Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-12761 (GCVE-0-2019-12761)
Vulnerability from cvelistv5
- n/a
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T23:32:54.641Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://gist.github.com/dhondta/b45cd41f4186110a354dc7272916feba" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://snyk.io/vuln/SNYK-PYTHON-PYXDG-174562" }, { "name": "[debian-lts-announce] 20190616 [SECURITY] [DLA 1819-1] pyxdg security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00006.html" }, { "name": "[debian-lts-announce] 20210803 [SECURITY] [DLA 2727-1] pyxdg security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00003.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in xdg/Menu.py before an eval call." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-08-03T14:06:14", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://gist.github.com/dhondta/b45cd41f4186110a354dc7272916feba" }, { "tags": [ "x_refsource_MISC" ], "url": "https://snyk.io/vuln/SNYK-PYTHON-PYXDG-174562" }, { "name": "[debian-lts-announce] 20190616 [SECURITY] [DLA 1819-1] pyxdg security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00006.html" }, { "name": "[debian-lts-announce] 20210803 [SECURITY] [DLA 2727-1] pyxdg security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00003.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-12761", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in xdg/Menu.py before an eval call." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://gist.github.com/dhondta/b45cd41f4186110a354dc7272916feba", "refsource": "MISC", "url": "https://gist.github.com/dhondta/b45cd41f4186110a354dc7272916feba" }, { "name": "https://snyk.io/vuln/SNYK-PYTHON-PYXDG-174562", "refsource": "MISC", "url": "https://snyk.io/vuln/SNYK-PYTHON-PYXDG-174562" }, { "name": "[debian-lts-announce] 20190616 [SECURITY] [DLA 1819-1] pyxdg security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00006.html" }, { "name": "[debian-lts-announce] 20210803 [SECURITY] [DLA 2727-1] pyxdg security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00003.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-12761", "datePublished": "2019-06-06T18:55:27", "dateReserved": "2019-06-06T00:00:00", "dateUpdated": "2024-08-04T23:32:54.641Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2019-12761\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-06-06T19:29:00.533\",\"lastModified\":\"2024-11-21T04:23:31.233\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in xdg/Menu.py before an eval call.\"},{\"lang\":\"es\",\"value\":\"Se descubri\u00f3 un problema de inyecci\u00f3n de c\u00f3digo en PyXDG antes de 0.26 a trav\u00e9s del c\u00f3digo Python creado en un elemento de Categor\u00eda de un documento de Men\u00fa XML en un archivo .men\u00fa. XDG_CONFIG_DIRS debe configurarse para activar el an\u00e1lisis xdg.Menu.parse dentro del directorio que contiene este archivo. Esto es debido a la falta de desinfecci\u00f3n en xdg / Menu.py antes de una llamada de evaluaci\u00f3n.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:P/I:P/A:P\",\"baseScore\":5.1,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":4.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:python:pyxdg:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.26\",\"matchCriteriaId\":\"49D2B0BB-1F21-4EB5-A39A-E2B8DA2B718B\"}]}]}],\"references\":[{\"url\":\"https://gist.github.com/dhondta/b45cd41f4186110a354dc7272916feba\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/06/msg00006.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/08/msg00003.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://snyk.io/vuln/SNYK-PYTHON-PYXDG-174562\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://gist.github.com/dhondta/b45cd41f4186110a354dc7272916feba\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/06/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/08/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://snyk.io/vuln/SNYK-PYTHON-PYXDG-174562\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}" } }
cnvd-2019-21109
Vulnerability from cnvd
厂商已发布了漏洞修复程序,请及时关注更新: http://freedesktop.org/wiki/Software/pyxdg
Name | PyXDG PyXDG <0.26 |
---|
{ "cves": { "cve": { "cveNumber": "CVE-2019-12761" } }, "description": "PyXDG\u662f\u4e00\u4e2a\u8bbf\u95eefreedesktop.org\u6807\u51c6\u7684python\u5e93\u3002\n\nPyXDG 0.26\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u4ee3\u7801\u6ce8\u5165\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u751f\u6210\u975e\u6cd5\u7684\u4ee3\u7801\u6bb5\uff0c\u4fee\u6539\u7f51\u7edc\u7cfb\u7edf\u6216\u7ec4\u4ef6\u7684\u9884\u671f\u7684\u6267\u884c\u63a7\u5236\u6d41\u3002", "discovererName": "unknown", "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttp://freedesktop.org/wiki/Software/pyxdg", "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e", "number": "CNVD-2019-21109", "openTime": "2019-07-04", "patchDescription": "PyXDG\u662f\u4e00\u4e2a\u8bbf\u95eefreedesktop.org\u6807\u51c6\u7684python\u5e93\u3002\r\n\r\nPyXDG 0.26\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u4ee3\u7801\u6ce8\u5165\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u751f\u6210\u975e\u6cd5\u7684\u4ee3\u7801\u6bb5\uff0c\u4fee\u6539\u7f51\u7edc\u7cfb\u7edf\u6216\u7ec4\u4ef6\u7684\u9884\u671f\u7684\u6267\u884c\u63a7\u5236\u6d41\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002", "patchName": "PyXDG\u4ee3\u7801\u6ce8\u5165\u6f0f\u6d1e\u7684\u8865\u4e01", "products": { "product": "PyXDG PyXDG \u003c0.26" }, "referenceLink": "https://snyk.io/vuln/SNYK-PYTHON-PYXDG-174562\r\nhttps://gist.github.com/dhondta/b45cd41f4186110a354dc7272916feba", "serverity": "\u4e2d", "submitTime": "2019-06-10", "title": "PyXDG\u4ee3\u7801\u6ce8\u5165\u6f0f\u6d1e" }
pysec-2019-199
Vulnerability from pysec
A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in xdg/Menu.py before an eval call.
Name | purl | pyxdg | pkg:pypi/pyxdg |
---|
{ "affected": [ { "package": { "ecosystem": "PyPI", "name": "pyxdg", "purl": "pkg:pypi/pyxdg" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0.26" } ], "type": "ECOSYSTEM" } ], "versions": [ "0.19", "0.20", "0.21", "0.22", "0.23", "0.24", "0.25" ] } ], "aliases": [ "CVE-2019-12761", "SNYK-PYTHON-PYXDG-174562", "GHSA-r6v3-hpxj-r8rv" ], "details": "A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in xdg/Menu.py before an eval call.", "id": "PYSEC-2019-199", "modified": "2021-08-27T03:22:18.878765Z", "published": "2019-06-06T19:29:00Z", "references": [ { "type": "ADVISORY", "url": "https://snyk.io/vuln/SNYK-PYTHON-PYXDG-174562" }, { "type": "WEB", "url": "https://gist.github.com/dhondta/b45cd41f4186110a354dc7272916feba" }, { "type": "WEB", "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00006.html" }, { "type": "ADVISORY", "url": "https://github.com/advisories/GHSA-r6v3-hpxj-r8rv" } ] }
ghsa-r6v3-hpxj-r8rv
Vulnerability from github
A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in xdg/Menu.py before an eval call.
