From 4f09b9d4ce18e707f324b19819031a4ed3ea04c2 Mon Sep 17 00:00:00 2001 From: booboy Date: Fri, 23 Oct 2020 04:59:29 -0500 Subject: [PATCH] redhat 7 data --- .../redhat7/security_api_results/sox_security_api_results.json | 1 + .../security_api_results/spamassassin_security_api_results.json | 1 + .../security_api_results/spausedd_security_api_results.json | 1 + .../redhat7/security_api_results/spax_security_api_results.json | 1 + .../speech-dispatcher-python_security_api_results.json | 1 + .../speech-dispatcher_security_api_results.json | 1 + .../redhat7/security_api_results/speex_security_api_results.json | 1 + .../security_api_results/spice-glib_security_api_results.json | 1 + .../security_api_results/spice-gtk3_security_api_results.json | 1 + .../spice-protocol_security_api_results.json | 1 + .../security_api_results/spice-server_security_api_results.json | 1 + .../spice-streaming-agent_security_api_results.json | 1 + .../security_api_results/spice-vdagent_security_api_results.json | 1 + .../security_api_results/spice-xpi_security_api_results.json | 1 + .../security_api_results/sqlite-devel_security_api_results.json | 1 + .../security_api_results/sqlite_security_api_results.json | 1 + .../squashfs-tools_security_api_results.json | 1 + .../squid-migration-script_security_api_results.json | 1 + .../redhat7/security_api_results/squid_security_api_results.json | 1 + .../security_api_results/srp_daemon_security_api_results.json | 1 + .../security_api_results/sssd-ad_security_api_results.json | 1 + .../security_api_results/sssd-client_security_api_results.json | 1 + .../sssd-common-pac_security_api_results.json | 1 + .../security_api_results/sssd-common_security_api_results.json | 1 + .../security_api_results/sssd-dbus_security_api_results.json | 1 + .../security_api_results/sssd-ipa_security_api_results.json | 1 + .../security_api_results/sssd-kcm_security_api_results.json | 1 + .../sssd-krb5-common_security_api_results.json | 1 + .../security_api_results/sssd-krb5_security_api_results.json | 1 + .../security_api_results/sssd-ldap_security_api_results.json | 1 + .../sssd-libwbclient_security_api_results.json | 1 + .../sssd-polkit-rules_security_api_results.json | 1 + .../security_api_results/sssd-proxy_security_api_results.json | 1 + .../security_api_results/sssd-tools_security_api_results.json | 1 + .../sssd-winbind-idmap_security_api_results.json | 1 + .../redhat7/security_api_results/sssd_security_api_results.json | 1 + .../redhat7/security_api_results/star_security_api_results.json | 1 + .../startup-notification-devel_security_api_results.json | 1 + .../startup-notification_security_api_results.json | 1 + .../security_api_results/stax-ex_security_api_results.json | 1 + .../security_api_results/stax2-api_security_api_results.json | 1 + .../security_api_results/stix-fonts_security_api_results.json | 1 + .../stix-math-fonts_security_api_results.json | 1 + .../security_api_results/strace32_security_api_results.json | 1 + .../security_api_results/strace_security_api_results.json | 1 + .../security_api_results/strigi-libs_security_api_results.json | 1 + .../security_api_results/strongimcv_security_api_results.json | 1 + .../security_api_results/stunnel_security_api_results.json | 1 + .../subscription-manager-gui_security_api_results.json | 1 + ...ription-manager-initial-setup-addon_security_api_results.json | 1 + ...subscription-manager-migration-data_security_api_results.json | 1 + .../subscription-manager-migration_security_api_results.json | 1 + ...bscription-manager-plugin-container_security_api_results.json | 1 + ...scription-manager-rhsm-certificates_security_api_results.json | 1 + .../subscription-manager-rhsm_security_api_results.json | 1 + .../subscription-manager_security_api_results.json | 1 + .../subversion-gnome_security_api_results.json | 1 + .../subversion-libs_security_api_results.json | 1 + .../security_api_results/subversion_security_api_results.json | 1 + .../redhat7/security_api_results/sudo_security_api_results.json | 1 + .../security_api_results/suitesparse_security_api_results.json | 1 + .../supermin-helper_security_api_results.json | 1 + .../security_api_results/supermin5_security_api_results.json | 1 + .../redhat7/security_api_results/sushi_security_api_results.json | 1 + .../security_api_results/svrcore_security_api_results.json | 1 + .../security_api_results/sweeper_security_api_results.json | 1 + .../redhat7/security_api_results/swig_security_api_results.json | 1 + .../security_api_results/symlinks_security_api_results.json | 1 + .../security_api_results/sysfsutils_security_api_results.json | 1 + .../syslinux-extlinux_security_api_results.json | 1 + .../syslinux-tftpboot_security_api_results.json | 1 + .../security_api_results/syslinux_security_api_results.json | 1 + .../security_api_results/sysstat_security_api_results.json | 1 + .../system-config-date-docs_security_api_results.json | 1 + .../system-config-date_security_api_results.json | 1 + .../system-config-firewall-base_security_api_results.json | 1 + .../system-config-kdump_security_api_results.json | 1 + .../system-config-keyboard-base_security_api_results.json | 1 + .../system-config-keyboard_security_api_results.json | 1 + .../system-config-kickstart_security_api_results.json | 1 + .../system-config-language_security_api_results.json | 1 + .../system-config-printer-libs_security_api_results.json | 1 + .../system-config-printer-udev_security_api_results.json | 1 + .../system-config-printer_security_api_results.json | 1 + .../system-config-users-docs_security_api_results.json | 1 + .../system-config-users_security_api_results.json | 1 + .../system-storage-manager_security_api_results.json | 1 + .../system-switch-java_security_api_results.json | 1 + .../security_api_results/systemd-devel_security_api_results.json | 1 + .../security_api_results/systemd-libs_security_api_results.json | 1 + .../systemd-python_security_api_results.json | 1 + .../security_api_results/systemd-sysv_security_api_results.json | 1 + .../security_api_results/systemd_security_api_results.json | 1 + .../systemtap-client_security_api_results.json | 1 + .../systemtap-devel_security_api_results.json | 1 + .../systemtap-initscript_security_api_results.json | 1 + .../systemtap-runtime_security_api_results.json | 1 + .../systemtap-sdt-devel_security_api_results.json | 1 + .../systemtap-server_security_api_results.json | 1 + .../security_api_results/systemtap_security_api_results.json | 1 + .../sysvinit-tools_security_api_results.json | 1 + .../redhat7/security_api_results/t1lib_security_api_results.json | 1 + .../security_api_results/taglib_security_api_results.json | 1 + .../security_api_results/tagsoup_security_api_results.json | 1 + .../security_api_results/talk-server_security_api_results.json | 1 + .../redhat7/security_api_results/talk_security_api_results.json | 1 + .../redhat7/security_api_results/tang_security_api_results.json | 1 + .../redhat7/security_api_results/tar_security_api_results.json | 1 + .../security_api_results/targetcli_security_api_results.json | 1 + .../security_api_results/targetd_security_api_results.json | 1 + .../security_api_results/tbb-devel_security_api_results.json | 1 + .../redhat7/security_api_results/tbb_security_api_results.json | 1 + .../redhat7/security_api_results/tboot_security_api_results.json | 1 + .../security_api_results/tcl-devel_security_api_results.json | 1 + .../security_api_results/tcl-pgtcl_security_api_results.json | 1 + .../redhat7/security_api_results/tcl_security_api_results.json | 1 + .../tcp_wrappers-devel_security_api_results.json | 1 + .../tcp_wrappers-libs_security_api_results.json | 1 + .../security_api_results/tcp_wrappers_security_api_results.json | 1 + .../security_api_results/tcpdump_security_api_results.json | 1 + .../redhat7/security_api_results/tcsh_security_api_results.json | 1 + .../security_api_results/tdb-tools_security_api_results.json | 1 + .../redhat7/security_api_results/teamd_security_api_results.json | 1 + .../telepathy-farstream_security_api_results.json | 1 + .../telepathy-filesystem_security_api_results.json | 1 + .../telepathy-gabble_security_api_results.json | 1 + .../telepathy-glib_security_api_results.json | 1 + .../telepathy-haze_security_api_results.json | 1 + .../telepathy-logger_security_api_results.json | 1 + .../telepathy-mission-control_security_api_results.json | 1 + .../telepathy-salut_security_api_results.json | 1 + .../security_api_results/telnet-server_security_api_results.json | 1 + .../security_api_results/telnet_security_api_results.json | 1 + .../tex-fonts-hebrew_security_api_results.json | 1 + .../security_api_results/tex-preview_security_api_results.json | 1 + .../security_api_results/texinfo_security_api_results.json | 1 + .../security_api_results/texlive-ae_security_api_results.json | 1 + .../texlive-algorithms_security_api_results.json | 1 + .../texlive-amscls_security_api_results.json | 1 + .../texlive-amsfonts_security_api_results.json | 1 + .../texlive-amsmath_security_api_results.json | 1 + .../texlive-anysize_security_api_results.json | 1 + .../texlive-attachfile_security_api_results.json | 1 + .../texlive-avantgar_security_api_results.json | 1 + .../security_api_results/texlive-babel_security_api_results.json | 1 + .../texlive-babelbib_security_api_results.json | 1 + .../security_api_results/texlive-base_security_api_results.json | 1 + .../texlive-beamer_security_api_results.json | 1 + .../security_api_results/texlive-bera_security_api_results.json | 1 + .../security_api_results/texlive-beton_security_api_results.json | 1 + .../texlive-bibtex-bin_security_api_results.json | 1 + .../texlive-bibtex_security_api_results.json | 1 + .../texlive-bookman_security_api_results.json | 1 + .../texlive-booktabs_security_api_results.json | 1 + .../texlive-breakurl_security_api_results.json | 1 + .../texlive-caption_security_api_results.json | 1 + .../texlive-carlisle_security_api_results.json | 1 + .../texlive-charter_security_api_results.json | 1 + .../texlive-chngcntr_security_api_results.json | 1 + .../security_api_results/texlive-cite_security_api_results.json | 1 + .../texlive-cm-lgc_security_api_results.json | 1 + .../texlive-cm-super_security_api_results.json | 1 + .../security_api_results/texlive-cm_security_api_results.json | 1 + .../security_api_results/texlive-cmap_security_api_results.json | 1 + .../texlive-cmextra_security_api_results.json | 1 + .../texlive-collection-basic_security_api_results.json | 1 + ...xlive-collection-documentation-base_security_api_results.json | 1 + ...texlive-collection-fontsrecommended_security_api_results.json | 1 + .../texlive-collection-htmlxml_security_api_results.json | 1 + .../texlive-collection-latex_security_api_results.json | 1 + ...texlive-collection-latexrecommended_security_api_results.json | 1 + .../texlive-colortbl_security_api_results.json | 1 + .../texlive-courier_security_api_results.json | 1 + .../security_api_results/texlive-crop_security_api_results.json | 1 + .../texlive-csquotes_security_api_results.json | 1 + .../texlive-ctable_security_api_results.json | 1 + .../texlive-currfile_security_api_results.json | 1 + .../texlive-dvipdfm-bin_security_api_results.json | 1 + .../texlive-dvipdfm_security_api_results.json | 1 + .../texlive-dvipdfmx-bin_security_api_results.json | 1 + .../texlive-dvipdfmx-def_security_api_results.json | 1 + .../texlive-dvipdfmx_security_api_results.json | 1 + .../texlive-dvipng-bin_security_api_results.json | 1 + .../texlive-dvipng_security_api_results.json | 1 + .../texlive-dvips-bin_security_api_results.json | 1 + .../security_api_results/texlive-dvips_security_api_results.json | 1 + .../security_api_results/texlive-ec_security_api_results.json | 1 + .../texlive-enctex_security_api_results.json | 1 + .../texlive-enumitem_security_api_results.json | 1 + .../texlive-eso-pic_security_api_results.json | 1 + .../texlive-etex-pkg_security_api_results.json | 1 + .../security_api_results/texlive-etex_security_api_results.json | 1 + .../texlive-etoolbox_security_api_results.json | 1 + .../security_api_results/texlive-euler_security_api_results.json | 1 + .../security_api_results/texlive-euro_security_api_results.json | 1 + .../texlive-eurosym_security_api_results.json | 1 + .../texlive-extsizes_security_api_results.json | 1 + .../texlive-fancybox_security_api_results.json | 1 + .../texlive-fancyhdr_security_api_results.json | 1 + .../texlive-fancyref_security_api_results.json | 1 + .../texlive-fancyvrb_security_api_results.json | 1 + .../texlive-filecontents_security_api_results.json | 1 + .../texlive-filehook_security_api_results.json | 1 + .../texlive-fix2col_security_api_results.json | 1 + .../security_api_results/texlive-float_security_api_results.json | 1 + .../texlive-fontspec_security_api_results.json | 1 + .../texlive-footmisc_security_api_results.json | 1 + .../security_api_results/texlive-fp_security_api_results.json | 1 + .../security_api_results/texlive-fpl_security_api_results.json | 1 + .../texlive-geometry_security_api_results.json | 1 + .../texlive-glyphlist_security_api_results.json | 1 + .../texlive-graphics_security_api_results.json | 1 + .../texlive-gsftopk-bin_security_api_results.json | 1 + .../texlive-gsftopk_security_api_results.json | 1 + .../texlive-helvetic_security_api_results.json | 1 + .../texlive-hyperref_security_api_results.json | 1 + .../texlive-hyph-utf8_security_api_results.json | 1 + .../texlive-hyphen-base_security_api_results.json | 1 + .../texlive-ifetex_security_api_results.json | 1 + .../texlive-ifluatex_security_api_results.json | 1 + .../texlive-ifxetex_security_api_results.json | 1 + .../security_api_results/texlive-index_security_api_results.json | 1 + .../texlive-jadetex-bin_security_api_results.json | 1 + .../texlive-jadetex_security_api_results.json | 1 + .../texlive-jknapltx_security_api_results.json | 1 + .../texlive-kastrup_security_api_results.json | 1 + .../texlive-kerkis_security_api_results.json | 1 + .../texlive-koma-script_security_api_results.json | 1 + .../texlive-kpathsea-bin_security_api_results.json | 1 + .../texlive-kpathsea-lib_security_api_results.json | 1 + .../texlive-kpathsea_security_api_results.json | 1 + .../texlive-l3experimental_security_api_results.json | 1 + .../texlive-l3kernel_security_api_results.json | 1 + .../texlive-l3packages_security_api_results.json | 1 + .../texlive-latex-bin-bin_security_api_results.json | 1 + .../texlive-latex-bin_security_api_results.json | 1 + .../texlive-latex-fonts_security_api_results.json | 1 + .../security_api_results/texlive-latex_security_api_results.json | 1 + .../texlive-latexconfig_security_api_results.json | 1 + .../texlive-listings_security_api_results.json | 1 + .../texlive-lm-math_security_api_results.json | 1 + .../security_api_results/texlive-lm_security_api_results.json | 1 + .../texlive-ltxmisc_security_api_results.json | 1 + .../texlive-lua-alt-getopt_security_api_results.json | 1 + .../texlive-lualatex-math_security_api_results.json | 1 + .../texlive-luaotfload-bin_security_api_results.json | 1 + .../texlive-luaotfload_security_api_results.json | 1 + .../texlive-luatex-bin_security_api_results.json | 1 + .../texlive-luatex_security_api_results.json | 1 + .../texlive-luatexbase_security_api_results.json | 1 + .../texlive-makeindex-bin_security_api_results.json | 1 + .../texlive-makeindex_security_api_results.json | 1 + .../texlive-marginnote_security_api_results.json | 1 + .../texlive-marvosym_security_api_results.json | 1 + .../texlive-mathpazo_security_api_results.json | 1 + .../texlive-mdwtools_security_api_results.json | 1 + .../texlive-memoir_security_api_results.json | 1 + .../texlive-metafont-bin_security_api_results.json | 1 + .../texlive-metafont_security_api_results.json | 1 + .../texlive-metalogo_security_api_results.json | 1 + .../texlive-mflogo_security_api_results.json | 1 + .../texlive-mfnfss_security_api_results.json | 1 + .../texlive-mfware-bin_security_api_results.json | 1 + .../texlive-mfware_security_api_results.json | 1 + .../security_api_results/texlive-mh_security_api_results.json | 1 + .../texlive-microtype_security_api_results.json | 1 + .../security_api_results/texlive-misc_security_api_results.json | 1 + .../texlive-mparhack_security_api_results.json | 1 + .../texlive-mptopdf-bin_security_api_results.json | 1 + .../texlive-mptopdf_security_api_results.json | 1 + .../security_api_results/texlive-ms_security_api_results.json | 1 + .../texlive-multido_security_api_results.json | 1 + .../texlive-natbib_security_api_results.json | 1 + .../texlive-ncntrsbk_security_api_results.json | 1 + .../texlive-ntgclass_security_api_results.json | 1 + .../texlive-oberdiek_security_api_results.json | 1 + .../texlive-palatino_security_api_results.json | 1 + .../texlive-paralist_security_api_results.json | 1 + .../texlive-parallel_security_api_results.json | 1 + .../texlive-parskip_security_api_results.json | 1 + .../texlive-passivetex_security_api_results.json | 1 + .../texlive-pdfpages_security_api_results.json | 1 + .../texlive-pdftex-bin_security_api_results.json | 1 + .../texlive-pdftex-def_security_api_results.json | 1 + .../texlive-pdftex_security_api_results.json | 1 + .../security_api_results/texlive-pgf_security_api_results.json | 1 + .../security_api_results/texlive-plain_security_api_results.json | 1 + .../texlive-powerdot_security_api_results.json | 1 + .../texlive-psfrag_security_api_results.json | 1 + .../texlive-pslatex_security_api_results.json | 1 + .../texlive-psnfss_security_api_results.json | 1 + .../texlive-pspicture_security_api_results.json | 1 + .../texlive-pst-3d_security_api_results.json | 1 + .../texlive-pst-blur_security_api_results.json | 1 + .../texlive-pst-coil_security_api_results.json | 1 + .../texlive-pst-eps_security_api_results.json | 1 + .../texlive-pst-fill_security_api_results.json | 1 + .../texlive-pst-grad_security_api_results.json | 1 + .../texlive-pst-math_security_api_results.json | 1 + .../texlive-pst-node_security_api_results.json | 1 + .../texlive-pst-plot_security_api_results.json | 1 + .../texlive-pst-slpe_security_api_results.json | 1 + .../texlive-pst-text_security_api_results.json | 1 + .../texlive-pst-tree_security_api_results.json | 1 + .../texlive-pstricks-add_security_api_results.json | 1 + .../texlive-pstricks_security_api_results.json | 1 + .../texlive-pxfonts_security_api_results.json | 1 + .../texlive-qstest_security_api_results.json | 1 + .../security_api_results/texlive-rcs_security_api_results.json | 1 + .../texlive-rotating_security_api_results.json | 1 + .../security_api_results/texlive-rsfs_security_api_results.json | 1 + .../texlive-sansmath_security_api_results.json | 1 + .../texlive-sauerj_security_api_results.json | 1 + .../texlive-scheme-basic_security_api_results.json | 1 + .../texlive-section_security_api_results.json | 1 + .../texlive-seminar_security_api_results.json | 1 + .../texlive-sepnum_security_api_results.json | 1 + .../texlive-setspace_security_api_results.json | 1 + .../texlive-showexpl_security_api_results.json | 1 + .../security_api_results/texlive-soul_security_api_results.json | 1 + .../texlive-subfig_security_api_results.json | 1 + .../texlive-symbol_security_api_results.json | 1 + .../texlive-tetex-bin_security_api_results.json | 1 + .../security_api_results/texlive-tetex_security_api_results.json | 1 + .../texlive-tex-bin_security_api_results.json | 1 + .../texlive-tex-gyre-math_security_api_results.json | 1 + .../texlive-tex-gyre_security_api_results.json | 1 + .../texlive-tex4ht-bin_security_api_results.json | 1 + .../texlive-tex4ht_security_api_results.json | 1 + .../security_api_results/texlive-tex_security_api_results.json | 1 + .../texlive-texconfig-bin_security_api_results.json | 1 + .../texlive-texconfig_security_api_results.json | 1 + .../texlive-texlive.infra-bin_security_api_results.json | 1 + .../texlive-texlive.infra_security_api_results.json | 1 + .../texlive-textcase_security_api_results.json | 1 + .../texlive-thumbpdf-bin_security_api_results.json | 1 + .../texlive-thumbpdf_security_api_results.json | 1 + .../security_api_results/texlive-times_security_api_results.json | 1 + .../security_api_results/texlive-tipa_security_api_results.json | 1 + .../security_api_results/texlive-tools_security_api_results.json | 1 + .../texlive-txfonts_security_api_results.json | 1 + .../texlive-type1cm_security_api_results.json | 1 + .../texlive-typehtml_security_api_results.json | 1 + .../security_api_results/texlive-ucs_security_api_results.json | 1 + .../security_api_results/texlive-ulem_security_api_results.json | 1 + .../texlive-underscore_security_api_results.json | 1 + .../texlive-unicode-math_security_api_results.json | 1 + .../security_api_results/texlive-url_security_api_results.json | 1 + .../texlive-utopia_security_api_results.json | 1 + .../texlive-varwidth_security_api_results.json | 1 + .../security_api_results/texlive-wasy_security_api_results.json | 1 + .../texlive-wasysym_security_api_results.json | 1 + .../texlive-xcolor_security_api_results.json | 1 + .../texlive-xdvi-bin_security_api_results.json | 1 + .../security_api_results/texlive-xdvi_security_api_results.json | 1 + .../texlive-xkeyval_security_api_results.json | 1 + .../texlive-xmltex-bin_security_api_results.json | 1 + .../texlive-xmltex_security_api_results.json | 1 + .../texlive-xunicode_security_api_results.json | 1 + .../texlive-zapfchan_security_api_results.json | 1 + .../texlive-zapfding_security_api_results.json | 1 + .../security_api_results/texlive_security_api_results.json | 1 + .../security_api_results/tftp-server_security_api_results.json | 1 + .../redhat7/security_api_results/tftp_security_api_results.json | 1 + .../thai-scalable-fonts-common_security_api_results.json | 1 + .../thai-scalable-garuda-fonts_security_api_results.json | 1 + .../thai-scalable-kinnari-fonts_security_api_results.json | 1 + .../thai-scalable-loma-fonts_security_api_results.json | 1 + .../thai-scalable-norasi-fonts_security_api_results.json | 1 + .../thai-scalable-purisa-fonts_security_api_results.json | 1 + .../thai-scalable-sawasdee-fonts_security_api_results.json | 1 + .../thai-scalable-tlwgmono-fonts_security_api_results.json | 1 + .../thai-scalable-tlwgtypewriter-fonts_security_api_results.json | 1 + .../thai-scalable-tlwgtypist-fonts_security_api_results.json | 1 + .../thai-scalable-tlwgtypo-fonts_security_api_results.json | 1 + .../thai-scalable-umpush-fonts_security_api_results.json | 1 + .../thai-scalable-waree-fonts_security_api_results.json | 1 + .../security_api_results/theora-tools_security_api_results.json | 1 + .../security_api_results/thunderbird_security_api_results.json | 1 + .../tibetan-machine-uni-fonts_security_api_results.json | 1 + .../tigervnc-icons_security_api_results.json | 1 + .../tigervnc-license_security_api_results.json | 1 + .../tigervnc-server-minimal_security_api_results.json | 1 + .../tigervnc-server_security_api_results.json | 1 + .../security_api_results/tigervnc_security_api_results.json | 1 + .../redhat7/security_api_results/time_security_api_results.json | 1 + .../security_api_results/tk-devel_security_api_results.json | 1 + .../redhat7/security_api_results/tk_security_api_results.json | 1 + .../security_api_results/tmpwatch_security_api_results.json | 1 + .../redhat7/security_api_results/tmux_security_api_results.json | 1 + .../security_api_results/tn5250_security_api_results.json | 1 + .../security_api_results/tncfhh-libs_security_api_results.json | 1 + .../security_api_results/tncfhh-utils_security_api_results.json | 1 + .../security_api_results/tncfhh_security_api_results.json | 1 + .../tog-pegasus-libs_security_api_results.json | 1 + .../security_api_results/tog-pegasus_security_api_results.json | 1 + .../security_api_results/tokyocabinet_security_api_results.json | 1 + .../tomcat-admin-webapps_security_api_results.json | 1 + .../tomcat-el-2.2-api_security_api_results.json | 1 + .../tomcat-jsp-2.2-api_security_api_results.json | 1 + .../security_api_results/tomcat-lib_security_api_results.json | 1 + .../tomcat-servlet-3.0-api_security_api_results.json | 1 + .../tomcat-webapps_security_api_results.json | 1 + .../security_api_results/tomcat_security_api_results.json | 1 + .../security_api_results/tomcatjss_security_api_results.json | 1 + .../totem-nautilus_security_api_results.json | 1 + .../totem-pl-parser_security_api_results.json | 1 + .../redhat7/security_api_results/totem_security_api_results.json | 1 + .../tpm-quote-tools_security_api_results.json | 1 + .../security_api_results/tpm-tools_security_api_results.json | 1 + .../security_api_results/tpm2-abrmd_security_api_results.json | 1 + .../security_api_results/tpm2-tools_security_api_results.json | 1 + .../tpm2-tss-devel_security_api_results.json | 1 + .../security_api_results/tpm2-tss_security_api_results.json | 1 + .../security_api_results/trace-cmd_security_api_results.json | 1 + .../security_api_results/traceroute_security_api_results.json | 1 + .../security_api_results/tracker_security_api_results.json | 1 + .../redhat7/security_api_results/tree_security_api_results.json | 1 + .../security_api_results/trousers_security_api_results.json | 1 + .../redhat7/security_api_results/tss2_security_api_results.json | 1 + .../security_api_results/ttmkfdir_security_api_results.json | 1 + .../redhat7/security_api_results/tuna_security_api_results.json | 1 + .../tuned-profiles-cpu-partitioning_security_api_results.json | 1 + .../security_api_results/tuned-utils_security_api_results.json | 1 + .../redhat7/security_api_results/tuned_security_api_results.json | 1 + .../redhat7/security_api_results/txw2_security_api_results.json | 1 + .../security_api_results/tzdata-java_security_api_results.json | 1 + .../security_api_results/tzdata_security_api_results.json | 1 + .../ucs-miscfixed-fonts_security_api_results.json | 1 + .../redhat7/security_api_results/ucx_security_api_results.json | 1 + .../security_api_results/udftools_security_api_results.json | 1 + .../security_api_results/udisks2-iscsi_security_api_results.json | 1 + .../security_api_results/udisks2-lsm_security_api_results.json | 1 + .../security_api_results/udisks2-lvm2_security_api_results.json | 1 + .../security_api_results/udisks2_security_api_results.json | 1 + .../security_api_results/unbound-libs_security_api_results.json | 1 + .../security_api_results/unbound_security_api_results.json | 1 + .../security_api_results/unique3-devel_security_api_results.json | 1 + .../security_api_results/unique3_security_api_results.json | 1 + .../security_api_results/unit-api_security_api_results.json | 1 + .../redhat7/security_api_results/units_security_api_results.json | 1 + .../unixODBC-devel_security_api_results.json | 1 + .../security_api_results/unixODBC_security_api_results.json | 1 + .../security_api_results/unoconv_security_api_results.json | 1 + .../redhat7/security_api_results/unzip_security_api_results.json | 1 + .../security_api_results/uom-lib_security_api_results.json | 1 + .../security_api_results/uom-se_security_api_results.json | 1 + .../security_api_results/uom-systems_security_api_results.json | 1 + .../security_api_results/upower_security_api_results.json | 1 + .../security_api_results/urlview_security_api_results.json | 1 + .../urw-base35-bookman-fonts_security_api_results.json | 1 + .../urw-base35-c059-fonts_security_api_results.json | 1 + .../urw-base35-d050000l-fonts_security_api_results.json | 1 + .../urw-base35-fonts-common_security_api_results.json | 1 + .../urw-base35-fonts_security_api_results.json | 1 + .../urw-base35-gothic-fonts_security_api_results.json | 1 + .../urw-base35-nimbus-mono-ps-fonts_security_api_results.json | 1 + .../urw-base35-nimbus-roman-fonts_security_api_results.json | 1 + .../urw-base35-nimbus-sans-fonts_security_api_results.json | 1 + .../urw-base35-p052-fonts_security_api_results.json | 1 + ...rw-base35-standard-symbols-ps-fonts_security_api_results.json | 1 + .../urw-base35-z003-fonts_security_api_results.json | 1 + .../security_api_results/urw-fonts_security_api_results.json | 1 + .../usb_modeswitch-data_security_api_results.json | 1 + .../usb_modeswitch_security_api_results.json | 1 + .../security_api_results/usbguard_security_api_results.json | 1 + .../security_api_results/usbmuxd_security_api_results.json | 1 + .../security_api_results/usbredir_security_api_results.json | 1 + .../security_api_results/usbutils_security_api_results.json | 1 + .../security_api_results/usermode-gtk_security_api_results.json | 1 + .../security_api_results/usermode_security_api_results.json | 1 + .../security_api_results/usnic-tools_security_api_results.json | 1 + .../redhat7/security_api_results/ustr_security_api_results.json | 1 + .../security_api_results/util-linux_security_api_results.json | 1 + .../redhat7/security_api_results/uuid_security_api_results.json | 1 + .../redhat7/security_api_results/uuidd_security_api_results.json | 1 + .../security_api_results/valgrind_security_api_results.json | 1 + .../redhat7/security_api_results/vdo_security_api_results.json | 1 + .../security_api_results/velocity_security_api_results.json | 1 + .../vemana2000-fonts_security_api_results.json | 1 + .../security_api_results/vim-X11_security_api_results.json | 1 + .../security_api_results/vim-common_security_api_results.json | 1 + .../security_api_results/vim-enhanced_security_api_results.json | 1 + .../vim-filesystem_security_api_results.json | 1 + .../security_api_results/vim-minimal_security_api_results.json | 1 + .../security_api_results/vinagre_security_api_results.json | 1 + .../redhat7/security_api_results/vino_security_api_results.json | 1 + .../security_api_results/virt-install_security_api_results.json | 1 + .../virt-manager-common_security_api_results.json | 1 + .../security_api_results/virt-manager_security_api_results.json | 1 + .../virt-p2v-maker_security_api_results.json | 1 + .../security_api_results/virt-top_security_api_results.json | 1 + .../security_api_results/virt-v2v_security_api_results.json | 1 + .../security_api_results/virt-viewer_security_api_results.json | 1 + .../security_api_results/virt-what_security_api_results.json | 1 + .../security_api_results/virt-who_security_api_results.json | 1 + .../security_api_results/virtio-win_security_api_results.json | 1 + .../virtuoso-opensource_security_api_results.json | 1 + .../vlgothic-fonts_security_api_results.json | 1 + .../vlgothic-p-fonts_security_api_results.json | 1 + .../volume_key-libs_security_api_results.json | 1 + .../security_api_results/volume_key_security_api_results.json | 1 + .../security_api_results/vorbis-tools_security_api_results.json | 1 + .../security_api_results/vsftpd_security_api_results.json | 1 + .../security_api_results/vte-profile_security_api_results.json | 1 + .../security_api_results/vte291_security_api_results.json | 1 + .../redhat7/security_api_results/vte3_security_api_results.json | 1 + .../security_api_results/watchdog_security_api_results.json | 1 + .../security_api_results/wavpack_security_api_results.json | 1 + .../security_api_results/wayland-devel_security_api_results.json | 1 + .../wayland-protocols-devel_security_api_results.json | 1 + .../security_api_results/webkitgtk3_security_api_results.json | 1 + .../webkitgtk4-devel_security_api_results.json | 1 + .../webkitgtk4-jsc-devel_security_api_results.json | 1 + .../webkitgtk4-jsc_security_api_results.json | 1 + .../security_api_results/webkitgtk4_security_api_results.json | 1 + .../webrtc-audio-processing_security_api_results.json | 1 + .../redhat7/security_api_results/wget_security_api_results.json | 1 + .../redhat7/security_api_results/which_security_api_results.json | 1 + .../redhat7/security_api_results/whois_security_api_results.json | 1 + .../wireshark-gnome_security_api_results.json | 1 + .../security_api_results/wireshark_security_api_results.json | 1 + .../redhat7/security_api_results/wodim_security_api_results.json | 1 + .../redhat7/security_api_results/words_security_api_results.json | 1 + .../wpa_supplicant_security_api_results.json | 1 + .../wqy-microhei-fonts_security_api_results.json | 1 + .../wqy-unibit-fonts_security_api_results.json | 1 + .../wqy-zenhei-fonts_security_api_results.json | 1 + .../security_api_results/ws-jaxme_security_api_results.json | 1 + .../security_api_results/wsmancli_security_api_results.json | 1 + .../security_api_results/wvdial_security_api_results.json | 1 + .../security_api_results/x3270-text_security_api_results.json | 1 + .../security_api_results/x3270-x11_security_api_results.json | 1 + .../redhat7/security_api_results/x3270_security_api_results.json | 1 + .../security_api_results/x86info_security_api_results.json | 1 + .../security_api_results/xalan-j2_security_api_results.json | 1 + .../xcb-util-image_security_api_results.json | 1 + .../xcb-util-keysyms_security_api_results.json | 1 + .../xcb-util-renderutil_security_api_results.json | 1 + .../security_api_results/xcb-util-wm_security_api_results.json | 1 + .../security_api_results/xcb-util_security_api_results.json | 1 + .../redhat7/security_api_results/xchat_security_api_results.json | 1 + .../security_api_results/xdelta_security_api_results.json | 1 + .../xdg-desktop-portal-gtk_security_api_results.json | 1 + .../xdg-desktop-portal_security_api_results.json | 1 + .../xdg-user-dirs-gtk_security_api_results.json | 1 + .../security_api_results/xdg-user-dirs_security_api_results.json | 1 + .../security_api_results/xdg-utils_security_api_results.json | 1 + .../security_api_results/xerces-c_security_api_results.json | 1 + .../security_api_results/xerces-j2_security_api_results.json | 1 + .../security_api_results/xferstats_security_api_results.json | 1 + .../security_api_results/xfsdump_security_api_results.json | 1 + .../security_api_results/xfsprogs_security_api_results.json | 1 + .../security_api_results/xguest_security_api_results.json | 1 + .../security_api_results/xinetd_security_api_results.json | 1 + .../xkeyboard-config_security_api_results.json | 1 + .../security_api_results/xml-common_security_api_results.json | 1 + .../xml-commons-apis_security_api_results.json | 1 + .../xml-commons-resolver_security_api_results.json | 1 + .../xmlrpc-c-client_security_api_results.json | 1 + .../security_api_results/xmlrpc-c_security_api_results.json | 1 + .../xmlsec1-openssl_security_api_results.json | 1 + .../security_api_results/xmlsec1_security_api_results.json | 1 + .../security_api_results/xmlto-tex_security_api_results.json | 1 + .../redhat7/security_api_results/xmlto_security_api_results.json | 1 + .../security_api_results/xmltoman_security_api_results.json | 1 + .../security_api_results/xorg-x11-apps_security_api_results.json | 1 + .../security_api_results/xorg-x11-docs_security_api_results.json | 1 + .../xorg-x11-drivers_security_api_results.json | 1 + .../xorg-x11-drv-ati_security_api_results.json | 1 + .../xorg-x11-drv-dummy_security_api_results.json | 1 + .../xorg-x11-drv-evdev_security_api_results.json | 1 + .../xorg-x11-drv-fbdev_security_api_results.json | 1 + .../xorg-x11-drv-intel_security_api_results.json | 1 + .../xorg-x11-drv-keyboard_security_api_results.json | 1 + .../xorg-x11-drv-libinput_security_api_results.json | 1 + .../xorg-x11-drv-mouse_security_api_results.json | 1 + .../xorg-x11-drv-nouveau_security_api_results.json | 1 + .../xorg-x11-drv-openchrome_security_api_results.json | 1 + .../xorg-x11-drv-qxl_security_api_results.json | 1 + .../xorg-x11-drv-synaptics_security_api_results.json | 1 + .../xorg-x11-drv-v4l_security_api_results.json | 1 + .../xorg-x11-drv-vesa_security_api_results.json | 1 + .../xorg-x11-drv-vmmouse_security_api_results.json | 1 + .../xorg-x11-drv-vmware_security_api_results.json | 1 + .../xorg-x11-drv-void_security_api_results.json | 1 + .../xorg-x11-drv-wacom_security_api_results.json | 1 + .../xorg-x11-font-utils_security_api_results.json | 1 + .../xorg-x11-fonts-100dpi_security_api_results.json | 1 + .../xorg-x11-fonts-75dpi_security_api_results.json | 1 + .../xorg-x11-fonts-ISO8859-1-100dpi_security_api_results.json | 1 + .../xorg-x11-fonts-ISO8859-1-75dpi_security_api_results.json | 1 + .../xorg-x11-fonts-ISO8859-14-100dpi_security_api_results.json | 1 + .../xorg-x11-fonts-ISO8859-14-75dpi_security_api_results.json | 1 + .../xorg-x11-fonts-ISO8859-15-75dpi_security_api_results.json | 1 + .../xorg-x11-fonts-ISO8859-2-100dpi_security_api_results.json | 1 + .../xorg-x11-fonts-ISO8859-2-75dpi_security_api_results.json | 1 + .../xorg-x11-fonts-ISO8859-9-100dpi_security_api_results.json | 1 + .../xorg-x11-fonts-ISO8859-9-75dpi_security_api_results.json | 1 + .../xorg-x11-fonts-Type1_security_api_results.json | 1 + .../xorg-x11-fonts-cyrillic_security_api_results.json | 1 + .../xorg-x11-fonts-ethiopic_security_api_results.json | 1 + .../xorg-x11-fonts-misc_security_api_results.json | 1 + .../xorg-x11-proto-devel_security_api_results.json | 1 + .../xorg-x11-server-Xephyr_security_api_results.json | 1 + .../xorg-x11-server-Xorg_security_api_results.json | 1 + .../xorg-x11-server-common_security_api_results.json | 1 + .../xorg-x11-server-utils_security_api_results.json | 1 + .../xorg-x11-utils_security_api_results.json | 1 + .../xorg-x11-xauth_security_api_results.json | 1 + .../xorg-x11-xbitmaps_security_api_results.json | 1 + .../xorg-x11-xinit_security_api_results.json | 1 + .../xorg-x11-xkb-utils_security_api_results.json | 1 + .../security_api_results/xorriso_security_api_results.json | 1 + .../redhat7/security_api_results/xpp3_security_api_results.json | 1 + .../security_api_results/xrestop_security_api_results.json | 1 + .../security_api_results/xsane-common_security_api_results.json | 1 + .../security_api_results/xsane-gimp_security_api_results.json | 1 + .../security_api_results/xsettings-kde_security_api_results.json | 1 + .../redhat7/security_api_results/xsom_security_api_results.json | 1 + .../redhat7/security_api_results/xterm_security_api_results.json | 1 + .../security_api_results/xulrunner_security_api_results.json | 1 + .../security_api_results/xvattr_security_api_results.json | 1 + .../security_api_results/xz-devel_security_api_results.json | 1 + .../security_api_results/xz-libs_security_api_results.json | 1 + .../redhat7/security_api_results/xz_security_api_results.json | 1 + .../security_api_results/yaboot_security_api_results.json | 1 + .../redhat7/security_api_results/yajl_security_api_results.json | 1 + .../security_api_results/yelp-libs_security_api_results.json | 1 + .../security_api_results/yelp-tools_security_api_results.json | 1 + .../security_api_results/yelp-xsl_security_api_results.json | 1 + .../redhat7/security_api_results/yelp_security_api_results.json | 1 + .../security_api_results/yp-tools_security_api_results.json | 1 + .../security_api_results/ypbind_security_api_results.json | 1 + .../security_api_results/ypserv_security_api_results.json | 1 + .../security_api_results/yum-cron_security_api_results.json | 1 + .../security_api_results/yum-langpacks_security_api_results.json | 1 + .../yum-metadata-parser_security_api_results.json | 1 + .../yum-plugin-aliases_security_api_results.json | 1 + .../yum-plugin-changelog_security_api_results.json | 1 + .../yum-plugin-ovl_security_api_results.json | 1 + .../yum-plugin-tmprepo_security_api_results.json | 1 + .../yum-plugin-verify_security_api_results.json | 1 + .../yum-plugin-versionlock_security_api_results.json | 1 + .../yum-rhn-plugin_security_api_results.json | 1 + .../security_api_results/yum-utils_security_api_results.json | 1 + .../redhat7/security_api_results/yum_security_api_results.json | 1 + .../security_api_results/zenity_security_api_results.json | 1 + .../redhat7/security_api_results/zip_security_api_results.json | 1 + .../security_api_results/zlib-devel_security_api_results.json | 1 + .../redhat7/security_api_results/zlib_security_api_results.json | 1 + .../redhat7/security_api_results/zsh_security_api_results.json | 1 + .../security_api_results/zziplib_security_api_results.json | 1 + 653 files changed, 653 insertions(+) create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sox_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spamassassin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spausedd_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spax_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/speech-dispatcher-python_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/speech-dispatcher_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/speex_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-glib_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-gtk3_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-protocol_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-server_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-streaming-agent_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-vdagent_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-xpi_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sqlite-devel_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sqlite_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/squashfs-tools_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/squid-migration-script_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/squid_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/srp_daemon_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-ad_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-client_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-common-pac_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-common_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-dbus_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-ipa_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-kcm_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-krb5-common_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-krb5_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-ldap_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-libwbclient_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-polkit-rules_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-proxy_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-tools_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-winbind-idmap_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/star_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/startup-notification-devel_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/startup-notification_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/stax-ex_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/stax2-api_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/stix-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/stix-math-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/strace32_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/strace_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/strigi-libs_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/strongimcv_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/stunnel_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-gui_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-initial-setup-addon_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-migration-data_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-migration_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-plugin-container_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-rhsm-certificates_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-rhsm_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subversion-gnome_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subversion-libs_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subversion_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sudo_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/suitesparse_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/supermin-helper_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/supermin5_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sushi_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/svrcore_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sweeper_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/swig_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/symlinks_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sysfsutils_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/syslinux-extlinux_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/syslinux-tftpboot_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/syslinux_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sysstat_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-date-docs_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-date_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-firewall-base_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-kdump_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-keyboard-base_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-keyboard_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-kickstart_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-language_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-printer-libs_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-printer-udev_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-printer_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-users-docs_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-users_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-storage-manager_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-switch-java_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemd-devel_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemd-libs_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemd-python_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemd-sysv_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemd_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap-client_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap-devel_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap-initscript_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap-runtime_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap-sdt-devel_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap-server_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sysvinit-tools_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/t1lib_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/taglib_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tagsoup_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/talk-server_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/talk_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tang_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tar_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/targetcli_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/targetd_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tbb-devel_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tbb_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tboot_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcl-devel_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcl-pgtcl_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcl_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcp_wrappers-devel_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcp_wrappers-libs_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcp_wrappers_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcpdump_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcsh_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tdb-tools_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/teamd_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-farstream_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-filesystem_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-gabble_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-glib_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-haze_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-logger_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-mission-control_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-salut_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telnet-server_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telnet_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tex-fonts-hebrew_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tex-preview_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texinfo_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ae_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-algorithms_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-amscls_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-amsfonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-amsmath_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-anysize_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-attachfile_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-avantgar_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-babel_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-babelbib_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-base_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-beamer_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-bera_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-beton_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-bibtex-bin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-bibtex_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-bookman_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-booktabs_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-breakurl_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-caption_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-carlisle_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-charter_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-chngcntr_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-cite_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-cm-lgc_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-cm-super_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-cm_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-cmap_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-cmextra_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-collection-basic_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-collection-documentation-base_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-collection-fontsrecommended_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-collection-htmlxml_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-collection-latex_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-collection-latexrecommended_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-colortbl_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-courier_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-crop_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-csquotes_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ctable_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-currfile_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipdfm-bin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipdfm_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipdfmx-bin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipdfmx-def_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipdfmx_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipng-bin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipng_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvips-bin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvips_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ec_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-enctex_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-enumitem_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-eso-pic_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-etex-pkg_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-etex_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-etoolbox_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-euler_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-euro_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-eurosym_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-extsizes_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fancybox_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fancyhdr_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fancyref_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fancyvrb_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-filecontents_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-filehook_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fix2col_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-float_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fontspec_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-footmisc_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fp_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fpl_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-geometry_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-glyphlist_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-graphics_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-gsftopk-bin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-gsftopk_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-helvetic_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-hyperref_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-hyph-utf8_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-hyphen-base_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ifetex_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ifluatex_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ifxetex_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-index_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-jadetex-bin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-jadetex_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-jknapltx_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-kastrup_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-kerkis_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-koma-script_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-kpathsea-bin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-kpathsea-lib_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-kpathsea_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-l3experimental_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-l3kernel_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-l3packages_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-latex-bin-bin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-latex-bin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-latex-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-latex_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-latexconfig_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-listings_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-lm-math_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-lm_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ltxmisc_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-lua-alt-getopt_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-lualatex-math_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-luaotfload-bin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-luaotfload_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-luatex-bin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-luatex_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-luatexbase_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-makeindex-bin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-makeindex_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-marginnote_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-marvosym_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mathpazo_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mdwtools_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-memoir_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-metafont-bin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-metafont_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-metalogo_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mflogo_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mfnfss_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mfware-bin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mfware_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mh_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-microtype_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-misc_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mparhack_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mptopdf-bin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mptopdf_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ms_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-multido_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-natbib_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ncntrsbk_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ntgclass_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-oberdiek_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-palatino_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-paralist_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-parallel_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-parskip_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-passivetex_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pdfpages_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pdftex-bin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pdftex-def_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pdftex_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pgf_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-plain_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-powerdot_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-psfrag_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pslatex_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-psnfss_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pspicture_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-3d_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-blur_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-coil_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-eps_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-fill_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-grad_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-math_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-node_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-plot_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-slpe_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-text_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-tree_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pstricks-add_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pstricks_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pxfonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-qstest_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-rcs_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-rotating_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-rsfs_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-sansmath_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-sauerj_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-scheme-basic_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-section_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-seminar_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-sepnum_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-setspace_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-showexpl_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-soul_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-subfig_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-symbol_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tetex-bin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tetex_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tex-bin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tex-gyre-math_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tex-gyre_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tex4ht-bin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tex4ht_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tex_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-texconfig-bin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-texconfig_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-texlive.infra-bin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-texlive.infra_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-textcase_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-thumbpdf-bin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-thumbpdf_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-times_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tipa_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tools_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-txfonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-type1cm_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-typehtml_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ucs_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ulem_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-underscore_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-unicode-math_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-url_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-utopia_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-varwidth_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-wasy_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-wasysym_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xcolor_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xdvi-bin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xdvi_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xkeyval_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xmltex-bin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xmltex_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xunicode_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-zapfchan_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-zapfding_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tftp-server_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tftp_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-fonts-common_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-garuda-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-kinnari-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-loma-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-norasi-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-purisa-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-sawasdee-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-tlwgmono-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-tlwgtypewriter-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-tlwgtypist-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-tlwgtypo-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-umpush-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-waree-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/theora-tools_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thunderbird_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tibetan-machine-uni-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tigervnc-icons_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tigervnc-license_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tigervnc-server-minimal_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tigervnc-server_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tigervnc_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/time_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tk-devel_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tk_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tmpwatch_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tmux_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tn5250_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tncfhh-libs_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tncfhh-utils_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tncfhh_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tog-pegasus-libs_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tog-pegasus_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tokyocabinet_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat-admin-webapps_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat-el-2.2-api_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat-jsp-2.2-api_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat-lib_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat-servlet-3.0-api_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat-webapps_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcatjss_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/totem-nautilus_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/totem-pl-parser_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/totem_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tpm-quote-tools_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tpm-tools_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tpm2-abrmd_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tpm2-tools_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tpm2-tss-devel_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tpm2-tss_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/trace-cmd_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/traceroute_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tracker_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tree_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/trousers_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tss2_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ttmkfdir_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tuna_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tuned-profiles-cpu-partitioning_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tuned-utils_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tuned_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/txw2_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tzdata-java_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tzdata_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ucs-miscfixed-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ucx_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/udftools_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/udisks2-iscsi_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/udisks2-lsm_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/udisks2-lvm2_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/udisks2_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unbound-libs_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unbound_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unique3-devel_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unique3_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unit-api_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/units_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unixODBC-devel_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unixODBC_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unoconv_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unzip_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/uom-lib_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/uom-se_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/uom-systems_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/upower_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urlview_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-bookman-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-c059-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-d050000l-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-fonts-common_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-gothic-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-nimbus-mono-ps-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-nimbus-roman-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-nimbus-sans-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-p052-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-standard-symbols-ps-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-z003-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usb_modeswitch-data_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usb_modeswitch_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usbguard_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usbmuxd_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usbredir_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usbutils_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usermode-gtk_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usermode_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usnic-tools_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ustr_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/util-linux_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/uuid_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/uuidd_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/valgrind_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vdo_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/velocity_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vemana2000-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vim-X11_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vim-common_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vim-enhanced_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vim-filesystem_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vim-minimal_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vinagre_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vino_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-install_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-manager-common_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-manager_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-p2v-maker_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-top_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-v2v_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-viewer_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-what_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-who_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virtio-win_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virtuoso-opensource_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vlgothic-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vlgothic-p-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/volume_key-libs_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/volume_key_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vorbis-tools_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vsftpd_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vte-profile_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vte291_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vte3_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/watchdog_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wavpack_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wayland-devel_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wayland-protocols-devel_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/webkitgtk3_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/webkitgtk4-devel_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/webkitgtk4-jsc-devel_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/webkitgtk4-jsc_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/webkitgtk4_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/webrtc-audio-processing_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wget_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/which_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/whois_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wireshark-gnome_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wireshark_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wodim_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/words_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wpa_supplicant_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wqy-microhei-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wqy-unibit-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wqy-zenhei-fonts_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ws-jaxme_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wsmancli_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wvdial_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/x3270-text_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/x3270-x11_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/x3270_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/x86info_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xalan-j2_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xcb-util-image_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xcb-util-keysyms_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xcb-util-renderutil_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xcb-util-wm_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xcb-util_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xchat_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xdelta_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xdg-desktop-portal-gtk_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xdg-desktop-portal_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xdg-user-dirs-gtk_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xdg-user-dirs_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xdg-utils_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xerces-c_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xerces-j2_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xferstats_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xfsdump_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xfsprogs_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xguest_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xinetd_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xkeyboard-config_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xml-common_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xml-commons-apis_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xml-commons-resolver_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmlrpc-c-client_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmlrpc-c_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmlsec1-openssl_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmlsec1_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmlto-tex_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmlto_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmltoman_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-apps_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-docs_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drivers_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-ati_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-dummy_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-evdev_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-fbdev_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-intel_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-keyboard_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-libinput_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-mouse_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-nouveau_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-openchrome_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-qxl_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-synaptics_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-v4l_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-vesa_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-vmmouse_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-vmware_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-void_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-wacom_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-font-utils_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-100dpi_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-75dpi_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-1-100dpi_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-1-75dpi_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-14-100dpi_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-14-75dpi_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-15-75dpi_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-2-100dpi_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-2-75dpi_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-9-100dpi_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-9-75dpi_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-Type1_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-cyrillic_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ethiopic_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-misc_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-proto-devel_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-server-Xephyr_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-server-Xorg_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-server-common_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-server-utils_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-utils_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-xauth_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-xbitmaps_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-xinit_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-xkb-utils_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorriso_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xpp3_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xrestop_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xsane-common_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xsane-gimp_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xsettings-kde_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xsom_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xterm_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xulrunner_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xvattr_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xz-devel_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xz-libs_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xz_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yaboot_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yajl_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yelp-libs_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yelp-tools_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yelp-xsl_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yelp_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yp-tools_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ypbind_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ypserv_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-cron_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-langpacks_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-metadata-parser_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-plugin-aliases_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-plugin-changelog_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-plugin-ovl_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-plugin-tmprepo_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-plugin-verify_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-plugin-versionlock_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-rhn-plugin_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-utils_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/zenity_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/zip_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/zlib-devel_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/zlib_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/zsh_security_api_results.json create mode 100644 tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/zziplib_security_api_results.json diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sox_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sox_security_api_results.json new file mode 100644 index 0000000..03f085d --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sox_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2019-13590","severity":"low","public_date":"2019-08-06T00:00:00Z","advisories":[],"bugzilla":"1737764","bugzilla_description":"CVE-2019-13590 sox: integer overflow in libsox.a leading to a NULL pointer dereference","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190->CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13590.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2019-1010004","severity":"low","public_date":"2019-07-14T00:00:00Z","advisories":[],"bugzilla":"1730577","bugzilla_description":"CVE-2019-1010004 sox: OOB read in function read_samples in xa.c:219 causing denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125->CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1010004.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2019-8354","severity":"moderate","public_date":"2019-02-07T00:00:00Z","advisories":[],"bugzilla":"1678284","bugzilla_description":"CVE-2019-8354 sox: integer overflow in function lsx_make_lpf in effect_i_dsp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8354.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.9"},{"CVE":"CVE-2019-8355","severity":"low","public_date":"2019-02-07T00:00:00Z","advisories":[],"bugzilla":"1678288","bugzilla_description":"CVE-2019-8355 sox: integer overflow in xmalloc.h","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8355.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2019-8356","severity":"moderate","public_date":"2019-02-07T00:00:00Z","advisories":[],"bugzilla":"1678295","bugzilla_description":"CVE-2019-8356 sox: stack-based buffer overflow in bitrv2 in fft4g.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8356.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2019-8357","severity":"low","public_date":"2019-02-07T00:00:00Z","advisories":[],"bugzilla":"1678297","bugzilla_description":"CVE-2019-8357 sox: null pointer dereference in function lsx_make_lpf in effect_i_dsp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8357.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-18189","severity":"low","public_date":"2018-02-15T00:00:00Z","advisories":["RHSA-2019:2283"],"bugzilla":"1545866","bugzilla_description":"CVE-2017-18189 sox: NULL pointer dereference in startread function in xa.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["sox-0:14.4.1-7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18189.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-15642","severity":"low","public_date":"2017-10-17T00:00:00Z","advisories":[],"bugzilla":"1510923","bugzilla_description":"CVE-2017-15642 sox: Use-after-free in lsx_aiffstartread","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15642.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-15370","severity":"low","public_date":"2017-10-11T00:00:00Z","advisories":[],"bugzilla":"1510917","bugzilla_description":"CVE-2017-15370 sox: Heap-based buffer overflow in the ImaExpandS function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15370.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-15371","severity":"low","public_date":"2017-10-11T00:00:00Z","advisories":[],"bugzilla":"1510918","bugzilla_description":"CVE-2017-15371 sox: Reachable assertion abort in the function sox_append_comment()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-617","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15371.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-15372","severity":"low","public_date":"2017-10-11T00:00:00Z","advisories":[],"bugzilla":"1510919","bugzilla_description":"CVE-2017-15372 sox: Stack-based buffer overflow in the lsx_ms_adpcm_block_expand_i function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15372.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11332","severity":"low","public_date":"2017-07-30T00:00:00Z","advisories":[],"bugzilla":"1480674","bugzilla_description":"CVE-2017-11332 sox: Divide by zero in startread function in wav.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-369","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11332.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11358","severity":"low","public_date":"2017-07-30T00:00:00Z","advisories":[],"bugzilla":"1480675","bugzilla_description":"CVE-2017-11358 sox: Invalid memory read in read_samples function in hcom.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11358.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-11359","severity":"low","public_date":"2017-07-30T00:00:00Z","advisories":[],"bugzilla":"1480676","bugzilla_description":"CVE-2017-11359 sox: Devide by zero in wavwritehdr function in wav.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-369","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11359.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2014-8145","severity":"moderate","public_date":"2014-12-22T00:00:00Z","advisories":[],"bugzilla":"1174792","bugzilla_description":"CVE-2014-8145 sox: two heap out-of-bounds access issues (oCERT-2014-010)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8145.json"},{"CVE":"CVE-2004-0557","severity":"important","public_date":"2004-07-28T00:00:00Z","advisories":["RHSA-2004:409"],"bugzilla":"1617229","bugzilla_description":"CVE-2004-0557 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["sox-0:12.17.4-4.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0557.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spamassassin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spamassassin_security_api_results.json new file mode 100644 index 0000000..15f8df6 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spamassassin_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-1930","severity":"moderate","public_date":"2020-01-30T00:00:00Z","advisories":[],"bugzilla":"1802977","bugzilla_description":"CVE-2020-1930 spamassassin: command injection via crafted configuration file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-78","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1930.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2020-1931","severity":"moderate","public_date":"2020-01-29T00:00:00Z","advisories":[],"bugzilla":"1802975","bugzilla_description":"CVE-2020-1931 spamassassin: command injection via crafted configuration file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-78","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1931.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2018-11805","severity":"moderate","public_date":"2019-12-12T00:00:00Z","advisories":[],"bugzilla":"1784974","bugzilla_description":"CVE-2018-11805 spamassassin: crafted configuration files can run system commands without any output or errors","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-78","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11805.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2019-12420","severity":"moderate","public_date":"2019-12-12T00:00:00Z","advisories":["RHSA-2020:3973"],"bugzilla":"1784984","bugzilla_description":"CVE-2019-12420 spamassassin: crafted email message can lead to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->CWE-400","affected_packages":["spamassassin-0:3.4.0-6.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12420.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-15705","severity":"important","public_date":"2018-09-17T00:00:00Z","advisories":["RHSA-2018:2916"],"bugzilla":"1629521","bugzilla_description":"CVE-2017-15705 spamassassin: Certain unclosed tags in crafted emails allow for scan timeouts and result in denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["spamassassin-0:3.4.0-4.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15705.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-11780","severity":"important","public_date":"2018-09-17T00:00:00Z","advisories":[],"bugzilla":"1629532","bugzilla_description":"CVE-2018-11780 spamassassin: Potential remote code execution vulnerability in PDFInfo plugin","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11780.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2018-11781","severity":"moderate","public_date":"2018-09-17T00:00:00Z","advisories":["RHSA-2018:2916"],"bugzilla":"1629536","bugzilla_description":"CVE-2018-11781 spamassassin: Local user code injection in the meta rule syntax","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["spamassassin-0:3.4.0-4.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11781.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.4"},{"CVE":"CVE-2007-2873","severity":"low","public_date":"2007-06-11T00:00:00Z","advisories":["RHSA-2007:0492"],"bugzilla":"243455","bugzilla_description":"CVE-2007-2873 spamassassin symlink attack","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["spamassassin-0:3.1.9-1.el5","spamassassin-0:3.1.9-1.el4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2873.json"},{"CVE":"CVE-2007-0451","severity":"important","public_date":"2007-02-13T00:00:00Z","advisories":["RHSA-2007:0074","RHSA-2007:0075"],"bugzilla":"1618365","bugzilla_description":"CVE-2007-0451 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["spamassassin-0:3.1.8-2.el5","spamassassin-0:3.1.8-2.el4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0451.json"},{"CVE":"CVE-2006-2447","severity":"moderate","public_date":"2006-06-06T00:00:00Z","advisories":["RHSA-2006:0543"],"bugzilla":"1618105","bugzilla_description":"CVE-2006-2447 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["spamassassin-0:3.0.6-1.el4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2447.json"},{"CVE":"CVE-2005-3351","severity":"moderate","public_date":"2005-09-05T00:00:00Z","advisories":["RHSA-2006:0129"],"bugzilla":"1617815","bugzilla_description":"CVE-2005-3351 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["spamassassin-0:3.0.5-3.el4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3351.json"},{"CVE":"CVE-2005-1266","severity":"moderate","public_date":"2005-06-15T00:00:00Z","advisories":["RHSA-2005:498"],"bugzilla":"1617623","bugzilla_description":"CVE-2005-1266 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["spamassassin-0:3.0.4-1.el4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1266.json"},{"CVE":"CVE-2004-0796","severity":"important","public_date":"2004-08-05T00:00:00Z","advisories":["RHSA-2004:451"],"bugzilla":"1617293","bugzilla_description":"CVE-2004-0796 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["spamassassin-0:2.55-3.