cvelistv5 - CVE-2018-1000559

CVE-2018-1000559

Vulnerability from cvelistv5

Published

2018-06-26 16:00

Modified

2024-08-05 12:40

Severity ?

Summary

References

URL	Tags
cve@mitre.org	https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7	Patch, Third Party Advisory
cve@mitre.org	https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f	Patch, Third Party Advisory
cve@mitre.org	https://github.com/qutebrowser/qutebrowser/issues/4011	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/qutebrowser/qutebrowser/issues/4011	Exploit, Third Party Advisory

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T12:40:47.529Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/qutebrowser/qutebrowser/issues/4011"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "dateAssigned": "2018-06-23T00:00:00",
      "datePublic": "2018-06-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user\u0027s browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted \u003ctitle\u003e attribute, and then open the qute://history site via the :history command. This vulnerability appears to have been fixed in fixed in v1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7, to be released today) and v1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, released later this week)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-26T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/qutebrowser/qutebrowser/issues/4011"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "DATE_ASSIGNED": "2018-06-23T11:22:33.088364",
          "DATE_REQUESTED": "2018-06-21T21:08:17",
          "ID": "CVE-2018-1000559",
          "REQUESTER": "distributedweaknessfiling.org@the-compiler.org",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user\u0027s browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted \u003ctitle\u003e attribute, and then open the qute://history site via the :history command. This vulnerability appears to have been fixed in fixed in v1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7, to be released today) and v1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, released later this week)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7",
              "refsource": "MISC",
              "url": "https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7"
            },
            {
              "name": "https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f",
              "refsource": "MISC",
              "url": "https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f"
            },
            {
              "name": "https://github.com/qutebrowser/qutebrowser/issues/4011",
              "refsource": "MISC",
              "url": "https://github.com/qutebrowser/qutebrowser/issues/4011"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-1000559",
    "datePublished": "2018-06-26T16:00:00",
    "dateReserved": "2018-06-21T00:00:00",
    "dateUpdated": "2024-08-05T12:40:47.529Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-1000559\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-06-26T16:29:02.930\",\"lastModified\":\"2024-11-21T03:40:11.847\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user\u0027s browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted \u003ctitle\u003e attribute, and then open the qute://history site via the :history command. This vulnerability appears to have been fixed in fixed in v1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7, to be released today) and v1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, released later this week).\"},{\"lang\":\"es\",\"value\":\"La versi\u00f3n de qutebrowser introducida en v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contiene una vulnerabilidad Cross-Site Scripting (XSS) en el comando history en la p\u00e1gina qute://history, que puede resultar en que una p\u00e1gina web puede robar el historial de navegaci\u00f3n del usuario mediante la inyecci\u00f3n de c\u00f3digo JavaScript. Este ataque parece ser explotable si la v\u00edctima abre una p\u00e1gina con un atributo  especialmente manipulado y luego abre el sitio qute://history mediante el comando :history. La vulnerabilidad parece estar solucionada en la versi\u00f3n 1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7 que se publicar\u00e1 hoy) y la 1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, publicado despu\u00e9s en esta semana).\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qutebrowser:qutebrowser:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"0.11.0\",\"versionEndExcluding\":\"1.3.3\",\"matchCriteriaId\":\"CFB39485-955C-49D9-B865-88A021261DEE\"}]}]}],\"references\":[{\"url\":\"https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/qutebrowser/qutebrowser/issues/4011\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/qutebrowser/qutebrowser/issues/4011\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
  }
}

gsd-2018-1000559

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aliases

CVE-2018-1000559

Aliases

CVE-2018-1000559

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-1000559",
    "description": "qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user\u0027s browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted \u003ctitle\u003e attribute, and then open the qute://history site via the :history command. This vulnerability appears to have been fixed in fixed in v1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7, to be released today) and v1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, released later this week).",
    "id": "GSD-2018-1000559",
    "references": [
      "https://www.suse.com/security/cve/CVE-2018-1000559.html",
      "https://security.archlinux.org/CVE-2018-1000559"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-1000559"
      ],
      "details": "qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user\u0027s browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted \u003ctitle\u003e attribute, and then open the qute://history site via the :history command. This vulnerability appears to have been fixed in fixed in v1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7, to be released today) and v1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, released later this week).",
      "id": "GSD-2018-1000559",
      "modified": "2023-12-13T01:22:27.670255Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "DATE_ASSIGNED": "2018-06-23T11:22:33.088364",
        "DATE_REQUESTED": "2018-06-21T21:08:17",
        "ID": "CVE-2018-1000559",
        "REQUESTER": "distributedweaknessfiling.org@the-compiler.org",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user\u0027s browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted \u003ctitle\u003e attribute, and then open the qute://history site via the :history command. This vulnerability appears to have been fixed in fixed in v1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7, to be released today) and v1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, released later this week)."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7",
            "refsource": "MISC",
            "url": "https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7"
          },
          {
            "name": "https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f",
            "refsource": "MISC",
            "url": "https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f"
          },
          {
            "name": "https://github.com/qutebrowser/qutebrowser/issues/4011",
            "refsource": "MISC",
            "url": "https://github.com/qutebrowser/qutebrowser/issues/4011"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003e=0.11.0,\u003c1.3.3",
          "affected_versions": "All versions starting from 0.11.0 before 1.3.3",
          "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-79",
            "CWE-937"
          ],
          "date": "2018-08-31",
          "description": "qutebrowser contains a Cross Site Scripting (XSS) vulnerability in history command page (`qute://history`) enabling attackers to steal the browsing history",
          "fixed_versions": [
            "1.3.3"
          ],
          "identifier": "CVE-2018-1000559",
          "identifiers": [
            "CVE-2018-1000559"
          ],
          "not_impacted": "All versions before 0.11.0, all versions starting from 1.3.3",
          "package_slug": "pypi/qutebrowser",
          "pubdate": "2018-06-26",
          "solution": "Upgrade to version 1.3.3 or above.",
          "title": "Cross-site Scripting",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2018-1000559"
          ],
          "uuid": "e7feaa50-6f73-4815-8c9a-3b21e3a5a25d"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:qutebrowser:qutebrowser:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.3.3",
                "versionStartIncluding": "0.11.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-1000559"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user\u0027s browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted \u003ctitle\u003e attribute, and then open the qute://history site via the :history command. This vulnerability appears to have been fixed in fixed in v1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7, to be released today) and v1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, released later this week)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/qutebrowser/qutebrowser/issues/4011",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://github.com/qutebrowser/qutebrowser/issues/4011"
            },
            {
              "name": "https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f"
            },
            {
              "name": "https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 2.7
        }
      },
      "lastModifiedDate": "2018-08-31T13:19Z",
      "publishedDate": "2018-06-26T16:29Z"
    }
  }
}