{ "affected": [ { "package": { "ecosystem": "PyPI", "name": "pyxdg" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0.26" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2019-12761" ], "database_specific": { "cwe_ids": [ "CWE-94" ], "github_reviewed": true, "github_reviewed_at": "2019-06-07T10:24:55Z", "nvd_published_at": "2019-06-06T19:29:00Z", "severity": "HIGH" }, "details": "A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in xdg/Menu.py before an eval call.", "id": "GHSA-r6v3-hpxj-r8rv", "modified": "2024-10-15T16:41:13Z", "published": "2019-06-07T20:56:27Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12761" }, { "type": "WEB", "url": "https://gist.github.com/dhondta/b45cd41f4186110a354dc7272916feba" }, { "type": "WEB", "url": "https://github.com/pypa/advisory-database/tree/main/vulns/pyxdg/PYSEC-2019-199.yaml" }, { "type": "PACKAGE", "url": "https://github.com/takluyver/pyxdg" }, { "type": "WEB", "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00006.html" }, { "type": "WEB", "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00003.html" }, { "type": "WEB", "url": "https://snyk.io/vuln/SNYK-PYTHON-PYXDG-174562" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ], "summary": "Code Injection in PyXDG" }
fkie_cve-2019-12761
Vulnerability from fkie_nvd
URL | Tags | ||
---|---|---|---|
cve@mitre.org | https://gist.github.com/dhondta/b45cd41f4186110a354dc7272916feba | Exploit, Third Party Advisory | |
cve@mitre.org | https://lists.debian.org/debian-lts-announce/2019/06/msg00006.html | ||
cve@mitre.org | https://lists.debian.org/debian-lts-announce/2021/08/msg00003.html | ||
cve@mitre.org | https://snyk.io/vuln/SNYK-PYTHON-PYXDG-174562 | Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://gist.github.com/dhondta/b45cd41f4186110a354dc7272916feba | Exploit, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2019/06/msg00006.html | ||
af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2021/08/msg00003.html | ||
af854a3a-2127-422b-91ae-364da2661108 | https://snyk.io/vuln/SNYK-PYTHON-PYXDG-174562 | Third Party Advisory |
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:python:pyxdg:*:*:*:*:*:*:*:*", "matchCriteriaId": "49D2B0BB-1F21-4EB5-A39A-E2B8DA2B718B", "versionEndExcluding": "0.26", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in xdg/Menu.py before an eval call." }, { "lang": "es", "value": "Se descubri\u00f3 un problema de inyecci\u00f3n de c\u00f3digo en PyXDG antes de 0.26 a trav\u00e9s del c\u00f3digo Python creado en un elemento de Categor\u00eda de un documento de Men\u00fa XML en un archivo .men\u00fa. XDG_CONFIG_DIRS debe configurarse para activar el an\u00e1lisis xdg.Menu.parse dentro del directorio que contiene este archivo. Esto es debido a la falta de desinfecci\u00f3n en xdg / Menu.py antes de una llamada de evaluaci\u00f3n." } ], "id": "CVE-2019-12761", "lastModified": "2024-11-21T04:23:31.233", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 4.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ], "cvssMetricV30": [ { "cvssData": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary" } ] }, "published": "2019-06-06T19:29:00.533", "references": [ { "source": "cve@mitre.org", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://gist.github.com/dhondta/b45cd41f4186110a354dc7272916feba" }, { "source": "cve@mitre.org", "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00006.html" }, { "source": "cve@mitre.org", "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00003.html" }, { "source": "cve@mitre.org", "tags": [ "Third Party Advisory" ], "url": "https://snyk.io/vuln/SNYK-PYTHON-PYXDG-174562" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://gist.github.com/dhondta/b45cd41f4186110a354dc7272916feba" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00006.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00003.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Third Party Advisory" ], "url": "https://snyk.io/vuln/SNYK-PYTHON-PYXDG-174562" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-94" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
gsd-2019-12761
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2019-12761", "description": "A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in xdg/Menu.py before an eval call.", "id": "GSD-2019-12761", "references": [ "https://www.suse.com/security/cve/CVE-2019-12761.html", "https://ubuntu.com/security/CVE-2019-12761" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2019-12761" ], "details": "A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in xdg/Menu.py before an eval call.", "id": "GSD-2019-12761", "modified": "2023-12-13T01:23:43.415226Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-12761", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in xdg/Menu.py before an eval call." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://gist.github.com/dhondta/b45cd41f4186110a354dc7272916feba", "refsource": "MISC", "url": "https://gist.github.com/dhondta/b45cd41f4186110a354dc7272916feba" }, { "name": "https://snyk.io/vuln/SNYK-PYTHON-PYXDG-174562", "refsource": "MISC", "url": "https://snyk.io/vuln/SNYK-PYTHON-PYXDG-174562" }, { "name": "[debian-lts-announce] 20190616 [SECURITY] [DLA 1819-1] pyxdg security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00006.html" }, { "name": "[debian-lts-announce] 20210803 [SECURITY] [DLA 2727-1] pyxdg security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00003.html" } ] } }, "gitlab.com": { "advisories": [ { "affected_range": "\u003c0.26", "affected_versions": "All versions before 0.26", "credit": "@dhondta", "cvss_v2": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "cvss_v3": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "cwe_ids": [ "CWE-1035", "CWE-91", "CWE-937" ], "date": "2019-06-16", "description": "A code injection issue was discovered in PyXDG; via crafted Python code in a Category element of a Menu XML document in a `.menu` file. `XDG_CONFIG_DIRS` must be set up to trigger `xdg.Menu.parse` parsing within the directory containing this file. This is due to a lack of sanitization in `xdg/Menu.py` before an `eval` call.", "fixed_versions": [ "0.26" ], "identifier": "CVE-2019-12761", "identifiers": [ "CVE-2019-12761" ], "not_impacted": "All versions starting from 0.26", "package_slug": "pypi/pyxdg", "pubdate": "2019-06-06", "solution": "Upgrade to version 0.26 or above.", "title": "XML injection", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2019-12761", "https://gist.github.com/dhondta/b45cd41f4186110a354dc7272916feba" ], "uuid": "d9bb7deb-1532-40ed-ae10-0be17ca38a23" } ] }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:python:pyxdg:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "0.26", "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-12761" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in xdg/Menu.py before an eval call." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-94" } ] } ] }, "references": { "reference_data": [ { "name": "https://snyk.io/vuln/SNYK-PYTHON-PYXDG-174562", "refsource": "MISC", "tags": [ "Third Party Advisory" ], "url": "https://snyk.io/vuln/SNYK-PYTHON-PYXDG-174562" }, { "name": "https://gist.github.com/dhondta/b45cd41f4186110a354dc7272916feba", "refsource": "MISC", "tags": [ "Exploit", "Third Party Advisory" ], "url": "https://gist.github.com/dhondta/b45cd41f4186110a354dc7272916feba" }, { "name": "[debian-lts-announce] 20190616 [SECURITY] [DLA 1819-1] pyxdg security update", "refsource": "MLIST", "tags": [], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00006.html" }, { "name": "[debian-lts-announce] 20210803 [SECURITY] [DLA 2727-1] pyxdg security update", "refsource": "MLIST", "tags": [], "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00003.html" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 4.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true }, "baseMetricV3": { "cvssV3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 1.6, "impactScore": 5.9 } }, "lastModifiedDate": "2021-08-03T15:15Z", "publishedDate": "2019-06-06T19:29Z" } } }
suse-su-2022:2997-1
Vulnerability from csaf_suse
Notes
{ "document": { "aggregate_severity": { "namespace": "https://www.suse.com/support/security/rating/", "text": "important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright 2024 SUSE LLC. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Security update for python-pyxdg", "title": "Title of the patch" }, { "category": "description", "text": "This update for python-pyxdg fixes the following issues:\n\n- CVE-2019-12761: Fixed a code injection issue in Category elements of\n a Menu XML (bsc#1137627).