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0796.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spausedd_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spausedd_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spausedd_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spax_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spax_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spax_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/speech-dispatcher-python_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/speech-dispatcher-python_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/speech-dispatcher-python_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/speech-dispatcher_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/speech-dispatcher_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/speech-dispatcher_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/speex_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/speex_security_api_results.json new file mode 100644 index 0000000..9744315 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/speex_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2008-1686","severity":"important","public_date":"2008-04-10T00:00:00Z","advisories":["RHSA-2008:0235"],"bugzilla":"441239","bugzilla_description":"CVE-2008-1686 speex, libfishsound: insufficient boundary checks","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["speex-0:1.0.4-4.el4_6.1","speex-0:1.0.5-4.el5_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1686.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-glib_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-glib_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-glib_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-gtk3_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-gtk3_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-gtk3_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-protocol_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-protocol_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-protocol_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-server_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-server_security_api_results.json new file mode 100644 index 0000000..40e117f --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-server_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-14355","severity":"important","public_date":"2020-10-06T12:00:00Z","advisories":["RHSA-2020:4187","RHSA-2020:4186","RHSA-2020:4185","RHSA-2020:4184"],"bugzilla":"1868435","bugzilla_description":"CVE-2020-14355 spice: multiple buffer overflow vulnerabilities in QUIC decoding code","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["spice-gtk-0:0.35-5.el7_9.1","spice-gtk-0:0.37-1.el8_2.2","spice-0:0.14.0-9.el7_9.1","spice-0:0.14.2-1.el8_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14355.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L","cvss3_score":"5.5"},{"CVE":"CVE-2019-3813","severity":"important","public_date":"2019-01-28T18:00:00Z","advisories":["RHSA-2019:0231","RHSA-2019:0232","RHSA-2019:0457"],"bugzilla":"1665371","bugzilla_description":"CVE-2019-3813 spice: Off-by-one error in array access in spice/server/memslot.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-193","affected_packages":["spice-0:0.14.0-6.el7_6.1","redhat-virtualization-host-0:4.2-20190219.0.el7_6","spice-server-0:0.12.4-16.el6_10.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3813.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H","cvss3_score":"8.0"},{"CVE":"CVE-2018-10873","severity":"important","public_date":"2018-08-16T00:00:00Z","advisories":["RHSA-2018:3470","RHSA-2018:2732","RHSA-2018:2731"],"bugzilla":"1596008","bugzilla_description":"CVE-2018-10873 spice: Missing check in demarshal.py:write_validate_array_item() allows for buffer overflow and denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["spice-server-0:0.12.4-16.el6_10.1","spice-0:0.14.0-2.el7_5.5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10873.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H","cvss3_score":"8.3"},{"CVE":"CVE-2017-7506","severity":"important","public_date":"2017-07-11T00:00:00Z","advisories":["RHBA-2017:2529","RHSA-2018:3522","RHSA-2017:2471"],"bugzilla":"1452606","bugzilla_description":"CVE-2017-7506 spice: Possible buffer overflow via invalid monitor configurations","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-681->CWE-119","affected_packages":["spice-0:0.12.8-2.el7.1","spice-server-0:0.12.4-16.el6_10.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7506.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H","cvss3_score":"9.1"},{"CVE":"CVE-2016-9578","severity":"moderate","public_date":"2017-02-06T00:00:00Z","advisories":["RHSA-2017:0549","RHSA-2017:0254","RHSA-2017:0253","RHSA-2017:0552"],"bugzilla":"1399566","bugzilla_description":"CVE-2016-9578 spice: Remote DoS via crafted message","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-20->CWE-770","affected_packages":["spice-server-0:0.12.4-13.el6_8.2","spice-0:0.12.4-20.el7_3","rhevm-appliance-0:20170307.0-1","redhat-virtualization-host-0:4.0-20170307.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9578.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2016-9577","severity":"moderate","public_date":"2017-02-06T00:00:00Z","advisories":["RHSA-2017:0549","RHSA-2017:0254","RHSA-2017:0253","RHSA-2017:0552"],"bugzilla":"1401603","bugzilla_description":"CVE-2016-9577 spice: Buffer overflow in main_channel_alloc_msg_rcv_buf when reading large messages","cvss_score":6.0,"cvss_scoring_vector":"AV:N/AC:M/Au:S/C:P/I:P/A:P","CWE":"CWE-20->CWE-122","affected_packages":["spice-server-0:0.12.4-13.el6_8.2","spice-0:0.12.4-20.el7_3","rhevm-appliance-0:20170307.0-1","redhat-virtualization-host-0:4.0-20170307.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9577.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2016-0749","severity":"important","public_date":"2016-06-06T00:00:00Z","advisories":["RHSA-2016:1204","RHSA-2016:1205"],"bugzilla":"1300646","bugzilla_description":"CVE-2016-0749 spice: heap-based memory corruption within smartcard handling","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-131->CWE-122","affected_packages":["spice-0:0.12.4-15.el7_2.1","spice-server-0:0.12.4-13.el6.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0749.json"},{"CVE":"CVE-2016-2150","severity":"important","public_date":"2016-06-06T00:00:00Z","advisories":["RHSA-2016:1204","RHSA-2016:1205"],"bugzilla":"1313496","bugzilla_description":"CVE-2016-2150 spice: Host memory access from guest with invalid primary surface parameters","cvss_score":4.3,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:P/I:N/A:P","CWE":null,"affected_packages":["spice-0:0.12.4-15.el7_2.1","spice-server-0:0.12.4-13.el6.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2150.json"},{"CVE":"CVE-2015-5261","severity":"important","public_date":"2015-10-06T00:00:00Z","advisories":["RHSA-2015:1890","RHSA-2015:1889"],"bugzilla":"1261889","bugzilla_description":"CVE-2015-5261 spice: host memory access from guest using crafted images","cvss_score":4.3,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:P/I:N/A:P","CWE":null,"affected_packages":["spice-0:0.12.4-9.el7_1.3","spice-server-0:0.12.4-12.el6_7.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5261.json"},{"CVE":"CVE-2015-5260","severity":"moderate","public_date":"2015-09-08T00:00:00Z","advisories":["RHSA-2015:1890","RHSA-2015:1889"],"bugzilla":"1260822","bugzilla_description":"CVE-2015-5260 spice: insufficient validation of surface_id parameter can cause crash","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:P","CWE":"CWE-20","affected_packages":["spice-0:0.12.4-9.el7_1.3","spice-server-0:0.12.4-12.el6_7.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5260.json"},{"CVE":"CVE-2015-3247","severity":"important","public_date":"2015-09-03T00:00:00Z","advisories":["RHSA-2015:1715","RHSA-2015:1713","RHSA-2015:1714"],"bugzilla":"1233238","bugzilla_description":"CVE-2015-3247 spice: memory corruption in worker_update_monitors_config()","cvss_score":7.7,"cvss_scoring_vector":"AV:A/AC:L/Au:S/C:C/I:C/A:C","CWE":"CWE-362","affected_packages":["spice-server-0:0.12.4-12.el6_7.1","rhev-hypervisor7-0:7.1-20150827.1.el7ev","spice-0:0.12.4-9.el7_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3247.json"},{"CVE":"CVE-2013-4282","severity":"important","public_date":"2013-10-29T00:00:00Z","advisories":["RHSA-2013:1473","RHSA-2013:1460","RHSA-2013:1474"],"bugzilla":"1000443","bugzilla_description":"CVE-2013-4282 spice: stack buffer overflow in reds_handle_ticket() function","cvss_score":6.1,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-121","affected_packages":["spice-server-0:0.12.0-12.el6_4.5","rhev-hypervisor6-0:6.4-20131016.0.el6_4","qspice-0:0.3.0-56.el5_10.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4282.json"},{"CVE":"CVE-2013-4130","severity":"moderate","public_date":"2013-07-05T00:00:00Z","advisories":["RHSA-2013:1260","RHSA-2013:1192"],"bugzilla":"984769","bugzilla_description":"CVE-2013-4130 spice: unsafe clients ring access abort","cvss_score":4.3,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":["rhev-hypervisor6-0:6.4-20130912.1.el6_4","spice-server-0:0.12.0-12.el6_4.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4130.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-streaming-agent_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-streaming-agent_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-streaming-agent_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-vdagent_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-vdagent_security_api_results.json new file mode 100644 index 0000000..f2fcc03 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-vdagent_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2017-15108","severity":"low","public_date":null,"advisories":[],"bugzilla":"1510864","bugzilla_description":"CVE-2017-15108 spice-vdagent: Improper validation of xfers->save_dir in vdagent_file_xfers_data()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-78","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15108.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L","cvss3_score":"6.5"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-xpi_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-xpi_security_api_results.json new file mode 100644 index 0000000..8f127c9 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/spice-xpi_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2011-0012","severity":"low","public_date":"2011-04-07T00:00:00Z","advisories":["RHSA-2011:0426"],"bugzilla":"639869","bugzilla_description":"CVE-2011-0012 spice-xpi: symlink attack on usbrdrctl log file","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["spice-xpi-0:2.4-1.el6_0.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0012.json"},{"CVE":"CVE-2011-1179","severity":"moderate","public_date":"2011-04-07T00:00:00Z","advisories":["RHSA-2011:0426","RHSA-2011:0427"],"bugzilla":"689931","bugzilla_description":"CVE-2011-1179 spice-xpi: unitialized pointer writes possible when getting plugin properties","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["spice-xpi-0:2.2-2.3.el5_6.1","spice-xpi-0:2.4-1.el6_0.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1179.json"},{"CVE":"CVE-2010-2792","severity":"moderate","public_date":"2010-08-25T00:00:00Z","advisories":["RHSA-2010:0632","RHSA-2010:0651"],"bugzilla":"620350","bugzilla_description":"CVE-2010-2792 spice-xpi/qspice-client unix socket race","cvss_score":3.3,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["spice-xpi-0:2.2-2.3.el5_5","qspice-client-0:0.3.0-4.el5_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2792.json"},{"CVE":"CVE-2010-2794","severity":"low","public_date":"2010-08-25T00:00:00Z","advisories":["RHSA-2010:0651"],"bugzilla":"620356","bugzilla_description":"CVE-2010-2794 spice-xpi symlink attack","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["spice-xpi-0:2.2-2.3.el5_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2794.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sqlite-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sqlite-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sqlite-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sqlite_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sqlite_security_api_results.json new file mode 100644 index 0000000..a734b3f --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sqlite_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-15358","severity":"moderate","public_date":"2020-06-15T00:00:00Z","advisories":[],"bugzilla":"1851957","bugzilla_description":"CVE-2020-15358 sqlite: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener optimization in select.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15358.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2020-13871","severity":"moderate","public_date":"2020-06-05T00:00:00Z","advisories":[],"bugzilla":"1845576","bugzilla_description":"CVE-2020-13871 sqlite: use-after-free in resetAccumulator in select.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13871.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-13434","severity":"moderate","public_date":"2020-05-23T00:00:00Z","advisories":[],"bugzilla":"1841223","bugzilla_description":"CVE-2020-13434 sqlite: integer overflow in sqlite3_str_vappendf function in printf.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190->CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13434.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2020-13435","severity":"moderate","public_date":"2020-05-23T00:00:00Z","advisories":[],"bugzilla":"1841231","bugzilla_description":"CVE-2020-13435 sqlite: NULL pointer dereference leads to segmentation fault in sqlite3ExprCodeTarget in expr.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13435.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2020-13630","severity":"moderate","public_date":"2020-05-16T00:00:00Z","advisories":[],"bugzilla":"1841562","bugzilla_description":"CVE-2020-13630 sqlite: Use-after-free in fts3EvalNextRow in ext/fts3/fts3.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13630.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2020-13631","severity":"moderate","public_date":"2020-05-14T00:00:00Z","advisories":[],"bugzilla":"1841568","bugzilla_description":"CVE-2020-13631 sqlite: Virtual table can be renamed into the name of one of its shadow tables","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13631.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2020-13632","severity":"moderate","public_date":"2020-05-14T00:00:00Z","advisories":[],"bugzilla":"1841574","bugzilla_description":"CVE-2020-13632 sqlite: NULL pointer dereference in ext/fts3/fts3_snippet.c via a crafted matchinfo() query","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13632.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2020-11655","severity":"moderate","public_date":"2020-04-03T00:00:00Z","advisories":[],"bugzilla":"1824174","bugzilla_description":"CVE-2020-11655 sqlite: malformed window-function query leads to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-665","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11655.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-11656","severity":"moderate","public_date":"2020-04-03T00:00:00Z","advisories":[],"bugzilla":"1824185","bugzilla_description":"CVE-2020-11656 sqlite: use-after-free in the ALTER TABLE implementation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11656.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-9327","severity":"moderate","public_date":"2020-02-21T00:00:00Z","advisories":[],"bugzilla":"1809315","bugzilla_description":"CVE-2020-9327 sqlite: NULL pointer dereference and segmentation fault because of generated column optimizations","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9327.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2020-6405","severity":"moderate","public_date":"2020-01-16T00:00:00Z","advisories":["RHSA-2020:0514"],"bugzilla":"1801181","bugzilla_description":"CVE-2020-6405 sqlite: Out-of-bounds read in SELECT with ON/USING clause","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["chromium-browser-0:80.0.3987.87-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6405.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2019-19924","severity":"moderate","public_date":"2020-01-08T00:00:00Z","advisories":["RHSA-2020:1810"],"bugzilla":"1788842","bugzilla_description":"CVE-2019-19924 sqlite: incorrect sqlite3WindowRewrite() error handling leads to mishandling certain parser-tree rewriting","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-391","affected_packages":["sqlite-0:3.26.0-6.el8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19924.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2019-19923","severity":"moderate","public_date":"2020-01-08T00:00:00Z","advisories":["RHSA-2020:0514","RHSA-2020:1810"],"bugzilla":"1788846","bugzilla_description":"CVE-2019-19923 sqlite: mishandling of certain uses of SELECT DISTINCT involving a LEFT JOIN in flattenSubquery in select.c leads to a NULL pointer dereference","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":["sqlite-0:3.26.0-6.el8","chromium-browser-0:80.0.3987.87-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19923.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-19925","severity":"moderate","public_date":"2020-01-08T00:00:00Z","advisories":["RHSA-2020:0514","RHSA-2020:1810"],"bugzilla":"1788866","bugzilla_description":"CVE-2019-19925 sqlite: zipfileUpdate in ext/misc/zipfile.c mishandles a NULL pathname during an update of a ZIP archive","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["sqlite-0:3.26.0-6.el8","chromium-browser-0:80.0.3987.87-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19925.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-20218","severity":"moderate","public_date":"2020-01-02T00:00:00Z","advisories":[],"bugzilla":"1791313","bugzilla_description":"CVE-2019-20218 sqlite: selectExpander in select.c proceeds with WITH stack unwinding even after a parsing error","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-391","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20218.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-19959","severity":"moderate","public_date":"2019-12-23T00:00:00Z","advisories":["RHSA-2020:1810"],"bugzilla":"1789595","bugzilla_description":"CVE-2019-19959 sqlite: mishandles certain uses of INSERT INTO in situations involving embedded '\\0' characters in filenames","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-626","affected_packages":["sqlite-0:3.26.0-6.el8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19959.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2019-19926","severity":"moderate","public_date":"2019-12-20T00:00:00Z","advisories":["RHSA-2020:0514"],"bugzilla":"1789364","bugzilla_description":"CVE-2019-19926 sqlite: error mishandling because of incomplete fix of CVE-2019-19880","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":["chromium-browser-0:80.0.3987.87-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19926.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-19880","severity":"moderate","public_date":"2019-12-17T00:00:00Z","advisories":["RHSA-2020:0514"],"bugzilla":"1787032","bugzilla_description":"CVE-2019-19880 sqlite: invalid pointer dereference in exprListAppendList in window.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":["chromium-browser-0:80.0.3987.87-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19880.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-13734","severity":"important","public_date":"2019-12-10T00:00:00Z","advisories":["RHSA-2019:4238","RHSA-2020:2014","RHSA-2020:0273","RHSA-2020:0229","RHBA-2020:0460","RHSA-2020:0227"],"bugzilla":"1781980","bugzilla_description":"CVE-2019-13734 sqlite: fts3: improve shadow table corruption detection","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["sqlite-0:3.26.0-4.el8_0","chromium-browser-0:79.0.3945.79-1.el6_10","sqlite-0:3.26.0-4.el8_1","redhat-coreos-42.81.20200210.0","sqlite-0:3.7.17-8.el7_7.1","sqlite-0:3.7.17-8.el7_6.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13734.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-13750","severity":"moderate","public_date":"2019-12-10T00:00:00Z","advisories":["RHSA-2019:4238"],"bugzilla":"1781997","bugzilla_description":"CVE-2019-13750 sqlite: dropping of shadow tables not restricted in defensive mode","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["chromium-browser-0:79.0.3945.79-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13750.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2019-13751","severity":"moderate","public_date":"2019-12-10T00:00:00Z","advisories":["RHSA-2019:4238"],"bugzilla":"1781998","bugzilla_description":"CVE-2019-13751 sqlite: fts3: improve detection of corrupted records","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["chromium-browser-0:79.0.3945.79-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13751.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2019-13752","severity":"moderate","public_date":"2019-12-10T00:00:00Z","advisories":["RHSA-2019:4238","RHSA-2020:1810"],"bugzilla":"1781999","bugzilla_description":"CVE-2019-13752 sqlite: fts3: improve shadow table corruption detection","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["sqlite-0:3.26.0-6.el8","chromium-browser-0:79.0.3945.79-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13752.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2019-13753","severity":"moderate","public_date":"2019-12-10T00:00:00Z","advisories":["RHSA-2019:4238","RHSA-2020:1810"],"bugzilla":"1782000","bugzilla_description":"CVE-2019-13753 sqlite: fts3: incorrectly removed corruption check","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["sqlite-0:3.26.0-6.el8","chromium-browser-0:79.0.3945.79-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13753.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2019-19645","severity":"moderate","public_date":"2019-12-09T00:00:00Z","advisories":[],"bugzilla":"1783305","bugzilla_description":"CVE-2019-19645 sqlite: infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-674","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19645.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2019-19603","severity":"moderate","public_date":"2019-12-09T00:00:00Z","advisories":[],"bugzilla":"1785318","bugzilla_description":"CVE-2019-19603 sqlite: mishandles certain SELECT statements with a nonexistent VIEW, leading to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19603.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-19646","severity":"moderate","public_date":"2019-12-09T00:00:00Z","advisories":[],"bugzilla":"1786743","bugzilla_description":"CVE-2019-19646 sqlite: pragma.c mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19646.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-19317","severity":"moderate","public_date":"2019-12-05T00:00:00Z","advisories":[],"bugzilla":"1784111","bugzilla_description":"CVE-2019-19317 sqlite: omits bits from the colUsed bitmask in the case of a generated column","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19317.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-19242","severity":"moderate","public_date":"2019-11-27T00:00:00Z","advisories":[],"bugzilla":"1778867","bugzilla_description":"CVE-2019-19242 sqlite: SQL injection in sqlite3ExprCodeTarget in expr.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-89","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19242.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2019-19244","severity":"low","public_date":"2019-11-22T00:00:00Z","advisories":[],"bugzilla":"1777945","bugzilla_description":"CVE-2019-19244 sqlite: allows a crash if a sub-select uses both DISTINCT and window functions and also has certain ORDER BY usage","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19244.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-16168","severity":"moderate","public_date":"2019-08-15T00:00:00Z","advisories":[],"bugzilla":"1768986","bugzilla_description":"CVE-2019-16168 sqlite: Division by zero in whereLoopAddBtreeIndex in sqlite3.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-369","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16168.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-5018","severity":"moderate","public_date":"2019-05-09T00:00:00Z","advisories":[],"bugzilla":"1708301","bugzilla_description":"CVE-2019-5018 sqlite: Use-after-free in window function leading to remote code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5018.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2019-5827","severity":"important","public_date":"2019-04-30T00:00:00Z","advisories":["RHSA-2019:1243"],"bugzilla":"1706805","bugzilla_description":"CVE-2019-5827 chromium-browser: out-of-bounds access in SQLite","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["chromium-browser-0:74.0.3729.131-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5827.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8457","severity":"moderate","public_date":"2019-03-20T00:00:00Z","advisories":["RHSA-2020:1810"],"bugzilla":"1716881","bugzilla_description":"CVE-2019-8457 sqlite: heap out-of-bound read in function rtreenode()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["sqlite-0:3.26.0-6.el8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8457.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-9937","severity":"low","public_date":"2019-03-18T00:00:00Z","advisories":[],"bugzilla":"1692357","bugzilla_description":"CVE-2019-9937 sqlite: null-pointer dereference in function fts5ChunkIterate in sqlite3.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9937.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2019-9936","severity":"low","public_date":"2019-03-18T00:00:00Z","advisories":[],"bugzilla":"1692365","bugzilla_description":"CVE-2019-9936 sqlite: heap-based buffer over-read in function fts5HashEntrySort in sqlite3.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9936.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2018-20346","severity":"important","public_date":"2018-12-04T00:00:00Z","advisories":[],"bugzilla":"1659379","bugzilla_description":"CVE-2018-20346 CVE-2018-20505 CVE-2018-20506 sqlite: Multiple flaws in sqlite which can be triggered via corrupted internal databases (Magellan)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20346.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2018-20505","severity":"important","public_date":"2018-12-04T00:00:00Z","advisories":[],"bugzilla":"1659379","bugzilla_description":"CVE-2018-20346 CVE-2018-20505 CVE-2018-20506 sqlite: Multiple flaws in sqlite which can be triggered via corrupted internal databases (Magellan)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20505.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2018-20506","severity":"important","public_date":"2018-12-04T00:00:00Z","advisories":[],"bugzilla":"1659379","bugzilla_description":"CVE-2018-20346 CVE-2018-20505 CVE-2018-20506 sqlite: Multiple flaws in sqlite which can be triggered via corrupted internal databases (Magellan)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20506.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2018-8740","severity":"low","public_date":"2018-03-17T00:00:00Z","advisories":[],"bugzilla":"1558804","bugzilla_description":"CVE-2018-8740 sqlite: NULL pointer dereference with databases with schema corrupted with CREATE TABLE AS allows for denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8740.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-15286","severity":"low","public_date":"2017-10-12T00:00:00Z","advisories":[],"bugzilla":"1510438","bugzilla_description":"CVE-2017-15286 sqlite: NULL pointer dereference in tableColumnList","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15286.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13685","severity":"low","public_date":"2017-08-28T00:00:00Z","advisories":[],"bugzilla":"1488881","bugzilla_description":"CVE-2017-13685 sqlite: Local DoS via dump_callback function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13685.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-7000","severity":"moderate","public_date":"2017-07-25T00:00:00Z","advisories":["RHSA-2017:1833"],"bugzilla":"1475207","bugzilla_description":"CVE-2017-7000 chromium-browser: pointer disclosure in sqlite","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["chromium-browser-0:60.0.3112.78-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7000.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2017-10989","severity":"low","public_date":"2017-07-06T00:00:00Z","advisories":[],"bugzilla":"1469672","bugzilla_description":"CVE-2017-10989 sqlite: Heap-buffer overflow in the getNodeSize function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10989.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"3.6"},{"CVE":"CVE-2016-6153","severity":"low","public_date":"2016-07-01T00:00:00Z","advisories":[],"bugzilla":"1352437","bugzilla_description":"CVE-2016-6153 sqlite: Tempdir selection vulnerability","cvss_score":1.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:N/A:N","CWE":"CWE-377","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6153.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"2.2"},{"CVE":"CVE-2015-7036","severity":"moderate","public_date":"2015-11-23T00:00:00Z","advisories":[],"bugzilla":"1305820","bugzilla_description":"CVE-2015-7036 sqlite: arbitrary code execution on databases with malformed schema","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7036.json"},{"CVE":"CVE-2015-3414","severity":"moderate","public_date":"2015-03-31T00:00:00Z","advisories":["RHSA-2015:1635"],"bugzilla":"1212353","bugzilla_description":"CVE-2015-3414 sqlite: use of uninitialized memory when parsing collation sequences in src/where.c","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-456","affected_packages":["sqlite-0:3.7.17-6.el7_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3414.json"},{"CVE":"CVE-2015-3415","severity":"moderate","public_date":"2015-03-31T00:00:00Z","advisories":["RHSA-2015:1635"],"bugzilla":"1212356","bugzilla_description":"CVE-2015-3415 sqlite: invalid free() in src/vdbe.c","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["sqlite-0:3.7.17-6.el7_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3415.json"},{"CVE":"CVE-2015-3416","severity":"moderate","public_date":"2015-03-31T00:00:00Z","advisories":["RHSA-2015:1635","RHSA-2015:1634"],"bugzilla":"1212357","bugzilla_description":"CVE-2015-3416 sqlite: stack buffer overflow in src/printf.c","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-121","affected_packages":["sqlite-0:3.6.20-1.el6_7.2","sqlite-0:3.7.17-6.el7_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3416.json"},{"CVE":"CVE-2013-7443","severity":"low","public_date":"2013-12-22T00:00:00Z","advisories":[],"bugzilla":"1243476","bugzilla_description":"CVE-2013-7443 sqlite: array overrun in the skip-scan optimization leading to memory corruption (DoS)","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7443.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/squashfs-tools_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/squashfs-tools_security_api_results.json new file mode 100644 index 0000000..67944fa --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/squashfs-tools_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2015-4645","severity":"moderate","public_date":"2015-06-17T00:00:00Z","advisories":[],"bugzilla":"1234886","bugzilla_description":"CVE-2015-4645 squashfs-tools: integer overflow in read_fragment_table_4","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4645.json"},{"CVE":"CVE-2015-4646","severity":"moderate","public_date":"2015-06-17T00:00:00Z","advisories":[],"bugzilla":"1234887","bugzilla_description":"CVE-2015-4646 squashfs-tools: stack overflow in read_fragment_table_4 due to fix for CVE-2015-4645","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4646.json"},{"CVE":"CVE-2012-4024","severity":"moderate","public_date":"2012-07-18T00:00:00Z","advisories":[],"bugzilla":"842458","bugzilla_description":"CVE-2012-4024 squashfs-tools: remote arbitrary code execution via crafted list file","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4024.json"},{"CVE":"CVE-2012-4025","severity":"moderate","public_date":"2012-07-18T00:00:00Z","advisories":[],"bugzilla":"842460","bugzilla_description":"CVE-2012-4025 squashfs-tools: integer overflow in queue_init() may lead to abitrary code execution","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4025.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/squid-migration-script_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/squid-migration-script_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/squid-migration-script_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/squid_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/squid_security_api_results.json new file mode 100644 index 0000000..936897d --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/squid_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-15810","severity":"important","public_date":"2020-08-23T00:00:00Z","advisories":["RHSA-2020:4082","RHSA-2020:3623"],"bugzilla":"1871700","bugzilla_description":"CVE-2020-15810 squid: HTTP Request Smuggling could result in cache poisoning","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-444","affected_packages":["squid-7:3.5.20-17.el7_9.4","squid:4-8020020200827100059.4cda2c84"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15810.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N","cvss3_score":"9.6"},{"CVE":"CVE-2020-15811","severity":"important","public_date":"2020-08-23T00:00:00Z","advisories":["RHSA-2020:4082","RHSA-2020:3623"],"bugzilla":"1871702","bugzilla_description":"CVE-2020-15811 squid: HTTP Request Splitting could result in cache poisoning","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-444","affected_packages":["squid-7:3.5.20-17.el7_9.4","squid:4-8020020200827100059.4cda2c84"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15811.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N","cvss3_score":"9.6"},{"CVE":"CVE-2020-24606","severity":"moderate","public_date":"2020-08-23T00:00:00Z","advisories":["RHSA-2020:4082"],"bugzilla":"1871705","bugzilla_description":"CVE-2020-24606 squid: Improper input validation could result in a DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["squid-7:3.5.20-17.el7_9.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24606.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-15049","severity":"moderate","public_date":"2020-06-26T00:00:00Z","advisories":["RHSA-2020:4082"],"bugzilla":"1852550","bugzilla_description":"CVE-2020-15049 squid: Request smuggling and poisoning attack against the HTTP cache","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-444","affected_packages":["squid-7:3.5.20-17.el7_9.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15049.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H","cvss3_score":"8.5"},{"CVE":"CVE-2020-14058","severity":"moderate","public_date":"2020-06-19T00:00:00Z","advisories":[],"bugzilla":"1852554","bugzilla_description":"CVE-2020-14058 squid: DoS in TLS handshake","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-676","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14058.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H","cvss3_score":"7.7"},{"CVE":"CVE-2020-14059","severity":"moderate","public_date":"2020-06-19T00:00:00Z","advisories":[],"bugzilla":"1852558","bugzilla_description":"CVE-2020-14059 squid: DoS when processing objects in an SMP cache due to an incorrect synchronization","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-662","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14059.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H","cvss3_score":"6.3"},{"CVE":"CVE-2019-12519","severity":"important","public_date":"2020-04-24T00:00:00Z","advisories":["RHSA-2020:2038","RHSA-2020:2040","RHSA-2020:2041","RHSA-2020:2039"],"bugzilla":"1827552","bugzilla_description":"CVE-2019-12519 squid: improper check for new member in ESIExpression::Evaluate allows for stack buffer overflow","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":["squid:4-8000020200428154754.f8e95b4e","squid:4-8020020200430095908.4cda2c84","squid-7:3.5.20-15.el7_8.1","squid:4-8010020200429095057.c27ad7f8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12519.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2019-12520","severity":"moderate","public_date":"2020-04-24T00:00:00Z","advisories":[],"bugzilla":"1827558","bugzilla_description":"CVE-2019-12520 squid: Improper input validation in request allows for proxy manipulation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12520.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"7.4"},{"CVE":"CVE-2019-12521","severity":"moderate","public_date":"2020-04-24T00:00:00Z","advisories":[],"bugzilla":"1827562","bugzilla_description":"CVE-2019-12521 squid: Off-by-one error in addStackElement allows for heap buffer overflow and crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12521.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2020-11945","severity":"important","public_date":"2020-04-24T00:00:00Z","advisories":["RHSA-2020:2038","RHSA-2020:2040","RHSA-2020:2041","RHSA-2020:2039"],"bugzilla":"1827563","bugzilla_description":"CVE-2020-11945 squid: improper access restriction upon Digest Authentication nonce replay could lead to remote code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":["squid:4-8000020200428154754.f8e95b4e","squid:4-8020020200430095908.4cda2c84","squid-7:3.5.20-15.el7_8.1","squid:4-8010020200429095057.c27ad7f8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11945.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2019-12524","severity":"moderate","public_date":"2020-04-24T00:00:00Z","advisories":[],"bugzilla":"1827570","bugzilla_description":"CVE-2019-12524 squid: Improper access restriction in url_regex may lead to security bypass","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12524.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2019-12522","severity":"low","public_date":"2020-04-24T00:00:00Z","advisories":[],"bugzilla":"1827580","bugzilla_description":"CVE-2019-12522 squid: lack of UID assignment in child process spawning could lead to privileges escalation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-266","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12522.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"4.5"},{"CVE":"CVE-2020-8449","severity":"moderate","public_date":"2020-02-03T00:00:00Z","advisories":["RHSA-2020:4082"],"bugzilla":"1798540","bugzilla_description":"CVE-2020-8449 squid: Improper input validation issues in HTTP Request processing","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["squid-7:3.5.20-17.el7_9.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8449.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"4.8"},{"CVE":"CVE-2020-8450","severity":"moderate","public_date":"2020-02-03T00:00:00Z","advisories":["RHSA-2020:4082"],"bugzilla":"1798552","bugzilla_description":"CVE-2020-8450 squid: Buffer overflow in reverse-proxy configurations","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["squid-7:3.5.20-17.el7_9.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8450.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2019-12528","severity":"moderate","public_date":"2020-02-02T00:00:00Z","advisories":["RHSA-2020:4082"],"bugzilla":"1798534","bugzilla_description":"CVE-2019-12528 squid: Information Disclosure issue in FTP Gateway","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["squid-7:3.5.20-17.el7_9.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12528.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2020-8517","severity":"important","public_date":"2020-02-02T00:00:00Z","advisories":[],"bugzilla":"1798545","bugzilla_description":"CVE-2020-8517 squid: Buffer Overflow in ext_lm_group_acl helper","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8517.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2019-18678","severity":"moderate","public_date":"2019-11-05T00:00:00Z","advisories":[],"bugzilla":"1770349","bugzilla_description":"CVE-2019-18678 squid: HTTP Request Splitting issue in HTTP message processing","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18678.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N","cvss3_score":"6.8"},{"CVE":"CVE-2019-12526","severity":"moderate","public_date":"2019-11-05T00:00:00Z","advisories":[],"bugzilla":"1770356","bugzilla_description":"CVE-2019-12526 squid: Heap overflow issue in URN processing","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12526.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2019-18679","severity":"moderate","public_date":"2019-11-05T00:00:00Z","advisories":[],"bugzilla":"1770360","bugzilla_description":"CVE-2019-18679 squid: Information Disclosure issue in HTTP Digest Authentication","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18679.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2019-18677","severity":"moderate","public_date":"2019-11-05T00:00:00Z","advisories":[],"bugzilla":"1770365","bugzilla_description":"CVE-2019-18677 squid: Cross-Site Request Forgery issue in HTTP Request processing","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18677.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"7.4"},{"CVE":"CVE-2019-12523","severity":"moderate","public_date":"2019-11-05T00:00:00Z","advisories":[],"bugzilla":"1770371","bugzilla_description":"CVE-2019-12523 squid: Improper input validation in URI processor","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12523.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"7.4"},{"CVE":"CVE-2019-18676","severity":"moderate","public_date":"2019-11-05T00:00:00Z","advisories":[],"bugzilla":"1770375","bugzilla_description":"CVE-2019-18676 squid: Buffer overflow in URI processor","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18676.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2019-18860","severity":"moderate","public_date":"2019-11-03T00:00:00Z","advisories":[],"bugzilla":"1817121","bugzilla_description":"CVE-2019-18860 squid: Mishandled HTML in the host parameter to cachemgr.cgi results in insecure behaviour","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->CWE-79","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18860.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-12854","severity":"moderate","public_date":"2019-07-12T00:00:00Z","advisories":[],"bugzilla":"1730523","bugzilla_description":"CVE-2019-12854 squid: Denial of service in cachemgr.cgi","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12854.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2019-12527","severity":"important","public_date":"2019-07-12T00:00:00Z","advisories":["RHSA-2019:2593"],"bugzilla":"1730533","bugzilla_description":"CVE-2019-12527 squid: heap-based buffer overflow in HttpHeader::getAuth","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["squid:4-8000020190823131713.f8e95b4e"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12527.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-12525","severity":"moderate","public_date":"2019-07-12T00:00:00Z","advisories":["RHSA-2020:2040","RHSA-2020:2041"],"bugzilla":"1730535","bugzilla_description":"CVE-2019-12525 squid: parsing of header Proxy-Authentication leads to memory corruption","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["squid:4-8020020200430095908.4cda2c84","squid-7:3.5.20-15.el7_8.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12525.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2019-12529","severity":"moderate","public_date":"2019-07-11T00:00:00Z","advisories":[],"bugzilla":"1730528","bugzilla_description":"CVE-2019-12529 squid: Out of bounds read in Proxy-Authorization header causes DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12529.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2019-13345","severity":"moderate","public_date":"2019-07-05T00:00:00Z","advisories":["RHSA-2020:1068","RHSA-2019:3476"],"bugzilla":"1727744","bugzilla_description":"CVE-2019-13345 squid: XSS via user_name or auth parameter in cachemgr.cgi","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":["squid-7:3.5.20-15.el7","squid:4-8010020190823133019.cdc1202b"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13345.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2018-19131","severity":"moderate","public_date":"2018-10-31T00:00:00Z","advisories":[],"bugzilla":"1645146","bugzilla_description":"CVE-2018-19131 squid: Cross-Site Scripting when generating HTTPS response messages about TLS errors","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19131.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N","cvss3_score":"5.6"},{"CVE":"CVE-2018-19132","severity":"moderate","public_date":"2018-10-31T00:00:00Z","advisories":[],"bugzilla":"1645154","bugzilla_description":"CVE-2018-19132 squid: Memory leak in SNMP query rejection code","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19132.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-1172","severity":"low","public_date":"2018-04-18T00:00:00Z","advisories":[],"bugzilla":"1569424","bugzilla_description":"CVE-2018-1172 squid: Incorrect pointer handling when processing ESI responses allows denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1172.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-1000024","severity":"moderate","public_date":"2018-01-19T00:00:00Z","advisories":["RHSA-2020:1068"],"bugzilla":"1536939","bugzilla_description":"CVE-2018-1000024 squid: Incorrect pointer handling when processing ESI Responses can lead to denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["squid-7:3.5.20-15.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000024.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H","cvss3_score":"7.4"},{"CVE":"CVE-2018-1000027","severity":"moderate","public_date":"2018-01-19T00:00:00Z","advisories":["RHSA-2020:1068"],"bugzilla":"1536942","bugzilla_description":"CVE-2018-1000027 squid: Incorrect pointer handling in HTTP processing and certificate download can lead to denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-117","affected_packages":["squid-7:3.5.20-15.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000027.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H","cvss3_score":"6.8"},{"CVE":"CVE-2016-10002","severity":"moderate","public_date":"2016-12-16T00:00:00Z","advisories":["RHSA-2017:0182","RHSA-2017:0183"],"bugzilla":"1405941","bugzilla_description":"CVE-2016-10002 squid: Information disclosure in HTTP request processing","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":["squid-7:3.5.20-2.el7_3.2","squid34-7:3.4.14-9.el6_8.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10002.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2016-10003","severity":"low","public_date":"2016-12-16T00:00:00Z","advisories":[],"bugzilla":"1405943","bugzilla_description":"CVE-2016-10003 squid: Information disclosure in Collapsed forwarding","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10003.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.7"},{"CVE":"CVE-2016-4553","severity":"moderate","public_date":"2016-05-06T00:00:00Z","advisories":["RHSA-2016:1140","RHSA-2016:1139"],"bugzilla":"1334233","bugzilla_description":"CVE-2016-4553 squid: Cache poisoning issue in HTTP Request handling","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-20","affected_packages":["squid34-7:3.4.14-9.el6_8.3","squid-7:3.3.8-26.el7_2.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4553.json"},{"CVE":"CVE-2016-4554","severity":"moderate","public_date":"2016-05-06T00:00:00Z","advisories":["RHSA-2016:1140","RHSA-2016:1138","RHSA-2016:1139"],"bugzilla":"1334241","bugzilla_description":"CVE-2016-4554 squid: Header Smuggling issue in HTTP Request processing","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:P/A:P","CWE":"CWE-20","affected_packages":["squid34-7:3.4.14-9.el6_8.3","squid-7:3.1.23-16.el6_8.4","squid-7:3.3.8-26.el7_2.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4554.json"},{"CVE":"CVE-2016-4555","severity":"moderate","public_date":"2016-05-06T00:00:00Z","advisories":["RHSA-2016:1140","RHSA-2016:1139"],"bugzilla":"1334246","bugzilla_description":"CVE-2016-4555 squid: SegFault from ESIInclude::Start","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":["squid34-7:3.4.14-9.el6_8.3","squid-7:3.3.8-26.el7_2.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4555.json"},{"CVE":"CVE-2016-4556","severity":"moderate","public_date":"2016-05-06T00:00:00Z","advisories":["RHSA-2016:1140","RHSA-2016:1138","RHSA-2016:1139"],"bugzilla":"1334786","bugzilla_description":"CVE-2016-4556 squid: SIGSEGV in ESIContext response handling","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20","affected_packages":["squid34-7:3.4.14-9.el6_8.3","squid-7:3.1.23-16.el6_8.4","squid-7:3.3.8-26.el7_2.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4556.json"},{"CVE":"CVE-2016-4051","severity":"moderate","public_date":"2016-04-20T00:00:00Z","advisories":["RHSA-2016:1140","RHSA-2016:1138","RHSA-2016:1139"],"bugzilla":"1329126","bugzilla_description":"CVE-2016-4051 squid: buffer overflow in cachemgr.cgi","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["squid34-7:3.4.14-9.el6_8.3","squid-7:3.1.23-16.el6_8.4","squid-7:3.3.8-26.el7_2.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4051.json"},{"CVE":"CVE-2016-4052","severity":"moderate","public_date":"2016-04-20T00:00:00Z","advisories":["RHSA-2016:1140","RHSA-2016:1138","RHSA-2016:1139"],"bugzilla":"1329136","bugzilla_description":"CVE-2016-4052 CVE-2016-4053 CVE-2016-4054 squid: multiple issues in ESI processing","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-20","affected_packages":["squid34-7:3.4.14-9.el6_8.3","squid-7:3.1.23-16.el6_8.4","squid-7:3.3.8-26.el7_2.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4052.json"},{"CVE":"CVE-2016-4053","severity":"moderate","public_date":"2016-04-20T00:00:00Z","advisories":["RHSA-2016:1140","RHSA-2016:1138","RHSA-2016:1139"],"bugzilla":"1329136","bugzilla_description":"CVE-2016-4052 CVE-2016-4053 CVE-2016-4054 squid: multiple issues in ESI processing","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-20","affected_packages":["squid34-7:3.4.14-9.el6_8.3","squid-7:3.1.23-16.el6_8.4","squid-7:3.3.8-26.el7_2.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4053.json"},{"CVE":"CVE-2016-4054","severity":"moderate","public_date":"2016-04-20T00:00:00Z","advisories":["RHSA-2016:1140","RHSA-2016:1138","RHSA-2016:1139"],"bugzilla":"1329136","bugzilla_description":"CVE-2016-4052 CVE-2016-4053 CVE-2016-4054 squid: multiple issues in ESI processing","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-20","affected_packages":["squid34-7:3.4.14-9.el6_8.3","squid-7:3.1.23-16.el6_8.4","squid-7:3.3.8-26.el7_2.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4054.json"},{"CVE":"CVE-2016-5408","severity":"moderate","public_date":"2016-04-20T00:00:00Z","advisories":["RHSA-2016:1573"],"bugzilla":"1359203","bugzilla_description":"CVE-2016-5408 squid: Buffer overflow vulnerability in cachemgr.cgi tool","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["squid-7:3.1.23-16.el6_8.6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5408.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2016-3947","severity":"important","public_date":"2016-04-01T00:00:00Z","advisories":[],"bugzilla":"1323590","bugzilla_description":"CVE-2016-3947 squid: buffer overrun in Squid proxy pinger","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3947.json"},{"CVE":"CVE-2016-3948","severity":"moderate","public_date":"2016-04-01T00:00:00Z","advisories":["RHSA-2016:2600"],"bugzilla":"1323594","bugzilla_description":"CVE-2016-3948 squid: denial of service issue in HTTP response processing","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-617","affected_packages":["squid-7:3.5.20-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3948.json"},{"CVE":"CVE-2016-2569","severity":"moderate","public_date":"2016-02-24T00:00:00Z","advisories":["RHSA-2016:2600"],"bugzilla":"1312257","bugzilla_description":"CVE-2016-2569 CVE-2016-2570 squid: some code paths fail to check bounds in string object","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-617","affected_packages":["squid-7:3.5.20-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2569.json"},{"CVE":"CVE-2016-2570","severity":"moderate","public_date":"2016-02-24T00:00:00Z","advisories":["RHSA-2016:2600"],"bugzilla":"1312257","bugzilla_description":"CVE-2016-2569 CVE-2016-2570 squid: some code paths fail to check bounds in string object","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-617","affected_packages":["squid-7:3.5.20-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2570.json"},{"CVE":"CVE-2016-2571","severity":"moderate","public_date":"2016-02-24T00:00:00Z","advisories":["RHSA-2016:2600"],"bugzilla":"1312262","bugzilla_description":"CVE-2016-2571 CVE-2016-2572 squid: wrong error handling for malformed HTTP responses","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-228","affected_packages":["squid-7:3.5.20-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2571.json"},{"CVE":"CVE-2016-2572","severity":"moderate","public_date":"2016-02-24T00:00:00Z","advisories":["RHSA-2016:2600"],"bugzilla":"1312262","bugzilla_description":"CVE-2016-2571 CVE-2016-2572 squid: wrong error handling for malformed HTTP responses","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-228","affected_packages":["squid-7:3.5.20-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2572.json"},{"CVE":"CVE-2016-2390","severity":"moderate","public_date":"2016-02-16T00:00:00Z","advisories":[],"bugzilla":"1308865","bugzilla_description":"CVE-2016-2390 squid: incorrect server error handling resulting in denial of service","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2390.json"},{"CVE":"CVE-2015-5400","severity":"low","public_date":"2015-07-06T00:00:00Z","advisories":[],"bugzilla":"1240741","bugzilla_description":"CVE-2015-5400 squid: information disclosure due to incorrect handling of peer responses in tunnel.cc (SQUID-2015:2)","cvss_score":2.3,"cvss_scoring_vector":"AV:A/AC:M/Au:S/C:P/I:N/A:N","CWE":"CWE-200->CWE-391->CWE-392","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5400.json"},{"CVE":"CVE-2015-3455","severity":"moderate","public_date":"2015-05-01T00:00:00Z","advisories":["RHSA-2015:2378"],"bugzilla":"1218118","bugzilla_description":"CVE-2015-3455 squid: incorrect X509 server certificate validation (SQUID-2015:1)","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":"CWE-697->CWE-297","affected_packages":["squid-7:3.3.8-26.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3455.json"},{"CVE":"CVE-2015-0881","severity":"moderate","public_date":"2015-03-06T00:00:00Z","advisories":[],"bugzilla":"1199518","bugzilla_description":"CVE-2015-0881 squid: CRLF injection flaw permitting HTTP response splitting attacks","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-113","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0881.json"},{"CVE":"CVE-2014-9749","severity":"moderate","public_date":"2015-01-28T00:00:00Z","advisories":[],"bugzilla":"1186768","bugzilla_description":"CVE-2014-9749 squid: Nonce replay vulnerability in Digest authentication","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:L/Au:S/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9749.json"},{"CVE":"CVE-2014-7142","severity":"low","public_date":"2014-09-16T00:00:00Z","advisories":[],"bugzilla":"1148832","bugzilla_description":"CVE-2014-7142 squid: pinger incorrect input validation flaw in handling of ICMP replies (SQUID-2014:4)","cvss_score":1.8,"cvss_scoring_vector":"AV:A/AC:H/Au:N/C:N/I:N/A:P","CWE":"CWE-129","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7142.json"},{"CVE":"CVE-2014-7141","severity":"low","public_date":"2014-09-09T00:00:00Z","advisories":[],"bugzilla":"1139715","bugzilla_description":"CVE-2014-7141 squid: pinger OOB array index flaw in handling of ICMP replies (SQUID-2014:4)","cvss_score":1.8,"cvss_scoring_vector":"AV:A/AC:H/Au:N/C:N/I:N/A:P","CWE":"CWE-129","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7141.json"},{"CVE":"CVE-2014-6270","severity":"moderate","public_date":"2014-09-09T00:00:00Z","advisories":[],"bugzilla":"1139967","bugzilla_description":"CVE-2014-6270 squid: off-by-one error in snmpHandleUdp() leading to a bss-based buffer overflow (SQUID-2014:3)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-193","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6270.json"},{"CVE":"CVE-2014-3609","severity":"important","public_date":"2014-08-28T00:00:00Z","advisories":["RHSA-2014:1148","RHSA-2014:1147"],"bugzilla":"1134209","bugzilla_description":"CVE-2014-3609 squid: assertion failure in Range header processing (SQUID-2014:2)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-228->CWE-617","affected_packages":["squid-7:3.1.10-22.el6_5","squid-7:3.3.8-12.el7_0","squid-7:2.6.STABLE21-7.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3609.json"},{"CVE":"CVE-2014-0128","severity":"moderate","public_date":"2014-03-09T00:00:00Z","advisories":["RHSA-2014:0597"],"bugzilla":"1074870","bugzilla_description":"CVE-2014-0128 squid: denial of service when using SSL-Bump","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["squid-7:3.1.10-20.el6_5.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0128.json"},{"CVE":"CVE-2013-4123","severity":"moderate","public_date":"2013-07-13T00:00:00Z","advisories":[],"bugzilla":"984632","bugzilla_description":"CVE-2013-4123 squid: Denial of service when processing specially-crafted HTTP requests (SQUID-2013:3)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4123.json"},{"CVE":"CVE-2013-4115","severity":"low","public_date":"2013-07-10T00:00:00Z","advisories":["RHSA-2014:1148"],"bugzilla":"983653","bugzilla_description":"CVE-2013-4115 squid: buffer overflow when processing overly long DNS names (SQUID-2013:2)","cvss_score":1.8,"cvss_scoring_vector":"AV:A/AC:H/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["squid-7:3.1.10-22.el6_5","squid-7:2.6.STABLE21-7.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4115.json"},{"CVE":"CVE-2013-1839","severity":"moderate","public_date":"2013-03-05T00:00:00Z","advisories":[],"bugzilla":"920421","bugzilla_description":"CVE-2013-1839 Squid: strHdrAcptLangGetItem() infinite CPU loop","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1839.json"},{"CVE":"CVE-2013-0189","severity":"moderate","public_date":"2013-01-01T00:00:00Z","advisories":[],"bugzilla":"895972","bugzilla_description":"CVE-2013-0189 squid: Incomplete fix for the CVE-2012-5643 issue","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0189.json"},{"CVE":"CVE-2012-5643","severity":"moderate","public_date":"2012-12-17T00:00:00Z","advisories":["RHSA-2013:0505"],"bugzilla":"887962","bugzilla_description":"CVE-2012-5643 squid: cachemgr.cgi memory usage DoS and memory leaks","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-401","affected_packages":["squid-7:3.1.10-16.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5643.json"},{"CVE":"CVE-2012-2213","severity":"low","public_date":"2012-04-16T00:00:00Z","advisories":[],"bugzilla":"817521","bugzilla_description":"CVE-2012-2213 squid: URL filtering bypass","cvss_score":6.4,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2213.json"},{"CVE":"CVE-2011-3205","severity":"moderate","public_date":"2011-08-28T00:00:00Z","advisories":["RHSA-2011:1293"],"bugzilla":"734583","bugzilla_description":"CVE-2011-3205 squid: buffer overflow flaw in Squid's Gopher reply parser (SQUID-2011:3)","cvss_score":5.4,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["squid-7:3.1.10-1.el6_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3205.json"},{"CVE":"CVE-2011-4096","severity":"moderate","public_date":"2011-06-06T00:00:00Z","advisories":["RHSA-2011:1791"],"bugzilla":"750316","bugzilla_description":"CVE-2011-4096 squid: Invalid free by processing CNAME DNS record pointing to another CNAME record pointing to an empty A-record","cvss_score":3.3,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["squid-7:3.1.10-1.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4096.json"},{"CVE":"CVE-2010-3072","severity":"low","public_date":"2010-09-03T00:00:00Z","advisories":["RHSA-2011:0545"],"bugzilla":"630444","bugzilla_description":"CVE-2010-3072 Squid: Denial of service due internal error in string handling (SQUID-2010:3)","cvss_score":3.3,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["squid-7:3.1.10-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3072.json"},{"CVE":"CVE-2010-2951","severity":"low","public_date":"2010-08-18T00:00:00Z","advisories":[],"bugzilla":"626927","bugzilla_description":"CVE-2010-2951 squid: child assertion failure when processing large DNS replies with no IPv6 resolver present","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P/","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2951.json"},{"CVE":"CVE-2010-0308","severity":"low","public_date":"2009-12-27T00:00:00Z","advisories":["RHSA-2010:0221"],"bugzilla":"556389","bugzilla_description":"CVE-2010-0308 squid: temporary DoS (assertion failure) triggered by truncated DNS packet (SQUID-2010:1)","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["squid-7:2.6.STABLE21-6.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0308.json"},{"CVE":"CVE-2009-2855","severity":"low","public_date":"2009-06-28T00:00:00Z","advisories":["RHSA-2010:0221"],"bugzilla":"518182","bugzilla_description":"CVE-2009-2855 squid: DoS (100% CPU use) while processing certain external ACL helper HTTP headers","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["squid-7:2.6.STABLE21-6.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2855.json"},{"CVE":"CVE-2009-0801","severity":"low","public_date":"2009-02-23T00:00:00Z","advisories":[],"bugzilla":"488502","bugzilla_description":"CVE-2009-0801 squid: remote bypass of access controls","cvss_score":1.8,"cvss_scoring_vector":"AV:A/AC:H/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0801.json"},{"CVE":"CVE-2008-1612","severity":"moderate","public_date":"2008-03-22T00:00:00Z","advisories":["RHSA-2008:0214"],"bugzilla":"439801","bugzilla_description":"CVE-2008-1612 squid: regression in SQUID-2007:2 / CVE-2007-6239","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["squid-7:2.5.STABLE14-1.4E.el4_6.2","squid-7:2.6.STABLE6-5.el5_1.3","squid-7:2.4.STABLE7-1.21as.12","squid-7:2.5.STABLE3-9.3E"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1612.json"},{"CVE":"CVE-2007-6239","severity":"moderate","public_date":"2007-12-04T00:00:00Z","advisories":["RHSA-2007:1130"],"bugzilla":"410181","bugzilla_description":"CVE-2007-6239 squid: DoS in cache updates","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["squid-7:2.5.STABLE14-1.4E.el4_6.1","squid-7:2.6.STABLE6-5.el5_1.2","squid-7:2.4.STABLE7-1.21as.11","squid-7:2.5.STABLE3-8.3E"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6239.json"},{"CVE":"CVE-2007-1560","severity":"moderate","public_date":"2007-03-20T00:00:00Z","advisories":["RHSA-2007:0131"],"bugzilla":"1618302","bugzilla_description":"CVE-2007-1560 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["squid-7:2.6.STABLE6-4.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1560.json"},{"CVE":"CVE-2005-2917","severity":"moderate","public_date":"2005-09-15T00:00:00Z","advisories":["RHSA-2006:0045","RHSA-2006:0052"],"bugzilla":"1617765","bugzilla_description":"CVE-2005-2917 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["squid-7:2.5.STABLE6-3.4E.12","squid-7:2.5.STABLE3-6.3E.16"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2917.json"},{"CVE":"CVE-2005-2794","severity":"important","public_date":"2005-09-01T00:00:00Z","advisories":["RHSA-2005:766"],"bugzilla":"1617754","bugzilla_description":"CVE-2005-2794 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["squid-7:2.5.STABLE6-3.4E.11","squid-7:2.5.STABLE3-6.3E.14"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2794.json"},{"CVE":"CVE-2005-2796","severity":"important","public_date":"2005-09-01T00:00:00Z","advisories":["RHSA-2005:766"],"bugzilla":"1617755","bugzilla_description":"CVE-2005-2796 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["squid-7:2.5.STABLE6-3.4E.11","squid-7:2.5.STABLE3-6.3E.14"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2796.json"},{"CVE":"CVE-2005-1519","severity":"low","public_date":"2005-05-11T00:00:00Z","advisories":["RHSA-2005:489","RHSA-2005:415"],"bugzilla":"1617653","bugzilla_description":"CVE-2005-1519 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["squid-7:2.5.STABLE6-3.4E.9","squid-7:2.5.STABLE3-6.3E.13"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1519.json"},{"CVE":"CVE-2005-0718","severity":"low","public_date":"2005-03-04T00:00:00Z","advisories":["RHSA-2005:489","RHSA-2005:415"],"bugzilla":"1617563","bugzilla_description":"CVE-2005-0718 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["squid-7:2.5.STABLE6-3.4E.9","squid-7:2.5.STABLE3-6.3E.13"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0718.json"},{"CVE":"CVE-2005-1345","severity":"low","public_date":"2005-03-04T00:00:00Z","advisories":["RHSA-2005:415"],"bugzilla":"1617631","bugzilla_description":"CVE-2005-1345 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["squid-7:2.5.STABLE6-3.4E.9","squid-7:2.5.STABLE3-6.3E.13"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1345.json"},{"CVE":"CVE-2005-0626","severity":"low","public_date":"2005-03-02T00:00:00Z","advisories":["RHSA-2005:415"],"bugzilla":"1617553","bugzilla_description":"CVE-2005-0626 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["squid-7:2.5.STABLE6-3.4E.9","squid-7:2.5.STABLE3-6.3E.13"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0626.json"},{"CVE":"CVE-2005-0446","severity":"moderate","public_date":"2005-02-13T00:00:00Z","advisories":["RHSA-2005:201","RHSA-2005:173"],"bugzilla":"1617523","bugzilla_description":"CVE-2005-0446 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["squid-7:2.5.STABLE6-3.4E.5","squid-7:2.5.STABLE3-6.3E.8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0446.json"},{"CVE":"CVE-2005-0174","severity":null,"public_date":"2005-01-31T00:00:00Z","advisories":["RHSA-2005:061","RHSA-2005:060"],"bugzilla":"1617479","bugzilla_description":"CVE-2005-0174 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["squid-7:2.5.STABLE3-6.3E.7","squid-7:2.5.STABLE6-3.4E.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0174.json"},{"CVE":"CVE-2005-0175","severity":null,"public_date":"2005-01-31T00:00:00Z","advisories":["RHSA-2005:061","RHSA-2005:060"],"bugzilla":"1617480","bugzilla_description":"CVE-2005-0175 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["squid-7:2.5.STABLE3-6.3E.7","squid-7:2.5.STABLE6-3.4E.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0175.json"},{"CVE":"CVE-2005-0241","severity":"moderate","public_date":"2005-01-31T00:00:00Z","advisories":["RHSA-2005:061","RHSA-2005:060"],"bugzilla":"1617504","bugzilla_description":"CVE-2005-0241 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["squid-7:2.5.STABLE3-6.3E.7","squid-7:2.5.STABLE6-3.4E.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0241.json"},{"CVE":"CVE-2005-0211","severity":"important","public_date":"2005-01-28T00:00:00Z","advisories":["RHSA-2005:061","RHSA-2005:060"],"bugzilla":"1617498","bugzilla_description":"CVE-2005-0211 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["squid-7:2.5.STABLE3-6.3E.7","squid-7:2.5.STABLE6-3.4E.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0211.json"},{"CVE":"CVE-2005-0094","severity":null,"public_date":"2005-01-12T00:00:00Z","advisories":["RHSA-2005:061","RHSA-2005:060"],"bugzilla":"1617455","bugzilla_description":"CVE-2005-0094 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["squid-7:2.5.STABLE3-6.3E.7","squid-7:2.5.STABLE6-3.4E.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0094.json"},{"CVE":"CVE-2005-0095","severity":null,"public_date":"2005-01-12T00:00:00Z","advisories":["RHSA-2005:061","RHSA-2005:060"],"bugzilla":"1617456","bugzilla_description":"CVE-2005-0095 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["squid-7:2.5.STABLE3-6.3E.7","squid-7:2.5.STABLE6-3.4E.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0095.json"},{"CVE":"CVE-2005-0173","severity":null,"public_date":"2005-01-10T00:00:00Z","advisories":["RHSA-2005:061","RHSA-2005:060"],"bugzilla":"1617478","bugzilla_description":"CVE-2005-0173 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["squid-7:2.5.STABLE3-6.3E.7","squid-7:2.5.STABLE6-3.4E.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0173.json"},{"CVE":"CVE-2005-0096","severity":null,"public_date":"2005-01-08T00:00:00Z","advisories":["RHSA-2005:061","RHSA-2005:060"],"bugzilla":"1617457","bugzilla_description":"CVE-2005-0096 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["squid-7:2.5.STABLE3-6.3E.7","squid-7:2.5.STABLE6-3.4E.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0096.json"},{"CVE":"CVE-2005-0097","severity":null,"public_date":"2005-01-08T00:00:00Z","advisories":["RHSA-2005:061","RHSA-2005:060"],"bugzilla":"1617458","bugzilla_description":"CVE-2005-0097 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["squid-7:2.5.STABLE3-6.3E.7","squid-7:2.5.STABLE6-3.4E.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0097.json"},{"CVE":"CVE-2004-2479","severity":"low","public_date":"2004-11-23T00:00:00Z","advisories":["RHSA-2005:766"],"bugzilla":"1617425","bugzilla_description":"CVE-2004-2479 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["squid-7:2.5.STABLE6-3.4E.11","squid-7:2.5.STABLE3-6.3E.14"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-2479.json"},{"CVE":"CVE-2004-0918","severity":"important","public_date":"2004-10-11T00:00:00Z","advisories":["RHSA-2004:591"],"bugzilla":"453211","bugzilla_description":"CVE-2004-0918 Squid SNMP DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["squid-7:2.5.STABLE3-6.3E.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0918.json"},{"CVE":"CVE-2004-0832","severity":"moderate","public_date":"2004-08-18T00:00:00Z","advisories":["RHSA-2004:462"],"bugzilla":"1617307","bugzilla_description":"CVE-2004-0832 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["squid-7:2.5.STABLE3-6.3E.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0832.json"},{"CVE":"CVE-2004-0541","severity":"moderate","public_date":"2004-06-08T00:00:00Z","advisories":["RHSA-2004:242"],"bugzilla":"1617226","bugzilla_description":"CVE-2004-0541 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["squid-7:2.5.STABLE3-6.3E"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0541.json"},{"CVE":"CVE-2004-0189","severity":"low","public_date":"2004-02-29T00:00:00Z","advisories":["RHSA-2004:133","RHSA-2004:134"],"bugzilla":"1617177","bugzilla_description":"CVE-2004-0189 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["squid-7:2.5.STABLE3-5.3E"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0189.json"},{"CVE":"CVE-1999-0710","severity":"low","public_date":"1999-07-25T00:00:00Z","advisories":["RHSA-2005:489","RHSA-2005:415"],"bugzilla":"1616452","bugzilla_description":"CVE-1999-0710 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["squid-7:2.5.STABLE6-3.4E.9","squid-7:2.5.STABLE3-6.3E.13"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-1999-0710.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/srp_daemon_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/srp_daemon_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/srp_daemon_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-ad_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-ad_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-ad_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-client_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-client_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-client_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-common-pac_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-common-pac_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-common-pac_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-common_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-common_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-common_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-dbus_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-dbus_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-dbus_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-ipa_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-ipa_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-ipa_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-kcm_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-kcm_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-kcm_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-krb5-common_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-krb5-common_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-krb5-common_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-krb5_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-krb5_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-krb5_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-ldap_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-ldap_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-ldap_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-libwbclient_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-libwbclient_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-libwbclient_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-polkit-rules_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-polkit-rules_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-polkit-rules_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-proxy_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-proxy_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-proxy_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-tools_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-tools_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-tools_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-winbind-idmap_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-winbind-idmap_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd-winbind-idmap_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd_security_api_results.json new file mode 100644 index 0000000..c3f0a9b --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sssd_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2018-16838","severity":"low","public_date":"2019-02-04T00:00:00Z","advisories":["RHSA-2019:2177","RHSA-2019:3651","RHSA-2019:2437","RHBA-2019:3303"],"bugzilla":"1640820","bugzilla_description":"CVE-2018-16838 sssd: improper implementation of GPOs due to too restrictive permissions","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":["redhat-coreos-42.81.20191107.0","sssd-0:1.16.4-21.el7","redhat-virtualization-host-0:4.3.5-20190722.0.el7_7","sssd-0:2.2.0-19.el8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16838.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"5.4"},{"CVE":"CVE-2018-16883","severity":"low","public_date":"2018-12-19T00:00:00Z","advisories":[],"bugzilla":"1659862","bugzilla_description":"CVE-2018-16883 sssd: Information leak in infopipe due to an improper uid restriction","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16883.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"2.5"},{"CVE":"CVE-2019-3811","severity":"moderate","public_date":"2018-12-04T00:00:00Z","advisories":["RHSA-2019:2177"],"bugzilla":"1656618","bugzilla_description":"CVE-2019-3811 sssd: fallback_homedir returns '/' for empty home directories in passwd file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-552->CWE-200","affected_packages":["sssd-0:1.16.4-21.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3811.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N","cvss3_score":"4.1"},{"CVE":"CVE-2018-10852","severity":"low","public_date":"2018-06-26T00:00:00Z","advisories":["RHSA-2018:3158"],"bugzilla":"1588810","bugzilla_description":"CVE-2018-10852 sssd: information leak from the sssd-sudo responder","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["sssd-0:1.16.2-13.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10852.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N","cvss3_score":"3.8"},{"CVE":"CVE-2017-12173","severity":"moderate","public_date":"2017-10-03T00:00:00Z","advisories":["RHSA-2018:1877","RHSA-2017:3379"],"bugzilla":"1498173","bugzilla_description":"CVE-2017-12173 sssd: unsanitized input when searching in local cache database","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["sssd-0:1.15.2-50.el7_4.8","sssd-0:1.13.3-60.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12173.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2015-5292","severity":"low","public_date":"2015-09-23T00:00:00Z","advisories":["RHSA-2015:2355","RHSA-2015:2019"],"bugzilla":"1267580","bugzilla_description":"CVE-2015-5292 sssd: memory leak in the sssd_pac_plugin","cvss_score":2.1,"cvss_scoring_vector":"AV:N/AC:H/Au:S/C:N/I:N/A:P","CWE":"CWE-401","affected_packages":["sssd-0:1.13.0-40.el7","sssd-0:1.12.4-47.el6_7.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5292.json"},{"CVE":"CVE-2014-0249","severity":"low","public_date":"2014-05-13T00:00:00Z","advisories":["RHBA-2014:1375","RHBA-2015:0441"],"bugzilla":"1101751","bugzilla_description":"CVE-2014-0249 sssd: incorrect expansion of group membership when encountering a non-POSIX group","cvss_score":2.1,"cvss_scoring_vector":"AV:N/AC:H/Au:S/C:N/I:P/A:N","CWE":null,"affected_packages":["sssd-0:1.12.2-58.el7","sssd-0:1.11.6-30.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0249.json"},{"CVE":"CVE-2013-0287","severity":"moderate","public_date":"2013-03-19T00:00:00Z","advisories":["RHSA-2013:0663"],"bugzilla":"910938","bugzilla_description":"CVE-2013-0287 sssd: simple access provider flaw prevents intended ACL use when client to an AD provider","cvss_score":4.9,"cvss_scoring_vector":"AV:N/AC:M/Au:S/C:P/I:P/A:N","CWE":null,"affected_packages":["sssd-0:1.9.2-82.4.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0287.json"},{"CVE":"CVE-2013-0219","severity":"low","public_date":"2013-01-23T00:00:00Z","advisories":["RHSA-2013:0508","RHSA-2013:1319"],"bugzilla":"884254","bugzilla_description":"CVE-2013-0219 sssd: TOCTOU race conditions by copying and removing directory trees","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-367","affected_packages":["sssd-0:1.5.1-70.el5","sssd-0:1.9.2-82.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0219.json"},{"CVE":"CVE-2013-0220","severity":"low","public_date":"2013-01-23T00:00:00Z","advisories":["RHSA-2013:0508"],"bugzilla":"884601","bugzilla_description":"CVE-2013-0220 sssd: Out-of-bounds read flaws in autofs and ssh services responders","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":["sssd-0:1.9.2-82.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0220.json"},{"CVE":"CVE-2010-4341","severity":"low","public_date":"2011-01-11T00:00:00Z","advisories":["RHSA-2011:0560","RHSA-2011:0975"],"bugzilla":"661163","bugzilla_description":"CVE-2010-4341 sssd: DoS in sssd PAM responder can prevent logins","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["sssd-0:1.5.1-34.el6","sssd-0:1.5.1-37.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4341.json"},{"CVE":"CVE-2010-2940","severity":"important","public_date":"2010-08-24T00:00:00Z","advisories":[],"bugzilla":"625189","bugzilla_description":"CVE-2010-2940 sssd: allows null password entry to authenticate against LDAP","cvss_score":7.5,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","CWE":"CWE-284","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2940.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/star_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/star_security_api_results.json new file mode 100644 index 0000000..856954c --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/star_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2016-6321","severity":"moderate","public_date":"2016-10-27T00:00:00Z","advisories":[],"bugzilla":"1318562","bugzilla_description":"CVE-2016-6321 tar: Bypassing the extract path name","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-22","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6321.json"},{"CVE":"CVE-2013-1793","severity":"moderate","public_date":"2015-07-23T00:00:00Z","advisories":[],"bugzilla":"916767","bugzilla_description":"CVE-2013-1793 openstack-utils: openstack-db insecure password creation for services","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1793.json"},{"CVE":"CVE-2007-4134","severity":"moderate","public_date":"2007-08-21T00:00:00Z","advisories":["RHSA-2007:0873"],"bugzilla":"253856","bugzilla_description":"CVE-2007-4134 star directory traversal vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["star-0:1.5a75-2","star-0:1.5a25-8","star-0:1.5a08-5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4134.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/startup-notification-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/startup-notification-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/startup-notification-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/startup-notification_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/startup-notification_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/startup-notification_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/stax-ex_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/stax-ex_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/stax-ex_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/stax2-api_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/stax2-api_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/stax2-api_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/stix-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/stix-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/stix-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/stix-math-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/stix-math-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/stix-math-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/strace32_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/strace32_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/strace32_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/strace_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/strace_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/strace_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/strigi-libs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/strigi-libs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/strigi-libs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/strongimcv_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/strongimcv_security_api_results.json new file mode 100644 index 0000000..2d2d680 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/strongimcv_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2018-17540","severity":"low","public_date":"2018-10-02T00:00:00Z","advisories":[],"bugzilla":"1635877","bugzilla_description":"CVE-2018-17540 strongswan: heap buffer overflow using crafted certificates","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17540.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.1"},{"CVE":"CVE-2018-16152","severity":"moderate","public_date":"2018-09-24T00:00:00Z","advisories":[],"bugzilla":"1635870","bugzilla_description":"CVE-2018-16152 strongswan: authentication bypass in verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16152.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2018-16151","severity":"moderate","public_date":"2018-09-24T00:00:00Z","advisories":[],"bugzilla":"1635873","bugzilla_description":"CVE-2018-16151 strongswan: authentication bypass in verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16151.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2018-10811","severity":"moderate","public_date":"2018-05-28T00:00:00Z","advisories":[],"bugzilla":"1585966","bugzilla_description":"CVE-2018-10811 strongswan: Missing initialization of a variable in IKEv2 key derivation allows denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-456","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10811.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-5388","severity":"moderate","public_date":"2018-05-22T00:00:00Z","advisories":[],"bugzilla":"1581867","bugzilla_description":"CVE-2018-5388 strongswan: integer underflow leads to buffer overflow and denial of service in stroke_socket.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190->CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5388.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2018-6459","severity":"moderate","public_date":"2018-02-19T00:00:00Z","advisories":[],"bugzilla":"1547510","bugzilla_description":"CVE-2018-6459 strongswan: Insufficient Input Validation in RSASSA-PSS Signature Parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6459.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-11185","severity":"moderate","public_date":"2017-08-14T00:00:00Z","advisories":[],"bugzilla":"1484008","bugzilla_description":"CVE-2017-11185 strongswan: Insufficient Input Validation in gmp Plugin","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11185.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-9022","severity":"moderate","public_date":"2017-05-30T00:00:00Z","advisories":[],"bugzilla":"1457121","bugzilla_description":"CVE-2017-9022 strongswan: Insufficient validation of RSA public keys passed to the gmp plugin","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9022.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-9023","severity":"moderate","public_date":"2017-05-30T00:00:00Z","advisories":[],"bugzilla":"1457122","bugzilla_description":"CVE-2017-9023 strongswan: Incorrect Handling of CHOICE types in ASN.1 parser and x509 plugin","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9023.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2015-8023","severity":"important","public_date":"2015-11-16T00:00:00Z","advisories":[],"bugzilla":"1283219","bugzilla_description":"CVE-2015-8023 strongswan: Authentication bypass in eap-mschapv2 plugin","cvss_score":6.4,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8023.json"},{"CVE":"CVE-2015-4171","severity":"low","public_date":"2015-06-08T00:00:00Z","advisories":[],"bugzilla":"1231178","bugzilla_description":"CVE-2015-4171 strongswan: rogue servers are able to gain user credentials from a client in certain IKEv2 setups","cvss_score":1.4,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4171.json"},{"CVE":"CVE-2014-9221","severity":"moderate","public_date":"2015-01-05T00:00:00Z","advisories":[],"bugzilla":"1173064","bugzilla_description":"CVE-2014-9221 strongswan: denial-of-service vulnerability in libtls when processing crafted Key Exchange payload","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9221.json"},{"CVE":"CVE-2014-2891","severity":"moderate","public_date":"2014-05-05T00:00:00Z","advisories":[],"bugzilla":"1095487","bugzilla_description":"CVE-2014-2891 strongswan: denial of service via crafted ID_DER_ASN1_DN_ID payload","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:L/Au:S/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2891.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/stunnel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/stunnel_security_api_results.json new file mode 100644 index 0000000..43d9865 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/stunnel_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2015-3644","severity":"important","public_date":"2015-05-14T00:00:00Z","advisories":[],"bugzilla":"1221673","bugzilla_description":"CVE-2015-3644 stunnel: authentication bypass with the \"redirect\" option","cvss_score":6.4,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3644.json"},{"CVE":"CVE-2014-0016","severity":"moderate","public_date":"2014-03-05T00:00:00Z","advisories":[],"bugzilla":"1072180","bugzilla_description":"CVE-2014-0016 stunnel: Improper initialization of PRNG after fork()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0016.json"},{"CVE":"CVE-2013-1762","severity":"moderate","public_date":"2013-03-03T00:00:00Z","advisories":["RHSA-2013:0714"],"bugzilla":"917839","bugzilla_description":"CVE-2013-1762 Stunnel: buffer overflow vulnerability due to incorrect integer conversion in the NTLM authentication of the CONNECT protocol negotiation","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["stunnel-0:4.29-3.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1762.json"},{"CVE":"CVE-2011-2940","severity":"important","public_date":"2011-08-18T00:00:00Z","advisories":[],"bugzilla":"732068","bugzilla_description":"CVE-2011-2940 stunnel: heap corruption flaw in 4.4x leads to remote DoS and possible code execution","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2940.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-gui_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-gui_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-gui_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-initial-setup-addon_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-initial-setup-addon_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-initial-setup-addon_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-migration-data_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-migration-data_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-migration-data_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-migration_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-migration_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-migration_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-plugin-container_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-plugin-container_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-plugin-container_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-rhsm-certificates_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-rhsm-certificates_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-rhsm-certificates_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-rhsm_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-rhsm_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager-rhsm_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager_security_api_results.json new file mode 100644 index 0000000..ee092ca --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subscription-manager_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2016-4455","severity":"moderate","public_date":"2016-05-25T00:00:00Z","advisories":["RHSA-2017:0698","RHSA-2016:2592"],"bugzilla":"1340525","bugzilla_description":"CVE-2016-4455 subscription-manager: sensitive world readable files in /var/lib/rhsm/","cvss_score":1.7,"cvss_scoring_vector":"AV:L/AC:L/Au:S/C:P/I:N/A:N","CWE":"CWE-732","affected_packages":["subscription-manager-0:1.18.10-1.el6","subscription-manager-0:1.17.15-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4455.