ghsa-m4fw-77v7-924m

Vulnerability from github

Published

2018-09-13 15:47

Modified

2024-10-25 21:36

Severity ?

6.1 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
5.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

Summary

Qutebrowser XSS Vulnerability

Details

qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user's browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted <title> attribute, and then open the qute://history site via the :history command. This vulnerability appears to have been fixed in fixed in v1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7, to be released today) and v1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, released later this week).

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "qutebrowser"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.11.0"
            },
            {
              "fixed": "1.3.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2018-1000559"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:44:51Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "qutebrowser version introduced in v0.11.0 ([1179ee7a937fb31414d77d9970bac21095358449](https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f)) contains a Cross Site Scripting (XSS) vulnerability in history command, `qute://history` page that can result in Via injected JavaScript code, a website can steal the user\u0027s browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted `\u003ctitle\u003e` attribute, and then open the `qute://history` site via the `:history` command. This vulnerability appears to have been fixed in fixed in v1.3.3 ([4c9360237f186681b1e3f2a0f30c45161cf405c7](https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7), to be released today) and v1.4.0 ([5a7869f2feaa346853d2a85413d6527c87ef0d9f](https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f), released later this week).",
  "id": "GHSA-m4fw-77v7-924m",
  "modified": "2024-10-25T21:36:47Z",
  "published": "2018-09-13T15:47:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000559"
    },
    {
      "type": "WEB",
      "url": "https://github.com/qutebrowser/qutebrowser/issues/4011"
    },
    {
      "type": "WEB",
      "url": "https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7"
    },
    {
      "type": "WEB",
      "url": "https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-m4fw-77v7-924m"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/qutebrowser/PYSEC-2018-26.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/qutebrowser/qutebrowser"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Qutebrowser XSS Vulnerability"
}