\n", "title": "Description of the patch" }, { "category": "details", "text": "SUSE-2022-2997,SUSE-SLE-Product-HPC-15-2022-2997,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-2997,SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-2997,SUSE-SLE-Product-SLES-15-2022-2997,SUSE-SLE-Product-SLES-15-SP1-BCL-2022-2997,SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-2997,SUSE-SLE-Product-SLES_SAP-15-2022-2997,SUSE-SLE-Product-SLES_SAP-15-SP1-2022-2997,SUSE-Storage-6-2022-2997", "title": "Patchnames" }, { "category": "legal_disclaimer", "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", "title": "Terms of use" } ], "publisher": { "category": "vendor", "contact_details": "https://www.suse.com/support/security/contact/", "name": "SUSE Product Security Team", "namespace": "https://www.suse.com/" }, "references": [ { "category": "external", "summary": "SUSE ratings", "url": "https://www.suse.com/support/security/rating/" }, { "category": "self", "summary": "URL of this CSAF notice", "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_2997-1.json" }, { "category": "self", "summary": "URL for SUSE-SU-2022:2997-1", "url": "https://www.suse.com/support/update/announcement/2022/suse-su-20222997-1/" }, { "category": "self", "summary": "E-Mail link for SUSE-SU-2022:2997-1", "url": "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012064.html" }, { "category": "self", "summary": "SUSE Bug 1137627", "url": "https://bugzilla.suse.com/1137627" }, { "category": "self", "summary": "SUSE CVE CVE-2019-12761 page", "url": "https://www.suse.com/security/cve/CVE-2019-12761/" } ], "title": "Security update for python-pyxdg", "tracking": { "current_release_date": "2022-09-02T10:13:46Z", "generator": { "date": "2022-09-02T10:13:46Z", "engine": { "name": "cve-database.git:bin/generate-csaf.pl", "version": "1" } }, "id": "SUSE-SU-2022:2997-1", "initial_release_date": "2022-09-02T10:13:46Z", "revision_history": [ { "date": "2022-09-02T10:13:46Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "python2-pyxdg-0.25-150000.3.3.1.noarch", "product": { "name": "python2-pyxdg-0.25-150000.3.3.1.noarch", "product_id": "python2-pyxdg-0.25-150000.3.3.1.noarch" } }, { "category": "product_version", "name": "python3-pyxdg-0.25-150000.3.3.1.noarch", "product": { "name": "python3-pyxdg-0.25-150000.3.3.1.noarch", "product_id": "python3-pyxdg-0.25-150000.3.3.1.noarch" } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS", "product": { "name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS", "product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS", "product_identification_helper": { "cpe": "cpe:/o:suse:sle_hpc-espos:15" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise High Performance Computing 15-LTSS", "product": { "name": "SUSE Linux Enterprise High Performance Computing 15-LTSS", "product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS", "product_identification_helper": { "cpe": "cpe:/o:suse:sle_hpc-ltss:15" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS", "product": { "name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS", "product_identification_helper": { "cpe": "cpe:/o:suse:sle_hpc-espos:15:sp1" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", "product": { "name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", "product_identification_helper": { "cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp1" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 15-LTSS", "product": { "name": "SUSE Linux Enterprise Server 15-LTSS", "product_id": "SUSE Linux Enterprise Server 15-LTSS", "product_identification_helper": { "cpe": "cpe:/o:suse:sles-ltss:15" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 15 SP1-BCL", "product": { "name": "SUSE Linux Enterprise Server 15 SP1-BCL", "product_id": "SUSE Linux Enterprise Server 15 SP1-BCL", "product_identification_helper": { "cpe": "cpe:/o:suse:sles_bcl:15:sp1" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server 15 SP1-LTSS", "product": { "name": "SUSE Linux Enterprise Server 15 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS", "product_identification_helper": { "cpe": "cpe:/o:suse:sles-ltss:15:sp1" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server for SAP Applications 15", "product": { "name": "SUSE Linux Enterprise Server for SAP Applications 15", "product_id": "SUSE Linux Enterprise Server for SAP Applications 15", "product_identification_helper": { "cpe": "cpe:/o:suse:sles_sap:15" } } }, { "category": "product_name", "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1", "product": { "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1", "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1", "product_identification_helper": { "cpe": "cpe:/o:suse:sles_sap:15:sp1" } } }, { "category": "product_name", "name": "SUSE Enterprise Storage 6", "product": { "name": "SUSE Enterprise Storage 6", "product_id": "SUSE Enterprise Storage 6", "product_identification_helper": { "cpe": "cpe:/o:suse:ses:6" } } } ], "category": "product_family", "name": "SUSE Linux Enterprise" } ], "category": "vendor", "name": "SUSE" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "python2-pyxdg-0.25-150000.3.3.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS", "product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python2-pyxdg-0.25-150000.3.3.1.noarch" }, "product_reference": "python2-pyxdg-0.25-150000.3.3.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS" }, { "category": "default_component_of", "full_product_name": { "name": "python2-pyxdg-0.25-150000.3.3.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15-LTSS", "product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:python2-pyxdg-0.25-150000.3.3.1.noarch" }, "product_reference": "python2-pyxdg-0.25-150000.3.3.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "python2-pyxdg-0.25-150000.3.3.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:python2-pyxdg-0.25-150000.3.3.1.noarch" }, "product_reference": "python2-pyxdg-0.25-150000.3.3.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-pyxdg-0.25-150000.3.3.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:python3-pyxdg-0.25-150000.3.3.1.noarch" }, "product_reference": "python3-pyxdg-0.25-150000.3.3.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS" }, { "category": "default_component_of", "full_product_name": { "name": "python2-pyxdg-0.25-150000.3.3.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-pyxdg-0.25-150000.3.3.1.noarch" }, "product_reference": "python2-pyxdg-0.25-150000.3.3.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-pyxdg-0.25-150000.3.3.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-pyxdg-0.25-150000.3.3.1.noarch" }, "product_reference": "python3-pyxdg-0.25-150000.3.3.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "python2-pyxdg-0.25-150000.3.3.1.noarch as component of SUSE Linux Enterprise Server 15-LTSS", "product_id": "SUSE Linux Enterprise Server 15-LTSS:python2-pyxdg-0.25-150000.3.3.1.noarch" }, "product_reference": "python2-pyxdg-0.25-150000.3.3.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "python2-pyxdg-0.25-150000.3.3.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-BCL", "product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:python2-pyxdg-0.25-150000.3.3.1.noarch" }, "product_reference": "python2-pyxdg-0.25-150000.3.3.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL" }, { "category": "default_component_of", "full_product_name": { "name": "python3-pyxdg-0.25-150000.3.3.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-BCL", "product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:python3-pyxdg-0.25-150000.3.3.1.noarch" }, "product_reference": "python3-pyxdg-0.25-150000.3.3.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL" }, { "category": "default_component_of", "full_product_name": { "name": "python2-pyxdg-0.25-150000.3.3.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:python2-pyxdg-0.25-150000.3.3.1.noarch" }, "product_reference": "python2-pyxdg-0.25-150000.3.3.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-pyxdg-0.25-150000.3.3.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-LTSS", "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:python3-pyxdg-0.25-150000.3.3.1.noarch" }, "product_reference": "python3-pyxdg-0.25-150000.3.3.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS" }, { "category": "default_component_of", "full_product_name": { "name": "python2-pyxdg-0.25-150000.3.3.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15", "product_id": "SUSE Linux Enterprise Server for SAP Applications 15:python2-pyxdg-0.25-150000.3.3.1.noarch" }, "product_reference": "python2-pyxdg-0.25-150000.3.3.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15" }, { "category": "default_component_of", "full_product_name": { "name": "python2-pyxdg-0.25-150000.3.3.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:python2-pyxdg-0.25-150000.3.3.1.noarch" }, "product_reference": "python2-pyxdg-0.25-150000.3.3.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1" }, { "category": "default_component_of", "full_product_name": { "name": "python3-pyxdg-0.25-150000.3.3.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-pyxdg-0.25-150000.3.3.1.noarch" }, "product_reference": "python3-pyxdg-0.25-150000.3.3.1.noarch", "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1" }, { "category": "default_component_of", "full_product_name": { "name": "python2-pyxdg-0.25-150000.3.3.1.noarch as component of SUSE Enterprise Storage 6", "product_id": "SUSE Enterprise Storage 6:python2-pyxdg-0.25-150000.3.3.1.noarch" }, "product_reference": "python2-pyxdg-0.25-150000.3.3.1.noarch", "relates_to_product_reference": "SUSE Enterprise Storage 6" }, { "category": "default_component_of", "full_product_name": { "name": "python3-pyxdg-0.25-150000.3.3.1.noarch as component of SUSE Enterprise Storage 6", "product_id": "SUSE Enterprise Storage 6:python3-pyxdg-0.25-150000.3.3.1.noarch" }, "product_reference": "python3-pyxdg-0.25-150000.3.3.1.noarch", "relates_to_product_reference": "SUSE Enterprise Storage 6" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-12761", "ids": [ { "system_name": "SUSE CVE Page", "text": "https://www.suse.com/security/cve/CVE-2019-12761" } ], "notes": [ { "category": "general", "text": "A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDG_CONFIG_DIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in xdg/Menu.py before an eval call.", "title": "CVE description" } ], "product_status": { "recommended": [ "SUSE Enterprise Storage 6:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Enterprise Storage 6:python3-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:python3-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise Server 15 SP1-BCL:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise Server 15 SP1-BCL:python3-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:python3-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:python2-pyxdg-0.25-150000.3.3.1.noarch" ] }, "references": [ { "category": "external", "summary": "CVE-2019-12761", "url": "https://www.suse.com/security/cve/CVE-2019-12761" }, { "category": "external", "summary": "SUSE Bug 1137627 for CVE-2019-12761", "url": "https://bugzilla.suse.com/1137627" } ], "remediations": [ { "category": "vendor_fix", "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", "product_ids": [ "SUSE Enterprise Storage 6:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Enterprise Storage 6:python3-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:python3-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise Server 15 SP1-BCL:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise Server 15 SP1-BCL:python3-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:python3-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:python2-pyxdg-0.25-150000.3.3.1.noarch" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "SUSE Enterprise Storage 6:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Enterprise Storage 6:python3-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:python3-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-ESPOS:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise High Performance Computing 15-LTSS:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise Server 15 SP1-BCL:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise Server 15 SP1-BCL:python3-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise Server 15 SP1-LTSS:python3-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise Server 15-LTSS:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:python2-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:python3-pyxdg-0.25-150000.3.3.1.noarch", "SUSE Linux Enterprise Server for SAP Applications 15:python2-pyxdg-0.25-150000.3.3.1.noarch" ] } ], "threats": [ { "category": "impact", "date": "2022-09-02T10:13:46Z", "details": "important" } ], "title": "CVE-2019-12761" } ] }
CERTFR-2022-AVI-267
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans Juniper Networks Junos Space. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneVendor | Product | Description | ||
---|---|---|---|---|
Juniper Networks | Junos Space | Juniper Networks Junos Space versions antérieures à 21.1R1 |
Title | Publication Time | Tags | |||
---|---|---|---|---|---|
|
{ "$ref": "https://www.cert.ssi.gouv.fr/openapi.json", "affected_systems": [ { "description": "Juniper Networks Junos Space versions ant\u00e9rieures \u00e0 21.1R1", "product": { "name": "Junos Space", "vendor": { "name": "Juniper Networks", "scada": false } } } ], "affected_systems_content": null, "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n", "cves": [ { "name": "CVE-2017-13078", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13078" }, { "name": "CVE-2017-13077", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13077" }, { "name": "CVE-2017-13080", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13080" }, { "name": "CVE-2017-13082", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13082" }, { "name": "CVE-2017-13088", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13088" }, { "name": "CVE-2017-13086", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13086" }, { "name": "CVE-2017-13087", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13087" }, { "name": "CVE-2017-5715", "url": "https://www.cve.org/CVERecord?id=CVE-2017-5715" }, { "name": "CVE-2018-3639", "url": "https://www.cve.org/CVERecord?id=CVE-2018-3639" }, { "name": "CVE-2007-1351", "url": "https://www.cve.org/CVERecord?id=CVE-2007-1351" }, { "name": "CVE-2007-1352", "url": "https://www.cve.org/CVERecord?id=CVE-2007-1352" }, { "name": "CVE-2007-6284", "url": "https://www.cve.org/CVERecord?id=CVE-2007-6284" }, { "name": "CVE-2008-2935", "url": "https://www.cve.org/CVERecord?id=CVE-2008-2935" }, { "name": "CVE-2008-3281", "url": "https://www.cve.org/CVERecord?id=CVE-2008-3281" }, { "name": "CVE-2008-3529", "url": "https://www.cve.org/CVERecord?id=CVE-2008-3529" }, { "name": "CVE-2008-4226", "url": "https://www.cve.org/CVERecord?id=CVE-2008-4226" }, { "name": "CVE-2008-4225", "url": "https://www.cve.org/CVERecord?id=CVE-2008-4225" }, { "name": "CVE-2009-2414", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2414" }, { "name": "CVE-2009-2416", "url": "https://www.cve.org/CVERecord?id=CVE-2009-2416" }, { "name": "CVE-2008-5161", "url": "https://www.cve.org/CVERecord?id=CVE-2008-5161" }, { "name": "CVE-2010-4008", "url": "https://www.cve.org/CVERecord?id=CVE-2010-4008" }, { "name": "CVE-2011-0411", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0411" }, { "name": "CVE-2011-1720", "url": "https://www.cve.org/CVERecord?id=CVE-2011-1720" }, { "name": "CVE-2011-0216", "url": "https://www.cve.org/CVERecord?id=CVE-2011-0216" }, { "name": "CVE-2011-2834", "url": "https://www.cve.org/CVERecord?id=CVE-2011-2834" }, { "name": "CVE-2011-2895", "url": "https://www.cve.org/CVERecord?id=CVE-2011-2895" }, { "name": "CVE-2011-3905", "url": "https://www.cve.org/CVERecord?id=CVE-2011-3905" }, { "name": "CVE-2011-3919", "url": "https://www.cve.org/CVERecord?id=CVE-2011-3919" }, { "name": "CVE-2012-0841", "url": "https://www.cve.org/CVERecord?id=CVE-2012-0841" }, { "name": "CVE-2011-1944", "url": "https://www.cve.org/CVERecord?id=CVE-2011-1944" }, { "name": "CVE-2012-2807", "url": "https://www.cve.org/CVERecord?id=CVE-2012-2807" }, { "name": "CVE-2012-2870", "url": "https://www.cve.org/CVERecord?id=CVE-2012-2870" }, { "name": "CVE-2012-5134", "url": "https://www.cve.org/CVERecord?id=CVE-2012-5134" }, { "name": "CVE-2011-3102", "url": "https://www.cve.org/CVERecord?id=CVE-2011-3102" }, { "name": "CVE-2013-2877", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2877" }, { "name": "CVE-2013-0338", "url": "https://www.cve.org/CVERecord?id=CVE-2013-0338" }, { "name": "CVE-2012-6139", "url": "https://www.cve.org/CVERecord?id=CVE-2012-6139" }, { "name": "CVE-2013-2566", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2566" }, { "name": "CVE-2013-6462", "url": "https://www.cve.org/CVERecord?id=CVE-2013-6462" }, { "name": "CVE-2014-0211", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0211" }, { "name": "CVE-2014-3660", "url": "https://www.cve.org/CVERecord?id=CVE-2014-3660" }, { "name": "CVE-2015-1803", "url": "https://www.cve.org/CVERecord?id=CVE-2015-1803" }, { "name": "CVE-2015-1804", "url": "https://www.cve.org/CVERecord?id=CVE-2015-1804" }, { "name": "CVE-2015-1802", "url": "https://www.cve.org/CVERecord?id=CVE-2015-1802" }, { "name": "CVE-2015-2716", "url": "https://www.cve.org/CVERecord?id=CVE-2015-2716" }, { "name": "CVE-2015-5352", "url": "https://www.cve.org/CVERecord?id=CVE-2015-5352" }, { "name": "CVE-2015-2808", "url": "https://www.cve.org/CVERecord?id=CVE-2015-2808" }, { "name": "CVE-2014-8991", "url": "https://www.cve.org/CVERecord?id=CVE-2014-8991" }, { "name": "CVE-2014-7185", "url": "https://www.cve.org/CVERecord?id=CVE-2014-7185" }, { "name": "CVE-2014-9365", "url": "https://www.cve.org/CVERecord?id=CVE-2014-9365" }, { "name": "CVE-2015-6838", "url": "https://www.cve.org/CVERecord?id=CVE-2015-6838" }, { "name": "CVE-2015-6837", "url": "https://www.cve.org/CVERecord?id=CVE-2015-6837" }, { "name": "CVE-2015-7995", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7995" }, { "name": "CVE-2015-8035", "url": "https://www.cve.org/CVERecord?id=CVE-2015-8035" }, { "name": "CVE-2015-7499", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7499" }, { "name": "CVE-2015-8242", "url": "https://www.cve.org/CVERecord?id=CVE-2015-8242" }, { "name": "CVE-2015-7500", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7500" }, { "name": "CVE-2016-1762", "url": "https://www.cve.org/CVERecord?id=CVE-2016-1762" }, { "name": "CVE-2015-5312", "url": "https://www.cve.org/CVERecord?id=CVE-2015-5312" }, { "name": "CVE-2016-1839", "url": "https://www.cve.org/CVERecord?id=CVE-2016-1839" }, { "name": "CVE-2016-1833", "url": "https://www.cve.org/CVERecord?id=CVE-2016-1833" }, { "name": "CVE-2016-1837", "url": "https://www.cve.org/CVERecord?id=CVE-2016-1837" }, { "name": "CVE-2016-1834", "url": "https://www.cve.org/CVERecord?id=CVE-2016-1834" }, { "name": "CVE-2016-1840", "url": "https://www.cve.org/CVERecord?id=CVE-2016-1840" }, { "name": "CVE-2016-1836", "url": "https://www.cve.org/CVERecord?id=CVE-2016-1836" }, { "name": "CVE-2016-1838", "url": "https://www.cve.org/CVERecord?id=CVE-2016-1838" }, { "name": "CVE-2016-1684", "url": "https://www.cve.org/CVERecord?id=CVE-2016-1684" }, { "name": "CVE-2016-1683", "url": "https://www.cve.org/CVERecord?id=CVE-2016-1683" }, { "name": "CVE-2016-4448", "url": "https://www.cve.org/CVERecord?id=CVE-2016-4448" }, { "name": "CVE-2016-4447", "url": "https://www.cve.org/CVERecord?id=CVE-2016-4447" }, { "name": "CVE-2016-4449", "url": "https://www.cve.org/CVERecord?id=CVE-2016-4449" }, { "name": "CVE-2016-5131", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5131" }, { "name": "CVE-2015-0975", "url": "https://www.cve.org/CVERecord?id=CVE-2015-0975" }, { "name": "CVE-2016-4658", "url": "https://www.cve.org/CVERecord?id=CVE-2016-4658" }, { "name": "CVE-2016-2183", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2183" }, { "name": "CVE-2016-3627", "url": "https://www.cve.org/CVERecord?id=CVE-2016-3627" }, { "name": "CVE-2016-3115", "url": "https://www.cve.org/CVERecord?id=CVE-2016-3115" }, { "name": "CVE-2016-5636", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5636" }, { "name": "CVE-2017-7375", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7375" }, { "name": "CVE-2017-7376", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7376" }, { "name": "CVE-2017-7773", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7773" }, { "name": "CVE-2017-7772", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7772" }, { "name": "CVE-2017-7778", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7778" }, { "name": "CVE-2017-7771", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7771" }, { "name": "CVE-2017-7774", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7774" }, { "name": "CVE-2017-7776", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7776" }, { "name": "CVE-2017-7777", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7777" }, { "name": "CVE-2017-7775", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7775" }, { "name": "CVE-2017-6463", "url": "https://www.cve.org/CVERecord?id=CVE-2017-6463" }, { "name": "CVE-2017-6462", "url": "https://www.cve.org/CVERecord?id=CVE-2017-6462" }, { "name": "CVE-2017-6464", "url": "https://www.cve.org/CVERecord?id=CVE-2017-6464" }, { "name": "CVE-2017-14492", "url": "https://www.cve.org/CVERecord?id=CVE-2017-14492" }, { "name": "CVE-2017-14496", "url": "https://www.cve.org/CVERecord?id=CVE-2017-14496" }, { "name": "CVE-2017-14491", "url": "https://www.cve.org/CVERecord?id=CVE-2017-14491" }, { "name": "CVE-2017-14493", "url": "https://www.cve.org/CVERecord?id=CVE-2017-14493" }, { "name": "CVE-2017-14494", "url": "https://www.cve.org/CVERecord?id=CVE-2017-14494" }, { "name": "CVE-2017-14495", "url": "https://www.cve.org/CVERecord?id=CVE-2017-14495" }, { "name": "CVE-2017-5130", "url": "https://www.cve.org/CVERecord?id=CVE-2017-5130" }, { "name": "CVE-2017-3736", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3736" }, { "name": "CVE-2017-3735", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3735" }, { "name": "CVE-2017-15412", "url": "https://www.cve.org/CVERecord?id=CVE-2017-15412" }, { "name": "CVE-2017-3738", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3738" }, { "name": "CVE-2017-3737", "url": "https://www.cve.org/CVERecord?id=CVE-2017-3737" }, { "name": "CVE-2017-17807", "url": "https://www.cve.org/CVERecord?id=CVE-2017-17807" }, { "name": "CVE-2018-0739", "url": "https://www.cve.org/CVERecord?id=CVE-2018-0739" }, { "name": "CVE-2017-16931", "url": "https://www.cve.org/CVERecord?id=CVE-2017-16931" }, { "name": "CVE-2018-11214", "url": "https://www.cve.org/CVERecord?id=CVE-2018-11214" }, { "name": "CVE-2015-9019", "url": "https://www.cve.org/CVERecord?id=CVE-2015-9019" }, { "name": "CVE-2017-18258", "url": "https://www.cve.org/CVERecord?id=CVE-2017-18258" }, { "name": "CVE-2017-16932", "url": "https://www.cve.org/CVERecord?id=CVE-2017-16932" }, { "name": "CVE-2016-9318", "url": "https://www.cve.org/CVERecord?id=CVE-2016-9318" }, { "name": "CVE-2018-1000120", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000120" }, { "name": "CVE-2018-1000007", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000007" }, { "name": "CVE-2018-1000121", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000121" }, { "name": "CVE-2018-1000122", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000122" }, { "name": "CVE-2018-0732", "url": "https://www.cve.org/CVERecord?id=CVE-2018-0732" }, { "name": "CVE-2018-6914", "url": "https://www.cve.org/CVERecord?id=CVE-2018-6914" }, { "name": "CVE-2017-0898", "url": "https://www.cve.org/CVERecord?id=CVE-2017-0898" }, { "name": "CVE-2018-8778", "url": "https://www.cve.org/CVERecord?id=CVE-2018-8778" }, { "name": "CVE-2017-14033", "url": "https://www.cve.org/CVERecord?id=CVE-2017-14033" }, { "name": "CVE-2018-8780", "url": "https://www.cve.org/CVERecord?id=CVE-2018-8780" }, { "name": "CVE-2017-17742", "url": "https://www.cve.org/CVERecord?id=CVE-2017-17742" }, { "name": "CVE-2017-10784", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10784" }, { "name": "CVE-2017-17405", "url": "https://www.cve.org/CVERecord?id=CVE-2017-17405" }, { "name": "CVE-2018-8779", "url": "https://www.cve.org/CVERecord?id=CVE-2018-8779" }, { "name": "CVE-2017-14064", "url": "https://www.cve.org/CVERecord?id=CVE-2017-14064" }, { "name": "CVE-2018-8777", "url": "https://www.cve.org/CVERecord?id=CVE-2018-8777" }, { "name": "CVE-2018-16395", "url": "https://www.cve.org/CVERecord?id=CVE-2018-16395" }, { "name": "CVE-2018-0737", "url": "https://www.cve.org/CVERecord?id=CVE-2018-0737" }, { "name": "CVE-2018-16396", "url": "https://www.cve.org/CVERecord?id=CVE-2018-16396" }, { "name": "CVE-2018-0495", "url": "https://www.cve.org/CVERecord?id=CVE-2018-0495" }, { "name": "CVE-2018-0734", "url": "https://www.cve.org/CVERecord?id=CVE-2018-0734" }, { "name": "CVE-2018-5407", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5407" }, { "name": "CVE-2018-1126", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1126" }, { "name": "CVE-2018-7858", "url": "https://www.cve.org/CVERecord?id=CVE-2018-7858" }, { "name": "CVE-2018-1124", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1124" }, { "name": "CVE-2018-10897", "url": "https://www.cve.org/CVERecord?id=CVE-2018-10897" }, { "name": "CVE-2018-1064", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1064" }, { "name": "CVE-2018-5683", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5683" }, { "name": "CVE-2017-13672", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13672" }, { "name": "CVE-2018-11212", "url": "https://www.cve.org/CVERecord?id=CVE-2018-11212" }, { "name": "CVE-2017-18267", "url": "https://www.cve.org/CVERecord?id=CVE-2017-18267" }, { "name": "CVE-2018-13988", "url": "https://www.cve.org/CVERecord?id=CVE-2018-13988" }, { "name": "CVE-2018-20169", "url": "https://www.cve.org/CVERecord?id=CVE-2018-20169" }, { "name": "CVE-2018-19985", "url": "https://www.cve.org/CVERecord?id=CVE-2018-19985" }, { "name": "CVE-2019-1559", "url": "https://www.cve.org/CVERecord?id=CVE-2019-1559" }, { "name": "CVE-2019-6133", "url": "https://www.cve.org/CVERecord?id=CVE-2019-6133" }, { "name": "CVE-2018-18311", "url": "https://www.cve.org/CVERecord?id=CVE-2018-18311" }, { "name": "CVE-2018-12127", "url": "https://www.cve.org/CVERecord?id=CVE-2018-12127" }, { "name": "CVE-2018-12130", "url": "https://www.cve.org/CVERecord?id=CVE-2018-12130" }, { "name": "CVE-2019-11091", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11091" }, { "name": "CVE-2018-12126", "url": "https://www.cve.org/CVERecord?id=CVE-2018-12126" }, { "name": "CVE-2019-9503", "url": "https://www.cve.org/CVERecord?id=CVE-2019-9503" }, { "name": "CVE-2019-10132", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10132" }, { "name": "CVE-2019-11190", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11190" }, { "name": "CVE-2019-11884", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11884" }, { "name": "CVE-2019-11487", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11487" }, { "name": "CVE-2019-12382", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12382" }, { "name": "CVE-2018-7191", "url": "https://www.cve.org/CVERecord?id=CVE-2018-7191" }, { "name": "CVE-2019-5953", "url": "https://www.cve.org/CVERecord?id=CVE-2019-5953" }, { "name": "CVE-2019-12614", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12614" }, { "name": "CVE-2019-11729", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11729" }, { "name": "CVE-2019-11727", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11727" }, { "name": "CVE-2019-11719", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11719" }, { "name": "CVE-2018-1060", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1060" }, { "name": "CVE-2018-12327", "url": "https://www.cve.org/CVERecord?id=CVE-2018-12327" }, { "name": "CVE-2018-1061", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1061" }, { "name": "CVE-2019-10639", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10639" }, { "name": "CVE-2019-10638", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10638" }, { "name": "CVE-2018-20836", "url": "https://www.cve.org/CVERecord?id=CVE-2018-20836" }, { "name": "CVE-2019-13233", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13233" }, { "name": "CVE-2019-14283", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14283" }, { "name": "CVE-2019-13648", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13648" }, { "name": "CVE-2019-10207", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10207" }, { "name": "CVE-2015-9289", "url": "https://www.cve.org/CVERecord?id=CVE-2015-9289" }, { "name": "CVE-2019-14816", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14816" }, { "name": "CVE-2019-15239", "url": "https://www.cve.org/CVERecord?id=CVE-2019-15239" }, { "name": "CVE-2019-15917", "url": "https://www.cve.org/CVERecord?id=CVE-2019-15917" }, { "name": "CVE-2017-18551", "url": "https://www.cve.org/CVERecord?id=CVE-2017-18551" }, { "name": "CVE-2019-15217", "url": "https://www.cve.org/CVERecord?id=CVE-2019-15217" }, { "name": "CVE-2019-14821", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14821" }, { "name": "CVE-2019-11068", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11068" }, { "name": "CVE-2018-18066", "url": "https://www.cve.org/CVERecord?id=CVE-2018-18066" }, { "name": "CVE-2019-15903", "url": "https://www.cve.org/CVERecord?id=CVE-2019-15903" }, { "name": "CVE-2019-17666", "url": "https://www.cve.org/CVERecord?id=CVE-2019-17666" }, { "name": "CVE-2019-17133", "url": "https://www.cve.org/CVERecord?id=CVE-2019-17133" }, { "name": "CVE-2018-12207", "url": "https://www.cve.org/CVERecord?id=CVE-2018-12207" }, { "name": "CVE-2019-11135", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11135" }, { "name": "CVE-2019-0154", "url": "https://www.cve.org/CVERecord?id=CVE-2019-0154" }, { "name": "CVE-2019-17055", "url": "https://www.cve.org/CVERecord?id=CVE-2019-17055" }, { "name": "CVE-2019-17053", "url": "https://www.cve.org/CVERecord?id=CVE-2019-17053" }, { "name": "CVE-2019-16746", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16746" }, { "name": "CVE-2019-0155", "url": "https://www.cve.org/CVERecord?id=CVE-2019-0155" }, { "name": "CVE-2019-16233", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16233" }, { "name": "CVE-2019-15807", "url": "https://www.cve.org/CVERecord?id=CVE-2019-15807" }, { "name": "CVE-2019-16231", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16231" }, { "name": "CVE-2019-11756", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11756" }, { "name": "CVE-2019-11745", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11745" }, { "name": "CVE-2019-19058", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19058" }, { "name": "CVE-2019-14895", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14895" }, { "name": "CVE-2019-19046", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19046" }, { "name": "CVE-2019-15916", "url": "https://www.cve.org/CVERecord?id=CVE-2019-15916" }, { "name": "CVE-2019