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2012-6137","severity":"moderate","public_date":"2013-05-06T00:00:00Z","advisories":["RHSA-2013:0788"],"bugzilla":"885130","bugzilla_description":"CVE-2012-6137 subscription-manager: rhn-migrate-classic-to-rhsm missing SSL certificate verification","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["subscription-manager-0:1.1.23.1-1.el6_4","subscription-manager-0:1.0.24.1-1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6137.json"},{"CVE":"CVE-2017-2663","severity":"moderate","public_date":null,"advisories":[],"bugzilla":"1434100","bugzilla_description":"CVE-2017-2663 subscription-manager: unsafe dbus interface","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-270","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2663.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H","cvss3_score":"8.2"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subversion-gnome_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subversion-gnome_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subversion-gnome_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subversion-libs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subversion-libs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subversion-libs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subversion_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subversion_security_api_results.json new file mode 100644 index 0000000..de0a5bc --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/subversion_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2019-0203","severity":"important","public_date":"2019-07-31T12:00:00Z","advisories":["RHSA-2019:2512"],"bugzilla":"1733073","bugzilla_description":"CVE-2019-0203 subversion: NULL pointer dereference in svnserve leading to an unauthenticated remote DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":["subversion:1.10-8000020190807153138.a27fc728"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0203.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-11782","severity":"moderate","public_date":"2019-07-31T12:00:00Z","advisories":["RHSA-2020:3972"],"bugzilla":"1733088","bugzilla_description":"CVE-2018-11782 subversion: remotely triggerable DoS vulnerability in svnserve 'get-deleted-rev'","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-617","affected_packages":["subversion-0:1.7.14-16.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11782.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2018-11803","severity":"moderate","public_date":"2019-01-18T00:00:00Z","advisories":[],"bugzilla":"1668807","bugzilla_description":"CVE-2018-11803 subversion: malicious SVN clients can crash mod_dav_svn","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11803.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-1000111","severity":"moderate","public_date":"2018-02-26T00:00:00Z","advisories":[],"bugzilla":"1549539","bugzilla_description":"CVE-2018-1000111 jenkins-plugin-subversion: Disclosure of user names and node names to unauthorized users through post-commit hook URL in Subversion Plugin (SECURITY-724)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000111.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2017-9800","severity":"important","public_date":"2017-08-10T00:00:00Z","advisories":["RHSA-2017:2480"],"bugzilla":"1479686","bugzilla_description":"CVE-2017-9800 subversion: Command injection through clients via malicious svn+ssh URLs","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["subversion-0:1.7.14-11.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9800.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2017-1000085","severity":"low","public_date":"2017-07-10T00:00:00Z","advisories":["RHBA-2017:2642"],"bugzilla":"1471046","bugzilla_description":"CVE-2017-1000085 jenkins-plugin-subversion: CSRF vulnerability and insufficient permission checks allow capturing credentials (SECURITY-303)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-352","affected_packages":["jenkins-2-plugins-0:3.7.1502412812-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000085.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.1"},{"CVE":"CVE-2016-8734","severity":"moderate","public_date":"2016-11-29T00:00:00Z","advisories":[],"bugzilla":"1397403","bugzilla_description":"CVE-2016-8734 subversion: unrestricted XML entity expansion in mod_dontdothat and Subversion clients using http(s)://","cvss_score":3.5,"cvss_scoring_vector":"AV:N/AC:M/Au:S/C:N/I:N/A:P","CWE":"CWE-776","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8734.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2016-2168","severity":"moderate","public_date":"2016-04-28T00:00:00Z","advisories":[],"bugzilla":"1331683","bugzilla_description":"CVE-2016-2168 subversion: DoS in mod_authz_svn during COPY/MOVE authorization check","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2168.json"},{"CVE":"CVE-2016-2167","severity":"low","public_date":"2016-04-28T00:00:00Z","advisories":[],"bugzilla":"1331686","bugzilla_description":"CVE-2016-2167 subversion: svnserve/sasl may authenticate users using the wrong realm","cvss_score":3.6,"cvss_scoring_vector":"AV:N/AC:H/Au:S/C:P/I:P/A:N","CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2167.json"},{"CVE":"CVE-2015-5259","severity":"important","public_date":"2015-12-15T00:00:00Z","advisories":[],"bugzilla":"1289958","bugzilla_description":"CVE-2015-5259 subversion: integer overflow in the svn:// protocol parser","cvss_score":7.5,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","CWE":"CWE-190->(CWE-122|CWE-125)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5259.json"},{"CVE":"CVE-2015-5343","severity":"moderate","public_date":"2015-12-15T00:00:00Z","advisories":[],"bugzilla":"1289959","bugzilla_description":"CVE-2015-5343 subversion: (mod_dav_svn) integer overflow when parsing skel-encoded request bodies","cvss_score":4.6,"cvss_scoring_vector":"AV:N/AC:H/Au:S/C:P/I:P/A:P","CWE":"CWE-190->(CWE-122|CWE-125)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5343.json"},{"CVE":"CVE-2015-3184","severity":"moderate","public_date":"2015-08-05T00:00:00Z","advisories":["RHSA-2015:1742"],"bugzilla":"1247249","bugzilla_description":"CVE-2015-3184 subversion: Mixed anonymous/authenticated path-based authz with httpd 2.4","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-285","affected_packages":["subversion-0:1.7.14-7.ael7b_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3184.json"},{"CVE":"CVE-2015-3187","severity":"low","public_date":"2015-08-05T00:00:00Z","advisories":["RHSA-2015:1633","RHSA-2015:1742"],"bugzilla":"1247252","bugzilla_description":"CVE-2015-3187 subversion: svn_repos_trace_node_locations() reveals paths hidden by authz","cvss_score":3.5,"cvss_scoring_vector":"AV:N/AC:M/Au:S/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":["subversion-0:1.7.14-7.ael7b_1.1","subversion-0:1.6.11-15.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3187.json"},{"CVE":"CVE-2015-0202","severity":"moderate","public_date":"2015-03-31T00:00:00Z","advisories":[],"bugzilla":"1205134","bugzilla_description":"CVE-2015-0202 subversion: (mod_dav_svn) remote denial of service with certain REPORT requests","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-770","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0202.json"},{"CVE":"CVE-2015-0248","severity":"moderate","public_date":"2015-03-31T00:00:00Z","advisories":["RHSA-2015:1633","RHSA-2015:1742"],"bugzilla":"1205138","bugzilla_description":"CVE-2015-0248 subversion: (mod_dav_svn) remote denial of service with certain requests with dynamically evaluated revision numbers","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-617","affected_packages":["subversion-0:1.7.14-7.ael7b_1.1","subversion-0:1.6.11-15.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0248.json"},{"CVE":"CVE-2015-0251","severity":"low","public_date":"2015-03-31T00:00:00Z","advisories":["RHSA-2015:1633","RHSA-2015:1742"],"bugzilla":"1205140","bugzilla_description":"CVE-2015-0251 subversion: (mod_dav_svn) spoofing svn:author property values for new revisions","cvss_score":3.5,"cvss_scoring_vector":"AV:N/AC:M/Au:S/C:N/I:P/A:N","CWE":"CWE-348","affected_packages":["subversion-0:1.7.14-7.ael7b_1.1","subversion-0:1.6.11-15.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0251.json"},{"CVE":"CVE-2014-3580","severity":"moderate","public_date":"2014-12-15T00:00:00Z","advisories":["RHSA-2015:0166","RHSA-2015:0165"],"bugzilla":"1174054","bugzilla_description":"CVE-2014-3580 subversion: NULL pointer dereference flaw in mod_dav_svn when handling REPORT requests","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":["subversion-0:1.7.14-7.el7_0","subversion-0:1.6.11-12.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3580.json"},{"CVE":"CVE-2014-8108","severity":"moderate","public_date":"2014-12-15T00:00:00Z","advisories":["RHSA-2015:0166"],"bugzilla":"1174057","bugzilla_description":"CVE-2014-8108 subversion: NULL pointer dereference flaw in mod_dav_svn when handling URIs for virtual transaction names","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":["subversion-0:1.7.14-7.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8108.json"},{"CVE":"CVE-2014-3522","severity":"moderate","public_date":"2014-08-11T00:00:00Z","advisories":[],"bugzilla":"1127063","bugzilla_description":"CVE-2014-3522 subversion: incorrect SSL certificate validation in Serf RA (repository access) layer","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-295","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3522.json"},{"CVE":"CVE-2014-0032","severity":"moderate","public_date":"2014-01-10T00:00:00Z","advisories":["RHSA-2014:0255"],"bugzilla":"1062042","bugzilla_description":"CVE-2014-0032 subversion: mod_dav_svn crash when handling certain requests with SVNListParentPath on","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["subversion-0:1.6.11-12.el5_10","subversion-0:1.6.11-10.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0032.json"},{"CVE":"CVE-2014-3528","severity":"low","public_date":"2013-12-13T00:00:00Z","advisories":["RHSA-2015:0166","RHSA-2015:0165"],"bugzilla":"1125799","bugzilla_description":"CVE-2014-3528 subversion: credentials leak via MD5 collision","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","CWE":"CWE-327->CWE-201","affected_packages":["subversion-0:1.7.14-7.el7_0","subversion-0:1.6.11-12.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3528.json"},{"CVE":"CVE-2013-4558","severity":"moderate","public_date":"2013-11-25T00:00:00Z","advisories":[],"bugzilla":"1033431","bugzilla_description":"CVE-2013-4558 subversion: mod_dav_svn assertion when handling certain requests with autoversioning enabled","cvss_score":3.5,"cvss_scoring_vector":"AV:N/AC:M/Au:S/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4558.json"},{"CVE":"CVE-2013-4505","severity":"low","public_date":"2013-11-25T00:00:00Z","advisories":[],"bugzilla":"1033995","bugzilla_description":"CVE-2013-4505 subversion: mod_dontdothat does not block requests from certain clients","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4505.json"},{"CVE":"CVE-2013-4246","severity":"moderate","public_date":"2013-08-30T00:00:00Z","advisories":[],"bugzilla":"1000192","bugzilla_description":"CVE-2013-4246 subversion: FSFS repository corruption due to editing packed revision properties","cvss_score":5.5,"cvss_scoring_vector":"AV:N/AC:L/Au:S/C:P/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4246.json"},{"CVE":"CVE-2013-4262","severity":"low","public_date":"2013-08-30T00:00:00Z","advisories":[],"bugzilla":"1000194","bugzilla_description":"CVE-2013-4262 CVE-2013-7393 subversion: svnwcsub.py and irkerbridge.py are vulnerable to symlink attack","cvss_score":2.6,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4262.json"},{"CVE":"CVE-2013-7393","severity":"low","public_date":"2013-08-30T00:00:00Z","advisories":[],"bugzilla":"1000194","bugzilla_description":"CVE-2013-4262 CVE-2013-7393 subversion: svnwcsub.py and irkerbridge.py are vulnerable to symlink attack","cvss_score":2.6,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7393.json"},{"CVE":"CVE-2013-4277","severity":"low","public_date":"2013-08-30T00:00:00Z","advisories":[],"bugzilla":"1000202","bugzilla_description":"CVE-2013-4277 subversion: svnserve is vulnerable to symlink attack","cvss_score":3.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4277.json"},{"CVE":"CVE-2013-4131","severity":"moderate","public_date":"2013-07-24T00:00:00Z","advisories":[],"bugzilla":"986194","bugzilla_description":"CVE-2013-4131 subversion: DoS (assertion failure, crash) in mod_dav_svn when handling certain MOVE, COPY, or DELETE HTTP requests","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:L/Au:S/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4131.json"},{"CVE":"CVE-2013-1968","severity":"low","public_date":"2013-05-31T00:00:00Z","advisories":["RHSA-2014:0255"],"bugzilla":"970014","bugzilla_description":"CVE-2013-1968 subversion (FSFS format): Filenames with newline character can lead to revision corruption","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:L/Au:S/C:N/I:N/A:P","CWE":"CWE-138","affected_packages":["subversion-0:1.6.11-12.el5_10","subversion-0:1.6.11-10.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1968.json"},{"CVE":"CVE-2013-2088","severity":"moderate","public_date":"2013-05-31T00:00:00Z","advisories":[],"bugzilla":"970027","bugzilla_description":"CVE-2013-2088 subversion: Improper sanitization of arguments of certain hook scripts might lead to arbitrary code execution","cvss_score":4.6,"cvss_scoring_vector":"AV:N/AC:H/Au:S/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2088.json"},{"CVE":"CVE-2013-2112","severity":"low","public_date":"2013-05-31T00:00:00Z","advisories":["RHSA-2014:0255"],"bugzilla":"970037","bugzilla_description":"CVE-2013-2112 subversion: Remote DoS due improper handling of early-closing TCP connections","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["subversion-0:1.6.11-12.el5_10","subversion-0:1.6.11-10.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2112.json"},{"CVE":"CVE-2013-1845","severity":"low","public_date":"2013-04-04T00:00:00Z","advisories":["RHSA-2013:0737"],"bugzilla":"929082","bugzilla_description":"CVE-2013-1845 Subversion (mod_dav_svn): DoS (excessive memory use) when large number of properties are set or deleted","cvss_score":3.5,"cvss_scoring_vector":"AV:N/AC:M/Au:S/C:N/I:N/A:P","CWE":null,"affected_packages":["subversion-0:1.6.11-9.el6_4","subversion-0:1.6.11-11.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1845.json"},{"CVE":"CVE-2013-1846","severity":"low","public_date":"2013-04-04T00:00:00Z","advisories":["RHSA-2013:0737"],"bugzilla":"929087","bugzilla_description":"CVE-2013-1846 Subversion (mod_dav_svn): DoS (crash) via LOCK requests against an activity URL","cvss_score":3.5,"cvss_scoring_vector":"AV:N/AC:M/Au:S/C:N/I:N/A:P","CWE":null,"affected_packages":["subversion-0:1.6.11-9.el6_4","subversion-0:1.6.11-11.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1846.json"},{"CVE":"CVE-2013-1847","severity":"low","public_date":"2013-04-04T00:00:00Z","advisories":["RHSA-2013:0737"],"bugzilla":"929090","bugzilla_description":"CVE-2013-1847 Subversion (mod_dav_svn): DoS (crash) via LOCK requests against a non-existent URL","cvss_score":3.5,"cvss_scoring_vector":"AV:N/AC:M/Au:S/C:N/I:N/A:P","CWE":null,"affected_packages":["subversion-0:1.6.11-9.el6_4","subversion-0:1.6.11-11.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1847.json"},{"CVE":"CVE-2013-1884","severity":"moderate","public_date":"2013-04-04T00:00:00Z","advisories":[],"bugzilla":"929095","bugzilla_description":"CVE-2013-1884 Subversion (mod_dav_svn): DoS (crash) via malformed log REPORT requests","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1884.json"},{"CVE":"CVE-2013-1849","severity":"moderate","public_date":"2013-03-05T00:00:00Z","advisories":["RHSA-2013:0737"],"bugzilla":"929093","bugzilla_description":"CVE-2013-1849 Subversion (mod_dav_svn): DoS (crash) via PROPFIND request made against activity URLs","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["subversion-0:1.6.11-9.el6_4","subversion-0:1.6.11-11.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1849.json"},{"CVE":"CVE-2011-1752","severity":"moderate","public_date":"2011-06-01T00:00:00Z","advisories":["RHSA-2011:0861","RHSA-2011:0862"],"bugzilla":"709111","bugzilla_description":"CVE-2011-1752 subversion (mod_dav_svn): DoS (crash) via request to deliver baselined WebDAV resources","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["subversion-0:1.1.4-4.el4","subversion-0:1.6.11-7.el5_6.4","subversion-0:1.6.11-2.el6_1.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1752.json"},{"CVE":"CVE-2011-1783","severity":"moderate","public_date":"2011-06-01T00:00:00Z","advisories":["RHSA-2011:0862"],"bugzilla":"709112","bugzilla_description":"CVE-2011-1783 subversion (mod_dav_svn): DoS (excessive memory use) when configured to provide path-based access control","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["subversion-0:1.6.11-7.el5_6.4","subversion-0:1.6.11-2.el6_1.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1783.json"},{"CVE":"CVE-2011-1921","severity":"low","public_date":"2011-06-01T00:00:00Z","advisories":["RHSA-2011:0862"],"bugzilla":"709114","bugzilla_description":"CVE-2011-1921 subversion (mod_dav_svn): File contents disclosure of files configured to be unreadable by those users","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["subversion-0:1.6.11-7.el5_6.4","subversion-0:1.6.11-2.el6_1.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1921.json"},{"CVE":"CVE-2011-0715","severity":"moderate","public_date":"2011-03-03T00:00:00Z","advisories":["RHSA-2011:0327","RHSA-2011:0328"],"bugzilla":"680755","bugzilla_description":"CVE-2011-0715 subversion (mod_dav_svn): DoS (NULL ptr deref) by a lock token sent from a not authenticated Subversion client","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["subversion-0:1.6.11-2.el6_0.3","subversion-0:1.6.11-7.el5_6.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0715.json"},{"CVE":"CVE-2010-4539","severity":"low","public_date":"2010-11-26T00:00:00Z","advisories":["RHSA-2011:0257","RHSA-2011:0258"],"bugzilla":"667407","bugzilla_description":"CVE-2010-4539 Subversion (mod_dav_svn): DoS (crash) by processing certain requests to display all available repositories to a web browser","cvss_score":3.5,"cvss_scoring_vector":"AV:N/AC:M/Au:S/C:N/I:N/A:P","CWE":null,"affected_packages":["subversion-0:1.6.11-7.el5_6.1","subversion-0:1.6.11-2.el6_0.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4539.json"},{"CVE":"CVE-2010-4644","severity":"moderate","public_date":"2010-11-04T00:00:00Z","advisories":["RHSA-2011:0257","RHSA-2011:0258"],"bugzilla":"667763","bugzilla_description":"CVE-2010-4644 Subversion: DoS (memory consumption) by processing blame or log -g requests on certain files","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:L/Au:S/C:N/I:N/A:P/","CWE":null,"affected_packages":["subversion-0:1.6.11-7.el5_6.1","subversion-0:1.6.11-2.el6_0.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4644.json"},{"CVE":"CVE-2010-3315","severity":"moderate","public_date":"2010-10-04T00:00:00Z","advisories":["RHSA-2011:0258"],"bugzilla":"640317","bugzilla_description":"CVE-2010-3315 Subversion: Access restriction bypass by checkout of the root of the repository","cvss_score":6.5,"cvss_scoring_vector":"AV:N/AC:L/Au:S/C:P/I:P/A:P/","CWE":null,"affected_packages":["subversion-0:1.6.11-2.el6_0.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3315.json"},{"CVE":"CVE-2009-2411","severity":"important","public_date":"2009-08-03T00:00:00Z","advisories":["RHSA-2009:1203"],"bugzilla":"514744","bugzilla_description":"CVE-2009-2411 subversion: multiple heap overflow issues","cvss_score":6.5,"cvss_scoring_vector":"AV:N/AC:L/Au:S/C:P/I:P/A:P","CWE":null,"affected_packages":["subversion-0:1.4.2-4.el5_3.1","subversion-0:1.1.4-3.el4_8.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2411.json"},{"CVE":"CVE-2007-2448","severity":"low","public_date":"2007-11-06T00:00:00Z","advisories":["RHEA-2011:0039"],"bugzilla":"243757","bugzilla_description":"CVE-2007-2448 subversion: revision properties disclosure to user with partial access","cvss_score":1.5,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:P/I:N/A:N","CWE":null,"affected_packages":["subversion-0:1.6.11-7.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2448.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sudo_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sudo_security_api_results.json new file mode 100644 index 0000000..832b3a2 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sudo_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2019-18634","severity":"important","public_date":"2020-01-30T00:00:00Z","advisories":["RHSA-2020:0540","RHSA-2020:0487","RHBA-2020:0523","RHSA-2020:0509","RHSA-2020:0726"],"bugzilla":"1796944","bugzilla_description":"CVE-2019-18634 sudo: Stack based buffer overflow when pwfeedback is enabled","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":["redhat-coreos-42.81.20200217.0","sudo-0:1.8.25p1-8.el8_1.1","sudo-0:1.8.25p1-4.el8_0.3","sudo-0:1.8.6p3-29.el6_10.3","sudo-0:1.8.23-4.el7_7.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18634.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2019-19232","severity":"moderate","public_date":"2019-12-19T00:00:00Z","advisories":["RHBA-2020:3180","RHSA-2020:1804"],"bugzilla":"1786704","bugzilla_description":"CVE-2019-19232 sudo: attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":["redhat-coreos-43.82.202007300301.0","sudo-0:1.8.29-5.el8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19232.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-19234","severity":"moderate","public_date":"2019-12-19T00:00:00Z","advisories":[],"bugzilla":"1786708","bugzilla_description":"CVE-2019-19234 sudo: by using ! character in the shadow file instead of a password hash can access to a run as all sudoer account","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19234.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2019-18684","severity":"moderate","public_date":"2019-11-07T00:00:00Z","advisories":[],"bugzilla":"1771690","bugzilla_description":"CVE-2019-18684 sudo: privilege escalation via write access to file descriptor 3 of the sudo process","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18684.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2019-14287","severity":"important","public_date":"2019-10-14T15:00:00Z","advisories":["RHSA-2019:3754","RHSA-2019:3204","RHSA-2019:3941","RHSA-2019:3755","RHSA-2019:3205","RHSA-2020:0388","RHSA-2019:3694","RHSA-2019:3278","RHSA-2019:3895","RHSA-2019:3197","RHSA-2019:4191","RHSA-2019:3916","RHSA-2019:3219","RHSA-2019:3209","RHBA-2019:3248","RHBA-2019:3303"],"bugzilla":"1760531","bugzilla_description":"CVE-2019-14287 sudo: Privilege escalation via 'Runas' specification with 'ALL' keyword","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-267","affected_packages":["redhat-virtualization-host-0:4.2-20191022.0.el7_6","sudo-0:1.7.2p1-31.el5_11.1","sudo-0:1.8.23-3.el7_6.1","sudo-0:1.8.25p1-4.el8_0.2","sudo-0:1.8.6p3-29.el6_10.2","sudo-0:1.8.6p7-17.el7_2.2","sudo-0:1.8.19p2-12.el7_4.1","sudo-0:1.8.6p3-12.el6_5.2","redhat-coreos-42.81.20191107.0","sudo-0:1.8.19p2-14.el7_5.1","sudo-0:1.8.6p7-23.el7_3.2","sudo-0:1.8.6p3-15.el6_6.2","sudo-0:1.8.25p1-8.el8_1","sudo-0:1.8.23-4.el7_7.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14287.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2017-1000368","severity":"moderate","public_date":"2017-06-02T00:00:00Z","advisories":["RHSA-2017:1574"],"bugzilla":"1459152","bugzilla_description":"CVE-2017-1000368 sudo: Privilege escalation via improper get_process_ttyname() parsing (insufficient fix for CVE-2017-1000367)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["sudo-0:1.7.2p1-31.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000368.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.3"},{"CVE":"CVE-2017-1000367","severity":"important","public_date":"2017-05-30T00:00:00Z","advisories":["RHSA-2017:1381","RHSA-2017:1382"],"bugzilla":"1453074","bugzilla_description":"CVE-2017-1000367 sudo: Privilege escalation in via improper get_process_ttyname() parsing","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-807","affected_packages":["sudo-0:1.8.6p3-28.el6_9","sudo-0:1.7.2p1-30.el5_11","sudo-0:1.8.6p7-22.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000367.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2016-7032","severity":"moderate","public_date":"2016-10-26T00:00:00Z","advisories":["RHSA-2016:2872"],"bugzilla":"1372830","bugzilla_description":"CVE-2016-7032 sudo: noexec bypass via system() and popen()","cvss_score":6.6,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:C/I:C/A:C","CWE":"CWE-184","affected_packages":["sudo-0:1.8.6p7-21.el7_3","sudo-0:1.8.6p3-25.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7032.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.4"},{"CVE":"CVE-2016-7076","severity":"moderate","public_date":"2016-10-26T00:00:00Z","advisories":["RHSA-2016:2872"],"bugzilla":"1384982","bugzilla_description":"CVE-2016-7076 sudo: noexec bypass via wordexp()","cvss_score":6.6,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:C/I:C/A:C","CWE":"CWE-184","affected_packages":["sudo-0:1.8.6p7-21.el7_3","sudo-0:1.8.6p3-25.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7076.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.4"},{"CVE":"CVE-2016-7091","severity":"low","public_date":"2016-05-24T00:00:00Z","advisories":["RHSA-2016:2593"],"bugzilla":"1339935","bugzilla_description":"CVE-2016-7091 sudo: Possible info leak via INPUTRC","cvss_score":3.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["sudo-0:1.8.6p7-20.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7091.json"},{"CVE":"CVE-2015-8239","severity":"moderate","public_date":"2015-11-09T00:00:00Z","advisories":[],"bugzilla":"1283635","bugzilla_description":"CVE-2015-8239 sudo: Race condition when checking digests in sudoers","cvss_score":6.0,"cvss_scoring_vector":"AV:L/AC:H/Au:S/C:C/I:C/A:C","CWE":"CWE-367","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8239.json"},{"CVE":"CVE-2015-5602","severity":"moderate","public_date":"2015-07-23T00:00:00Z","advisories":[],"bugzilla":"1277426","bugzilla_description":"CVE-2015-5602 sudo: Unauthorized privilege escalation in sudoedit","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:H/Au:S/C:C/I:C/A:P","CWE":"CWE-59","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5602.json"},{"CVE":"CVE-2014-9680","severity":"moderate","public_date":"2014-10-16T00:00:00Z","advisories":["RHSA-2015:1409","RHBA-2015:2424"],"bugzilla":"1191144","bugzilla_description":"CVE-2014-9680 sudo: unsafe handling of TZ environment variable","cvss_score":3.0,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:N/I:P/A:P","CWE":"CWE-20","affected_packages":["sudo-0:1.8.6p3-19.el6","sudo-0:1.8.6p7-16.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9680.json"},{"CVE":"CVE-2014-0106","severity":"moderate","public_date":"2014-03-06T00:00:00Z","advisories":["RHSA-2014:0266"],"bugzilla":"1071780","bugzilla_description":"CVE-2014-0106 sudo: certain environment variables not sanitized when env_reset is disabled","cvss_score":6.6,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:C/I:C/A:C","CWE":null,"affected_packages":["sudo-0:1.7.2p1-29.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0106.json"},{"CVE":"CVE-2013-1775","severity":"low","public_date":"2013-02-27T00:00:00Z","advisories":["RHSA-2013:1701","RHSA-2013:1353"],"bugzilla":"916363","bugzilla_description":"CVE-2013-1775 sudo: authentication bypass via reset system clock","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["sudo-0:1.8.6p3-12.el6","sudo-0:1.7.2p1-28.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1775.json"},{"CVE":"CVE-2013-1776","severity":"low","public_date":"2013-02-27T00:00:00Z","advisories":["RHBA-2013:0363","RHSA-2013:1353"],"bugzilla":"916365","bugzilla_description":"CVE-2013-1776 sudo: bypass of tty_tickets constraints","cvss_score":3.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["sudo-0:1.8.6p3-7.el6","sudo-0:1.7.2p1-28.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1776.json"},{"CVE":"CVE-2013-2776","severity":"low","public_date":"2013-02-27T00:00:00Z","advisories":["RHSA-2013:1701","RHSA-2013:1353"],"bugzilla":"949751","bugzilla_description":"CVE-2013-2776 sudo: bypass of tty_tickets constraints","cvss_score":3.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["sudo-0:1.8.6p3-12.el6","sudo-0:1.7.2p1-28.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2776.json"},{"CVE":"CVE-2013-2777","severity":"low","public_date":"2013-02-27T00:00:00Z","advisories":["RHSA-2013:1701"],"bugzilla":"949753","bugzilla_description":"CVE-2013-2777 sudo: bypass of tty_tickets constraints","cvss_score":3.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["sudo-0:1.8.6p3-12.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2777.json"},{"CVE":"CVE-2012-3440","severity":"moderate","public_date":"2012-08-07T00:00:00Z","advisories":["RHSA-2012:1149"],"bugzilla":"844442","bugzilla_description":"CVE-2012-3440 sudo: insecure temporary file use in RPM %postun script","cvss_score":5.6,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:C/A:C","CWE":"CWE-367","affected_packages":["sudo-0:1.7.2p1-14.el5_8.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3440.json"},{"CVE":"CVE-2012-2337","severity":"moderate","public_date":"2012-05-16T00:00:00Z","advisories":["RHSA-2012:1081"],"bugzilla":"820677","bugzilla_description":"CVE-2012-2337 sudo: Multiple netmask values used in Host / Host_List configuration cause any host to be allowed access","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:H/Au:M/C:C/I:C/A:C","CWE":null,"affected_packages":["sudo-0:1.7.4p5-12.el6_3","sudo-0:1.7.2p1-14.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2337.json"},{"CVE":"CVE-2012-0809","severity":"low","public_date":"2012-01-30T00:00:00Z","advisories":[],"bugzilla":"784443","bugzilla_description":"CVE-2012-0809 sudo: format string flaw in sudo_debug()","cvss_score":7.2,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","CWE":"CWE-134->CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0809.json"},{"CVE":"CVE-2011-0010","severity":"low","public_date":"2011-01-11T00:00:00Z","advisories":["RHSA-2011:0599","RHSA-2012:0309"],"bugzilla":"668879","bugzilla_description":"CVE-2011-0010 sudo: does not ask for password on GID changes","cvss_score":1.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["sudo-0:1.7.4p5-5.el6","sudo-0:1.7.2p1-13.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0010.json"},{"CVE":"CVE-2010-2956","severity":"important","public_date":"2010-09-07T00:00:00Z","advisories":["RHSA-2010:0675"],"bugzilla":"628628","bugzilla_description":"CVE-2010-2956 sudo: incorrect handling of RunAs specification with both user and group lists","cvss_score":6.0,"cvss_scoring_vector":"AV:L/AC:H/Au:S/C:C/I:C/A:C","CWE":null,"affected_packages":["sudo-0:1.7.2p1-8.el5_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2956.json"},{"CVE":"CVE-2010-1646","severity":"moderate","public_date":"2010-05-28T00:00:00Z","advisories":["RHSA-2010:0475"],"bugzilla":"598154","bugzilla_description":"CVE-2010-1646 sudo: insufficient environment sanitization issue","cvss_score":6.6,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:C/I:C/A:C","CWE":null,"affected_packages":["sudo-0:1.7.2p1-7.el5_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1646.json"},{"CVE":"CVE-2010-1163","severity":"moderate","public_date":"2010-04-13T00:00:00Z","advisories":["RHSA-2010:0361"],"bugzilla":"580441","bugzilla_description":"CVE-2010-1163 sudo: incomplete fix for the sudoedit privilege escalation issue CVE-2010-0426","cvss_score":6.0,"cvss_scoring_vector":"AV:L/AC:H/Au:S/C:C/I:C/A:C","CWE":null,"affected_packages":["sudo-0:1.7.2p1-6.el5_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1163.json"},{"CVE":"CVE-2010-0426","severity":"important","public_date":"2010-02-21T00:00:00Z","advisories":["RHSA-2010:0122"],"bugzilla":"567337","bugzilla_description":"CVE-2010-0426 sudo: sudoedit option can possibly allow for arbitrary code execution","cvss_score":6.6,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:C/I:C/A:C","CWE":null,"affected_packages":["sudo-0:1.6.9p17-6.el5_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0426.json"},{"CVE":"CVE-2010-0427","severity":"important","public_date":"2009-04-27T00:00:00Z","advisories":["RHSA-2010:0122"],"bugzilla":"567622","bugzilla_description":"CVE-2010-0427 sudo: Fails to reset group permissions if runas_default set","cvss_score":6.6,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:C/I:C/A:C","CWE":null,"affected_packages":["sudo-0:1.6.9p17-6.el5_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0427.json"},{"CVE":"CVE-2009-0034","severity":"moderate","public_date":"2009-01-23T00:00:00Z","advisories":["RHSA-2009:0267"],"bugzilla":"481720","bugzilla_description":"CVE-2009-0034 sudo: incorrect handling of groups in Runas_User","cvss_score":6.6,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:C/I:C/A:C","CWE":null,"affected_packages":["sudo-0:1.6.9p17-3.el5_3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0034.json"},{"CVE":"CVE-2005-1993","severity":"moderate","public_date":"2005-06-20T00:00:00Z","advisories":["RHSA-2005:535"],"bugzilla":"1617680","bugzilla_description":"CVE-2005-1993 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["sudo-0:1.6.7p5-30.1.1","sudo-0:1.6.7p5-1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1993.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/suitesparse_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/suitesparse_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/suitesparse_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/supermin-helper_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/supermin-helper_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/supermin-helper_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/supermin5_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/supermin5_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/supermin5_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sushi_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sushi_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sushi_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/svrcore_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/svrcore_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/svrcore_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sweeper_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sweeper_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sweeper_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/swig_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/swig_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/swig_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/symlinks_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/symlinks_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/symlinks_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sysfsutils_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sysfsutils_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sysfsutils_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/syslinux-extlinux_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/syslinux-extlinux_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/syslinux-extlinux_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/syslinux-tftpboot_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/syslinux-tftpboot_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/syslinux-tftpboot_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/syslinux_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/syslinux_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/syslinux_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sysstat_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sysstat_security_api_results.json new file mode 100644 index 0000000..bfb2b9d --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sysstat_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2019-19725","severity":"important","public_date":"2019-12-09T00:00:00Z","advisories":[],"bugzilla":"1784740","bugzilla_description":"CVE-2019-19725 sysstat: double free in check_file_actlst() in sa_common.c may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-672","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19725.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2019-16167","severity":"low","public_date":"2019-08-03T00:00:00Z","advisories":[],"bugzilla":"1768970","bugzilla_description":"CVE-2019-16167 sysstat: memory corruption due to an integer overflow in remap_struct in sa_common.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16167.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2018-19416","severity":"low","public_date":"2018-11-21T00:00:00Z","advisories":[],"bugzilla":"1652728","bugzilla_description":"CVE-2018-19416 sysstat: Out-of-bounds read in remap_struct function in sa_common.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19416.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"4.7"},{"CVE":"CVE-2018-19517","severity":"low","public_date":"2018-11-21T00:00:00Z","advisories":[],"bugzilla":"1679544","bugzilla_description":"CVE-2018-19517 sysstat: Out of bounds read in remap_struct function in sa_common.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19517.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2007-3852","severity":"low","public_date":"2007-08-10T00:00:00Z","advisories":["RHSA-2011:1005"],"bugzilla":"251200","bugzilla_description":"CVE-2007-3852 sysstat insecure temporary file usage","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-377","affected_packages":["sysstat-0:7.0.2-11.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3852.json"},{"CVE":"CVE-2004-0107","severity":"moderate","public_date":"2004-03-10T00:00:00Z","advisories":["RHSA-2004:093","RHSA-2004:053"],"bugzilla":"1617152","bugzilla_description":"CVE-2004-0107 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["sysstat-0:4.0.7-4.EL3.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0107.json"},{"CVE":"CVE-2004-0108","severity":"moderate","public_date":"2004-03-10T00:00:00Z","advisories":["RHSA-2004:053"],"bugzilla":"1617153","bugzilla_description":"CVE-2004-0108 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["sysstat-0:4.0.7-4.EL3.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0108.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-date-docs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-date-docs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-date-docs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-date_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-date_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-date_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-firewall-base_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-firewall-base_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-firewall-base_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-kdump_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-kdump_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-kdump_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-keyboard-base_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-keyboard-base_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-keyboard-base_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-keyboard_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-keyboard_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-keyboard_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-kickstart_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-kickstart_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-kickstart_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-language_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-language_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-language_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-printer-libs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-printer-libs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-printer-libs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-printer-udev_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-printer-udev_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-printer-udev_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-printer_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-printer_security_api_results.json new file mode 100644 index 0000000..dfc36e1 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-printer_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2011-4405","severity":"moderate","public_date":"2011-11-16T00:00:00Z","advisories":[],"bugzilla":"758374","bugzilla_description":"CVE-2011-4405 system-config-printer: possible MITM due to use of insecure connections","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4405.json"},{"CVE":"CVE-2011-2899","severity":"moderate","public_date":"2011-07-30T00:00:00Z","advisories":["RHSA-2011:1196"],"bugzilla":"728348","bugzilla_description":"CVE-2011-2899 system-config-printer: possible arbitrary code execution in pysmb.py due to improper escaping of hostnames","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["system-config-printer-0:0.6.116.10-1.6.el4","system-config-printer-0:0.7.32.10-1.el5_7.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2899.json"},{"CVE":"CVE-2011-2520","severity":"moderate","public_date":"2011-07-18T00:00:00Z","advisories":["RHSA-2011:0953"],"bugzilla":"717985","bugzilla_description":"CVE-2011-2520 system-config-firewall: privilege escalation flaw via use of python pickle","cvss_score":6.0,"cvss_scoring_vector":"AV:L/AC:H/Au:S/C:C/I:C/A:C","CWE":"CWE-502","affected_packages":["system-config-firewall-0:1.2.27-3.el6_1.3","system-config-printer-0:1.1.16-17.el6_1.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2520.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-users-docs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-users-docs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-users-docs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-users_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-users_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-config-users_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-storage-manager_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-storage-manager_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-storage-manager_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-switch-java_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-switch-java_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/system-switch-java_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemd-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemd-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemd-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemd-libs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemd-libs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemd-libs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemd-python_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemd-python_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemd-python_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemd-sysv_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemd-sysv_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemd-sysv_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemd_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemd_security_api_results.json new file mode 100644 index 0000000..46650ca --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemd_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-13776","severity":"moderate","public_date":"2020-05-31T00:00:00Z","advisories":[],"bugzilla":"1845534","bugzilla_description":"CVE-2020-13776 systemd: mishandles numerical usernames beginning with decimal digits or 0x followed by hexadecimal digits","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-440","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13776.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2020-1712","severity":"important","public_date":"2020-02-05T09:00:00Z","advisories":["RHSA-2020:0575","RHSA-2020:0564","RHBA-2020:0614"],"bugzilla":"1794578","bugzilla_description":"CVE-2020-1712 systemd: use-after-free when asynchronous polkit queries are performed","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["systemd-0:239-18.el8_1.4","systemd-0:239-13.el8_0.7","redhat-coreos-42.81.20200224.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1712.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2019-20386","severity":"low","public_date":"2020-01-22T00:00:00Z","advisories":["RHSA-2020:4007"],"bugzilla":"1793979","bugzilla_description":"CVE-2019-20386 systemd: memory leak in button_open() in login/logind-button.c when udev events are received","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["systemd-0:219-78.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20386.json","cvss3_scoring_vector":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.4"},{"CVE":"CVE-2019-15718","severity":"moderate","public_date":"2019-09-03T15:00:00Z","advisories":["RHSA-2019:3941","RHSA-2019:3592","RHBA-2019:3303"],"bugzilla":"1746057","bugzilla_description":"CVE-2019-15718 systemd: systemd-resolved allows unprivileged users to configure DNS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-285","affected_packages":["redhat-coreos-42.81.20191107.0","systemd-0:239-18.el8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15718.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-20839","severity":"moderate","public_date":"2019-05-17T00:00:00Z","advisories":[],"bugzilla":"1716955","bugzilla_description":"CVE-2018-20839 systemd: mishandling of the current keyboard mode check leading to passwords being disclosed in cleartext to attacker","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20839.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"6.4"},{"CVE":"CVE-2019-3843","severity":"moderate","public_date":"2019-04-25T00:00:00Z","advisories":["RHBA-2020:3180","RHSA-2020:1794"],"bugzilla":"1684607","bugzilla_description":"CVE-2019-3843 systemd: services with DynamicUser can create SUID/SGID binaries","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-266","affected_packages":["systemd-0:239-29.el8","redhat-coreos-43.82.202007300301.0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3843.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"4.5"},{"CVE":"CVE-2019-3844","severity":"moderate","public_date":"2019-04-25T00:00:00Z","advisories":["RHBA-2020:3180","RHSA-2020:1794"],"bugzilla":"1684610","bugzilla_description":"CVE-2019-3844 systemd: services with DynamicUser can get new privileges and create SGID binaries","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-268","affected_packages":["systemd-0:239-29.el8","redhat-coreos-43.82.202007300301.0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3844.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"4.5"},{"CVE":"CVE-2019-3842","severity":"moderate","public_date":"2019-04-08T00:00:00Z","advisories":[],"bugzilla":"1668521","bugzilla_description":"CVE-2019-3842 systemd: Spoofing of XDG_SEAT allows for actions to be checked against \"allow_active\" instead of \"allow_any\"","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-285","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3842.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"4.5"},{"CVE":"CVE-2019-9619","severity":"low","public_date":"2019-04-08T00:00:00Z","advisories":[],"bugzilla":"1699924","bugzilla_description":"CVE-2019-9619 systemd: not enabled pam_systemd for non-interactive sessions","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-862|CWE-287|CWE-304)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9619.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"4.2"},{"CVE":"CVE-2019-6454","severity":"important","public_date":"2019-02-18T00:00:00Z","advisories":["RHSA-2019:0990","RHSA-2019:0461","RHSA-2019:0368","RHBA-2019:3151","RHSA-2019:1322","RHSA-2019:0457","RHSA-2019:1502","RHSA-2019:2805"],"bugzilla":"1667032","bugzilla_description":"CVE-2019-6454 systemd: Insufficient input validation in bus_process_object() resulting in PID 1 crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["systemd-0:219-62.el7_6.5","rhvm-appliance-0:4.2-20190224.0.el7","systemd-0:219-42.el7_4.16","redhat-coreos-42.80.20191022.0","systemd-0:239-13.el8_0.3","systemd-0:219-57.el7_5.6","systemd-0:219-30.el7_3.14","redhat-virtualization-host-0:4.2-20190219.0.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6454.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2019-3815","severity":"low","public_date":"2019-01-14T00:00:00Z","advisories":["RHSA-2019:0201"],"bugzilla":"1666690","bugzilla_description":"CVE-2019-3815 systemd: memory leak in journald-server.c introduced by fix for CVE-2018-16864","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["systemd-0:219-62.el7_6.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3815.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-16864","severity":"important","public_date":"2019-01-09T18:00:00Z","advisories":["RHSA-2019:0342","RHSA-2019:0361","RHSA-2019:0049","RHSA-2019:2402","RHSA-2019:0204","RHSA-2019:0271"],"bugzilla":"1653855","bugzilla_description":"CVE-2018-16864 systemd: stack overflow when calling syslog from a command with long cmdline","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["systemd-0:219-30.el7_3.13","systemd-0:219-57.el7_5.5","rhvm-appliance-0:4.2-20190129.0.el7","systemd-0:219-62.el7_6.2","systemd-0:219-42.el7_4.13","redhat-virtualization-host-0:4.2-20190129.0.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16864.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.4"},{"CVE":"CVE-2018-16865","severity":"important","public_date":"2019-01-09T18:00:00Z","advisories":["RHSA-2019:0342","RHSA-2019:0361","RHSA-2019:0049","RHSA-2019:2402","RHSA-2019:0204","RHSA-2019:0271"],"bugzilla":"1653861","bugzilla_description":"CVE-2018-16865 systemd: stack overflow when receiving many journald entries","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":["systemd-0:219-30.el7_3.13","systemd-0:219-57.el7_5.5","rhvm-appliance-0:4.2-20190129.0.el7","systemd-0:219-62.el7_6.2","systemd-0:219-42.el7_4.13","redhat-virtualization-host-0:4.2-20190129.0.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16865.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-16866","severity":"moderate","public_date":"2019-01-09T18:00:00Z","advisories":["RHSA-2019:3222","RHSA-2020:0593","RHSA-2020:1264","RHSA-2019:2091"],"bugzilla":"1653867","bugzilla_description":"CVE-2018-16866 systemd: out-of-bounds read when parsing a crafted syslog message","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125->CWE-200","affected_packages":["systemd-0:219-57.el7_5.9","systemd-0:219-62.el7_6.11","systemd-0:219-67.el7","systemd-0:219-42.el7_4.20"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16866.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2018-15688","severity":"important","public_date":"2018-10-26T00:00:00Z","advisories":["RHSA-2019:0049","RHSA-2018:3665"],"bugzilla":"1639067","bugzilla_description":"CVE-2018-15688 systemd: Out-of-bounds heap write in systemd-networkd dhcpv6 option handling","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-131->CWE-190->CWE-122","affected_packages":["NetworkManager-1:1.12.0-8.el7_6","systemd-0:219-62.el7_6.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15688.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-15686","severity":"moderate","public_date":"2018-10-26T00:00:00Z","advisories":["RHSA-2019:3222","RHSA-2020:0593","RHSA-2020:1264","RHSA-2019:2091"],"bugzilla":"1639071","bugzilla_description":"CVE-2018-15686 systemd: line splitting via fgets() allows for state injection during daemon-reexec","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["systemd-0:219-57.el7_5.9","systemd-0:219-62.el7_6.11","systemd-0:219-67.el7","systemd-0:219-42.el7_4.20"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15686.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L","cvss3_score":"3.6"},{"CVE":"CVE-2018-15687","severity":"moderate","public_date":"2018-10-26T00:00:00Z","advisories":[],"bugzilla":"1639076","bugzilla_description":"CVE-2018-15687 systemd: Dereference of symlinks in chown_recursive.c:chown_one() allows for modification of file privileges","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-367->CWE-59","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15687.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"6.3"},{"CVE":"CVE-2018-21029","severity":"moderate","public_date":"2018-06-24T00:00:00Z","advisories":[],"bugzilla":"1771725","bugzilla_description":"CVE-2018-21029 systemd: incorrect certificate validation results in acceptance of any certificate signed by a trusted certificate authority for DNS over TLS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-295","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-21029.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2018-6954","severity":"moderate","public_date":"2018-01-25T00:00:00Z","advisories":[],"bugzilla":"1545017","bugzilla_description":"CVE-2018-6954 systemd: Mishandled symlinks in systemd-tmpfiles allows local users to obtain ownership of arbitrary files","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-59","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6954.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2017-18078","severity":"moderate","public_date":"2017-12-24T00:00:00Z","advisories":[],"bugzilla":"1539758","bugzilla_description":"CVE-2017-18078 systemd: Unsafe handling of hard links allowing privilege escalation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-367","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18078.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2017-15908","severity":"moderate","public_date":"2017-10-26T00:00:00Z","advisories":[],"bugzilla":"1507515","bugzilla_description":"CVE-2017-15908 systemd: Infinite loop in the dns_packet_read_type_window() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15908.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-16888","severity":"low","public_date":"2017-08-17T00:00:00Z","advisories":["RHSA-2019:2091"],"bugzilla":"1662867","bugzilla_description":"CVE-2018-16888 systemd: kills privileged process if unprivileged PIDFile was tampered","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-250","affected_packages":["systemd-0:219-67.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16888.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2017-1000082","severity":"moderate","public_date":"2017-07-07T00:00:00Z","advisories":[],"bugzilla":"1468427","bugzilla_description":"CVE-2017-1000082 systemd: fails to parse usernames that start with digits","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000082.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H","cvss3_score":"7.2"},{"CVE":"CVE-2017-9445","severity":"important","public_date":"2017-06-27T00:00:00Z","advisories":[],"bugzilla":"1463609","bugzilla_description":"CVE-2017-9445 systemd: Out-of-bounds write in systemd-resolved due to allocating too small buffer in dns_packet_new","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9445.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-9217","severity":"low","public_date":"2017-05-20T00:00:00Z","advisories":[],"bugzilla":"1455493","bugzilla_description":"CVE-2017-9217 systemd: Null pointer dereference in dns_packet_is_reply_for function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9217.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-1049","severity":"moderate","public_date":"2017-05-09T00:00:00Z","advisories":["RHSA-2018:0260"],"bugzilla":"1534701","bugzilla_description":"CVE-2018-1049 systemd: automount: access to automounted volumes can lock up","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":["systemd-0:219-42.el7_4.7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1049.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.5"},{"CVE":"CVE-2016-10156","severity":"important","public_date":"2017-01-24T00:00:00Z","advisories":[],"bugzilla":"1416044","bugzilla_description":"CVE-2016-10156 systemd: systemd creates world-writable suid files allowing root privilege escalation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-732","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10156.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2016-7795","severity":"moderate","public_date":"2016-09-28T00:00:00Z","advisories":["RHSA-2016:2694","RHSA-2016:2610"],"bugzilla":"1380286","bugzilla_description":"CVE-2016-7795 systemd: Assertion failure when PID 1 receives a zero-length message over notify socket","cvss_score":5.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:P/A:C","CWE":"CWE-617","affected_packages":["systemd-0:219-30.el7_3.3","systemd-0:219-19.el7_2.18"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7795.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"6.8"},{"CVE":"CVE-2016-7796","severity":"moderate","public_date":"2016-09-28T00:00:00Z","advisories":["RHBA-2015:2092","RHSA-2017:0003"],"bugzilla":"1381911","bugzilla_description":"CVE-2016-7796 systemd: freeze when PID 1 receives a zero-length message over notify socket","cvss_score":5.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:P/A:C","CWE":"CWE-253","affected_packages":["systemd-0:219-19.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7796.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"6.8"},{"CVE":"CVE-2016-6349","severity":"low","public_date":"2016-07-27T00:00:00Z","advisories":[],"bugzilla":"1360634","bugzilla_description":"CVE-2016-6349 oci-register-machine: information exposure for docker containers","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6349.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"4.0"},{"CVE":"CVE-2014-9770","severity":"low","public_date":"2016-04-08T00:00:00Z","advisories":[],"bugzilla":"1348622","bugzilla_description":"CVE-2014-9770 systemd: weak permissions for journal files","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-732","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9770.json"},{"CVE":"CVE-2015-8842","severity":"low","public_date":"2016-04-08T00:00:00Z","advisories":[],"bugzilla":"1348626","bugzilla_description":"CVE-2015-8842 systemd: improper use of tmpfiles.d to create persistent journal files","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-732","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8842.json"},{"CVE":"CVE-2015-7510","severity":"moderate","public_date":"2015-11-24T00:00:00Z","advisories":[],"bugzilla":"1284642","bugzilla_description":"CVE-2015-7510 systemd: Stack overflow in nss-mymachines","cvss_score":6.0,"cvss_scoring_vector":"AV:N/AC:M/Au:S/C:P/I:P/A:P","CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7510.json"},{"CVE":"CVE-2013-4391","severity":"moderate","public_date":"2013-09-23T00:00:00Z","advisories":[],"bugzilla":"859051","bugzilla_description":"CVE-2013-4391 systemd: Integer overflow, leading to heap-based buffer overflow by processing native messages","cvss_score":4.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","CWE":"CWE-190->CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4391.json"},{"CVE":"CVE-2013-4392","severity":"moderate","public_date":"2013-09-23T00:00:00Z","advisories":[],"bugzilla":"859060","bugzilla_description":"CVE-2013-4392 systemd: TOCTOU race condition when updating file permissions and SELinux security contexts","cvss_score":3.3,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:N","CWE":"CWE-367","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4392.json"},{"CVE":"CVE-2013-4394","severity":"moderate","public_date":"2013-09-23T00:00:00Z","advisories":[],"bugzilla":"862324","bugzilla_description":"CVE-2013-4394 systemd: Improper sanitization of invalid XKB layouts descriptions (privilege escalation when custom PolicyKit local authority file used)","cvss_score":5.9,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4394.json"},{"CVE":"CVE-2013-4327","severity":"important","public_date":"2013-09-18T00:00:00Z","advisories":[],"bugzilla":"1006680","bugzilla_description":"CVE-2013-4327 systemd: insecure calling of polkit","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4327.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap-client_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap-client_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap-client_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap-initscript_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap-initscript_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap-initscript_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap-runtime_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap-runtime_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap-runtime_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap-sdt-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap-sdt-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap-sdt-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap-server_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap-server_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap-server_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap_security_api_results.json new file mode 100644 index 0000000..a19848b --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/systemtap_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2012-0875","severity":"moderate","public_date":"2012-02-20T00:00:00Z","advisories":["RHSA-2012:0376"],"bugzilla":"795913","bugzilla_description":"CVE-2012-0875 systemtap: kernel panic when processing malformed DWARF unwind data","cvss_score":5.2,"cvss_scoring_vector":"AV:L/AC:L/Au:S/C:P/I:N/A:C","CWE":null,"affected_packages":["systemtap-0:1.6-7.el5_8","systemtap-0:1.6-5.el6_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0875.json"},{"CVE":"CVE-2011-2502","severity":"moderate","public_date":"2011-07-25T00:00:00Z","advisories":["RHSA-2011:1088"],"bugzilla":"716476","bugzilla_description":"CVE-2011-2502 systemtap: insufficient security check when loading uprobes kernel module","cvss_score":6.8,"cvss_scoring_vector":"AV:L/AC:L/Au:S/C:C/I:C/A:C","CWE":null,"affected_packages":["systemtap-0:1.4-6.el6_1.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2502.json"},{"CVE":"CVE-2011-2503","severity":"moderate","public_date":"2011-07-25T00:00:00Z","advisories":["RHSA-2011:1088","RHSA-2011:1089"],"bugzilla":"716489","bugzilla_description":"CVE-2011-2503 systemtap: signed module loading race condition","cvss_score":6.0,"cvss_scoring_vector":"AV:L/AC:H/Au:S/C:C/I:C/A:C","CWE":null,"affected_packages":["systemtap-0:1.3-9.el5","systemtap-0:1.4-6.el6_1.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2503.json"},{"CVE":"CVE-2011-1769","severity":"moderate","public_date":"2011-05-11T00:00:00Z","advisories":["RHSA-2011:0841","RHSA-2011:0842"],"bugzilla":"702687","bugzilla_description":"CVE-2011-1769 systemtap: does not guard against DWARF operations div-by-zero errors, which can cause a kernel panic","cvss_score":4.6,"cvss_scoring_vector":"AV:A/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["systemtap-0:1.3-4.el5_6.1","systemtap-0:1.4-6.el6_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1769.json"},{"CVE":"CVE-2011-1781","severity":"moderate","public_date":"2011-05-11T00:00:00Z","advisories":["RHSA-2011:0842"],"bugzilla":"703972","bugzilla_description":"CVE-2011-1781 systemtap: divide by zero stack unwinding flaw","cvss_score":4.6,"cvss_scoring_vector":"AV:A/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["systemtap-0:1.4-6.el6_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1781.json"},{"CVE":"CVE-2010-4170","severity":"important","public_date":"2010-11-17T00:00:00Z","advisories":["RHSA-2010:0895","RHSA-2010:0894"],"bugzilla":"653604","bugzilla_description":"CVE-2010-4170 Systemtap: Insecure loading of modules","cvss_score":7.2,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","CWE":"CWE-284","affected_packages":["systemtap-0:1.1-3.el5_5.3","systemtap-0:1.2-11.el6_0","systemtap-0:0.6.2-2.el4_8.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4170.json"},{"CVE":"CVE-2010-4171","severity":"low","public_date":"2010-11-17T00:00:00Z","advisories":["RHSA-2010:0894"],"bugzilla":"653606","bugzilla_description":"CVE-2010-4171 Systemtap: Ability to remove unused modules by unprivileged user","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["systemtap-0:1.1-3.el5_5.3","systemtap-0:1.2-11.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4171.json"},{"CVE":"CVE-2010-0411","severity":"moderate","public_date":"2010-01-29T00:00:00Z","advisories":["RHSA-2010:0125","RHSA-2010:0124"],"bugzilla":"559719","bugzilla_description":"CVE-2010-0411 systemtap: Crash with systemtap script using __get_argv()","cvss_score":6.0,"cvss_scoring_vector":"AV:L/AC:H/Au:S/C:C/I:C/A:C","CWE":null,"affected_packages":["systemtap-0:0.6.2-2.el4_8.1","systemtap-0:0.9.7-5.el5_4.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0411.json"},{"CVE":"CVE-2009-4273","severity":"important","public_date":"2009-12-18T00:00:00Z","advisories":["RHSA-2010:0124"],"bugzilla":"550172","bugzilla_description":"CVE-2009-4273 systemtap: remote code execution via stap-server","cvss_score":7.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:C/I:C/A:C","CWE":"CWE-78","affected_packages":["systemtap-0:0.9.7-5.el5_4.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4273.json"},{"CVE":"CVE-2009-0784","severity":"moderate","public_date":"2009-03-25T00:00:00Z","advisories":["RHSA-2009:0373"],"bugzilla":"489808","bugzilla_description":"CVE-2009-0784 systemtap: race condition leads to privilege escalation","cvss_score":6.6,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:C/I:C/A:C","CWE":null,"affected_packages":["systemtap-0:0.7.2-3.el5_3","systemtap-0:0.6.2-2.el4_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0784.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sysvinit-tools_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sysvinit-tools_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/sysvinit-tools_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/t1lib_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/t1lib_security_api_results.json new file mode 100644 index 0000000..9e3ac64 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/t1lib_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2011-1552","severity":"low","public_date":"2011-03-28T00:00:00Z","advisories":["RHSA-2012:0062","RHSA-2012:1201","RHSA-2012:0137"],"bugzilla":"692853","bugzilla_description":"CVE-2011-1552 t1lib: invalid read crash via crafted Type 1 font","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["texlive-0:2007-57.el6_2","tetex-0:3.0-33.15.el5_8.1","t1lib-0:5.1.2-6.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1552.json"},{"CVE":"CVE-2011-1553","severity":"moderate","public_date":"2011-03-28T00:00:00Z","advisories":["RHSA-2012:0062","RHSA-2012:1201","RHSA-2012:0137"],"bugzilla":"692854","bugzilla_description":"CVE-2011-1553 t1lib: Use-after-free via crafted Type 1 font","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["texlive-0:2007-57.el6_2","tetex-0:3.0-33.15.el5_8.1","t1lib-0:5.1.2-6.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1553.json"},{"CVE":"CVE-2011-1554","severity":"moderate","public_date":"2011-03-28T00:00:00Z","advisories":["RHSA-2012:0062","RHSA-2012:1201","RHSA-2012:0137"],"bugzilla":"692856","bugzilla_description":"CVE-2011-1554 t1lib: Off-by-one via crafted Type 1 font","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-193","affected_packages":["texlive-0:2007-57.el6_2","tetex-0:3.0-33.15.el5_8.1","t1lib-0:5.1.2-6.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1554.json"},{"CVE":"CVE-2011-0764","severity":"moderate","public_date":"2011-03-28T00:00:00Z","advisories":["RHSA-2012:0062","RHSA-2012:1201","RHSA-2012:0137"],"bugzilla":"692909","bugzilla_description":"CVE-2011-0764 t1lib: Invalid pointer dereference via crafted Type 1 font","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["texlive-0:2007-57.el6_2","tetex-0:3.0-33.15.el5_8.1","t1lib-0:5.1.2-6.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0764.json"},{"CVE":"CVE-2011-5244","severity":"moderate","public_date":"2011-03-04T00:00:00Z","advisories":[],"bugzilla":"878483","bugzilla_description":"CVE-2011-5244 t1lib: off-by-one errors in token and linetoken","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-193","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-5244.json"},{"CVE":"CVE-2011-0433","severity":"moderate","public_date":"2011-01-30T00:00:00Z","advisories":["RHSA-2012:0062","RHSA-2012:1201","RHSA-2012:0137"],"bugzilla":"679732","bugzilla_description":"CVE-2011-0433 t1lib: Heap-based buffer overflow DVI file AFM font parser","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["texlive-0:2007-57.el6_2","tetex-0:3.0-33.15.el5_8.1","t1lib-0:5.1.2-6.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0433.json"},{"CVE":"CVE-2010-2642","severity":"moderate","public_date":"2011-01-05T00:00:00Z","advisories":["RHSA-2012:0062","RHSA-2012:1201","RHSA-2012:0137","RHSA-2011:0009"],"bugzilla":"666318","bugzilla_description":"CVE-2010-2642 t1lib: Heap based buffer overflow in DVI file AFM font parser","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["texlive-0:2007-57.el6_2","evince-0:2.28.2-14.el6_0.1","tetex-0:3.0-33.15.el5_8.1","t1lib-0:5.1.2-6.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2642.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/taglib_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/taglib_security_api_results.json new file mode 100644 index 0000000..5184049 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/taglib_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2018-11439","severity":"low","public_date":"2018-05-27T00:00:00Z","advisories":["RHSA-2020:1175"],"bugzilla":"1584868","bugzilla_description":"CVE-2018-11439 taglib: heap-based buffer over-read via a crafted audio file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["taglib-0:1.8-8.20130218git.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11439.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12678","severity":"low","public_date":"2017-08-08T00:00:00Z","advisories":[],"bugzilla":"1483959","bugzilla_description":"CVE-2017-12678 taglib: Incorrect cast in rebuildAggregateFrames function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-704","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12678.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2015-0254","severity":"important","public_date":"2015-02-27T00:00:00Z","advisories":["RHSA-2016:0121","RHSA-2016:0122","RHSA-2016:1376","RHSA-2016:0123","RHSA-2016:1838","RHSA-2016:1839","RHSA-2015:1695","RHSA-2016:0124","RHSA-2016:1840","RHSA-2016:1841","RHSA-2016:0125"],"bugzilla":"1198606","bugzilla_description":"CVE-2015-0254 jakarta-taglibs-standard: XXE and RCE via XSL extension in JSTL XML tags","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["jakarta-taglibs-standard-0:1.1.1-11.7.el6_7","jboss-ec2-eap-0:7.5.6-1.Final_redhat_1.ep6.el6","eap7-jboss-ec2-eap-0:7.0.2-2.GA_redhat_1.ep7.el6","eap7-jboss-ec2-eap-0:7.0.2-2.GA_redhat_1.ep7.el7","jakarta-taglibs-standard-0:1.1.2-14.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0254.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L","cvss3_score":"7.6"},{"CVE":"CVE-2012-2396","severity":null,"public_date":"2012-04-20T00:00:00Z","advisories":[],"bugzilla":"818583","bugzilla_description":"CVE-2012-2396 taglib: Division by zero while parsing properties of certain MP4 audio files","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2396.json"},{"CVE":"CVE-2012-1108","severity":"moderate","public_date":"2012-03-04T00:00:00Z","advisories":[],"bugzilla":"800559","bugzilla_description":"CVE-2012-1108 taglib: ogg file with vendorLength field modification causes crash","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1108.json"},{"CVE":"CVE-2012-1584","severity":"moderate","public_date":"2012-03-04T00:00:00Z","advisories":[],"bugzilla":"810009","bugzilla_description":"CVE-2012-1584 taglib: integer overflow can crash application","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1584.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tagsoup_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tagsoup_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tagsoup_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/talk-server_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/talk-server_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/talk-server_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/talk_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/talk_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/talk_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tang_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tang_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tang_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tar_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tar_security_api_results.json new file mode 100644 index 0000000..a2562db --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tar_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-13867","severity":"moderate","public_date":"2020-06-05T00:00:00Z","advisories":[],"bugzilla":"1848143","bugzilla_description":"CVE-2020-13867 targetcli: weak permissions for /etc/target and backup files","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-276","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13867.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2020-10699","severity":"important","public_date":"2020-03-23T00:00:00Z","advisories":["RHSA-2020:1933"],"bugzilla":"1819219","bugzilla_description":"CVE-2020-10699 targetcli: world writable /var/run/targetclid.sock allows unprivileged user to execute commands","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":["targetcli-0:2.1.51-4.el8_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10699.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2019-9923","severity":"low","public_date":"2019-01-02T00:00:00Z","advisories":[],"bugzilla":"1691764","bugzilla_description":"CVE-2019-9923 tar: null-pointer dereference in pax_decode_header in sparse.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9923.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-20482","severity":"low","public_date":"2018-12-26T00:00:00Z","advisories":[],"bugzilla":"1662346","bugzilla_description":"CVE-2018-20482 tar: Infinite read loop in sparse_dump_region function in sparse.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20482.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2018-10860","severity":"moderate","public_date":"2018-06-28T00:00:00Z","advisories":[],"bugzilla":"1591449","bugzilla_description":"CVE-2018-10860 perl-Archive-Zip: Directory traversal in Archive::Zip","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10860.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"5.4"},{"CVE":"CVE-2018-12015","severity":"moderate","public_date":"2018-06-07T00:00:00Z","advisories":["RHSA-2019:2097"],"bugzilla":"1588760","bugzilla_description":"CVE-2018-12015 perl: Directory traversal in Archive::Tar","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22","affected_packages":["perl-Archive-Tar-0:1.92-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12015.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"5.4"},{"CVE":"CVE-2018-20834","severity":"important","public_date":"2018-04-30T00:00:00Z","advisories":["RHSA-2019:1821"],"bugzilla":"1702338","bugzilla_description":"CVE-2018-20834 nodejs-tar: Arbitrary file overwrites when extracting tarballs containing a hard-link","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-59","affected_packages":["rh-nodejs8-nodejs-0:8.16.0-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20834.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2016-6321","severity":"moderate","public_date":"2016-10-27T00:00:00Z","advisories":[],"bugzilla":"1318562","bugzilla_description":"CVE-2016-6321 tar: Bypassing the extract path name","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-22","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6321.json"},{"CVE":"CVE-2016-10173","severity":"moderate","public_date":"2016-08-22T00:00:00Z","advisories":[],"bugzilla":"1417578","bugzilla_description":"CVE-2016-10173 rubygem-archive-tar-minitar: Directory traversal during archive extraction","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10173.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2013-1793","severity":"moderate","public_date":"2015-07-23T00:00:00Z","advisories":[],"bugzilla":"916767","bugzilla_description":"CVE-2013-1793 openstack-utils: openstack-db insecure password creation for services","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1793.json"},{"CVE":"CVE-2015-8860","severity":"moderate","public_date":"2015-03-27T00:00:00Z","advisories":[],"bugzilla":"1209501","bugzilla_description":"CVE-2015-8860 nodejs-tar: insecure processing of symbolic links during package processing","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-59","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8860.json"},{"CVE":"CVE-2013-4397","severity":"moderate","public_date":"2013-10-09T00:00:00Z","advisories":["RHSA-2013:1418"],"bugzilla":"1014492","bugzilla_description":"CVE-2013-4397 libtar: Heap-based buffer overflows by expanding a specially-crafted archive","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["libtar-0:1.2.11-17.el6_4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4397.json"},{"CVE":"CVE-2013-4420","severity":"low","public_date":"2013-10-01T00:00:00Z","advisories":[],"bugzilla":"1018150","bugzilla_description":"CVE-2013-4420 libtar: missing validation of file names","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4420.json"},{"CVE":"CVE-2011-0001","severity":"important","public_date":"2011-03-09T00:00:00Z","advisories":["RHSA-2011:0332"],"bugzilla":"667261","bugzilla_description":"CVE-2011-0001 scsi-target-utils: double-free vulnerability leads to pre-authenticated crash","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["scsi-target-utils-0:1.0.4-3.el6_0.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0001.json"},{"CVE":"CVE-2010-2221","severity":"important","public_date":"2010-07-01T00:00:00Z","advisories":["RHSA-2010:0518"],"bugzilla":"593877","bugzilla_description":"CVE-2010-2221 scsi-target-utils: stack buffer overflow vulnerability","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-121","affected_packages":["scsi-target-utils-0:0.0-6.20091205snap.el5_5.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2221.json"},{"CVE":"CVE-2010-0743","severity":"important","public_date":"2010-03-22T00:00:00Z","advisories":["RHSA-2010:0362"],"bugzilla":"576359","bugzilla_description":"CVE-2010-0743 scsi-target-utils: format string vulnerability","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-134","affected_packages":["scsi-target-utils-0:0.0-6.20091205snap.el5_5.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0743.json"},{"CVE":"CVE-2010-0624","severity":"moderate","public_date":"2010-03-10T00:00:00Z","advisories":["RHSA-2010:0145","RHSA-2010:0144","RHSA-2010:0143","RHSA-2010:0142","RHSA-2010:0141"],"bugzilla":"564368","bugzilla_description":"CVE-2010-0624 tar, cpio: Heap-based buffer overflow by expanding a specially-crafted archive","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["cpio-0:2.5-6.RHEL3","tar-0:1.14-13.el4_8.1","tar-0:1.13.25-16.RHEL3","cpio-0:2.6-23.el5_4.1","tar-2:1.15.1-23.0.1.el5_4.2","cpio-0:2.5-16.el4_8.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0624.json"},{"CVE":"CVE-2007-4829","severity":"moderate","public_date":"2007-08-24T00:00:00Z","advisories":["RHSA-2010:0505"],"bugzilla":"295021","bugzilla_description":"CVE-2007-4829 perl-Archive-Tar directory traversal flaws","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["perl-Archive-Tar-1:1.39.1-1.el5_5.1","perl-Archive-Tar-0:1.39.1-1.el4_8.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4829.json"},{"CVE":"CVE-2007-4134","severity":"moderate","public_date":"2007-08-21T00:00:00Z","advisories":["RHSA-2007:0873"],"bugzilla":"253856","bugzilla_description":"CVE-2007-4134 star directory traversal vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["star-0:1.5a75-2","star-0:1.5a25-8","star-0:1.5a08-5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4134.json"},{"CVE":"CVE-2007-4476","severity":"low","public_date":"2007-08-17T00:00:00Z","advisories":["RHSA-2010:0144","RHSA-2010:0141"],"bugzilla":"280961","bugzilla_description":"CVE-2007-4476 tar/cpio stack crashing in safer_name_suffix","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["tar-0:1.14-13.el4_8.1","cpio-0:2.6-23.el5_4.1","tar-2:1.15.1-23.0.1.el5_4.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4476.json"},{"CVE":"CVE-2007-4131","severity":"moderate","public_date":"2007-08-12T00:00:00Z","advisories":["RHSA-2007:0860"],"bugzilla":"251921","bugzilla_description":"CVE-2007-4131 tar directory traversal vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tar-2:1.15.1-23.0.1.el5","tar-0:1.14-12.5.1.RHEL4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4131.json"},{"CVE":"CVE-2006-6097","severity":"moderate","public_date":"2006-11-21T00:00:00Z","advisories":["RHSA-2006:0749"],"bugzilla":"1618237","bugzilla_description":"CVE-2006-6097 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tar-0:1.14-12.RHEL4","tar-0:1.13.25-15.RHEL3","tar-0:1.13.25-6.AS21.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-6097.json"},{"CVE":"CVE-2006-0300","severity":"moderate","public_date":"2005-06-17T00:00:00Z","advisories":["RHSA-2006:0232"],"bugzilla":"1617881","bugzilla_description":"CVE-2006-0300 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tar-0:1.14-9.RHEL4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0300.json"},{"CVE":"CVE-2005-1918","severity":"low","public_date":"2003-07-21T00:00:00Z","advisories":["RHSA-2006:0195"],"bugzilla":"140589","bugzilla_description":"CVE-2005-1918 tar archive path traversal issue","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tar-0:1.13.25-14.RHEL3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1918.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/targetcli_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/targetcli_security_api_results.json new file mode 100644 index 0000000..f80486e --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/targetcli_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-13867","severity":"moderate","public_date":"2020-06-05T00:00:00Z","advisories":[],"bugzilla":"1848143","bugzilla_description":"CVE-2020-13867 targetcli: weak permissions for /etc/target and backup files","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-276","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13867.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2020-10699","severity":"important","public_date":"2020-03-23T00:00:00Z","advisories":["RHSA-2020:1933"],"bugzilla":"1819219","bugzilla_description":"CVE-2020-10699 targetcli: world writable /var/run/targetclid.sock allows unprivileged user to execute commands","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":["targetcli-0:2.1.51-4.el8_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10699.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/targetd_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/targetd_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/targetd_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tbb-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tbb-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tbb-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tbb_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tbb_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tbb_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tboot_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tboot_security_api_results.json new file mode 100644 index 0000000..b8f5ee2 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tboot_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2017-16837","severity":"moderate","public_date":"2017-11-13T00:00:00Z","advisories":[],"bugzilla":"1515198","bugzilla_description":"CVE-2017-16837 tboot: Incorrect validation of certain function pointers","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16837.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2014-5118","severity":"low","public_date":"2014-07-24T00:00:00Z","advisories":["RHBA-2015:0584"],"bugzilla":"1124488","bugzilla_description":"CVE-2014-5118 tboot: argument measurement vulnerability for GRUB2+ELF kernels","cvss_score":1.7,"cvss_scoring_vector":"AV:L/AC:L/Au:S/C:N/I:P/A:N","CWE":null,"affected_packages":["tboot-1:1.8.2-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5118.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcl-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcl-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcl-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcl-pgtcl_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcl-pgtcl_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcl-pgtcl_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcl_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcl_security_api_results.json new file mode 100644 index 0000000..b3aa655 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcl_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-13867","severity":"moderate","public_date":"2020-06-05T00:00:00Z","advisories":[],"bugzilla":"1848143","bugzilla_description":"CVE-2020-13867 targetcli: weak permissions for /etc/target and backup files","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-276","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13867.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2020-10699","severity":"important","public_date":"2020-03-23T00:00:00Z","advisories":["RHSA-2020:1933"],"bugzilla":"1819219","bugzilla_description":"CVE-2020-10699 targetcli: world writable /var/run/targetclid.sock allows unprivileged user to execute commands","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":["targetcli-0:2.1.51-4.el8_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10699.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2016-0773","severity":"important","public_date":"2016-02-11T00:00:00Z","advisories":["RHSA-2016:0348","RHSA-2016:0349","RHSA-2016:1060","RHSA-2016:0346","RHSA-2016:0347"],"bugzilla":"1303832","bugzilla_description":"CVE-2016-0773 postgresql: case insensitive range handling integer overflow leading to buffer overflow","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-190->CWE-122","affected_packages":["rh-postgresql94-postgresql-0:9.4.6-1.el7","rh-postgresql94-postgresql-0:9.4.6-1.el6","postgresql-0:9.2.15-1.el7_2","postgresql-0:8.4.20-5.el6_7","postgresql92-postgresql-0:9.2.15-2.el6","postgresql92-postgresql-0:9.2.15-1.el7","postgresql92-postgresql-0:9.2.15-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0773.json"},{"CVE":"CVE-2013-6396","severity":"moderate","public_date":"2013-07-10T00:00:00Z","advisories":[],"bugzilla":"1031652","bugzilla_description":"CVE-2013-6396 python-swiftclient: SSL certificate verification security issue","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6396.json"},{"CVE":"CVE-2008-0553","severity":"moderate","public_date":"2008-02-01T00:00:00Z","advisories":["RHSA-2008:0136","RHSA-2008:0135","RHSA-2008:0134"],"bugzilla":"431518","bugzilla_description":"CVE-2008-0553 tk: GIF handling buffer overflow","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tk-0:8.4.7-3.el4_6.1","tk-0:8.4.13-5.el5_1.1","tcltk-0:8.3.5-92.8","tcltk-0:8.3.3-75"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0553.json"},{"CVE":"CVE-2007-4772","severity":"moderate","public_date":"2008-01-07T00:00:00Z","advisories":["RHSA-2008:0038","RHSA-2008:0134","RHSA-2008:0040","RHSA-2013:0122"],"bugzilla":"316511","bugzilla_description":"CVE-2007-4772 postgresql DoS via infinite loop in regex NFA optimization code","cvss_score":1.5,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["postgresql-0:8.1.11-1.el5_1.1","postgresql-0:8.1.11-1.el4s1.1","tcl-0:8.4.13-6.el5","tcltk-0:8.3.5-92.8","postgresql-0:7.4.19-1.el4_6.1","postgresql-0:8.2.6-1.el5s2","tcltk-0:8.3.3-75"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4772.json"},{"CVE":"CVE-2007-6067","severity":"low","public_date":"2008-01-07T00:00:00Z","advisories":["RHSA-2008:0038","RHSA-2008:0040","RHSA-2013:0122"],"bugzilla":"400931","bugzilla_description":"CVE-2007-6067 postgresql: tempory DoS caused by slow regex NFA cleanup","cvss_score":1.5,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:N/I:N/A:P","CWE":null,"affected_packages":["postgresql-0:8.1.11-1.el5_1.1","postgresql-0:8.1.11-1.el4s1.1","tcl-0:8.4.13-6.el5","postgresql-0:7.4.19-1.el4_6.1","postgresql-0:8.2.6-1.el5s2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6067.json"},{"CVE":"CVE-2007-5378","severity":"low","public_date":"2006-03-25T00:00:00Z","advisories":["RHSA-2008:0135","RHSA-2008:0134"],"bugzilla":"332021","bugzilla_description":"CVE-2007-5378 Tk GIF processing buffer overflow","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tk-0:8.4.7-3.el4_6.1","tcltk-0:8.3.5-92.8","tcltk-0:8.3.3-75"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5378.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcp_wrappers-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcp_wrappers-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcp_wrappers-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcp_wrappers-libs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcp_wrappers-libs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcp_wrappers-libs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcp_wrappers_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcp_wrappers_security_api_results.json new file mode 100644 index 0000000..8fdbeb6 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcp_wrappers_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2009-0786","severity":"moderate","public_date":"2009-03-11T00:00:00Z","advisories":["RHBA-2007:0565"],"bugzilla":"491095","bugzilla_description":"CVE-2009-0786 tcp_wrappers: hosts_ctl() does not handle hostnames specified in /etc/hosts.