pysec-2018-26

Vulnerability from pysec

Published

2018-06-26 16:29

Modified

2021-06-10 06:51

Details

qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user's browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted attribute, and then open the qute://history site via the :history command. This vulnerability appears to have been fixed in fixed in v1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7, to be released today) and v1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, released later this week).</p></div> </div> <div class="row"> <div class="col-md-2 fw-bold">Aliases</div> <div class="col"> <ul class="list-group list-group-flush"> <li class="list-group-item"><a href="/vuln/CVE-2018-1000559">CVE-2018-1000559</a></li> <li class="list-group-item"><a href="/vuln/GHSA-m4fw-77v7-924m">GHSA-m4fw-77v7-924m</a></li> </ul> </div> </div> <br /><br /> <div class="btn-group" role="group"> <a role="button" class="btn btn-primary" data-bs-toggle="collapse" data-bs-target="#collapseJsonpysec-2018-26" aria-expanded="false" aria-controls="collapseJsonpysec-2018-26"> JSON <svg class="bi" width="1em" height="1em" fill="currentColor"> <use xlink:href="/bootstrap/static/icons/bootstrap-icons.svg#chevron-down"/> </svg> </a> <div class="btn-group" role="group"> <button id="btnGroupDropShare" type="button" class="btn btn-primary" data-bs-toggle="dropdown" aria-expanded="false"> Share <svg class="bi" width="1em" height="1em" fill="currentColor"> <use xlink:href="/bootstrap/static/icons/bootstrap-icons.svg#chevron-down"/> </svg> </button> <ul class="dropdown-menu" aria-labelledby="btnGroupDropShare"> <li><a class="dropdown-item" href="https://news.ycombinator.com/submitlink?u=https://cve.circl.lu/vuln/pysec-2018-26&t=Vulnerability pysec-2018-26" target="_blank" title="Share on Hacker News">Hacker News</a></li> <li><a class="dropdown-item" href="https://www.linkedin.com/shareArticle?mini=true&url=https://cve.circl.lu/vuln/pysec-2018-26&title=Vulnerability pysec-2018-26" target="_blank" title="Share on LinkedIn">LinkedIn</a></li> <li><a class="dropdown-item" href="https://mastodonshare.com/?text=Vulnerability pysec-2018-26&url=https://cve.circl.lu/vuln/pysec-2018-26" target="_blank" title="Share on Mastodon">Mastodon</a></li> <li><a class="dropdown-item" href="https://www.newspipe.org/bookmark/bookmarklet?href=https://cve.circl.lu/vuln/pysec-2018-26&title=Vulnerability pysec-2018-26" target="_blank" title="Share on Newspipe">Newspipe</a></li> <li><a class="dropdown-item" href="https://api.pinboard.in/v1/posts/add?url=https://cve.circl.lu/vuln/pysec-2018-26&description=Vulnerability pysec-2018-26" target="_blank" title="Share on Pinboard">Pinboard</a></li> <li><a class="dropdown-item" href="https://reddit.com/submit?link=https://cve.circl.lu/vuln/pysec-2018-26&title=Vulnerability pysec-2018-26" target="_blank" title="Share on Reddit">Reddit</a></li> </ul> </div> <a type="button" class="btn btn-primary" title="Copy to clipboard" aria-label="Copy to clipboard" onclick="copyToClipboard('pysec-2018-26')" vuln-id="pysec-2018-26" href="#">To clipboard</a> </div> <div class="collapse" id="collapseJsonpysec-2018-26"> <br /> <div class="card card-body"> <pre class="json-container" id="containerpysec-2018-26">{ "affected": [ { "package": { "ecosystem": "PyPI", "name": "qutebrowser", "purl": "pkg:pypi/qutebrowser" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "5a7869f2feaa346853d2a85413d6527c87ef0d9f" }, { "fixed": "4c9360237f186681b1e3f2a0f30c45161cf405c7" } ], "repo": "https://github.com/qutebrowser/qutebrowser", "type": "GIT" }, { "events": [ { "introduced": "0.11.0" }, { "fixed": "1.3.3" } ], "type": "ECOSYSTEM" } ], "versions": [ "0.11.0", "0.11.1", "1.0.0", "1.0.1", "1.0.2", "1.0.3", "1.0.4", "1.1.0", "1.1.1", "1.1.2", "1.2.0", "1.2.1", "1.3.0", "1.3.1", "1.3.2" ] } ], "aliases": [ "CVE-2018-1000559", "GHSA-m4fw-77v7-924m" ], "details": "qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user\u0027s browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted \u003ctitle\u003e attribute, and then open the qute://history site via the :history command. This vulnerability appears to have been fixed in fixed in v1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7, to be released today) and v1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, released later this week).", "id": "PYSEC-2018-26", "modified": "2021-06-10T06:51:59.879286Z", "published": "2018-06-26T16:29:00Z", "references": [ { "type": "REPORT", "url": "https://github.com/qutebrowser/qutebrowser/issues/4011" }, { "type": "FIX", "url": "https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f" }, { "type": "FIX", "url": "https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7" }, { "type": "ADVISORY", "url": "https://github.com/advisories/GHSA-m4fw-77v7-924m" } ] }</pre> </div> </div> </div> </div> <br /> </div> <div class="tab-pane fade show" id="comments" role="tabpanel" aria-labelledby="comments-tab"> <br /> <div class="row"> <div class="col"> <p><a href="/user/login">Log in</a> or <a href="/user/signup">create an account</a> to share your comment.