapr2020.html	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:17:39.991Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://labs.twistedmatrix.com/2019/06/twisted-1921-released.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/twisted/twisted/commit/6c61fc4503ae39ab8ecee52d10f10ee2c371d7e2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://twistedmatrix.com/pipermail/twisted-python/2019-June/032352.html"
          },
          {
            "name": "openSUSE-SU-2019:1760",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00030.html"
          },
          {
            "name": "openSUSE-SU-2019:1785",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00042.html"
          },
          {
            "name": "FEDORA-2019-b67877d7c2",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2G5RPDQ4BNB336HL6WW5ZJ344MAWNN7N/"
          },
          {
            "name": "USN-4308-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4308-2/"
          },
          {
            "name": "USN-4308-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4308-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-04-15T21:06:50.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://labs.twistedmatrix.com/2019/06/twisted-1921-released.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/twisted/twisted/commit/6c61fc4503ae39ab8ecee52d10f10ee2c371d7e2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://twistedmatrix.com/pipermail/twisted-python/2019-June/032352.html"
        },
        {
          "name": "openSUSE-SU-2019:1760",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00030.html"
        },
        {
          "name": "openSUSE-SU-2019:1785",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00042.html"
        },
        {
          "name": "FEDORA-2019-b67877d7c2",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2G5RPDQ4BNB336HL6WW5ZJ344MAWNN7N/"
        },
        {
          "name": "USN-4308-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4308-2/"
        },
        {
          "name": "USN-4308-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4308-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-12387",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://labs.twistedmatrix.com/2019/06/twisted-1921-released.html",
              "refsource": "CONFIRM",
              "url": "https://labs.twistedmatrix.com/2019/06/twisted-1921-released.html"
            },
            {
              "name": "https://github.com/twisted/twisted/commit/6c61fc4503ae39ab8ecee52d10f10ee2c371d7e2",
              "refsource": "CONFIRM",
              "url": "https://github.com/twisted/twisted/commit/6c61fc4503ae39ab8ecee52d10f10ee2c371d7e2"
            },
            {
              "name": "https://twistedmatrix.com/pipermail/twisted-python/2019-June/032352.html",
              "refsource": "CONFIRM",
              "url": "https://twistedmatrix.com/pipermail/twisted-python/2019-June/032352.html"
            },
            {
              "name": "openSUSE-SU-2019:1760",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00030.html"
            },
            {
              "name": "openSUSE-SU-2019:1785",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00042.html"
            },
            {
              "name": "FEDORA-2019-b67877d7c2",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2G5RPDQ4BNB336HL6WW5ZJ344MAWNN7N/"
            },
            {
              "name": "USN-4308-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4308-2/"
            },
            {
              "name": "USN-4308-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4308-1/"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-12387",
    "datePublished": "2019-06-10T11:34:49.000Z",
    "dateReserved": "2019-05-28T00:00:00.000Z",
    "dateUpdated": "2024-08-04T23:17:39.991Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-10910 (GCVE-0-2018-10910)

Vulnerability from cvelistv5 – Published: 2019-01-28 15:00 – Updated: 2024-08-05 07:54

Summary

A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication. Versions before bluez 5.51 are vulnerable.

Severity ?

4.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L

CWE

CWE-863

Assigner

redhat

References

URL

Tags

	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2…	x_refsource_CONFIRM
	https://usn.ubuntu.com/3856-1/	vendor-advisoryx_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	The Bluez Project	bluez	Affected: before 5.51

Date Public ?

2019-01-28 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:54:35.295Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10910"
          },
          {
            "name": "USN-3856-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3856-1/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "bluez",
          "vendor": "The Bluez Project",
          "versions": [
            {
              "status": "affected",
              "version": "before 5.51"
            }
          ]
        }
      ],
      "datePublic": "2019-01-28T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication. Versions before bluez 5.51 are vulnerable."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 4.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-01-29T10:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10910"
        },
        {
          "name": "USN-3856-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3856-1/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2018-10910",
    "datePublished": "2019-01-28T15:00:00.000Z",
    "dateReserved": "2018-05-09T00:00:00.000Z",
    "dateUpdated": "2024-08-05T07:54:35.295Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-13038 (GCVE-0-2019-13038)

Vulnerability from cvelistv5 – Published: 2019-06-29 00:00 – Updated: 2024-08-04 23:41

Summary

mod_auth_mellon through 0.14.2 has an Open Redirect via the login?ReturnTo= substring, as demonstrated by omitting the // after http: in the target URL.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://usn.ubuntu.com/4291-1/	vendor-advisory
	https://www.oracle.com/security-alerts/cpuapr2022.html
	https://github.com/Uninett/mod_auth_mellon/issues…
	https://lists.debian.org/debian-lts-announce/2023…	mailing-list

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:41:10.031Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FEDORA-2019-e8d74ece30",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5E3JVHURJJNDP63CKVX5O5MJAGCQV4K/"
          },
          {
            "name": "FEDORA-2019-1444823e77",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XU5GVFZW3C2M4ZBL4F7UP7N24FNUCX4E/"
          },
          {
            "name": "USN-4291-1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4291-1/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/Uninett/mod_auth_mellon/issues/35#issuecomment-503974885"
          },
          {
            "name": "[debian-lts-announce] 20230312 [SECURITY] [DLA 3359-1] libapache2-mod-auth-mellon security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00010.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "mod_auth_mellon through 0.14.2 has an Open Redirect via the login?ReturnTo= substring, as demonstrated by omitting the // after http: in the target URL."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-12T00:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "FEDORA-2019-e8d74ece30",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5E3JVHURJJNDP63CKVX5O5MJAGCQV4K/"
        },
        {
          "name": "FEDORA-2019-1444823e77",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XU5GVFZW3C2M4ZBL4F7UP7N24FNUCX4E/"
        },
        {
          "name": "USN-4291-1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://usn.ubuntu.com/4291-1/"
        },
        {
          "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
        },
        {
          "url": "https://github.com/Uninett/mod_auth_mellon/issues/35#issuecomment-503974885"
        },
        {
          "name": "[debian-lts-announce] 20230312 [SECURITY] [DLA 3359-1] libapache2-mod-auth-mellon security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00010.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-13038",
    "datePublished": "2019-06-29T00:00:00.000Z",
    "dateReserved": "2019-06-29T00:00:00.000Z",
    "dateUpdated": "2024-08-04T23:41:10.031Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2019-3820 (GCVE-0-2019-3820)

Vulnerability from cvelistv5 – Published: 2019-02-06 20:00 – Updated: 2024-08-04 19:19

Summary

It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions.

Severity ?

4.8 (Medium)


                        
                          CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

CWE

CWE-285

Assigner

redhat

References

URL

Tags

	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2…	x_refsource_CONFIRM
	https://gitlab.gnome.org/GNOME/gnome-shell/issues/851	x_refsource_MISC
	https://usn.ubuntu.com/3966-1/	vendor-advisoryx_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE

Impacted products

	Vendor	Product	Version
	The Gnome Project	gnome-shell	Affected: since 3.15.91

Date Public ?

2019-02-06 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T19:19:18.588Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3820"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://gitlab.gnome.org/GNOME/gnome-shell/issues/851"
          },
          {
            "name": "USN-3966-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3966-1/"
          },
          {
            "name": "openSUSE-SU-2019:1529",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00023.html"
          },
          {
            "name": "openSUSE-SU-2019:1582",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00049.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "gnome-shell",
          "vendor": "The Gnome Project",
          "versions": [
            {
              "status": "affected",
              "version": "since 3.15.91"
            }
          ]
        }
      ],
      "datePublic": "2019-02-06T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "LOW",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-285",
              "description": "CWE-285",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-19T01:06:03.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3820"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gitlab.gnome.org/GNOME/gnome-shell/issues/851"
        },
        {
          "name": "USN-3966-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3966-1/"
        },
        {
          "name": "openSUSE-SU-2019:1529",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00023.html"
        },
        {
          "name": "openSUSE-SU-2019:1582",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00049.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2019-3820",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "gnome-shell",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "since 3.15.91"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "The Gnome Project"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions."
            }
          ]
        },
        "impact": {
          "cvss": [
            [
              {
                "vectorString": "4.8/CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
                "version": "3.0"
              }
            ]
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-285"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3820",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3820"
            },
            {
              "name": "https://gitlab.gnome.org/GNOME/gnome-shell/issues/851",
              "refsource": "MISC",
              "url": "https://gitlab.gnome.org/GNOME/gnome-shell/issues/851"
            },
            {
              "name": "USN-3966-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3966-1/"
            },
            {
              "name": "openSUSE-SU-2019:1529",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00023.html"
            },
            {
              "name": "openSUSE-SU-2019:1582",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00049.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2019-3820",
    "datePublished": "2019-02-06T20:00:00.000Z",
    "dateReserved": "2019-01-03T00:00:00.000Z",
    "dateUpdated": "2024-08-04T19:19:18.588Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2018-17828 (GCVE-0-2018-17828)