{allow,deny} correctly","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["tcp_wrappers-0:7.6-40.4.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0786.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcpdump_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcpdump_security_api_results.json new file mode 100644 index 0000000..89bba8c --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcpdump_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2018-19325","severity":"low","public_date":"2020-03-16T00:00:00Z","advisories":[],"bugzilla":"1817479","bugzilla_description":"CVE-2018-19325 tcpdump: heap-based buffer over-read in the EXTRACT_32BITS function due to improper serviceId sanitization","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19325.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2018-14882","severity":"low","public_date":"2019-10-02T00:00:00Z","advisories":[],"bugzilla":"1760430","bugzilla_description":"CVE-2018-14882 tcpdump: Buffer over-read in function rpl_dio_printopt in print-icmp6.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14882.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-16300","severity":"low","public_date":"2019-10-02T00:00:00Z","advisories":[],"bugzilla":"1760445","bugzilla_description":"CVE-2018-16300 tcpdump: Resource exhaustion in bgp_attr_print() function in print-bgp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16300.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-14469","severity":"low","public_date":"2019-10-02T00:00:00Z","advisories":[],"bugzilla":"1760447","bugzilla_description":"CVE-2018-14469 tcpdump: Buffer over-read in ikev1_n_print() function in print-isakmp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14469.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-14465","severity":"low","public_date":"2019-10-02T00:00:00Z","advisories":[],"bugzilla":"1760449","bugzilla_description":"CVE-2018-14465 tcpdump: Buffer over-read in rsvp_obj_print() function in print-rsvp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14465.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-14463","severity":"low","public_date":"2019-10-02T00:00:00Z","advisories":[],"bugzilla":"1760453","bugzilla_description":"CVE-2018-14463 tcpdump: Buffer over-read in vrrp_print() function in print-vrrp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14463.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-14462","severity":"low","public_date":"2019-10-02T00:00:00Z","advisories":[],"bugzilla":"1760455","bugzilla_description":"CVE-2018-14462 tcpdump: Buffer over-read in icmp_print() function in print-icmp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14462.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-14879","severity":"moderate","public_date":"2019-10-02T00:00:00Z","advisories":[],"bugzilla":"1760457","bugzilla_description":"CVE-2018-14879 tcpdump: Out of bounds read/write in in get_next_file() in tcpdump.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14879.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2018-16229","severity":"low","public_date":"2019-10-02T00:00:00Z","advisories":[],"bugzilla":"1760458","bugzilla_description":"CVE-2018-16229 tcpdump: Buffer over-read in dccp_print_option() function in print-dccp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16229.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-16227","severity":"low","public_date":"2019-10-02T00:00:00Z","advisories":[],"bugzilla":"1760461","bugzilla_description":"CVE-2018-16227 tcpdump: Buffer over-read in print-802_11.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16227.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-14881","severity":"low","public_date":"2019-10-02T00:00:00Z","advisories":[],"bugzilla":"1760463","bugzilla_description":"CVE-2018-14881 tcpdump: Buffer over-read in bgp_capabilities_print() function in print-bgp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14881.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-14468","severity":"low","public_date":"2019-10-02T00:00:00Z","advisories":[],"bugzilla":"1760464","bugzilla_description":"CVE-2018-14468 tcpdump: Buffer over-read in mfr_print() function in print-fr.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14468.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-14880","severity":"low","public_date":"2019-10-02T00:00:00Z","advisories":[],"bugzilla":"1760468","bugzilla_description":"CVE-2018-14880 tcpdump: Buffer over-read in ospf6_print_lshdr() function in print-ospf6.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14880.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-10103","severity":"moderate","public_date":"2019-10-02T00:00:00Z","advisories":[],"bugzilla":"1760504","bugzilla_description":"CVE-2018-10103 tcpdump: SMB data printing mishandled","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10103.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2018-10105","severity":"moderate","public_date":"2019-10-02T00:00:00Z","advisories":[],"bugzilla":"1760505","bugzilla_description":"CVE-2018-10105 tcpdump: SMB data printing mishandled","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10105.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2018-14461","severity":"low","public_date":"2019-10-02T00:00:00Z","advisories":[],"bugzilla":"1760506","bugzilla_description":"CVE-2018-14461 tcpdump: Buffer over-read in ldp_tlv_print() function in print-ldp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14461.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-14464","severity":"low","public_date":"2019-10-02T00:00:00Z","advisories":[],"bugzilla":"1760507","bugzilla_description":"CVE-2018-14464 tcpdump: Buffer over-read in lmp_print_data_link_subobjs() function in print-lmp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14464.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-14466","severity":"low","public_date":"2019-10-02T00:00:00Z","advisories":[],"bugzilla":"1760509","bugzilla_description":"CVE-2018-14466 tcpdump: Buffer over-read in print-icmp6.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14466.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-14467","severity":"low","public_date":"2019-10-02T00:00:00Z","advisories":[],"bugzilla":"1760512","bugzilla_description":"CVE-2018-14467 tcpdump: Buffer over-read in bgp_capabilities_print() in print-bgp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14467.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-14470","severity":"low","public_date":"2019-10-02T00:00:00Z","advisories":[],"bugzilla":"1760513","bugzilla_description":"CVE-2018-14470 tcpdump: Buffer over-read in babel_print_v2() in print-babel.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14470.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-16228","severity":"low","public_date":"2019-10-02T00:00:00Z","advisories":[],"bugzilla":"1760514","bugzilla_description":"CVE-2018-16228 tcpdump: Access to uninitialized buffer in print_prefix() function in print-hncp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-665","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16228.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-16230","severity":"low","public_date":"2019-10-02T00:00:00Z","advisories":[],"bugzilla":"1760516","bugzilla_description":"CVE-2018-16230 tcpdump: Buffer over-read in bgp_attr_print() function in print-bgp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16230.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-16451","severity":"low","public_date":"2019-10-02T00:00:00Z","advisories":[],"bugzilla":"1760517","bugzilla_description":"CVE-2018-16451 tcpdump: Buffer over-read in print_trans() function in print-smb.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16451.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-16452","severity":"low","public_date":"2019-10-02T00:00:00Z","advisories":[],"bugzilla":"1760518","bugzilla_description":"CVE-2018-16452 tcpdump: Resource exhaustion in smb_fdata() funtion in smbutil.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16452.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-15166","severity":"low","public_date":"2019-10-02T00:00:00Z","advisories":[],"bugzilla":"1760520","bugzilla_description":"CVE-2019-15166 tcpdump: Buffer overflow in lmp_print_data_link_subobjs() in print-lmp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15166.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-1010220","severity":null,"public_date":"2019-08-01T00:00:00Z","advisories":[],"bugzilla":"1735549","bugzilla_description":"CVE-2019-1010220 tcpdump: buffer over-read in function print_prefix in print-hncp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1010220.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3_score":"5.4"},{"CVE":"CVE-2018-19519","severity":"low","public_date":"2018-12-03T00:00:00Z","advisories":["RHSA-2019:3976","RHSA-2020:1604"],"bugzilla":"1655374","bugzilla_description":"CVE-2018-19519 tcpdump: Stack-based buffer over-read in print-hncp.c:print_prefix() via crafted pcap","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-4.el7_7.1","tcpdump-14:4.9.2-6.el8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19519.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2017-16808","severity":"low","public_date":"2017-11-13T00:00:00Z","advisories":[],"bugzilla":"1516994","bugzilla_description":"CVE-2017-16808 tcpdump: heap-based buffer over-read in aoe_print in print-aoe.c and lookup_emem in addrtoname.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16808.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12893","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490539","bugzilla_description":"CVE-2017-12893 tcpdump: Buffer over-read in smbutil.c:name_len() in SMB/CIFS parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12893.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-12894","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490540","bugzilla_description":"CVE-2017-12894 tcpdump: Buffer over-read in addrtoname.c:lookup_bytestring()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12894.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-12895","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490541","bugzilla_description":"CVE-2017-12895 tcpdump: Buffer over-read in print-icmp.c:icmp_print() in ICMP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12895.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-12896","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490543","bugzilla_description":"CVE-2017-12896 tcpdump: Buffer over-read in print-isakmp.c:isakmp_rfc3948_print() in ISAKMP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12896.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-12897","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490545","bugzilla_description":"CVE-2017-12897 tcpdump: Buffer over-read in print-isoclns.c:isoclns_print() in ISO CLNS parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12897.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-12898","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490546","bugzilla_description":"CVE-2017-12898 tcpdump: Buffer over-read in print-nfs.c:interp_reply() in NFS parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12898.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-12899","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490547","bugzilla_description":"CVE-2017-12899 tcpdump: Buffer over-read in print-decnet.c:decnet_print() in DECnet parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12899.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-12900","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490548","bugzilla_description":"CVE-2017-12900 tcpdump: Buffer over-read in util-print.c:tok2strbuf()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12900.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-12901","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490549","bugzilla_description":"CVE-2017-12901 tcpdump: Buffer over-read in print-eigrp.c:eigrp_print() in EIGRP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12901.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-12902","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490550","bugzilla_description":"CVE-2017-12902 tcpdump: Buffer over-read in print-zephyr.c, several functions in Zephyr parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12902.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-12985","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490551","bugzilla_description":"CVE-2017-12985 tcpdump: Buffer over-read in print-ip6.c:ip6_print() in IPv6 parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12985.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-12986","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490552","bugzilla_description":"CVE-2017-12986 tcpdump: Buffer over-read in print-rt6.c:rt6_print() in IPv6 routing header parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12986.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-12987","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490553","bugzilla_description":"CVE-2017-12987 tcpdump: Buffer over-read in print-802_11.c:parse_elements() in IEEE 802.11 parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12987.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-12988","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490554","bugzilla_description":"CVE-2017-12988 tcpdump: Buffer over-read in print-telnet.c:telnet_parse() in telnet parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12988.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-12989","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490555","bugzilla_description":"CVE-2017-12989 tcpdump: Infinite loop due to a bug in print-resp.c:resp_get_length() in RESP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12989.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-12990","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490556","bugzilla_description":"CVE-2017-12990 tcpdump: Infinite loop due to bugs in print-isakmp.c, several functions in ISAKMP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12990.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-12991","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490557","bugzilla_description":"CVE-2017-12991 tcpdump: Buffer over-read in print-bgp.c:bgp_attr_print() in BGP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12991.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-12992","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490558","bugzilla_description":"CVE-2017-12992 tcpdump: Buffer over-read in print-ripng.c:ripng_print() in RIPng parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12992.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-12993","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490559","bugzilla_description":"CVE-2017-12993 tcpdump: Buffer over-read in print-juniper.c, several functions in Juniper protocols parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12993.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-12994","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490560","bugzilla_description":"CVE-2017-12994 tcpdump: Buffer over-read in print-bgp.c:bgp_attr_print() in BGP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12994.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-12995","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490561","bugzilla_description":"CVE-2017-12995 tcpdump: Infinite loop due to a bug in print-domain.c:ns_print() in DNS parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12995.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-12996","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490562","bugzilla_description":"CVE-2017-12996 tcpdump: Buffer over-read in print-pim.c:pimv2_print() in PIMv2 parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12996.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-12997","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490564","bugzilla_description":"CVE-2017-12997 tcpdump: Infinite loop due to a bug in print-lldp.c:lldp_private_8021_print() in LLDP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12997.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-12998","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490565","bugzilla_description":"CVE-2017-12998 tcpdump: Buffer over-read in print-isoclns.c:isis_print_extd_ip_reach() in IS-IS parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12998.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-12999","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490566","bugzilla_description":"CVE-2017-12999 tcpdump: Buffer over-read in print-isoclns.c:isis_print() in IS-IS parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12999.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13000","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490567","bugzilla_description":"CVE-2017-13000 tcpdump: Buffer over-read in print-802_15_4.c:ieee802_15_4_if_print() in IEEE 802.15.4 parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13000.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13001","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490568","bugzilla_description":"CVE-2017-13001 tcpdump: Buffer over-read in print-nfs.c:nfs_printfh() in NFS parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13001.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13002","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490569","bugzilla_description":"CVE-2017-13002 tcpdump: Buffer over-read in print-aodv.c:aodv_extension() in AODV parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13002.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13003","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490570","bugzilla_description":"CVE-2017-13003 tcpdump: Buffer over-read in print-lmp.c:lmp_print() in LMP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13003.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13004","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490571","bugzilla_description":"CVE-2017-13004 tcpdump: Buffer over-read in print-juniper.c:juniper_parse_header() in Juniper protocols parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13004.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13005","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490572","bugzilla_description":"CVE-2017-13005 tcpdump: Buffer over-read in print-nfs.c:xid_map_enter() in NFS parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13005.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13006","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490573","bugzilla_description":"CVE-2017-13006 tcpdump: Buffer over-read in print-l2tp.c, several functions in L2TP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13006.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13007","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490574","bugzilla_description":"CVE-2017-13007 tcpdump: Buffer over-read in print-pktap.c:pktap_if_print() in Apple PKTAP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13007.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13008","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490575","bugzilla_description":"CVE-2017-13008 tcpdump: Buffer over-read in print-802_11.c:parse_elements() in IEEE 802.11 parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13008.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13009","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490576","bugzilla_description":"CVE-2017-13009 tcpdump: Buffer over-read in print-mobility.c:mobility_print() in IPv6 mobility parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13009.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13010","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490577","bugzilla_description":"CVE-2017-13010 tcpdump: Buffer over-read in print-beep.c:l_strnstart() in BEEP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13010.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13011","severity":"moderate","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490578","bugzilla_description":"CVE-2017-13011 tcpdump: Buffer overflow in util-print.c:bittok2str_internal()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13011.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13012","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490579","bugzilla_description":"CVE-2017-13012 tcpdump: Buffer over-read in print-icmp.c:icmp_print() in ICMP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13012.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13013","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490580","bugzilla_description":"CVE-2017-13013 tcpdump: Buffer over-read in print-arp.c, several functions in ARP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13013.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13014","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490581","bugzilla_description":"CVE-2017-13014 tcpdump: Buffer over-read in print-wb.c:wb_prep(), several functions in White Board protocol parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13014.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13015","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490582","bugzilla_description":"CVE-2017-13015 tcpdump: Buffer over-read in print-eap.c:eap_print() in EAP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13015.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13016","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490583","bugzilla_description":"CVE-2017-13016 tcpdump: Buffer over-read in print-isoclns.c:esis_print() in ISO ES-IS parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13016.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13017","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490584","bugzilla_description":"CVE-2017-13017 tcpdump: Buffer over-read in print-dhcp6.c:dhcp6opt_print() in DHCPv6 parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13017.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13018","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490585","bugzilla_description":"CVE-2017-13018 tcpdump: Buffer over-read in print-pgm.c:pgm_print() in PGM parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13018.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13019","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490586","bugzilla_description":"CVE-2017-13019 tcpdump: Buffer over-read in print-pgm.c:pgm_print() in PGM parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13019.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13020","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490587","bugzilla_description":"CVE-2017-13020 tcpdump: Buffer over-read in print-vtp.c:vtp_print() in VTP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13020.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13021","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490588","bugzilla_description":"CVE-2017-13021 tcpdump: Buffer over-read in print-icmp6.c:icmp6_print() in ICMPv6 parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13021.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13022","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490589","bugzilla_description":"CVE-2017-13022 tcpdump: Buffer over-read in print-ip.c:ip_printroute() in IP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13022.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13023","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490590","bugzilla_description":"CVE-2017-13023 tcpdump: Buffer over-read in print-mobility.c:mobility_opt_print() in IPv6 mobility parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13023.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13024","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490591","bugzilla_description":"CVE-2017-13024 tcpdump: Buffer over-read in print-mobility.c:mobility_opt_print() in IPv6 mobility parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13024.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13025","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490592","bugzilla_description":"CVE-2017-13025 tcpdump: Buffer over-read in print-mobility.c:mobility_opt_print() in IPv6 mobility parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13025.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13026","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490593","bugzilla_description":"CVE-2017-13026 tcpdump: Buffer over-read in print-isoclns.c, several functions in ISO IS-IS parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13026.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13027","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490594","bugzilla_description":"CVE-2017-13027 tcpdump: Buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print() in LLDP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13027.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13028","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490595","bugzilla_description":"CVE-2017-13028 tcpdump: Buffer over-read in print-bootp.c:bootp_print() in BOOTP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13028.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13029","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490596","bugzilla_description":"CVE-2017-13029 tcpdump: Buffer over-read in print-ppp.c:print_ccp_config_options() in PPP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13029.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13030","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490597","bugzilla_description":"CVE-2017-13030 tcpdump: Buffer over-read in print-pim.c, several functions in PIM parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13030.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13031","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490598","bugzilla_description":"CVE-2017-13031 tcpdump: Buffer over-read in print-frag6.c:frag6_print() in IPv6 fragmentation header parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13031.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13032","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490599","bugzilla_description":"CVE-2017-13032 tcpdump: Buffer over-read in print-radius.c:print_attr_string() in RADIUS parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13032.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13033","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490600","bugzilla_description":"CVE-2017-13033 tcpdump: Buffer over-read in print-vtp.c:vtp_print() in VTP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13033.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13034","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490601","bugzilla_description":"CVE-2017-13034 tcpdump: Buffer over-read in print-pgm.c:pgm_print() in PGM parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13034.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13035","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490602","bugzilla_description":"CVE-2017-13035 tcpdump: Buffer over-read in print-isoclns.c:isis_print_id() in ISO IS-IS parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13035.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13036","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490603","bugzilla_description":"CVE-2017-13036 tcpdump: Buffer over-read in print-ospf6.c:ospf6_decode_v3() in OSPFv3 parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13036.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13037","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490604","bugzilla_description":"CVE-2017-13037 tcpdump: Buffer over-read in print-ip.c:ip_printts() in IP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13037.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13038","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490605","bugzilla_description":"CVE-2017-13038 tcpdump: Buffer over-read in print-ppp.c:handle_mlppp() in PPP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13038.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13039","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490606","bugzilla_description":"CVE-2017-13039 tcpdump: Buffer over-read in print-isakmp.c, several functions in ISAKMP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13039.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13040","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490607","bugzilla_description":"CVE-2017-13040 tcpdump: Buffer over-read in print-mptcp.c, several functions in MPTCP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13040.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13041","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490608","bugzilla_description":"CVE-2017-13041 tcpdump: Buffer over-read in print-icmp6.c:icmp6_nodeinfo_print() in ICMPv6 parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13041.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13042","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490609","bugzilla_description":"CVE-2017-13042 tcpdump: Buffer over-read in print-hncp.c:dhcpv6_print() in HNCP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13042.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13043","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490610","bugzilla_description":"CVE-2017-13043 tcpdump: Buffer over-read in print-bgp.c:decode_multicast_vpn() in BGP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13043.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13044","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490611","bugzilla_description":"CVE-2017-13044 tcpdump: Buffer over-read in print-hncp.c:dhcpv4_print() in HNCP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13044.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13045","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490612","bugzilla_description":"CVE-2017-13045 tcpdump: Buffer over-read in print-vqp.c:vqp_print() in VQP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13045.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13046","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490613","bugzilla_description":"CVE-2017-13046 tcpdump: Buffer over-read in print-bgp.c:bgp_attr_print() in BGP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13046.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13047","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490614","bugzilla_description":"CVE-2017-13047 tcpdump: Buffer over-read in print-isoclns.c:esis_print() in ISO ES-IS parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13047.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13048","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490615","bugzilla_description":"CVE-2017-13048 tcpdump: Buffer over-read in print-rsvp.c:rsvp_obj_print() in RSVP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13048.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13049","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490616","bugzilla_description":"CVE-2017-13049 tcpdump: Buffer over-read in print-rx.c:ubik_print() in Rx protocol parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13049.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13050","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490617","bugzilla_description":"CVE-2017-13050 tcpdump: Buffer over-read in print-rpki-rtr.c:rpki_rtr_pdu_print() in RPKI-Router parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13050.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13051","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490618","bugzilla_description":"CVE-2017-13051 tcpdump: Buffer over-read in print-rsvp.c:rsvp_obj_print() in RSVP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13051.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13052","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490619","bugzilla_description":"CVE-2017-13052 tcpdump: Buffer over-read in print-cfm.c:cfm_print() in CFM parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13052.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13053","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490620","bugzilla_description":"CVE-2017-13053 tcpdump: Buffer over-read in print-bgp.c:decode_rt_routing_info() in BGP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13053.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13054","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490621","bugzilla_description":"CVE-2017-13054 tcpdump: Buffer over-read in print-lldp.c:lldp_private_8023_print() in LLDP parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13054.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13055","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490622","bugzilla_description":"CVE-2017-13055 tcpdump: Buffer over-read in print-isoclns.c:isis_print_is_reach_subtlv() in ISO IS-IS parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13055.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13687","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490623","bugzilla_description":"CVE-2017-13687 tcpdump: Buffer over-read in print-chdlc.c:chdlc_print() in Cisco HDLC parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13687.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13688","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490624","bugzilla_description":"CVE-2017-13688 tcpdump: Buffer over-read in print-olsr.c:olsr_print() in OLSR parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13688.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13689","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490625","bugzilla_description":"CVE-2017-13689 tcpdump: Buffer over-read in print-isakmp.c:ikev1_id_print() in IKEv1 parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13689.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13690","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490626","bugzilla_description":"CVE-2017-13690 tcpdump: Buffer over-read in print-isakmp.c, several functions in IKEv2 parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13690.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-13725","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1490627","bugzilla_description":"CVE-2017-13725 tcpdump: Buffer over-read in print-rt6.c:rt6_print() in IPv6 routing header parser","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13725.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-11541","severity":"low","public_date":"2017-07-18T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1475352","bugzilla_description":"CVE-2017-11541 tcpdump: heap-based buffer over-read in the lldp_print","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11541.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.3"},{"CVE":"CVE-2017-11542","severity":"low","public_date":"2017-07-18T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1475355","bugzilla_description":"CVE-2017-11542 tcpdump: heap-based buffer over-read in the pimv1_print","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11542.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.3"},{"CVE":"CVE-2017-11543","severity":"low","public_date":"2017-07-18T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1475358","bugzilla_description":"CVE-2017-11543 tcpdump: buffer overflow in the sliplink_print function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11543.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-11544","severity":"low","public_date":"2017-07-18T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1475359","bugzilla_description":"CVE-2017-11544 tcpdump: Segmentation Violation in the compressed_sl_print","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11544.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-11108","severity":"low","public_date":"2017-07-07T00:00:00Z","advisories":["RHEA-2018:0705"],"bugzilla":"1472878","bugzilla_description":"CVE-2017-11108 tcpdump: Heap buffer overflow in the EXTRACT_16BITS function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["tcpdump-14:4.9.2-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11108.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-7922","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7922.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7923","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7923.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7924","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7924.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7925","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7925.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7926","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7926.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7927","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7927.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7928","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7928.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7929","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7929.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7930","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7930.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7931","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7931.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7932","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7932.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7933","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7933.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7934","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7934.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7935","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7935.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7936","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7936.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7937","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7937.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7938","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7938.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7939","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7939.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7940","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7940.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7973","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7973.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7974","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7974.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7975","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7975.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7983","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7983.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7984","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7984.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7985","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7985.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7986","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7986.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7992","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7992.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-7993","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7993.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-8574","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8574.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-8575","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8575.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-5202","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5202.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-5203","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5203.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-5204","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5204.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-5205","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5205.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-5341","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5341.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-5342","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5342.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-5482","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5482.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-5483","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5483.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-5484","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5484.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-5485","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5485.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-5486","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1419066","bugzilla_description":"tcpdump: multiple overflow issues in protocol decoding","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-125|CWE-190)","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5486.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2015-3138","severity":"low","public_date":"2015-03-25T00:00:00Z","advisories":[],"bugzilla":"1212342","bugzilla_description":"CVE-2015-3138 tcpdump: denial of service in print-wb.c","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3138.json"},{"CVE":"CVE-2015-0261","severity":"moderate","public_date":"2015-03-09T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1201792","bugzilla_description":"CVE-2015-0261 tcpdump: IPv6 mobility printer mobility_opt_print() typecastimg/signedness error","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0261.json"},{"CVE":"CVE-2015-2153","severity":"moderate","public_date":"2015-03-09T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1201795","bugzilla_description":"CVE-2015-2153 tcpdump: tcp printer rpki_rtr_pdu_print() missing length check","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2153.json"},{"CVE":"CVE-2015-2154","severity":"low","public_date":"2015-03-09T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1201797","bugzilla_description":"CVE-2015-2154 tcpdump: ethernet printer osi_print_cksum() missing sanity checks out-of-bounds read","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2154.json"},{"CVE":"CVE-2015-2155","severity":"moderate","public_date":"2015-03-09T00:00:00Z","advisories":["RHSA-2017:1871"],"bugzilla":"1201798","bugzilla_description":"CVE-2015-2155 tcpdump: force printer vulnerability","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["tcpdump-14:4.9.0-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2155.json"},{"CVE":"CVE-2014-9140","severity":"moderate","public_date":"2014-11-24T00:00:00Z","advisories":[],"bugzilla":"1171182","bugzilla_description":"CVE-2014-9140 tcpdump: incorrect handling of PPP packets printing","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9140.json"},{"CVE":"CVE-2014-8767","severity":"low","public_date":"2014-11-13T00:00:00Z","advisories":[],"bugzilla":"1165160","bugzilla_description":"CVE-2014-8767 tcpdump: denial of service in verbose mode using malformed OLSR payload","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8767.json"},{"CVE":"CVE-2014-8768","severity":"low","public_date":"2014-11-13T00:00:00Z","advisories":[],"bugzilla":"1165161","bugzilla_description":"CVE-2014-8768 tcpdump: denial of service in verbose mode using malformed Geonet payload","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190->CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8768.json"},{"CVE":"CVE-2014-8769","severity":"low","public_date":"2014-11-13T00:00:00Z","advisories":[],"bugzilla":"1165162","bugzilla_description":"CVE-2014-8769 tcpdump: unreliable output using malformed AOVD payload","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8769.json"},{"CVE":"CVE-2007-3798","severity":"low","public_date":"2007-07-10T00:00:00Z","advisories":["RHSA-2007:0387","RHSA-2007:0368"],"bugzilla":"250275","bugzilla_description":"CVE-2007-3798 tcpdump BGP integer overflow","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":["tcpdump-14:3.9.4-11.el5","tcpdump-14:3.8.2-12.el4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3798.json"},{"CVE":"CVE-2007-1218","severity":"low","public_date":"2007-03-01T00:00:00Z","advisories":["RHSA-2007:0387","RHSA-2007:0368"],"bugzilla":"232347","bugzilla_description":"CVE-2007-1218 tcpdump denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tcpdump-14:3.9.4-11.el5","tcpdump-14:3.8.2-12.el4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1218.json"},{"CVE":"CVE-2005-1267","severity":"low","public_date":"2005-06-06T00:00:00Z","advisories":["RHSA-2005:505"],"bugzilla":"1617624","bugzilla_description":"CVE-2005-1267 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tcpdump-14:3.8.2-10.RHEL4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1267.json"},{"CVE":"CVE-2005-1278","severity":"moderate","public_date":"2005-04-26T00:00:00Z","advisories":["RHSA-2005:421","RHSA-2005:417"],"bugzilla":"1617628","bugzilla_description":"CVE-2005-1278 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tcpdump-14:3.7.2-7.E3.5","tcpdump-14:3.8.2-9.RHEL4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1278.json"},{"CVE":"CVE-2005-1279","severity":"moderate","public_date":"2005-04-26T00:00:00Z","advisories":["RHSA-2005:421","RHSA-2005:417"],"bugzilla":"1617629","bugzilla_description":"CVE-2005-1279 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tcpdump-14:3.7.2-7.E3.5","tcpdump-14:3.8.2-9.RHEL4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1279.json"},{"CVE":"CVE-2005-1280","severity":"moderate","public_date":"2005-04-26T00:00:00Z","advisories":["RHSA-2005:421","RHSA-2005:417"],"bugzilla":"1617630","bugzilla_description":"CVE-2005-1280 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tcpdump-14:3.7.2-7.E3.5","tcpdump-14:3.8.2-9.RHEL4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1280.json"},{"CVE":"CVE-2004-0183","severity":"low","public_date":"2004-03-29T00:00:00Z","advisories":["RHSA-2004:219"],"bugzilla":"1617174","bugzilla_description":"CVE-2004-0183 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tcpdump-14:3.7.2-7.E3.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0183.json"},{"CVE":"CVE-2004-0184","severity":"low","public_date":"2004-03-29T00:00:00Z","advisories":["RHSA-2004:219"],"bugzilla":"1617175","bugzilla_description":"CVE-2004-0184 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tcpdump-14:3.7.2-7.E3.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0184.json"},{"CVE":"CVE-2003-0989","severity":"moderate","public_date":"2004-01-14T00:00:00Z","advisories":["RHSA-2004:008","RHSA-2004:007"],"bugzilla":"1617118","bugzilla_description":"CVE-2003-0989 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tcpdump-14:3.6.2-12.2.1AS.5","tcpdump-14:3.7.2-7.E3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0989.json"},{"CVE":"CVE-2004-0055","severity":"moderate","public_date":"2004-01-04T00:00:00Z","advisories":["RHSA-2004:008","RHSA-2004:007"],"bugzilla":"1617135","bugzilla_description":"CVE-2004-0055 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tcpdump-14:3.6.2-12.2.1AS.5","tcpdump-14:3.7.2-7.E3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0055.json"},{"CVE":"CVE-2004-0057","severity":"moderate","public_date":"2004-01-04T00:00:00Z","advisories":["RHSA-2004:008","RHSA-2004:007"],"bugzilla":"1617136","bugzilla_description":"CVE-2004-0057 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tcpdump-14:3.6.2-12.2.1AS.5","tcpdump-14:3.7.2-7.E3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0057.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcsh_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcsh_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tcsh_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tdb-tools_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tdb-tools_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tdb-tools_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/teamd_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/teamd_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/teamd_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-farstream_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-farstream_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-farstream_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-filesystem_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-filesystem_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-filesystem_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-gabble_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-gabble_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-gabble_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-glib_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-glib_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-glib_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-haze_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-haze_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-haze_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-logger_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-logger_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-logger_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-mission-control_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-mission-control_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-mission-control_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-salut_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-salut_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telepathy-salut_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telnet-server_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telnet-server_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telnet-server_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telnet_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telnet_security_api_results.json new file mode 100644 index 0000000..15395fd --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/telnet_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-10188","severity":"important","public_date":"2020-02-28T00:00:00Z","advisories":["RHSA-2020:1342","RHSA-2020:1334","RHSA-2020:1318","RHSA-2020:1335","RHSA-2020:1349"],"bugzilla":"1811673","bugzilla_description":"CVE-2020-10188 telnet-server: no bounds checks in nextitem() function allows to remotely execute arbitrary code","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["krb5-appl-0:1.0.1-10.el6_10","telnet-1:0.17-73.el8_1.1","telnet-1:0.17-73.el8_0.1","telnet-1:0.17-49.el6_10","telnet-1:0.17-65.el7_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10188.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2005-0488","severity":"moderate","public_date":"2005-06-14T00:00:00Z","advisories":["RHSA-2005:562","RHSA-2005:504"],"bugzilla":"1617531","bugzilla_description":"CVE-2005-0488 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["krb5-0:1.2.7-47","telnet-1:0.17-31.EL4.3","telnet-1:0.17-26.EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0488.json"},{"CVE":"CVE-2005-0468","severity":"important","public_date":"2005-03-28T00:00:00Z","advisories":["RHSA-2005:330","RHSA-2005:327"],"bugzilla":"1617527","bugzilla_description":"CVE-2005-0468 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["telnet-1:0.17-31.EL4.2","krb5-0:1.2.7-42","telnet-1:0.17-26.EL3.2","krb5-0:1.3.4-12"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0468.json"},{"CVE":"CVE-2005-0469","severity":"important","public_date":"2005-03-28T00:00:00Z","advisories":["RHSA-2005:330","RHSA-2005:327"],"bugzilla":"1617528","bugzilla_description":"CVE-2005-0469 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["telnet-1:0.17-31.EL4.2","krb5-0:1.2.7-42","telnet-1:0.17-26.EL3.2","krb5-0:1.3.4-12"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0469.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tex-fonts-hebrew_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tex-fonts-hebrew_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tex-fonts-hebrew_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tex-preview_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tex-preview_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tex-preview_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texinfo_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texinfo_security_api_results.json new file mode 100644 index 0000000..28f22f0 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texinfo_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2006-4810","severity":"moderate","public_date":"2006-11-08T00:00:00Z","advisories":["RHSA-2006:0727"],"bugzilla":"1618203","bugzilla_description":"CVE-2006-4810 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["texinfo-0:4.5-3.el3.1","texinfo-0:4.7-5.el4.2","texinfo-0:4.0b-3.el2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4810.json"},{"CVE":"CVE-2005-3011","severity":"low","public_date":"2000-02-09T00:00:00Z","advisories":["RHSA-2006:0727"],"bugzilla":"1617775","bugzilla_description":"CVE-2005-3011 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["texinfo-0:4.5-3.el3.1","texinfo-0:4.7-5.el4.2","texinfo-0:4.0b-3.el2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3011.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ae_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ae_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ae_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-algorithms_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-algorithms_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-algorithms_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-amscls_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-amscls_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-amscls_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-amsfonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-amsfonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-amsfonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-amsmath_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-amsmath_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-amsmath_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-anysize_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-anysize_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-anysize_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-attachfile_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-attachfile_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-attachfile_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-avantgar_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-avantgar_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-avantgar_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-babel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-babel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-babel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-babelbib_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-babelbib_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-babelbib_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-base_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-base_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-base_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-beamer_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-beamer_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-beamer_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-bera_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-bera_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-bera_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-beton_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-beton_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-beton_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-bibtex-bin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-bibtex-bin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-bibtex-bin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-bibtex_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-bibtex_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-bibtex_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-bookman_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-bookman_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-bookman_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-booktabs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-booktabs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-booktabs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-breakurl_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-breakurl_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-breakurl_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-caption_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-caption_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-caption_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-carlisle_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-carlisle_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-carlisle_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-charter_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-charter_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-charter_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-chngcntr_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-chngcntr_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-chngcntr_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-cite_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-cite_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-cite_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-cm-lgc_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-cm-lgc_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-cm-lgc_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-cm-super_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-cm-super_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-cm-super_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-cm_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-cm_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-cm_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-cmap_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-cmap_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-cmap_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-cmextra_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-cmextra_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-cmextra_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-collection-basic_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-collection-basic_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-collection-basic_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-collection-documentation-base_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-collection-documentation-base_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-collection-documentation-base_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-collection-fontsrecommended_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-collection-fontsrecommended_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-collection-fontsrecommended_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-collection-htmlxml_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-collection-htmlxml_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-collection-htmlxml_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-collection-latex_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-collection-latex_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-collection-latex_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-collection-latexrecommended_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-collection-latexrecommended_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-collection-latexrecommended_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-colortbl_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-colortbl_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-colortbl_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-courier_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-courier_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-courier_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-crop_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-crop_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-crop_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-csquotes_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-csquotes_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-csquotes_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ctable_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ctable_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ctable_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-currfile_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-currfile_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-currfile_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipdfm-bin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipdfm-bin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipdfm-bin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipdfm_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipdfm_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipdfm_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipdfmx-bin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipdfmx-bin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipdfmx-bin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipdfmx-def_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipdfmx-def_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipdfmx-def_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipdfmx_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipdfmx_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipdfmx_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipng-bin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipng-bin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipng-bin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipng_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipng_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvipng_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvips-bin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvips-bin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvips-bin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvips_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvips_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-dvips_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ec_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ec_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ec_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-enctex_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-enctex_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-enctex_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-enumitem_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-enumitem_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-enumitem_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-eso-pic_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-eso-pic_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-eso-pic_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-etex-pkg_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-etex-pkg_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-etex-pkg_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-etex_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-etex_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-etex_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-etoolbox_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-etoolbox_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-etoolbox_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-euler_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-euler_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-euler_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-euro_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-euro_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-euro_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-eurosym_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-eurosym_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-eurosym_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-extsizes_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-extsizes_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-extsizes_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fancybox_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fancybox_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fancybox_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fancyhdr_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fancyhdr_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fancyhdr_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fancyref_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fancyref_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fancyref_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fancyvrb_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fancyvrb_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fancyvrb_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-filecontents_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-filecontents_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-filecontents_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-filehook_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-filehook_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-filehook_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fix2col_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fix2col_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fix2col_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-float_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-float_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-float_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fontspec_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fontspec_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fontspec_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-footmisc_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-footmisc_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-footmisc_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fp_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fp_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fp_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fpl_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fpl_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-fpl_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-geometry_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-geometry_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-geometry_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-glyphlist_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-glyphlist_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-glyphlist_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-graphics_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-graphics_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-graphics_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-gsftopk-bin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-gsftopk-bin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-gsftopk-bin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-gsftopk_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-gsftopk_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-gsftopk_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-helvetic_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-helvetic_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-helvetic_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-hyperref_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-hyperref_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-hyperref_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-hyph-utf8_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-hyph-utf8_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-hyph-utf8_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-hyphen-base_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-hyphen-base_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-hyphen-base_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ifetex_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ifetex_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ifetex_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ifluatex_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ifluatex_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ifluatex_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ifxetex_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ifxetex_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ifxetex_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-index_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-index_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-index_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-jadetex-bin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-jadetex-bin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-jadetex-bin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-jadetex_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-jadetex_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-jadetex_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-jknapltx_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-jknapltx_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-jknapltx_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-kastrup_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-kastrup_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-kastrup_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-kerkis_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-kerkis_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-kerkis_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-koma-script_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-koma-script_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-koma-script_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-kpathsea-bin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-kpathsea-bin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-kpathsea-bin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-kpathsea-lib_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-kpathsea-lib_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-kpathsea-lib_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-kpathsea_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-kpathsea_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-kpathsea_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-l3experimental_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-l3experimental_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-l3experimental_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-l3kernel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-l3kernel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-l3kernel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-l3packages_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-l3packages_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-l3packages_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-latex-bin-bin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-latex-bin-bin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-latex-bin-bin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-latex-bin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-latex-bin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-latex-bin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-latex-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-latex-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-latex-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-latex_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-latex_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-latex_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-latexconfig_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-latexconfig_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-latexconfig_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-listings_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-listings_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-listings_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-lm-math_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-lm-math_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-lm-math_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-lm_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-lm_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-lm_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ltxmisc_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ltxmisc_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ltxmisc_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-lua-alt-getopt_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-lua-alt-getopt_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-lua-alt-getopt_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-lualatex-math_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-lualatex-math_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-lualatex-math_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-luaotfload-bin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-luaotfload-bin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-luaotfload-bin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-luaotfload_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-luaotfload_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-luaotfload_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-luatex-bin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-luatex-bin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-luatex-bin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-luatex_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-luatex_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-luatex_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-luatexbase_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-luatexbase_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-luatexbase_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-makeindex-bin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-makeindex-bin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-makeindex-bin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-makeindex_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-makeindex_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-makeindex_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-marginnote_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-marginnote_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-marginnote_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-marvosym_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-marvosym_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-marvosym_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mathpazo_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mathpazo_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mathpazo_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mdwtools_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mdwtools_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mdwtools_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-memoir_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-memoir_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-memoir_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-metafont-bin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-metafont-bin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-metafont-bin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-metafont_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-metafont_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-metafont_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-metalogo_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-metalogo_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-metalogo_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mflogo_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mflogo_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mflogo_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mfnfss_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mfnfss_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mfnfss_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mfware-bin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mfware-bin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mfware-bin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mfware_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mfware_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mfware_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mh_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mh_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mh_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-microtype_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-microtype_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-microtype_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-misc_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-misc_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-misc_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mparhack_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mparhack_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mparhack_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mptopdf-bin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mptopdf-bin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mptopdf-bin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mptopdf_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mptopdf_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-mptopdf_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ms_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ms_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ms_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-multido_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-multido_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-multido_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-natbib_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-natbib_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-natbib_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ncntrsbk_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ncntrsbk_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ncntrsbk_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ntgclass_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ntgclass_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ntgclass_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-oberdiek_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-oberdiek_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-oberdiek_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-palatino_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-palatino_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-palatino_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-paralist_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-paralist_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-paralist_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-parallel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-parallel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-parallel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-parskip_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-parskip_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-parskip_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-passivetex_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-passivetex_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-passivetex_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pdfpages_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pdfpages_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pdfpages_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pdftex-bin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pdftex-bin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pdftex-bin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pdftex-def_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pdftex-def_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pdftex-def_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pdftex_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pdftex_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pdftex_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pgf_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pgf_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pgf_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-plain_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-plain_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-plain_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-powerdot_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-powerdot_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-powerdot_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-psfrag_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-psfrag_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-psfrag_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pslatex_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pslatex_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pslatex_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-psnfss_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-psnfss_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-psnfss_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pspicture_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pspicture_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pspicture_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-3d_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-3d_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-3d_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-blur_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-blur_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-blur_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-coil_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-coil_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-coil_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-eps_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-eps_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-eps_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-fill_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-fill_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-fill_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-grad_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-grad_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-grad_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-math_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-math_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-math_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-node_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-node_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-node_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-plot_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-plot_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-plot_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-slpe_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-slpe_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-slpe_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-text_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-text_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-text_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-tree_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-tree_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pst-tree_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pstricks-add_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pstricks-add_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pstricks-add_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pstricks_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pstricks_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pstricks_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pxfonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pxfonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-pxfonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-qstest_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-qstest_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-qstest_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-rcs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-rcs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-rcs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-rotating_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-rotating_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-rotating_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-rsfs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-rsfs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-rsfs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-sansmath_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-sansmath_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-sansmath_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-sauerj_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-sauerj_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-sauerj_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-scheme-basic_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-scheme-basic_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-scheme-basic_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-section_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-section_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-section_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-seminar_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-seminar_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-seminar_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-sepnum_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-sepnum_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-sepnum_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-setspace_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-setspace_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-setspace_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-showexpl_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-showexpl_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-showexpl_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-soul_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-soul_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-soul_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-subfig_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-subfig_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-subfig_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-symbol_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-symbol_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-symbol_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tetex-bin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tetex-bin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tetex-bin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tetex_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tetex_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tetex_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tex-bin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tex-bin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tex-bin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tex-gyre-math_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tex-gyre-math_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tex-gyre-math_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tex-gyre_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tex-gyre_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tex-gyre_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tex4ht-bin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tex4ht-bin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tex4ht-bin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tex4ht_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tex4ht_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tex4ht_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tex_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tex_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tex_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-texconfig-bin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-texconfig-bin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-texconfig-bin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-texconfig_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-texconfig_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-texconfig_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-texlive.infra-bin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-texlive.infra-bin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-texlive.infra-bin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-texlive.infra_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-texlive.infra_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-texlive.infra_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-textcase_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-textcase_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-textcase_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-thumbpdf-bin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-thumbpdf-bin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-thumbpdf-bin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-thumbpdf_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-thumbpdf_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-thumbpdf_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-times_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-times_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-times_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tipa_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tipa_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tipa_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tools_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tools_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-tools_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-txfonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-txfonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-txfonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-type1cm_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-type1cm_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-type1cm_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-typehtml_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-typehtml_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-typehtml_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ucs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ucs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ucs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ulem_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ulem_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-ulem_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-underscore_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-underscore_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-underscore_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-unicode-math_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-unicode-math_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-unicode-math_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-url_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-url_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-url_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-utopia_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-utopia_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-utopia_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-varwidth_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-varwidth_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-varwidth_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-wasy_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-wasy_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-wasy_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-wasysym_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-wasysym_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-wasysym_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xcolor_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xcolor_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xcolor_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xdvi-bin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xdvi-bin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xdvi-bin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xdvi_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xdvi_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xdvi_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xkeyval_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xkeyval_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xkeyval_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xmltex-bin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xmltex-bin_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xmltex-bin_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xmltex_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xmltex_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xmltex_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xunicode_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xunicode_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-xunicode_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-zapfchan_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-zapfchan_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-zapfchan_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-zapfding_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-zapfding_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive-zapfding_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive_security_api_results.json new file mode 100644 index 0000000..54901a0 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/texlive_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2019-19601","severity":"moderate","public_date":"2020-02-04T00:00:00Z","advisories":[],"bugzilla":"1798118","bugzilla_description":"CVE-2019-19601 texlive: buffer overflow in the TexOpen() function in detex.l","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19601.