</p> </div> <div class="col text-end"> <a class="icon-link" href="/comments/feed.atom?vulnerability=CVE-2018-1000559" type="application/atom+xml" title="Atom feed"> <svg class="bi" width="1em" height="1em" fill="currentColor"> <use xlink:href="/bootstrap/static/icons/bootstrap-icons.svg#rss"/> </svg> </a> <a class="icon-link" href="/comments/feed.rss?vulnerability=CVE-2018-1000559" type="application/atom+xml" title="RSS feed"> <svg class="bi" width="1em" height="1em" fill="currentColor"> <use xlink:href="/bootstrap/static/icons/bootstrap-icons.svg#rss-fill"/> </svg> </a> </div> </div> <div class="collapse" id="newCommentCVE-2018-1000559"> <div class="row"> <div class="col-md-9"> <div id="editor"></div> </div> <div class="col"> <br /><br /><br /> <div class="card card-body my-3"> <h5>Tags</h5> <select class="form-multi-select" id="select-tags" size="9" multiple> <optgroup label="Exploitability" exclusive="true"> <option value="vulnerability:exploitability=industrialised">Industrialised</option> <option value="vulnerability:exploitability=customised">Customised</option> <option value="vulnerability:exploitability=documented">Documented</option> <option value="vulnerability:exploitability=theoretical">Theoretical</option> </optgroup> <optgroup label="Information" exclusive="false"> <option value="vulnerability:information=PoC">Proof-of-Concept</option> <option value="vulnerability:information=remediation">Remediation</option> <option value="vulnerability:information=annotation">Annotation</option> </optgroup> </select> <a href="https://www.misp-project.org/taxonomies.html#_vulnerability_3" rel="noreferrer" target="_blank">Taxonomy of the tags.</a> </div> <button class='btn btn-primary' id='savecomment' title="Save the comment">Save the comment</button> </div> </div> </div> <br /><br /> <div id="list-comments"> <div class="d-flex justify-content-center"> <div class="spinner-border" role="status"><span class="sr-only">Loading…</span></div> </div> </div> </div> <div class="tab-pane fade show" id="bundles" role="tabpanel" aria-labelledby="bundles-tab"> <br /> <div id="list-bundles"> <div class="d-flex justify-content-center"> <div class="spinner-border" role="status"><span class="sr-only">Loading…</span></div> </div> </div> </div> <div class="tab-pane fade show" id="sightings" role="tabpanel" aria-labelledby="sightings-tab"> <br /> <div class="row pb-3" id="sightings-pane-top"> <div class="col"> <a class="btn btn-primary" href="/sightings/?query=CVE-2018-1000559">All sightings related to this event</a> <a class="btn btn-primary" href="/sightings/misp_export?vulnerability=CVE-2018-1000559">Export sightings related to this event</a> </div> </div> <div id="chart-sightings"> <div class="d-flex justify-content-center"> <div class="spinner-border" role="status"><span class="sr-only">Loading…</span></div> </div> </div> <div id="sightingsChartContainer" class="chart-container pt-3"> <canvas id="sightingsChart" height="400"></canvas> </div> <div class="row"> <h3>Sightings</h3> <div class="table-responsive"> <table class="table"> <thead> <tr> <th scope="col">Author</th> <th scope="col">Source</th> <th scope="col">Type</th> <th scope="col">Date</th> </tr> </thead> <tbody id="sighting-table-body"></tbody> </table> </div> </div> <div id="chart-detailed-legend" class="row"> <h3>Nomenclature</h3> <div class="col-md-8"> <ul class="list-group list-group-flush"> <li class="list-group-item"><b>Seen</b>: The vulnerability was mentioned, discussed, or seen somewhere by the user.</li> <li class="list-group-item"><b>Confirmed</b>: The vulnerability is confirmed from an analyst perspective.</li> <li class="list-group-item"><b>Exploited</b>: This vulnerability was exploited and seen by the user reporting the sighting.</li> <li class="list-group-item"><b>Patched</b>: This vulnerability was successfully patched by the user reporting the sighting.</li> <li class="list-group-item"><b>Not exploited</b>: This vulnerability was not exploited or seen by the user reporting the sighting.</li> <li class="list-group-item"><b>Not confirmed</b>: The user expresses doubt about the veracity of the vulnerability.</li> <li class="list-group-item"><b>Not patched</b>: This vulnerability was not successfully patched by the user reporting the sighting.</li> </ul> </div> </div> </div> </div> <script> let easyMDE = null; let SCHEMA = null; let COMMENTS = {}; function openTabById(tabId) { const tabButton = document.querySelector(`button[data-bs-target="${tabId}"]`); if (tabButton) { const tab = new bootstrap.Tab(tabButton); tab.show(); } else { console.error(`Tab with ID ${tabId} not found.`); } } function getSelectValues(select) { var tags = []; var options = select && select.options; var opt; for (var i=0, iLen=options.length; i<iLen; i++) { opt = options[i]; if (opt.selected) { if (opt.parentNode.getAttribute("exclusive") == "true") { options1 = document.getElementById("select-tags").options; for (var j=0, jLen=options1.length; j<jLen; j++) { opt1 = options1[j]; if (opt1.parentNode.getAttribute("exclusive") == "true") { opt1.selected = false; } } opt.selected = true; } tags.push(opt.value || opt.text); } } var json = jsoneditor.getValue(); if (!("meta" in json)) { json["meta"] = [{"tags": tags}]; } else { json["meta"].forEach(function(value, index, array) { if ("tags" in value) { obj = {"tags": tags} json["meta"] = []; json["meta"] = [obj]; } }) } jsoneditor.setValue(json); } document.getElementById("select-tags").onclick= function (e) { getSelectValues(document.getElementById("select-tags")); }; function formatNumberWithPrecision(value, precision) { const formattedValue = parseFloat(value.toFixed(precision)); return formattedValue; } function RoundNumber(value) { return Math.round(value); } document.addEventListener("DOMContentLoaded", function() { // Enable tootips var tooltipTriggerList = [].slice.call(document.querySelectorAll('[data-bs-toggle="tooltip"]')) var tooltipList = tooltipTriggerList.map(function (tooltipTriggerEl) { return new bootstrap.Tooltip(tooltipTriggerEl) }) // Pretty print of JSON data