Vulnerability from cvelistv5 – Published: 2018-10-01 08:00 – Updated: 2024-08-05 10:54

Summary

Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to overwrite arbitrary files via a .. (dot dot) in a zip file, because of the function unzzip_cat in the bins/unzzipcat-mem.c file.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

https://github.com/gdraheim/zziplib/issues/62

x_refsource_MISC

Date Public ?

2018-09-30 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T10:54:10.901Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/gdraheim/zziplib/issues/62"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-09-30T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to overwrite arbitrary files via a .. (dot dot) in a zip file, because of the function unzzip_cat in the bins/unzzipcat-mem.c file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-01T07:57:02.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/gdraheim/zziplib/issues/62"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-17828",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to overwrite arbitrary files via a .. (dot dot) in a zip file, because of the function unzzip_cat in the bins/unzzipcat-mem.c file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/gdraheim/zziplib/issues/62",
              "refsource": "MISC",
              "url": "https://github.com/gdraheim/zziplib/issues/62"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-17828",
    "datePublished": "2018-10-01T08:00:00.000Z",
    "dateReserved": "2018-09-30T00:00:00.000Z",
    "dateUpdated": "2024-08-05T10:54:10.901Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2017-6519 (GCVE-0-2017-6519)

Vulnerability from cvelistv5 – Published: 2017-05-01 01:00 – Updated: 2025-12-03 21:57

Summary

avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information from the responding device via port-5353 UDP packets. NOTE: this may overlap CVE-2015-2809.

Severity ?

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/lathiat/avahi/issues/203#issue…	x_refsource_MISC
	https://usn.ubuntu.com/3876-1/	vendor-advisoryx_refsource_UBUNTU
	https://github.com/lathiat/avahi/issues/203	x_refsource_MISC
	https://bugzilla.redhat.com/show_bug.cgi?id=1426712	x_refsource_MISC
	https://usn.ubuntu.com/3876-2/	vendor-advisoryx_refsource_UBUNTU
	https://www.secfu.net/advisories	x_refsource_MISC
	https://lists.apache.org/thread.html/r1b103833cb5…	mailing-listx_refsource_MLIST

Date Public ?

2017-04-30 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:33:20.149Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/lathiat/avahi/issues/203#issuecomment-449536790"
          },
          {
            "name": "USN-3876-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3876-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/lathiat/avahi/issues/203"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1426712"
          },
          {
            "name": "USN-3876-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3876-2/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.secfu.net/advisories"
          },
          {
            "name": "[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.1,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2017-6519",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-03T21:57:26.854531Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-346",
                "description": "CWE-346 Origin Validation Error",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-03T21:57:30.030Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-04-30T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive  information from the responding device via port-5353 UDP packets.  NOTE: this may overlap CVE-2015-2809."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-29T11:06:42.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/lathiat/avahi/issues/203#issuecomment-449536790"
        },
        {
          "name": "USN-3876-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3876-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/lathiat/avahi/issues/203"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1426712"
        },
        {
          "name": "USN-3876-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3876-2/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.secfu.net/advisories"
        },
        {
          "name": "[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-6519",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive  information from the responding device via port-5353 UDP packets.  NOTE: this may overlap CVE-2015-2809."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/lathiat/avahi/issues/203#issuecomment-449536790",
              "refsource": "MISC",
              "url": "https://github.com/lathiat/avahi/issues/203#issuecomment-449536790"
            },
            {
              "name": "USN-3876-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3876-1/"
            },
            {
              "name": "https://github.com/lathiat/avahi/issues/203",
              "refsource": "MISC",
              "url": "https://github.com/lathiat/avahi/issues/203"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1426712",
              "refsource": "MISC",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1426712"
            },
            {
              "name": "USN-3876-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3876-2/"
            },
            {
              "name": "https://www.secfu.net/advisories",
              "refsource": "MISC",
              "url": "https://www.secfu.net/advisories"
            },
            {
              "name": "[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-6519",
    "datePublished": "2017-05-01T01:00:00.000Z",
    "dateReserved": "2017-03-07T00:00:00.000Z",
    "dateUpdated": "2025-12-03T21:57:30.030Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2018-10916 (GCVE-0-2018-10916)

Vulnerability from cvelistv5 – Published: 2018-08-01 14:00 – Updated: 2024-08-05 07:54

Summary

It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server, resulting in the removal of all files in the current working directory of the victim's system.