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2018-17407","severity":"moderate","public_date":"2018-09-23T00:00:00Z","advisories":["RHSA-2020:1036"],"bugzilla":"1632802","bugzilla_description":"CVE-2018-17407 texlive: Buffer overflow in t1_check_unusual_charstring function in writet1.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["texlive-2:2012-45.20130427_r30134.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17407.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2017-17513","severity":"moderate","public_date":"2017-12-14T00:00:00Z","advisories":[],"bugzilla":"1526167","bugzilla_description":"CVE-2017-17513 texlive: Command injection in mswin/mtxrun.lua and lualibs/lualibs-os.lua","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17513.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2016-10243","severity":"moderate","public_date":"2016-11-28T00:00:00Z","advisories":[],"bugzilla":"1429452","bugzilla_description":"CVE-2016-10243 texlive: mpost allows to run non-whitelisted external programs","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10243.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-4472","severity":"moderate","public_date":"2016-05-15T00:00:00Z","advisories":[],"bugzilla":"1344251","bugzilla_description":"CVE-2016-4472 expat: Undefined behavior and pointer overflows","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4472.json"},{"CVE":"CVE-2016-6161","severity":"moderate","public_date":"2016-05-08T00:00:00Z","advisories":[],"bugzilla":"1353550","bugzilla_description":"CVE-2016-6161 gd: Global out-of-bounds read when encoding gif from malformed gd2 input","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-20->CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6161.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2015-5700","severity":"low","public_date":"2015-01-11T00:00:00Z","advisories":[],"bugzilla":"1181167","bugzilla_description":"CVE-2015-5700 CVE-2015-5701 texlive: insecure use of /tmp in mktexlsr","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:P/A:N","CWE":"CWE-377","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5700.json"},{"CVE":"CVE-2015-5701","severity":"low","public_date":"2015-01-11T00:00:00Z","advisories":[],"bugzilla":"1181167","bugzilla_description":"CVE-2015-5700 CVE-2015-5701 texlive: insecure use of /tmp in mktexlsr","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:P/A:N","CWE":"CWE-377","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5701.json"},{"CVE":"CVE-2015-0296","severity":"moderate","public_date":"2014-05-19T00:00:00Z","advisories":[],"bugzilla":"1197082","bugzilla_description":"CVE-2015-0296 texlive rpm scriptlet allows unprivileged user to delete arbitrary files","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-77","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0296.json"},{"CVE":"CVE-2011-1552","severity":"low","public_date":"2011-03-28T00:00:00Z","advisories":["RHSA-2012:0062","RHSA-2012:1201","RHSA-2012:0137"],"bugzilla":"692853","bugzilla_description":"CVE-2011-1552 t1lib: invalid read crash via crafted Type 1 font","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["texlive-0:2007-57.el6_2","tetex-0:3.0-33.15.el5_8.1","t1lib-0:5.1.2-6.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1552.json"},{"CVE":"CVE-2011-1553","severity":"moderate","public_date":"2011-03-28T00:00:00Z","advisories":["RHSA-2012:0062","RHSA-2012:1201","RHSA-2012:0137"],"bugzilla":"692854","bugzilla_description":"CVE-2011-1553 t1lib: Use-after-free via crafted Type 1 font","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["texlive-0:2007-57.el6_2","tetex-0:3.0-33.15.el5_8.1","t1lib-0:5.1.2-6.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1553.json"},{"CVE":"CVE-2011-1554","severity":"moderate","public_date":"2011-03-28T00:00:00Z","advisories":["RHSA-2012:0062","RHSA-2012:1201","RHSA-2012:0137"],"bugzilla":"692856","bugzilla_description":"CVE-2011-1554 t1lib: Off-by-one via crafted Type 1 font","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-193","affected_packages":["texlive-0:2007-57.el6_2","tetex-0:3.0-33.15.el5_8.1","t1lib-0:5.1.2-6.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1554.json"},{"CVE":"CVE-2011-0764","severity":"moderate","public_date":"2011-03-28T00:00:00Z","advisories":["RHSA-2012:0062","RHSA-2012:1201","RHSA-2012:0137"],"bugzilla":"692909","bugzilla_description":"CVE-2011-0764 t1lib: Invalid pointer dereference via crafted Type 1 font","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["texlive-0:2007-57.el6_2","tetex-0:3.0-33.15.el5_8.1","t1lib-0:5.1.2-6.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0764.json"},{"CVE":"CVE-2011-5244","severity":"moderate","public_date":"2011-03-04T00:00:00Z","advisories":[],"bugzilla":"878483","bugzilla_description":"CVE-2011-5244 t1lib: off-by-one errors in token and linetoken","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-193","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-5244.json"},{"CVE":"CVE-2011-0433","severity":"moderate","public_date":"2011-01-30T00:00:00Z","advisories":["RHSA-2012:0062","RHSA-2012:1201","RHSA-2012:0137"],"bugzilla":"679732","bugzilla_description":"CVE-2011-0433 t1lib: Heap-based buffer overflow DVI file AFM font parser","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["texlive-0:2007-57.el6_2","tetex-0:3.0-33.15.el5_8.1","t1lib-0:5.1.2-6.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0433.json"},{"CVE":"CVE-2010-2642","severity":"moderate","public_date":"2011-01-05T00:00:00Z","advisories":["RHSA-2012:0062","RHSA-2012:1201","RHSA-2012:0137","RHSA-2011:0009"],"bugzilla":"666318","bugzilla_description":"CVE-2010-2642 t1lib: Heap based buffer overflow in DVI file AFM font parser","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["texlive-0:2007-57.el6_2","evince-0:2.28.2-14.el6_0.1","tetex-0:3.0-33.15.el5_8.1","t1lib-0:5.1.2-6.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2642.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tftp-server_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tftp-server_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tftp-server_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tftp_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tftp_security_api_results.json new file mode 100644 index 0000000..0011fc1 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tftp_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2011-2199","severity":"moderate","public_date":"2011-06-10T00:00:00Z","advisories":[],"bugzilla":"713950","bugzilla_description":"CVE-2011-2199 tftp: buffer overflow when setting utimeout option","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2199.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-fonts-common_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-fonts-common_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-fonts-common_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-garuda-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-garuda-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-garuda-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-kinnari-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-kinnari-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-kinnari-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-loma-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-loma-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-loma-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-norasi-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-norasi-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-norasi-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-purisa-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-purisa-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-purisa-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-sawasdee-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-sawasdee-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-sawasdee-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-tlwgmono-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-tlwgmono-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-tlwgmono-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-tlwgtypewriter-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-tlwgtypewriter-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-tlwgtypewriter-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-tlwgtypist-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-tlwgtypist-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-tlwgtypist-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-tlwgtypo-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-tlwgtypo-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-tlwgtypo-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-umpush-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-umpush-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-umpush-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-waree-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-waree-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thai-scalable-waree-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/theora-tools_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/theora-tools_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/theora-tools_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thunderbird_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thunderbird_security_api_results.json new file mode 100644 index 0000000..00290ee --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/thunderbird_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-15683","severity":"important","public_date":"2020-10-20T00:00:00Z","advisories":["RHSA-2020:4315","RHSA-2020:4311","RHSA-2020:4310","RHSA-2020:4317"],"bugzilla":"1889932","bugzilla_description":"CVE-2020-15683 Mozilla: Memory safety bugs fixed in Firefox 82 and Firefox ESR 78.4","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["firefox-0:78.4.0-1.el8_2","firefox-0:78.4.0-1.el7_9","firefox-0:78.4.0-1.el8_1","firefox-0:78.4.0-1.el8_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15683.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-15999","severity":"moderate","public_date":"2020-10-19T00:00:00Z","advisories":[],"bugzilla":"1890210","bugzilla_description":"CVE-2020-15999 freetype: heap-based buffer overflow via malformed ttf files","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190->CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15999.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-15969","severity":"important","public_date":"2020-10-06T00:00:00Z","advisories":["RHSA-2020:4315","RHSA-2020:4235","RHSA-2020:4311","RHSA-2020:4310","RHSA-2020:4317"],"bugzilla":"1885885","bugzilla_description":"CVE-2020-15969 chromium-browser: Use after free in WebRTC","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:78.4.0-1.el8_2","firefox-0:78.4.0-1.el7_9","chromium-browser-0:86.0.4240.75-1.el6_10","firefox-0:78.4.0-1.el8_1","firefox-0:78.4.0-1.el8_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15969.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-15675","severity":"important","public_date":"2020-10-05T00:00:00Z","advisories":[],"bugzilla":"1885181","bugzilla_description":"CVE-2020-15675 firefox: Use-After-Free in WebGL could result in memory corruption and a potentially exploitable crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-120|CWE-416)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15675.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-15677","severity":"moderate","public_date":"2020-09-22T00:00:00Z","advisories":["RHSA-2020:4158","RHSA-2020:4157","RHSA-2020:4156","RHSA-2020:4155","RHSA-2020:4163","RHSA-2020:3834","RHSA-2020:3835","RHSA-2020:3832","RHSA-2020:4080","RHSA-2020:3833"],"bugzilla":"1881664","bugzilla_description":"CVE-2020-15677 Mozilla: Download origin spoofing via redirect","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-601","affected_packages":["firefox-0:78.3.0-1.el8_1","firefox-0:78.3.0-1.el8_2","thunderbird-0:78.3.1-1.el8_0","firefox-0:78.3.0-1.el8_0","thunderbird-0:78.3.1-1.el8_1","thunderbird-0:78.3.1-1.el8_2","firefox-0:78.3.0-1.el6_10","thunderbird-0:78.3.1-1.el7_9","firefox-0:78.3.0-1.el7_9","thunderbird-0:78.3.1-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15677.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2020-15676","severity":"moderate","public_date":"2020-09-22T00:00:00Z","advisories":["RHSA-2020:4158","RHSA-2020:4157","RHSA-2020:4156","RHSA-2020:4155","RHSA-2020:4163","RHSA-2020:3834","RHSA-2020:3835","RHSA-2020:3832","RHSA-2020:4080","RHSA-2020:3833"],"bugzilla":"1881665","bugzilla_description":"CVE-2020-15676 Mozilla: XSS when pasting attacker-controlled data into a contenteditable element","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":["firefox-0:78.3.0-1.el8_1","firefox-0:78.3.0-1.el8_2","thunderbird-0:78.3.1-1.el8_0","firefox-0:78.3.0-1.el8_0","thunderbird-0:78.3.1-1.el8_1","thunderbird-0:78.3.1-1.el8_2","firefox-0:78.3.0-1.el6_10","thunderbird-0:78.3.1-1.el7_9","firefox-0:78.3.0-1.el7_9","thunderbird-0:78.3.1-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15676.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2020-15678","severity":"moderate","public_date":"2020-09-22T00:00:00Z","advisories":["RHSA-2020:4158","RHSA-2020:4157","RHSA-2020:4156","RHSA-2020:4155","RHSA-2020:4163","RHSA-2020:3834","RHSA-2020:3835","RHSA-2020:3832","RHSA-2020:4080","RHSA-2020:3833"],"bugzilla":"1881666","bugzilla_description":"CVE-2020-15678 Mozilla: When recursing through layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free scenario","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:78.3.0-1.el8_1","firefox-0:78.3.0-1.el8_2","thunderbird-0:78.3.1-1.el8_0","firefox-0:78.3.0-1.el8_0","thunderbird-0:78.3.1-1.el8_1","thunderbird-0:78.3.1-1.el8_2","firefox-0:78.3.0-1.el6_10","thunderbird-0:78.3.1-1.el7_9","firefox-0:78.3.0-1.el7_9","thunderbird-0:78.3.1-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15678.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-15673","severity":"important","public_date":"2020-09-22T00:00:00Z","advisories":["RHSA-2020:4158","RHSA-2020:4157","RHSA-2020:4156","RHSA-2020:4155","RHSA-2020:4163","RHSA-2020:3834","RHSA-2020:3835","RHSA-2020:3832","RHSA-2020:4080","RHSA-2020:3833"],"bugzilla":"1881667","bugzilla_description":"CVE-2020-15673 Mozilla: Memory safety bugs fixed in Firefox 81 and Firefox ESR 78.3","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["firefox-0:78.3.0-1.el8_1","firefox-0:78.3.0-1.el8_2","thunderbird-0:78.3.1-1.el8_0","firefox-0:78.3.0-1.el8_0","thunderbird-0:78.3.1-1.el8_1","thunderbird-0:78.3.1-1.el8_2","firefox-0:78.3.0-1.el6_10","thunderbird-0:78.3.1-1.el7_9","firefox-0:78.3.0-1.el7_9","thunderbird-0:78.3.1-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15673.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-15663","severity":"important","public_date":"2020-08-25T00:00:00Z","advisories":[],"bugzilla":"1872530","bugzilla_description":"CVE-2020-15663 Mozilla: Downgrade attack on the Mozilla Maintenance Service could have resulted in escalation of privilege","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-282","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15663.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-15664","severity":"important","public_date":"2020-08-25T00:00:00Z","advisories":["RHSA-2020:3643","RHSA-2020:3555","RHSA-2020:3632","RHSA-2020:3556","RHSA-2020:3633","RHSA-2020:3631","RHSA-2020:3559","RHSA-2020:3557","RHSA-2020:3634","RHSA-2020:3558"],"bugzilla":"1872531","bugzilla_description":"CVE-2020-15664 Mozilla: Attacker-induced prompt for extension installation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-648","affected_packages":["thunderbird-0:68.12.0-1.el6_10","thunderbird-0:68.12.0-1.el7_8","firefox-0:68.12.0-1.el6_10","firefox-0:78.2.0-3.el8_0","thunderbird-0:68.12.0-1.el8_2","firefox-0:78.2.0-3.el8_1","thunderbird-0:68.12.0-1.el8_1","thunderbird-0:68.12.0-1.el8_0","firefox-0:68.12.0-1.el7_8","firefox-0:78.2.0-2.el8_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15664.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-15669","severity":"important","public_date":"2020-08-25T00:00:00Z","advisories":["RHSA-2020:3643","RHSA-2020:3555","RHSA-2020:3632","RHSA-2020:3556","RHSA-2020:3633","RHSA-2020:3631","RHSA-2020:3559","RHSA-2020:3557","RHSA-2020:3634","RHSA-2020:3558"],"bugzilla":"1872532","bugzilla_description":"CVE-2020-15669 Mozilla: Use-After-Free when aborting an operation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["thunderbird-0:68.12.0-1.el6_10","thunderbird-0:68.12.0-1.el7_8","firefox-0:68.12.0-1.el6_10","firefox-0:78.2.0-3.el8_0","thunderbird-0:68.12.0-1.el8_2","firefox-0:78.2.0-3.el8_1","thunderbird-0:68.12.0-1.el8_1","thunderbird-0:68.12.0-1.el8_0","firefox-0:68.12.0-1.el7_8","firefox-0:78.2.0-2.el8_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15669.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-15670","severity":"important","public_date":"2020-08-25T00:00:00Z","advisories":[],"bugzilla":"1872533","bugzilla_description":"CVE-2020-15670 Mozilla: Memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15670.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-15667","severity":"low","public_date":"2020-08-25T00:00:00Z","advisories":[],"bugzilla":"1884474","bugzilla_description":"CVE-2020-15667 firefox: Invalid name length could result in a heap buffer overflow, leading to memory corruption","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15667.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2020-15652","severity":"important","public_date":"2020-07-28T00:00:00Z","advisories":["RHSA-2020:3344","RHSA-2020:3345","RHSA-2020:3254","RHSA-2020:3342","RHSA-2020:3233","RHSA-2020:3343","RHSA-2020:3241","RHSA-2020:3253","RHSA-2020:3341","RHSA-2020:3229"],"bugzilla":"1861570","bugzilla_description":"CVE-2020-15652 Mozilla: Potential leak of redirect targets when loading scripts in a worker","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-209","affected_packages":["thunderbird-0:68.11.0-1.el7_8","firefox-0:68.11.0-1.el7_8","firefox-0:68.11.0-1.el8_2","firefox-0:68.11.0-1.el8_1","firefox-0:68.11.0-1.el6_10","thunderbird-0:68.11.0-1.el8_0","firefox-0:68.11.0-1.el8_0","thunderbird-0:68.11.0-1.el6_10","thunderbird-0:68.11.0-1.el8_2","thunderbird-0:68.11.0-1.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15652.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-15659","severity":"important","public_date":"2020-07-28T00:00:00Z","advisories":["RHSA-2020:3344","RHSA-2020:3345","RHSA-2020:3254","RHSA-2020:3342","RHSA-2020:3233","RHSA-2020:3343","RHSA-2020:3241","RHSA-2020:3253","RHSA-2020:3341","RHSA-2020:3229"],"bugzilla":"1861572","bugzilla_description":"CVE-2020-15659 Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["thunderbird-0:68.11.0-1.el7_8","firefox-0:68.11.0-1.el7_8","firefox-0:68.11.0-1.el8_2","firefox-0:68.11.0-1.el8_1","firefox-0:68.11.0-1.el6_10","thunderbird-0:68.11.0-1.el8_0","firefox-0:68.11.0-1.el8_0","thunderbird-0:68.11.0-1.el6_10","thunderbird-0:68.11.0-1.el8_2","thunderbird-0:68.11.0-1.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15659.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-15655","severity":"important","public_date":"2020-07-28T00:00:00Z","advisories":[],"bugzilla":"1861644","bugzilla_description":"CVE-2020-15655 Mozilla: Extension APIs could be used to bypass Same-Origin Policy","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-829","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15655.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-15653","severity":"moderate","public_date":"2020-07-28T00:00:00Z","advisories":["RHSA-2020:3555","RHSA-2020:3559","RHSA-2020:3557","RHSA-2020:4080"],"bugzilla":"1861645","bugzilla_description":"CVE-2020-15653 Mozilla: Bypassing iframe sandbox when allowing popups","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-276","affected_packages":["firefox-0:78.2.0-3.el8_0","firefox-0:78.2.0-3.el8_1","firefox-0:78.3.0-1.el7_9","firefox-0:78.2.0-2.el8_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15653.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2020-15656","severity":"moderate","public_date":"2020-07-28T00:00:00Z","advisories":["RHSA-2020:3555","RHSA-2020:3559","RHSA-2020:3557","RHSA-2020:4080"],"bugzilla":"1861646","bugzilla_description":"CVE-2020-15656 Mozilla: Type confusion for special arguments in IonMonkey","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-843","affected_packages":["firefox-0:78.2.0-3.el8_0","firefox-0:78.2.0-3.el8_1","firefox-0:78.3.0-1.el7_9","firefox-0:78.2.0-2.el8_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15656.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-15658","severity":"low","public_date":"2020-07-28T00:00:00Z","advisories":["RHSA-2020:3555","RHSA-2020:3559","RHSA-2020:3557","RHSA-2020:4080"],"bugzilla":"1861647","bugzilla_description":"CVE-2020-15658 Mozilla: Overriding file type when saving to disk","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-138","affected_packages":["firefox-0:78.2.0-3.el8_0","firefox-0:78.2.0-3.el8_1","firefox-0:78.3.0-1.el7_9","firefox-0:78.2.0-2.el8_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15658.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"3.5"},{"CVE":"CVE-2020-15657","severity":"low","public_date":"2020-07-28T00:00:00Z","advisories":[],"bugzilla":"1861648","bugzilla_description":"CVE-2020-15657 Mozilla: DLL hijacking due to incorrect loading path","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-426","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15657.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.3"},{"CVE":"CVE-2020-15654","severity":"low","public_date":"2020-07-28T00:00:00Z","advisories":["RHSA-2020:3555","RHSA-2020:3559","RHSA-2020:3557","RHSA-2020:4080"],"bugzilla":"1861649","bugzilla_description":"CVE-2020-15654 Mozilla: Custom cursor can overlay user interface","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-451","affected_packages":["firefox-0:78.2.0-3.el8_0","firefox-0:78.2.0-3.el8_1","firefox-0:78.3.0-1.el7_9","firefox-0:78.2.0-2.el8_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15654.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"4.6"},{"CVE":"CVE-2020-12415","severity":"important","public_date":"2020-07-16T00:00:00Z","advisories":[],"bugzilla":"1875241","bugzilla_description":"CVE-2020-12415 Mozilla: AppCache manifest poisoning due to url encoded character processing","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-138->CWE-22","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12415.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-12416","severity":"important","public_date":"2020-07-16T00:00:00Z","advisories":[],"bugzilla":"1875242","bugzilla_description":"CVE-2020-12416 Mozilla: Use-after-free in WebRTC VideoBroadcaster","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12416.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-12426","severity":"important","public_date":"2020-07-16T00:00:00Z","advisories":[],"bugzilla":"1875243","bugzilla_description":"CVE-2020-12426 Mozilla: Memory safety bugs fixed in Thunderbird 78","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12426.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-6514","severity":"important","public_date":"2020-07-14T00:00:00Z","advisories":["RHSA-2020:3377","RHSA-2020:3344","RHSA-2020:3345","RHSA-2020:3254","RHSA-2020:3342","RHSA-2020:3233","RHSA-2020:3343","RHSA-2020:3241","RHSA-2020:3253","RHSA-2020:3341","RHSA-2020:3229"],"bugzilla":"1857349","bugzilla_description":"CVE-2020-6514 chromium-browser: Inappropriate implementation in WebRTC","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["thunderbird-0:68.11.0-1.el7_8","firefox-0:68.11.0-1.el7_8","firefox-0:68.11.0-1.el8_2","firefox-0:68.11.0-1.el8_1","firefox-0:68.11.0-1.el6_10","chromium-browser-0:84.0.4147.105-2.el6_10","thunderbird-0:68.11.0-1.el8_0","firefox-0:68.11.0-1.el8_0","thunderbird-0:68.11.0-1.el6_10","thunderbird-0:68.11.0-1.el8_2","thunderbird-0:68.11.0-1.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6514.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2020-12412","severity":"moderate","public_date":"2020-07-09T00:00:00Z","advisories":[],"bugzilla":"1855560","bugzilla_description":"CVE-2020-12412 firefox: address bar spoof using history navigation and blocked ports","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-601","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12412.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H","cvss3_score":"7.3"},{"CVE":"CVE-2020-12417","severity":"important","public_date":"2020-06-30T00:00:00Z","advisories":["RHSA-2020:3038","RHSA-2020:2907","RHSA-2020:3046","RHSA-2020:2828","RHSA-2020:2906","RHSA-2020:2826","RHSA-2020:2827","RHSA-2020:2825"],"bugzilla":"1853014","bugzilla_description":"CVE-2020-12417 Mozilla: Memory corruption due to missing sign-extension for ValueTags on ARM64","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["firefox-0:68.10.0-1.el8_2","thunderbird-0:68.10.0-1.el8_2","thunderbird-0:68.10.0-1.el8_0","firefox-0:68.10.0-1.el7_8","thunderbird-0:68.10.0-1.el8_1","firefox-0:68.10.0-1.el8_0","thunderbird-0:68.10.0-1.el7_8","firefox-0:68.10.0-1.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12417.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-12418","severity":"important","public_date":"2020-06-30T00:00:00Z","advisories":["RHSA-2020:3038","RHSA-2020:2907","RHSA-2020:3046","RHSA-2020:2828","RHSA-2020:2906","RHSA-2020:2826","RHSA-2020:2827","RHSA-2020:2824","RHSA-2020:2825","RHSA-2020:2966"],"bugzilla":"1853015","bugzilla_description":"CVE-2020-12418 Mozilla: Information disclosure due to manipulated URL object","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["firefox-0:68.10.0-1.el8_2","thunderbird-0:68.10.0-1.el8_2","thunderbird-0:68.10.0-1.el8_0","firefox-0:68.10.0-1.el7_8","thunderbird-0:68.10.0-1.el8_1","firefox-0:68.10.0-1.el6_10","thunderbird-0:68.10.0-1.el6_10","firefox-0:68.10.0-1.el8_0","thunderbird-0:68.10.0-1.el7_8","firefox-0:68.10.0-1.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12418.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-12419","severity":"important","public_date":"2020-06-30T00:00:00Z","advisories":["RHSA-2020:3038","RHSA-2020:2907","RHSA-2020:3046","RHSA-2020:2828","RHSA-2020:2906","RHSA-2020:2826","RHSA-2020:2827","RHSA-2020:2824","RHSA-2020:2825","RHSA-2020:2966"],"bugzilla":"1853016","bugzilla_description":"CVE-2020-12419 Mozilla: Use-after-free in nsGlobalWindowInner","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:68.10.0-1.el8_2","thunderbird-0:68.10.0-1.el8_2","thunderbird-0:68.10.0-1.el8_0","firefox-0:68.10.0-1.el7_8","thunderbird-0:68.10.0-1.el8_1","firefox-0:68.10.0-1.el6_10","thunderbird-0:68.10.0-1.el6_10","firefox-0:68.10.0-1.el8_0","thunderbird-0:68.10.0-1.el7_8","firefox-0:68.10.0-1.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12419.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-12420","severity":"important","public_date":"2020-06-30T00:00:00Z","advisories":["RHSA-2020:3038","RHSA-2020:2907","RHSA-2020:3046","RHSA-2020:2828","RHSA-2020:2906","RHSA-2020:2826","RHSA-2020:2827","RHSA-2020:2824","RHSA-2020:2825","RHSA-2020:2966"],"bugzilla":"1853017","bugzilla_description":"CVE-2020-12420 Mozilla: Use-After-Free when trying to connect to a STUN server","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:68.10.0-1.el8_2","thunderbird-0:68.10.0-1.el8_2","thunderbird-0:68.10.0-1.el8_0","firefox-0:68.10.0-1.el7_8","thunderbird-0:68.10.0-1.el8_1","firefox-0:68.10.0-1.el6_10","thunderbird-0:68.10.0-1.el6_10","firefox-0:68.10.0-1.el8_0","thunderbird-0:68.10.0-1.el7_8","firefox-0:68.10.0-1.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12420.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-12421","severity":"moderate","public_date":"2020-06-30T00:00:00Z","advisories":["RHSA-2020:3038","RHSA-2020:2907","RHSA-2020:3046","RHSA-2020:2828","RHSA-2020:2906","RHSA-2020:2826","RHSA-2020:2827","RHSA-2020:2824","RHSA-2020:2825","RHSA-2020:2966"],"bugzilla":"1853018","bugzilla_description":"CVE-2020-12421 Mozilla: Add-On updates did not respect the same certificate trust rules as software updates","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-296","affected_packages":["firefox-0:68.10.0-1.el8_2","thunderbird-0:68.10.0-1.el8_2","thunderbird-0:68.10.0-1.el8_0","firefox-0:68.10.0-1.el7_8","thunderbird-0:68.10.0-1.el8_1","firefox-0:68.10.0-1.el6_10","thunderbird-0:68.10.0-1.el6_10","firefox-0:68.10.0-1.el8_0","thunderbird-0:68.10.0-1.el7_8","firefox-0:68.10.0-1.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12421.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2020-15646","severity":"important","public_date":"2020-06-30T00:00:00Z","advisories":["RHSA-2020:3038","RHSA-2020:2907","RHSA-2020:3046","RHSA-2020:2906","RHSA-2020:2966"],"bugzilla":"1854036","bugzilla_description":"CVE-2020-15646 Mozilla: Automatic account setup leaks Microsoft Exchange login credentials","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["thunderbird-0:68.10.0-1.el8_2","thunderbird-0:68.10.0-1.el8_0","thunderbird-0:68.10.0-1.el8_1","thunderbird-0:68.10.0-1.el6_10","thunderbird-0:68.10.0-1.el7_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15646.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-12410","severity":"important","public_date":"2020-06-02T00:00:00Z","advisories":["RHSA-2020:2378","RHSA-2020:2379","RHSA-2020:2381","RHSA-2020:2382","RHSA-2020:2615","RHSA-2020:2616","RHSA-2020:2380","RHSA-2020:2613","RHSA-2020:2614","RHSA-2020:2611"],"bugzilla":"1843030","bugzilla_description":"CVE-2020-12410 Mozilla: Memory safety bugs fixed in Firefox 77 and Firefox ESR 68.9","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["thunderbird-0:68.9.0-1.el8_2","thunderbird-0:68.9.0-1.el6_10","firefox-0:68.9.0-1.el6_10","thunderbird-0:68.9.0-1.el8_0","thunderbird-0:68.9.0-1.el8_1","thunderbird-0:68.9.0-1.el7_8","firefox-0:68.9.0-1.el7_8","firefox-0:68.9.0-1.el8_1","firefox-0:68.9.0-1.el8_0","firefox-0:68.9.0-1.el8_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12410.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-12406","severity":"important","public_date":"2020-06-02T00:00:00Z","advisories":["RHSA-2020:2378","RHSA-2020:2379","RHSA-2020:2381","RHSA-2020:2382","RHSA-2020:2615","RHSA-2020:2616","RHSA-2020:2380","RHSA-2020:2613","RHSA-2020:2614","RHSA-2020:2611"],"bugzilla":"1843312","bugzilla_description":"CVE-2020-12406 Mozilla: JavaScript Type confusion with NativeTypes","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-843","affected_packages":["thunderbird-0:68.9.0-1.el8_2","thunderbird-0:68.9.0-1.el6_10","firefox-0:68.9.0-1.el6_10","thunderbird-0:68.9.0-1.el8_0","thunderbird-0:68.9.0-1.el8_1","thunderbird-0:68.9.0-1.el7_8","firefox-0:68.9.0-1.el7_8","firefox-0:68.9.0-1.el8_1","firefox-0:68.9.0-1.el8_0","firefox-0:68.9.0-1.el8_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12406.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-12405","severity":"important","public_date":"2020-06-02T00:00:00Z","advisories":["RHSA-2020:2378","RHSA-2020:2379","RHSA-2020:2381","RHSA-2020:2382","RHSA-2020:2615","RHSA-2020:2616","RHSA-2020:2380","RHSA-2020:2613","RHSA-2020:2614","RHSA-2020:2611"],"bugzilla":"1843313","bugzilla_description":"CVE-2020-12405 Mozilla: Use-after-free in SharedWorkerService","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["thunderbird-0:68.9.0-1.el8_2","thunderbird-0:68.9.0-1.el6_10","firefox-0:68.9.0-1.el6_10","thunderbird-0:68.9.0-1.el8_0","thunderbird-0:68.9.0-1.el8_1","thunderbird-0:68.9.0-1.el7_8","firefox-0:68.9.0-1.el7_8","firefox-0:68.9.0-1.el8_1","firefox-0:68.9.0-1.el8_0","firefox-0:68.9.0-1.el8_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12405.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-12398","severity":"important","public_date":"2020-06-02T00:00:00Z","advisories":["RHSA-2020:2615","RHSA-2020:2616","RHSA-2020:2613","RHSA-2020:2614","RHSA-2020:2611"],"bugzilla":"1846556","bugzilla_description":"CVE-2020-12398 Mozilla: Security downgrade with IMAP STARTTLS leads to information leakage","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["thunderbird-0:68.9.0-1.el8_2","thunderbird-0:68.9.0-1.el6_10","thunderbird-0:68.9.0-1.el8_0","thunderbird-0:68.9.0-1.el8_1","thunderbird-0:68.9.0-1.el7_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12398.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-12399","severity":"moderate","public_date":"2020-05-21T00:00:00Z","advisories":[],"bugzilla":"1826177","bugzilla_description":"CVE-2020-12399 nss: Timing attack on DSA signature generation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-327","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12399.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2020-12387","severity":"critical","public_date":"2020-05-05T00:00:00Z","advisories":["RHSA-2020:2037","RHSA-2020:2048","RHSA-2020:2049","RHSA-2020:2046","RHSA-2020:2036","RHSA-2020:2047","RHSA-2020:2033","RHSA-2020:2031","RHSA-2020:2032","RHSA-2020:2050"],"bugzilla":"1831761","bugzilla_description":"CVE-2020-12387 Mozilla: Use-after-free during worker shutdown","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:68.8.0-1.el7_8","thunderbird-0:68.8.0-1.el8_0","firefox-0:68.8.0-1.el6_10","thunderbird-0:68.8.0-1.el7_8","firefox-0:68.8.0-1.el8_0","thunderbird-0:68.8.0-1.el8_2","firefox-0:68.8.0-1.el8_1","thunderbird-0:68.8.0-1.el6_10","firefox-0:68.8.0-1.el8_2","thunderbird-0:68.8.0-1.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12387.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-6831","severity":"important","public_date":"2020-05-05T00:00:00Z","advisories":["RHSA-2020:2037","RHSA-2020:2048","RHSA-2020:2049","RHSA-2020:2046","RHSA-2020:2036","RHSA-2020:2047","RHSA-2020:2033","RHSA-2020:2064","RHSA-2020:2031","RHSA-2020:2032","RHSA-2020:2050"],"bugzilla":"1831763","bugzilla_description":"CVE-2020-6831 usrsctp: Buffer overflow in AUTH chunk input validation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["firefox-0:68.8.0-1.el7_8","thunderbird-0:68.8.0-1.el8_0","chromium-browser-0:81.0.4044.138-1.el6_10","firefox-0:68.8.0-1.el6_10","thunderbird-0:68.8.0-1.el7_8","firefox-0:68.8.0-1.el8_0","thunderbird-0:68.8.0-1.el8_2","firefox-0:68.8.0-1.el8_1","thunderbird-0:68.8.0-1.el6_10","firefox-0:68.8.0-1.el8_2","thunderbird-0:68.8.0-1.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6831.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2020-12392","severity":"moderate","public_date":"2020-05-05T00:00:00Z","advisories":["RHSA-2020:2037","RHSA-2020:2048","RHSA-2020:2049","RHSA-2020:2046","RHSA-2020:2036","RHSA-2020:2047","RHSA-2020:2033","RHSA-2020:2031","RHSA-2020:2032","RHSA-2020:2050"],"bugzilla":"1831764","bugzilla_description":"CVE-2020-12392 Mozilla: Arbitrary local file access with 'Copy as cURL'","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-552","affected_packages":["firefox-0:68.8.0-1.el7_8","thunderbird-0:68.8.0-1.el8_0","firefox-0:68.8.0-1.el6_10","thunderbird-0:68.8.0-1.el7_8","firefox-0:68.8.0-1.el8_0","thunderbird-0:68.8.0-1.el8_2","firefox-0:68.8.0-1.el8_1","thunderbird-0:68.8.0-1.el6_10","firefox-0:68.8.0-1.el8_2","thunderbird-0:68.8.0-1.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12392.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2020-12395","severity":"critical","public_date":"2020-05-05T00:00:00Z","advisories":["RHSA-2020:2037","RHSA-2020:2048","RHSA-2020:2049","RHSA-2020:2046","RHSA-2020:2036","RHSA-2020:2047","RHSA-2020:2033","RHSA-2020:2031","RHSA-2020:2032","RHSA-2020:2050"],"bugzilla":"1831765","bugzilla_description":"CVE-2020-12395 Mozilla: Memory safety bugs fixed in Firefox 76 and Firefox ESR 68.8","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["firefox-0:68.8.0-1.el7_8","thunderbird-0:68.8.0-1.el8_0","firefox-0:68.8.0-1.el6_10","thunderbird-0:68.8.0-1.el7_8","firefox-0:68.8.0-1.el8_0","thunderbird-0:68.8.0-1.el8_2","firefox-0:68.8.0-1.el8_1","thunderbird-0:68.8.0-1.el6_10","firefox-0:68.8.0-1.el8_2","thunderbird-0:68.8.0-1.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12395.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2020-12393","severity":"moderate","public_date":"2020-05-05T00:00:00Z","advisories":[],"bugzilla":"1831946","bugzilla_description":"CVE-2020-12393 Mozilla: Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-552","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12393.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2020-12397","severity":"low","public_date":"2020-05-05T00:00:00Z","advisories":["RHSA-2020:2048","RHSA-2020:2049","RHSA-2020:2046","RHSA-2020:2047","RHSA-2020:2050"],"bugzilla":"1832565","bugzilla_description":"CVE-2020-12397 Mozilla: Sender Email Address Spoofing using encoded Unicode characters","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-172","affected_packages":["thunderbird-0:68.8.0-1.el8_0","thunderbird-0:68.8.0-1.el7_8","thunderbird-0:68.8.0-1.el8_2","thunderbird-0:68.8.0-1.el6_10","thunderbird-0:68.8.0-1.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12397.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2020-6463","severity":"important","public_date":"2020-04-21T00:00:00Z","advisories":["RHSA-2020:3344","RHSA-2020:3345","RHSA-2020:1970","RHSA-2020:3254","RHSA-2020:3342","RHSA-2020:3233","RHSA-2020:3343","RHSA-2020:3241","RHSA-2020:3253","RHSA-2020:3341","RHSA-2020:3229"],"bugzilla":"1840893","bugzilla_description":"CVE-2020-6463 chromium-browser: Use after free in ANGLE","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["thunderbird-0:68.11.0-1.el7_8","firefox-0:68.11.0-1.el7_8","firefox-0:68.11.0-1.el8_2","firefox-0:68.11.0-1.el8_1","firefox-0:68.11.0-1.el6_10","thunderbird-0:68.11.0-1.el8_0","firefox-0:68.11.0-1.el8_0","thunderbird-0:68.11.0-1.el6_10","thunderbird-0:68.11.0-1.el8_2","chromium-browser-0:81.0.4044.122-1.el6_10","thunderbird-0:68.11.0-1.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6463.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-6821","severity":"important","public_date":"2020-04-08T00:00:00Z","advisories":["RHSA-2020:1420","RHSA-2020:1496","RHSA-2020:1488","RHSA-2020:1495","RHSA-2020:1406","RHSA-2020:1429","RHSA-2020:1489","RHSA-2020:1404"],"bugzilla":"1821674","bugzilla_description":"CVE-2020-6821 Mozilla: Uninitialized memory could be read when using the WebGL copyTexSubImage method","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["firefox-0:68.7.0-2.el7_8","thunderbird-0:68.7.0-1.el8_0","thunderbird-0:68.7.0-1.el8_1","firefox-0:68.7.0-2.el8_0","thunderbird-0:68.7.0-1.el6_10","firefox-0:68.7.0-2.el6_10","thunderbird-0:68.7.0-1.el7_8","firefox-0:68.7.0-2.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6821.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2020-6822","severity":"moderate","public_date":"2020-04-08T00:00:00Z","advisories":["RHSA-2020:1420","RHSA-2020:1496","RHSA-2020:1488","RHSA-2020:1495","RHSA-2020:1406","RHSA-2020:1429","RHSA-2020:1489","RHSA-2020:1404"],"bugzilla":"1821676","bugzilla_description":"CVE-2020-6822 Mozilla: Out of bounds write in GMPDecodeData when processing large images","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["firefox-0:68.7.0-2.el7_8","thunderbird-0:68.7.0-1.el8_0","thunderbird-0:68.7.0-1.el8_1","firefox-0:68.7.0-2.el8_0","thunderbird-0:68.7.0-1.el6_10","firefox-0:68.7.0-2.el6_10","thunderbird-0:68.7.0-1.el7_8","firefox-0:68.7.0-2.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6822.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-6825","severity":"important","public_date":"2020-04-08T00:00:00Z","advisories":["RHSA-2020:1420","RHSA-2020:1496","RHSA-2020:1488","RHSA-2020:1495","RHSA-2020:1406","RHSA-2020:1429","RHSA-2020:1489","RHSA-2020:1404"],"bugzilla":"1821682","bugzilla_description":"CVE-2020-6825 Mozilla: Memory safety bugs fixed in Firefox 75 and Firefox ESR 68.7","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["firefox-0:68.7.0-2.el7_8","thunderbird-0:68.7.0-1.el8_0","thunderbird-0:68.7.0-1.el8_1","firefox-0:68.7.0-2.el8_0","thunderbird-0:68.7.0-1.el6_10","firefox-0:68.7.0-2.el6_10","thunderbird-0:68.7.0-1.el7_8","firefox-0:68.7.0-2.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6825.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2020-6819","severity":"critical","public_date":"2020-04-03T00:00:00Z","advisories":["RHSA-2020:1496","RHSA-2020:1488","RHSA-2020:1341","RHSA-2020:1495","RHSA-2020:1340","RHSA-2020:1339","RHSA-2020:1489","RHSA-2020:1338"],"bugzilla":"1820869","bugzilla_description":"CVE-2020-6819 Mozilla: Use-after-free while running the nsDocShell destructor","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:68.6.1-1.el6_10","firefox-0:68.6.1-1.el8_1","firefox-0:68.6.1-1.el8_0","thunderbird-0:68.7.0-1.el8_0","thunderbird-0:68.7.0-1.el8_1","thunderbird-0:68.7.0-1.el6_10","firefox-0:68.6.1-1.el7_8","thunderbird-0:68.7.0-1.el7_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6819.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-6820","severity":"critical","public_date":"2020-04-03T00:00:00Z","advisories":["RHSA-2020:1496","RHSA-2020:1488","RHSA-2020:1341","RHSA-2020:1495","RHSA-2020:1340","RHSA-2020:1339","RHSA-2020:1489","RHSA-2020:1338"],"bugzilla":"1820878","bugzilla_description":"CVE-2020-6820 Mozilla: Use-after-free when handling a ReadableStream","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:68.6.1-1.el6_10","firefox-0:68.6.1-1.el8_1","firefox-0:68.6.1-1.el8_0","thunderbird-0:68.7.0-1.el8_0","thunderbird-0:68.7.0-1.el8_1","thunderbird-0:68.7.0-1.el6_10","firefox-0:68.6.1-1.el7_8","thunderbird-0:68.7.0-1.el7_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6820.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-6805","severity":"important","public_date":"2020-03-10T00:00:00Z","advisories":["RHSA-2020:0919","RHSA-2020:0819","RHSA-2020:0918","RHSA-2020:0816","RHSA-2020:0914","RHSA-2020:0815","RHSA-2020:0905","RHSA-2020:0820"],"bugzilla":"1812199","bugzilla_description":"CVE-2020-6805 Mozilla: Use-after-free when removing data about origins","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["thunderbird-0:68.6.0-1.el7_7","thunderbird-0:68.6.0-1.el6_10","firefox-0:68.6.0-1.el7_7","firefox-0:68.6.0-1.el6_10","firefox-0:68.6.0-1.el8_1","thunderbird-0:68.6.0-1.el8_1","firefox-0:68.6.0-1.el8_0","thunderbird-0:68.6.0-1.el8_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6805.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-6806","severity":"important","public_date":"2020-03-10T00:00:00Z","advisories":["RHSA-2020:0919","RHSA-2020:0819","RHSA-2020:0918","RHSA-2020:0816","RHSA-2020:0914","RHSA-2020:0815","RHSA-2020:0905","RHSA-2020:0820"],"bugzilla":"1812200","bugzilla_description":"CVE-2020-6806 Mozilla: BodyStream::OnInputStreamReady was missing protections against state confusion","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["thunderbird-0:68.6.0-1.el7_7","thunderbird-0:68.6.0-1.el6_10","firefox-0:68.6.0-1.el7_7","firefox-0:68.6.0-1.el6_10","firefox-0:68.6.0-1.el8_1","thunderbird-0:68.6.0-1.el8_1","firefox-0:68.6.0-1.el8_0","thunderbird-0:68.6.0-1.el8_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6806.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-6807","severity":"important","public_date":"2020-03-10T00:00:00Z","advisories":["RHSA-2020:0919","RHSA-2020:0819","RHSA-2020:0918","RHSA-2020:0816","RHSA-2020:0914","RHSA-2020:0815","RHSA-2020:0905","RHSA-2020:0820"],"bugzilla":"1812201","bugzilla_description":"CVE-2020-6807 Mozilla: Use-after-free in cubeb during stream destruction","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["thunderbird-0:68.6.0-1.el7_7","thunderbird-0:68.6.0-1.el6_10","firefox-0:68.6.0-1.el7_7","firefox-0:68.6.0-1.el6_10","firefox-0:68.6.0-1.el8_1","thunderbird-0:68.6.0-1.el8_1","firefox-0:68.6.0-1.el8_0","thunderbird-0:68.6.0-1.el8_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6807.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-6811","severity":"moderate","public_date":"2020-03-10T00:00:00Z","advisories":["RHSA-2020:0919","RHSA-2020:0819","RHSA-2020:0918","RHSA-2020:0816","RHSA-2020:0914","RHSA-2020:0815","RHSA-2020:0905","RHSA-2020:0820"],"bugzilla":"1812202","bugzilla_description":"CVE-2020-6811 Mozilla: Devtools' 'Copy as cURL' feature did not fully escape website-controlled data, potentially leading to command injection","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->CWE-78","affected_packages":["thunderbird-0:68.6.0-1.el7_7","thunderbird-0:68.6.0-1.el6_10","firefox-0:68.6.0-1.el7_7","firefox-0:68.6.0-1.el6_10","firefox-0:68.6.0-1.el8_1","thunderbird-0:68.6.0-1.el8_1","firefox-0:68.6.0-1.el8_0","thunderbird-0:68.6.0-1.el8_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6811.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-20503","severity":"moderate","public_date":"2020-03-10T00:00:00Z","advisories":["RHSA-2020:0919","RHSA-2020:0819","RHSA-2020:0918","RHSA-2020:0816","RHSA-2020:0914","RHSA-2020:0815","RHSA-2020:0905","RHSA-2020:1270","RHSA-2020:0820"],"bugzilla":"1812203","bugzilla_description":"CVE-2019-20503 usrsctp: Out of bounds reads in sctp_load_addresses_from_init()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["thunderbird-0:68.6.0-1.el7_7","thunderbird-0:68.6.0-1.el6_10","firefox-0:68.6.0-1.el7_7","chromium-browser-0:80.0.3987.149-1.el6_10","firefox-0:68.6.0-1.el6_10","firefox-0:68.6.0-1.el8_1","thunderbird-0:68.6.0-1.el8_1","firefox-0:68.6.0-1.el8_0","thunderbird-0:68.6.0-1.el8_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20503.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2020-6812","severity":"moderate","public_date":"2020-03-10T00:00:00Z","advisories":["RHSA-2020:0919","RHSA-2020:0819","RHSA-2020:0918","RHSA-2020:0816","RHSA-2020:0914","RHSA-2020:0815","RHSA-2020:0905","RHSA-2020:0820"],"bugzilla":"1812204","bugzilla_description":"CVE-2020-6812 Mozilla: The names of AirPods with personally identifiable information were exposed to websites with camera or microphone permission","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["thunderbird-0:68.6.0-1.el7_7","thunderbird-0:68.6.0-1.el6_10","firefox-0:68.6.0-1.el7_7","firefox-0:68.6.0-1.el6_10","firefox-0:68.6.0-1.el8_1","thunderbird-0:68.6.0-1.el8_1","firefox-0:68.6.0-1.el8_0","thunderbird-0:68.6.0-1.el8_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6812.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2020-6814","severity":"important","public_date":"2020-03-10T00:00:00Z","advisories":["RHSA-2020:0919","RHSA-2020:0819","RHSA-2020:0918","RHSA-2020:0816","RHSA-2020:0914","RHSA-2020:0815","RHSA-2020:0905","RHSA-2020:0820"],"bugzilla":"1812205","bugzilla_description":"CVE-2020-6814 Mozilla: Memory safety bugs fixed in Firefox 74 and Firefox ESR 68.6","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["thunderbird-0:68.6.0-1.el7_7","thunderbird-0:68.6.0-1.el6_10","firefox-0:68.6.0-1.el7_7","firefox-0:68.6.0-1.el6_10","firefox-0:68.6.0-1.el8_1","thunderbird-0:68.6.0-1.el8_1","firefox-0:68.6.0-1.el8_0","thunderbird-0:68.6.0-1.el8_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6814.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2020-6797","severity":"moderate","public_date":"2020-02-11T00:00:00Z","advisories":[],"bugzilla":"1801917","bugzilla_description":"CVE-2020-6797 Mozilla: Extensions granted downloads.open permission could open arbitrary applications on Mac OSX","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-250","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6797.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2020-6798","severity":"moderate","public_date":"2020-02-11T00:00:00Z","advisories":["RHSA-2020:0520","RHSA-2020:0574","RHSA-2020:0519","RHSA-2020:0577","RHSA-2020:0521","RHSA-2020:0576","RHSA-2020:0565","RHSA-2020:0512"],"bugzilla":"1801918","bugzilla_description":"CVE-2020-6798 Mozilla: Incorrect parsing of template tag could result in JavaScript injection","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":["firefox-0:68.5.0-2.el8_0","firefox-0:68.5.0-2.el8_1","thunderbird-0:68.5.0-1.el8_1","thunderbird-0:68.5.0-1.el8_0","firefox-0:68.5.0-2.el7_7","thunderbird-0:68.5.0-1.el6_10","firefox-0:68.5.0-2.el6_10","thunderbird-0:68.5.0-1.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6798.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2020-6800","severity":"important","public_date":"2020-02-11T00:00:00Z","advisories":["RHSA-2020:0520","RHSA-2020:0574","RHSA-2020:0519","RHSA-2020:0577","RHSA-2020:0521","RHSA-2020:0576","RHSA-2020:0565","RHSA-2020:0512"],"bugzilla":"1801920","bugzilla_description":"CVE-2020-6800 Mozilla: Memory safety bugs fixed in Firefox 73 and Firefox ESR 68.5","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["firefox-0:68.5.0-2.el8_0","firefox-0:68.5.0-2.el8_1","thunderbird-0:68.5.0-1.el8_1","thunderbird-0:68.5.0-1.el8_0","firefox-0:68.5.0-2.el7_7","thunderbird-0:68.5.0-1.el6_10","firefox-0:68.5.0-2.el6_10","thunderbird-0:68.5.0-1.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6800.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-6793","severity":"moderate","public_date":"2020-02-11T00:00:00Z","advisories":["RHSA-2020:0574","RHSA-2020:0577","RHSA-2020:0576","RHSA-2020:0565"],"bugzilla":"1801955","bugzilla_description":"CVE-2020-6793 Mozilla: Out-of-bounds read when processing certain email messages","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["thunderbird-0:68.5.0-1.el8_1","thunderbird-0:68.5.0-1.el8_0","thunderbird-0:68.5.0-1.el6_10","thunderbird-0:68.5.0-1.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6793.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2020-6794","severity":"moderate","public_date":"2020-02-11T00:00:00Z","advisories":["RHSA-2020:0574","RHSA-2020:0577","RHSA-2020:0576","RHSA-2020:0565"],"bugzilla":"1801956","bugzilla_description":"CVE-2020-6794 Mozilla: Setting a master password post-Thunderbird 52 does not delete unencrypted previously stored passwords","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-312","affected_packages":["thunderbird-0:68.5.0-1.el8_1","thunderbird-0:68.5.0-1.el8_0","thunderbird-0:68.5.0-1.el6_10","thunderbird-0:68.5.0-1.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6794.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2020-6795","severity":"moderate","public_date":"2020-02-11T00:00:00Z","advisories":["RHSA-2020:0574","RHSA-2020:0577","RHSA-2020:0576","RHSA-2020:0565"],"bugzilla":"1801957","bugzilla_description":"CVE-2020-6795 Mozilla: Crash processing S/MIME messages with multiple signatures","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":["thunderbird-0:68.5.0-1.el8_1","thunderbird-0:68.5.0-1.el8_0","thunderbird-0:68.5.0-1.el6_10","thunderbird-0:68.5.0-1.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6795.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2020-6792","severity":"low","public_date":"2020-02-11T00:00:00Z","advisories":["RHSA-2020:0574","RHSA-2020:0577","RHSA-2020:0576","RHSA-2020:0565"],"bugzilla":"1801958","bugzilla_description":"CVE-2020-6792 Mozilla: Message ID calculation was based on uninitialized data","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-456","affected_packages":["thunderbird-0:68.5.0-1.el8_1","thunderbird-0:68.5.0-1.el8_0","thunderbird-0:68.5.0-1.el6_10","thunderbird-0:68.5.0-1.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6792.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"3.1"},{"CVE":"CVE-2019-20446","severity":"moderate","public_date":"2020-02-02T00:00:00Z","advisories":[],"bugzilla":"1797608","bugzilla_description":"CVE-2019-20446 librsvg: Resource exhaustion via crafted SVG file with nested patterns","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20446.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-17020","severity":"important","public_date":"2020-01-14T00:00:00Z","advisories":[],"bugzilla":"1790800","bugzilla_description":"CVE-2019-17020 Mozilla: Content Security Policy bypass for XSL stylesheet","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17020.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2020-6750","severity":"moderate","public_date":"2020-01-09T00:00:00Z","advisories":[],"bugzilla":"1790288","bugzilla_description":"CVE-2020-6750 glib: Mishandling of proxy_addr field in GSocketClient may lead to proxy being ignored","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-6750.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N","cvss3_score":"6.8"},{"CVE":"CVE-2019-17026","severity":"critical","public_date":"2020-01-08T00:00:00Z","advisories":["RHSA-2020:0111","RHSA-2020:0123","RHSA-2020:0085","RHSA-2020:0120","RHSA-2020:0086","RHSA-2020:0295","RHSA-2020:0292","RHSA-2020:0127"],"bugzilla":"1789214","bugzilla_description":"CVE-2019-17026 Mozilla: IonMonkey type confusion with StoreElementHole and FallibleStoreElement","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-843","affected_packages":["thunderbird-0:68.4.1-2.el6_10","firefox-0:68.4.1-1.el6_10","thunderbird-0:68.4.1-2.el7_7","thunderbird-0:68.4.1-2.el8_0","firefox-0:68.4.1-1.el8_0","firefox-0:68.4.1-1.el8_1","thunderbird-0:68.4.1-2.el8_1","firefox-0:68.4.1-1.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17026.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-17015","severity":"important","public_date":"2020-01-07T00:00:00Z","advisories":[],"bugzilla":"1788722","bugzilla_description":"CVE-2019-17015 Mozilla: Memory corruption in parent process during new content process initialization on Windows","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17015.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-17016","severity":"important","public_date":"2020-01-07T00:00:00Z","advisories":["RHSA-2020:0111","RHSA-2020:0123","RHSA-2020:0085","RHSA-2020:0120","RHSA-2020:0086","RHSA-2020:0295","RHSA-2020:0292","RHSA-2020:0127"],"bugzilla":"1788723","bugzilla_description":"CVE-2019-17016 Mozilla: Bypass of @namespace CSS sanitization during pasting","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":["thunderbird-0:68.4.1-2.el6_10","firefox-0:68.4.1-1.el6_10","thunderbird-0:68.4.1-2.el7_7","thunderbird-0:68.4.1-2.el8_0","firefox-0:68.4.1-1.el8_0","firefox-0:68.4.1-1.el8_1","thunderbird-0:68.4.1-2.el8_1","firefox-0:68.4.1-1.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17016.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-17017","severity":"important","public_date":"2020-01-07T00:00:00Z","advisories":["RHSA-2020:0111","RHSA-2020:0123","RHSA-2020:0085","RHSA-2020:0120","RHSA-2020:0086","RHSA-2020:0295","RHSA-2020:0292","RHSA-2020:0127"],"bugzilla":"1788724","bugzilla_description":"CVE-2019-17017 Mozilla: Type Confusion in XPCVariant.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-843","affected_packages":["thunderbird-0:68.4.1-2.el6_10","firefox-0:68.4.1-1.el6_10","thunderbird-0:68.4.1-2.el7_7","thunderbird-0:68.4.1-2.el8_0","firefox-0:68.4.1-1.el8_0","firefox-0:68.4.1-1.el8_1","thunderbird-0:68.4.1-2.el8_1","firefox-0:68.4.1-1.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17017.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-17021","severity":"moderate","public_date":"2020-01-07T00:00:00Z","advisories":[],"bugzilla":"1788725","bugzilla_description":"CVE-2019-17021 Mozilla: Heap address disclosure in parent process during content process initialization on Windows","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17021.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-17022","severity":"moderate","public_date":"2020-01-07T00:00:00Z","advisories":["RHSA-2020:0111","RHSA-2020:0123","RHSA-2020:0085","RHSA-2020:0120","RHSA-2020:0086","RHSA-2020:0295","RHSA-2020:0292","RHSA-2020:0127"],"bugzilla":"1788726","bugzilla_description":"CVE-2019-17022 Mozilla: CSS sanitization does not escape HTML tags","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":["thunderbird-0:68.4.1-2.el6_10","firefox-0:68.4.1-1.el6_10","thunderbird-0:68.4.1-2.el7_7","thunderbird-0:68.4.1-2.el8_0","firefox-0:68.4.1-1.el8_0","firefox-0:68.4.1-1.el8_1","thunderbird-0:68.4.1-2.el8_1","firefox-0:68.4.1-1.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17022.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-17024","severity":"important","public_date":"2020-01-07T00:00:00Z","advisories":["RHSA-2020:0111","RHSA-2020:0123","RHSA-2020:0085","RHSA-2020:0120","RHSA-2020:0086","RHSA-2020:0295","RHSA-2020:0292","RHSA-2020:0127"],"bugzilla":"1788727","bugzilla_description":"CVE-2019-17024 Mozilla: Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["thunderbird-0:68.4.1-2.el6_10","firefox-0:68.4.1-1.el6_10","thunderbird-0:68.4.1-2.el7_7","thunderbird-0:68.4.1-2.el8_0","firefox-0:68.4.1-1.el8_0","firefox-0:68.4.1-1.el8_1","thunderbird-0:68.4.1-2.el8_1","firefox-0:68.4.1-1.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17024.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-17008","severity":"important","public_date":"2019-12-03T00:00:00Z","advisories":["RHSA-2019:4205","RHSA-2019:4107","RHSA-2019:4108","RHSA-2019:4148","RHSA-2020:0295","RHSA-2020:0292","RHSA-2019:4111","RHSA-2019:4195"],"bugzilla":"1779431","bugzilla_description":"CVE-2019-17008 Mozilla: Use-after-free in worker destruction","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["thunderbird-0:68.3.0-2.el8_1","thunderbird-0:68.3.0-3.el6_10","firefox-0:68.3.0-1.el7_7","thunderbird-0:68.3.0-1.el7_7","thunderbird-0:68.4.1-2.el8_0","firefox-0:68.4.1-1.el8_0","firefox-0:68.3.0-1.el6_10","firefox-0:68.3.0-1.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17008.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-13722","severity":"important","public_date":"2019-12-03T00:00:00Z","advisories":[],"bugzilla":"1779432","bugzilla_description":"CVE-2019-13722 Mozilla: Stack corruption due to incorrect number of arguments in WebRTC code","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-628->CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13722.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-17009","severity":"moderate","public_date":"2019-12-03T00:00:00Z","advisories":[],"bugzilla":"1779433","bugzilla_description":"CVE-2019-17009 Mozilla: Updater temporary files accessible to unprivileged processes","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-377","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17009.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-17010","severity":"moderate","public_date":"2019-12-03T00:00:00Z","advisories":["RHSA-2019:4205","RHSA-2019:4107","RHSA-2019:4108","RHSA-2019:4148","RHSA-2020:0295","RHSA-2020:0292","RHSA-2019:4111","RHSA-2019:4195"],"bugzilla":"1779434","bugzilla_description":"CVE-2019-17010 Mozilla: Use-after-free when performing device orientation checks","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["thunderbird-0:68.3.0-2.el8_1","thunderbird-0:68.3.0-3.el6_10","firefox-0:68.3.0-1.el7_7","thunderbird-0:68.3.0-1.el7_7","thunderbird-0:68.4.1-2.el8_0","firefox-0:68.4.1-1.el8_0","firefox-0:68.3.0-1.el6_10","firefox-0:68.3.0-1.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17010.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-17005","severity":"moderate","public_date":"2019-12-03T00:00:00Z","advisories":["RHSA-2019:4205","RHSA-2019:4107","RHSA-2019:4108","RHSA-2019:4148","RHSA-2020:0295","RHSA-2020:0292","RHSA-2019:4111","RHSA-2019:4195"],"bugzilla":"1779435","bugzilla_description":"CVE-2019-17005 Mozilla: Buffer overflow in plain text serializer","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["thunderbird-0:68.3.0-2.el8_1","thunderbird-0:68.3.0-3.el6_10","firefox-0:68.3.0-1.el7_7","thunderbird-0:68.3.0-1.el7_7","thunderbird-0:68.4.1-2.el8_0","firefox-0:68.4.1-1.el8_0","firefox-0:68.3.0-1.el6_10","firefox-0:68.3.0-1.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17005.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-17011","severity":"moderate","public_date":"2019-12-03T00:00:00Z","advisories":["RHSA-2019:4205","RHSA-2019:4107","RHSA-2019:4108","RHSA-2019:4148","RHSA-2020:0295","RHSA-2020:0292","RHSA-2019:4111","RHSA-2019:4195"],"bugzilla":"1779436","bugzilla_description":"CVE-2019-17011 Mozilla: Use-after-free when retrieving a document in antitracking","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["thunderbird-0:68.3.0-2.el8_1","thunderbird-0:68.3.0-3.el6_10","firefox-0:68.3.0-1.el7_7","thunderbird-0:68.3.0-1.el7_7","thunderbird-0:68.4.1-2.el8_0","firefox-0:68.4.1-1.el8_0","firefox-0:68.3.0-1.el6_10","firefox-0:68.3.0-1.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17011.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-17012","severity":"important","public_date":"2019-12-03T00:00:00Z","advisories":["RHSA-2019:4205","RHSA-2019:4107","RHSA-2019:4108","RHSA-2019:4148","RHSA-2020:0295","RHSA-2020:0292","RHSA-2019:4111","RHSA-2019:4195"],"bugzilla":"1779437","bugzilla_description":"CVE-2019-17012 Mozilla: Memory safety bugs fixed in Firefox 71 and Firefox ESR 68.3","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["thunderbird-0:68.3.0-2.el8_1","thunderbird-0:68.3.0-3.el6_10","firefox-0:68.3.0-1.el7_7","thunderbird-0:68.3.0-1.el7_7","thunderbird-0:68.4.1-2.el8_0","firefox-0:68.4.1-1.el8_0","firefox-0:68.3.0-1.el6_10","firefox-0:68.3.0-1.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17012.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-11745","severity":"important","public_date":"2019-11-21T00:00:00Z","advisories":["RHSA-2020:0243","RHSA-2019:4190","RHSA-2020:1345","RHSA-2020:1267","RHSA-2019:4114","RHSA-2020:1461","RHSA-2019:4152","RHSA-2020:0466"],"bugzilla":"1774831","bugzilla_description":"CVE-2019-11745 nss: Out-of-bounds write when passing an output buffer smaller than the block size to NSC_EncryptUpdate","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":["nss-0:3.44.0-8.el8_0","nss-softokn-0:3.36.0-6.el7_5","nss-softokn-0:3.36.0-6.el7_6","nss-softokn-0:3.28.3-9.el7_4","nss-0:3.44.0-7.el7_7","nss-softokn-0:3.14.3-23.el6_6","nss-0:3.44.0-9.el8_1","nss-softokn-0:3.44.0-6.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11745.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2019-11757","severity":"important","public_date":"2019-10-22T00:00:00Z","advisories":["RHSA-2019:3237","RHSA-2019:3756","RHSA-2019:3210","RHSA-2019:3196","RHSA-2019:3281","RHSA-2019:3193"],"bugzilla":"1764438","bugzilla_description":"CVE-2019-11757 Mozilla: Use-after-free when creating index updates in IndexedDB","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["thunderbird-0:68.2.0-2.el6_10","thunderbird-0:68.2.0-1.el8_0","firefox-0:68.2.0-2.el8_0","firefox-0:68.2.0-4.el6_10","thunderbird-0:68.2.0-1.el7_7","firefox-0:68.2.0-1.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11757.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-11758","severity":"important","public_date":"2019-10-22T00:00:00Z","advisories":["RHSA-2019:3237","RHSA-2019:3756","RHSA-2019:3210","RHSA-2019:3196","RHSA-2019:3281","RHSA-2019:3193"],"bugzilla":"1764439","bugzilla_description":"CVE-2019-11758 Mozilla: Potentially exploitable crash due to 360 Total Security","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["thunderbird-0:68.2.0-2.el6_10","thunderbird-0:68.2.0-1.el8_0","firefox-0:68.2.0-2.el8_0","firefox-0:68.2.0-4.el6_10","thunderbird-0:68.2.0-1.el7_7","firefox-0:68.2.0-1.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11758.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-11759","severity":"moderate","public_date":"2019-10-22T00:00:00Z","advisories":["RHSA-2019:3237","RHSA-2019:3756","RHSA-2019:3210","RHSA-2019:3196","RHSA-2019:3281","RHSA-2019:3193"],"bugzilla":"1764440","bugzilla_description":"CVE-2019-11759 Mozilla: Stack buffer overflow in HKDF output","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["thunderbird-0:68.2.0-2.el6_10","thunderbird-0:68.2.0-1.el8_0","firefox-0:68.2.0-2.el8_0","firefox-0:68.2.0-4.el6_10","thunderbird-0:68.2.0-1.el7_7","firefox-0:68.2.0-1.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11759.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-11760","severity":"moderate","public_date":"2019-10-22T00:00:00Z","advisories":["RHSA-2019:3237","RHSA-2019:3756","RHSA-2019:3210","RHSA-2019:3196","RHSA-2019:3281","RHSA-2019:3193"],"bugzilla":"1764441","bugzilla_description":"CVE-2019-11760 Mozilla: Stack buffer overflow in WebRTC networking","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["thunderbird-0:68.2.0-2.el6_10","thunderbird-0:68.2.0-1.el8_0","firefox-0:68.2.0-2.el8_0","firefox-0:68.2.0-4.el6_10","thunderbird-0:68.2.0-1.el7_7","firefox-0:68.2.0-1.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11760.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-11761","severity":"moderate","public_date":"2019-10-22T00:00:00Z","advisories":["RHSA-2019:3237","RHSA-2019:3756","RHSA-2019:3210","RHSA-2019:3196","RHSA-2019:3281","RHSA-2019:3193"],"bugzilla":"1764442","bugzilla_description":"CVE-2019-11761 Mozilla: Unintended access to a privileged JSONView object","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-749","affected_packages":["thunderbird-0:68.2.0-2.el6_10","thunderbird-0:68.2.0-1.el8_0","firefox-0:68.2.0-2.el8_0","firefox-0:68.2.0-4.el6_10","thunderbird-0:68.2.0-1.el7_7","firefox-0:68.2.0-1.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11761.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","cvss3_score":"5.4"},{"CVE":"CVE-2019-11762","severity":"moderate","public_date":"2019-10-22T00:00:00Z","advisories":["RHSA-2019:3237","RHSA-2019:3756","RHSA-2019:3210","RHSA-2019:3196","RHSA-2019:3281","RHSA-2019:3193"],"bugzilla":"1764443","bugzilla_description":"CVE-2019-11762 Mozilla: document.domain-based origin isolation has same-origin-property violation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-829","affected_packages":["thunderbird-0:68.2.0-2.el6_10","thunderbird-0:68.2.0-1.el8_0","firefox-0:68.2.0-2.el8_0","firefox-0:68.2.0-4.el6_10","thunderbird-0:68.2.0-1.el7_7","firefox-0:68.2.0-1.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11762.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-11763","severity":"moderate","public_date":"2019-10-22T00:00:00Z","advisories":["RHSA-2019:3237","RHSA-2019:3756","RHSA-2019:3210","RHSA-2019:3196","RHSA-2019:3281","RHSA-2019:3193"],"bugzilla":"1764444","bugzilla_description":"CVE-2019-11763 Mozilla: Incorrect HTML parsing results in XSS bypass technique","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":["thunderbird-0:68.2.0-2.el6_10","thunderbird-0:68.2.0-1.el8_0","firefox-0:68.2.0-2.el8_0","firefox-0:68.2.0-4.el6_10","thunderbird-0:68.2.0-1.el7_7","firefox-0:68.2.0-1.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11763.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-11764","severity":"critical","public_date":"2019-10-22T00:00:00Z","advisories":["RHSA-2019:3237","RHSA-2019:3756","RHSA-2019:3210","RHSA-2019:3196","RHSA-2019:3281","RHSA-2019:3193"],"bugzilla":"1764446","bugzilla_description":"CVE-2019-11764 Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["thunderbird-0:68.2.0-2.el6_10","thunderbird-0:68.2.0-1.el8_0","firefox-0:68.2.0-2.el8_0","firefox-0:68.2.0-4.el6_10","thunderbird-0:68.2.0-1.el7_7","firefox-0:68.2.0-1.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11764.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-11755","severity":"moderate","public_date":"2019-09-30T00:00:00Z","advisories":[],"bugzilla":"1762818","bugzilla_description":"CVE-2019-11755 thunderbird: spoofing a message author via a crafted S/MIME","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-290","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11755.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2019-11739","severity":"important","public_date":"2019-09-15T00:00:00Z","advisories":["RHSA-2019:2773","RHSA-2019:2774","RHSA-2019:2807"],"bugzilla":"1752307","bugzilla_description":"CVE-2019-11739 Mozilla: Covert Content Attack on S/MIME encryption using a crafted multipart/alternative message","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-356","affected_packages":["thunderbird-0:60.9.0-1.el6_10","thunderbird-0:60.9.0-1.el7_7","thunderbird-0:60.9.0-2.el8_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11739.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2019-15903","severity":"low","public_date":"2019-09-04T00:00:00Z","advisories":["RHSA-2020:3952","RHSA-2019:3237","RHSA-2019:3756","RHSA-2019:3210","RHSA-2019:3196","RHSA-2020:2646","RHSA-2020:2644","RHSA-2019:3193"],"bugzilla":"1752592","bugzilla_description":"CVE-2019-15903 expat: heap-based buffer over-read via crafted XML input","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-122|CWE-125)","affected_packages":["thunderbird-0:68.2.0-2.el6_10","thunderbird-0:68.2.0-1.el8_0","firefox-0:68.2.0-2.el8_0","thunderbird-0:68.2.0-1.el7_7","expat-0:2.1.0-12.el7","firefox-0:68.2.0-1.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15903.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2019-11740","severity":"important","public_date":"2019-09-03T00:00:00Z","advisories":["RHSA-2019:2773","RHSA-2019:2663","RHSA-2019:2694","RHSA-2019:2774","RHSA-2019:2807","RHSA-2019:2729"],"bugzilla":"1748652","bugzilla_description":"CVE-2019-11740 Mozilla: Memory safety bugs fixed in Firefox 69, Firefox ESR 68.1, Firefox ESR 60.9, Thunderbird 68.1, and Thunderbird 60.9","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["thunderbird-0:60.9.0-1.el6_10","firefox-0:60.9.0-1.el7_7","thunderbird-0:60.9.0-1.el7_7","firefox-0:60.9.0-1.el6_10","thunderbird-0:60.9.0-2.el8_0","firefox-0:68.1.0-1.el8_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11740.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-11742","severity":"important","public_date":"2019-09-03T00:00:00Z","advisories":["RHSA-2019:2773","RHSA-2019:2663","RHSA-2019:2694","RHSA-2019:2774","RHSA-2019:2807","RHSA-2019:2729"],"bugzilla":"1748653","bugzilla_description":"CVE-2019-11742 Mozilla: Same-origin policy violation with SVG filters and canvas to steal cross-origin images","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-829","affected_packages":["thunderbird-0:60.9.0-1.el6_10","firefox-0:60.9.0-1.el7_7","thunderbird-0:60.9.0-1.el7_7","firefox-0:60.9.0-1.el6_10","thunderbird-0:60.9.0-2.el8_0","firefox-0:68.1.0-1.el8_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11742.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-11743","severity":"moderate","public_date":"2019-09-03T00:00:00Z","advisories":["RHSA-2019:2773","RHSA-2019:2663","RHSA-2019:2694","RHSA-2019:2774","RHSA-2019:2807","RHSA-2019:2729"],"bugzilla":"1748654","bugzilla_description":"CVE-2019-11743 Mozilla: Cross-origin access to unload event attributes","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-829","affected_packages":["thunderbird-0:60.9.0-1.el6_10","firefox-0:60.9.0-1.el7_7","thunderbird-0:60.9.0-1.el7_7","firefox-0:60.9.0-1.el6_10","thunderbird-0:60.9.0-2.el8_0","firefox-0:68.1.0-1.el8_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11743.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-11744","severity":"important","public_date":"2019-09-03T00:00:00Z","advisories":["RHSA-2019:2773","RHSA-2019:2663","RHSA-2019:2694","RHSA-2019:2774","RHSA-2019:2807","RHSA-2019:2729"],"bugzilla":"1748655","bugzilla_description":"CVE-2019-11744 Mozilla: XSS by breaking out of title and textarea elements using innerHTML","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":["thunderbird-0:60.9.0-1.el6_10","firefox-0:60.9.0-1.el7_7","thunderbird-0:60.9.0-1.el7_7","firefox-0:60.9.0-1.el6_10","thunderbird-0:60.9.0-2.el8_0","firefox-0:68.1.0-1.el8_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11744.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-11746","severity":"important","public_date":"2019-09-03T00:00:00Z","advisories":["RHSA-2019:2773","RHSA-2019:2663","RHSA-2019:2694","RHSA-2019:2774","RHSA-2019:2807","RHSA-2019:2729"],"bugzilla":"1748656","bugzilla_description":"CVE-2019-11746 Mozilla: Use-after-free while manipulating video","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["thunderbird-0:60.9.0-1.el6_10","firefox-0:60.9.0-1.el7_7","thunderbird-0:60.9.0-1.el7_7","firefox-0:60.9.0-1.el6_10","thunderbird-0:60.9.0-2.el8_0","firefox-0:68.1.0-1.el8_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11746.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-11752","severity":"important","public_date":"2019-09-03T00:00:00Z","advisories":["RHSA-2019:2773","RHSA-2019:2663","RHSA-2019:2694","RHSA-2019:2774","RHSA-2019:2807","RHSA-2019:2729"],"bugzilla":"1748657","bugzilla_description":"CVE-2019-11752 Mozilla: Use-after-free while extracting a key value in IndexedDB","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["thunderbird-0:60.9.0-1.el6_10","firefox-0:60.9.0-1.el7_7","thunderbird-0:60.9.0-1.el7_7","firefox-0:60.9.0-1.el6_10","thunderbird-0:60.9.0-2.el8_0","firefox-0:68.1.0-1.el8_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11752.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2015-9382","severity":"moderate","public_date":"2019-09-03T00:00:00Z","advisories":["RHSA-2018:3140","RHSA-2019:4254"],"bugzilla":"1763609","bugzilla_description":"CVE-2015-9382 freetype: mishandling ps_parser_skip_PS_token in an FT_New_Memory_Face operation in skip_comment, psaux/psobjs.c, leads to a buffer over-read","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["freetype-0:2.8-12.el7","freetype-0:2.3.11-19.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-9382.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2015-9383","severity":"moderate","public_date":"2019-09-03T00:00:00Z","advisories":[],"bugzilla":"1763613","bugzilla_description":"CVE-2015-9383 freetype: a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c may lead to a DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-9383.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-20454","severity":"moderate","public_date":"2019-07-28T00:00:00Z","advisories":["RHSA-2020:3662"],"bugzilla":"1735494","bugzilla_description":"CVE-2019-20454 pcre: Out of bounds read in JIT mode when \\X is used in non-UTF mode","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["php:7.3-8020020200715124551.ceb1cf90"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20454.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-11709","severity":"critical","public_date":"2019-07-10T00:00:00Z","advisories":["RHSA-2019:1765","RHSA-2019:1775","RHSA-2019:1764","RHSA-2019:1763","RHSA-2019:1777","RHSA-2019:1799"],"bugzilla":"1728430","bugzilla_description":"CVE-2019-11709 Mozilla: Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["firefox-0:60.8.0-1.el7_6","thunderbird-0:60.8.0-1.el8_0","thunderbird-0:60.8.0-1.el6_10","thunderbird-0:60.8.0-1.el7_6","firefox-0:60.8.0-1.el8_0","firefox-0:60.8.0-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11709.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-11711","severity":"important","public_date":"2019-07-10T00:00:00Z","advisories":["RHSA-2019:1765","RHSA-2019:1775","RHSA-2019:1764","RHSA-2019:1763","RHSA-2019:1777","RHSA-2019:1799"],"bugzilla":"1728431","bugzilla_description":"CVE-2019-11711 Mozilla: Script injection within domain through inner window reuse","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-212","affected_packages":["firefox-0:60.8.0-1.el7_6","thunderbird-0:60.8.0-1.el8_0","thunderbird-0:60.8.0-1.el6_10","thunderbird-0:60.8.0-1.el7_6","firefox-0:60.8.0-1.el8_0","firefox-0:60.8.0-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11711.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-11712","severity":"important","public_date":"2019-07-10T00:00:00Z","advisories":["RHSA-2019:1765","RHSA-2019:1775","RHSA-2019:1764","RHSA-2019:1763","RHSA-2019:1777","RHSA-2019:1799"],"bugzilla":"1728432","bugzilla_description":"CVE-2019-11712 Mozilla: Cross-origin POST requests can be made with NPAPI plugins by following 308 redirects","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-829","affected_packages":["firefox-0:60.8.0-1.el7_6","thunderbird-0:60.8.0-1.el8_0","thunderbird-0:60.8.0-1.el6_10","thunderbird-0:60.8.0-1.el7_6","firefox-0:60.8.0-1.el8_0","firefox-0:60.8.0-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11712.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-11713","severity":"important","public_date":"2019-07-10T00:00:00Z","advisories":["RHSA-2019:1765","RHSA-2019:1775","RHSA-2019:1764","RHSA-2019:1763","RHSA-2019:1777","RHSA-2019:1799"],"bugzilla":"1728433","bugzilla_description":"CVE-2019-11713 Mozilla: Use-after-free with HTTP/2 cached stream","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:60.8.0-1.el7_6","thunderbird-0:60.8.0-1.el8_0","thunderbird-0:60.8.0-1.el6_10","thunderbird-0:60.8.0-1.el7_6","firefox-0:60.8.0-1.el8_0","firefox-0:60.8.0-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11713.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-11715","severity":"moderate","public_date":"2019-07-10T00:00:00Z","advisories":["RHSA-2019:1765","RHSA-2019:1775","RHSA-2019:1764","RHSA-2019:1763","RHSA-2019:1777","RHSA-2019:1799"],"bugzilla":"1728434","bugzilla_description":"CVE-2019-11715 Mozilla: HTML parsing error can contribute to content XSS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":["firefox-0:60.8.0-1.el7_6","thunderbird-0:60.8.0-1.el8_0","thunderbird-0:60.8.0-1.el6_10","thunderbird-0:60.8.0-1.el7_6","firefox-0:60.8.0-1.el8_0","firefox-0:60.8.0-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11715.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-11717","severity":"moderate","public_date":"2019-07-10T00:00:00Z","advisories":["RHSA-2019:1765","RHSA-2019:1775","RHSA-2019:1764","RHSA-2019:1763","RHSA-2019:1777","RHSA-2019:1799"],"bugzilla":"1728435","bugzilla_description":"CVE-2019-11717 Mozilla: Caret character improperly escaped in origins","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-138","affected_packages":["firefox-0:60.8.0-1.el7_6","thunderbird-0:60.8.0-1.el8_0","thunderbird-0:60.8.0-1.el6_10","thunderbird-0:60.8.0-1.el7_6","firefox-0:60.8.0-1.el8_0","firefox-0:60.8.0-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11717.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-11730","severity":"moderate","public_date":"2019-07-10T00:00:00Z","advisories":["RHSA-2019:1765","RHSA-2019:1775","RHSA-2019:1764","RHSA-2019:1763","RHSA-2019:1777","RHSA-2019:1799"],"bugzilla":"1728438","bugzilla_description":"CVE-2019-11730 Mozilla: Same-origin policy treats all files in a directory as having the same-origin","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-829","affected_packages":["firefox-0:60.8.0-1.el7_6","thunderbird-0:60.8.0-1.el8_0","thunderbird-0:60.8.0-1.el6_10","thunderbird-0:60.8.0-1.el7_6","firefox-0:60.8.0-1.el8_0","firefox-0:60.8.0-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11730.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-9811","severity":"important","public_date":"2019-07-10T00:00:00Z","advisories":["RHSA-2019:1765","RHSA-2019:1775","RHSA-2019:1764","RHSA-2019:1763","RHSA-2019:1777","RHSA-2019:1799"],"bugzilla":"1728439","bugzilla_description":"CVE-2019-9811 Mozilla: Sandbox escape via installation of malicious language pack","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-807","affected_packages":["firefox-0:60.8.0-1.el7_6","thunderbird-0:60.8.0-1.el8_0","thunderbird-0:60.8.0-1.el6_10","thunderbird-0:60.8.0-1.el7_6","firefox-0:60.8.0-1.el8_0","firefox-0:60.8.0-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9811.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-20843","severity":"moderate","public_date":"2019-06-24T00:00:00Z","advisories":["RHSA-2020:3952","RHSA-2020:2646","RHSA-2020:2644"],"bugzilla":"1723723","bugzilla_description":"CVE-2018-20843 expat: large number of colons in input makes parser consume high amount of resources, leading to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["expat-0:2.1.0-12.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20843.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2019-11708","severity":"important","public_date":"2019-06-20T00:00:00Z","advisories":["RHSA-2019:1696","RHSA-2019:1604","RHSA-2019:1626","RHSA-2019:1603","RHSA-2019:1624","RHSA-2019:1623"],"bugzilla":"1722673","bugzilla_description":"CVE-2019-11708 Mozilla: Sandbox escape using Prompt:Open","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-270","affected_packages":["thunderbird-0:60.7.2-2.el7_6","firefox-0:60.7.2-1.el7_6","thunderbird-0:60.7.2-2.el8_0","thunderbird-0:60.7.2-2.el6_10","firefox-0:60.7.2-1.el6_10","firefox-0:60.7.2-3.el8_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11708.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-11707","severity":"critical","public_date":"2019-06-19T00:00:00Z","advisories":["RHSA-2019:1696","RHSA-2019:1604","RHSA-2019:1626","RHSA-2019:1603","RHSA-2019:1624","RHSA-2019:1623"],"bugzilla":"1721789","bugzilla_description":"CVE-2019-11707 Mozilla: Type confusion in Array.pop","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-843","affected_packages":["thunderbird-0:60.7.2-2.el7_6","firefox-0:60.7.2-1.el7_6","thunderbird-0:60.7.2-2.el8_0","thunderbird-0:60.7.2-2.el6_10","firefox-0:60.7.2-1.el6_10","firefox-0:60.7.2-3.el8_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11707.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-11703","severity":"moderate","public_date":"2019-06-13T00:00:00Z","advisories":["RHSA-2019:1626","RHSA-2019:1624","RHSA-2019:1623"],"bugzilla":"1720001","bugzilla_description":"CVE-2019-11703 libical: Heap buffer over read in icalparser.c parser_get_next_char","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["thunderbird-0:60.7.2-2.el7_6","thunderbird-0:60.7.2-2.el8_0","thunderbird-0:60.7.2-2.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11703.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2019-11704","severity":"moderate","public_date":"2019-06-13T00:00:00Z","advisories":["RHSA-2019:1626","RHSA-2019:1624","RHSA-2019:1623"],"bugzilla":"1720006","bugzilla_description":"CVE-2019-11704 libical: Heap buffer overflow in icalmemory_strdup_and_dequote function in icalvalue.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["thunderbird-0:60.7.2-2.el7_6","thunderbird-0:60.7.2-2.el8_0","thunderbird-0:60.7.2-2.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11704.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-11705","severity":"important","public_date":"2019-06-13T00:00:00Z","advisories":["RHSA-2019:1626","RHSA-2019:1624","RHSA-2019:1623"],"bugzilla":"1720008","bugzilla_description":"CVE-2019-11705 libical: Stack buffer overflow in icalrecur_add_bydayrules in icalrecur.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":["thunderbird-0:60.7.2-2.el7_6","thunderbird-0:60.7.2-2.el8_0","thunderbird-0:60.7.2-2.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11705.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2019-11706","severity":"moderate","public_date":"2019-06-13T00:00:00Z","advisories":["RHSA-2019:1626","RHSA-2019:1624","RHSA-2019:1623"],"bugzilla":"1720011","bugzilla_description":"CVE-2019-11706 libical: Type confusion in icaltimezone_get_vtimezone_properties function in icalproperty.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-843","affected_packages":["thunderbird-0:60.7.2-2.el7_6","thunderbird-0:60.7.2-2.el8_0","thunderbird-0:60.7.2-2.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11706.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"7.4"},{"CVE":"CVE-2019-11702","severity":"moderate","public_date":"2019-06-11T00:00:00Z","advisories":[],"bugzilla":"1721805","bugzilla_description":"CVE-2019-11702 Mozilla: IE protocols can be used to open known local files","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-552","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11702.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-12450","severity":"moderate","public_date":"2019-05-23T00:00:00Z","advisories":["RHSA-2019:3530","RHSA-2020:3978","RHBA-2019:3303"],"bugzilla":"1719141","bugzilla_description":"CVE-2019-12450 glib2: file_copy_fallback in gio/gfile.c in GNOME GLib does not properly restrict file permissions while a copy operation is in progress","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-552","affected_packages":["glib2-0:2.56.1-7.el7","redhat-coreos-42.81.20191107.0","glib2-0:2.56.4-7.el8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12450.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N","cvss3_score":"6.6"},{"CVE":"CVE-2019-11691","severity":"important","public_date":"2019-05-22T00:00:00Z","advisories":["RHSA-2019:1310","RHSA-2019:1265","RHSA-2019:1269","RHSA-2019:1267","RHSA-2019:1309","RHSA-2019:1308"],"bugzilla":"1712617","bugzilla_description":"CVE-2019-11691 Mozilla: Use-after-free in XMLHttpRequest","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:60.7.0-1.el8_0","firefox-0:60.7.0-1.el6_10","thunderbird-0:60.7.0-1.el6_10","firefox-0:60.7.0-1.el7_6","thunderbird-0:60.7.0-1.el8_0","thunderbird-0:60.7.0-1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11691.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-11692","severity":"important","public_date":"2019-05-22T00:00:00Z","advisories":["RHSA-2019:1310","RHSA-2019:1265","RHSA-2019:1269","RHSA-2019:1267","RHSA-2019:1309","RHSA-2019:1308"],"bugzilla":"1712618","bugzilla_description":"CVE-2019-11692 Mozilla: Use-after-free removing listeners in the event listener manager","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:60.7.0-1.el8_0","firefox-0:60.7.0-1.el6_10","thunderbird-0:60.7.0-1.el6_10","firefox-0:60.7.0-1.el7_6","thunderbird-0:60.7.0-1.el8_0","thunderbird-0:60.7.0-1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11692.