in JSON containers var jsonContainers = document.querySelectorAll(".json-container"); Array.prototype.forEach.call(jsonContainers, function(jsonContainer) { jsonContainer.innerHTML = prettyPrintJson.toHtml(JSON.parse(jsonContainer.innerText)); }); // Open the tab specified with an anchor in the URL. const hash = window.location.hash; const tabButton = document.querySelector(`button[data-bs-target="${hash}"]`); if (tabButton) { const tab = new bootstrap.Tab(tabButton); tab.show(); selected_tab = tabButton.getAttribute("id"); switch (selected_tab) { case "comments-tab": loadComments(); break; case "bundles-tab": loadBundles(); break; case "sightings-tab": loadSightings(); break; default: openTabById("#related"); break; } } else { openTabById("#related"); } // Update the URL when a tab is clicked, for consistent behavior document.querySelectorAll('.nav-link[data-bs-toggle="tab"]').forEach(tabLink => { tabLink.addEventListener("shown.bs.tab", function(event) { history.replaceState(null, null, event.target.getAttribute("href")); }); }); // Retrieve the JSON schema for the comment and initialize the editor. fetch("/static/schemas/CIRCL/Security_Advisory_Comment.json") .then(response => response.json()) .then(result => { // initialize the JSON editor SCHEMA = result; initialize_editor(SCHEMA, {}); }).catch((error) => { console.error('Error:', error); }); // Retrieve the EPSS score epss_score_elem = document.getElementById("epss-score"); if (epss_score_elem) { fetch("/api/epss/CVE-2018-1000559") .then(response => response.json()) .then(result => { if (result.total >= 1) { document.getElementById("epss-score").parentNode.parentNode.removeAttribute("hidden"); document.getElementById("epss-score").innerText = (result.data[0].epss * 100).toFixed(2) + "%"; document.getElementById("epss-percentile").innerText = "(" + formatNumberWithPrecision(Number(result.data[0].percentile), 5) + ")"; } else { document.getElementById("epss-score").parentNode.parentNode.remove(); } }).catch((error) => { console.error('Error:', error); document.getElementById("epss-score").parentNode.parentNode.remove(); }); } }) // End DOMContentLoaded listener if (document.getElementById("deleteVulnerability")) { document.getElementById("deleteVulnerability").onclick = function(event) { if (!confirm('You are going to delete the vulnerability. Are you sure?')) { return; } var csrf_token = "ImYwYjljM2E3MzkxNzg1NWEzODg0ODZlNWVkZjgzZDkwNmJkMzhmMjUi.Z3fd5Q.CUzjXmTttW_u4IkHatueaZ0-xZY"; fetch("/api/vulnerability/CVE-2018-1000559", { method: "DELETE", headers: { 'Content-Type': 'application/json', 'X-CSRFToken': csrf_token } }) .then(response => { if (!response.ok) { console.log(response); } else { window.location="/recent"; } }) .catch((error) => { console.log(error); }); }; } function addSighting(originalEvent, source) { const clickedItem = originalEvent.target; var csrf_token = "ImYwYjljM2E3MzkxNzg1NWEzODg0ODZlNWVkZjgzZDkwNmJkMzhmMjUi.Z3fd5Q.CUzjXmTttW_u4IkHatueaZ0-xZY"; var json = {}; json["type"] = clickedItem.getAttribute("value"); json["vulnerability"] = "CVE-2018-1000559"; json["source"] = source; data = JSON.stringify(json); fetch("/api/sighting/", { method: "POST", headers: { 'Content-Type': 'application/json', 'X-CSRFToken': csrf_token }, body: data }) .then(res => { if (!res.ok) { res.json().then(json => { document.getElementById("modal-error-text").innerText = "Problem when saving sighting."; var modal = new bootstrap.Modal(document.getElementById('modalError'), {}); modal.show(); }); } else { loadSightings(); showToast("Success", "Sighting added successfully!"); openTabById("#sightings"); } }) .catch((error) => { console.log(error); }); }; // Function to display the modal function showModal(title, message, confirmCallback, event) { // Get modal elements const modal = new bootstrap.Modal(document.getElementById('sightingModal')); const modalTitle = document.getElementById('sightingModalLabel'); const modalMessage = document.getElementById('modalMessage'); const confirmButton = document.getElementById('sightingModalConfirm'); const sourceInput = document.getElementById('sourceInput'); // Set modal title and body message modalTitle.textContent = title; modalMessage.textContent = message; // Clear previous input value sourceInput.value = ''; // Remove any previous click event to avoid duplication confirmButton.replaceWith(confirmButton.cloneNode(true)); // Attach new event listener for confirmation button document.getElementById('sightingModalConfirm').addEventListener('click', () => { const source = sourceInput.value.trim(); confirmCallback(event, source); // Pass the source to the callback modal.hide(); }); // Show the modal modal.show(); } // Attach click event listener to sightings list const sightings_list = document.getElementById('sighting-list'); if (sightings_list) { sightings_list.addEventListener('click', function (event) { showModal( 'New Sighting', 'Are you sure you want to add this sighting?', addSighting, event ); }); } document.getElementById("savecomment").addEventListener("click", function(event) { var csrf_token = "ImYwYjljM2E3MzkxNzg1NWEzODg0ODZlNWVkZjgzZDkwNmJkMzhmMjUi.Z3fd5Q.CUzjXmTttW_u4IkHatueaZ0-xZY"; var json = jsoneditor.getValue(); json["description"] = easyMDE.value(); json["vulnerability"] = "CVE-2018-1000559"; data = JSON.stringify(json); fetch("/api/comment/", { method: "POST", headers: { 'Content-Type': 'application/json', 'X-CSRFToken': csrf_token }, body: data }) .then(res => { if (!res.ok) { res.json().then(json => { document.getElementById("modal-error-text").innerText = json['message']; var