-18660", "url": "https://www.cve.org/CVERecord?id=CVE-2019-18660" }, { "name": "CVE-2019-19063", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19063" }, { "name": "CVE-2019-19062", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19062" }, { "name": "CVE-2018-14526", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14526" }, { "name": "CVE-2019-13734", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13734" }, { "name": "CVE-2019-19530", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19530" }, { "name": "CVE-2019-19534", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19534" }, { "name": "CVE-2019-19524", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19524" }, { "name": "CVE-2019-14901", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14901" }, { "name": "CVE-2019-19537", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19537" }, { "name": "CVE-2019-19523", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19523" }, { "name": "CVE-2019-19338", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19338" }, { "name": "CVE-2019-19332", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19332" }, { "name": "CVE-2019-19527", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19527" }, { "name": "CVE-2019-18808", "url": "https://www.cve.org/CVERecord?id=CVE-2019-18808" }, { "name": "CVE-2019-19767", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19767" }, { "name": "CVE-2019-19807", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19807" }, { "name": "CVE-2019-19055", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19055" }, { "name": "CVE-2019-17023", "url": "https://www.cve.org/CVERecord?id=CVE-2019-17023" }, { "name": "CVE-2019-9824", "url": "https://www.cve.org/CVERecord?id=CVE-2019-9824" }, { "name": "CVE-2019-9636", "url": "https://www.cve.org/CVERecord?id=CVE-2019-9636" }, { "name": "CVE-2019-12749", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12749" }, { "name": "CVE-2019-19447", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19447" }, { "name": "CVE-2019-20095", "url": "https://www.cve.org/CVERecord?id=CVE-2019-20095" }, { "name": "CVE-2019-20054", "url": "https://www.cve.org/CVERecord?id=CVE-2019-20054" }, { "name": "CVE-2019-18634", "url": "https://www.cve.org/CVERecord?id=CVE-2019-18634" }, { "name": "CVE-2019-14898", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14898" }, { "name": "CVE-2019-16994", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16994" }, { "name": "CVE-2019-18282", "url": "https://www.cve.org/CVERecord?id=CVE-2019-18282" }, { "name": "CVE-2020-2732", "url": "https://www.cve.org/CVERecord?id=CVE-2020-2732" }, { "name": "CVE-2019-19059", "url": "https://www.cve.org/CVERecord?id=CVE-2019-19059" }, { "name": "CVE-2019-3901", "url": "https://www.cve.org/CVERecord?id=CVE-2019-3901" }, { "name": "CVE-2020-9383", "url": "https://www.cve.org/CVERecord?id=CVE-2020-9383" }, { "name": "CVE-2020-8647", "url": "https://www.cve.org/CVERecord?id=CVE-2020-8647" }, { "name": "CVE-2020-8649", "url": "https://www.cve.org/CVERecord?id=CVE-2020-8649" }, { "name": "CVE-2020-1749", "url": "https://www.cve.org/CVERecord?id=CVE-2020-1749" }, { "name": "CVE-2019-9458", "url": "https://www.cve.org/CVERecord?id=CVE-2019-9458" }, { "name": "CVE-2020-10942", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10942" }, { "name": "CVE-2019-9454", "url": "https://www.cve.org/CVERecord?id=CVE-2019-9454" }, { "name": "CVE-2020-11565", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11565" }, { "name": "CVE-2020-10690", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10690" }, { "name": "CVE-2020-10751", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10751" }, { "name": "CVE-2020-12826", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12826" }, { "name": "CVE-2020-12654", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12654" }, { "name": "CVE-2020-10732", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10732" }, { "name": "CVE-2019-20636", "url": "https://www.cve.org/CVERecord?id=CVE-2019-20636" }, { "name": "CVE-2019-20811", "url": "https://www.cve.org/CVERecord?id=CVE-2019-20811" }, { "name": "CVE-2020-12653", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12653" }, { "name": "CVE-2020-10757", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10757" }, { "name": "CVE-2020-12770", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12770" }, { "name": "CVE-2020-12888", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12888" }, { "name": "CVE-2020-12402", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12402" }, { "name": "CVE-2018-16881", "url": "https://www.cve.org/CVERecord?id=CVE-2018-16881" }, { "name": "CVE-2018-19519", "url": "https://www.cve.org/CVERecord?id=CVE-2018-19519" }, { "name": "CVE-2020-10713", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10713" }, { "name": "CVE-2020-14311", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14311" }, { "name": "CVE-2020-14309", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14309" }, { "name": "CVE-2020-15706", "url": "https://www.cve.org/CVERecord?id=CVE-2020-15706" }, { "name": "CVE-2020-14308", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14308" }, { "name": "CVE-2020-14310", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14310" }, { "name": "CVE-2020-15705", "url": "https://www.cve.org/CVERecord?id=CVE-2020-15705" }, { "name": "CVE-2020-15707", "url": "https://www.cve.org/CVERecord?id=CVE-2020-15707" }, { "name": "CVE-2020-14331", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14331" }, { "name": "CVE-2020-10769", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10769" }, { "name": "CVE-2020-14364", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14364" }, { "name": "CVE-2020-12400", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12400" }, { "name": "CVE-2020-12401", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12401" }, { "name": "CVE-2020-6829", "url": "https://www.cve.org/CVERecord?id=CVE-2020-6829" }, { "name": "CVE-2020-14314", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14314" }, { "name": "CVE-2020-24394", "url": "https://www.cve.org/CVERecord?id=CVE-2020-24394" }, { "name": "CVE-2020-25212", "url": "https://www.cve.org/CVERecord?id=CVE-2020-25212" }, { "name": "CVE-2020-14305", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14305" }, { "name": "CVE-2020-10742", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10742" }, { "name": "CVE-2020-14385", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14385" }, { "name": "CVE-2020-25643", "url": "https://www.cve.org/CVERecord?id=CVE-2020-25643" }, { "name": "CVE-2020-15999", "url": "https://www.cve.org/CVERecord?id=CVE-2020-15999" }, { "name": "CVE-2018-20843", "url": "https://www.cve.org/CVERecord?id=CVE-2018-20843" }, { "name": "CVE-2018-5729", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5729" }, { "name": "CVE-2018-5730", "url": "https://www.cve.org/CVERecord?id=CVE-2018-5730" }, { "name": "CVE-2020-13817", "url": "https://www.cve.org/CVERecord?id=CVE-2020-13817" }, { "name": "CVE-2020-11868", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11868" }, { "name": "CVE-2021-3156", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3156" }, { "name": "CVE-2019-17006", "url": "https://www.cve.org/CVERecord?id=CVE-2019-17006" }, { "name": "CVE-2019-13232", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13232" }, { "name": "CVE-2020-10531", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10531" }, { "name": "CVE-2019-8696", "url": "https://www.cve.org/CVERecord?id=CVE-2019-8696" }, { "name": "CVE-2019-20907", "url": "https://www.cve.org/CVERecord?id=CVE-2019-20907" }, { "name": "CVE-2019-8675", "url": "https://www.cve.org/CVERecord?id=CVE-2019-8675" }, { "name": "CVE-2017-12652", "url": "https://www.cve.org/CVERecord?id=CVE-2017-12652" }, { "name": "CVE-2019-12450", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12450" }, { "name": "CVE-2020-12825", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12825" }, { "name": "CVE-2020-12243", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12243" }, { "name": "CVE-2019-14866", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14866" }, { "name": "CVE-2020-1983", "url": "https://www.cve.org/CVERecord?id=CVE-2020-1983" }, { "name": "CVE-2019-5188", "url": "https://www.cve.org/CVERecord?id=CVE-2019-5188" }, { "name": "CVE-2019-5094", "url": "https://www.cve.org/CVERecord?id=CVE-2019-5094" }, { "name": "CVE-2020-10754", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10754" }, { "name": "CVE-2020-12049", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12049" }, { "name": "CVE-2019-14822", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14822" }, { "name": "CVE-2020-14363", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14363" }, { "name": "CVE-2019-9924", "url": "https://www.cve.org/CVERecord?id=CVE-2019-9924" }, { "name": "CVE-2018-18751", "url": "https://www.cve.org/CVERecord?id=CVE-2018-18751" }, { "name": "CVE-2019-9948", "url": "https://www.cve.org/CVERecord?id=CVE-2019-9948" }, { "name": "CVE-2019-20386", "url": "https://www.cve.org/CVERecord?id=CVE-2019-20386" }, { "name": "CVE-2017-13722", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13722" }, { "name": "CVE-2014-0210", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0210" }, { "name": "CVE-2018-16403", "url": "https://www.cve.org/CVERecord?id=CVE-2018-16403" }, { "name": "CVE-2018-15746", "url": "https://www.cve.org/CVERecord?id=CVE-2018-15746" }, { "name": "CVE-2014-6272", "url": "https://www.cve.org/CVERecord?id=CVE-2014-6272" }, { "name": "CVE-2019-7638", "url": "https://www.cve.org/CVERecord?id=CVE-2019-7638" }, { "name": "CVE-2015-8241", "url": "https://www.cve.org/CVERecord?id=CVE-2015-8241" }, { "name": "CVE-2019-10155", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10155" }, { "name": "CVE-2018-11813", "url": "https://www.cve.org/CVERecord?id=CVE-2018-11813" }, { "name": "CVE-2018-18