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-11693","severity":"important","public_date":"2019-05-22T00:00:00Z","advisories":["RHSA-2019:1310","RHSA-2019:1265","RHSA-2019:1269","RHSA-2019:1267","RHSA-2019:1309","RHSA-2019:1308"],"bugzilla":"1712619","bugzilla_description":"CVE-2019-11693 Mozilla: Buffer overflow in WebGL bufferdata on Linux","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["firefox-0:60.7.0-1.el8_0","firefox-0:60.7.0-1.el6_10","thunderbird-0:60.7.0-1.el6_10","firefox-0:60.7.0-1.el7_6","thunderbird-0:60.7.0-1.el8_0","thunderbird-0:60.7.0-1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11693.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-11694","severity":"moderate","public_date":"2019-05-22T00:00:00Z","advisories":[],"bugzilla":"1712620","bugzilla_description":"CVE-2019-11694 Mozilla: Uninitialized memory leakage in Windows sandbox","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-456->CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11694.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-11698","severity":"moderate","public_date":"2019-05-22T00:00:00Z","advisories":["RHSA-2019:1310","RHSA-2019:1265","RHSA-2019:1269","RHSA-2019:1267","RHSA-2019:1309","RHSA-2019:1308"],"bugzilla":"1712621","bugzilla_description":"CVE-2019-11698 Mozilla: Theft of user history data through drag and drop of hyperlinks to and from bookmarks","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-829","affected_packages":["firefox-0:60.7.0-1.el8_0","firefox-0:60.7.0-1.el6_10","thunderbird-0:60.7.0-1.el6_10","firefox-0:60.7.0-1.el7_6","thunderbird-0:60.7.0-1.el8_0","thunderbird-0:60.7.0-1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11698.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-9797","severity":"important","public_date":"2019-05-22T00:00:00Z","advisories":["RHSA-2019:1310","RHSA-2019:1265","RHSA-2019:1269","RHSA-2019:1267","RHSA-2019:1309","RHSA-2019:1308"],"bugzilla":"1712622","bugzilla_description":"CVE-2019-9797 Mozilla: Cross-origin theft of images with createImageBitmap","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-829","affected_packages":["firefox-0:60.7.0-1.el8_0","firefox-0:60.7.0-1.el6_10","thunderbird-0:60.7.0-1.el6_10","firefox-0:60.7.0-1.el7_6","thunderbird-0:60.7.0-1.el8_0","thunderbird-0:60.7.0-1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9797.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-9800","severity":"critical","public_date":"2019-05-22T00:00:00Z","advisories":["RHSA-2019:1310","RHSA-2019:1265","RHSA-2019:1269","RHSA-2019:1267","RHSA-2019:1309","RHSA-2019:1308"],"bugzilla":"1712623","bugzilla_description":"CVE-2019-9800 Mozilla: Memory safety bugs fixed in Firefox 67 and Firefox ESR 60.7","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["firefox-0:60.7.0-1.el8_0","firefox-0:60.7.0-1.el6_10","thunderbird-0:60.7.0-1.el6_10","firefox-0:60.7.0-1.el7_6","thunderbird-0:60.7.0-1.el8_0","thunderbird-0:60.7.0-1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9800.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-9815","severity":"important","public_date":"2019-05-22T00:00:00Z","advisories":[],"bugzilla":"1712624","bugzilla_description":"CVE-2019-9815 Mozilla: Disable hyperthreading on content JavaScript threads on macOS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-203->CWE-385","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9815.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-9816","severity":"important","public_date":"2019-05-22T00:00:00Z","advisories":["RHSA-2019:1265","RHSA-2019:1269","RHSA-2019:1267"],"bugzilla":"1712625","bugzilla_description":"CVE-2019-9816 Mozilla: Type confusion with object groups and UnboxedObjects","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-843","affected_packages":["firefox-0:60.7.0-1.el8_0","firefox-0:60.7.0-1.el6_10","firefox-0:60.7.0-1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9816.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-9817","severity":"important","public_date":"2019-05-22T00:00:00Z","advisories":["RHSA-2019:1310","RHSA-2019:1265","RHSA-2019:1269","RHSA-2019:1267","RHSA-2019:1309","RHSA-2019:1308"],"bugzilla":"1712626","bugzilla_description":"CVE-2019-9817 Mozilla: Stealing of cross-domain images using canvas","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-829","affected_packages":["firefox-0:60.7.0-1.el8_0","firefox-0:60.7.0-1.el6_10","thunderbird-0:60.7.0-1.el6_10","firefox-0:60.7.0-1.el7_6","thunderbird-0:60.7.0-1.el8_0","thunderbird-0:60.7.0-1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9817.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-9818","severity":"important","public_date":"2019-05-22T00:00:00Z","advisories":[],"bugzilla":"1712627","bugzilla_description":"CVE-2019-9818 Mozilla: Use-after-free in crash generation server","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9818.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-9819","severity":"important","public_date":"2019-05-22T00:00:00Z","advisories":["RHSA-2019:1310","RHSA-2019:1265","RHSA-2019:1269","RHSA-2019:1267","RHSA-2019:1309","RHSA-2019:1308"],"bugzilla":"1712628","bugzilla_description":"CVE-2019-9819 Mozilla: Compartment mismatch with fetch API","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-567","affected_packages":["firefox-0:60.7.0-1.el8_0","firefox-0:60.7.0-1.el6_10","thunderbird-0:60.7.0-1.el6_10","firefox-0:60.7.0-1.el7_6","thunderbird-0:60.7.0-1.el8_0","thunderbird-0:60.7.0-1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9819.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-9820","severity":"important","public_date":"2019-05-22T00:00:00Z","advisories":["RHSA-2019:1310","RHSA-2019:1265","RHSA-2019:1269","RHSA-2019:1267","RHSA-2019:1309","RHSA-2019:1308"],"bugzilla":"1712629","bugzilla_description":"CVE-2019-9820 Mozilla: Use-after-free of ChromeEventHandler by DocShell","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:60.7.0-1.el8_0","firefox-0:60.7.0-1.el6_10","thunderbird-0:60.7.0-1.el6_10","firefox-0:60.7.0-1.el7_6","thunderbird-0:60.7.0-1.el8_0","thunderbird-0:60.7.0-1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9820.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-9810","severity":"critical","public_date":"2019-03-22T00:00:00Z","advisories":["RHSA-2019:0671","RHSA-2019:0672","RHSA-2019:1144","RHSA-2019:0680","RHSA-2019:0681","RHSA-2019:0966"],"bugzilla":"1692181","bugzilla_description":"CVE-2019-9810 Mozilla: IonMonkey MArraySlice has incorrect alias information","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["firefox-0:60.6.1-1.el7_6","thunderbird-0:60.6.1-1.el8","firefox-0:60.6.1-1.el6_10","firefox-0:60.6.1-1.el8","thunderbird-0:60.6.1-1.el7_6","thunderbird-0:60.6.1-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9810.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-9813","severity":"critical","public_date":"2019-03-22T00:00:00Z","advisories":["RHSA-2019:0671","RHSA-2019:0672","RHSA-2019:1144","RHSA-2019:0680","RHSA-2019:0681","RHSA-2019:0966"],"bugzilla":"1692182","bugzilla_description":"CVE-2019-9813 Mozilla: Ionmonkey type confusion with __proto__ mutations","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-843","affected_packages":["firefox-0:60.6.1-1.el7_6","thunderbird-0:60.6.1-1.el8","firefox-0:60.6.1-1.el6_10","firefox-0:60.6.1-1.el8","thunderbird-0:60.6.1-1.el7_6","thunderbird-0:60.6.1-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9813.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-18506","severity":"moderate","public_date":"2019-03-20T00:00:00Z","advisories":["RHSA-2019:1144","RHSA-2019:0680","RHSA-2019:0681","RHSA-2019:0966","RHSA-2019:0622","RHSA-2019:0623"],"bugzilla":"1690673","bugzilla_description":"CVE-2018-18506 Mozilla: Proxy Auto-Configuration file can define localhost access to be proxied","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["firefox-0:60.6.0-3.el7_6","thunderbird-0:60.6.1-1.el8","firefox-0:60.6.1-1.el8","thunderbird-0:60.6.1-1.el7_6","firefox-0:60.6.0-3.el6_10","thunderbird-0:60.6.1-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18506.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-9788","severity":"critical","public_date":"2019-03-20T00:00:00Z","advisories":["RHSA-2019:1144","RHSA-2019:0680","RHSA-2019:0681","RHSA-2019:0966","RHSA-2019:0622","RHSA-2019:0623"],"bugzilla":"1690674","bugzilla_description":"CVE-2019-9788 Mozilla: Memory safety bugs fixed in Firefox 66 and Firefox ESR 60.6","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["firefox-0:60.6.0-3.el7_6","thunderbird-0:60.6.1-1.el8","firefox-0:60.6.1-1.el8","thunderbird-0:60.6.1-1.el7_6","firefox-0:60.6.0-3.el6_10","thunderbird-0:60.6.1-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9788.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-9790","severity":"critical","public_date":"2019-03-20T00:00:00Z","advisories":["RHSA-2019:1144","RHSA-2019:0680","RHSA-2019:0681","RHSA-2019:0966","RHSA-2019:0622","RHSA-2019:0623"],"bugzilla":"1690675","bugzilla_description":"CVE-2019-9790 Mozilla: Use-after-free when removing in-use DOM elements","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:60.6.0-3.el7_6","thunderbird-0:60.6.1-1.el8","firefox-0:60.6.1-1.el8","thunderbird-0:60.6.1-1.el7_6","firefox-0:60.6.0-3.el6_10","thunderbird-0:60.6.1-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9790.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-9791","severity":"critical","public_date":"2019-03-20T00:00:00Z","advisories":["RHSA-2019:1144","RHSA-2019:0680","RHSA-2019:0681","RHSA-2019:0966","RHSA-2019:0622","RHSA-2019:0623"],"bugzilla":"1690676","bugzilla_description":"CVE-2019-9791 Mozilla: Type inference is incorrect for constructors entered through on-stack replacement with IonMonkey","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-843","affected_packages":["firefox-0:60.6.0-3.el7_6","thunderbird-0:60.6.1-1.el8","firefox-0:60.6.1-1.el8","thunderbird-0:60.6.1-1.el7_6","firefox-0:60.6.0-3.el6_10","thunderbird-0:60.6.1-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9791.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-9792","severity":"critical","public_date":"2019-03-20T00:00:00Z","advisories":["RHSA-2019:1144","RHSA-2019:0680","RHSA-2019:0681","RHSA-2019:0966","RHSA-2019:0622","RHSA-2019:0623"],"bugzilla":"1690677","bugzilla_description":"CVE-2019-9792 Mozilla: IonMonkey leaks JS_OPTIMIZED_OUT magic value to script","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-203->CWE-787","affected_packages":["firefox-0:60.6.0-3.el7_6","thunderbird-0:60.6.1-1.el8","firefox-0:60.6.1-1.el8","thunderbird-0:60.6.1-1.el7_6","firefox-0:60.6.0-3.el6_10","thunderbird-0:60.6.1-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9792.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-9793","severity":"important","public_date":"2019-03-20T00:00:00Z","advisories":["RHSA-2019:1144","RHSA-2019:0680","RHSA-2019:0681","RHSA-2019:0966","RHSA-2019:0622","RHSA-2019:0623"],"bugzilla":"1690678","bugzilla_description":"CVE-2019-9793 Mozilla: Improper bounds checks when Spectre mitigations are disabled","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["firefox-0:60.6.0-3.el7_6","thunderbird-0:60.6.1-1.el8","firefox-0:60.6.1-1.el8","thunderbird-0:60.6.1-1.el7_6","firefox-0:60.6.0-3.el6_10","thunderbird-0:60.6.1-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9793.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-9794","severity":"important","public_date":"2019-03-20T00:00:00Z","advisories":[],"bugzilla":"1690679","bugzilla_description":"CVE-2019-9794 Mozilla: Command line arguments not discarded during execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-88","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9794.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-9795","severity":"important","public_date":"2019-03-20T00:00:00Z","advisories":["RHSA-2019:1144","RHSA-2019:0680","RHSA-2019:0681","RHSA-2019:0966","RHSA-2019:0622","RHSA-2019:0623"],"bugzilla":"1690680","bugzilla_description":"CVE-2019-9795 Mozilla: Type-confusion in IonMonkey JIT compiler","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-843->CWE-787","affected_packages":["firefox-0:60.6.0-3.el7_6","thunderbird-0:60.6.1-1.el8","firefox-0:60.6.1-1.el8","thunderbird-0:60.6.1-1.el7_6","firefox-0:60.6.0-3.el6_10","thunderbird-0:60.6.1-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9795.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-9796","severity":"important","public_date":"2019-03-20T00:00:00Z","advisories":["RHSA-2019:1144","RHSA-2019:0680","RHSA-2019:0681","RHSA-2019:0966","RHSA-2019:0622","RHSA-2019:0623"],"bugzilla":"1690681","bugzilla_description":"CVE-2019-9796 Mozilla: Use-after-free with SMIL animation controller","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:60.6.0-3.el7_6","thunderbird-0:60.6.1-1.el8","firefox-0:60.6.1-1.el8","thunderbird-0:60.6.1-1.el7_6","firefox-0:60.6.0-3.el6_10","thunderbird-0:60.6.1-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9796.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-9801","severity":"moderate","public_date":"2019-03-20T00:00:00Z","advisories":[],"bugzilla":"1690682","bugzilla_description":"CVE-2019-9801 Mozilla: Windows programs that are not 'URL Handlers' are exposed to web content","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-88","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9801.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-5798","severity":"moderate","public_date":"2019-03-12T00:00:00Z","advisories":["RHSA-2019:1310","RHSA-2019:1265","RHSA-2019:0708","RHSA-2019:1269","RHSA-2019:1267","RHSA-2019:1309","RHSA-2019:1308"],"bugzilla":"1688200","bugzilla_description":"CVE-2019-5798 chromium-browser: Out of bounds read in Skia","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:60.7.0-1.el8_0","firefox-0:60.7.0-1.el6_10","thunderbird-0:60.7.0-1.el6_10","firefox-0:60.7.0-1.el7_6","chromium-browser-0:73.0.3683.75-1.el6_10","thunderbird-0:60.7.0-1.el8_0","thunderbird-0:60.7.0-1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5798.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2018-18509","severity":"moderate","public_date":"2019-02-14T00:00:00Z","advisories":["RHSA-2019:1144","RHSA-2019:0680","RHSA-2019:0681"],"bugzilla":"1677613","bugzilla_description":"CVE-2018-18509 thunderbird: flaw in verification of S/MIME signature resulting in signature spoofing","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-451->CWE-347","affected_packages":["thunderbird-0:60.6.1-1.el8","thunderbird-0:60.6.1-1.el7_6","thunderbird-0:60.6.1-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18509.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2019-5785","severity":"important","public_date":"2019-02-12T00:00:00Z","advisories":["RHSA-2019:0374","RHSA-2019:1144","RHSA-2019:0680","RHSA-2019:0373","RHSA-2019:0681"],"bugzilla":"1676991","bugzilla_description":"CVE-2019-5785 mozilla: Integer overflow in Skia","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":["thunderbird-0:60.6.1-1.el8","firefox-0:60.5.1-1.el7_6","firefox-0:60.5.1-1.el6_10","thunderbird-0:60.6.1-1.el7_6","thunderbird-0:60.6.1-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5785.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2018-18511","severity":"moderate","public_date":"2019-02-12T00:00:00Z","advisories":["RHSA-2019:1310","RHSA-2019:1265","RHSA-2019:1269","RHSA-2019:1267","RHSA-2019:1309","RHSA-2019:1308"],"bugzilla":"1676997","bugzilla_description":"CVE-2018-18511 mozilla: Cross-origin theft of images with ImageBitmapRenderingContext","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:60.7.0-1.el8_0","firefox-0:60.7.0-1.el6_10","thunderbird-0:60.7.0-1.el6_10","firefox-0:60.7.0-1.el7_6","thunderbird-0:60.7.0-1.el8_0","thunderbird-0:60.7.0-1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18511.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2018-18500","severity":"critical","public_date":"2019-01-29T00:00:00Z","advisories":["RHSA-2019:0269","RHSA-2019:0218","RHSA-2019:0219","RHSA-2019:0270"],"bugzilla":"1670631","bugzilla_description":"CVE-2018-18500 Mozilla: Use-after-free parsing HTML5 stream","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:60.5.0-2.el7","firefox-0:60.5.0-2.el6","thunderbird-0:60.5.0-1.el6_10","thunderbird-0:60.5.0-1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18500.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-18501","severity":"critical","public_date":"2019-01-29T00:00:00Z","advisories":["RHSA-2019:0269","RHSA-2019:0218","RHSA-2019:0219","RHSA-2019:0270"],"bugzilla":"1670632","bugzilla_description":"CVE-2018-18501 Mozilla: Memory safety bugs fixed in Firefox 65 and Firefox ESR 60.5","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["firefox-0:60.5.0-2.el7","firefox-0:60.5.0-2.el6","thunderbird-0:60.5.0-1.el6_10","thunderbird-0:60.5.0-1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18501.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-18505","severity":"important","public_date":"2019-01-29T00:00:00Z","advisories":["RHSA-2019:0269","RHSA-2019:0218","RHSA-2019:0219","RHSA-2019:0270"],"bugzilla":"1670633","bugzilla_description":"CVE-2018-18505 Mozilla: Privilege escalation through IPC channel messages","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287","affected_packages":["firefox-0:60.5.0-2.el7","firefox-0:60.5.0-2.el6","thunderbird-0:60.5.0-1.el6_10","thunderbird-0:60.5.0-1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18505.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-9633","severity":"moderate","public_date":"2019-01-29T00:00:00Z","advisories":[],"bugzilla":"1687805","bugzilla_description":"CVE-2019-9633 glib: g_socket_client_connected_callback in gio/gsocketclient.c allows to cause denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9633.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H","cvss3_score":"8.2"},{"CVE":"CVE-2019-7317","severity":"low","public_date":"2019-01-25T00:00:00Z","advisories":["RHSA-2019:1310","RHSA-2019:1265","RHSA-2019:2585","RHSA-2019:2495","RHSA-2019:1269","RHSA-2019:1267","RHSA-2019:2737","RHSA-2019:2494","RHSA-2019:2592","RHSA-2019:1309","RHSA-2019:1308","RHSA-2019:2590"],"bugzilla":"1672409","bugzilla_description":"CVE-2019-7317 libpng: use-after-free in png_image_free in png.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["firefox-0:60.7.0-1.el8_0","firefox-0:60.7.0-1.el6_10","java-1.8.0-ibm-1:1.8.0.5.40-1jpp.1.el6_10","java-1.8.0-ibm-1:1.8.0.5.40-3.el8_0","thunderbird-0:60.7.0-1.el6_10","java-1.7.1-ibm-1:1.7.1.4.50-1jpp.1.el6_10","firefox-0:60.7.0-1.el7_6","java-1.8.0-ibm-1:1.8.0.5.40-1jpp.1.el7","java-1.7.1-ibm-1:1.7.1.4.50-1jpp.1.el7","thunderbird-0:60.7.0-1.el8_0","thunderbird-0:60.7.0-1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7317.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2019-6461","severity":"low","public_date":"2019-01-11T00:00:00Z","advisories":[],"bugzilla":"1669629","bugzilla_description":"CVE-2019-6461 cairo: assertion problem in _cairo_arc_in_direction in cairo-arc.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-617","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6461.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"2.5"},{"CVE":"CVE-2019-6462","severity":"low","public_date":"2019-01-11T00:00:00Z","advisories":[],"bugzilla":"1671399","bugzilla_description":"CVE-2019-6462 cairo: infinite loop in the function _arc_error_normalized in the file cairo-arc.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6462.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"2.5"},{"CVE":"CVE-2018-12405","severity":"critical","public_date":"2018-12-12T00:00:00Z","advisories":["RHSA-2019:0159","RHSA-2018:3833","RHSA-2018:3831","RHSA-2019:0160"],"bugzilla":"1658397","bugzilla_description":"CVE-2018-12405 Mozilla: Memory safety bugs fixed in Firefox 64 and Firefox ESR 60.4","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["firefox-0:60.4.0-1.el6","firefox-0:60.4.0-1.el7","thunderbird-0:60.4.0-1.el6","thunderbird-0:60.4.0-1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12405.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-18492","severity":"important","public_date":"2018-12-11T00:00:00Z","advisories":["RHSA-2019:0159","RHSA-2018:3833","RHSA-2018:3831","RHSA-2019:0160"],"bugzilla":"1658399","bugzilla_description":"CVE-2018-18492 Mozilla: Use-after-free with select element","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:60.4.0-1.el6","firefox-0:60.4.0-1.el7","thunderbird-0:60.4.0-1.el6","thunderbird-0:60.4.0-1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18492.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-18493","severity":"important","public_date":"2018-12-11T00:00:00Z","advisories":["RHSA-2019:0159","RHSA-2018:3833","RHSA-2018:3831","RHSA-2019:0160"],"bugzilla":"1658400","bugzilla_description":"CVE-2018-18493 Mozilla: Buffer overflow in accelerated 2D canvas with Skia","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["firefox-0:60.4.0-1.el6","firefox-0:60.4.0-1.el7","thunderbird-0:60.4.0-1.el6","thunderbird-0:60.4.0-1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18493.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-18494","severity":"important","public_date":"2018-12-11T00:00:00Z","advisories":["RHSA-2019:0159","RHSA-2018:3833","RHSA-2018:3831","RHSA-2019:0160"],"bugzilla":"1658401","bugzilla_description":"CVE-2018-18494 Mozilla: Same-origin policy violation using location attribute and performance.getEntries to steal cross-origin URLs","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-829","affected_packages":["firefox-0:60.4.0-1.el6","firefox-0:60.4.0-1.el7","thunderbird-0:60.4.0-1.el6","thunderbird-0:60.4.0-1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18494.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-18498","severity":"important","public_date":"2018-12-11T00:00:00Z","advisories":["RHSA-2019:0159","RHSA-2018:3833","RHSA-2018:3831","RHSA-2019:0160"],"bugzilla":"1658402","bugzilla_description":"CVE-2018-18498 Mozilla: Integer overflow when calculating buffer sizes for images","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":["firefox-0:60.4.0-1.el6","firefox-0:60.4.0-1.el7","thunderbird-0:60.4.0-1.el6","thunderbird-0:60.4.0-1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18498.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-18335","severity":"important","public_date":"2018-12-04T00:00:00Z","advisories":["RHSA-2018:3803"],"bugzilla":"1656549","bugzilla_description":"CVE-2018-18335 chromium-browser: Heap buffer overflow in Skia","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["chromium-browser-0:71.0.3578.80-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18335.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-18356","severity":"important","public_date":"2018-12-04T00:00:00Z","advisories":["RHSA-2019:0374","RHSA-2019:1144","RHSA-2019:0680","RHSA-2019:0373","RHSA-2019:0681","RHSA-2018:3803"],"bugzilla":"1656570","bugzilla_description":"CVE-2018-18356 chromium-browser, mozilla: Use after free in Skia","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["thunderbird-0:60.6.1-1.el8","firefox-0:60.5.1-1.el7_6","firefox-0:60.5.1-1.el6_10","chromium-browser-0:71.0.3578.80-1.el6_10","thunderbird-0:60.6.1-1.el7_6","thunderbird-0:60.6.1-1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18356.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2018-12389","severity":"low","public_date":"2018-10-23T00:00:00Z","advisories":["RHSA-2018:3006","RHSA-2018:3005","RHSA-2018:3532","RHSA-2018:3531"],"bugzilla":"1642179","bugzilla_description":"CVE-2018-12389 Mozilla: Memory safety bugs fixed in Firefox ESR 60.3","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["thunderbird-0:60.3.0-1.el6","firefox-0:60.3.0-1.el7_5","firefox-0:60.3.0-1.el6","thunderbird-0:60.3.0-1.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12389.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-12390","severity":"critical","public_date":"2018-10-23T00:00:00Z","advisories":["RHSA-2018:3006","RHSA-2018:3005","RHSA-2018:3532","RHSA-2018:3531"],"bugzilla":"1642180","bugzilla_description":"CVE-2018-12390 Mozilla: Memory safety bugs fixed in Firefox 63 and Firefox ESR 60.3","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["thunderbird-0:60.3.0-1.el6","firefox-0:60.3.0-1.el7_5","firefox-0:60.3.0-1.el6","thunderbird-0:60.3.0-1.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12390.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-12391","severity":"important","public_date":"2018-10-23T00:00:00Z","advisories":[],"bugzilla":"1642181","bugzilla_description":"CVE-2018-12391 Mozilla: HTTP Live Stream audio data is accessible cross-origin","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-829","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12391.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-12392","severity":"important","public_date":"2018-10-23T00:00:00Z","advisories":["RHSA-2018:3006","RHSA-2018:3005","RHSA-2018:3532","RHSA-2018:3531"],"bugzilla":"1642182","bugzilla_description":"CVE-2018-12392 Mozilla: Crash with nested event loops","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-364","affected_packages":["thunderbird-0:60.3.0-1.el6","firefox-0:60.3.0-1.el7_5","firefox-0:60.3.0-1.el6","thunderbird-0:60.3.0-1.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12392.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-12393","severity":"important","public_date":"2018-10-23T00:00:00Z","advisories":["RHSA-2018:3006","RHSA-2018:3005","RHSA-2018:3532","RHSA-2018:3531"],"bugzilla":"1642183","bugzilla_description":"CVE-2018-12393 Mozilla: Integer overflow during Unicode conversion while loading JavaScript","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190->CWE-120","affected_packages":["thunderbird-0:60.3.0-1.el6","firefox-0:60.3.0-1.el7_5","firefox-0:60.3.0-1.el6","thunderbird-0:60.3.0-1.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12393.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-12395","severity":"moderate","public_date":"2018-10-23T00:00:00Z","advisories":["RHSA-2018:3006","RHSA-2018:3005"],"bugzilla":"1642185","bugzilla_description":"CVE-2018-12395 Mozilla: WebExtension bypass of domain restrictions through header rewriting","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":["firefox-0:60.3.0-1.el7_5","firefox-0:60.3.0-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12395.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-12396","severity":"moderate","public_date":"2018-10-23T00:00:00Z","advisories":["RHSA-2018:3006","RHSA-2018:3005"],"bugzilla":"1642186","bugzilla_description":"CVE-2018-12396 Mozilla: WebExtension content scripts can execute in disallowed contexts","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":["firefox-0:60.3.0-1.el7_5","firefox-0:60.3.0-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12396.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-12397","severity":"moderate","public_date":"2018-10-23T00:00:00Z","advisories":["RHSA-2018:3006","RHSA-2018:3005"],"bugzilla":"1642187","bugzilla_description":"CVE-2018-12397 Mozilla: WebExtension local file permission check bypass","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-862","affected_packages":["firefox-0:60.3.0-1.el7_5","firefox-0:60.3.0-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12397.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-17466","severity":"important","public_date":"2018-10-16T00:00:00Z","advisories":["RHSA-2019:0159","RHSA-2018:3833","RHSA-2018:3831","RHSA-2018:3004","RHSA-2019:0160"],"bugzilla":"1640102","bugzilla_description":"CVE-2018-17466 chromium-browser, firefox: Memory corruption in Angle","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:60.4.0-1.el6","firefox-0:60.4.0-1.el7","thunderbird-0:60.4.0-1.el6","chromium-browser-0:70.0.3538.67-1.el6_10","thunderbird-0:60.4.0-1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17466.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-18064","severity":"moderate","public_date":"2018-10-08T00:00:00Z","advisories":[],"bugzilla":"1637792","bugzilla_description":"CVE-2018-18064 cairo: Stack-based buffer overflow via parsing of crafted WebKitGTK+ document","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18064.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2018-12386","severity":"critical","public_date":"2018-10-02T00:00:00Z","advisories":["RHSA-2018:2884","RHSA-2018:2881"],"bugzilla":"1635451","bugzilla_description":"CVE-2018-12386 Mozilla: type confusion in JavaScript","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-843->(CWE-125|CWE-787)","affected_packages":["firefox-0:60.2.2-1.el7_5","firefox-0:60.2.2-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12386.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-12387","severity":"critical","public_date":"2018-10-02T00:00:00Z","advisories":["RHSA-2018:2884","RHSA-2018:2881"],"bugzilla":"1635452","bugzilla_description":"CVE-2018-12387 Mozilla: stack out-of-bounds read in Array.prototype.push","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["firefox-0:60.2.2-1.el7_5","firefox-0:60.2.2-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12387.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-12385","severity":"moderate","public_date":"2018-09-21T00:00:00Z","advisories":["RHSA-2018:2835","RHSA-2018:2834","RHSA-2018:3403","RHSA-2018:3458"],"bugzilla":"1632062","bugzilla_description":"CVE-2018-12385 Mozilla: Crash in TransportSecurityInfo due to cached data","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->CWE-119","affected_packages":["firefox-0:60.2.1-1.el6","firefox-0:60.2.1-1.el7_5","thunderbird-0:60.2.1-4.el7_5","thunderbird-0:60.2.1-5.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12385.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-12375","severity":"important","public_date":"2018-09-05T00:00:00Z","advisories":[],"bugzilla":"1625524","bugzilla_description":"CVE-2018-12375 Mozilla: Memory safety bugs fixed in Firefox 62","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12375.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-12376","severity":"critical","public_date":"2018-09-05T00:00:00Z","advisories":["RHSA-2018:3403","RHSA-2018:3458","RHSA-2018:2692","RHSA-2018:2693"],"bugzilla":"1625525","bugzilla_description":"CVE-2018-12376 Mozilla: Memory safety bugs fixed in Firefox 62 and Firefox ESR 60.2","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["firefox-0:60.2.0-1.el6","thunderbird-0:60.2.1-4.el7_5","thunderbird-0:60.2.1-5.el6","firefox-0:60.2.0-1.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12376.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-12377","severity":"important","public_date":"2018-09-05T00:00:00Z","advisories":["RHSA-2018:3403","RHSA-2018:3458","RHSA-2018:2692","RHSA-2018:2693"],"bugzilla":"1625526","bugzilla_description":"CVE-2018-12377 Mozilla: Use-after-free in driver timers","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:60.2.0-1.el6","thunderbird-0:60.2.1-4.el7_5","thunderbird-0:60.2.1-5.el6","firefox-0:60.2.0-1.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12377.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-12378","severity":"important","public_date":"2018-09-05T00:00:00Z","advisories":["RHSA-2018:3403","RHSA-2018:3458","RHSA-2018:2692","RHSA-2018:2693"],"bugzilla":"1625527","bugzilla_description":"CVE-2018-12378 Mozilla: Use-after-free in IndexedDB","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:60.2.0-1.el6","thunderbird-0:60.2.1-4.el7_5","thunderbird-0:60.2.1-5.el6","firefox-0:60.2.0-1.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12378.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-12379","severity":"moderate","public_date":"2018-09-05T00:00:00Z","advisories":["RHSA-2018:3403","RHSA-2018:3458","RHSA-2018:2692","RHSA-2018:2693"],"bugzilla":"1625528","bugzilla_description":"CVE-2018-12379 Mozilla: Out-of-bounds write with malicious MAR file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":["firefox-0:60.2.0-1.el6","thunderbird-0:60.2.1-4.el7_5","thunderbird-0:60.2.1-5.el6","firefox-0:60.2.0-1.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12379.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-12381","severity":"low","public_date":"2018-09-05T00:00:00Z","advisories":[],"bugzilla":"1625529","bugzilla_description":"CVE-2018-12381 Mozilla: Dragging and dropping Outlook email message results in page navigation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-451","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12381.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2018-12382","severity":"low","public_date":"2018-09-05T00:00:00Z","advisories":[],"bugzilla":"1625530","bugzilla_description":"CVE-2018-12382 Mozilla: Addressbar spoofing with javascript URI on Firefox for Android","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-451","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12382.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2018-12383","severity":"low","public_date":"2018-09-05T00:00:00Z","advisories":["RHSA-2018:2835","RHSA-2018:2834","RHSA-2018:3403","RHSA-2018:3458"],"bugzilla":"1625531","bugzilla_description":"CVE-2018-12383 Mozilla: Setting a master password post-Firefox 58 does not delete unencrypted previously stored passwords","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-212","affected_packages":["firefox-0:60.2.1-1.el6","firefox-0:60.2.1-1.el7_5","thunderbird-0:60.2.1-4.el7_5","thunderbird-0:60.2.1-5.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12383.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2018-18499","severity":"important","public_date":"2018-09-05T00:00:00Z","advisories":["RHSA-2018:3403","RHSA-2018:3458","RHSA-2018:2692","RHSA-2018:2693"],"bugzilla":"1849971","bugzilla_description":"CVE-2018-18499 Mozilla: Same-origin policy violation using meta refresh and performance.getEntries to steal cross-origin URLs","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-829","affected_packages":["firefox-0:60.2.0-1.el6","thunderbird-0:60.2.1-4.el7_5","thunderbird-0:60.2.1-5.el6","firefox-0:60.2.0-1.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18499.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-16428","severity":"low","public_date":"2018-09-04T00:00:00Z","advisories":[],"bugzilla":"1626145","bugzilla_description":"CVE-2018-16428 glib2: NULL pointer dereference in g_markup_parse_context_end_parse() function in gmarkup.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16428.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.1"},{"CVE":"CVE-2018-16429","severity":"low","public_date":"2018-09-04T00:00:00Z","advisories":[],"bugzilla":"1626148","bugzilla_description":"CVE-2018-16429 glib2: Out-of-bounds read in g_markup_parse_context_parse() in gmarkup.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16429.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3_score":"3.6"},{"CVE":"CVE-2018-12372","severity":"important","public_date":"2018-07-04T00:00:00Z","advisories":["RHSA-2018:2251","RHSA-2018:2252"],"bugzilla":"1598538","bugzilla_description":"CVE-2018-12372 thunderbird: S/MIME and PGP decryption oracles can be built with HTML emails","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-201","affected_packages":["thunderbird-0:52.9.1-1.el7_5","thunderbird-0:52.9.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12372.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2018-12374","severity":"moderate","public_date":"2018-07-04T00:00:00Z","advisories":["RHSA-2018:2251","RHSA-2018:2252"],"bugzilla":"1598543","bugzilla_description":"CVE-2018-12374 thunderbird: Using form to exfiltrate encrypted mail part by pressing enter in form field","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-356","affected_packages":["thunderbird-0:52.9.1-1.el7_5","thunderbird-0:52.9.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12374.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2018-12358","severity":"important","public_date":"2018-06-26T00:00:00Z","advisories":[],"bugzilla":"1595023","bugzilla_description":"CVE-2018-12358 Mozilla: Same-origin bypass using service worker and redirection","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-829","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12358.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-12359","severity":"critical","public_date":"2018-06-26T00:00:00Z","advisories":["RHSA-2018:2251","RHSA-2018:2113","RHSA-2018:2112","RHSA-2018:2252"],"bugzilla":"1595024","bugzilla_description":"CVE-2018-12359 Mozilla: Buffer overflow using computed size of canvas element","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["thunderbird-0:52.9.1-1.el7_5","firefox-0:60.1.0-4.el7_5","firefox-0:60.1.0-5.el6","thunderbird-0:52.9.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12359.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-12360","severity":"critical","public_date":"2018-06-26T00:00:00Z","advisories":["RHSA-2018:2251","RHSA-2018:2113","RHSA-2018:2112","RHSA-2018:2252"],"bugzilla":"1595025","bugzilla_description":"CVE-2018-12360 Mozilla: Use-after-free using focus()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["thunderbird-0:52.9.1-1.el7_5","firefox-0:60.1.0-4.el7_5","firefox-0:60.1.0-5.el6","thunderbird-0:52.9.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12360.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-12361","severity":"critical","public_date":"2018-06-26T00:00:00Z","advisories":[],"bugzilla":"1595026","bugzilla_description":"CVE-2018-12361 Mozilla: Integer overflow in SwizzleData","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12361.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-12362","severity":"important","public_date":"2018-06-26T00:00:00Z","advisories":["RHSA-2018:2251","RHSA-2018:2113","RHSA-2018:2112","RHSA-2018:2252"],"bugzilla":"1595027","bugzilla_description":"CVE-2018-12362 Mozilla: Integer overflow in SSSE3 scaler","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190->CWE-120","affected_packages":["thunderbird-0:52.9.1-1.el7_5","firefox-0:60.1.0-4.el7_5","firefox-0:60.1.0-5.el6","thunderbird-0:52.9.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12362.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-12363","severity":"important","public_date":"2018-06-26T00:00:00Z","advisories":["RHSA-2018:2251","RHSA-2018:2113","RHSA-2018:2112","RHSA-2018:2252"],"bugzilla":"1595028","bugzilla_description":"CVE-2018-12363 Mozilla: Use-after-free when appending DOM nodes","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["thunderbird-0:52.9.1-1.el7_5","firefox-0:60.1.0-4.el7_5","firefox-0:60.1.0-5.el6","thunderbird-0:52.9.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12363.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-12364","severity":"important","public_date":"2018-06-26T00:00:00Z","advisories":["RHSA-2018:2251","RHSA-2018:2113","RHSA-2018:2112","RHSA-2018:2252"],"bugzilla":"1595029","bugzilla_description":"CVE-2018-12364 Mozilla: CSRF attacks through 307 redirects and NPAPI plugins","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-829","affected_packages":["thunderbird-0:52.9.1-1.el7_5","firefox-0:60.1.0-4.el7_5","firefox-0:60.1.0-5.el6","thunderbird-0:52.9.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12364.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-12365","severity":"moderate","public_date":"2018-06-26T00:00:00Z","advisories":["RHSA-2018:2251","RHSA-2018:2113","RHSA-2018:2112","RHSA-2018:2252"],"bugzilla":"1595030","bugzilla_description":"CVE-2018-12365 Mozilla: Compromised IPC child process can list local filenames","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-552","affected_packages":["thunderbird-0:52.9.1-1.el7_5","firefox-0:60.1.0-4.el7_5","firefox-0:60.1.0-5.el6","thunderbird-0:52.9.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12365.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-12366","severity":"moderate","public_date":"2018-06-26T00:00:00Z","advisories":["RHSA-2018:2251","RHSA-2018:2113","RHSA-2018:2112","RHSA-2018:2252"],"bugzilla":"1595031","bugzilla_description":"CVE-2018-12366 Mozilla: Invalid data handling during QCMS transformations","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["thunderbird-0:52.9.1-1.el7_5","firefox-0:60.1.0-4.el7_5","firefox-0:60.1.0-5.el6","thunderbird-0:52.9.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12366.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-12367","severity":"moderate","public_date":"2018-06-26T00:00:00Z","advisories":[],"bugzilla":"1595032","bugzilla_description":"CVE-2018-12367 Mozilla: Timing attack mitigation of PerformanceNavigationTiming","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-385","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12367.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-12368","severity":"moderate","public_date":"2018-06-26T00:00:00Z","advisories":[],"bugzilla":"1595033","bugzilla_description":"CVE-2018-12368 Mozilla: No warning when opening executable SettingContent-ms files","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-451","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12368.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-12369","severity":"moderate","public_date":"2018-06-26T00:00:00Z","advisories":[],"bugzilla":"1595034","bugzilla_description":"CVE-2018-12369 Mozilla: WebExtension security permission checks bypassed by embedded experiments","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-829","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12369.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-12370","severity":"low","public_date":"2018-06-26T00:00:00Z","advisories":[],"bugzilla":"1595035","bugzilla_description":"CVE-2018-12370 Mozilla: SameSite cookie protections bypassed when exiting Reader View","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-829","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12370.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N","cvss3_score":"4.7"},{"CVE":"CVE-2018-12371","severity":"moderate","public_date":"2018-06-26T00:00:00Z","advisories":[],"bugzilla":"1595036","bugzilla_description":"CVE-2018-12371 Mozilla: Integer overflow in Skia library during edge builder allocation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12371.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-5156","severity":"important","public_date":"2018-06-26T00:00:00Z","advisories":["RHSA-2018:2113","RHSA-2018:2112"],"bugzilla":"1595037","bugzilla_description":"CVE-2018-5156 Mozilla: Media recorder segmentation fault when track type is changed during capture","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["firefox-0:60.1.0-4.el7_5","firefox-0:60.1.0-5.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5156.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-5186","severity":"critical","public_date":"2018-06-26T00:00:00Z","advisories":[],"bugzilla":"1595038","bugzilla_description":"CVE-2018-5186 Mozilla: Memory safety bugs fixed in Firefox 61","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5186.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-5187","severity":"critical","public_date":"2018-06-26T00:00:00Z","advisories":[],"bugzilla":"1595039","bugzilla_description":"CVE-2018-5187 Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 60.1","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5187.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-5188","severity":"critical","public_date":"2018-06-26T00:00:00Z","advisories":["RHSA-2018:2251","RHSA-2018:2113","RHSA-2018:2112","RHSA-2018:2252"],"bugzilla":"1595040","bugzilla_description":"CVE-2018-5188 Mozilla: Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and Firefox ESR 52.9","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["thunderbird-0:52.9.1-1.el7_5","firefox-0:60.1.0-4.el7_5","firefox-0:60.1.0-5.el6","thunderbird-0:52.9.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5188.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-12373","severity":"important","public_date":"2018-05-27T00:00:00Z","advisories":["RHSA-2018:2251","RHSA-2018:2252"],"bugzilla":"1598529","bugzilla_description":"CVE-2018-12373 thunderbird: S/MIME plaintext can be leaked through HTML reply/forward","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-212","affected_packages":["thunderbird-0:52.9.1-1.el7_5","thunderbird-0:52.9.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12373.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2018-5184","severity":"important","public_date":"2018-05-18T00:00:00Z","advisories":["RHSA-2018:1725","RHSA-2018:1726"],"bugzilla":"1580236","bugzilla_description":"CVE-2018-5184 Mozilla: Full plaintext recovery in S/MIME via chosen-ciphertext attack","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["thunderbird-0:52.8.0-2.el6_9","thunderbird-0:52.8.0-1.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5184.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2018-5161","severity":"moderate","public_date":"2018-05-18T00:00:00Z","advisories":["RHSA-2018:1725","RHSA-2018:1726"],"bugzilla":"1580237","bugzilla_description":"CVE-2018-5161 Mozilla: Hang via malformed headers","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["thunderbird-0:52.8.0-2.el6_9","thunderbird-0:52.8.0-1.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5161.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2018-5162","severity":"moderate","public_date":"2018-05-18T00:00:00Z","advisories":["RHSA-2018:1725","RHSA-2018:1726"],"bugzilla":"1580239","bugzilla_description":"CVE-2018-5162 Mozilla: Encrypted mail leaks plaintext through src attribute","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["thunderbird-0:52.8.0-2.el6_9","thunderbird-0:52.8.0-1.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5162.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2018-5170","severity":"moderate","public_date":"2018-05-18T00:00:00Z","advisories":["RHSA-2018:1725","RHSA-2018:1726"],"bugzilla":"1580240","bugzilla_description":"CVE-2018-5170 Mozilla: Filename spoofing for external attachments","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["thunderbird-0:52.8.0-2.el6_9","thunderbird-0:52.8.0-1.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5170.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N","cvss3_score":"4.2"},{"CVE":"CVE-2018-5185","severity":"low","public_date":"2018-05-18T00:00:00Z","advisories":["RHSA-2018:1725","RHSA-2018:1726"],"bugzilla":"1580241","bugzilla_description":"CVE-2018-5185 Mozilla: Leaking plaintext through HTML forms","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["thunderbird-0:52.8.0-2.el6_9","thunderbird-0:52.8.0-1.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5185.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2017-17688","severity":"moderate","public_date":"2018-05-14T00:00:00Z","advisories":[],"bugzilla":"1577906","bugzilla_description":"CVE-2017-17688 OpenPGP: CFB gadget attacks allows to exfiltrate plaintext out of encrypted emails","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17688.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2017-17689","severity":"moderate","public_date":"2018-05-14T00:00:00Z","advisories":[],"bugzilla":"1577909","bugzilla_description":"CVE-2017-17689 S/MIME: CBC gadget attacks allows to exfiltrate plaintext out of encrypted emails","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17689.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2018-5150","severity":"critical","public_date":"2018-05-09T00:00:00Z","advisories":["RHSA-2018:1725","RHSA-2018:1726","RHSA-2018:1415","RHSA-2018:1414"],"bugzilla":"1576250","bugzilla_description":"CVE-2018-5150 Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["thunderbird-0:52.8.0-2.el6_9","thunderbird-0:52.8.0-1.el7_5","firefox-0:52.8.0-1.el7_5","firefox-0:52.8.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5150.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-5151","severity":"critical","public_date":"2018-05-09T00:00:00Z","advisories":[],"bugzilla":"1576251","bugzilla_description":"CVE-2018-5151 Mozilla: Memory safety bugs fixed in Firefox 60","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5151.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-5152","severity":"moderate","public_date":"2018-05-09T00:00:00Z","advisories":[],"bugzilla":"1576252","bugzilla_description":"CVE-2018-5152 Mozilla: WebExtensions information leak through webRequest API","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5152.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-5153","severity":"moderate","public_date":"2018-05-09T00:00:00Z","advisories":[],"bugzilla":"1576253","bugzilla_description":"CVE-2018-5153 Mozilla: Out-of-bounds read in mixed content websocket messages","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5153.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-5154","severity":"important","public_date":"2018-05-09T00:00:00Z","advisories":["RHSA-2018:1725","RHSA-2018:1726","RHSA-2018:1415","RHSA-2018:1414"],"bugzilla":"1576255","bugzilla_description":"CVE-2018-5154 Mozilla: Use-after-free with SVG animations and clip paths","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["thunderbird-0:52.8.0-2.el6_9","thunderbird-0:52.8.0-1.el7_5","firefox-0:52.8.0-1.el7_5","firefox-0:52.8.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5154.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-5155","severity":"important","public_date":"2018-05-09T00:00:00Z","advisories":["RHSA-2018:1725","RHSA-2018:1726","RHSA-2018:1415","RHSA-2018:1414"],"bugzilla":"1576257","bugzilla_description":"CVE-2018-5155 Mozilla: Use-after-free with SVG animations and text paths","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["thunderbird-0:52.8.0-2.el6_9","thunderbird-0:52.8.0-1.el7_5","firefox-0:52.8.0-1.el7_5","firefox-0:52.8.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5155.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-5157","severity":"important","public_date":"2018-05-09T00:00:00Z","advisories":["RHSA-2018:1415","RHSA-2018:1414"],"bugzilla":"1576258","bugzilla_description":"CVE-2018-5157 Mozilla: Same-origin bypass of PDF Viewer to view protected PDF files","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-829","affected_packages":["firefox-0:52.8.0-1.el7_5","firefox-0:52.8.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5157.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-5158","severity":"important","public_date":"2018-05-09T00:00:00Z","advisories":["RHSA-2018:1415","RHSA-2018:1414"],"bugzilla":"1576259","bugzilla_description":"CVE-2018-5158 Mozilla: Malicious PDF can inject JavaScript into PDF Viewer","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-95","affected_packages":["firefox-0:52.8.0-1.el7_5","firefox-0:52.8.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5158.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-5159","severity":"important","public_date":"2018-05-09T00:00:00Z","advisories":["RHSA-2018:1725","RHSA-2018:1726","RHSA-2018:1415","RHSA-2018:1414"],"bugzilla":"1576260","bugzilla_description":"CVE-2018-5159 Mozilla: Integer overflow and out-of-bounds write in Skia","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190->CWE-120","affected_packages":["thunderbird-0:52.8.0-2.el6_9","thunderbird-0:52.8.0-1.el7_5","firefox-0:52.8.0-1.el7_5","firefox-0:52.8.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5159.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-5160","severity":"important","public_date":"2018-05-09T00:00:00Z","advisories":[],"bugzilla":"1576261","bugzilla_description":"CVE-2018-5160 Mozilla: Uninitialized memory use by WebRTC encoder","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5160.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-5163","severity":"moderate","public_date":"2018-05-09T00:00:00Z","advisories":[],"bugzilla":"1576262","bugzilla_description":"CVE-2018-5163 Mozilla: Replacing cached data in JavaScript Start-up Bytecode Cache","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-829","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5163.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-5164","severity":"moderate","public_date":"2018-05-09T00:00:00Z","advisories":[],"bugzilla":"1576263","bugzilla_description":"CVE-2018-5164 Mozilla: CSP not applied to all multipart content sent with multipart/x-mixed-replace","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-829","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5164.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-5165","severity":"low","public_date":"2018-05-09T00:00:00Z","advisories":[],"bugzilla":"1576266","bugzilla_description":"CVE-2018-5165 Mozilla: Checkbox for enabling Flash protected mode is inverted in 32-bit Firefox","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-451","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5165.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","cvss3_score":"5.4"},{"CVE":"CVE-2018-5166","severity":"moderate","public_date":"2018-05-09T00:00:00Z","advisories":[],"bugzilla":"1576267","bugzilla_description":"CVE-2018-5166 Mozilla: WebExtension host permission bypass through filterReponseData","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-266","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5166.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-5167","severity":"moderate","public_date":"2018-05-09T00:00:00Z","advisories":[],"bugzilla":"1576268","bugzilla_description":"CVE-2018-5167 Mozilla: Improper linkification of chrome: and javascript: content in web console and JavaScript debugger","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5167.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-5168","severity":"moderate","public_date":"2018-05-09T00:00:00Z","advisories":["RHSA-2018:1725","RHSA-2018:1726","RHSA-2018:1415","RHSA-2018:1414"],"bugzilla":"1576269","bugzilla_description":"CVE-2018-5168 Mozilla: Lightweight themes can be installed without user interaction","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-862","affected_packages":["thunderbird-0:52.8.0-2.el6_9","thunderbird-0:52.8.0-1.el7_5","firefox-0:52.8.0-1.el7_5","firefox-0:52.8.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5168.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-5169","severity":"moderate","public_date":"2018-05-09T00:00:00Z","advisories":[],"bugzilla":"1576270","bugzilla_description":"CVE-2018-5169 Mozilla: Dragging and dropping link text onto home button can set home page to include chrome pages","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-862","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5169.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-5172","severity":"moderate","public_date":"2018-05-09T00:00:00Z","advisories":[],"bugzilla":"1576271","bugzilla_description":"CVE-2018-5172 Mozilla: Pasted script from clipboard can run in the Live Bookmarks page or PDF viewer","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-77","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5172.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-5173","severity":"moderate","public_date":"2018-05-09T00:00:00Z","advisories":[],"bugzilla":"1576272","bugzilla_description":"CVE-2018-5173 Mozilla: File name spoofing of Downloads panel with Unicode characters","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-451","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5173.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-5174","severity":"moderate","public_date":"2018-05-09T00:00:00Z","advisories":[],"bugzilla":"1576274","bugzilla_description":"CVE-2018-5174 Mozilla: Windows Defender SmartScreen UI runs with less secure behavior for downloaded files in Windows 10 April 2018 Update","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-451","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5174.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-5175","severity":"moderate","public_date":"2018-05-09T00:00:00Z","advisories":[],"bugzilla":"1576275","bugzilla_description":"CVE-2018-5175 Mozilla: Universal CSP bypass on sites using strict-dynamic in their policies","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5175.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-5176","severity":"moderate","public_date":"2018-05-09T00:00:00Z","advisories":[],"bugzilla":"1576276","bugzilla_description":"CVE-2018-5176 Mozilla: JSON Viewer script injection","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5176.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-5177","severity":"moderate","public_date":"2018-05-09T00:00:00Z","advisories":[],"bugzilla":"1576277","bugzilla_description":"CVE-2018-5177 Mozilla: Buffer overflow in XSLT during number formatting","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5177.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-5178","severity":"moderate","public_date":"2018-05-09T00:00:00Z","advisories":["RHSA-2018:1725","RHSA-2018:1726","RHSA-2018:1415","RHSA-2018:1414"],"bugzilla":"1576278","bugzilla_description":"CVE-2018-5178 Mozilla: Buffer overflow during UTF-8 to Unicode string conversion through legacy extension","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["thunderbird-0:52.8.0-2.el6_9","thunderbird-0:52.8.0-1.el7_5","firefox-0:52.8.0-1.el7_5","firefox-0:52.8.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5178.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-5180","severity":"low","public_date":"2018-05-09T00:00:00Z","advisories":[],"bugzilla":"1576279","bugzilla_description":"CVE-2018-5180 Mozilla: heap-use-after-free in mozilla::WebGLContext::DrawElementsInstanced","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5180.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-5181","severity":"low","public_date":"2018-05-09T00:00:00Z","advisories":[],"bugzilla":"1576280","bugzilla_description":"CVE-2018-5181 Mozilla: Local file can be displayed in noopener tab through drag and drop of hyperlink","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5181.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2018-5182","severity":"low","public_date":"2018-05-09T00:00:00Z","advisories":[],"bugzilla":"1576281","bugzilla_description":"CVE-2018-5182 Mozilla: Local file can be displayed from hyperlink dragged and dropped on addressbar","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5182.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2018-5183","severity":"critical","public_date":"2018-05-09T00:00:00Z","advisories":["RHSA-2018:1725","RHSA-2018:1726","RHSA-2018:1415","RHSA-2018:1414"],"bugzilla":"1576283","bugzilla_description":"CVE-2018-5183 Mozilla: Backport critical security fixes in Skia","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["thunderbird-0:52.8.0-2.el6_9","thunderbird-0:52.8.0-1.el7_5","firefox-0:52.8.0-1.el7_5","firefox-0:52.8.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5183.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-5146","severity":"critical","public_date":"2018-03-16T00:00:00Z","advisories":["RHSA-2018:0649","RHSA-2018:0647","RHSA-2018:0549","RHSA-2018:0648","RHSA-2018:1058"],"bugzilla":"1557221","bugzilla_description":"CVE-2018-5146 Mozilla: Vorbis audio processing out of bounds write (MFSA 2018-08)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["libvorbis-1:1.2.3-5.el6_9.1","libvorbis-1:1.3.3-8.el7.1","thunderbird-0:52.7.0-1.el7_4","thunderbird-0:52.7.0-1.el6_9","firefox-0:52.7.2-1.el6_9","firefox-0:52.7.2-1.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5146.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-5125","severity":"critical","public_date":"2018-03-14T00:00:00Z","advisories":["RHSA-2018:0526","RHSA-2018:0647","RHSA-2018:0527","RHSA-2018:0648"],"bugzilla":"1555127","bugzilla_description":"CVE-2018-5125 Mozilla: Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7 (MFSA 2018-07)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["firefox-0:52.7.0-1.el7_4","thunderbird-0:52.7.0-1.el7_4","firefox-0:52.7.0-1.el6_9","thunderbird-0:52.7.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5125.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-5127","severity":"important","public_date":"2018-03-14T00:00:00Z","advisories":["RHSA-2018:0526","RHSA-2018:0647","RHSA-2018:0527","RHSA-2018:0648"],"bugzilla":"1555128","bugzilla_description":"CVE-2018-5127 Mozilla: Buffer overflow manipulating SVG animatedPathSegList (MFSA 2018-07)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["firefox-0:52.7.0-1.el7_4","thunderbird-0:52.7.0-1.el7_4","firefox-0:52.7.0-1.el6_9","thunderbird-0:52.7.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5127.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-5129","severity":"important","public_date":"2018-03-14T00:00:00Z","advisories":["RHSA-2018:0526","RHSA-2018:0647","RHSA-2018:0527","RHSA-2018:0648"],"bugzilla":"1555129","bugzilla_description":"CVE-2018-5129 Mozilla: Out-of-bounds write with malformed IPC messages (MFSA 2018-07)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":["firefox-0:52.7.0-1.el7_4","thunderbird-0:52.7.0-1.el7_4","firefox-0:52.7.0-1.el6_9","thunderbird-0:52.7.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5129.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-5130","severity":"important","public_date":"2018-03-14T00:00:00Z","advisories":["RHSA-2018:0526","RHSA-2018:0527"],"bugzilla":"1555130","bugzilla_description":"CVE-2018-5130 Mozilla: Mismatched RTP payload type can trigger memory corruption (MFSA 2018-07)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["firefox-0:52.7.0-1.el7_4","firefox-0:52.7.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5130.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-5131","severity":"moderate","public_date":"2018-03-14T00:00:00Z","advisories":["RHSA-2018:0526","RHSA-2018:0527"],"bugzilla":"1555131","bugzilla_description":"CVE-2018-5131 Mozilla: Fetch API improperly returns cached copies of no-store/no-cache resources (MFSA 2018-07)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-212","affected_packages":["firefox-0:52.7.0-1.el7_4","firefox-0:52.7.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5131.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-5144","severity":"moderate","public_date":"2018-03-14T00:00:00Z","advisories":["RHSA-2018:0526","RHSA-2018:0647","RHSA-2018:0527","RHSA-2018:0648"],"bugzilla":"1555132","bugzilla_description":"CVE-2018-5144 Mozilla: Integer overflow during Unicode conversion (MFSA 2018-07)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":["firefox-0:52.7.0-1.el7_4","thunderbird-0:52.7.0-1.el7_4","firefox-0:52.7.0-1.el6_9","thunderbird-0:52.7.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5144.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-5145","severity":"critical","public_date":"2018-03-14T00:00:00Z","advisories":["RHSA-2018:0526","RHSA-2018:0647","RHSA-2018:0527","RHSA-2018:0648"],"bugzilla":"1555133","bugzilla_description":"CVE-2018-5145 Mozilla: Memory safety bugs fixed in Firefox ESR 52.7 (MFSA 2018-07)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["firefox-0:52.7.0-1.el7_4","thunderbird-0:52.7.0-1.el7_4","firefox-0:52.7.0-1.el6_9","thunderbird-0:52.7.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5145.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-7999","severity":"low","public_date":"2018-03-05T00:00:00Z","advisories":[],"bugzilla":"1554380","bugzilla_description":"CVE-2018-7999 graphite2: NULL pointer dereference in Segment.cpp in libgraphite2","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7999.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2018-5089","severity":"critical","public_date":"2018-01-23T00:00:00Z","advisories":["RHSA-2018:0122","RHSA-2018:0262"],"bugzilla":"1537417","bugzilla_description":"CVE-2018-5089 Mozilla: Memory safety bugs fixed in Firefox 58 and Firefox ESR 52.6 (MFSA 2018-03)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["firefox-0:52.6.0-1.el7_4","firefox-0:52.6.0-1.el6_9","thunderbird-0:52.6.0-1.el6_9","thunderbird-0:52.6.0-1.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5089.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-5091","severity":"critical","public_date":"2018-01-23T00:00:00Z","advisories":["RHSA-2018:0122"],"bugzilla":"1537814","bugzilla_description":"CVE-2018-5091 Mozilla: Use-after-free with DTMF timers (MFSA 2018-03)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:52.6.0-1.el7_4","firefox-0:52.6.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5091.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-5095","severity":"important","public_date":"2018-01-23T00:00:00Z","advisories":["RHSA-2018:0122","RHSA-2018:0262"],"bugzilla":"1537817","bugzilla_description":"CVE-2018-5095 Mozilla: Integer overflow in Skia library during edge builder allocation (MFSA 2018-03)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190->CWE-120","affected_packages":["firefox-0:52.6.0-1.el7_4","firefox-0:52.6.0-1.el6_9","thunderbird-0:52.6.0-1.el6_9","thunderbird-0:52.6.0-1.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5095.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-5096","severity":"important","public_date":"2018-01-23T00:00:00Z","advisories":["RHSA-2018:0122","RHSA-2018:0262"],"bugzilla":"1537818","bugzilla_description":"CVE-2018-5096 Mozilla: Use-after-free while editing form elements (MFSA 2018-03)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:52.6.0-1.el7_4","firefox-0:52.6.0-1.el6_9","thunderbird-0:52.6.0-1.el6_9","thunderbird-0:52.6.0-1.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5096.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-5097","severity":"important","public_date":"2018-01-23T00:00:00Z","advisories":["RHSA-2018:0122","RHSA-2018:0262"],"bugzilla":"1537819","bugzilla_description":"CVE-2018-5097 Mozilla: Use-after-free when source document is manipulated during XSLT (MFSA 2018-03)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:52.6.0-1.el7_4","firefox-0:52.6.0-1.el6_9","thunderbird-0:52.6.0-1.el6_9","thunderbird-0:52.6.0-1.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5097.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-5098","severity":"important","public_date":"2018-01-23T00:00:00Z","advisories":["RHSA-2018:0122","RHSA-2018:0262"],"bugzilla":"1537820","bugzilla_description":"CVE-2018-5098 Mozilla: Use-after-free while manipulating form input elements (MFSA 2018-03)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:52.6.0-1.el7_4","firefox-0:52.6.0-1.el6_9","thunderbird-0:52.6.0-1.el6_9","thunderbird-0:52.6.0-1.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5098.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-5099","severity":"important","public_date":"2018-01-23T00:00:00Z","advisories":["RHSA-2018:0122","RHSA-2018:0262"],"bugzilla":"1537821","bugzilla_description":"CVE-2018-5099 Mozilla: Use-after-free with widget listener (MFSA 2018-03)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:52.6.0-1.el7_4","firefox-0:52.6.0-1.el6_9","thunderbird-0:52.6.0-1.el6_9","thunderbird-0:52.6.0-1.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5099.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-5102","severity":"important","public_date":"2018-01-23T00:00:00Z","advisories":["RHSA-2018:0122","RHSA-2018:0262"],"bugzilla":"1537822","bugzilla_description":"CVE-2018-5102 Mozilla: Use-after-free in HTML media elements (MFSA 2018-03)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:52.6.0-1.el7_4","firefox-0:52.6.0-1.el6_9","thunderbird-0:52.6.0-1.el6_9","thunderbird-0:52.6.0-1.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5102.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-5103","severity":"important","public_date":"2018-01-23T00:00:00Z","advisories":["RHSA-2018:0122","RHSA-2018:0262"],"bugzilla":"1537823","bugzilla_description":"CVE-2018-5103 Mozilla: Use-after-free during mouse event handling (MFSA 2018-03)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:52.6.0-1.el7_4","firefox-0:52.6.0-1.el6_9","thunderbird-0:52.6.0-1.el6_9","thunderbird-0:52.6.0-1.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5103.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-5104","severity":"important","public_date":"2018-01-23T00:00:00Z","advisories":["RHSA-2018:0122","RHSA-2018:0262"],"bugzilla":"1537824","bugzilla_description":"CVE-2018-5104 Mozilla: Use-after-free during font face manipulation (MFSA 2018-03)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:52.6.0-1.el7_4","firefox-0:52.6.0-1.el6_9","thunderbird-0:52.6.0-1.el6_9","thunderbird-0:52.6.0-1.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5104.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-5117","severity":"moderate","public_date":"2018-01-23T00:00:00Z","advisories":["RHSA-2018:0122","RHSA-2018:0262"],"bugzilla":"1537825","bugzilla_description":"CVE-2018-5117 Mozilla: URL spoofing with right-to-left text aligned left-to-right (MFSA 2018-03)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-451","affected_packages":["firefox-0:52.6.0-1.el7_4","firefox-0:52.6.0-1.el6_9","thunderbird-0:52.6.0-1.el6_9","thunderbird-0:52.6.0-1.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5117.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2017-7846","severity":"important","public_date":"2017-12-22T00:00:00Z","advisories":["RHSA-2018:0061"],"bugzilla":"1530187","bugzilla_description":"CVE-2017-7846 Mozilla: JavaScript Execution via RSS in mailbox:// origin","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["thunderbird-0:52.5.2-1.el7_4","thunderbird-0:52.5.2-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7846.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2017-7847","severity":"moderate","public_date":"2017-12-22T00:00:00Z","advisories":["RHSA-2018:0061"],"bugzilla":"1530190","bugzilla_description":"CVE-2017-7847 Mozilla: Local path string can be leaked from RSS feed","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["thunderbird-0:52.5.2-1.el7_4","thunderbird-0:52.5.2-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7847.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.7"},{"CVE":"CVE-2017-7848","severity":"moderate","public_date":"2017-12-22T00:00:00Z","advisories":["RHSA-2018:0061"],"bugzilla":"1530192","bugzilla_description":"CVE-2017-7848 Mozilla: RSS Feed vulnerable to new line Injection","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["thunderbird-0:52.5.2-1.el7_4","thunderbird-0:52.5.2-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7848.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.7"},{"CVE":"CVE-2017-7826","severity":"critical","public_date":"2017-11-15T00:00:00Z","advisories":["RHSA-2017:3372","RHSA-2017:3247"],"bugzilla":"1513308","bugzilla_description":"CVE-2017-7826 Mozilla: Memory safety bugs fixed in Firefox 57 and Firefox ESR 52.5 (MFSA 2017-25)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["thunderbird-0:52.5.0-1.el6_9","firefox-0:52.5.0-1.el7_4","thunderbird-0:52.5.0-1.el7_4","firefox-0:52.5.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7826.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-7828","severity":"critical","public_date":"2017-11-15T00:00:00Z","advisories":["RHSA-2017:3372","RHSA-2017:3247"],"bugzilla":"1513310","bugzilla_description":"CVE-2017-7828 Mozilla: Use-after-free of PressShell while restyling layout (MFSA 2017-25)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["thunderbird-0:52.5.0-1.el6_9","firefox-0:52.5.0-1.el7_4","thunderbird-0:52.5.0-1.el7_4","firefox-0:52.5.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7828.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-7830","severity":"important","public_date":"2017-11-15T00:00:00Z","advisories":["RHSA-2017:3372","RHSA-2017:3247"],"bugzilla":"1513311","bugzilla_description":"CVE-2017-7830 Mozilla: Cross-origin URL information leak through Resource Timing API (MFSA 2017-25)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["thunderbird-0:52.5.0-1.el6_9","firefox-0:52.5.0-1.el7_4","thunderbird-0:52.5.0-1.el7_4","firefox-0:52.5.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7830.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-16541","severity":"moderate","public_date":"2017-11-03T00:00:00Z","advisories":["RHSA-2018:3403","RHSA-2018:3458","RHSA-2018:2692","RHSA-2018:2693"],"bugzilla":"1510816","bugzilla_description":"CVE-2017-16541 Mozilla: Proxy bypass using automount and autofs","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:60.2.0-1.el6","thunderbird-0:60.2.1-4.el7_5","thunderbird-0:60.2.1-5.el6","firefox-0:60.2.0-1.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16541.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2017-16231","severity":null,"public_date":"2017-11-01T00:00:00Z","advisories":[],"bugzilla":"1700392","bugzilla_description":"CVE-2017-16231 pcre: self-recursive call in match() in pcre_exec.c leads to denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119->CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16231.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-7793","severity":"important","public_date":"2017-09-28T00:00:00Z","advisories":["RHSA-2017:2831","RHSA-2017:2885"],"bugzilla":"1496649","bugzilla_description":"CVE-2017-7793 Mozilla: Use-after-free with Fetch API (MFSA 2017-22)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:52.4.0-1.el6_9","firefox-0:52.4.0-1.el7_4","thunderbird-0:52.4.0-2.el7_4","thunderbird-0:52.4.0-2.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7793.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-7810","severity":"critical","public_date":"2017-09-28T00:00:00Z","advisories":["RHSA-2017:2831","RHSA-2017:2885"],"bugzilla":"1496651","bugzilla_description":"CVE-2017-7810 Mozilla: Memory safety bugs fixed in Firefox 56 and Firefox ESR 52.4 (MFSA 2017-22)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-120|CWE-121|CWE-122)","affected_packages":["firefox-0:52.4.0-1.el6_9","firefox-0:52.4.0-1.el7_4","thunderbird-0:52.4.0-2.el7_4","thunderbird-0:52.4.0-2.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7810.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-7814","severity":"moderate","public_date":"2017-09-28T00:00:00Z","advisories":["RHSA-2017:2831","RHSA-2017:2885"],"bugzilla":"1496652","bugzilla_description":"CVE-2017-7814 Mozilla: Blob and data URLs bypass phishing and malware protection warnings (MFSA 2017-22)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-494","affected_packages":["firefox-0:52.4.0-1.el6_9","firefox-0:52.4.0-1.el7_4","thunderbird-0:52.4.0-2.el7_4","thunderbird-0:52.4.0-2.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7814.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2017-7818","severity":"important","public_date":"2017-09-28T00:00:00Z","advisories":["RHSA-2017:2831","RHSA-2017:2885"],"bugzilla":"1496653","bugzilla_description":"CVE-2017-7818 Mozilla: Use-after-free during ARIA array manipulation (MFSA 2017-22)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:52.4.0-1.el6_9","firefox-0:52.4.0-1.el7_4","thunderbird-0:52.4.0-2.el7_4","thunderbird-0:52.4.0-2.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7818.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-7819","severity":"important","public_date":"2017-09-28T00:00:00Z","advisories":["RHSA-2017:2831","RHSA-2017:2885"],"bugzilla":"1496654","bugzilla_description":"CVE-2017-7819 Mozilla: Use-after-free while resizing images in design mode (MFSA 2017-22)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["firefox-0:52.4.0-1.el6_9","firefox-0:52.4.0-1.el7_4","thunderbird-0:52.4.0-2.el7_4","thunderbird-0:52.4.0-2.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7819.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-7823","severity":"moderate","public_date":"2017-09-28T00:00:00Z","advisories":["RHSA-2017:2831","RHSA-2017:2885"],"bugzilla":"1496655","bugzilla_description":"CVE-2017-7823 Mozilla: CSP sandbox directive did not create a unique origin (MFSA 2017-22)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":["firefox-0:52.4.0-1.el6_9","firefox-0:52.4.0-1.el7_4","thunderbird-0:52.4.0-2.el7_4","thunderbird-0:52.4.0-2.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7823.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2017-7824","severity":"important","public_date":"2017-09-28T00:00:00Z","advisories":["RHSA-2017:2831","RHSA-2017:2885"],"bugzilla":"1496656","bugzilla_description":"CVE-2017-7824 Mozilla: Buffer overflow when drawing and validating elements with ANGLE (MFSA 2017-22)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["firefox-0:52.4.0-1.el6_9","firefox-0:52.4.0-1.el7_4","thunderbird-0:52.4.0-2.el7_4","thunderbird-0:52.4.0-2.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7824.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-7825","severity":"moderate","public_date":"2017-09-28T00:00:00Z","advisories":[],"bugzilla":"1496657","bugzilla_description":"CVE-2017-7825 Mozilla: OS X fonts render some Tibetan and Arabic unicode characters as spaces (MFSA 2017-22)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7825.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2017-7809","severity":"important","public_date":"2017-08-09T00:00:00Z","advisories":["RHSA-2017:2534","RHSA-2017:2456"],"bugzilla":"1479650","bugzilla_description":"CVE-2017-7809 Mozilla: Use-after-free while deleting attached editor DOM node (MFSA 2017-19)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["thunderbird-0:52.3.0-1.el6_9","firefox-0:52.3.0-2.el7_4","thunderbird-0:52.3.0-1.el7_4","firefox-0:52.3.0-3.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7809.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-7753","severity":"important","public_date":"2017-08-08T00:00:00Z","advisories":["RHSA-2017:2534","RHSA-2017:2456"],"bugzilla":"1479188","bugzilla_description":"CVE-2017-7753 Mozilla: Out-of-bounds read with cached style data and pseudo-elements (MFSA 2017-19)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["thunderbird-0:52.3.0-1.el6_9","firefox-0:52.3.0-2.el7_4","thunderbird-0:52.3.0-1.el7_4","firefox-0:52.3.0-3.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7753.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-7779","severity":"critical","public_date":"2017-08-08T00:00:00Z","advisories":["RHSA-2017:2534","RHSA-2017:2456"],"bugzilla":"1479191","bugzilla_description":"CVE-2017-7779 Mozilla: Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3 (MFSA 2017-19)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["thunderbird-0:52.3.0-1.el6_9","firefox-0:52.3.0-2.el7_4","thunderbird-0:52.3.0-1.el7_4","firefox-0:52.3.0-3.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7779.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-7784","severity":"important","public_date":"2017-08-08T00:00:00Z","advisories":["RHSA-2017:2534","RHSA-2017:2456"],"bugzilla":"1479201","bugzilla_description":"CVE-2017-7784 Mozilla: Use-after-free with image observers (MFSA 2017-19)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["thunderbird-0:52.3.0-1.el6_9","firefox-0:52.3.0-2.el7_4","thunderbird-0:52.3.0-1.el7_4","firefox-0:52.3.0-3.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7784.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-7785","severity":"important","public_date":"2017-08-08T00:00:00Z","advisories":["RHSA-2017:2534","RHSA-2017:2456"],"bugzilla":"1479203","bugzilla_description":"CVE-2017-7785 Mozilla: Buffer overflow manipulating ARIA elements in DOM (MFSA 2017-19)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["thunderbird-0:52.3.0-1.el6_9","firefox-0:52.3.0-2.el7_4","thunderbird-0:52.3.0-1.el7_4","firefox-0:52.3.0-3.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7785.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-7786","severity":"important","public_date":"2017-08-08T00:00:00Z","advisories":["RHSA-2017:2534","RHSA-2017:2456"],"bugzilla":"1479205","bugzilla_description":"CVE-2017-7786 Mozilla: Buffer overflow while painting non-displayable SVG (MFSA 2017-19)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["thunderbird-0:52.3.0-1.el6_9","firefox-0:52.3.0-2.el7_4","thunderbird-0:52.3.0-1.el7_4","firefox-0:52.3.0-3.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7786.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-7787","severity":"important","public_date":"2017-08-08T00:00:00Z","advisories":["RHSA-2017:2534","RHSA-2017:2456"],"bugzilla":"1479206","bugzilla_description":"CVE-2017-7787 Mozilla: Same-origin policy bypass with iframes through page reloads (MFSA 2017-19)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-863","affected_packages":["thunderbird-0:52.3.0-1.el6_9","firefox-0:52.3.0-2.el7_4","thunderbird-0:52.3.0-1.el7_4","firefox-0:52.3.0-3.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7787.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-7791","severity":"moderate","public_date":"2017-08-08T00:00:00Z","advisories":["RHSA-2017:2534","RHSA-2017:2456"],"bugzilla":"1479209","bugzilla_description":"CVE-2017-7791 Mozilla: Spoofing following page navigation with data: protocol and modal alerts (MFSA 2017-19)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-829","affected_packages":["thunderbird-0:52.3.0-1.el6_9","firefox-0:52.3.0-2.el7_4","thunderbird-0:52.3.0-1.el7_4","firefox-0:52.3.0-3.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7791.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N","cvss3_score":"9.3"},{"CVE":"CVE-2017-7792","severity":"important","public_date":"2017-08-08T00:00:00Z","advisories":["RHSA-2017:2534","RHSA-2017:2456"],"bugzilla":"1479210","bugzilla_description":"CVE-2017-7792 Mozilla: Buffer overflow viewing certificates with long OID (MFSA 2017-19)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["thunderbird-0:52.3.0-1.el6_9","firefox-0:52.3.0-2.el7_4","thunderbird-0:52.3.0-1.el7_4","firefox-0:52.3.0-3.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7792.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-7800","severity":"critical","public_date":"2017-08-08T00:00:00Z","advisories":["RHSA-2017:2534","RHSA-2017:2456"],"bugzilla":"1479218","bugzilla_description":"CVE-2017-7800 Mozilla: Use-after-free in WebSockets during disconnection (MFSA 2017-19)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["thunderbird-0:52.3.0-1.el6_9","firefox-0:52.3.0-2.el7_4","thunderbird-0:52.3.0-1.el7_4","firefox-0:52.3.0-3.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7800.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-7801","severity":"critical","public_date":"2017-08-08T00:00:00Z","advisories":["RHSA-2017:2534","RHSA-2017:2456"],"bugzilla":"1479223","bugzilla_description":"CVE-2017-7801 Mozilla: Use-after-free with marquee during window resizing","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["thunderbird-0:52.3.0-1.el6_9","firefox-0:52.3.0-2.el7_4","thunderbird-0:52.3.0-1.el7_4","firefox-0:52.3.0-3.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7801.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-7802","severity":"important","public_date":"2017-08-08T00:00:00Z","advisories":["RHSA-2017:2534","RHSA-2017:2456"],"bugzilla":"1479224","bugzilla_description":"CVE-2017-7802 Mozilla: Use-after-free resizing image elements (MFSA 2017-19)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["thunderbird-0:52.3.0-1.el6_9","firefox-0:52.3.0-2.el7_4","thunderbird-0:52.3.0-1.el7_4","firefox-0:52.3.0-3.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7802.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-7803","severity":"moderate","public_date":"2017-08-08T00:00:00Z","advisories":["RHSA-2017:2534","RHSA-2017:2456"],"bugzilla":"1479225","bugzilla_description":"CVE-2017-7803 Mozilla: CSP directives improperly applied with sandbox flag in iframes (MFSA 2017-19)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-863","affected_packages":["thunderbird-0:52.3.0-1.el6_9","firefox-0:52.3.0-2.el7_4","thunderbird-0:52.3.0-1.el7_4","firefox-0:52.3.0-3.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7803.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2017-7807","severity":"important","public_date":"2017-08-08T00:00:00Z","advisories":["RHSA-2017:2534","RHSA-2017:2456"],"bugzilla":"1479227","bugzilla_description":"CVE-2017-7807 Mozilla: Domain hijacking through appcache fallback (MFSA 2017-19)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-829","affected_packages":["thunderbird-0:52.3.0-1.el6_9","firefox-0:52.3.0-2.el7_4","thunderbird-0:52.3.0-1.el7_4","firefox-0:52.3.0-3.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7807.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-5472","severity":"critical","public_date":"2017-06-14T00:00:00Z","advisories":["RHSA-2017:1440","RHSA-2017:1561"],"bugzilla":"1461252","bugzilla_description":"CVE-2017-5472 Mozilla: Use-after-free using destroyed node when regenerating trees (MFSA 2017-16)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.2.0-1.el6_9","firefox-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5472.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2017-7749","severity":"important","public_date":"2017-06-14T00:00:00Z","advisories":["RHSA-2017:1440","RHSA-2017:1561"],"bugzilla":"1461253","bugzilla_description":"CVE-2017-7749 Mozilla: Use-after-free during docshell reloading (MFSA 2017-16)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:52.2.0-1.el6_9","firefox-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7749.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2017-7750","severity":"important","public_date":"2017-06-14T00:00:00Z","advisories":["RHSA-2017:1440","RHSA-2017:1561"],"bugzilla":"1461254","bugzilla_description":"CVE-2017-7750 Mozilla: Use-after-free with track elements (MFSA 2017-16)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.2.0-1.el6_9","firefox-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7750.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2017-7751","severity":"important","public_date":"2017-06-14T00:00:00Z","advisories":["RHSA-2017:1440","RHSA-2017:1561"],"bugzilla":"1461255","bugzilla_description":"CVE-2017-7751 Mozilla: Use-after-free with content viewer listeners (MFSA 2017-16)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.2.0-1.el6_9","firefox-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7751.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2017-7752","severity":"moderate","public_date":"2017-06-14T00:00:00Z","advisories":["RHSA-2017:1440","RHSA-2017:1561"],"bugzilla":"1461256","bugzilla_description":"CVE-2017-7752 Mozilla: Use-after-free with IME input (MFSA 2017-16)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.2.0-1.el6_9","firefox-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7752.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2017-7754","severity":"moderate","public_date":"2017-06-14T00:00:00Z","advisories":["RHSA-2017:1440","RHSA-2017:1561"],"bugzilla":"1461257","bugzilla_description":"CVE-2017-7754 Mozilla: Out-of-bounds read in WebGL with ImageInfo object (MFSA 2017-16)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.2.0-1.el6_9","firefox-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7754.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2017-7756","severity":"important","public_date":"2017-06-14T00:00:00Z","advisories":["RHSA-2017:1440","RHSA-2017:1561"],"bugzilla":"1461258","bugzilla_description":"CVE-2017-7756 Mozilla: Use-after-free and use-after-scope logging XHR header errors (MFSA 2017-16)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.2.0-1.el6_9","firefox-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7756.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2017-7757","severity":"moderate","public_date":"2017-06-14T00:00:00Z","advisories":["RHSA-2017:1440","RHSA-2017:1561"],"bugzilla":"1461259","bugzilla_description":"CVE-2017-7757 Mozilla: Use-after-free in IndexedDB (MFSA 2017-16)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.2.0-1.el6_9","firefox-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7757.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2017-7778","severity":"important","public_date":"2017-06-14T00:00:00Z","advisories":["RHSA-2017:1440","RHSA-2017:1561","RHSA-2017:1793"],"bugzilla":"1461260","bugzilla_description":"CVE-2017-7778 Mozilla: Vulnerabilities in the Graphite 2 library (MFSA 2017-16)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.2.0-1.el6_9","firefox-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el7_3","graphite2-0:1.3.10-1.el7_3","thunderbird-0:52.2.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7778.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2017-7758","severity":"moderate","public_date":"2017-06-14T00:00:00Z","advisories":["RHSA-2017:1440","RHSA-2017:1561"],"bugzilla":"1461261","bugzilla_description":"CVE-2017-7758 Mozilla: Out-of-bounds read in Opus encoder (MFSA 2017-16)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.2.0-1.el6_9","firefox-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7758.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2017-7764","severity":"moderate","public_date":"2017-06-14T00:00:00Z","advisories":["RHSA-2017:1440","RHSA-2017:1561"],"bugzilla":"1461262","bugzilla_description":"CVE-2017-7764 Mozilla: Domain spoofing with combination of Canadian Syllabics and other unicode blocks (MFSA 2017-16)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.2.0-1.el6_9","firefox-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7764.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2017-5470","severity":"critical","public_date":"2017-06-14T00:00:00Z","advisories":["RHSA-2017:1440","RHSA-2017:1561"],"bugzilla":"1461264","bugzilla_description":"CVE-2017-5470 Mozilla: Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.2 (MFSA 2017-16)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.2.0-1.el6_9","firefox-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5470.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2017-9233","severity":"moderate","public_date":"2017-06-14T00:00:00Z","advisories":[],"bugzilla":"1462729","bugzilla_description":"CVE-2017-9233 expat: Inifinite loop due to invalid XML in external entity","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9233.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-7771","severity":"low","public_date":"2017-06-14T00:00:00Z","advisories":["RHSA-2017:1440","RHSA-2017:1561","RHSA-2017:1793"],"bugzilla":"1472212","bugzilla_description":"CVE-2017-7771 graphite2: out of bounds read in \"graphite2::Pass::readPass\"","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["firefox-0:52.2.0-1.el6_9","firefox-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el7_3","graphite2-0:1.3.10-1.el7_3","thunderbird-0:52.2.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7771.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"4.8"},{"CVE":"CVE-2017-7772","severity":"important","public_date":"2017-06-14T00:00:00Z","advisories":["RHSA-2017:1440","RHSA-2017:1561","RHSA-2017:1793"],"bugzilla":"1472213","bugzilla_description":"CVE-2017-7772 graphite2: heap-buffer-overflow write \"lz4::decompress\" (CVE-2017-7772)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["firefox-0:52.2.0-1.el6_9","firefox-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el7_3","graphite2-0:1.3.10-1.el7_3","thunderbird-0:52.2.