modal = new bootstrap.Modal(document.getElementById('modalError'), {}); modal.show(); }); } else { // reinitializes the form window.jsoneditor.setValue({}); easyMDE.value(""); // collapse the view which is containing the form new bootstrap.Collapse(document.getElementById("newCommentCVE-2018-1000559")); // load the updated list of comments loadComments(); showToast("Success", "Comment added successfully!"); } }) .catch((error) => { console.log(error); }); }); function copyToClipboard(vuln_id) { const copyText = document.getElementById("container"+vuln_id).textContent; const textArea = document.createElement('textarea'); textArea.textContent = copyText; navigator.clipboard.writeText(textArea.value).then(function() { /* clipboard successfully set */ showToast("Success", "Content copied to your clipboard."); }, function() { /* clipboard write failed */ }); } function loadComments() { COMMENTS = {}; var DateTime = luxon.DateTime; var converter = new showdown.Converter({tables: true, moreStyling: true}); var commentTemplate = _.template( '<div class="card markdown-description">' + '<div class="card-body">' + '<h5 class="card-title"><a href="/comment/<%= uuid %>"><%= title %></a></h5>' + '<p class="card-title">' + '<% _.forEach(tags, function(tag) ' + '{ %><span class="badge bg-primary"><a class="link-light" href="/comments/?meta=%5B%7B%22tags%22%3A%20%5B%22<%= tag %>%22%5D%7D%5D"><%= tag %></a></span> <% }); %>' + '</p>' + '<h6 class="card-subtitle mb-2 text-body-secondary"><%= timestamp %> by <a href="/user/<%= author_login %>"><%= author_name %></a></h6>' + '<p class="card-text"><%= description %></p>' + '<div class="btn-group" role="group">' + '<a role="button" class="btn btn-primary" data-bs-toggle="collapse" data-bs-target="#collapseJsonComment<%= uuid %>" aria-expanded="false" aria-controls="collapseJsonComment<%= uuid %>">JSON</a>' + '</div>' + '<div class="collapse" id="collapseJsonComment<%= uuid %>"><br /><pre class="json-container"><%= comment %></pre></div>' + '</div></div>' ); fetch("/api/comment/?vuln_id=CVE-2018-1000559") .then(response => response.json()) .then(result => { document.getElementById("list-comments").innerHTML = ""; document.getElementById("nb-comments").innerText = result.metadata.count; if (result.metadata.count == 0) { document.getElementById("list-comments").innerHTML = "<p>No comment for this vulnerability. Browse <a href='/comments'>all the comments</a>.</p>"; } result.data .sort(function (a, b) { return new Date(b.timestamp) - new Date(a.timestamp); }) .map(function (comment) { var author = comment.author delete comment.author; if (Array.isArray(comment["meta"]) && comment["meta"].length > 0) { var itemWithTags = comment.meta.find(item => item.tags); var tags = itemWithTags ? itemWithTags.tags : []; } else { var tags = []; } var cardHTML = commentTemplate({ 'comment': JSON.stringify(comment, null, 2), 'uuid': comment.uuid, 'title': comment.title, 'description': converter.makeHtml(comment.description), 'timestamp': DateTime.fromISO(comment.timestamp).toRelative(), 'author_name': author.name, 'author_login': author.login, 'tags': tags }); COMMENTS[comment.uuid] = comment; var element = document.createElement("div"); var element_br = document.createElement("br"); element.innerHTML = cardHTML; document.getElementById("list-comments").appendChild(element.firstChild); document.getElementById("list-comments").append(element_br); }) }) .then(_ => { setTimeout(() => { formatMarkdownOutput(); if (easyMDE === null) { easyMDE = new EasyMDE({ element: document.getElementById('root[description]'), autoRefresh: { delay: 300 }, toolbarButtonClassPrefix: "mde", toolbar: [ "bold", "italic", "heading", "|", "quote", "code", "table", "unordered-list", "ordered-list", "|", "link", "image", "|", "preview", "side-by-side", "fullscreen", "|" ] }); } }, 0); // 0ms delay still allows the browser to update the DOM return COMMENTS; }) .catch((error) => { console.error('Error:', error); }); } function initialize_editor(schema, json_object) { // Default starting schema if(!schema) { schema = {} } // Divs/textareas on the page var $schema = schema; var $output = document.getElementById('output'); var $editor = document.getElementById('editor'); // Default theme JSONEditor.defaults.options.theme = 'bootstrap5'; window.startval = json_object; var jsoneditor; var reload = function(keep_value) { var startval = (jsoneditor && keep_value)? jsoneditor.getValue() : window.startval; window.startval = undefined; if (jsoneditor) { jsoneditor.destroy(); } jsoneditor = new JSONEditor($editor, { // The schema for the editor schema: schema, // Remove collapse button disable_collapse: true, // Seed the form with a starting value startval: startval, // Enable fetching schemas via ajax ajax: true, // Disable additional properties no_additional_properties: false, // Require all properties by default required_by_default: true, show_opt_in: false, disable_edit_json: true, theme: "bootstrap5", object_background: document.documentElement.getAttribute("data-bs-theme") == "dark" ? "bg-dark" : "bg-light", }); window.jsoneditor = jsoneditor; // When the value of the editor changes, update the JSON output and validation message jsoneditor.on('change',function() { var json = jsoneditor.getValue(); }); }; // Start the schema and output textareas with initial values $schema.value = JSON.stringify(schema, null, 2); reload(); }; function loadBundles() { var DateTime = luxon.DateTime; var converter = new showdown.Converter({tables: true, moreStyling: true}); var bundleTemplate = _.template( '<div class="card markdown-description">' + '<div class="card-body">' + '<h5 class="card-title"><a href="/bundle/<%= uuid %>"><%= name %></a></h5>' + '<h6 class="card-subtitle mb-2 text-body-secondary"><%= timestamp %> by <a href="/user/<%= author_login %>"><%= author_name %></a></h6>' + '<p class="card-text"><%= description %></p>' + '<h5 class="card-text">Related vulnerabilities</h5>' + '<div class="card" >' + '<ul class="list-group list-group-flush">' + '<% _.forEach(related_vulnerabilities, function(vuln) ' + '{ %><li class="list-group-item"><a href="/vuln/<%= vuln %>"><%- vuln %></a></li><% }); %>' + '</ul>' + '</div>' + '</div>'); fetch("/api/bundle/?vuln_id=CVE-2018-1000559") .then(response => response.json()) .then(result => { document.getElementById("list-bundles").innerHTML = "<p>Bundles referring to this vulnerability.