Severity ?

5.3 (Medium)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

CWE

CWE-20

Assigner

redhat

References

URL

Tags

	https://github.com/lavv17/lftp/issues/452	x_refsource_CONFIRM
	https://usn.ubuntu.com/3731-2/	vendor-advisoryx_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2…	x_refsource_CONFIRM
	https://github.com/lavv17/lftp/commit/a27e07d90a4…	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE

Impacted products

	Vendor	Product	Version
	[UNKNOWN]	lftp	Affected: up to and including 4.8.3

Date Public ?

2018-05-16 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T07:54:35.215Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/lavv17/lftp/issues/452"
          },
          {
            "name": "USN-3731-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3731-2/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10916"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/lavv17/lftp/commit/a27e07d90a4608ceaf928b1babb27d4d803e1992"
          },
          {
            "name": "openSUSE-SU-2019:1059",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00036.html"
          },
          {
            "name": "openSUSE-SU-2019:1110",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00010.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "lftp",
          "vendor": "[UNKNOWN]",
          "versions": [
            {
              "status": "affected",
              "version": "up to and including 4.8.3"
            }
          ]
        }
      ],
      "datePublic": "2018-05-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server, resulting in the removal of all files in the current working directory of the victim\u0027s system."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-02T17:06:09.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/lavv17/lftp/issues/452"
        },
        {
          "name": "USN-3731-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3731-2/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10916"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/lavv17/lftp/commit/a27e07d90a4608ceaf928b1babb27d4d803e1992"
        },
        {
          "name": "openSUSE-SU-2019:1059",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00036.html"
        },
        {
          "name": "openSUSE-SU-2019:1110",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00010.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2018-10916",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "lftp",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "up to and including 4.8.3"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "[UNKNOWN]"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server, resulting in the removal of all files in the current working directory of the victim\u0027s system."
            }
          ]
        },
        "impact": {
          "cvss": [
            [
              {
                "vectorString": "5.3/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
                "version": "3.0"
              }
            ]
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/lavv17/lftp/issues/452",
              "refsource": "CONFIRM",
              "url": "https://github.com/lavv17/lftp/issues/452"
            },
            {
              "name": "USN-3731-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3731-2/"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10916",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10916"
            },
            {
              "name": "https://github.com/lavv17/lftp/commit/a27e07d90a4608ceaf928b1babb27d4d803e1992",
              "refsource": "CONFIRM",
              "url": "https://github.com/lavv17/lftp/commit/a27e07d90a4608ceaf928b1babb27d4d803e1992"
            },
            {
              "name": "openSUSE-SU-2019:1059",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00036.html"
            },
            {
              "name": "openSUSE-SU-2019:1110",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00010.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2018-10916",
    "datePublished": "2018-08-01T14:00:00.000Z",
    "dateReserved": "2018-05-09T00:00:00.000Z",
    "dateUpdated": "2024-08-05T07:54:35.215Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2025-2548

CVE-2018-17407 (GCVE-0-2018-17407)

CVE-2018-10360 (GCVE-0-2018-10360)

CVE-2019-14850 (GCVE-0-2019-14850)

CVE-2019-9210 (GCVE-0-2019-9210)

CVE-2018-1000801 (GCVE-0-2018-1000801)

CVE-2016-10245 (GCVE-0-2016-10245)

CVE-2018-11439 (GCVE-0-2018-11439)

CVE-2019-12387 (GCVE-0-2019-12387)

CVE-2018-10910 (GCVE-0-2018-10910)

CVE-2019-13038 (GCVE-0-2019-13038)

CVE-2019-3820 (GCVE-0-2019-3820)

CVE-2018-17828 (GCVE-0-2018-17828)

CVE-2017-6519 (GCVE-0-2017-6519)

CVE-2018-10916 (GCVE-0-2018-10916)

Tags

Sightings

Nomenclature