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7772.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2017-7773","severity":"important","public_date":"2017-06-14T00:00:00Z","advisories":["RHSA-2017:1440","RHSA-2017:1561","RHSA-2017:1793"],"bugzilla":"1472215","bugzilla_description":"CVE-2017-7773 graphite2: heap-buffer-overflow write \"lz4::decompress\" (src/Decompressor)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["firefox-0:52.2.0-1.el6_9","firefox-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el7_3","graphite2-0:1.3.10-1.el7_3","thunderbird-0:52.2.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7773.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2017-7774","severity":"low","public_date":"2017-06-14T00:00:00Z","advisories":["RHSA-2017:1440","RHSA-2017:1561","RHSA-2017:1793"],"bugzilla":"1472219","bugzilla_description":"CVE-2017-7774 graphite2: out of bounds read \"graphite2::Silf::readGraphite\"","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["firefox-0:52.2.0-1.el6_9","firefox-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el7_3","graphite2-0:1.3.10-1.el7_3","thunderbird-0:52.2.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7774.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"4.8"},{"CVE":"CVE-2017-7775","severity":"low","public_date":"2017-06-14T00:00:00Z","advisories":["RHSA-2017:1440","RHSA-2017:1561","RHSA-2017:1793"],"bugzilla":"1472221","bugzilla_description":"CVE-2017-7775 graphite2: assertion error \"size() > n\"","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-617","affected_packages":["firefox-0:52.2.0-1.el6_9","firefox-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el7_3","graphite2-0:1.3.10-1.el7_3","thunderbird-0:52.2.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7775.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2017-7776","severity":"low","public_date":"2017-06-14T00:00:00Z","advisories":["RHSA-2017:1440","RHSA-2017:1561","RHSA-2017:1793"],"bugzilla":"1472223","bugzilla_description":"CVE-2017-7776 graphite2: heap-buffer-overflow read \"graphite2::Silf::getClassGlyph\"","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["firefox-0:52.2.0-1.el6_9","firefox-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el7_3","graphite2-0:1.3.10-1.el7_3","thunderbird-0:52.2.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7776.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"4.8"},{"CVE":"CVE-2017-7777","severity":"low","public_date":"2017-06-14T00:00:00Z","advisories":["RHSA-2017:1440","RHSA-2017:1561","RHSA-2017:1793"],"bugzilla":"1472225","bugzilla_description":"CVE-2017-7777 graphite2: use of uninitialized memory \"graphite2::GlyphCache::Loader::read_glyph\"","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-456","affected_packages":["firefox-0:52.2.0-1.el6_9","firefox-0:52.2.0-1.el7_3","thunderbird-0:52.2.0-1.el7_3","graphite2-0:1.3.10-1.el7_3","thunderbird-0:52.2.0-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7777.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"3.7"},{"CVE":"CVE-2017-7762","severity":"moderate","public_date":"2017-04-20T00:00:00Z","advisories":["RHSA-2018:2113","RHSA-2018:2112"],"bugzilla":"1590493","bugzilla_description":"CVE-2017-7762 Mozilla: address bar username and password spoofing in reader mode","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-290","affected_packages":["firefox-0:60.1.0-4.el7_5","firefox-0:60.1.0-5.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7762.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2017-5456","severity":"important","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1106"],"bugzilla":"1443297","bugzilla_description":"CVE-2017-5456 Mozilla: Sandbox escape allowing local file system read access (MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5456.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-5442","severity":"important","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443298","bugzilla_description":"CVE-2017-5442 Mozilla: Use-after-free during style changes (MFSA 2017-11, MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el6_9","thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5442.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-5443","severity":"important","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443299","bugzilla_description":"CVE-2017-5443 Mozilla: Out-of-bounds write during BinHex decoding (MFSA 2017-11, MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el6_9","thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5443.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-5429","severity":"critical","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443301","bugzilla_description":"CVE-2017-5429 Mozilla: Memory safety bugs fixed in Firefox 53, Firefox ESR 45.9, and Firefox ESR 52.1 (MFSA 2017-11, MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el6_9","thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5429.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-5464","severity":"important","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443303","bugzilla_description":"CVE-2017-5464 Mozilla: Memory corruption with accessibility and DOM manipulation (MFSA 2017-11, MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el6_9","thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5464.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-5465","severity":"important","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443304","bugzilla_description":"CVE-2017-5465 Mozilla: Out-of-bounds read in ConvolvePixel (MFSA 2017-11, MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el6_9","thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5465.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-5466","severity":"critical","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443305","bugzilla_description":"CVE-2017-5466 Mozilla: Origin confusion when reloading isolated data:text/html URL (MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5466.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-5467","severity":"moderate","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443307","bugzilla_description":"CVE-2017-5467 Mozilla: Memory corruption when drawing Skia content (MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5467.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2017-5460","severity":"important","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443308","bugzilla_description":"CVE-2017-5460 Mozilla: Use-after-free in frame selection (MFSA 2017-11, MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el6_9","thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5460.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-5448","severity":"important","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106"],"bugzilla":"1443310","bugzilla_description":"CVE-2017-5448 Mozilla: Out-of-bounds write in ClearKeyDecryptor (MFSA 2017-11, MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el6_9","firefox-0:52.1.0-2.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5448.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-5449","severity":"moderate","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443311","bugzilla_description":"CVE-2017-5449 Mozilla: Crash during bidirectional unicode manipulation with animation (MFSA 2017-11, MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el6_9","thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5449.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2017-5446","severity":"important","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443312","bugzilla_description":"CVE-2017-5446 Mozilla: Out-of-bounds read when HTTP/2 DATA frames are sent with incorrect data (MFSA 2017-11, MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el6_9","thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5446.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-5447","severity":"important","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443313","bugzilla_description":"CVE-2017-5447 Mozilla: Out-of-bounds read during glyph processing (MFSA 2017-11, MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el6_9","thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5447.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-5444","severity":"important","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443314","bugzilla_description":"CVE-2017-5444 Mozilla: Buffer overflow while parsing application/http-index-format content (MFSA 2017-11, MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el6_9","thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5444.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-5445","severity":"moderate","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443315","bugzilla_description":"CVE-2017-5445 Mozilla: Uninitialized values used while parsing application/http-index-format content (MFSA 2017-11, MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el6_9","thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5445.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2017-5468","severity":"low","public_date":"2017-04-19T00:00:00Z","advisories":[],"bugzilla":"1443316","bugzilla_description":"CVE-2017-5468 Mozilla: Incorrect ownership model for Private Browsing information (MFSA 2017-10)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5468.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2017-5469","severity":"important","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443317","bugzilla_description":"CVE-2017-5469 Mozilla: Potential Buffer overflow in flex-generated code (MFSA 2017-11, MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el6_9","thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5469.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-5440","severity":"important","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443322","bugzilla_description":"CVE-2017-5440 Mozilla: Use-after-free in txExecutionState destructor during XSLT processing (MFSA 2017-11, MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el6_9","thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5440.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-5441","severity":"important","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443323","bugzilla_description":"CVE-2017-5441 Mozilla: Use-after-free with selection during scroll events (MFSA 2017-11, MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el6_9","thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5441.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-5439","severity":"important","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443324","bugzilla_description":"CVE-2017-5439 Mozilla: Use-after-free in nsTArray Length() during XSLT processing (MFSA 2017-11, MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el6_9","thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5439.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-5438","severity":"important","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443325","bugzilla_description":"CVE-2017-5438 Mozilla: Use-after-free in nsAutoPtr during XSLT processing (MFSA 2017-11, MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el6_9","thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5438.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-5437","severity":null,"public_date":"2017-04-19T00:00:00Z","advisories":[],"bugzilla":"1443326","bugzilla_description":"REJECTED CVE-2017-5437 Mozilla: Vulnerabilities in libevent library (MFSA 2017-11, MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5437.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N"},{"CVE":"CVE-2017-5436","severity":"critical","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443327","bugzilla_description":"CVE-2017-5436 Mozilla: Out-of-bounds write with malicious font in Graphite 2 (MFSA 2017-11, MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el6_9","thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5436.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-5435","severity":"critical","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443328","bugzilla_description":"CVE-2017-5435 Mozilla: Use-after-free during transaction processing in the editor (MFSA 2017-11, MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el6_9","thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5435.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-5434","severity":"important","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443329","bugzilla_description":"CVE-2017-5434 Mozilla: Use-after-free during focus handling (MFSA 2017-11, MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el6_9","thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5434.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-5433","severity":"critical","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443330","bugzilla_description":"CVE-2017-5433 Mozilla: Use-after-free in SMIL animation functions (MFSA 2017-11, MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el6_9","thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5433.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-5430","severity":"critical","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1106"],"bugzilla":"1443331","bugzilla_description":"CVE-2017-5430 Mozilla: Memory safety bugs fixed in Firefox 53 and Firefox ESR 52.1 (MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5430.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-5432","severity":"important","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443332","bugzilla_description":"CVE-2017-5432 Mozilla: Use-after-free in text input selection (MFSA 2017-11, MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el6_9","thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5432.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-5459","severity":"critical","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443333","bugzilla_description":"CVE-2017-5459 Mozilla: Buffer overflow in WebGL (MFSA 2017-11, MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el6_9","thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5459.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-5455","severity":"important","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1106"],"bugzilla":"1443334","bugzilla_description":"CVE-2017-5455 Mozilla: Sandbox escape through internal feed reader APIs (MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.1.0-2.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5455.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-5458","severity":"low","public_date":"2017-04-19T00:00:00Z","advisories":[],"bugzilla":"1443336","bugzilla_description":"CVE-2017-5458 Mozilla: Drag and drop of javascript: URLs can allow for self-XSS (MFSA 2017-11)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5458.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2017-5454","severity":"important","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443338","bugzilla_description":"CVE-2017-5454 Mozilla: Sandbox escape allowing file system read access through file picker (MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5454.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-5451","severity":"moderate","public_date":"2017-04-19T00:00:00Z","advisories":["RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1443340","bugzilla_description":"CVE-2017-5451 Mozilla: Addressbar spoofing with onblur event (MFSA 2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5451.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2017-5453","severity":"low","public_date":"2017-04-19T00:00:00Z","advisories":[],"bugzilla":"1443343","bugzilla_description":"CVE-2017-5453 Mozilla: HTML injection into RSS Reader feed preview page through TITLE element (MFSA 2017-11)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5453.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N","cvss3_score":"7.4"},{"CVE":"CVE-2017-5428","severity":"critical","public_date":"2017-03-17T00:00:00Z","advisories":["RHSA-2017:0558"],"bugzilla":"1433202","bugzilla_description":"CVE-2017-5428 Mozilla: integer overflow in createImageBitmap() (MFSA 2017-08)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["firefox-0:52.0-5.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5428.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2017-5400","severity":"critical","public_date":"2017-03-07T00:00:00Z","advisories":["RHSA-2017:0459","RHSA-2017:0461","RHSA-2017:0498"],"bugzilla":"1429778","bugzilla_description":"CVE-2017-5400 Mozilla: asm.js JIT-spray bypass of ASLR and DEP (MFSA 2017-06)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.8.0-2.el6_8","firefox-0:45.8.0-2.el5_11","firefox-0:52.0-4.el7_3","thunderbird-0:45.8.0-1.el7_3","thunderbird-0:45.8.0-1.el6_8","thunderbird-0:45.8.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5400.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2017-5401","severity":"critical","public_date":"2017-03-07T00:00:00Z","advisories":["RHSA-2017:0459","RHSA-2017:0461","RHSA-2017:0498"],"bugzilla":"1429779","bugzilla_description":"CVE-2017-5401 Mozilla: Memory Corruption when handling ErrorResult (MFSA 2017-06)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.8.0-2.el6_8","firefox-0:45.8.0-2.el5_11","firefox-0:52.0-4.el7_3","thunderbird-0:45.8.0-1.el7_3","thunderbird-0:45.8.0-1.el6_8","thunderbird-0:45.8.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5401.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2017-5402","severity":"critical","public_date":"2017-03-07T00:00:00Z","advisories":["RHSA-2017:0459","RHSA-2017:0461","RHSA-2017:0498"],"bugzilla":"1429780","bugzilla_description":"CVE-2017-5402 Mozilla: Use-after-free working with events in FontFace objects (MFSA 2017-06)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.8.0-2.el6_8","firefox-0:45.8.0-2.el5_11","firefox-0:52.0-4.el7_3","thunderbird-0:45.8.0-1.el7_3","thunderbird-0:45.8.0-1.el6_8","thunderbird-0:45.8.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5402.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2017-5404","severity":"critical","public_date":"2017-03-07T00:00:00Z","advisories":["RHSA-2017:0459","RHSA-2017:0461","RHSA-2017:0498"],"bugzilla":"1429781","bugzilla_description":"CVE-2017-5404 Mozilla: Use-after-free working with ranges in selections (MFSA 2017-06)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.8.0-2.el6_8","firefox-0:45.8.0-2.el5_11","firefox-0:52.0-4.el7_3","thunderbird-0:45.8.0-1.el7_3","thunderbird-0:45.8.0-1.el6_8","thunderbird-0:45.8.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5404.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2017-5407","severity":"moderate","public_date":"2017-03-07T00:00:00Z","advisories":["RHSA-2017:0459","RHSA-2017:0461","RHSA-2017:0498"],"bugzilla":"1429782","bugzilla_description":"CVE-2017-5407 Mozilla: Pixel and history stealing via floating-point timing side channel with SVG filters (MFSA 2017-06)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["firefox-0:45.8.0-2.el6_8","firefox-0:45.8.0-2.el5_11","firefox-0:52.0-4.el7_3","thunderbird-0:45.8.0-1.el7_3","thunderbird-0:45.8.0-1.el6_8","thunderbird-0:45.8.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5407.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2017-5410","severity":"moderate","public_date":"2017-03-07T00:00:00Z","advisories":["RHSA-2017:0459","RHSA-2017:0461","RHSA-2017:0498"],"bugzilla":"1429783","bugzilla_description":"CVE-2017-5410 Mozilla: Memory corruption during JavaScript garbage collection incremental sweeping (MFSA 2017-06)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.8.0-2.el6_8","firefox-0:45.8.0-2.el5_11","firefox-0:52.0-4.el7_3","thunderbird-0:45.8.0-1.el7_3","thunderbird-0:45.8.0-1.el6_8","thunderbird-0:45.8.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5410.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2017-5408","severity":"moderate","public_date":"2017-03-07T00:00:00Z","advisories":["RHSA-2017:0459","RHSA-2017:0461","RHSA-2017:0498"],"bugzilla":"1429784","bugzilla_description":"CVE-2017-5408 Mozilla: Cross-origin reading of video captions in violation of CORS (MFSA 2017-06)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["firefox-0:45.8.0-2.el6_8","firefox-0:45.8.0-2.el5_11","firefox-0:52.0-4.el7_3","thunderbird-0:45.8.0-1.el7_3","thunderbird-0:45.8.0-1.el6_8","thunderbird-0:45.8.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5408.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2017-5405","severity":"low","public_date":"2017-03-07T00:00:00Z","advisories":["RHSA-2017:0459","RHSA-2017:0461","RHSA-2017:0498"],"bugzilla":"1429785","bugzilla_description":"CVE-2017-5405 Mozilla: FTP response codes can cause use of uninitialized values for ports (MFSA 2017-06)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.8.0-2.el6_8","firefox-0:45.8.0-2.el5_11","firefox-0:52.0-4.el7_3","thunderbird-0:45.8.0-1.el7_3","thunderbird-0:45.8.0-1.el6_8","thunderbird-0:45.8.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5405.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2017-5398","severity":"critical","public_date":"2017-03-07T00:00:00Z","advisories":["RHSA-2017:0459","RHSA-2017:0461","RHSA-2017:0498"],"bugzilla":"1429786","bugzilla_description":"CVE-2017-5398 Mozilla: Memory safety bugs fixed in Firefox 52 and Firefox ESR 45.8 (MFSA 2017-06)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.8.0-2.el6_8","firefox-0:45.8.0-2.el5_11","firefox-0:52.0-4.el7_3","thunderbird-0:45.8.0-1.el7_3","thunderbird-0:45.8.0-1.el6_8","thunderbird-0:45.8.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5398.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2017-5373","severity":"critical","public_date":"2017-01-24T00:00:00Z","advisories":["RHSA-2017:0238","RHSA-2017:0190"],"bugzilla":"1415924","bugzilla_description":"CVE-2017-5373 Mozilla: Memory safety bugs fixed in Firefox 51 and Firefox ESR 45.7 (MFSA 2017-01)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:45.7.0-1.el6_8","firefox-0:45.7.0-2.el7_3","firefox-0:45.7.0-2.el5_11","thunderbird-0:45.7.0-1.el7_3","firefox-0:45.7.0-2.el6_8","thunderbird-0:45.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5373.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2017-5375","severity":"critical","public_date":"2017-01-24T00:00:00Z","advisories":["RHSA-2017:0238","RHSA-2017:0190"],"bugzilla":"1416271","bugzilla_description":"CVE-2017-5375 Mozilla: Excessive JIT code allocation allows bypass of ASLR and DEP (MFSA 2017-02)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:45.7.0-1.el6_8","firefox-0:45.7.0-2.el7_3","firefox-0:45.7.0-2.el5_11","thunderbird-0:45.7.0-1.el7_3","firefox-0:45.7.0-2.el6_8","thunderbird-0:45.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5375.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2017-5376","severity":"critical","public_date":"2017-01-24T00:00:00Z","advisories":["RHSA-2017:0238","RHSA-2017:0190"],"bugzilla":"1416272","bugzilla_description":"CVE-2017-5376 Mozilla: Use-after-free in XSL (MFSA 2017-02)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:45.7.0-1.el6_8","firefox-0:45.7.0-2.el7_3","firefox-0:45.7.0-2.el5_11","thunderbird-0:45.7.0-1.el7_3","firefox-0:45.7.0-2.el6_8","thunderbird-0:45.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5376.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2017-5378","severity":"moderate","public_date":"2017-01-24T00:00:00Z","advisories":["RHSA-2017:0238","RHSA-2017:0190"],"bugzilla":"1416273","bugzilla_description":"CVE-2017-5378 Mozilla: Pointer and frame data leakage of Javascript objects (MFSA 2017-02)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["thunderbird-0:45.7.0-1.el6_8","firefox-0:45.7.0-2.el7_3","firefox-0:45.7.0-2.el5_11","thunderbird-0:45.7.0-1.el7_3","firefox-0:45.7.0-2.el6_8","thunderbird-0:45.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5378.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2017-5380","severity":"moderate","public_date":"2017-01-24T00:00:00Z","advisories":["RHSA-2017:0238","RHSA-2017:0190"],"bugzilla":"1416274","bugzilla_description":"CVE-2017-5380 Mozilla: Potential use-after-free during DOM manipulations (MFSA 2017-02)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:45.7.0-1.el6_8","firefox-0:45.7.0-2.el7_3","firefox-0:45.7.0-2.el5_11","thunderbird-0:45.7.0-1.el7_3","firefox-0:45.7.0-2.el6_8","thunderbird-0:45.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5380.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2017-5390","severity":"moderate","public_date":"2017-01-24T00:00:00Z","advisories":["RHSA-2017:0238","RHSA-2017:0190"],"bugzilla":"1416279","bugzilla_description":"CVE-2017-5390 Mozilla: Insecure communication methods in Developer Tools JSON viewer (MFSA 2017-02)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:45.7.0-1.el6_8","firefox-0:45.7.0-2.el7_3","firefox-0:45.7.0-2.el5_11","thunderbird-0:45.7.0-1.el7_3","firefox-0:45.7.0-2.el6_8","thunderbird-0:45.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5390.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2017-5396","severity":"moderate","public_date":"2017-01-24T00:00:00Z","advisories":["RHSA-2017:0238","RHSA-2017:0190"],"bugzilla":"1416280","bugzilla_description":"CVE-2017-5396 Mozilla: Use-after-free with Media Decoder (MFSA 2017-02)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:45.7.0-1.el6_8","firefox-0:45.7.0-2.el7_3","firefox-0:45.7.0-2.el5_11","thunderbird-0:45.7.0-1.el7_3","firefox-0:45.7.0-2.el6_8","thunderbird-0:45.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5396.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2017-5383","severity":"moderate","public_date":"2017-01-24T00:00:00Z","advisories":["RHSA-2017:0238","RHSA-2017:0190"],"bugzilla":"1416281","bugzilla_description":"CVE-2017-5383 Mozilla: Location bar spoofing with unicode characters (MFSA 2017-02)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["thunderbird-0:45.7.0-1.el6_8","firefox-0:45.7.0-2.el7_3","firefox-0:45.7.0-2.el5_11","thunderbird-0:45.7.0-1.el7_3","firefox-0:45.7.0-2.el6_8","thunderbird-0:45.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5383.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2017-5386","severity":"moderate","public_date":"2017-01-24T00:00:00Z","advisories":["RHSA-2017:0190"],"bugzilla":"1416282","bugzilla_description":"CVE-2017-5386 Mozilla: WebExtensions can use data: protocol to affect other extensions (MFSA 2017-02)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.7.0-2.el7_3","firefox-0:45.7.0-2.el5_11","firefox-0:45.7.0-2.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5386.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2017-0381","severity":"low","public_date":"2017-01-12T00:00:00Z","advisories":[],"bugzilla":"1413604","bugzilla_description":"CVE-2017-0381 opus: Memory corruption during media file and data processing","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0381.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.1"},{"CVE":"CVE-2016-9584","severity":"moderate","public_date":"2016-12-15T00:00:00Z","advisories":[],"bugzilla":"1405315","bugzilla_description":"CVE-2016-9584 libical: Use-after-free","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9584.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2016-9899","severity":"critical","public_date":"2016-12-14T00:00:00Z","advisories":["RHSA-2016:2946","RHSA-2016:2973"],"bugzilla":"1404083","bugzilla_description":"CVE-2016-9899 Mozilla: Use-after-free while manipulating DOM events and audio elements (MFSA 2016-94, MFSA 2016-95)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:45.6.0-1.el7_3","firefox-0:45.6.0-1.el5_11","firefox-0:45.6.0-1.el7_3","thunderbird-0:45.6.0-1.el5_11","firefox-0:45.6.0-1.el6_8","thunderbird-0:45.6.0-1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9899.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2016-9895","severity":"moderate","public_date":"2016-12-14T00:00:00Z","advisories":["RHSA-2016:2946","RHSA-2016:2973"],"bugzilla":"1404086","bugzilla_description":"CVE-2016-9895 Mozilla: CSP bypass using marquee tag (MFSA 2016-94, MFSA 2016-95)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["thunderbird-0:45.6.0-1.el7_3","firefox-0:45.6.0-1.el5_11","firefox-0:45.6.0-1.el7_3","thunderbird-0:45.6.0-1.el5_11","firefox-0:45.6.0-1.el6_8","thunderbird-0:45.6.0-1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9895.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2016-9897","severity":"moderate","public_date":"2016-12-14T00:00:00Z","advisories":["RHSA-2016:2946"],"bugzilla":"1404087","bugzilla_description":"CVE-2016-9897 Mozilla: Memory corruption in libGLES (MFSA 2016-94, MFSA 2016-95)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.6.0-1.el5_11","firefox-0:45.6.0-1.el7_3","firefox-0:45.6.0-1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9897.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-9898","severity":"moderate","public_date":"2016-12-14T00:00:00Z","advisories":["RHSA-2016:2946"],"bugzilla":"1404089","bugzilla_description":"CVE-2016-9898 Mozilla: Use-after-free in Editor while manipulating DOM subtrees (MFSA 2016-94, MFSA 2016-95)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.6.0-1.el5_11","firefox-0:45.6.0-1.el7_3","firefox-0:45.6.0-1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9898.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-9900","severity":"moderate","public_date":"2016-12-14T00:00:00Z","advisories":["RHSA-2016:2946","RHSA-2016:2973"],"bugzilla":"1404090","bugzilla_description":"CVE-2016-9900 Mozilla: Restricted external resources can be loaded by SVG images through data URLs (MFSA 2016-94, MFSA 2016-95)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["thunderbird-0:45.6.0-1.el7_3","firefox-0:45.6.0-1.el5_11","firefox-0:45.6.0-1.el7_3","thunderbird-0:45.6.0-1.el5_11","firefox-0:45.6.0-1.el6_8","thunderbird-0:45.6.0-1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9900.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2016-9904","severity":"moderate","public_date":"2016-12-14T00:00:00Z","advisories":["RHSA-2016:2946"],"bugzilla":"1404091","bugzilla_description":"CVE-2016-9904 Mozilla: Cross-origin information leak in shared atoms (MFSA 2016-94, MFSA 2016-95)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["firefox-0:45.6.0-1.el5_11","firefox-0:45.6.0-1.el7_3","firefox-0:45.6.0-1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9904.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2016-9905","severity":"moderate","public_date":"2016-12-14T00:00:00Z","advisories":["RHSA-2016:2946","RHSA-2016:2973"],"bugzilla":"1404094","bugzilla_description":"CVE-2016-9905 Mozilla: Crash in EnumerateSubDocuments (MFSA 2016-94, MFSA 2016-95)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:45.6.0-1.el7_3","firefox-0:45.6.0-1.el5_11","firefox-0:45.6.0-1.el7_3","thunderbird-0:45.6.0-1.el5_11","firefox-0:45.6.0-1.el6_8","thunderbird-0:45.6.0-1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9905.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-9893","severity":"critical","public_date":"2016-12-14T00:00:00Z","advisories":["RHSA-2016:2946","RHSA-2016:2973"],"bugzilla":"1404096","bugzilla_description":"CVE-2016-9893 Mozilla: Memory safety bugs fixed in Firefox 50.1 and Firefox ESR 45.6 (MFSA 2016-95)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:45.6.0-1.el7_3","firefox-0:45.6.0-1.el5_11","firefox-0:45.6.0-1.el7_3","thunderbird-0:45.6.0-1.el5_11","firefox-0:45.6.0-1.el6_8","thunderbird-0:45.6.0-1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9893.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2016-9901","severity":"moderate","public_date":"2016-12-14T00:00:00Z","advisories":["RHSA-2016:2946","RHSA-2016:2973"],"bugzilla":"1404358","bugzilla_description":"CVE-2016-9901 Mozilla: Data from Pocket server improperly sanitized before execution (MFSA 2016-94, MFSA 2016-95)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["thunderbird-0:45.6.0-1.el7_3","firefox-0:45.6.0-1.el5_11","firefox-0:45.6.0-1.el7_3","thunderbird-0:45.6.0-1.el5_11","firefox-0:45.6.0-1.el6_8","thunderbird-0:45.6.0-1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9901.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2016-9902","severity":"moderate","public_date":"2016-12-14T00:00:00Z","advisories":["RHSA-2016:2946","RHSA-2016:2973"],"bugzilla":"1404359","bugzilla_description":"CVE-2016-9902 Mozilla: Pocket extension does not validate the origin of events (MFSA 2016-94, MFSA 2016-95)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["thunderbird-0:45.6.0-1.el7_3","firefox-0:45.6.0-1.el5_11","firefox-0:45.6.0-1.el7_3","thunderbird-0:45.6.0-1.el5_11","firefox-0:45.6.0-1.el6_8","thunderbird-0:45.6.0-1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9902.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2016-9079","severity":"critical","public_date":"2016-12-01T00:00:00Z","advisories":["RHSA-2016:2850","RHSA-2016:2843"],"bugzilla":"1400376","bugzilla_description":"CVE-2016-9079 Mozilla: Firefox SVG Animation Remote Code Execution (MFSA 2016-92)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:45.5.1-1.el7_3","thunderbird-0:45.5.1-1.el5_11","firefox-0:45.5.1-1.el7_3","firefox-0:45.5.1-1.el5_11","firefox-0:45.5.1-1.el6_8","thunderbird-0:45.5.1-1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9079.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2016-5296","severity":"critical","public_date":"2016-11-16T00:00:00Z","advisories":["RHSA-2016:2780"],"bugzilla":"1395055","bugzilla_description":"CVE-2016-5296 Mozilla: Heap-buffer-overflow WRITE in rasterize_edges_1 (MFSA 2016-89, MFSA 2016-90)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.5.0-1.el5_11","firefox-0:45.5.0-1.el6_8","firefox-0:45.5.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5296.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2016-5297","severity":"moderate","public_date":"2016-11-16T00:00:00Z","advisories":["RHSA-2016:2780"],"bugzilla":"1395058","bugzilla_description":"CVE-2016-5297 Mozilla: Incorrect argument length checking in Javascript (MFSA 2016-89, MFSA 2016-90)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.5.0-1.el5_11","firefox-0:45.5.0-1.el6_8","firefox-0:45.5.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5297.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-9064","severity":"moderate","public_date":"2016-11-16T00:00:00Z","advisories":["RHSA-2016:2780"],"bugzilla":"1395060","bugzilla_description":"CVE-2016-9064 Mozilla: Addons update must verify IDs match between current and new versions (MFSA 2016-89, MFSA 2016-90)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["firefox-0:45.5.0-1.el5_11","firefox-0:45.5.0-1.el6_8","firefox-0:45.5.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9064.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2016-9066","severity":"moderate","public_date":"2016-11-16T00:00:00Z","advisories":["RHSA-2016:2780"],"bugzilla":"1395061","bugzilla_description":"CVE-2016-9066 Mozilla: Integer overflow leading to a buffer overflow in nsScriptLoadHandler (MFSA 2016-89, MFSA 2016-90)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.5.0-1.el5_11","firefox-0:45.5.0-1.el6_8","firefox-0:45.5.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9066.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-5291","severity":"moderate","public_date":"2016-11-16T00:00:00Z","advisories":["RHSA-2016:2780"],"bugzilla":"1395065","bugzilla_description":"CVE-2016-5291 Mozilla: Same-origin policy violation using local HTML file and saved shortcut file (MFSA 2016-89, MFSA 2016-90)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["firefox-0:45.5.0-1.el5_11","firefox-0:45.5.0-1.el6_8","firefox-0:45.5.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5291.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2016-5290","severity":"critical","public_date":"2016-11-16T00:00:00Z","advisories":["RHSA-2016:2780","RHSA-2016:2825"],"bugzilla":"1395066","bugzilla_description":"CVE-2016-5290 Mozilla: Memory safety bugs fixed in Firefox 45.5 (MFSA 2016-90)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.5.0-1.el5_11","firefox-0:45.5.0-1.el6_8","thunderbird-0:45.5.0-1.el5_11","firefox-0:45.5.0-1.el7_3","thunderbird-0:45.5.0-1.el7_3","thunderbird-0:45.5.0-1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5290.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2016-5292","severity":"moderate","public_date":"2016-11-15T00:00:00Z","advisories":[],"bugzilla":"1395057","bugzilla_description":"CVE-2016-5292 Mozilla: URL parsing causes crash (MFSA 2016-89)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5292.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-5289","severity":"critical","public_date":"2016-11-15T00:00:00Z","advisories":[],"bugzilla":"1395098","bugzilla_description":"CVE-2016-5289 Mozilla: Memory safety bugs fixed in Firefox 50 (MFSA 2016-89)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5289.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2016-9077","severity":"moderate","public_date":"2016-11-15T00:00:00Z","advisories":[],"bugzilla":"1395099","bugzilla_description":"CVE-2016-9077 Mozilla: Canvas filters allow feDisplacementMaps to be applied to cross-origin images, allowing timing attacks on them (MFSA 2016-89)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9077.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-9071","severity":"moderate","public_date":"2016-11-15T00:00:00Z","advisories":[],"bugzilla":"1395100","bugzilla_description":"CVE-2016-9071 Mozilla: Probe browser history via HSTS/301 redirect + CSP (MFSA 2016-89)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9071.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2016-9075","severity":"moderate","public_date":"2016-11-15T00:00:00Z","advisories":[],"bugzilla":"1395101","bugzilla_description":"CVE-2016-9075 Mozilla: WebExtensions can access the mozAddonManager API and use it to gain elevated privileges (MFSA 2016-89)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9075.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-9076","severity":"moderate","public_date":"2016-11-15T00:00:00Z","advisories":[],"bugzilla":"1396537","bugzilla_description":"CVE-2016-9076 firefox: select dropdown menu can be used for URL bar spoofing on e10s","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9076.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2016-9067","severity":"important","public_date":"2016-11-15T00:00:00Z","advisories":[],"bugzilla":"1396539","bugzilla_description":"CVE-2016-9067 CVE-2016-9069 firefox: Heap use-after-free in nsINode::ReplaceOrInsertBefore","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9067.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","cvss3_score":"8.3"},{"CVE":"CVE-2016-9069","severity":"important","public_date":"2016-11-15T00:00:00Z","advisories":[],"bugzilla":"1396539","bugzilla_description":"CVE-2016-9067 CVE-2016-9069 firefox: Heap use-after-free in nsINode::ReplaceOrInsertBefore","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9069.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","cvss3_score":"8.3"},{"CVE":"CVE-2016-9063","severity":"low","public_date":"2016-11-15T00:00:00Z","advisories":[],"bugzilla":"1396540","bugzilla_description":"CVE-2016-9063 firefox: Possible integer overflow to fix inside XML_Parse in Expat","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9063.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.1"},{"CVE":"CVE-2016-9068","severity":"important","public_date":"2016-11-15T00:00:00Z","advisories":[],"bugzilla":"1396542","bugzilla_description":"CVE-2016-9068 firefox: Heap use-after-free in nsRefreshDriver","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9068.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","cvss3_score":"8.3"},{"CVE":"CVE-2016-9073","severity":"moderate","public_date":"2016-11-15T00:00:00Z","advisories":[],"bugzilla":"1396545","bugzilla_description":"CVE-2016-9073 firefox: windows.create schema doesn't specify \"format\": \"relativeUrl\"","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9073.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2016-9070","severity":"moderate","public_date":"2016-11-15T00:00:00Z","advisories":[],"bugzilla":"1396549","bugzilla_description":"CVE-2016-9070 firefox: Sidebar bookmark can have reference to chrome window","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9070.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2016-5261","severity":"important","public_date":"2016-09-20T00:00:00Z","advisories":["RHSA-2016:1912"],"bugzilla":"1361986","bugzilla_description":"CVE-2016-5261 Mozilla: Integer overflow and memory corruption in WebSocketChannel (MFSA 2016-75, MFSA 2016-86)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.4.0-1.el5_11","firefox-0:45.4.0-1.el6_8","firefox-0:45.4.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5261.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-5250","severity":"moderate","public_date":"2016-09-20T00:00:00Z","advisories":["RHSA-2016:1912"],"bugzilla":"1361998","bugzilla_description":"CVE-2016-5250 Mozilla: Resource Timing API is storing resources sent by the previous page (MFSA 2016-84, MFSA 2016-86)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["firefox-0:45.4.0-1.el5_11","firefox-0:45.4.0-1.el6_8","firefox-0:45.4.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5250.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2016-5257","severity":"critical","public_date":"2016-09-20T00:00:00Z","advisories":["RHSA-2016:1912","RHSA-2016:1985"],"bugzilla":"1377543","bugzilla_description":"CVE-2016-5257 Mozilla: Memory safety bugs fixed in Firefox ESR 45.4 (MFSA 2016-85, MFSA 2016-86)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:45.4.0-1.el5_11","firefox-0:45.4.0-1.el5_11","firefox-0:45.4.0-1.el6_8","thunderbird-0:45.4.0-1.el6_8","firefox-0:45.4.0-1.el7_2","thunderbird-0:45.4.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5257.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2016-5278","severity":"critical","public_date":"2016-09-20T00:00:00Z","advisories":["RHSA-2016:1912"],"bugzilla":"1377549","bugzilla_description":"CVE-2016-5278 Mozilla: Heap-buffer-overflow in nsBMPEncoder::AddImageFrame (MFSA 2016-85, MFSA 2016-86)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.4.0-1.el5_11","firefox-0:45.4.0-1.el6_8","firefox-0:45.4.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5278.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2016-5270","severity":"important","public_date":"2016-09-20T00:00:00Z","advisories":["RHSA-2016:1912"],"bugzilla":"1377552","bugzilla_description":"CVE-2016-5270 Mozilla: Heap-buffer-overflow in nsCaseTransformTextRunFactory::TransformString (MFSA 2016-85, MFSA 2016-86)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.4.0-1.el5_11","firefox-0:45.4.0-1.el6_8","firefox-0:45.4.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5270.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-5272","severity":"important","public_date":"2016-09-20T00:00:00Z","advisories":["RHSA-2016:1912"],"bugzilla":"1377554","bugzilla_description":"CVE-2016-5272 Mozilla: Bad cast in nsImageGeometryMixin (MFSA 2016-85, MFSA 2016-86)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.4.0-1.el5_11","firefox-0:45.4.0-1.el6_8","firefox-0:45.4.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5272.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-5276","severity":"important","public_date":"2016-09-20T00:00:00Z","advisories":["RHSA-2016:1912"],"bugzilla":"1377557","bugzilla_description":"CVE-2016-5276 Mozilla: Heap-use-after-free in mozilla::a11y::DocAccessible::ProcessInvalidationList (MFSA 2016-85, MFSA 2016-86)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.4.0-1.el5_11","firefox-0:45.4.0-1.el6_8","firefox-0:45.4.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5276.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-5274","severity":"important","public_date":"2016-09-20T00:00:00Z","advisories":["RHSA-2016:1912"],"bugzilla":"1377558","bugzilla_description":"CVE-2016-5274 Mozilla: use-after-free in nsFrameManager::CaptureFrameState (MFSA 2016-85, MFSA 2016-86)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.4.0-1.el5_11","firefox-0:45.4.0-1.el6_8","firefox-0:45.4.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5274.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-5277","severity":"important","public_date":"2016-09-20T00:00:00Z","advisories":["RHSA-2016:1912"],"bugzilla":"1377559","bugzilla_description":"CVE-2016-5277 Mozilla: Heap-use-after-free in nsRefreshDriver::Tick (MFSA 2016-85, MFSA 2016-86)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.4.0-1.el5_11","firefox-0:45.4.0-1.el6_8","firefox-0:45.4.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5277.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-5280","severity":"important","public_date":"2016-09-20T00:00:00Z","advisories":["RHSA-2016:1912"],"bugzilla":"1377561","bugzilla_description":"CVE-2016-5280 Mozilla: Use-after-free in mozilla::nsTextNodeDirectionalityMap::RemoveElementFromMap (MFSA 2016-85, MFSA 2016-86)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.4.0-1.el5_11","firefox-0:45.4.0-1.el6_8","firefox-0:45.4.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5280.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-5281","severity":"important","public_date":"2016-09-20T00:00:00Z","advisories":["RHSA-2016:1912"],"bugzilla":"1377563","bugzilla_description":"CVE-2016-5281 Mozilla: use-after-free in DOMSVGLength (MFSA 2016-85, MFSA 2016-86)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.4.0-1.el5_11","firefox-0:45.4.0-1.el6_8","firefox-0:45.4.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5281.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-5284","severity":"important","public_date":"2016-09-20T00:00:00Z","advisories":["RHSA-2016:1912"],"bugzilla":"1377565","bugzilla_description":"CVE-2016-5284 Mozilla: Add-on update site certificate pin expiration (MFSA 2016-85, MFSA 2016-86)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.4.0-1.el5_11","firefox-0:45.4.0-1.el6_8","firefox-0:45.4.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5284.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-2827","severity":"low","public_date":"2016-09-20T00:00:00Z","advisories":[],"bugzilla":"1377660","bugzilla_description":"CVE-2016-2827 Mozilla: Out-of-bounds read in mozilla::net::IsValidReferrerPolicy (MFSA 2016-85)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2827.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-5271","severity":"low","public_date":"2016-09-20T00:00:00Z","advisories":[],"bugzilla":"1377661","bugzilla_description":"CVE-2016-5271 Mozilla: Out-of-bounds read in PropertyProvider::GetSpacingInternal (MFSA 2016-85)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5271.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-5256","severity":"critical","public_date":"2016-09-20T00:00:00Z","advisories":[],"bugzilla":"1377666","bugzilla_description":"CVE-2016-5256 Mozilla: Memory safety bugs fixed in Firefox 49 (MFSA 2016-85)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5256.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2016-5275","severity":"critical","public_date":"2016-09-20T00:00:00Z","advisories":[],"bugzilla":"1377667","bugzilla_description":"CVE-2016-5275 Mozilla: global-buffer-overflow in mozilla::gfx::FilterSupport::ComputeSourceNeededRegions (MFSA 2016-85)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5275.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2016-5273","severity":"important","public_date":"2016-09-20T00:00:00Z","advisories":[],"bugzilla":"1377669","bugzilla_description":"CVE-2016-5273 Mozilla: crash in mozilla::a11y::HyperTextAccessible::GetChildOffset (MFSA 2016-85)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5273.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-5283","severity":"important","public_date":"2016-09-20T00:00:00Z","advisories":[],"bugzilla":"1377670","bugzilla_description":"CVE-2016-5283 Mozilla: iframe src fragment timing attack can reveal cross-origin data (MFSA 2016-85)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5283.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-5279","severity":"moderate","public_date":"2016-09-20T00:00:00Z","advisories":[],"bugzilla":"1377673","bugzilla_description":"CVE-2016-5279 Mozilla: Full local path of files is available to web pages after drag and drop (MFSA 2016-85)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5279.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-5282","severity":"moderate","public_date":"2016-09-20T00:00:00Z","advisories":[],"bugzilla":"1377675","bugzilla_description":"CVE-2016-5282 Mozilla: Don't allow content to request favicons from non-whitelisted schemes (MFSA 2016-85)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5282.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-2836","severity":"critical","public_date":"2016-08-02T00:00:00Z","advisories":["RHSA-2016:1551","RHSA-2016:1809"],"bugzilla":"1361974","bugzilla_description":"CVE-2016-2836 Mozilla: Miscellaneous memory safety hazards (rv:45.3) (MFSA 2016-62)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.3.0-1.el7_2","firefox-0:45.3.0-1.el5_11","thunderbird-0:45.3.0-1.el7_2","thunderbird-0:45.3.0-1.el5_11","thunderbird-0:45.3.0-1.el6_8","firefox-0:45.3.0-1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2836.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2016-2835","severity":"critical","public_date":"2016-08-02T00:00:00Z","advisories":[],"bugzilla":"1361975","bugzilla_description":"CVE-2016-2835 Mozilla: Miscellaneous memory safety hazards (rv:48.0) (MFSA 2016-62)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2835.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2016-2838","severity":"moderate","public_date":"2016-08-02T00:00:00Z","advisories":["RHSA-2016:1551"],"bugzilla":"1361976","bugzilla_description":"CVE-2016-2838 Mozilla: Buffer overflow rendering SVG with bidirectional content (MFSA 2016-64)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.3.0-1.el7_2","firefox-0:45.3.0-1.el5_11","firefox-0:45.3.0-1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2838.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-2839","severity":"moderate","public_date":"2016-08-02T00:00:00Z","advisories":[],"bugzilla":"1361977","bugzilla_description":"CVE-2016-2839 Mozilla: Cairo rendering crash due to memory allocation issue with FFMpeg 0.10 (MFSA 2016-65)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2839.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-5251","severity":"moderate","public_date":"2016-08-02T00:00:00Z","advisories":[],"bugzilla":"1361978","bugzilla_description":"CVE-2016-5251 Mozilla: Location bar spoofing via data URLs with malformed/invalid mediatypes (MFSA 2016-66)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5251.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2016-5252","severity":"important","public_date":"2016-08-02T00:00:00Z","advisories":["RHSA-2016:1551"],"bugzilla":"1361979","bugzilla_description":"CVE-2016-5252 Mozilla: Stack underflow during 2D graphics rendering (MFSA 2016-67)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.3.0-1.el7_2","firefox-0:45.3.0-1.el5_11","firefox-0:45.3.0-1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5252.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-5254","severity":"low","public_date":"2016-08-02T00:00:00Z","advisories":["RHSA-2016:1551"],"bugzilla":"1361980","bugzilla_description":"CVE-2016-5254 Mozilla: Use-after-free when using alt key and toplevel menus (MFSA 2016-70)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.3.0-1.el7_2","firefox-0:45.3.0-1.el5_11","firefox-0:45.3.0-1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5254.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-5255","severity":"moderate","public_date":"2016-08-02T00:00:00Z","advisories":[],"bugzilla":"1361981","bugzilla_description":"CVE-2016-5255 Mozilla: Crash in incremental garbage collection in JavaScript (MFSA 2016-71)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5255.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-5258","severity":"critical","public_date":"2016-08-02T00:00:00Z","advisories":["RHSA-2016:1551"],"bugzilla":"1361982","bugzilla_description":"CVE-2016-5258 Mozilla: Use-after-free in DTLS during WebRTC session shutdown (MFSA 2016-72)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.3.0-1.el7_2","firefox-0:45.3.0-1.el5_11","firefox-0:45.3.0-1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5258.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2016-5259","severity":"critical","public_date":"2016-08-02T00:00:00Z","advisories":["RHSA-2016:1551"],"bugzilla":"1361984","bugzilla_description":"CVE-2016-5259 Mozilla: Use-after-free in service workers with nested sync events (MFSA 2016-73)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.3.0-1.el7_2","firefox-0:45.3.0-1.el5_11","firefox-0:45.3.0-1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5259.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2016-5260","severity":"moderate","public_date":"2016-08-02T00:00:00Z","advisories":[],"bugzilla":"1361985","bugzilla_description":"CVE-2016-5260 Mozilla: Form input type change from password to text can store plain text password in session restore file (MFSA 2016-74)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5260.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2016-5262","severity":"moderate","public_date":"2016-08-02T00:00:00Z","advisories":["RHSA-2016:1551"],"bugzilla":"1361987","bugzilla_description":"CVE-2016-5262 Mozilla: Scripts on marquee tag can execute in sandboxed iframes (MFSA 2016-76)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["firefox-0:45.3.0-1.el7_2","firefox-0:45.3.0-1.el5_11","firefox-0:45.3.0-1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5262.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2016-2837","severity":"low","public_date":"2016-08-02T00:00:00Z","advisories":["RHSA-2016:1551"],"bugzilla":"1361989","bugzilla_description":"CVE-2016-2837 Mozilla: Buffer overflow in ClearKey Content Decryption Module (CDM) during video playback (MFSA 2016-77)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.3.0-1.el7_2","firefox-0:45.3.0-1.el5_11","firefox-0:45.3.0-1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2837.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-5263","severity":"important","public_date":"2016-08-02T00:00:00Z","advisories":["RHSA-2016:1551"],"bugzilla":"1361991","bugzilla_description":"CVE-2016-5263 Mozilla: Type confusion in display transformation (MFSA 2016-78)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.3.0-1.el7_2","firefox-0:45.3.0-1.el5_11","firefox-0:45.3.0-1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5263.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-5264","severity":"moderate","public_date":"2016-08-02T00:00:00Z","advisories":["RHSA-2016:1551"],"bugzilla":"1361992","bugzilla_description":"CVE-2016-5264 Mozilla: Use-after-free when applying SVG effects (MFSA 2016-79)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.3.0-1.el7_2","firefox-0:45.3.0-1.el5_11","firefox-0:45.3.0-1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5264.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2016-5265","severity":"moderate","public_date":"2016-08-02T00:00:00Z","advisories":["RHSA-2016:1551"],"bugzilla":"1361994","bugzilla_description":"CVE-2016-5265 Mozilla: Same-origin policy violation using local HTML file and saved shortcut file (MFSA 2016-80)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["firefox-0:45.3.0-1.el7_2","firefox-0:45.3.0-1.el5_11","firefox-0:45.3.0-1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5265.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2016-5266","severity":"moderate","public_date":"2016-08-02T00:00:00Z","advisories":[],"bugzilla":"1361995","bugzilla_description":"CVE-2016-5266 Mozilla: Information disclosure and local file manipulation through drag and drop (MFSA 2016-81)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5266.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2016-5268","severity":"moderate","public_date":"2016-08-02T00:00:00Z","advisories":[],"bugzilla":"1361996","bugzilla_description":"CVE-2016-5268 Mozilla: Spoofing attack through text injection into internal error pages (MFSA 2016-83)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5268.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2016-5825","severity":"low","public_date":"2016-06-25T00:00:00Z","advisories":[],"bugzilla":"1375104","bugzilla_description":"CVE-2016-5825 libical: Heap buffer over-read in icalparser_parse_string function","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5825.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-5826","severity":"low","public_date":"2016-06-25T00:00:00Z","advisories":[],"bugzilla":"1375106","bugzilla_description":"CVE-2016-5826 libical: Heap buffer over-read in parser_get_next_char","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5826.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-5827","severity":"moderate","public_date":"2016-06-24T00:00:00Z","advisories":[],"bugzilla":"1350481","bugzilla_description":"CVE-2016-5827 libical: Heap buffer over-read in icaltime_from_string","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5827.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-5823","severity":"low","public_date":"2016-06-24T00:00:00Z","advisories":[],"bugzilla":"1350487","bugzilla_description":"CVE-2016-5823 libical: Segmentation fault on crafted file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5823.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-2831","severity":"moderate","public_date":"2016-06-09T00:00:00Z","advisories":["RHSA-2016:1217"],"bugzilla":"1342898","bugzilla_description":"CVE-2016-2831 Mozilla: Entering fullscreen and persistent pointerlock without user permission (MFSA 2016-58)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["firefox-0:45.2.0-1.el6_8","firefox-0:45.2.0-1.el5_11","firefox-0:45.2.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2831.json"},{"CVE":"CVE-2016-2818","severity":"critical","public_date":"2016-06-08T00:00:00Z","advisories":["RHSA-2016:1392","RHSA-2016:1217"],"bugzilla":"1342887","bugzilla_description":"CVE-2016-2818 Mozilla: Miscellaneous memory safety hazards (rv:45.2) (MFSA 2016-49)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.2.0-1.el6_8","thunderbird-0:45.2-1.el5_11","thunderbird-0:45.2-1.el7_2","firefox-0:45.2.0-1.el5_11","firefox-0:45.2.0-1.el7_2","thunderbird-0:45.2-1.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2818.json"},{"CVE":"CVE-2016-2819","severity":"critical","public_date":"2016-06-08T00:00:00Z","advisories":["RHSA-2016:1217"],"bugzilla":"1342891","bugzilla_description":"CVE-2016-2819 Mozilla: Buffer overflow parsing HTML5 fragments (MFSA 2016-50)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.2.0-1.el6_8","firefox-0:45.2.0-1.el5_11","firefox-0:45.2.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2819.json"},{"CVE":"CVE-2016-2821","severity":"moderate","public_date":"2016-06-08T00:00:00Z","advisories":["RHSA-2016:1217"],"bugzilla":"1342892","bugzilla_description":"CVE-2016-2821 Mozilla: Use-after-free deleting tables from a contenteditable document (MFSA 2016-51)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.2.0-1.el6_8","firefox-0:45.2.0-1.el5_11","firefox-0:45.2.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2821.json"},{"CVE":"CVE-2016-2822","severity":"moderate","public_date":"2016-06-08T00:00:00Z","advisories":["RHSA-2016:1217"],"bugzilla":"1342893","bugzilla_description":"CVE-2016-2822 Mozilla: Addressbar spoofing though the SELECT element (MFSA 2016-52)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["firefox-0:45.2.0-1.el6_8","firefox-0:45.2.0-1.el5_11","firefox-0:45.2.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2822.json"},{"CVE":"CVE-2016-2828","severity":"moderate","public_date":"2016-06-08T00:00:00Z","advisories":["RHSA-2016:1217"],"bugzilla":"1342895","bugzilla_description":"CVE-2016-2828 Mozilla: Use-after-free when textures are used in WebGL operations after recycle pool destruction (MFSA 2016-56)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:45.2.0-1.el6_8","firefox-0:45.2.0-1.el5_11","firefox-0:45.2.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2828.json"},{"CVE":"CVE-2016-2815","severity":"critical","public_date":"2016-06-07T00:00:00Z","advisories":[],"bugzilla":"1342890","bugzilla_description":"CVE-2016-2815 Mozilla: Miscellaneous memory safety hazards (rv:47.0) (MFSA 2016-49)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2815.json"},{"CVE":"CVE-2016-2825","severity":"moderate","public_date":"2016-06-07T00:00:00Z","advisories":[],"bugzilla":"1342894","bugzilla_description":"CVE-2016-2825 Mozilla: Partial same-origin-policy through setting location.host through data: URI (MFSA 2016-54)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2825.json"},{"CVE":"CVE-2016-2829","severity":"moderate","public_date":"2016-06-07T00:00:00Z","advisories":[],"bugzilla":"1342896","bugzilla_description":"CVE-2016-2829 Mozilla: Incorrect icon displayed on permissions notifications (MFSA 2016-57)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2829.json"},{"CVE":"CVE-2016-2832","severity":"moderate","public_date":"2016-06-07T00:00:00Z","advisories":[],"bugzilla":"1342899","bugzilla_description":"CVE-2016-2832 Mozilla: Information disclosure of disabled plugins through CSS pseudo-classes (MFSA 2016-60)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2832.json"},{"CVE":"CVE-2016-2833","severity":"moderate","public_date":"2016-06-07T00:00:00Z","advisories":[],"bugzilla":"1342900","bugzilla_description":"CVE-2016-2833 Mozilla: Java applets bypass CSP protections (MFSA 2016-60)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2833.json"},{"CVE":"CVE-2016-5300","severity":"moderate","public_date":"2016-06-04T00:00:00Z","advisories":[],"bugzilla":"1343085","bugzilla_description":"CVE-2016-5300 expat: Little entropy used for hash initialization","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-331","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5300.json"},{"CVE":"CVE-2016-5824","severity":"moderate","public_date":"2016-05-24T00:00:00Z","advisories":["RHSA-2019:0269","RHSA-2019:0270"],"bugzilla":"1375120","bugzilla_description":"CVE-2016-5824 libical: Multiple use-after-free vulnerabilities","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-416","affected_packages":["thunderbird-0:60.5.0-1.el6_10","thunderbird-0:60.5.0-1.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5824.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-0718","severity":"moderate","public_date":"2016-05-17T00:00:00Z","advisories":["RHSA-2016:2824","RHSA-2018:2486"],"bugzilla":"1296102","bugzilla_description":"CVE-2016-0718 expat: Out-of-bounds heap read on crafted input causing crash","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":["expat-0:2.0.1-13.el6_8","expat-0:2.1.0-10.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0718.json"},{"CVE":"CVE-2016-4472","severity":"moderate","public_date":"2016-05-15T00:00:00Z","advisories":[],"bugzilla":"1344251","bugzilla_description":"CVE-2016-4472 expat: Undefined behavior and pointer overflows","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4472.json"},{"CVE":"CVE-2016-2805","severity":"critical","public_date":"2016-04-26T00:00:00Z","advisories":["RHSA-2016:0695","RHSA-2016:1041"],"bugzilla":"1330266","bugzilla_description":"CVE-2016-2805 Mozilla: Miscellaneous memory safety hazards (rv:38.8) (MFSA 2016-39)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:38.8.0-1.el7_2","firefox-0:45.1.0-1.el6_7","thunderbird-0:38.8.0-2.el6_8","thunderbird-0:38.8.0-1.el5_11","firefox-0:45.1.0-1.el5_11","firefox-0:45.1.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2805.json"},{"CVE":"CVE-2016-2807","severity":"critical","public_date":"2016-04-26T00:00:00Z","advisories":["RHSA-2016:0695","RHSA-2016:1041"],"bugzilla":"1330271","bugzilla_description":"CVE-2016-2807 Mozilla: Miscellaneous memory safety hazards (rv:46.0 / rv:45.1 / rv:38.8) (MFSA 2016-39)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:38.8.0-1.el7_2","firefox-0:45.1.0-1.el6_7","thunderbird-0:38.8.0-2.el6_8","thunderbird-0:38.8.0-1.el5_11","firefox-0:45.1.0-1.el5_11","firefox-0:45.1.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2807.json"},{"CVE":"CVE-2016-1952","severity":"critical","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373","RHSA-2016:0460"],"bugzilla":"1315566","bugzilla_description":"CVE-2016-1952 Mozilla: Miscellaneous memory safety hazards (rv:38.7) (MFSA 2016-16)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.7.0-1.el6_7","thunderbird-0:38.7.0-1.el5_11","thunderbird-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","thunderbird-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1952.json"},{"CVE":"CVE-2016-1953","severity":"critical","public_date":"2016-03-08T00:00:00Z","advisories":[],"bugzilla":"1315567","bugzilla_description":"CVE-2016-1953 Mozilla: Miscellaneous memory safety hazards (rv:45.0) (MFSA 2016-16)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1953.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2016-1954","severity":"moderate","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373","RHSA-2016:0460"],"bugzilla":"1315569","bugzilla_description":"CVE-2016-1954 Mozilla: Local file overwriting and potential privilege escalation through CSP reports (MFSA 2016-17)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["firefox-0:38.7.0-1.el6_7","thunderbird-0:38.7.0-1.el5_11","thunderbird-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","thunderbird-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1954.json"},{"CVE":"CVE-2016-1955","severity":"moderate","public_date":"2016-03-08T00:00:00Z","advisories":[],"bugzilla":"1315570","bugzilla_description":"CVE-2016-1955 Mozilla: CSP reports fail to strip location information for embedded iframe pages (MFSA 2016-18)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1955.json"},{"CVE":"CVE-2016-1956","severity":"moderate","public_date":"2016-03-08T00:00:00Z","advisories":[],"bugzilla":"1315571","bugzilla_description":"CVE-2016-1956 Mozilla: Linux video memory DOS with Intel drivers (MFSA 2016-19)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1956.json"},{"CVE":"CVE-2016-1957","severity":"moderate","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373","RHSA-2016:0460"],"bugzilla":"1315573","bugzilla_description":"CVE-2016-1957 Mozilla: Memory leak in libstagefright when deleting an array during MP4 processing (MFSA 2016-20)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.7.0-1.el6_7","thunderbird-0:38.7.0-1.el5_11","thunderbird-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","thunderbird-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1957.json"},{"CVE":"CVE-2016-1958","severity":"moderate","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373"],"bugzilla":"1315574","bugzilla_description":"CVE-2016-1958 Mozilla: Displayed page address can be overridden (MFSA 2016-21)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["firefox-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1958.json"},{"CVE":"CVE-2016-1959","severity":"critical","public_date":"2016-03-08T00:00:00Z","advisories":[],"bugzilla":"1315575","bugzilla_description":"CVE-2016-1959 Mozilla: Service Worker Manager out-of-bounds read in Service Worker Manager (MFSA 2016-22)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1959.json"},{"CVE":"CVE-2016-1960","severity":"critical","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373","RHSA-2016:0460"],"bugzilla":"1315576","bugzilla_description":"CVE-2016-1960 Mozilla: Use-after-free in HTML5 string parser (MFSA 2016-23)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.7.0-1.el6_7","thunderbird-0:38.7.0-1.el5_11","thunderbird-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","thunderbird-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1960.json"},{"CVE":"CVE-2016-1961","severity":"critical","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373","RHSA-2016:0460"],"bugzilla":"1315577","bugzilla_description":"CVE-2016-1961 Mozilla: Use-after-free in SetBody (MFSA 2016-24)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.7.0-1.el6_7","thunderbird-0:38.7.0-1.el5_11","thunderbird-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","thunderbird-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1961.json"},{"CVE":"CVE-2016-1962","severity":"critical","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373"],"bugzilla":"1315578","bugzilla_description":"CVE-2016-1962 Mozilla: Use-after-free when using multiple WebRTC data channels (MFSA 2016-25)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1962.json"},{"CVE":"CVE-2016-1963","severity":"moderate","public_date":"2016-03-08T00:00:00Z","advisories":[],"bugzilla":"1315579","bugzilla_description":"CVE-2016-1963 Mozilla: Memory corruption when modifying a file being read by FileReader (MFSA 2016-26)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1963.json"},{"CVE":"CVE-2016-1964","severity":"critical","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373","RHSA-2016:0460"],"bugzilla":"1315774","bugzilla_description":"CVE-2016-1964 Mozilla: Use-after-free during XML transformations (MFSA 2016-27)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.7.0-1.el6_7","thunderbird-0:38.7.0-1.el5_11","thunderbird-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","thunderbird-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1964.json"},{"CVE":"CVE-2016-1965","severity":"moderate","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373"],"bugzilla":"1315775","bugzilla_description":"CVE-2016-1965 Mozilla: Addressbar spoofing though history navigation and Location protocol property (MFSA 2016-28)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["firefox-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1965.json"},{"CVE":"CVE-2016-1967","severity":"moderate","public_date":"2016-03-08T00:00:00Z","advisories":[],"bugzilla":"1315776","bugzilla_description":"CVE-2016-1967 Mozilla: Same-origin policy violation using perfomance.getEntries and history navigation with session restore (MFSA 2016-29)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1967.json"},{"CVE":"CVE-2016-1968","severity":"moderate","public_date":"2016-03-08T00:00:00Z","advisories":[],"bugzilla":"1315777","bugzilla_description":"CVE-2016-1968 Mozilla: Buffer overflow in Brotli decompression (MFSA 2016-30)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1968.json"},{"CVE":"CVE-2016-1966","severity":"important","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373","RHSA-2016:0460"],"bugzilla":"1315778","bugzilla_description":"CVE-2016-1966 Mozilla: Memory corruption with malicious NPAPI plugin (MFSA 2016-31)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.7.0-1.el6_7","thunderbird-0:38.7.0-1.el5_11","thunderbird-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","thunderbird-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1966.json"},{"CVE":"CVE-2016-1970","severity":"moderate","public_date":"2016-03-08T00:00:00Z","advisories":[],"bugzilla":"1315780","bugzilla_description":"CVE-2016-1970 CVE-2016-1971 CVE-2016-1972 CVE-2016-1975 CVE-2016-1976 Mozilla: WebRTC and LibVPX vulnerabilities found through code inspection (MFSA 2016-32)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1970.json"},{"CVE":"CVE-2016-1971","severity":"moderate","public_date":"2016-03-08T00:00:00Z","advisories":[],"bugzilla":"1315780","bugzilla_description":"CVE-2016-1970 CVE-2016-1971 CVE-2016-1972 CVE-2016-1975 CVE-2016-1976 Mozilla: WebRTC and LibVPX vulnerabilities found through code inspection (MFSA 2016-32)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1971.json"},{"CVE":"CVE-2016-1972","severity":"moderate","public_date":"2016-03-08T00:00:00Z","advisories":[],"bugzilla":"1315780","bugzilla_description":"CVE-2016-1970 CVE-2016-1971 CVE-2016-1972 CVE-2016-1975 CVE-2016-1976 Mozilla: WebRTC and LibVPX vulnerabilities found through code inspection (MFSA 2016-32)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1972.json"},{"CVE":"CVE-2016-1975","severity":"moderate","public_date":"2016-03-08T00:00:00Z","advisories":[],"bugzilla":"1315780","bugzilla_description":"CVE-2016-1970 CVE-2016-1971 CVE-2016-1972 CVE-2016-1975 CVE-2016-1976 Mozilla: WebRTC and LibVPX vulnerabilities found through code inspection (MFSA 2016-32)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1975.json"},{"CVE":"CVE-2016-1976","severity":"moderate","public_date":"2016-03-08T00:00:00Z","advisories":[],"bugzilla":"1315780","bugzilla_description":"CVE-2016-1970 CVE-2016-1971 CVE-2016-1972 CVE-2016-1975 CVE-2016-1976 Mozilla: WebRTC and LibVPX vulnerabilities found through code inspection (MFSA 2016-32)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1976.json"},{"CVE":"CVE-2016-1973","severity":"important","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373"],"bugzilla":"1315782","bugzilla_description":"CVE-2016-1973 Mozilla: Use-after-free in GetStaticInstance in WebRTC (MFSA 2016-33)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1973.json"},{"CVE":"CVE-2016-1974","severity":"moderate","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373","RHSA-2016:0460"],"bugzilla":"1315785","bugzilla_description":"CVE-2016-1974 Mozilla: Out-of-bounds read in HTML parser following a failed allocation (MFSA 2016-34)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.7.0-1.el6_7","thunderbird-0:38.7.0-1.el5_11","thunderbird-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","thunderbird-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1974.json"},{"CVE":"CVE-2016-1977","severity":"critical","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373","RHSA-2016:0460"],"bugzilla":"1315795","bugzilla_description":"graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.7.0-1.el6_7","thunderbird-0:38.7.0-1.el5_11","thunderbird-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","thunderbird-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1977.json"},{"CVE":"CVE-2016-2790","severity":"critical","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373","RHSA-2016:0460"],"bugzilla":"1315795","bugzilla_description":"graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.7.0-1.el6_7","thunderbird-0:38.7.0-1.el5_11","thunderbird-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","thunderbird-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2790.json"},{"CVE":"CVE-2016-2791","severity":"critical","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373","RHSA-2016:0460"],"bugzilla":"1315795","bugzilla_description":"graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.7.0-1.el6_7","thunderbird-0:38.7.0-1.el5_11","thunderbird-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","thunderbird-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2791.json"},{"CVE":"CVE-2016-2792","severity":"critical","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373","RHSA-2016:0460"],"bugzilla":"1315795","bugzilla_description":"graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.7.0-1.el6_7","thunderbird-0:38.7.0-1.el5_11","thunderbird-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","thunderbird-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2792.json"},{"CVE":"CVE-2016-2793","severity":"critical","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373","RHSA-2016:0460"],"bugzilla":"1315795","bugzilla_description":"graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.7.0-1.el6_7","thunderbird-0:38.7.0-1.el5_11","thunderbird-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","thunderbird-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2793.json"},{"CVE":"CVE-2016-2794","severity":"critical","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373","RHSA-2016:0460"],"bugzilla":"1315795","bugzilla_description":"graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.7.0-1.el6_7","thunderbird-0:38.7.0-1.el5_11","thunderbird-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","thunderbird-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2794.json"},{"CVE":"CVE-2016-2795","severity":"critical","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373","RHSA-2016:0460"],"bugzilla":"1315795","bugzilla_description":"graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.7.0-1.el6_7","thunderbird-0:38.7.0-1.el5_11","thunderbird-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","thunderbird-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2795.json"},{"CVE":"CVE-2016-2796","severity":"critical","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373","RHSA-2016:0460"],"bugzilla":"1315795","bugzilla_description":"graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.7.0-1.el6_7","thunderbird-0:38.7.0-1.el5_11","thunderbird-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","thunderbird-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2796.json"},{"CVE":"CVE-2016-2797","severity":"critical","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373","RHSA-2016:0460"],"bugzilla":"1315795","bugzilla_description":"graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.7.0-1.el6_7","thunderbird-0:38.7.0-1.el5_11","thunderbird-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","thunderbird-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2797.json"},{"CVE":"CVE-2016-2798","severity":"critical","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373","RHSA-2016:0460"],"bugzilla":"1315795","bugzilla_description":"graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.7.0-1.el6_7","thunderbird-0:38.7.0-1.el5_11","thunderbird-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","thunderbird-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2798.json"},{"CVE":"CVE-2016-2799","severity":"critical","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373","RHSA-2016:0460"],"bugzilla":"1315795","bugzilla_description":"graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.7.0-1.el6_7","thunderbird-0:38.7.0-1.el5_11","thunderbird-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","thunderbird-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2799.json"},{"CVE":"CVE-2016-2800","severity":"critical","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373","RHSA-2016:0460"],"bugzilla":"1315795","bugzilla_description":"graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.7.0-1.el6_7","thunderbird-0:38.7.0-1.el5_11","thunderbird-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","thunderbird-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2800.json"},{"CVE":"CVE-2016-2801","severity":"critical","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373","RHSA-2016:0460"],"bugzilla":"1315795","bugzilla_description":"graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.7.0-1.el6_7","thunderbird-0:38.7.0-1.el5_11","thunderbird-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","thunderbird-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2801.json"},{"CVE":"CVE-2016-2802","severity":"critical","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0373","RHSA-2016:0460"],"bugzilla":"1315795","bugzilla_description":"graphite2: multiple font parsing vulnerabilities (Mozilla MFSA 2016-37)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.7.0-1.el6_7","thunderbird-0:38.7.0-1.el5_11","thunderbird-0:38.7.0-1.el6_7","firefox-0:38.7.0-1.el7_2","thunderbird-0:38.7.0-1.el7_2","firefox-0:38.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2802.json"},{"CVE":"CVE-2016-1969","severity":"moderate","public_date":"2016-03-08T00:00:00Z","advisories":["RHSA-2016:0197"],"bugzilla":"1317560","bugzilla_description":"CVE-2016-1969 mozilla: out-of-bounds write with malicious font in graphite2 (MFSA 2016-38)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-787","affected_packages":["firefox-0:38.6.1-1.el6_7","firefox-0:38.6.1-1.el5_11","firefox-0:38.6.1-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1969.json"},{"CVE":"CVE-2016-10197","severity":"low","public_date":"2016-03-03T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1418612","bugzilla_description":"CVE-2016-10197 libevent: Out-of-bounds read in search_make_new()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["firefox-0:52.1.0-2.el6_9","thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10197.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2016-1521","severity":"important","public_date":"2016-02-05T00:00:00Z","advisories":["RHSA-2016:0197","RHSA-2016:0594","RHSA-2016:0258"],"bugzilla":"1305805","bugzilla_description":"CVE-2016-1521 graphite2: Out-of-bound read vulnerability triggered by crafted fonts","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":["firefox-0:38.6.1-1.el6_7","graphite2-0:1.3.6-1.el7_2","thunderbird-0:38.6.0-1.el5_11","firefox-0:38.6.1-1.el5_11","thunderbird-0:38.6.0-1.el7_2","firefox-0:38.6.1-1.el7_2","thunderbird-0:38.6.0-1.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1521.json"},{"CVE":"CVE-2016-1522","severity":"important","public_date":"2016-02-05T00:00:00Z","advisories":["RHSA-2016:0197","RHSA-2016:0594","RHSA-2016:0258"],"bugzilla":"1305810","bugzilla_description":"CVE-2016-1522 graphite2: Null pointer dereference and out-of-bounds access vulnerabilities","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-476","affected_packages":["firefox-0:38.6.1-1.el6_7","graphite2-0:1.3.6-1.el7_2","thunderbird-0:38.6.0-1.el5_11","firefox-0:38.6.1-1.el5_11","thunderbird-0:38.6.0-1.el7_2","firefox-0:38.6.1-1.el7_2","thunderbird-0:38.6.0-1.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1522.json"},{"CVE":"CVE-2016-1523","severity":"important","public_date":"2016-02-05T00:00:00Z","advisories":["RHSA-2016:0197","RHSA-2016:0594","RHSA-2016:0258"],"bugzilla":"1305813","bugzilla_description":"CVE-2016-1523 graphite2: Heap-based buffer overflow in context item handling functionality","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["firefox-0:38.6.1-1.el6_7","graphite2-0:1.3.6-1.el7_2","thunderbird-0:38.6.0-1.el5_11","firefox-0:38.6.1-1.el5_11","thunderbird-0:38.6.0-1.el7_2","firefox-0:38.6.1-1.el7_2","thunderbird-0:38.6.0-1.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1523.json"},{"CVE":"CVE-2016-10195","severity":"moderate","public_date":"2016-01-27T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1418608","bugzilla_description":"CVE-2016-10195 libevent: Stack-buffer overflow in the name_parse() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["firefox-0:52.1.0-2.el6_9","thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10195.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.7"},{"CVE":"CVE-2016-10196","severity":"moderate","public_date":"2016-01-27T00:00:00Z","advisories":["RHSA-2017:1104","RHSA-2017:1106","RHSA-2017:1201"],"bugzilla":"1418611","bugzilla_description":"CVE-2016-10196 libevent: Stack-buffer overflow in evutil_parse_sockaddr_port()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":["firefox-0:52.1.0-2.el6_9","thunderbird-0:52.1.0-1.el6_9","firefox-0:52.1.0-2.el7_3","thunderbird-0:52.1.0-1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10196.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-1930","severity":"critical","public_date":"2016-01-26T00:00:00Z","advisories":["RHSA-2016:0071","RHSA-2016:0258"],"bugzilla":"1301818","bugzilla_description":"CVE-2016-1930 Mozilla: Miscellaneous memory safety hazards (rv:38.6) (MFSA 2016-01)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.6.0-1.el7_2","thunderbird-0:38.6.0-1.el5_11","thunderbird-0:38.6.0-1.el7_2","firefox-0:38.6.0-1.el5_11","firefox-0:38.6.0-1.el6_7","thunderbird-0:38.6.0-1.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1930.json"},{"CVE":"CVE-2016-1931","severity":"critical","public_date":"2016-01-26T00:00:00Z","advisories":[],"bugzilla":"1301819","bugzilla_description":"CVE-2016-1931 Mozilla: Miscellaneous memory safety hazards (rv:44.0) (MFSA 2016-01)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1931.json"},{"CVE":"CVE-2016-1933","severity":"moderate","public_date":"2016-01-26T00:00:00Z","advisories":[],"bugzilla":"1301820","bugzilla_description":"CVE-2016-1933 Mozilla: Out of Memory crash when parsing GIF format images (MFSA 2016-02)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1933.json"},{"CVE":"CVE-2016-1935","severity":"critical","public_date":"2016-01-26T00:00:00Z","advisories":["RHSA-2016:0071","RHSA-2016:0258"],"bugzilla":"1301821","bugzilla_description":"CVE-2016-1935 Mozilla: Buffer overflow in WebGL after out of memory allocation (MFSA 2016-03)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.6.0-1.el7_2","thunderbird-0:38.6.0-1.el5_11","thunderbird-0:38.6.0-1.el7_2","firefox-0:38.6.0-1.el5_11","firefox-0:38.6.0-1.el6_7","thunderbird-0:38.6.0-1.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1935.json"},{"CVE":"CVE-2016-1939","severity":"moderate","public_date":"2016-01-26T00:00:00Z","advisories":[],"bugzilla":"1301822","bugzilla_description":"CVE-2016-1939 Mozilla: Firefox allows for control characters to be set in cookie names (MFSA 2016-04)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1939.json"},{"CVE":"CVE-2016-1937","severity":"moderate","public_date":"2016-01-26T00:00:00Z","advisories":[],"bugzilla":"1301823","bugzilla_description":"CVE-2016-1937 Mozilla: Missing delay following user click events in protocol handler dialog (MFSA 2016-06)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1937.json"},{"CVE":"CVE-2016-1944","severity":"critical","public_date":"2016-01-26T00:00:00Z","advisories":[],"bugzilla":"1301825","bugzilla_description":"CVE-2016-1944 CVE-2016-1945 CVE-2016-1946 Mozilla: Unsafe memory manipulation found through code inspection (MFSA 2016-10)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1944.json"},{"CVE":"CVE-2016-1945","severity":"critical","public_date":"2016-01-26T00:00:00Z","advisories":[],"bugzilla":"1301825","bugzilla_description":"CVE-2016-1944 CVE-2016-1945 CVE-2016-1946 Mozilla: Unsafe memory manipulation found through code inspection (MFSA 2016-10)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1945.json"},{"CVE":"CVE-2016-1946","severity":"critical","public_date":"2016-01-26T00:00:00Z","advisories":[],"bugzilla":"1301825","bugzilla_description":"CVE-2016-1944 CVE-2016-1945 CVE-2016-1946 Mozilla: Unsafe memory manipulation found through code inspection (MFSA 2016-10)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1946.json"},{"CVE":"CVE-2016-1947","severity":"moderate","public_date":"2016-01-26T00:00:00Z","advisories":[],"bugzilla":"1301826","bugzilla_description":"CVE-2016-1947 Mozilla: Application Reputation service disabled in Firefox 43 (MFSA 2016-11)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1947.json"},{"CVE":"CVE-2016-1943","severity":"moderate","public_date":"2016-01-26T00:00:00Z","advisories":[],"bugzilla":"1301827","bugzilla_description":"CVE-2016-1943 Mozilla: Addressbar spoofing attacks (MFSA 2016-09)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1943.json"},{"CVE":"CVE-2015-7201","severity":"critical","public_date":"2015-12-16T00:00:00Z","advisories":["RHSA-2016:0001","RHSA-2015:2657"],"bugzilla":"1291571","bugzilla_description":"CVE-2015-7201 Mozilla: Miscellaneous memory safety hazards (rv:38.5) (MFSA 2015-134)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:38.5.0-1.el6_7","thunderbird-0:38.5.0-1.el7_2","thunderbird-0:38.5.0-1.el5_11","firefox-0:38.5.0-3.el7_2","firefox-0:38.5.0-2.el5_11","firefox-0:38.5.0-2.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7201.json"},{"CVE":"CVE-2015-7202","severity":"critical","public_date":"2015-12-16T00:00:00Z","advisories":[],"bugzilla":"1291577","bugzilla_description":"CVE-2015-7202 Mozilla: Miscellaneous memory safety hazards (rv:43.0) (MFSA 2015-134)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7202.json"},{"CVE":"CVE-2015-7204","severity":"moderate","public_date":"2015-12-16T00:00:00Z","advisories":[],"bugzilla":"1291578","bugzilla_description":"CVE-2015-7204 Mozilla: Crash with JavaScript variable assignment with unboxed objects (MFSA 2015-135)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7204.json"},{"CVE":"CVE-2015-7207","severity":"moderate","public_date":"2015-12-16T00:00:00Z","advisories":[],"bugzilla":"1291581","bugzilla_description":"CVE-2015-7207 Mozilla: Same-origin policy violation using perfomance.getEntries and history navigation (MFSA 2015-136)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7207.json"},{"CVE":"CVE-2015-7208","severity":"moderate","public_date":"2015-12-16T00:00:00Z","advisories":[],"bugzilla":"1291583","bugzilla_description":"CVE-2015-7208 Mozilla: Firefox allows for control characters to be set in cookies (MFSA 2015-137)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7208.json"},{"CVE":"CVE-2015-7210","severity":"critical","public_date":"2015-12-16T00:00:00Z","advisories":["RHSA-2015:2657"],"bugzilla":"1291585","bugzilla_description":"CVE-2015-7210 Mozilla: Use-after-free in WebRTC when datachannel is used after being destroyed (MFSA 2015-138)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:38.5.0-3.el7_2","firefox-0:38.5.0-2.el5_11","firefox-0:38.5.0-2.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7210.json"},{"CVE":"CVE-2015-7212","severity":"moderate","public_date":"2015-12-16T00:00:00Z","advisories":["RHSA-2016:0001","RHSA-2015:2657"],"bugzilla":"1291587","bugzilla_description":"CVE-2015-7212 Mozilla: Integer overflow allocating extremely large textures (MFSA 2015-139)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-190","affected_packages":["thunderbird-0:38.5.0-1.el6_7","thunderbird-0:38.5.0-1.el7_2","thunderbird-0:38.5.0-1.el5_11","firefox-0:38.5.0-3.el7_2","firefox-0:38.5.0-2.el5_11","firefox-0:38.5.0-2.