</p>"; if (result.metadata.count == 0) { document.getElementById("list-bundles").innerHTML = "<p>This vulnerability is not linked to any bundle.</p>"; } result.data .sort(function (a, b) { return new Date(b.updated_at) - new Date(a.updated_at); }) .map(function (bundle) { var author = bundle.author delete bundle.author; var cardHTML = bundleTemplate({ 'uuid': bundle.uuid, 'name': bundle.name, 'description': converter.makeHtml(bundle.description), 'timestamp': DateTime.fromISO(bundle.timestamp).toRelative(), 'related_vulnerabilities': bundle.related_vulnerabilities.map(v => v.toLowerCase()), 'author_name': author.name, 'author_login': author.login }); var element = document.createElement("div"); var element_br = document.createElement("br"); element.innerHTML = cardHTML; document.getElementById("list-bundles").appendChild(element.firstChild); document.getElementById("list-bundles").append(element_br); }) }) .then(_ => { setTimeout(() => { formatMarkdownOutput(); }, 0); // 0ms delay still allows the browser to update the DOM }) .catch((error) => { console.error('Error:', error); }); }; function loadSightings() { fetch("/api/sighting/?vuln_id=CVE-2018-1000559&date_from=1970-01-01") .then(response => response.json()) .then(result => { document.getElementById("nb-sightings").innerText = result.metadata.count; if (result.metadata.count == 0) { document.getElementById("sightings-pane-top").style.display = 'none'; document.getElementById("chart-sightings").innerHTML = "<p>No sightings for this vulnerability.</p>"; document.getElementById("sightingsChartContainer").style.display = 'none'; document.getElementById("chart-detailed-legend").style.display = 'none'; } else{ drawBarChart(result.data); document.getElementById("sightings-pane-top").style.display = 'block'; document.getElementById("chart-sightings").innerHTML = "<h3>Evolution of sightings over time</h3>"; document.getElementById("sightingsChartContainer").style.display = 'block'; document.getElementById("chart-detailed-legend").style.display = 'block'; // clear the table const tableBody = document.getElementById("sighting-table-body"); while (tableBody.firstChild) { tableBody.removeChild(tableBody.firstChild); } result.data .sort(function (a, b) { return new Date(b.creation_timestamp) - new Date(a.creation_timestamp); }) .map(function (sighting) { const row = document.createElement('tr'); // Create a table row // Create and append the Author cell const authorCell = document.createElement('td'); // authorCell.textContent = sighting.author.login; authorCell.innerHTML = '<a href="/user/'+sighting.author.login+'">'+sighting.author.login+'</a>'; row.appendChild(authorCell); // Create and append the Source cell const sourceCell = document.createElement('td'); if (isValidURL(sighting.source)) { sourceCell.innerHTML = '<a href="'+sighting.source+'" rel="noreferrer" target="_blank">'+sighting.source+'</a>'; } else { sourceCell.textContent = sighting.source; } row.appendChild(sourceCell); // Create and append the Type cell const typeCell = document.createElement('td'); typeCell.textContent = sighting.type; row.appendChild(typeCell); // Create and append the Date cell const dateCell = document.createElement('td'); dateCell.classList.add('datetime'); dateCell.textContent = sighting.creation_timestamp; dateCell.title = sighting.creation_timestamp; row.appendChild(dateCell); document.getElementById("sighting-table-body").appendChild(row); }) var DateTime = luxon.DateTime; elements = document.getElementsByClassName("datetime"); Array.prototype.forEach.call(elements, function(element) { element.textContent = DateTime.fromISO(element.textContent).toRelative() }); } }) .catch((error) => { console.error('Error:', error); }); }; document.getElementById("btnThemeSwitch").addEventListener("click",()=>{ if (document.documentElement.getAttribute("data-bs-theme") == "dark") { Array.from(document.getElementsByClassName("card")).forEach(container => { container.classList.remove("bg-dark"); container.classList.add("bg-light"); }); } else { Array.from(document.getElementsByClassName("card")).forEach(container => { container.classList.remove("bg-light"); container.classList.add("bg-dark"); }); } }) </script> </div> </main> <footer class="footer bg-light"> <div class="container"> <div class="row"> <div class="col d-none d-md-block"> <div class="d-flex justify-content-start"> <span class="text-muted"><a href="https://www.circl.lu" rel="noreferrer" target="_blank">Computer Incident Response Center Luxembourg (CIRCL)</a></span> </div> </div> <div class="col"> <div class="d-flex justify-content-end"> <a class="text-end d-none d-md-block" href="https://vulnerability.circl.lu/dumps/">Dumps</a> <a class="text-end" href="/users/">Contributors</a> <a class="text-end" href="/documentation/">Documentation</a> <a