310", "url": "https://www.cve.org/CVERecord?id=CVE-2018-18310" }, { "name": "CVE-2018-1084", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1084" }, { "name": "CVE-2020-12662", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12662" }, { "name": "CVE-2012-4423", "url": "https://www.cve.org/CVERecord?id=CVE-2012-4423" }, { "name": "CVE-2017-0902", "url": "https://www.cve.org/CVERecord?id=CVE-2017-0902" }, { "name": "CVE-2018-8945", "url": "https://www.cve.org/CVERecord?id=CVE-2018-8945" }, { "name": "CVE-2017-0899", "url": "https://www.cve.org/CVERecord?id=CVE-2017-0899" }, { "name": "CVE-2010-2239", "url": "https://www.cve.org/CVERecord?id=CVE-2010-2239" }, { "name": "CVE-2010-2242", "url": "https://www.cve.org/CVERecord?id=CVE-2010-2242" }, { "name": "CVE-2017-14167", "url": "https://www.cve.org/CVERecord?id=CVE-2017-14167" }, { "name": "CVE-2015-0225", "url": "https://www.cve.org/CVERecord?id=CVE-2015-0225" }, { "name": "CVE-2019-11324", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11324" }, { "name": "CVE-2013-6458", "url": "https://www.cve.org/CVERecord?id=CVE-2013-6458" }, { "name": "CVE-2018-1000075", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000075" }, { "name": "CVE-2018-15857", "url": "https://www.cve.org/CVERecord?id=CVE-2018-15857" }, { "name": "CVE-2018-16062", "url": "https://www.cve.org/CVERecord?id=CVE-2018-16062" }, { "name": "CVE-2018-10534", "url": "https://www.cve.org/CVERecord?id=CVE-2018-10534" }, { "name": "CVE-2014-0179", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0179" }, { "name": "CVE-2018-18384", "url": "https://www.cve.org/CVERecord?id=CVE-2018-18384" }, { "name": "CVE-2013-1766", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1766" }, { "name": "CVE-2016-6580", "url": "https://www.cve.org/CVERecord?id=CVE-2016-6580" }, { "name": "CVE-2018-12697", "url": "https://www.cve.org/CVERecord?id=CVE-2018-12697" }, { "name": "CVE-2018-1000301", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000301" }, { "name": "CVE-2019-11236", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11236" }, { "name": "CVE-2019-12155", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12155" }, { "name": "CVE-2017-0900", "url": "https://www.cve.org/CVERecord?id=CVE-2017-0900" }, { "name": "CVE-2014-3598", "url": "https://www.cve.org/CVERecord?id=CVE-2014-3598" }, { "name": "CVE-2017-1000050", "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000050" }, { "name": "CVE-2018-10535", "url": "https://www.cve.org/CVERecord?id=CVE-2018-10535" }, { "name": "CVE-2019-3820", "url": "https://www.cve.org/CVERecord?id=CVE-2019-3820" }, { "name": "CVE-2018-16402", "url": "https://www.cve.org/CVERecord?id=CVE-2018-16402" }, { "name": "CVE-2018-1116", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1116" }, { "name": "CVE-2018-15853", "url": "https://www.cve.org/CVERecord?id=CVE-2018-15853" }, { "name": "CVE-2019-14378", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14378" }, { "name": "CVE-2016-1494", "url": "https://www.cve.org/CVERecord?id=CVE-2016-1494" }, { "name": "CVE-2019-12312", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12312" }, { "name": "CVE-2013-0339", "url": "https://www.cve.org/CVERecord?id=CVE-2013-0339" }, { "name": "CVE-2019-16935", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16935" }, { "name": "CVE-2015-6525", "url": "https://www.cve.org/CVERecord?id=CVE-2015-6525" }, { "name": "CVE-2016-6581", "url": "https://www.cve.org/CVERecord?id=CVE-2016-6581" }, { "name": "CVE-2013-4520", "url": "https://www.cve.org/CVERecord?id=CVE-2013-4520" }, { "name": "CVE-2014-3633", "url": "https://www.cve.org/CVERecord?id=CVE-2014-3633" }, { "name": "CVE-2014-3004", "url": "https://www.cve.org/CVERecord?id=CVE-2014-3004" }, { "name": "CVE-2015-9381", "url": "https://www.cve.org/CVERecord?id=CVE-2015-9381" }, { "name": "CVE-2016-5361", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5361" }, { "name": "CVE-2018-14598", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14598" }, { "name": "CVE-2014-1447", "url": "https://www.cve.org/CVERecord?id=CVE-2014-1447" }, { "name": "CVE-2018-20852", "url": "https://www.cve.org/CVERecord?id=CVE-2018-20852" }, { "name": "CVE-2012-2693", "url": "https://www.cve.org/CVERecord?id=CVE-2012-2693" }, { "name": "CVE-2018-7208", "url": "https://www.cve.org/CVERecord?id=CVE-2018-7208" }, { "name": "CVE-2018-12910", "url": "https://www.cve.org/CVERecord?id=CVE-2018-12910" }, { "name": "CVE-2019-8325", "url": "https://www.cve.org/CVERecord?id=CVE-2019-8325" }, { "name": "CVE-2015-7497", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7497" }, { "name": "CVE-2019-7665", "url": "https://www.cve.org/CVERecord?id=CVE-2019-7665" }, { "name": "CVE-2018-15854", "url": "https://www.cve.org/CVERecord?id=CVE-2018-15854" }, { "name": "CVE-2019-13404", "url": "https://www.cve.org/CVERecord?id=CVE-2019-13404" }, { "name": "CVE-2015-5160", "url": "https://www.cve.org/CVERecord?id=CVE-2015-5160" }, { "name": "CVE-2018-10767", "url": "https://www.cve.org/CVERecord?id=CVE-2018-10767" }, { "name": "CVE-2018-7550", "url": "https://www.cve.org/CVERecord?id=CVE-2018-7550" }, { "name": "CVE-2016-3076", "url": "https://www.cve.org/CVERecord?id=CVE-2016-3076" }, { "name": "CVE-2018-14404", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14404" }, { "name": "CVE-2018-18521", "url": "https://www.cve.org/CVERecord?id=CVE-2018-18521" }, { "name": "CVE-2018-19788", "url": "https://www.cve.org/CVERecord?id=CVE-2018-19788" }, { "name": "CVE-2019-8322", "url": "https://www.cve.org/CVERecord?id=CVE-2019-8322" }, { "name": "CVE-2019-3840", "url": "https://www.cve.org/CVERecord?id=CVE-2019-3840" }, { "name": "CVE-2016-9189", "url": "https://www.cve.org/CVERecord?id=CVE-2016-9189" }, { "name": "CVE-2015-9262", "url": "https://www.cve.org/CVERecord?id=CVE-2015-9262" }, { "name": "CVE-2018-14647", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14647" }, { "name": "CVE-2019-17041", "url": "https://www.cve.org/CVERecord?id=CVE-2019-17041" }, { "name": "CVE-2019-14906", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14906" }, { "name": "CVE-2018-1000073", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000073" }, { "name": "CVE-2019-9947", "url": "https://www.cve.org/CVERecord?id=CVE-2019-9947" }, { "name": "CVE-2017-1000158", "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000158" }, { "name": "CVE-2019-7635", "url": "https://www.cve.org/CVERecord?id=CVE-2019-7635" }, { "name": "CVE-2019-7576", "url": "https://www.cve.org/CVERecord?id=CVE-2019-7576" }, { "name": "CVE-2019-14834", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14834" }, { "name": "CVE-2018-15855", "url": "https://www.cve.org/CVERecord?id=CVE-2018-15855" }, { "name": "CVE-2019-7149", "url": "https://www.cve.org/CVERecord?id=CVE-2019-7149" }, { "name": "CVE-2018-7642", "url": "https://www.cve.org/CVERecord?id=CVE-2018-7642" }, { "name": "CVE-2019-5010", "url": "https://www.cve.org/CVERecord?id=CVE-2019-5010" }, { "name": "CVE-2018-12641", "url": "https://www.cve.org/CVERecord?id=CVE-2018-12641" }, { "name": "CVE-2021-3396", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3396" }, { "name": "CVE-2020-12403", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12403" }, { "name": "CVE-2017-15268", "url": "https://www.cve.org/CVERecord?id=CVE-2017-15268" }, { "name": "CVE-2018-15587", "url": "https://www.cve.org/CVERecord?id=CVE-2018-15587" }, { "name": "CVE-2016-10746", "url": "https://www.cve.org/CVERecord?id=CVE-2016-10746" }, { "name": "CVE-2017-13711", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13711" }, { "name": "CVE-2014-8131", "url": "https://www.cve.org/CVERecord?id=CVE-2014-8131" }, { "name": "CVE-2014-9601", "url": "https://www.cve.org/CVERecord?id=CVE-2014-9601" }, { "name": "CVE-2014-3657", "url": "https://www.cve.org/CVERecord?id=CVE-2014-3657" }, { "name": "CVE-2018-10373", "url": "https://www.cve.org/CVERecord?id=CVE-2018-10373" }, { "name": "CVE-2017-17790", "url": "https://www.cve.org/CVERecord?id=CVE-2017-17790" }, { "name": "CVE-2011-2511", "url": "https://www.cve.org/CVERecord?id=CVE-2011-2511" }, { "name": "CVE-2018-1000802", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000802" }, { "name": "CVE-2017-7555", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7555" }, { "name": "CVE-2016-9015", "url": "https://www.cve.org/CVERecord?id=CVE-2016-9015" }, { "name": "CVE-2017-13720", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13720" }, { "name": "CVE-2018-11782", "url": "https://www.cve.org/CVERecord?id=CVE-2018-11782" }, { "name": "CVE-2017-11671", "url": "https://www.cve.org/CVERecord?id=CVE-2017-11671" }, { "name": "CVE-2017-10664", "url": "https://www.cve.org/CVERecord?id=CVE-2017-10664" }, { "name": "CVE-2018-11213", "url": "https://www.cve.org/CVERecord?id=CVE-2018-11213" }, { "name": "CVE-2013-6457", "url": "https://www.cve.org/CVERecord?id=CVE-2013-6457" }, { "name": "CVE-2019-10138", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10138" }, { "name": "CVE-2019-7578", "url": "https://www.cve.org/CVERecord?id=CVE-2019-7578" }, { "name": "CVE-2020-7039", "url": "https://www.cve.org/CVERecord?id=CVE-2020-7039" }, { "name": "CVE-2017-11368", "url": "https://www.cve.org/CVERecord?id=CVE-2017-11368" }, { "name": "CVE-2018-0494", "url": "https://www.cve.org/CVERecord?id=CVE-2018-0494" }, { "name": "CVE-2019-20485", "url": "https://www.cve.org/CVERecord?id=CVE-2019-20485" }, { "name": "CVE-2003-1418", "url": "https://www.cve.org/CVERecord?id=CVE-2003-1418" }, { "name": "CVE-2017-15289", "url": "https://www.cve.org/CVERecord?id=CVE-2017-15289" }, { "name": "CVE-2016-5391", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5391" }, { "name": "CVE-2017-2810", "url": "https://www.cve.org/CVERecord?id=CVE-2017-2810" }, { "name": "CVE-2018-15864", "url": "https://www.cve.org/CVERecord?id=CVE-2018-15864" }, { "name": "CVE-2017-18207", "url": "https://www.cve.org/CVERecord?id=CVE-2017-18207" }, { "name": "CVE-2019-12761", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12761" }, { "name": "CVE-2013-5651", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5651" }, { "name": "CVE-2017-17522", "url": "https://www.cve.org/CVERecord?id=CVE-2017-17522" }, { "name": "CVE-2019-20382", "url": "https://www.cve.org/CVERecord?id=CVE-2019-20382" }, { "name": "CVE-2016-2533", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2533" }, { "name": "CVE-2019-14287", "url": "https://www.cve.org/CVERecord?id=CVE-2019-14287" }, { "name": "CVE-2018-18520", "url": "https://www.cve.org/CVERecord?id=CVE-2018-18520" }, { "name": "CVE-2019-9740", "url": "https://www.cve.org/CVERecord?id=CVE-2019-9740" }, { "name": "CVE-2019-7575", "url": "https://www.cve.org/CVERecord?id=CVE-2019-7575" }, { "name": "CVE-2015-5652", "url": "https://www.cve.org/CVERecord?id=CVE-2015-5652" }, { "name": "CVE-2019-7572", "url": "https://www.cve.org/CVERecord?id=CVE-2019-7572" }, { "name": "CVE-2017-6519", "url": "https://www.cve.org/CVERecord?id=CVE-2017-6519" }, { "name": "CVE-2018-10906", "url": "https://www.cve.org/CVERecord?id=CVE-2018-10906" }, { "name": "CVE-2018-15863", "url": "https://www.cve.org/CVERecord?id=CVE-2018-15863" }, { "name": "CVE-2018-15862", "url": "https://www.cve.org/CVERecord?id=CVE-2018-15862" }, { "name": "CVE-2018-1000079", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000079" }, { "name": "CVE-2019-7664", "url": "https://www.cve.org/CVERecord?id=CVE-2019-7664" }, { "name": "CVE-2017-5992", "url": "https://www.cve.org/CVERecord?id=CVE-2017-5992" }, { "name": "CVE-2019-16865", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16865" }, { "name": "CVE-2019-8324", "url": "https://www.cve.org/CVERecord?id=CVE-2019-8324" }, { "name": "CVE-2018-1000076", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000076" }, { "name": "CVE-2018-1000030", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000030" }, { "name": "CVE-2018-1000074", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000074" }, { "name": "CVE-2017-0901", "url": "https://www.cve.org/CVERecord?id=CVE-2017-0901" }, { "name": "CVE-2018-7568", "url": "https://www.cve.org/CVERecord?id=CVE-2018-7568" }, { "name": "CVE-2016-0775", "url": "https://www.cve.org/CVERecord?id=CVE-2016-0775" }, { "name": "CVE-2018-15688", "url": "https://www.cve.org/CVERecord?id=CVE-2018-15688" }, { "name": "CVE-2018-14599", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14599" }, { "name": "CVE-2018-10733", "url": "https://www.cve.org/CVERecord?id=CVE-2018-10733" }, { "name": "CVE-2016-9396", "url": "https://www.cve.org/CVERecord?id=CVE-2016-9396" }, { "name": "CVE-2019-10160", "url": "https://www.cve.org/CVERecord?id=CVE-2019-10160" }, { "name": "CVE-2017-7562", "url": "https://www.cve.org/CVERecord?id=CVE-2017-7562" }, { "name": "CVE-2016-1000032", "url": "https://www.cve.org/CVERecord?id=CVE-2016-1000032" }, { "name": "CVE-2017-15124", "url": "https://www.cve.org/CVERecord?id=CVE-2017-15124" }, { "name": "CVE-2018-1113", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1113" }, { "name": "CVE-2013-4399", "url": "https://www.cve.org/CVERecord?id=CVE-2013-4399" }, { "name": "CVE-2019-7636", "url": "https://www.cve.org/CVERecord?id=CVE-2019-7636" }, { "name": "CVE-2014-3672", "url": "https://www.cve.org/CVERecord?id=CVE-2014-3672" }, { "name": "CVE-2018-4700", "url": "https://www.cve.org/CVERecord?id=CVE-2018-4700" }, { "name": "CVE-2017-0903", "url": "https://www.cve.org/CVERecord?id=CVE-2017-0903" }, { "name": "CVE-2018-15856", "url": "https://www.cve.org/CVERecord?id=CVE-2018-15856" }, { "name": "CVE-2018-1000078", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000078" }, { "name": "CVE-2019-7573", "url": "https://www.cve.org/CVERecord?id=CVE-2019-7573" }, { "name": "CVE-2018-1000077", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000077" }, { "name": "CVE-2010-2237", "url": "https://www.cve.org/CVERecord?id=CVE-2010-2237" }, { "name": "CVE-2018-1000876", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000876" }, { "name": "CVE-2018-14348", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14348" }, { "name": "CVE-2019-3890", "url": "https://www.cve.org/CVERecord?id=CVE-2019-3890" }, { "name": "CVE-2015-7498", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7498" }, { "name": "CVE-2019-7577", "url": "https://www.cve.org/CVERecord?id=CVE-2019-7577" }, { "name": "CVE-2016-0740", "url": "https://www.cve.org/CVERecord?id=CVE-2016-0740" }, { "name": "CVE-2018-4180", "url": "https://www.cve.org/CVERecord?id=CVE-2018-4180" }, { "name": "CVE-2013-4297", "url": "https://www.cve.org/CVERecord?id=CVE-2013-4297" }, { "name": "CVE-2010-2238", "url": "https://www.cve.org/CVERecord?id=CVE-2010-2238" }, { "name": "CVE-2018-14600", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14600" }, { "name": "CVE-2017-13090", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13090" }, { "name": "CVE-2013-7336", "url": "https://www.cve.org/CVERecord?id=CVE-2013-7336" }, { "name": "CVE-2018-10372", "url": "https://www.cve.org/CVERecord?id=CVE-2018-10372" }, { "name": "CVE-2019-7637", "url": "https://www.cve.org/CVERecord?id=CVE-2019-7637" }, { "name": "CVE-2018-11806", "url": "https://www.cve.org/CVERecord?id=CVE-2018-11806" }, { "name": "CVE-2018-7643", "url": "https://www.cve.org/CVERecord?id=CVE-2018-7643" }, { "name": "CVE-2015-0236", "url": "https://www.cve.org/CVERecord?id=CVE-2015-0236" }, { "name": "CVE-2018-1000117", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1000117" }, { "name": "CVE-2014-0209", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0209" }, { "name": "CVE-2013-2230", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2230" }, { "name": "CVE-2018-1122", "url": "https://www.cve.org/CVERecord?id=CVE-2018-1122" }, { "name": "CVE-2014-3960", "url": "https://www.cve.org/CVERecord?id=CVE-2014-3960" }, { "name": "CVE-2019-16056", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16056" }, { "name": "CVE-2020-12663", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12663" }, { "name": "CVE-2018-10768", "url": "https://www.cve.org/CVERecord?id=CVE-2018-10768" }, { "name": "CVE-2017-16611", "url": "https://www.cve.org/CVERecord?id=CVE-2017-16611" }, { "name": "CVE-2014-7823", "url": "https://www.cve.org/CVERecord?id=CVE-2014-7823" }, { "name": "CVE-2020-10703", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10703" }, { "name": "CVE-2018-7569", "url": "https://www.cve.org/CVERecord?id=CVE-2018-7569" }, { "name": "CVE-2013-4154", "url": "https://www.cve.org/CVERecord?id=CVE-2013-4154" }, { "name": "CVE-2018-20060", "url": "https://www.cve.org/CVERecord?id=CVE-2018-20060" }, { "name": "CVE-2015-9382", "url": "https://www.cve.org/CVERecord?id=CVE-2015-9382" }, { "name": "CVE-2017-18190", "url": "https://www.cve.org/CVERecord?id=CVE-2017-18190" }, { "name": "CVE-2016-4009", "url": "https://www.cve.org/CVERecord?id=CVE-2016-4009" }, { "name": "CVE-2018-13033", "url": "https://www.cve.org/CVERecord?id=CVE-2018-13033" }, { "name": "CVE-2016-9190", "url": "https://www.cve.org/CVERecord?id=CVE-2016-9190" }, { "name": "CVE-2019-7574", "url": "https://www.cve.org/CVERecord?id=CVE-2019-7574" }, { "name": "CVE-2016-0772", "url": "https://www.cve.org/CVERecord?id=CVE-2016-0772" }, { "name": "CVE-2016-5699", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5699" }, { "name": "CVE-2011-1486", "url": "https://www.cve.org/CVERecord?id=CVE-2011-1486" }, { "name": "CVE-2020-5208", "url": "https://www.cve.org/CVERecord?id=CVE-2020-5208" }, { "name": "CVE-2019-6778", "url": "https://www.cve.org/CVERecord?id=CVE-2019-6778" }, { "name": "CVE-2020-10772", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10772" }, { "name": "CVE-2020-25637", "url": "https://www.cve.org/CVERecord?id=CVE-2020-25637" }, { "name": "CVE-2018-10360", "url": "https://www.cve.org/CVERecord?id=CVE-2018-10360" }, { "name": "CVE-2018-15859", "url": "https://www.cve.org/CVERecord?id=CVE-2018-15859" }, { "name": "CVE-2017-13089", "url": "https://www.cve.org/CVERecord?id=CVE-2017-13089" }, { "name": "CVE-2019-12779", "url": "https://www.cve.org/CVERecord?id=CVE-2019-12779" }, { "name": "CVE-2019-1010238", "url": "https://www.cve.org/CVERecord?id=CVE-2019-1010238" }, { "name": "CVE-2019-6690", "url": "https://www.cve.org/CVERecord?id=CVE-2019-6690" }, { "name": "CVE-2015-8317", "url": "https://www.cve.org/CVERecord?id=CVE-2015-8317" }, { "name": "CVE-2018-4181", "url": "https://www.cve.org/CVERecord?id=CVE-2018-4181" }, { "name": "CVE-2019-8323", "url": "https://www.cve.org/CVERecord?id=CVE-2019-8323" }, { "name": "CVE-2016-3616", "url": "https://www.cve.org/CVERecord?id=CVE-2016-3616" }, { "name": "CVE-2018-14498", "url": "https://www.cve.org/CVERecord?id=CVE-2018-14498" }, { "name": "CVE-2018-15861", "url": "https://www.cve.org/CVERecord?id=CVE-2018-15861" }, { "name": "CVE-2019-7150", "url": "https://www.cve.org/CVERecord?id=CVE-2019-7150" }, { "name": "CVE-2019-17042", "url": "https://www.cve.org/CVERecord?id=CVE-2019-17042" }, { "name": "CVE-2016-5008", "url": "https://www.cve.org/CVERecord?id=CVE-2016-5008" }, { "name": "CVE-2014-4616", "url": "https://www.cve.org/CVERecord?id=CVE-2014-4616" } ], "initial_release_date": "2022-03-23T00:00:00", "last_revision_date": "2022-03-23T00:00:00", "links": [], "reference": "CERTFR-2022-AVI-267", "revisions": [ { "description": "Version initiale", "revision_date": "2022-03-23T00:00:00.000000" } ], "risks": [ { "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur" } ], "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Juniper Networks\nJunos Space. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de\ns\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.\n", "title": "Multiples vuln\u00e9rabilit\u00e9s dans Juniper Networks Junos Space", "vendor_advisories": [ { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11176 du 22 mars 2022", "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11176\u0026cat=SIRT_1\u0026actp=LIST" } ] }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.