class="text-end" href="/api/">API</a> <a class="text-end" href="/about">About</a> <a class="text-end" href="https://github.com/cve-search/vulnerability-lookup" title="Source code of Vulnerability-Lookup" target="_blank"> <svg class="bi" width="1em" height="1em" fill="currentColor"> <use xlink:href="/bootstrap/static/icons/bootstrap-icons.svg#github"/> </svg> </a> </div> </div> </div> </div> </footer>  <script src="/bootstrap/static/umd/popper.min.js"></script> <script src="/bootstrap/static/js/bootstrap.min.js"></script> <script> if (getCookie("theme") == 'light') { document.getElementById('btnThemeSwitch').innerHTML = '<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-moon-stars-fill" viewBox="0 0 16 16"><path d="M6 .278a.77.77 0 0 1 .08.858 7.2 7.2 0 0 0-.878 3.46c0 4.021 3.278 7.277 7.318 7.277q.792-.001 1.533-.16a.79.79 0 0 1 .81.316.73.73 0 0 1-.031.893A8.35 8.35 0 0 1 8.344 16C3.734 16 0 12.286 0 7.71 0 4.266 2.114 1.312 5.124.06A.75.75 0 0 1 6 .278"/><path d="M10.794 3.148a.217.217 0 0 1 .412 0l.387 1.162c.173.518.579.924 1.097 1.097l1.162.387a.217.217 0 0 1 0 .412l-1.162.387a1.73 1.73 0 0 0-1.097 1.097l-.387 1.162a.217.217 0 0 1-.412 0l-.387-1.162A1.73 1.73 0 0 0 9.31 6.593l-1.162-.387a.217.217 0 0 1 0-.412l1.162-.387a1.73 1.73 0 0 0 1.097-1.097zM13.863.099a.145.145 0 0 1 .274 0l.258.774c.115.346.386.617.732.732l.774.258a.145.145 0 0 1 0 .274l-.774.258a1.16 1.16 0 0 0-.732.732l-.258.774a.145.145 0 0 1-.274 0l-.258-.774a1.16 1.16 0 0 0-.732-.732l-.774-.258a.145.145 0 0 1 0-.274l.774-.258c.346-.115.617-.386.732-.732z"/></svg>'; document.getElementById('vulnerability-lookup-logo').src = '/static/img/VL-hori-coul.png'; document.getElementById('btnThemeSwitch').setAttribute('title', 'Switch to dark theme'); } else { document.getElementById('btnThemeSwitch').innerHTML = '<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-sun-fill" viewBox="0 0 16 16"><path d="M8 12a4 4 0 1 0 0-8 4 4 0 0 0 0 8M8 0a.5.5 0 0 1 .5.5v2a.5.5 0 0 1-1 0v-2A.5.5 0 0 1 8 0m0 13a.5.5 0 0 1 .5.5v2a.5.5 0 0 1-1 0v-2A.5.5 0 0 1 8 13m8-5a.5.5 0 0 1-.5.5h-2a.5.5 0 0 1 0-1h2a.5.5 0 0 1 .5.5M3 8a.5.5 0 0 1-.5.5h-2a.5.5 0 0 1 0-1h2A.5.5 0 0 1 3 8m10.657-5.657a.5.5 0 0 1 0 .707l-1.414 1.415a.5.5 0 1 1-.707-.708l1.414-1.414a.5.5 0 0 1 .707 0m-9.193 9.193a.5.5 0 0 1 0 .707L3.05 13.657a.5.5 0 0 1-.707-.707l1.414-1.414a.5.5 0 0 1 .707 0m9.193 2.121a.5.5 0 0 1-.707 0l-1.414-1.414a.5.5 0 0 1 .707-.707l1.414 1.414a.5.5 0 0 1 0 .707M4.464 4.465a.5.5 0 0 1-.707 0L2.343 3.05a.5.5 0 1 1 .707-.707l1.414 1.414a.5.5 0 0 1 0 .708"/></svg>'; document.getElementById('vulnerability-lookup-logo').src = '/static/img/VL-hori-white-coul.png'; document.getElementById('btnThemeSwitch').setAttribute('title', 'Switch to light theme'); } document.addEventListener("DOMContentLoaded", function() { document.getElementById('btnThemeSwitch').addEventListener('click',()=>{ if (document.documentElement.getAttribute('data-bs-theme') == 'dark') { document.documentElement.setAttribute('data-bs-theme','light') document.getElementById('btnThemeSwitch').innerHTML = '<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-moon-stars-fill" viewBox="0 0 16 16"><path d="M6 .278a.77.77 0 0 1 .08.858 7.2 7.2 0 0 0-.878 3.46c0 4.021 3.278 7.277 7.318 7.277q.792-.001 1.533-.16a.79.79 0 0 1 .81.316.73.73 0 0 1-.031.893A8.35 8.35 0 0 1 8.344 16C3.734 16 0 12.286 0 7.71 0 4.266 2.114 1.312 5.124.06A.75.75 0 0 1 6 .278"/><path d="M10.794 3.148a.217.217 0 0 1 .412 0l.387 1.162c.173.518.579.924 1.097 1.097l1.162.387a.217.217 0 0 1 0 .412l-1.162.387a1.73 1.73 0 0 0-1.097 1.097l-.387 1.162a.217.217 0 0 1-.412 0l-.387-1.162A1.73 1.73 0 0 0 9.31 6.593l-1.162-.387a.217.217 0 0 1 0-.412l1.162-.387a1.73 1.73 0 0 0 1.097-1.097zM13.863.099a.145.145 0 0 1 .274 0l.258.774c.115.346.386.617.732.732l.774.258a.145.145 0 0 1 0 .274l-.774.258a1.16 1.16 0 0 0-.732.732l-.258.774a.145.145 0 0 1-.274 0l-.258-.774a1.16 1.16 0 0 0-.732-.732l-.774-.258a.145.145 0 0 1 0-.274l.774-.258c.346-.115.617-.386.732-.732z"/></svg>'; document.getElementById('vulnerability-lookup-logo').src = '/static/img/VL-hori-coul.png'; document.getElementById('btnThemeSwitch').setAttribute('title', 'Switch to dark theme'); document.cookie = "theme=light; path=/; SameSite=Strict"; } else { document.documentElement.setAttribute('data-bs-theme','dark'); document.getElementById('btnThemeSwitch').innerHTML = '<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-sun-fill" viewBox="0 0 16 16"><path d="M8 12a4 4 0 1 0 0-8 4 4 0 0 0 0 8M8 0a.5.5 0 0 1 .5.5v2a.5.5 0 0 1-1 0v-2A.5.5 0 0 1 8 0m0 13a.5.5 0 0 1 .5.5v2a.5.5 0 0 1-1 0v-2A.5.5 0 0 1 8 13m8-5a.5.5 0 0 1-.5.5h-2a.5.5 0 0 1 0-1h2a.5.5 0 0 1 .5.5M3 8a.5.5 0 0 1-.5.5h-2a.5.5 0 0 1 0-1h2A.5.5 0 0 1 3 8m10.657-5.657a.5.5 0 0 1 0 .707l-1.414 1.415a.5.5 0 1 1-.707-.708l1.414-1.414a.5.5 0 0 1 .707 0m-9.193 9.193a.5.5 0 0 1 0 .707L3.05 13.657a.5.5 0 0 1-.707-.707l1.414-1.414a.5.5 0 0 1 .707 0m9.193 2.121a.5.5 0 0 1-.707 0l-1.414-1.414a.5.5 0 0 1 .707-.707l1.414 1.414a.5.5 0 0 1 0 .707M4.464 4.465a.5.5 0 0 1-.707 0L2.343 3.05a.5.5 0 1 1 .707-.707l1.414 1.414a.5.5 0 0 1 0 .708"/></svg>'; document.getElementById('vulnerability-lookup-logo').src = '/static/img/VL-hori-white-coul.png'; document.getElementById('btnThemeSwitch').setAttribute('title', 'Switch to light theme'); document.cookie = "theme=dark; path=/; SameSite=Strict"; } }) }); </script> </body> </html>

Action not permitted

CVE-2018-1000559

Vulnerability from cvelistv5

gsd-2018-1000559

Vulnerability from gsd

ghsa-m4fw-77v7-924m

Vulnerability from github

pysec-2018-26

Vulnerability from pysec