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7212.json"},{"CVE":"CVE-2015-7215","severity":"moderate","public_date":"2015-12-16T00:00:00Z","advisories":[],"bugzilla":"1291588","bugzilla_description":"CVE-2015-7215 Mozilla: Cross-origin information leak through web workers error events (MFSA 2015-140)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7215.json"},{"CVE":"CVE-2015-7211","severity":"moderate","public_date":"2015-12-16T00:00:00Z","advisories":[],"bugzilla":"1291589","bugzilla_description":"CVE-2015-7211 Mozilla: Hash in data: URI is incorrectly parsed (MFSA 2015-141)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7211.json"},{"CVE":"CVE-2015-7218","severity":"moderate","public_date":"2015-12-16T00:00:00Z","advisories":[],"bugzilla":"1291590","bugzilla_description":"CVE-2015-7218 CVE-2015-7219 Mozilla: DOS due to malformed frames in HTTP/2 (MFSA 2015-142)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7218.json"},{"CVE":"CVE-2015-7219","severity":"moderate","public_date":"2015-12-16T00:00:00Z","advisories":[],"bugzilla":"1291590","bugzilla_description":"CVE-2015-7218 CVE-2015-7219 Mozilla: DOS due to malformed frames in HTTP/2 (MFSA 2015-142)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7219.json"},{"CVE":"CVE-2015-7216","severity":"moderate","public_date":"2015-12-16T00:00:00Z","advisories":[],"bugzilla":"1291591","bugzilla_description":"CVE-2015-7216 CVE-2015-7217 Mozilla: Linux file chooser crashes on malformed JPEG2000 and TGA images due to flaws in underlying libraries (MFSA 2015-143)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7216.json"},{"CVE":"CVE-2015-7217","severity":"moderate","public_date":"2015-12-16T00:00:00Z","advisories":[],"bugzilla":"1291591","bugzilla_description":"CVE-2015-7216 CVE-2015-7217 Mozilla: Linux file chooser crashes on malformed JPEG2000 and TGA images due to flaws in underlying libraries (MFSA 2015-143)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7217.json"},{"CVE":"CVE-2015-7203","severity":"moderate","public_date":"2015-12-16T00:00:00Z","advisories":[],"bugzilla":"1291593","bugzilla_description":"CVE-2015-7203 CVE-2015-7220 CVE-2015-7221 Mozilla: Buffer overflows found through code inspection (MFSA 2015-144)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7203.json"},{"CVE":"CVE-2015-7220","severity":"moderate","public_date":"2015-12-16T00:00:00Z","advisories":[],"bugzilla":"1291593","bugzilla_description":"CVE-2015-7203 CVE-2015-7220 CVE-2015-7221 Mozilla: Buffer overflows found through code inspection (MFSA 2015-144)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7220.json"},{"CVE":"CVE-2015-7221","severity":"moderate","public_date":"2015-12-16T00:00:00Z","advisories":[],"bugzilla":"1291593","bugzilla_description":"CVE-2015-7203 CVE-2015-7220 CVE-2015-7221 Mozilla: Buffer overflows found through code inspection (MFSA 2015-144)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7221.json"},{"CVE":"CVE-2015-7205","severity":"important","public_date":"2015-12-16T00:00:00Z","advisories":["RHSA-2016:0001","RHSA-2015:2657"],"bugzilla":"1291595","bugzilla_description":"CVE-2015-7205 Mozilla: Underflow through code inspection (MFSA 2015-145)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:38.5.0-1.el6_7","thunderbird-0:38.5.0-1.el7_2","thunderbird-0:38.5.0-1.el5_11","firefox-0:38.5.0-3.el7_2","firefox-0:38.5.0-2.el5_11","firefox-0:38.5.0-2.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7205.json"},{"CVE":"CVE-2015-7213","severity":"important","public_date":"2015-12-16T00:00:00Z","advisories":["RHSA-2016:0001","RHSA-2015:2657"],"bugzilla":"1291596","bugzilla_description":"CVE-2015-7213 Mozilla: Integer overflow in MP4 playback in 64-bit versions (MFSA 2015-146)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-190","affected_packages":["thunderbird-0:38.5.0-1.el6_7","thunderbird-0:38.5.0-1.el7_2","thunderbird-0:38.5.0-1.el5_11","firefox-0:38.5.0-3.el7_2","firefox-0:38.5.0-2.el5_11","firefox-0:38.5.0-2.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7213.json"},{"CVE":"CVE-2015-7222","severity":"important","public_date":"2015-12-16T00:00:00Z","advisories":["RHSA-2015:2657"],"bugzilla":"1291597","bugzilla_description":"CVE-2015-7222 Mozilla: Integer underflow and buffer overflow processing MP4 metadata in libstagefright (MFSA 2015-147)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-190->CWE-119","affected_packages":["firefox-0:38.5.0-3.el7_2","firefox-0:38.5.0-2.el5_11","firefox-0:38.5.0-2.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7222.json"},{"CVE":"CVE-2015-7223","severity":"critical","public_date":"2015-12-16T00:00:00Z","advisories":[],"bugzilla":"1291599","bugzilla_description":"CVE-2015-7223 Mozilla: Privilege escalation vulnerabilities in WebExtension APIs (MFSA 2015-148)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7223.json"},{"CVE":"CVE-2015-7214","severity":"important","public_date":"2015-12-16T00:00:00Z","advisories":["RHSA-2016:0001","RHSA-2015:2657"],"bugzilla":"1291600","bugzilla_description":"CVE-2015-7214 Mozilla: Cross-site reading attack through data: and view-source: URIs (MFSA 2015-149)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["thunderbird-0:38.5.0-1.el6_7","thunderbird-0:38.5.0-1.el7_2","thunderbird-0:38.5.0-1.el5_11","firefox-0:38.5.0-3.el7_2","firefox-0:38.5.0-2.el5_11","firefox-0:38.5.0-2.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7214.json"},{"CVE":"CVE-2015-4513","severity":"critical","public_date":"2015-11-04T00:00:00Z","advisories":["RHSA-2015:2519","RHSA-2015:1982"],"bugzilla":"1277332","bugzilla_description":"CVE-2015-4513 Mozilla: Miscellaneous memory safety hazards (rv:38.4) (MFSA 2015-116)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.4.0-1.el5_11","thunderbird-0:38.4.0-1.el6_7","thunderbird-0:38.4.0-1.el5_11","firefox-0:38.4.0-1.el6_7","firefox-0:38.4.0-1.el7_1","thunderbird-0:38.4.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4513.json"},{"CVE":"CVE-2015-4514","severity":"critical","public_date":"2015-11-04T00:00:00Z","advisories":[],"bugzilla":"1277334","bugzilla_description":"CVE-2015-4514 Mozilla: Miscellaneous memory safety hazards (rv:42.0) (MFSA 2015-116)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4514.json"},{"CVE":"CVE-2015-4515","severity":"moderate","public_date":"2015-11-04T00:00:00Z","advisories":[],"bugzilla":"1277337","bugzilla_description":"CVE-2015-4515 Mozilla: Information disclosure through NTLM authentication (MFSA 2015-117)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4515.json"},{"CVE":"CVE-2015-4518","severity":"moderate","public_date":"2015-11-04T00:00:00Z","advisories":[],"bugzilla":"1277339","bugzilla_description":"CVE-2015-4518 Mozilla: CSP bypass due to permissive Reader mode whitelist (MFSA 2015-118)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4518.json"},{"CVE":"CVE-2015-7187","severity":"moderate","public_date":"2015-11-04T00:00:00Z","advisories":[],"bugzilla":"1277342","bugzilla_description":"CVE-2015-7187 Mozilla: disabling scripts in Add-on SDK panels has no effect (MFSA 2015-121)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7187.json"},{"CVE":"CVE-2015-7188","severity":"moderate","public_date":"2015-11-04T00:00:00Z","advisories":["RHSA-2015:1982"],"bugzilla":"1277343","bugzilla_description":"CVE-2015-7188 Mozilla: Trailing whitespace in IP address hostnames can bypass same-origin policy (MFSA 2015-122)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-79","affected_packages":["firefox-0:38.4.0-1.el5_11","firefox-0:38.4.0-1.el6_7","firefox-0:38.4.0-1.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7188.json"},{"CVE":"CVE-2015-7189","severity":"moderate","public_date":"2015-11-04T00:00:00Z","advisories":["RHSA-2015:2519","RHSA-2015:1982"],"bugzilla":"1277344","bugzilla_description":"CVE-2015-7189 Mozilla: Buffer overflow during image interactions in canvas (MFSA 2015-123)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-119","affected_packages":["firefox-0:38.4.0-1.el5_11","thunderbird-0:38.4.0-1.el6_7","thunderbird-0:38.4.0-1.el5_11","firefox-0:38.4.0-1.el6_7","firefox-0:38.4.0-1.el7_1","thunderbird-0:38.4.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7189.json"},{"CVE":"CVE-2015-7193","severity":"important","public_date":"2015-11-04T00:00:00Z","advisories":["RHSA-2015:2519","RHSA-2015:1982"],"bugzilla":"1277346","bugzilla_description":"CVE-2015-7193 Mozilla: CORS preflight is bypassed when non-standard Content-Type headers are received (MFSA 2015-127)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.4.0-1.el5_11","thunderbird-0:38.4.0-1.el6_7","thunderbird-0:38.4.0-1.el5_11","firefox-0:38.4.0-1.el6_7","firefox-0:38.4.0-1.el7_1","thunderbird-0:38.4.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7193.json"},{"CVE":"CVE-2015-7194","severity":"moderate","public_date":"2015-11-04T00:00:00Z","advisories":["RHSA-2015:1982"],"bugzilla":"1277347","bugzilla_description":"CVE-2015-7194 Mozilla: Memory corruption in libjar through zip files (MFSA 2015-128)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.4.0-1.el5_11","firefox-0:38.4.0-1.el6_7","firefox-0:38.4.0-1.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7194.json"},{"CVE":"CVE-2015-7195","severity":"moderate","public_date":"2015-11-04T00:00:00Z","advisories":[],"bugzilla":"1277348","bugzilla_description":"CVE-2015-7195 Mozilla: Certain escaped characters in host of Location-header are being treated as non-escaped (MFSA 2015-129)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7195.json"},{"CVE":"CVE-2015-7196","severity":"moderate","public_date":"2015-11-04T00:00:00Z","advisories":["RHSA-2015:1982"],"bugzilla":"1277349","bugzilla_description":"CVE-2015-7196 Mozilla: JavaScript garbage collection crash with Java applet (MFSA 2015-130)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.4.0-1.el5_11","firefox-0:38.4.0-1.el6_7","firefox-0:38.4.0-1.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7196.json"},{"CVE":"CVE-2015-7198","severity":"critical","public_date":"2015-11-04T00:00:00Z","advisories":["RHSA-2015:2519","RHSA-2015:1982"],"bugzilla":"1277350","bugzilla_description":"CVE-2015-7198 CVE-2015-7199 CVE-2015-7200 Mozilla: Vulnerabilities found through code inspection (MFSA 2015-131)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.4.0-1.el5_11","thunderbird-0:38.4.0-1.el6_7","thunderbird-0:38.4.0-1.el5_11","firefox-0:38.4.0-1.el6_7","firefox-0:38.4.0-1.el7_1","thunderbird-0:38.4.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7198.json"},{"CVE":"CVE-2015-7199","severity":"critical","public_date":"2015-11-04T00:00:00Z","advisories":["RHSA-2015:2519","RHSA-2015:1982"],"bugzilla":"1277350","bugzilla_description":"CVE-2015-7198 CVE-2015-7199 CVE-2015-7200 Mozilla: Vulnerabilities found through code inspection (MFSA 2015-131)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.4.0-1.el5_11","thunderbird-0:38.4.0-1.el6_7","thunderbird-0:38.4.0-1.el5_11","firefox-0:38.4.0-1.el6_7","firefox-0:38.4.0-1.el7_1","thunderbird-0:38.4.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7199.json"},{"CVE":"CVE-2015-7200","severity":"critical","public_date":"2015-11-04T00:00:00Z","advisories":["RHSA-2015:2519","RHSA-2015:1982"],"bugzilla":"1277350","bugzilla_description":"CVE-2015-7198 CVE-2015-7199 CVE-2015-7200 Mozilla: Vulnerabilities found through code inspection (MFSA 2015-131)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.4.0-1.el5_11","thunderbird-0:38.4.0-1.el6_7","thunderbird-0:38.4.0-1.el5_11","firefox-0:38.4.0-1.el6_7","firefox-0:38.4.0-1.el7_1","thunderbird-0:38.4.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7200.json"},{"CVE":"CVE-2015-7197","severity":"moderate","public_date":"2015-11-04T00:00:00Z","advisories":["RHSA-2015:2519","RHSA-2015:1982"],"bugzilla":"1277351","bugzilla_description":"CVE-2015-7197 Mozilla: Mixed content WebSocket policy bypass through workers (MFSA 2015-132)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["firefox-0:38.4.0-1.el5_11","thunderbird-0:38.4.0-1.el6_7","thunderbird-0:38.4.0-1.el5_11","firefox-0:38.4.0-1.el6_7","firefox-0:38.4.0-1.el7_1","thunderbird-0:38.4.0-1.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7197.json"},{"CVE":"CVE-2015-9274","severity":"low","public_date":"2015-09-29T00:00:00Z","advisories":[],"bugzilla":"1652081","bugzilla_description":"CVE-2015-9274 harfbuzz: DoS due to GPOS and GSUB table mishandling","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125->CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-9274.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2015-4500","severity":"critical","public_date":"2015-09-22T00:00:00Z","advisories":["RHSA-2015:1852","RHSA-2015:1834"],"bugzilla":"1265186","bugzilla_description":"CVE-2015-4500 Mozilla: Miscellaneous memory safety hazards (MFSA 2015-96)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-805","affected_packages":["firefox-0:38.3.0-2.el5_11","thunderbird-0:38.3.0-1.ael7b_1","thunderbird-0:38.3.0-1.el5_11","firefox-0:38.3.0-2.el6_7","thunderbird-0:38.3.0-1.el6_7","firefox-0:38.3.0-2.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4500.json"},{"CVE":"CVE-2015-4510","severity":"critical","public_date":"2015-09-22T00:00:00Z","advisories":[],"bugzilla":"1265190","bugzilla_description":"CVE-2015-4510 Mozilla: Use-after-free with shared workers and IndexedDB (MFSA 2015-104)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4510.json"},{"CVE":"CVE-2015-4509","severity":"critical","public_date":"2015-09-22T00:00:00Z","advisories":["RHSA-2015:1852","RHSA-2015:1834"],"bugzilla":"1265192","bugzilla_description":"CVE-2015-4509 Mozilla: Use-after-free while manipulating HTML media content (MFSA 2015-106)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:38.3.0-2.el5_11","thunderbird-0:38.3.0-1.ael7b_1","thunderbird-0:38.3.0-1.el5_11","firefox-0:38.3.0-2.el6_7","thunderbird-0:38.3.0-1.el6_7","firefox-0:38.3.0-2.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4509.json"},{"CVE":"CVE-2015-7178","severity":"critical","public_date":"2015-09-22T00:00:00Z","advisories":[],"bugzilla":"1265201","bugzilla_description":"CVE-2015-7178 CVE-2015-7179 Mozilla: Memory safety errors in libGLES in the ANGLE graphics library (MFSA 2015-113)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-805","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7178.json"},{"CVE":"CVE-2015-7179","severity":"critical","public_date":"2015-09-22T00:00:00Z","advisories":[],"bugzilla":"1265201","bugzilla_description":"CVE-2015-7178 CVE-2015-7179 Mozilla: Memory safety errors in libGLES in the ANGLE graphics library (MFSA 2015-113)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-805","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7179.json"},{"CVE":"CVE-2015-4503","severity":"moderate","public_date":"2015-09-22T00:00:00Z","advisories":[],"bugzilla":"1265591","bugzilla_description":"CVE-2015-4503 Mozilla: Memory leak in mozTCPSocket to servers (MFSA 2015-97)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4503.json"},{"CVE":"CVE-2015-4504","severity":"moderate","public_date":"2015-09-22T00:00:00Z","advisories":[],"bugzilla":"1265596","bugzilla_description":"CVE-2015-4504 Mozilla: Out of bounds read in QCMS library with ICC V4 profile attributes (MFSA 2015-98)","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:P","CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4504.json"},{"CVE":"CVE-2015-4476","severity":"moderate","public_date":"2015-09-22T00:00:00Z","advisories":[],"bugzilla":"1265603","bugzilla_description":"CVE-2015-4476 Mozilla: Site attribute spoofing on Android by pasting URL with unknown scheme (MFSA 2015-99)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4476.json"},{"CVE":"CVE-2015-4505","severity":"important","public_date":"2015-09-22T00:00:00Z","advisories":[],"bugzilla":"1265610","bugzilla_description":"CVE-2015-4505 Mozilla: Arbitrary file manipulation by local user through Mozilla updater (MFSA 2015-100)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4505.json"},{"CVE":"CVE-2015-4506","severity":"moderate","public_date":"2015-09-22T00:00:00Z","advisories":["RHSA-2015:1834"],"bugzilla":"1265617","bugzilla_description":"CVE-2015-4506 Mozilla: Buffer overflow in libvpx while parsing vp9 format video (MFSA 2015-101)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-120","affected_packages":["firefox-0:38.3.0-2.el5_11","firefox-0:38.3.0-2.el6_7","firefox-0:38.3.0-2.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4506.json"},{"CVE":"CVE-2015-4507","severity":"moderate","public_date":"2015-09-22T00:00:00Z","advisories":[],"bugzilla":"1265621","bugzilla_description":"CVE-2015-4507 Mozilla: Crash when using debugger with SavedStacks in JavaScript (MFSA 2015-102)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4507.json"},{"CVE":"CVE-2015-4508","severity":"low","public_date":"2015-09-22T00:00:00Z","advisories":[],"bugzilla":"1265624","bugzilla_description":"CVE-2015-4508 Mozilla: URL spoofing in reader mode (MFSA 2015-103)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4508.json"},{"CVE":"CVE-2015-4511","severity":"important","public_date":"2015-09-22T00:00:00Z","advisories":["RHSA-2015:1834"],"bugzilla":"1265630","bugzilla_description":"CVE-2015-4511 Mozilla: Buffer overflow while decoding WebM video (MFSA 2015-105)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-120","affected_packages":["firefox-0:38.3.0-2.el5_11","firefox-0:38.3.0-2.el6_7","firefox-0:38.3.0-2.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4511.json"},{"CVE":"CVE-2015-4512","severity":"moderate","public_date":"2015-09-22T00:00:00Z","advisories":[],"bugzilla":"1265769","bugzilla_description":"CVE-2015-4512 Mozilla: Out-of-bounds read during 2D canvas display on Linux 16-bit color depth systems (MFSA 2015-107)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4512.json"},{"CVE":"CVE-2015-4502","severity":"moderate","public_date":"2015-09-22T00:00:00Z","advisories":[],"bugzilla":"1265771","bugzilla_description":"CVE-2015-4502 Mozilla: Scripted proxies can access inner window (MFSA 2015-108)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-284","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4502.json"},{"CVE":"CVE-2015-4516","severity":"important","public_date":"2015-09-22T00:00:00Z","advisories":[],"bugzilla":"1265775","bugzilla_description":"CVE-2015-4516 Mozilla: JavaScript immutable property enforcement can be bypassed (MFSA 2015-109)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-250","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4516.json"},{"CVE":"CVE-2015-4519","severity":"moderate","public_date":"2015-09-22T00:00:00Z","advisories":["RHSA-2015:1852","RHSA-2015:1834"],"bugzilla":"1265778","bugzilla_description":"CVE-2015-4519 Mozilla: Dragging and dropping images exposes final URL after redirects (MFSA 2015-110)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":["firefox-0:38.3.0-2.el5_11","thunderbird-0:38.3.0-1.ael7b_1","thunderbird-0:38.3.0-1.el5_11","firefox-0:38.3.0-2.el6_7","thunderbird-0:38.3.0-1.el6_7","firefox-0:38.3.0-2.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4519.json"},{"CVE":"CVE-2015-4520","severity":"important","public_date":"2015-09-22T00:00:00Z","advisories":["RHSA-2015:1852","RHSA-2015:1834"],"bugzilla":"1265781","bugzilla_description":"CVE-2015-4520 Mozilla: Errors in the handling of CORS preflight request headers (MFSA 2015-111)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-284","affected_packages":["firefox-0:38.3.0-2.el5_11","thunderbird-0:38.3.0-1.ael7b_1","thunderbird-0:38.3.0-1.el5_11","firefox-0:38.3.0-2.el6_7","thunderbird-0:38.3.0-1.el6_7","firefox-0:38.3.0-2.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4520.json"},{"CVE":"CVE-2015-4517","severity":"important","public_date":"2015-09-22T00:00:00Z","advisories":["RHSA-2015:1852","RHSA-2015:1834"],"bugzilla":"1265784","bugzilla_description":"CVE-2015-4517 CVE-2015-4521 CVE-2015-4522 CVE-2015-7174 CVE-2015-7175 CVE-2015-7176 CVE-2015-7177 CVE-2015-7180 Mozilla: Vulnerabilities found through code inspection (MFSA 2015-112)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-250","affected_packages":["firefox-0:38.3.0-2.el5_11","thunderbird-0:38.3.0-1.ael7b_1","thunderbird-0:38.3.0-1.el5_11","firefox-0:38.3.0-2.el6_7","thunderbird-0:38.3.0-1.el6_7","firefox-0:38.3.0-2.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4517.json"},{"CVE":"CVE-2015-4521","severity":"important","public_date":"2015-09-22T00:00:00Z","advisories":["RHSA-2015:1852","RHSA-2015:1834"],"bugzilla":"1265784","bugzilla_description":"CVE-2015-4517 CVE-2015-4521 CVE-2015-4522 CVE-2015-7174 CVE-2015-7175 CVE-2015-7176 CVE-2015-7177 CVE-2015-7180 Mozilla: Vulnerabilities found through code inspection (MFSA 2015-112)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-250","affected_packages":["firefox-0:38.3.0-2.el5_11","thunderbird-0:38.3.0-1.ael7b_1","thunderbird-0:38.3.0-1.el5_11","firefox-0:38.3.0-2.el6_7","thunderbird-0:38.3.0-1.el6_7","firefox-0:38.3.0-2.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4521.json"},{"CVE":"CVE-2015-4522","severity":"important","public_date":"2015-09-22T00:00:00Z","advisories":["RHSA-2015:1852","RHSA-2015:1834"],"bugzilla":"1265784","bugzilla_description":"CVE-2015-4517 CVE-2015-4521 CVE-2015-4522 CVE-2015-7174 CVE-2015-7175 CVE-2015-7176 CVE-2015-7177 CVE-2015-7180 Mozilla: Vulnerabilities found through code inspection (MFSA 2015-112)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-250","affected_packages":["firefox-0:38.3.0-2.el5_11","thunderbird-0:38.3.0-1.ael7b_1","thunderbird-0:38.3.0-1.el5_11","firefox-0:38.3.0-2.el6_7","thunderbird-0:38.3.0-1.el6_7","firefox-0:38.3.0-2.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4522.json"},{"CVE":"CVE-2015-7174","severity":"important","public_date":"2015-09-22T00:00:00Z","advisories":["RHSA-2015:1852","RHSA-2015:1834"],"bugzilla":"1265784","bugzilla_description":"CVE-2015-4517 CVE-2015-4521 CVE-2015-4522 CVE-2015-7174 CVE-2015-7175 CVE-2015-7176 CVE-2015-7177 CVE-2015-7180 Mozilla: Vulnerabilities found through code inspection (MFSA 2015-112)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-250","affected_packages":["firefox-0:38.3.0-2.el5_11","thunderbird-0:38.3.0-1.ael7b_1","thunderbird-0:38.3.0-1.el5_11","firefox-0:38.3.0-2.el6_7","thunderbird-0:38.3.0-1.el6_7","firefox-0:38.3.0-2.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7174.json"},{"CVE":"CVE-2015-7175","severity":"important","public_date":"2015-09-22T00:00:00Z","advisories":["RHSA-2015:1852","RHSA-2015:1834"],"bugzilla":"1265784","bugzilla_description":"CVE-2015-4517 CVE-2015-4521 CVE-2015-4522 CVE-2015-7174 CVE-2015-7175 CVE-2015-7176 CVE-2015-7177 CVE-2015-7180 Mozilla: Vulnerabilities found through code inspection (MFSA 2015-112)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-250","affected_packages":["firefox-0:38.3.0-2.el5_11","thunderbird-0:38.3.0-1.ael7b_1","thunderbird-0:38.3.0-1.el5_11","firefox-0:38.3.0-2.el6_7","thunderbird-0:38.3.0-1.el6_7","firefox-0:38.3.0-2.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7175.json"},{"CVE":"CVE-2015-7176","severity":"important","public_date":"2015-09-22T00:00:00Z","advisories":["RHSA-2015:1852","RHSA-2015:1834"],"bugzilla":"1265784","bugzilla_description":"CVE-2015-4517 CVE-2015-4521 CVE-2015-4522 CVE-2015-7174 CVE-2015-7175 CVE-2015-7176 CVE-2015-7177 CVE-2015-7180 Mozilla: Vulnerabilities found through code inspection (MFSA 2015-112)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-250","affected_packages":["firefox-0:38.3.0-2.el5_11","thunderbird-0:38.3.0-1.ael7b_1","thunderbird-0:38.3.0-1.el5_11","firefox-0:38.3.0-2.el6_7","thunderbird-0:38.3.0-1.el6_7","firefox-0:38.3.0-2.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7176.json"},{"CVE":"CVE-2015-7177","severity":"important","public_date":"2015-09-22T00:00:00Z","advisories":["RHSA-2015:1852","RHSA-2015:1834"],"bugzilla":"1265784","bugzilla_description":"CVE-2015-4517 CVE-2015-4521 CVE-2015-4522 CVE-2015-7174 CVE-2015-7175 CVE-2015-7176 CVE-2015-7177 CVE-2015-7180 Mozilla: Vulnerabilities found through code inspection (MFSA 2015-112)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-250","affected_packages":["firefox-0:38.3.0-2.el5_11","thunderbird-0:38.3.0-1.ael7b_1","thunderbird-0:38.3.0-1.el5_11","firefox-0:38.3.0-2.el6_7","thunderbird-0:38.3.0-1.el6_7","firefox-0:38.3.0-2.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7177.json"},{"CVE":"CVE-2015-7180","severity":"important","public_date":"2015-09-22T00:00:00Z","advisories":["RHSA-2015:1852","RHSA-2015:1834"],"bugzilla":"1265784","bugzilla_description":"CVE-2015-4517 CVE-2015-4521 CVE-2015-4522 CVE-2015-7174 CVE-2015-7175 CVE-2015-7176 CVE-2015-7177 CVE-2015-7180 Mozilla: Vulnerabilities found through code inspection (MFSA 2015-112)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-250","affected_packages":["firefox-0:38.3.0-2.el5_11","thunderbird-0:38.3.0-1.ael7b_1","thunderbird-0:38.3.0-1.el5_11","firefox-0:38.3.0-2.el6_7","thunderbird-0:38.3.0-1.el6_7","firefox-0:38.3.0-2.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7180.json"},{"CVE":"CVE-2015-7327","severity":"moderate","public_date":"2015-09-22T00:00:00Z","advisories":[],"bugzilla":"1265785","bugzilla_description":"CVE-2015-7327 Mozilla: Information disclosure via the High Resolution Time API (MFSA 2015-114)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7327.json"},{"CVE":"CVE-2015-4501","severity":"critical","public_date":"2015-09-22T00:00:00Z","advisories":[],"bugzilla":"1266098","bugzilla_description":"CVE-2015-4501 Mozilla: Miscellaneous memory safety hazards (MFSA 2015-96)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4501.json"},{"CVE":"CVE-2015-6525","severity":"moderate","public_date":"2015-08-24T00:00:00Z","advisories":[],"bugzilla":"1256797","bugzilla_description":"CVE-2015-6525 libevent: multiple integer overflows in the evbuffer APIs","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-190->(CWE-122|CWE-835)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6525.json"},{"CVE":"CVE-2015-4473","severity":"critical","public_date":"2015-08-11T00:00:00Z","advisories":["RHSA-2015:1682","RHSA-2015:1586"],"bugzilla":"1252271","bugzilla_description":"CVE-2015-4473 Mozilla: Miscellaneous memory safety hazards (rv:38.2) (MFSA 2015-79)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.2.0-4.el5_11","thunderbird-0:38.2.0-4.el5_11","firefox-0:38.2.0-4.ael7b_1","firefox-0:38.2.0-4.el6_7","thunderbird-0:38.2.0-4.el6_7","thunderbird-0:38.2.0-1.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4473.json"},{"CVE":"CVE-2015-4474","severity":"critical","public_date":"2015-08-11T00:00:00Z","advisories":[],"bugzilla":"1252273","bugzilla_description":"CVE-2015-4474 Mozilla: Miscellaneous memory safety hazards (rv:40.0) (MFSA 2015-79)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4474.json"},{"CVE":"CVE-2015-4475","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":["RHSA-2015:1586"],"bugzilla":"1252276","bugzilla_description":"CVE-2015-4475 Mozilla: Out-of-bounds read with malformed MP3 file (MFSA 2015-80)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":["firefox-0:38.2.0-4.el5_11","firefox-0:38.2.0-4.ael7b_1","firefox-0:38.2.0-4.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4475.json"},{"CVE":"CVE-2015-4477","severity":"critical","public_date":"2015-08-11T00:00:00Z","advisories":[],"bugzilla":"1252277","bugzilla_description":"CVE-2015-4477 Mozilla: Use-after-free in MediaStream playback (MFSA 2015-81)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4477.json"},{"CVE":"CVE-2015-4478","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":["RHSA-2015:1586"],"bugzilla":"1252282","bugzilla_description":"CVE-2015-4478 Mozilla: Redefinition of non-configurable JavaScript object properties (MFSA 2015-82)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.2.0-4.el5_11","firefox-0:38.2.0-4.ael7b_1","firefox-0:38.2.0-4.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4478.json"},{"CVE":"CVE-2015-4479","severity":"critical","public_date":"2015-08-11T00:00:00Z","advisories":["RHSA-2015:1586"],"bugzilla":"1252285","bugzilla_description":"CVE-2015-4479 CVE-2015-4480 CVE-2015-4493 Mozilla: Overflow issues in libstagefright (MFSA 2015-83)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-190|CWE-119)","affected_packages":["firefox-0:38.2.0-4.el5_11","firefox-0:38.2.0-4.ael7b_1","firefox-0:38.2.0-4.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4479.json"},{"CVE":"CVE-2015-4480","severity":"critical","public_date":"2015-08-11T00:00:00Z","advisories":["RHSA-2015:1586"],"bugzilla":"1252285","bugzilla_description":"CVE-2015-4479 CVE-2015-4480 CVE-2015-4493 Mozilla: Overflow issues in libstagefright (MFSA 2015-83)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-190|CWE-119)","affected_packages":["firefox-0:38.2.0-4.el5_11","firefox-0:38.2.0-4.ael7b_1","firefox-0:38.2.0-4.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4480.json"},{"CVE":"CVE-2015-4493","severity":"critical","public_date":"2015-08-11T00:00:00Z","advisories":["RHSA-2015:1586"],"bugzilla":"1252285","bugzilla_description":"CVE-2015-4479 CVE-2015-4480 CVE-2015-4493 Mozilla: Overflow issues in libstagefright (MFSA 2015-83)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-190|CWE-119)","affected_packages":["firefox-0:38.2.0-4.el5_11","firefox-0:38.2.0-4.ael7b_1","firefox-0:38.2.0-4.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4493.json"},{"CVE":"CVE-2015-4483","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":[],"bugzilla":"1252288","bugzilla_description":"CVE-2015-4483 Mozilla: Feed: protocol with POST bypasses mixed content protections (MFSA 2015-86)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4483.json"},{"CVE":"CVE-2015-4484","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":["RHSA-2015:1586"],"bugzilla":"1252289","bugzilla_description":"CVE-2015-4484 Mozilla: Crash when using shared memory in JavaScript (MFSA 2015-87)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["firefox-0:38.2.0-4.el5_11","firefox-0:38.2.0-4.ael7b_1","firefox-0:38.2.0-4.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4484.json"},{"CVE":"CVE-2015-4491","severity":"important","public_date":"2015-08-11T00:00:00Z","advisories":["RHSA-2015:1682","RHSA-2015:1694","RHSA-2015:1586"],"bugzilla":"1252290","bugzilla_description":"CVE-2015-4491 Mozilla: Heap overflow in gdk-pixbuf when scaling bitmap images (MFSA 2015-88)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["firefox-0:38.2.0-4.el5_11","thunderbird-0:38.2.0-4.el5_11","gdk-pixbuf2-0:2.24.1-6.el6_7","firefox-0:38.2.0-4.ael7b_1","firefox-0:38.2.0-4.el6_7","gdk-pixbuf2-0:2.28.2-5.el7_1","thunderbird-0:38.2.0-4.el6_7","thunderbird-0:38.2.0-1.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4491.json"},{"CVE":"CVE-2015-4485","severity":"critical","public_date":"2015-08-11T00:00:00Z","advisories":["RHSA-2015:1586"],"bugzilla":"1252292","bugzilla_description":"CVE-2015-4485 CVE-2015-4486 Mozilla: Buffer overflows on Libvpx when decoding WebM video (MFSA 2015-89)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-119","affected_packages":["firefox-0:38.2.0-4.el5_11","firefox-0:38.2.0-4.ael7b_1","firefox-0:38.2.0-4.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4485.json"},{"CVE":"CVE-2015-4486","severity":"critical","public_date":"2015-08-11T00:00:00Z","advisories":["RHSA-2015:1586"],"bugzilla":"1252292","bugzilla_description":"CVE-2015-4485 CVE-2015-4486 Mozilla: Buffer overflows on Libvpx when decoding WebM video (MFSA 2015-89)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-119","affected_packages":["firefox-0:38.2.0-4.el5_11","firefox-0:38.2.0-4.ael7b_1","firefox-0:38.2.0-4.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4486.json"},{"CVE":"CVE-2015-4487","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":["RHSA-2015:1682","RHSA-2015:1586"],"bugzilla":"1252293","bugzilla_description":"CVE-2015-4487 CVE-2015-4488 CVE-2015-4489 Mozilla: Vulnerabilities found through code inspection (MFSA 2015-90)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.2.0-4.el5_11","thunderbird-0:38.2.0-4.el5_11","firefox-0:38.2.0-4.ael7b_1","firefox-0:38.2.0-4.el6_7","thunderbird-0:38.2.0-4.el6_7","thunderbird-0:38.2.0-1.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4487.json"},{"CVE":"CVE-2015-4488","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":["RHSA-2015:1682","RHSA-2015:1586"],"bugzilla":"1252293","bugzilla_description":"CVE-2015-4487 CVE-2015-4488 CVE-2015-4489 Mozilla: Vulnerabilities found through code inspection (MFSA 2015-90)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.2.0-4.el5_11","thunderbird-0:38.2.0-4.el5_11","firefox-0:38.2.0-4.ael7b_1","firefox-0:38.2.0-4.el6_7","thunderbird-0:38.2.0-4.el6_7","thunderbird-0:38.2.0-1.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4488.json"},{"CVE":"CVE-2015-4489","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":["RHSA-2015:1682","RHSA-2015:1586"],"bugzilla":"1252293","bugzilla_description":"CVE-2015-4487 CVE-2015-4488 CVE-2015-4489 Mozilla: Vulnerabilities found through code inspection (MFSA 2015-90)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.2.0-4.el5_11","thunderbird-0:38.2.0-4.el5_11","firefox-0:38.2.0-4.ael7b_1","firefox-0:38.2.0-4.el6_7","thunderbird-0:38.2.0-4.el6_7","thunderbird-0:38.2.0-1.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4489.json"},{"CVE":"CVE-2015-4490","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":[],"bugzilla":"1252294","bugzilla_description":"CVE-2015-4490 Mozilla: Mozilla Content Security Policy allows for asterisk wildcards in violation of CSP specification (MFSA 2015-91)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4490.json"},{"CVE":"CVE-2015-4492","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":["RHSA-2015:1586"],"bugzilla":"1252295","bugzilla_description":"CVE-2015-4492 Mozilla: Use-after-free in XMLHttpRequest with shared workers (MFSA 2015-92)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:38.2.0-4.el5_11","firefox-0:38.2.0-4.ael7b_1","firefox-0:38.2.0-4.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4492.json"},{"CVE":"CVE-2015-4495","severity":"important","public_date":"2015-08-06T00:00:00Z","advisories":["RHSA-2015:1581"],"bugzilla":"1251318","bugzilla_description":"CVE-2015-4495 Mozilla: Same origin violation and local file stealing via PDF reader (MFSA 2015-78)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["firefox-0:38.1.1-1.el7_1","firefox-0:38.1.1-1.el5_11","firefox-0:38.1.1-1.el6_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4495.json"},{"CVE":"CVE-2015-2724","severity":"important","public_date":"2015-07-02T00:00:00Z","advisories":["RHSA-2015:1207","RHSA-2015:1455"],"bugzilla":"1236947","bugzilla_description":"CVE-2015-2724 CVE-2015-2725 Mozilla: Miscellaneous memory safety hazards (rv:31.8 / rv:38.1) (MFSA 2015-59)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:31.8.0-1.el6_6","firefox-0:38.1.0-1.el7_1","firefox-0:38.1.0-1.el5_11","thunderbird-0:31.8.0-1.el5_11","firefox-0:38.1.0-1.el6_6","thunderbird-0:31.8.0-1.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2724.json"},{"CVE":"CVE-2015-2725","severity":"important","public_date":"2015-07-02T00:00:00Z","advisories":["RHSA-2015:1207","RHSA-2015:1455"],"bugzilla":"1236947","bugzilla_description":"CVE-2015-2724 CVE-2015-2725 Mozilla: Miscellaneous memory safety hazards (rv:31.8 / rv:38.1) (MFSA 2015-59)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:31.8.0-1.el6_6","firefox-0:38.1.0-1.el7_1","firefox-0:38.1.0-1.el5_11","thunderbird-0:31.8.0-1.el5_11","firefox-0:38.1.0-1.el6_6","thunderbird-0:31.8.0-1.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2725.json"},{"CVE":"CVE-2015-2726","severity":"critical","public_date":"2015-07-02T00:00:00Z","advisories":[],"bugzilla":"1236948","bugzilla_description":"CVE-2015-2726 Mozilla: Miscellaneous memory safety hazards (rv:38.1) (MFSA 2015-59)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2726.json"},{"CVE":"CVE-2015-2727","severity":"moderate","public_date":"2015-07-02T00:00:00Z","advisories":["RHSA-2015:1207"],"bugzilla":"1236950","bugzilla_description":"CVE-2015-2727 Mozilla: Local files or privileged URLs in pages can be opened into new tabs (MFSA 2015-60)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:38.1.0-1.el7_1","firefox-0:38.1.0-1.el5_11","firefox-0:38.1.0-1.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2727.json"},{"CVE":"CVE-2015-2728","severity":"moderate","public_date":"2015-07-02T00:00:00Z","advisories":["RHSA-2015:1207"],"bugzilla":"1236951","bugzilla_description":"CVE-2015-2728 Mozilla: Type confusion in Indexed Database Manager (MFSA 2015-61)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-843","affected_packages":["firefox-0:38.1.0-1.el7_1","firefox-0:38.1.0-1.el5_11","firefox-0:38.1.0-1.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2728.json"},{"CVE":"CVE-2015-2729","severity":"moderate","public_date":"2015-07-02T00:00:00Z","advisories":["RHSA-2015:1207"],"bugzilla":"1236952","bugzilla_description":"CVE-2015-2729 Mozilla: Out-of-bound read while computing an oscillator rendering range in Web Audio (MFSA 2015-62)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":["firefox-0:38.1.0-1.el7_1","firefox-0:38.1.0-1.el5_11","firefox-0:38.1.0-1.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2729.json"},{"CVE":"CVE-2015-2731","severity":"critical","public_date":"2015-07-02T00:00:00Z","advisories":["RHSA-2015:1207","RHSA-2015:1455"],"bugzilla":"1236953","bugzilla_description":"CVE-2015-2731 Mozilla: Use-after-free in Content Policy due to microtask execution error (MFSA 2015-63)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["thunderbird-0:31.8.0-1.el6_6","firefox-0:38.1.0-1.el7_1","firefox-0:38.1.0-1.el5_11","thunderbird-0:31.8.0-1.el5_11","firefox-0:38.1.0-1.el6_6","thunderbird-0:31.8.0-1.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2731.json"},{"CVE":"CVE-2015-2722","severity":"critical","public_date":"2015-07-02T00:00:00Z","advisories":["RHSA-2015:1207"],"bugzilla":"1236955","bugzilla_description":"CVE-2015-2722 CVE-2015-2733 Mozilla: Use-after-free in workers while using XMLHttpRequest (MFSA 2015-65)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:38.1.0-1.el7_1","firefox-0:38.1.0-1.el5_11","firefox-0:38.1.0-1.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2722.json"},{"CVE":"CVE-2015-2733","severity":"critical","public_date":"2015-07-02T00:00:00Z","advisories":["RHSA-2015:1207"],"bugzilla":"1236955","bugzilla_description":"CVE-2015-2722 CVE-2015-2733 Mozilla: Use-after-free in workers while using XMLHttpRequest (MFSA 2015-65)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:38.1.0-1.el7_1","firefox-0:38.1.0-1.el5_11","firefox-0:38.1.0-1.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2733.json"},{"CVE":"CVE-2015-2734","severity":"critical","public_date":"2015-07-02T00:00:00Z","advisories":["RHSA-2015:1207","RHSA-2015:1455"],"bugzilla":"1236956","bugzilla_description":"CVE-2015-2734 CVE-2015-2735 CVE-2015-2736 CVE-2015-2737 CVE-2015-2738 CVE-2015-2739 CVE-2015-2740 Mozilla: Vulnerabilities found through code inspection (MFSA 2015-66)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:31.8.0-1.el6_6","firefox-0:38.1.0-1.el7_1","firefox-0:38.1.0-1.el5_11","thunderbird-0:31.8.0-1.el5_11","firefox-0:38.1.0-1.el6_6","thunderbird-0:31.8.0-1.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2734.json"},{"CVE":"CVE-2015-2735","severity":"critical","public_date":"2015-07-02T00:00:00Z","advisories":["RHSA-2015:1207","RHSA-2015:1455"],"bugzilla":"1236956","bugzilla_description":"CVE-2015-2734 CVE-2015-2735 CVE-2015-2736 CVE-2015-2737 CVE-2015-2738 CVE-2015-2739 CVE-2015-2740 Mozilla: Vulnerabilities found through code inspection (MFSA 2015-66)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:31.8.0-1.el6_6","firefox-0:38.1.0-1.el7_1","firefox-0:38.1.0-1.el5_11","thunderbird-0:31.8.0-1.el5_11","firefox-0:38.1.0-1.el6_6","thunderbird-0:31.8.0-1.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2735.json"},{"CVE":"CVE-2015-2736","severity":"critical","public_date":"2015-07-02T00:00:00Z","advisories":["RHSA-2015:1207","RHSA-2015:1455"],"bugzilla":"1236956","bugzilla_description":"CVE-2015-2734 CVE-2015-2735 CVE-2015-2736 CVE-2015-2737 CVE-2015-2738 CVE-2015-2739 CVE-2015-2740 Mozilla: Vulnerabilities found through code inspection (MFSA 2015-66)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:31.8.0-1.el6_6","firefox-0:38.1.0-1.el7_1","firefox-0:38.1.0-1.el5_11","thunderbird-0:31.8.0-1.el5_11","firefox-0:38.1.0-1.el6_6","thunderbird-0:31.8.0-1.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2736.json"},{"CVE":"CVE-2015-2737","severity":"critical","public_date":"2015-07-02T00:00:00Z","advisories":["RHSA-2015:1207","RHSA-2015:1455"],"bugzilla":"1236956","bugzilla_description":"CVE-2015-2734 CVE-2015-2735 CVE-2015-2736 CVE-2015-2737 CVE-2015-2738 CVE-2015-2739 CVE-2015-2740 Mozilla: Vulnerabilities found through code inspection (MFSA 2015-66)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:31.8.0-1.el6_6","firefox-0:38.1.0-1.el7_1","firefox-0:38.1.0-1.el5_11","thunderbird-0:31.8.0-1.el5_11","firefox-0:38.1.0-1.el6_6","thunderbird-0:31.8.0-1.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2737.json"},{"CVE":"CVE-2015-2738","severity":"critical","public_date":"2015-07-02T00:00:00Z","advisories":["RHSA-2015:1207","RHSA-2015:1455"],"bugzilla":"1236956","bugzilla_description":"CVE-2015-2734 CVE-2015-2735 CVE-2015-2736 CVE-2015-2737 CVE-2015-2738 CVE-2015-2739 CVE-2015-2740 Mozilla: Vulnerabilities found through code inspection (MFSA 2015-66)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:31.8.0-1.el6_6","firefox-0:38.1.0-1.el7_1","firefox-0:38.1.0-1.el5_11","thunderbird-0:31.8.0-1.el5_11","firefox-0:38.1.0-1.el6_6","thunderbird-0:31.8.0-1.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2738.json"},{"CVE":"CVE-2015-2739","severity":"critical","public_date":"2015-07-02T00:00:00Z","advisories":["RHSA-2015:1207","RHSA-2015:1455"],"bugzilla":"1236956","bugzilla_description":"CVE-2015-2734 CVE-2015-2735 CVE-2015-2736 CVE-2015-2737 CVE-2015-2738 CVE-2015-2739 CVE-2015-2740 Mozilla: Vulnerabilities found through code inspection (MFSA 2015-66)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:31.8.0-1.el6_6","firefox-0:38.1.0-1.el7_1","firefox-0:38.1.0-1.el5_11","thunderbird-0:31.8.0-1.el5_11","firefox-0:38.1.0-1.el6_6","thunderbird-0:31.8.0-1.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2739.json"},{"CVE":"CVE-2015-2740","severity":"critical","public_date":"2015-07-02T00:00:00Z","advisories":["RHSA-2015:1207","RHSA-2015:1455"],"bugzilla":"1236956","bugzilla_description":"CVE-2015-2734 CVE-2015-2735 CVE-2015-2736 CVE-2015-2737 CVE-2015-2738 CVE-2015-2739 CVE-2015-2740 Mozilla: Vulnerabilities found through code inspection (MFSA 2015-66)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:31.8.0-1.el6_6","firefox-0:38.1.0-1.el7_1","firefox-0:38.1.0-1.el5_11","thunderbird-0:31.8.0-1.el5_11","firefox-0:38.1.0-1.el6_6","thunderbird-0:31.8.0-1.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2740.json"},{"CVE":"CVE-2015-2741","severity":"moderate","public_date":"2015-07-02T00:00:00Z","advisories":["RHSA-2015:1207","RHSA-2015:1455"],"bugzilla":"1236963","bugzilla_description":"CVE-2015-2741 Mozilla: Key pinning is ignored when overridable errors are encountered (MFSA 2015-67)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["thunderbird-0:31.8.0-1.el6_6","firefox-0:38.1.0-1.el7_1","firefox-0:38.1.0-1.el5_11","thunderbird-0:31.8.0-1.el5_11","firefox-0:38.1.0-1.el6_6","thunderbird-0:31.8.0-1.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2741.json"},{"CVE":"CVE-2015-2743","severity":"moderate","public_date":"2015-07-02T00:00:00Z","advisories":["RHSA-2015:1207"],"bugzilla":"1236964","bugzilla_description":"CVE-2015-2743 Mozilla: Privilege escalation through internal workers (MFSA 2015-69)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-250","affected_packages":["firefox-0:38.1.0-1.el7_1","firefox-0:38.1.0-1.el5_11","firefox-0:38.1.0-1.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2743.json"},{"CVE":"CVE-2015-2708","severity":"critical","public_date":"2015-05-12T00:00:00Z","advisories":["RHSA-2015:0988","RHSA-2015:1012"],"bugzilla":"1220597","bugzilla_description":"CVE-2015-2708 Mozilla: Miscellaneous memory safety hazards (rv:31.7) (MFSA 2015-46)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:31.7.0-1.el6_6","firefox-0:38.0-4.el5_11","firefox-0:38.0-4.el6_6","firefox-0:38.0-3.el7_1","thunderbird-0:31.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2708.json"},{"CVE":"CVE-2015-2709","severity":"critical","public_date":"2015-05-12T00:00:00Z","advisories":[],"bugzilla":"1220599","bugzilla_description":"CVE-2015-2709 Mozilla: Miscellaneous memory safety hazards (rv:38.0) (MFSA 2015-46)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2709.json"},{"CVE":"CVE-2015-0797","severity":"moderate","public_date":"2015-05-12T00:00:00Z","advisories":["RHSA-2015:0988"],"bugzilla":"1220600","bugzilla_description":"CVE-2015-0797 Mozilla: Buffer overflow parsing H.264 video with Linux Gstreamer (MFSA 2015-47)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-119","affected_packages":["firefox-0:38.0-4.el5_11","firefox-0:38.0-4.el6_6","firefox-0:38.0-3.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0797.json"},{"CVE":"CVE-2015-2710","severity":"critical","public_date":"2015-05-12T00:00:00Z","advisories":["RHSA-2015:0988","RHSA-2015:1012"],"bugzilla":"1220601","bugzilla_description":"CVE-2015-2710 Mozilla: Buffer overflow with SVG content and CSS (MFSA 2015-48)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-119","affected_packages":["thunderbird-0:31.7.0-1.el6_6","firefox-0:38.0-4.el5_11","firefox-0:38.0-4.el6_6","firefox-0:38.0-3.el7_1","thunderbird-0:31.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2710.json"},{"CVE":"CVE-2015-2711","severity":"moderate","public_date":"2015-05-12T00:00:00Z","advisories":[],"bugzilla":"1220603","bugzilla_description":"CVE-2015-2711 Mozilla: is ignored for navigations from the context menu and via a middle-click (MFSA 2015-49)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2711.json"},{"CVE":"CVE-2015-2712","severity":"critical","public_date":"2015-05-12T00:00:00Z","advisories":[],"bugzilla":"1220604","bugzilla_description":"CVE-2015-2712 Mozilla: Out-of-bounds read and write in asm.js validation (MFSA 2015-50)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2712.json"},{"CVE":"CVE-2015-2713","severity":"critical","public_date":"2015-05-12T00:00:00Z","advisories":["RHSA-2015:0988","RHSA-2015:1012"],"bugzilla":"1220605","bugzilla_description":"CVE-2015-2713 Mozilla: Use-after-free during text processing with vertical text enabled (MFSA 2015-51)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["thunderbird-0:31.7.0-1.el6_6","firefox-0:38.0-4.el5_11","firefox-0:38.0-4.el6_6","firefox-0:38.0-3.el7_1","thunderbird-0:31.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2713.json"},{"CVE":"CVE-2015-2715","severity":"moderate","public_date":"2015-05-12T00:00:00Z","advisories":[],"bugzilla":"1220606","bugzilla_description":"CVE-2015-2715 Mozilla: Use-after-free due to Media Decoder Thread creation during shutdown (MFSA 2015-53)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2715.json"},{"CVE":"CVE-2015-2716","severity":"moderate","public_date":"2015-05-12T00:00:00Z","advisories":["RHSA-2015:0988","RHBA-2020:1539","RHSA-2020:1011","RHSA-2015:1012","RHSA-2020:2508","RHBA-2020:1540"],"bugzilla":"1220607","bugzilla_description":"CVE-2015-2716 expat: Integer overflow leading to buffer overflow in XML_GetBuffer()","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["ansible-tower-35/ansible-tower:3.5.6-1","ansible-tower-36/ansible-tower:3.6.4-1","expat-0:2.1.0-11.el7_7","thunderbird-0:31.7.0-1.el6_6","firefox-0:38.0-4.el5_11","firefox-0:38.0-4.el6_6","firefox-0:38.0-3.el7_1","expat-0:2.1.0-11.el7","thunderbird-0:31.7.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2716.json"},{"CVE":"CVE-2015-2717","severity":"moderate","public_date":"2015-05-12T00:00:00Z","advisories":[],"bugzilla":"1220608","bugzilla_description":"CVE-2015-2717 Mozilla: Buffer overflow and out-of-bounds read while parsing MP4 video metadata (MFSA 2015-55)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2717.json"},{"CVE":"CVE-2015-2718","severity":"moderate","public_date":"2015-05-12T00:00:00Z","advisories":[],"bugzilla":"1220609","bugzilla_description":"CVE-2015-2718 Mozilla: Untrusted site hosting trusted page can intercept webchannel responses (MFSA 2015-56)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2718.json"},{"CVE":"CVE-2015-2706","severity":"critical","public_date":"2015-04-20T00:00:00Z","advisories":[],"bugzilla":"1213935","bugzilla_description":"CVE-2015-2706 Mozilla: Memory corruption during failed plugin initialization (MFSA 2015-45)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2706.json"},{"CVE":"CVE-2015-0799","severity":"important","public_date":"2015-04-03T00:00:00Z","advisories":[],"bugzilla":"1208731","bugzilla_description":"CVE-2015-0799 Mozilla: Certificate verification bypass through the HTTP/2 Alt-Svc header (MFSA 2015-44)","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0799.json"},{"CVE":"CVE-2015-0815","severity":"critical","public_date":"2015-03-31T00:00:00Z","advisories":["RHSA-2015:0766","RHSA-2015:0771"],"bugzilla":"1207068","bugzilla_description":"CVE-2015-0815 Mozilla: Miscellaneous memory safety hazards (rv:31.6) (MFSA 2015-30)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["firefox-0:31.6.0-2.el5_11","thunderbird-0:31.6.0-1.ael7b_1","firefox-0:31.6.0-2.ael7b_1","firefox-0:31.6.0-2.el6_6","thunderbird-0:31.6.0-1.el6_6","thunderbird-0:31.6.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0815.json"},{"CVE":"CVE-2015-0814","severity":"critical","public_date":"2015-03-31T00:00:00Z","advisories":[],"bugzilla":"1207070","bugzilla_description":"CVE-2015-0814 Mozilla: Miscellaneous memory safety hazards (rv:37.0) (MFSA 2015-30)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0814.json"},{"CVE":"CVE-2015-0812","severity":"moderate","public_date":"2015-03-31T00:00:00Z","advisories":[],"bugzilla":"1207071","bugzilla_description":"CVE-2015-0812 Mozilla: Add-on lightweight theme installation approval bypassed through MITM attack (MFSA 2015-32)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-306","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0812.json"},{"CVE":"CVE-2015-0816","severity":"moderate","public_date":"2015-03-31T00:00:00Z","advisories":["RHSA-2015:0766","RHSA-2015:0771"],"bugzilla":"1207072","bugzilla_description":"CVE-2015-0816 Mozilla: resource:// documents can load privileged pages (MFSA 2015-33)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-250","affected_packages":["firefox-0:31.6.0-2.el5_11","thunderbird-0:31.6.0-1.ael7b_1","firefox-0:31.6.0-2.ael7b_1","firefox-0:31.6.0-2.el6_6","thunderbird-0:31.6.0-1.el6_6","thunderbird-0:31.6.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0816.json"},{"CVE":"CVE-2015-0811","severity":"moderate","public_date":"2015-03-31T00:00:00Z","advisories":[],"bugzilla":"1207073","bugzilla_description":"CVE-2015-0811 Mozilla: Out of bounds read in QCMS library (MFSA 2015-34)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0811.json"},{"CVE":"CVE-2015-0808","severity":"moderate","public_date":"2015-03-31T00:00:00Z","advisories":[],"bugzilla":"1207075","bugzilla_description":"CVE-2015-0808 Mozilla: Incorrect memory management for simple-type arrays in WebRTC (MFSA 2015-36)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0808.json"},{"CVE":"CVE-2015-0807","severity":"moderate","public_date":"2015-03-31T00:00:00Z","advisories":["RHSA-2015:0766","RHSA-2015:0771"],"bugzilla":"1207076","bugzilla_description":"CVE-2015-0807 Mozilla: CORS requests should not follow 30x redirections after preflight (MFSA 2015-37)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-352","affected_packages":["firefox-0:31.6.0-2.el5_11","thunderbird-0:31.6.0-1.ael7b_1","firefox-0:31.6.0-2.ael7b_1","firefox-0:31.6.0-2.el6_6","thunderbird-0:31.6.0-1.el6_6","thunderbird-0:31.6.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0807.json"},{"CVE":"CVE-2015-0805","severity":"critical","public_date":"2015-03-31T00:00:00Z","advisories":[],"bugzilla":"1207078","bugzilla_description":"CVE-2015-0805 CVE-2015-0806 Mozilla: Memory corruption crashes in Off Main Thread Compositing (MFSA 2015-38)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0805.json"},{"CVE":"CVE-2015-0806","severity":"critical","public_date":"2015-03-31T00:00:00Z","advisories":[],"bugzilla":"1207078","bugzilla_description":"CVE-2015-0805 CVE-2015-0806 Mozilla: Memory corruption crashes in Off Main Thread Compositing (MFSA 2015-38)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0806.json"},{"CVE":"CVE-2015-0803","severity":"critical","public_date":"2015-03-31T00:00:00Z","advisories":[],"bugzilla":"1207081","bugzilla_description":"CVE-2015-0803 CVE-2015-0804 Mozilla: Use-after-free due to type confusion flaws (MFSA 2015-39)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0803.json"},{"CVE":"CVE-2015-0804","severity":"critical","public_date":"2015-03-31T00:00:00Z","advisories":[],"bugzilla":"1207081","bugzilla_description":"CVE-2015-0803 CVE-2015-0804 Mozilla: Use-after-free due to type confusion flaws (MFSA 2015-39)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0804.json"},{"CVE":"CVE-2015-0801","severity":"moderate","public_date":"2015-03-31T00:00:00Z","advisories":["RHSA-2015:0766","RHSA-2015:0771"],"bugzilla":"1207084","bugzilla_description":"CVE-2015-0801 Mozilla: Same-origin bypass through anchor navigation (MFSA 2015-40)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-358","affected_packages":["firefox-0:31.6.0-2.el5_11","thunderbird-0:31.6.0-1.ael7b_1","firefox-0:31.6.0-2.ael7b_1","firefox-0:31.6.0-2.el6_6","thunderbird-0:31.6.0-1.el6_6","thunderbird-0:31.6.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0801.json"},{"CVE":"CVE-2015-0802","severity":"moderate","public_date":"2015-03-31T00:00:00Z","advisories":[],"bugzilla":"1207086","bugzilla_description":"CVE-2015-0802 Mozilla: Windows can retain access to privileged content on navigation to unprivileged pages (MFSA 2015-42)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-250","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0802.json"},{"CVE":"CVE-2015-0813","severity":"critical","public_date":"2015-03-31T00:00:00Z","advisories":["RHSA-2015:0766","RHSA-2015:0771"],"bugzilla":"1207088","bugzilla_description":"CVE-2015-0813 Mozilla: Use-after-free when using the Fluendo MP3 GStreamer plugin (MFSA 2015-31)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:31.6.0-2.el5_11","thunderbird-0:31.6.0-1.ael7b_1","firefox-0:31.6.0-2.ael7b_1","firefox-0:31.6.0-2.el6_6","thunderbird-0:31.6.0-1.el6_6","thunderbird-0:31.6.0-1.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0813.json"},{"CVE":"CVE-2015-0817","severity":"critical","public_date":"2015-03-21T00:00:00Z","advisories":["RHSA-2015:0718"],"bugzilla":"1204362","bugzilla_description":"CVE-2015-0817 Mozilla: Code execution through incorrect JavaScript bounds checking elimination (MFSA 2015-29)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-119","affected_packages":["firefox-0:31.5.3-3.ael7b_1","firefox-0:31.5.3-1.el5_11","firefox-0:31.5.3-1.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0817.json"},{"CVE":"CVE-2015-0818","severity":"critical","public_date":"2015-03-21T00:00:00Z","advisories":["RHSA-2015:0718"],"bugzilla":"1204363","bugzilla_description":"CVE-2015-0818 Mozilla: Privilege escalation through SVG navigation (MFSA 2015-28)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:31.5.3-3.ael7b_1","firefox-0:31.5.3-1.el5_11","firefox-0:31.5.3-1.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0818.json"},{"CVE":"CVE-2012-6702","severity":"moderate","public_date":"2015-02-27T00:00:00Z","advisories":[],"bugzilla":"1319731","bugzilla_description":"CVE-2012-6702 expat: Using XML_Parse before rand() results into non-random output","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-330","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6702.json"},{"CVE":"CVE-2015-0836","severity":"critical","public_date":"2015-02-24T00:00:00Z","advisories":["RHSA-2015:0642","RHSA-2015:0266","RHSA-2015:0265","RHSA-2015:0629"],"bugzilla":"1195605","bugzilla_description":"CVE-2015-0836 Mozilla: Miscellaneous memory safety hazards (rv:31.5) (MFSA 2015-11)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:31.5.0-2.ael7b_1","firefox-0:31.5.0-1.el5_11","firefox-0:31.5.0-1.el6_6","thunderbird-0:31.5.0-1.el5_11","thunderbird-0:31.5.0-1.el6_6","thunderbird-0:31.5.0-2.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0836.json"},{"CVE":"CVE-2015-0835","severity":"critical","public_date":"2015-02-24T00:00:00Z","advisories":[],"bugzilla":"1195609","bugzilla_description":"CVE-2015-0835 Mozilla: Miscellaneous memory safety hazards (rv:36.0) (MFSA 2015-11)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0835.json"},{"CVE":"CVE-2015-0832","severity":"moderate","public_date":"2015-02-24T00:00:00Z","advisories":[],"bugzilla":"1195610","bugzilla_description":"CVE-2015-0832 Mozilla: Appended period to hostnames can bypass HPKP and HSTS protections (MFSA 2015-13)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0832.json"},{"CVE":"CVE-2015-0830","severity":"moderate","public_date":"2015-02-24T00:00:00Z","advisories":[],"bugzilla":"1195613","bugzilla_description":"CVE-2015-0830 Mozilla: Malicious WebGL content crash when writing strings (MFSA 2015-14)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0830.json"},{"CVE":"CVE-2015-0834","severity":"moderate","public_date":"2015-02-24T00:00:00Z","advisories":[],"bugzilla":"1195616","bugzilla_description":"CVE-2015-0834 Mozilla: TLS TURN and STUN connections silently fail to simple TCP connections (MFSA 2015-15)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-319","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0834.json"},{"CVE":"CVE-2015-0831","severity":"critical","public_date":"2015-02-24T00:00:00Z","advisories":["RHSA-2015:0642","RHSA-2015:0266","RHSA-2015:0265","RHSA-2015:0629"],"bugzilla":"1195619","bugzilla_description":"CVE-2015-0831 Mozilla: Use-after-free in IndexedDB (MFSA 2015-16)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:31.5.0-2.ael7b_1","firefox-0:31.5.0-1.el5_11","firefox-0:31.5.0-1.el6_6","thunderbird-0:31.5.0-1.el5_11","thunderbird-0:31.5.0-1.el6_6","thunderbird-0:31.5.0-2.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0831.json"},{"CVE":"CVE-2015-0829","severity":"critical","public_date":"2015-02-24T00:00:00Z","advisories":[],"bugzilla":"1195620","bugzilla_description":"CVE-2015-0829 Mozilla: Buffer overflow in libstagefright during MP4 video playback (MFSA 2015-17)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0829.json"},{"CVE":"CVE-2015-0828","severity":"moderate","public_date":"2015-02-24T00:00:00Z","advisories":[],"bugzilla":"1195621","bugzilla_description":"CVE-2015-0828 Mozilla: Double-free when using non-default memory allocators with a zero-length XHR (MFSA 2015-18)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0828.json"},{"CVE":"CVE-2015-0827","severity":"moderate","public_date":"2015-02-24T00:00:00Z","advisories":["RHSA-2015:0642","RHSA-2015:0266","RHSA-2015:0265","RHSA-2015:0629"],"bugzilla":"1195623","bugzilla_description":"CVE-2015-0827 Mozilla: Out-of-bounds read and write while rendering SVG content (MFSA 2015-19)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-119","affected_packages":["firefox-0:31.5.0-2.ael7b_1","firefox-0:31.5.0-1.el5_11","firefox-0:31.5.0-1.el6_6","thunderbird-0:31.5.0-1.el5_11","thunderbird-0:31.5.0-1.el6_6","thunderbird-0:31.5.0-2.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0827.json"},{"CVE":"CVE-2015-0826","severity":"moderate","public_date":"2015-02-24T00:00:00Z","advisories":[],"bugzilla":"1195629","bugzilla_description":"CVE-2015-0826 Mozilla: Buffer overflow during CSS restyling (MFSA 2015-20)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0826.json"},{"CVE":"CVE-2015-0825","severity":"moderate","public_date":"2015-02-24T00:00:00Z","advisories":[],"bugzilla":"1195631","bugzilla_description":"CVE-2015-0825 Mozilla: Buffer underflow during MP3 playback (MFSA 2015-21)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0825.json"},{"CVE":"CVE-2015-0824","severity":"moderate","public_date":"2015-02-24T00:00:00Z","advisories":[],"bugzilla":"1195633","bugzilla_description":"CVE-2015-0824 Mozilla: Crash using DrawTarget in Cairo graphics library (MFSA 2015-22)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0824.json"},{"CVE":"CVE-2015-0823","severity":"low","public_date":"2015-02-24T00:00:00Z","advisories":[],"bugzilla":"1195636","bugzilla_description":"CVE-2015-0823 Mozilla: Use-after-free in Developer Console date with OpenType Sanitiser (MFSA 2015-23)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0823.json"},{"CVE":"CVE-2015-0822","severity":"moderate","public_date":"2015-02-24T00:00:00Z","advisories":["RHSA-2015:0642","RHSA-2015:0266","RHSA-2015:0265","RHSA-2015:0629"],"bugzilla":"1195638","bugzilla_description":"CVE-2015-0822 Mozilla: Reading of local files through manipulation of form autocomplete (MFSA 2015-24)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":["firefox-0:31.5.0-2.ael7b_1","firefox-0:31.5.0-1.el5_11","firefox-0:31.5.0-1.el6_6","thunderbird-0:31.5.0-1.el5_11","thunderbird-0:31.5.0-1.el6_6","thunderbird-0:31.5.0-2.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0822.json"},{"CVE":"CVE-2015-0821","severity":"moderate","public_date":"2015-02-24T00:00:00Z","advisories":[],"bugzilla":"1195639","bugzilla_description":"CVE-2015-0821 Mozilla: Local files or privileged URLs in pages can be opened into new tabs (MFSA 2015-25)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0821.json"},{"CVE":"CVE-2015-0819","severity":"moderate","public_date":"2015-02-24T00:00:00Z","advisories":[],"bugzilla":"1195640","bugzilla_description":"CVE-2015-0819 Mozilla: UI Tour whitelisted sites in background tab can spoof foreground tabs (MFA 2015-26)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0819.json"},{"CVE":"CVE-2014-8635","severity":"critical","public_date":"2015-01-15T00:00:00Z","advisories":[],"bugzilla":"1180963","bugzilla_description":"CVE-2014-8635 Mozilla: Miscellaneous memory safety hazards (rv:35.0) (MFSA 2015-01)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8635.json"},{"CVE":"CVE-2014-8637","severity":"moderate","public_date":"2015-01-15T00:00:00Z","advisories":[],"bugzilla":"1180964","bugzilla_description":"CVE-2014-8637 Mozilla: Uninitialized memory use during bitmap rendering (MFSA 2015-02)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8637.json"},{"CVE":"CVE-2014-8640","severity":"low","public_date":"2015-01-15T00:00:00Z","advisories":[],"bugzilla":"1180970","bugzilla_description":"CVE-2014-8640 Mozilla: Read of uninitialized memory in Web Audio (MFSA 2015-05)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8640.json"},{"CVE":"CVE-2014-8642","severity":"moderate","public_date":"2015-01-15T00:00:00Z","advisories":[],"bugzilla":"1180974","bugzilla_description":"CVE-2014-8642 Mozilla: Delegated OCSP responder certificates failure with id-pkix-ocsp-nocheck extension (MFSA 2015-08)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-295","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8642.json"},{"CVE":"CVE-2014-8634","severity":"critical","public_date":"2015-01-13T00:00:00Z","advisories":["RHSA-2015:0047","RHSA-2015:0046"],"bugzilla":"1180962","bugzilla_description":"CVE-2014-8634 Mozilla: Miscellaneous memory safety hazards (rv:31.4) (MFSA 2015-01)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["thunderbird-0:31.4.0-1.el6_6","firefox-0:31.4.0-1.el6_6","thunderbird-0:31.4.0-1.el5_11","firefox-0:31.4.0-1.el5_11","firefox-0:31.4.0-1.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8634.json"},{"CVE":"CVE-2014-8638","severity":"moderate","public_date":"2015-01-13T00:00:00Z","advisories":["RHSA-2015:0047","RHSA-2015:0046"],"bugzilla":"1180966","bugzilla_description":"CVE-2014-8638 Mozilla: sendBeacon requests lack an Origin header (MFSA 2015-03)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-352","affected_packages":["thunderbird-0:31.4.0-1.el6_6","firefox-0:31.4.0-1.el6_6","thunderbird-0:31.4.0-1.el5_11","firefox-0:31.4.0-1.el5_11","firefox-0:31.4.0-1.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8638.json"},{"CVE":"CVE-2014-8639","severity":"moderate","public_date":"2015-01-13T00:00:00Z","advisories":["RHSA-2015:0047","RHSA-2015:0046"],"bugzilla":"1180967","bugzilla_description":"CVE-2014-8639 Mozilla: Cookie injection through Proxy Authenticate responses (MFSA 2015-04)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-88","affected_packages":["thunderbird-0:31.4.0-1.el6_6","firefox-0:31.4.0-1.el6_6","thunderbird-0:31.4.0-1.el5_11","firefox-0:31.4.0-1.el5_11","firefox-0:31.4.0-1.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8639.json"},{"CVE":"CVE-2014-8641","severity":"important","public_date":"2015-01-13T00:00:00Z","advisories":["RHSA-2015:0046"],"bugzilla":"1180973","bugzilla_description":"CVE-2014-8641 Mozilla: Read-after-free in WebRTC (MFSA 2015-06)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:31.4.0-1.el6_6","firefox-0:31.4.0-1.el5_11","firefox-0:31.4.0-1.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8641.json"},{"CVE":"CVE-2014-6272","severity":"moderate","public_date":"2015-01-05T00:00:00Z","advisories":[],"bugzilla":"1144646","bugzilla_description":"CVE-2014-6272 libevent: potential heap overflow in buffer/bufferevent APIs","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-190->(CWE-122|CWE-835)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6272.json"},{"CVE":"CVE-2014-8631","severity":"moderate","public_date":"2014-12-03T00:00:00Z","advisories":[],"bugzilla":"1169211","bugzilla_description":"CVE-2014-8631 CVE-2014-8632 Mozilla: Privileged access to security wrapped protected objects (MFSA 2014-91)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-285","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8631.json"},{"CVE":"CVE-2014-8632","severity":"moderate","public_date":"2014-12-03T00:00:00Z","advisories":[],"bugzilla":"1169211","bugzilla_description":"CVE-2014-8631 CVE-2014-8632 Mozilla: Privileged access to security wrapped protected objects (MFSA 2014-91)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-285","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8632.json"},{"CVE":"CVE-2014-1587","severity":"critical","public_date":"2014-12-02T00:00:00Z","advisories":["RHSA-2014:1924","RHSA-2014:1919"],"bugzilla":"1169201","bugzilla_description":"CVE-2014-1587 Mozilla: Miscellaneous memory safety hazards (rv:31.3) (MFSA 2014-83)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-120","affected_packages":["firefox-0:31.3.0-3.el7_0","thunderbird-0:31.3.0-1.el5_11","firefox-0:31.3.0-4.el5_11","thunderbird-0:31.3.0-1.el6_6","firefox-0:31.3.0-3.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1587.json"},{"CVE":"CVE-2014-1588","severity":"critical","public_date":"2014-12-02T00:00:00Z","advisories":[],"bugzilla":"1169204","bugzilla_description":"CVE-2014-1588 Mozilla: Miscellaneous memory safety hazards (rv:34.0) (MFSA 2014-83)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1588.json"},{"CVE":"CVE-2014-1589","severity":"moderate","public_date":"2014-12-02T00:00:00Z","advisories":[],"bugzilla":"1169205","bugzilla_description":"CVE-2014-1589 Mozilla: XBL bindings accessible via improper CSS declarations (MFSA 2014-84)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1589.json"},{"CVE":"CVE-2014-1590","severity":"low","public_date":"2014-12-02T00:00:00Z","advisories":["RHSA-2014:1924","RHSA-2014:1919"],"bugzilla":"1169206","bugzilla_description":"CVE-2014-1590 Mozilla: XMLHttpRequest crashes with some input streams (MFSA 2014-85)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20","affected_packages":["firefox-0:31.3.0-3.el7_0","thunderbird-0:31.3.0-1.el5_11","firefox-0:31.3.0-4.el5_11","thunderbird-0:31.3.0-1.el6_6","firefox-0:31.3.0-3.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1590.json"},{"CVE":"CVE-2014-1591","severity":"moderate","public_date":"2014-12-02T00:00:00Z","advisories":[],"bugzilla":"1169207","bugzilla_description":"CVE-2014-1591 Mozilla: CSP leaks redirect data via violation reports (MFSA 2014-86)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-201","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1591.json"},{"CVE":"CVE-2014-1592","severity":"critical","public_date":"2014-12-02T00:00:00Z","advisories":["RHSA-2014:1924","RHSA-2014:1919"],"bugzilla":"1169208","bugzilla_description":"CVE-2014-1592 Mozilla: Use-after-free during HTML5 parsing (MFSA 2014-87)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:31.3.0-3.el7_0","thunderbird-0:31.3.0-1.el5_11","firefox-0:31.3.0-4.el5_11","thunderbird-0:31.3.0-1.el6_6","firefox-0:31.3.0-3.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1592.json"},{"CVE":"CVE-2014-1593","severity":"critical","public_date":"2014-12-02T00:00:00Z","advisories":["RHSA-2014:1924","RHSA-2014:1919"],"bugzilla":"1169209","bugzilla_description":"CVE-2014-1593 Mozilla: Buffer overflow while parsing media content (MFSA 2014-88)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-120","affected_packages":["firefox-0:31.3.0-3.el7_0","thunderbird-0:31.3.0-1.el5_11","firefox-0:31.3.0-4.el5_11","thunderbird-0:31.3.0-1.el6_6","firefox-0:31.3.0-3.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1593.json"},{"CVE":"CVE-2014-1594","severity":"moderate","public_date":"2014-12-02T00:00:00Z","advisories":["RHSA-2014:1924","RHSA-2014:1919"],"bugzilla":"1169210","bugzilla_description":"CVE-2014-1594 Mozilla: Bad casting from the BasicThebesLayer to BasicContainerLayer (MFSA 2014-89)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-749","affected_packages":["firefox-0:31.3.0-3.el7_0","thunderbird-0:31.3.0-1.el5_11","firefox-0:31.3.0-4.el5_11","thunderbird-0:31.3.0-1.el6_6","firefox-0:31.3.0-3.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1594.json"},{"CVE":"CVE-2014-1574","severity":"critical","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1647","RHSA-2014:1635"],"bugzilla":"1152356","bugzilla_description":"CVE-2014-1574 Mozilla: Miscellaneous memory safety hazards (rv:31.2) (MFSA 2014-74)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:31.2.0-3.el7_0","thunderbird-0:31.2.0-3.el6_6","firefox-0:31.2.0-3.el6_6","firefox-0:31.2.0-3.el5_11","thunderbird-0:31.2.0-2.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1574.json"},{"CVE":"CVE-2014-1575","severity":"critical","public_date":"2014-10-14T00:00:00Z","advisories":[],"bugzilla":"1152357","bugzilla_description":"CVE-2014-1575 Mozilla: Miscellaneous memory safety hazards (rv:33.0) (MFSA 2014-74)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1575.json"},{"CVE":"CVE-2014-1576","severity":"moderate","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1635"],"bugzilla":"1152358","bugzilla_description":"CVE-2014-1576 Mozilla: Buffer overflow during CSS manipulation (MFSA 2014-75)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:31.2.0-3.el7_0","firefox-0:31.2.0-3.el6_6","firefox-0:31.2.0-3.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1576.json"},{"CVE":"CVE-2014-1577","severity":"moderate","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1647","RHSA-2014:1635"],"bugzilla":"1152359","bugzilla_description":"CVE-2014-1577 Mozilla: Web Audio memory corruption issues with custom waveforms (MFSA 2014-76)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["firefox-0:31.2.0-3.el7_0","thunderbird-0:31.2.0-3.el6_6","firefox-0:31.2.0-3.el6_6","firefox-0:31.2.0-3.el5_11","thunderbird-0:31.2.0-2.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1577.json"},{"CVE":"CVE-2014-1578","severity":"critical","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1647","RHSA-2014:1635"],"bugzilla":"1152361","bugzilla_description":"CVE-2014-1578 Mozilla: Out-of-bounds write with WebM video (MFSA 2014-77)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-787","affected_packages":["firefox-0:31.2.0-3.el7_0","thunderbird-0:31.2.0-3.el6_6","firefox-0:31.2.0-3.el6_6","firefox-0:31.2.0-3.el5_11","thunderbird-0:31.2.0-2.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1578.json"},{"CVE":"CVE-2014-1580","severity":"moderate","public_date":"2014-10-14T00:00:00Z","advisories":[],"bugzilla":"1152362","bugzilla_description":"CVE-2014-1580 Mozilla: Further uninitialized memory use during GIF rendering (MFSA 2014-78)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1580.json"},{"CVE":"CVE-2014-1581","severity":"critical","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1647","RHSA-2014:1635"],"bugzilla":"1152363","bugzilla_description":"CVE-2014-1581 Mozilla: Use-after-free interacting with text directionality (MFSA 2014-79)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:31.2.0-3.el7_0","thunderbird-0:31.2.0-3.el6_6","firefox-0:31.2.0-3.el6_6","firefox-0:31.2.0-3.el5_11","thunderbird-0:31.2.0-2.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1581.json"},{"CVE":"CVE-2014-1582","severity":"moderate","public_date":"2014-10-14T00:00:00Z","advisories":[],"bugzilla":"1152364","bugzilla_description":"CVE-2014-1582 CVE-2014-1584 Mozilla: Key pinning bypasses (MFSA 2014-80)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1582.json"},{"CVE":"CVE-2014-1584","severity":"moderate","public_date":"2014-10-14T00:00:00Z","advisories":[],"bugzilla":"1152364","bugzilla_description":"CVE-2014-1582 CVE-2014-1584 Mozilla: Key pinning bypasses (MFSA 2014-80)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1584.json"},{"CVE":"CVE-2014-1585","severity":"moderate","public_date":"2014-10-14T00:00:00Z","advisories":[],"bugzilla":"1152366","bugzilla_description":"CVE-2014-1585 CVE-2014-1586 Mozilla: Inconsistent video sharing within iframe (MFSA 2014-81)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1585.json"},{"CVE":"CVE-2014-1586","severity":"moderate","public_date":"2014-10-14T00:00:00Z","advisories":[],"bugzilla":"1152366","bugzilla_description":"CVE-2014-1585 CVE-2014-1586 Mozilla: Inconsistent video sharing within iframe (MFSA 2014-81)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1586.json"},{"CVE":"CVE-2014-1583","severity":"moderate","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2014:1635"],"bugzilla":"1152683","bugzilla_description":"CVE-2014-1583 Mozilla: Accessing cross-origin objects via the Alarms API (MFSA 2014-82)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["firefox-0:31.2.0-3.el7_0","firefox-0:31.2.0-3.el6_6","firefox-0:31.2.0-3.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1583.json"},{"CVE":"CVE-2014-9766","severity":"moderate","public_date":"2014-10-14T00:00:00Z","advisories":[],"bugzilla":"1311882","bugzilla_description":"CVE-2014-9766 pixman: integer overflow in create_bits function","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-190->CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9766.json"},{"CVE":"CVE-2014-1562","severity":"critical","public_date":"2014-09-03T00:00:00Z","advisories":["RHSA-2014:1145","RHSA-2014:1144"],"bugzilla":"1135862","bugzilla_description":"CVE-2014-1562 Mozilla: Miscellaneous memory safety hazards (rv:rv:24.8) (MFSA 2014-67)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:24.8.0-1.el6_5","firefox-0:24.8.0-1.el7_0","thunderbird-0:24.8.0-1.el6_5","thunderbird-0:24.8.0-1.el5_10","firefox-0:24.8.0-2.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1562.json"},{"CVE":"CVE-2014-1553","severity":"critical","public_date":"2014-09-03T00:00:00Z","advisories":[],"bugzilla":"1135863","bugzilla_description":"CVE-2014-1553 CVE-2014-1554 Mozilla: Miscellaneous memory safety hazards (rv:32.0 / rv:31.1) (MFSA 2014-67)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1553.json"},{"CVE":"CVE-2014-1554","severity":"critical","public_date":"2014-09-03T00:00:00Z","advisories":[],"bugzilla":"1135863","bugzilla_description":"CVE-2014-1553 CVE-2014-1554 Mozilla: Miscellaneous memory safety hazards (rv:32.0 / rv:31.1) (MFSA 2014-67)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1554.json"},{"CVE":"CVE-2014-1563","severity":"critical","public_date":"2014-09-03T00:00:00Z","advisories":[],"bugzilla":"1135864","bugzilla_description":"CVE-2014-1563 Mozilla: Use-after-free during DOM interactions with SVG (MFSA 2014-68)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1563.json"},{"CVE":"CVE-2014-1564","severity":"moderate","public_date":"2014-09-03T00:00:00Z","advisories":[],"bugzilla":"1135865","bugzilla_description":"CVE-2014-1564 Mozilla: Uninitialized memory use during GIF rendering (MFSA 2014-69)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1564.json"},{"CVE":"CVE-2014-1565","severity":"moderate","public_date":"2014-09-03T00:00:00Z","advisories":[],"bugzilla":"1135868","bugzilla_description":"CVE-2014-1565 Mozilla: Out-of-bounds read in Web Audio audio timeline (MFSA 2014-70)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1565.json"},{"CVE":"CVE-2014-1567","severity":"critical","public_date":"2014-09-03T00:00:00Z","advisories":["RHSA-2014:1145","RHSA-2014:1144"],"bugzilla":"1135869","bugzilla_description":"CVE-2014-1567 Mozilla: Use-after-free setting text directionality (MFSA 2014-72)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:24.8.0-1.el6_5","firefox-0:24.8.0-1.el7_0","thunderbird-0:24.8.0-1.el6_5","thunderbird-0:24.8.0-1.el5_10","firefox-0:24.8.0-2.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1567.json"},{"CVE":"CVE-2014-1547","severity":"critical","public_date":"2014-07-22T00:00:00Z","advisories":["RHSA-2014:0919","RHSA-2014:0918"],"bugzilla":"1121464","bugzilla_description":"CVE-2014-1547 Mozilla: Miscellaneous memory safety hazards (rv:24.7) (MFSA 2014-56)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:24.7.0-1.el5_10","thunderbird-0:24.7.0-1.el6_5","firefox-0:24.7.0-1.el6_5","firefox-0:24.7.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1547.json"},{"CVE":"CVE-2014-1548","severity":"critical","public_date":"2014-07-22T00:00:00Z","advisories":[],"bugzilla":"1121469","bugzilla_description":"CVE-2014-1548 Mozilla: Miscellaneous memory safety hazards (rv:31.0) (MFSA 2014-56)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1548.json"},{"CVE":"CVE-2014-1549","severity":"moderate","public_date":"2014-07-22T00:00:00Z","advisories":[],"bugzilla":"1121470","bugzilla_description":"CVE-2014-1549 Mozilla: Buffer overflow during Web Audio buffering for playback (MFSA 2014-57)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1549.json"},{"CVE":"CVE-2014-1550","severity":"moderate","public_date":"2014-07-22T00:00:00Z","advisories":[],"bugzilla":"1121472","bugzilla_description":"CVE-2014-1550 Mozilla: Use-after-free in Web Audio due to incorrect control message ordering (MFSA 2014-58)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1550.json"},{"CVE":"CVE-2014-1561","severity":"low","public_date":"2014-07-22T00:00:00Z","advisories":[],"bugzilla":"1121473","bugzilla_description":"CVE-2014-1561 Mozilla: Toolbar dialog customization event spoofing (MFSA 2014-60)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1561.json"},{"CVE":"CVE-2014-1555","severity":"moderate","public_date":"2014-07-22T00:00:00Z","advisories":["RHSA-2014:0919","RHSA-2014:0918"],"bugzilla":"1121476","bugzilla_description":"CVE-2014-1555 Mozilla: Use-after-free with FireOnStateChange event (MFSA 2014-61)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["thunderbird-0:24.7.0-1.el5_10","thunderbird-0:24.7.0-1.el6_5","firefox-0:24.7.0-1.el6_5","firefox-0:24.7.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1555.json"},{"CVE":"CVE-2014-1556","severity":"critical","public_date":"2014-07-22T00:00:00Z","advisories":["RHSA-2014:0919","RHSA-2014:0918"],"bugzilla":"1121478","bugzilla_description":"CVE-2014-1556 Mozilla: Exploitable WebGL crash with Cesium JavaScript library (MFSA 2014-62)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:24.7.0-1.el5_10","thunderbird-0:24.7.0-1.el6_5","firefox-0:24.7.0-1.el6_5","firefox-0:24.7.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1556.json"},{"CVE":"CVE-2014-1557","severity":"moderate","public_date":"2014-07-22T00:00:00Z","advisories":["RHSA-2014:0919","RHSA-2014:0918"],"bugzilla":"1121479","bugzilla_description":"CVE-2014-1557 Mozilla: Crash in Skia library when scaling high quality images (MFSA 2014-64)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-672","affected_packages":["thunderbird-0:24.7.0-1.el5_10","thunderbird-0:24.7.0-1.el6_5","firefox-0:24.7.0-1.el6_5","firefox-0:24.7.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1557.json"},{"CVE":"CVE-2014-1558","severity":"moderate","public_date":"2014-07-22T00:00:00Z","advisories":[],"bugzilla":"1121480","bugzilla_description":"CVE-2014-1558 CVE-2014-1559 CVE-2014-1560 Mozilla: Certificate parsing broken by non-standard character encoding (MFSA 2014-65)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1558.json"},{"CVE":"CVE-2014-1559","severity":"moderate","public_date":"2014-07-22T00:00:00Z","advisories":[],"bugzilla":"1121480","bugzilla_description":"CVE-2014-1558 CVE-2014-1559 CVE-2014-1560 Mozilla: Certificate parsing broken by non-standard character encoding (MFSA 2014-65)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1559.json"},{"CVE":"CVE-2014-1560","severity":"moderate","public_date":"2014-07-22T00:00:00Z","advisories":[],"bugzilla":"1121480","bugzilla_description":"CVE-2014-1558 CVE-2014-1559 CVE-2014-1560 Mozilla: Certificate parsing broken by non-standard character encoding (MFSA 2014-65)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1560.json"},{"CVE":"CVE-2014-1552","severity":"moderate","public_date":"2014-07-22T00:00:00Z","advisories":[],"bugzilla":"1121481","bugzilla_description":"CVE-2014-1552 Mozilla: IFRAME sandbox same-origin access through redirect (MFSA 2014-66)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1552.json"},{"CVE":"CVE-2014-1533","severity":"critical","public_date":"2014-06-10T00:00:00Z","advisories":["RHSA-2014:0741","RHSA-2014:0742"],"bugzilla":"1107399","bugzilla_description":"CVE-2014-1533 Mozilla: Miscellaneous memory safety hazards (rv:24.6) (MFSA 2014-48)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:24.6.0-1.el5_10","thunderbird-0:24.6.0-1.el6_5","thunderbird-0:24.6.0-1.el5_10","firefox-0:24.6.0-1.el7_0","firefox-0:24.6.0-1.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1533.json"},{"CVE":"CVE-2014-1534","severity":"critical","public_date":"2014-06-10T00:00:00Z","advisories":[],"bugzilla":"1107403","bugzilla_description":"CVE-2014-1534 Mozilla: Miscellaneous memory safety hazards (rv:30.0) (MFSA 2014-48)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1534.json"},{"CVE":"CVE-2014-1536","severity":"critical","public_date":"2014-06-10T00:00:00Z","advisories":[],"bugzilla":"1107419","bugzilla_description":"CVE-2014-1536 CVE-2014-1537 Mozilla: Use-after-free and out of bounds issues found using Address Sanitizer (MFSA 2014-49)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1536.json"},{"CVE":"CVE-2014-1537","severity":"critical","public_date":"2014-06-10T00:00:00Z","advisories":[],"bugzilla":"1107419","bugzilla_description":"CVE-2014-1536 CVE-2014-1537 Mozilla: Use-after-free and out of bounds issues found using Address Sanitizer (MFSA 2014-49)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1537.json"},{"CVE":"CVE-2014-1538","severity":"critical","public_date":"2014-06-10T00:00:00Z","advisories":["RHSA-2014:0741","RHSA-2014:0742"],"bugzilla":"1107421","bugzilla_description":"CVE-2014-1538 Mozilla: Use-after-free and out of bounds issues found using Address Sanitizer (MFSA 2014-49)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-119)","affected_packages":["firefox-0:24.6.0-1.el5_10","thunderbird-0:24.6.0-1.el6_5","thunderbird-0:24.6.0-1.el5_10","firefox-0:24.6.0-1.el7_0","firefox-0:24.6.0-1.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1538.json"},{"CVE":"CVE-2014-1540","severity":"critical","public_date":"2014-06-10T00:00:00Z","advisories":[],"bugzilla":"1107423","bugzilla_description":"CVE-2014-1540 Mozilla: Use-after-free in Event Listener Manager (MFSA 2014-51)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1540.json"},{"CVE":"CVE-2014-1541","severity":"critical","public_date":"2014-06-10T00:00:00Z","advisories":["RHSA-2014:0741","RHSA-2014:0742"],"bugzilla":"1107424","bugzilla_description":"CVE-2014-1541 Mozilla: Use-after-free with SMIL Animation Controller (MFSA 2014-52)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:24.6.0-1.el5_10","thunderbird-0:24.6.0-1.el6_5","thunderbird-0:24.6.0-1.el5_10","firefox-0:24.6.0-1.el7_0","firefox-0:24.6.0-1.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1541.json"},{"CVE":"CVE-2014-1542","severity":"critical","public_date":"2014-06-10T00:00:00Z","advisories":[],"bugzilla":"1107425","bugzilla_description":"CVE-2014-1542 Mozilla: Buffer overflow in Web Audio Speex resampler (MFSA 2014-53)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1542.json"},{"CVE":"CVE-2014-1518","severity":"critical","public_date":"2014-04-29T00:00:00Z","advisories":["RHSA-2014:0448","RHSA-2014:0449"],"bugzilla":"1092657","bugzilla_description":"CVE-2014-1518 Mozilla: Miscellaneous memory safety hazards (rv:24.5) (MFSA 2014-34)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:24.5.0-1.el6_5","thunderbird-0:24.5.0-1.el6_5","thunderbird-0:24.5.0-1.el5_10","firefox-0:24.5.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1518.json"},{"CVE":"CVE-2014-1523","severity":"moderate","public_date":"2014-04-29T00:00:00Z","advisories":["RHSA-2014:0448","RHSA-2014:0449"],"bugzilla":"1092660","bugzilla_description":"CVE-2014-1523 Mozilla: Out of bounds read while decoding JPG images (MFSA-2014-37)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-125","affected_packages":["firefox-0:24.5.0-1.el6_5","thunderbird-0:24.5.0-1.el6_5","thunderbird-0:24.5.0-1.el5_10","firefox-0:24.5.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1523.json"},{"CVE":"CVE-2014-1524","severity":"critical","public_date":"2014-04-29T00:00:00Z","advisories":["RHSA-2014:0448","RHSA-2014:0449"],"bugzilla":"1092663","bugzilla_description":"CVE-2014-1524 Mozilla: Buffer overflow when using non-XBL object as XBL (MFSA 2014-38)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:24.5.0-1.el6_5","thunderbird-0:24.5.0-1.el6_5","thunderbird-0:24.5.0-1.el5_10","firefox-0:24.5.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1524.json"},{"CVE":"CVE-2014-1529","severity":"critical","public_date":"2014-04-29T00:00:00Z","advisories":["RHSA-2014:0448","RHSA-2014:0449"],"bugzilla":"1092664","bugzilla_description":"CVE-2014-1529 Mozilla: Privilege escalation through Web Notification API (MFSA 2014-42)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:24.5.0-1.el6_5","thunderbird-0:24.5.0-1.el6_5","thunderbird-0:24.5.0-1.el5_10","firefox-0:24.5.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1529.json"},{"CVE":"CVE-2014-1530","severity":"moderate","public_date":"2014-04-29T00:00:00Z","advisories":["RHSA-2014:0448","RHSA-2014:0449"],"bugzilla":"1092666","bugzilla_description":"CVE-2014-1530 Mozilla: Cross-site scripting (XSS) using history navigations (MFSA 2014-43)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-79","affected_packages":["firefox-0:24.5.0-1.el6_5","thunderbird-0:24.5.0-1.el6_5","thunderbird-0:24.5.0-1.el5_10","firefox-0:24.5.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1530.json"},{"CVE":"CVE-2014-1531","severity":"critical","public_date":"2014-04-29T00:00:00Z","advisories":["RHSA-2014:0448","RHSA-2014:0449"],"bugzilla":"1092668","bugzilla_description":"CVE-2014-1531 Mozilla: Use-after-free in imgLoader while resizing images (MFSA 2014-44)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:24.5.0-1.el6_5","thunderbird-0:24.5.0-1.el6_5","thunderbird-0:24.5.0-1.el5_10","firefox-0:24.5.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1531.json"},{"CVE":"CVE-2014-1532","severity":"critical","public_date":"2014-04-29T00:00:00Z","advisories":["RHSA-2014:0448","RHSA-2014:0449"],"bugzilla":"1092670","bugzilla_description":"CVE-2014-1532 Mozilla: Use-after-free in nsHostResolver (MFSA 2014-46)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:24.5.0-1.el6_5","thunderbird-0:24.5.0-1.el6_5","thunderbird-0:24.5.0-1.el5_10","firefox-0:24.5.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1532.json"},{"CVE":"CVE-2014-1522","severity":"important","public_date":"2014-04-29T00:00:00Z","advisories":[],"bugzilla":"1095066","bugzilla_description":"CVE-2014-1522 Mozilla: Web Audio memory corruption issues (MFSA 2014-36)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1522.json"},{"CVE":"CVE-2014-1525","severity":"critical","public_date":"2014-04-29T00:00:00Z","advisories":[],"bugzilla":"1095070","bugzilla_description":"CVE-2014-1525 Mozilla: Use-after-free in the Text Track Manager for HTML video (MFSA 2014-39)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1525.json"},{"CVE":"CVE-2014-1526","severity":"moderate","public_date":"2014-04-29T00:00:00Z","advisories":[],"bugzilla":"1095074","bugzilla_description":"CVE-2014-1526 Mozilla: Debugger can bypass XrayWrappers with JavaScript (MFSA 2014-47)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1526.json"},{"CVE":"CVE-2014-1528","severity":"moderate","public_date":"2014-04-29T00:00:00Z","advisories":[],"bugzilla":"1096585","bugzilla_description":"CVE-2014-1528 Mozilla: Out-of-bounds write in Cairo (MFSA 2014-41)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1528.json"},{"CVE":"CVE-2014-1493","severity":"critical","public_date":"2014-03-18T00:00:00Z","advisories":["RHSA-2014:0310","RHSA-2014:0316"],"bugzilla":"1077013","bugzilla_description":"CVE-2014-1493 Mozilla: Miscellaneous memory safety hazards (rv:24.4) (MFSA 2014-15)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:24.4.0-1.el6_5","thunderbird-0:24.4.0-1.el5_10","thunderbird-0:24.4.0-1.el6_5","firefox-0:24.4.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1493.json"},{"CVE":"CVE-2014-1494","severity":"critical","public_date":"2014-03-18T00:00:00Z","advisories":[],"bugzilla":"1077014","bugzilla_description":"CVE-2014-1494 Mozilla: Miscellaneous memory safety hazards (rv:28.0) (MFSA 2014-15)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1494.json"},{"CVE":"CVE-2014-1496","severity":"moderate","public_date":"2014-03-18T00:00:00Z","advisories":[],"bugzilla":"1077015","bugzilla_description":"CVE-2014-1496 Mozilla: Files extracted during updates are not always read only (MFSA 2014-16)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1496.json"},{"CVE":"CVE-2014-1497","severity":"moderate","public_date":"2014-03-18T00:00:00Z","advisories":["RHSA-2014:0310","RHSA-2014:0316"],"bugzilla":"1077016","bugzilla_description":"CVE-2014-1497 Mozilla: Out of bounds read during WAV file decoding (MFSA 2014-17)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-125","affected_packages":["firefox-0:24.4.0-1.el6_5","thunderbird-0:24.4.0-1.el5_10","thunderbird-0:24.4.0-1.el6_5","firefox-0:24.4.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1497.json"},{"CVE":"CVE-2014-1498","severity":"low","public_date":"2014-03-18T00:00:00Z","advisories":[],"bugzilla":"1077018","bugzilla_description":"CVE-2014-1498 Mozilla: crypto.generateCRMFRequest does not validate type of key (MFSA 2014-18)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1498.json"},{"CVE":"CVE-2014-1499","severity":"moderate","public_date":"2014-03-18T00:00:00Z","advisories":[],"bugzilla":"1077019","bugzilla_description":"CVE-2014-1499 Mozilla: Spoofing attack on WebRTC permission prompt (MFSA 2014-19)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1499.json"},{"CVE":"CVE-2014-1500","severity":"moderate","public_date":"2014-03-18T00:00:00Z","advisories":[],"bugzilla":"1077020","bugzilla_description":"CVE-2014-1500 Mozilla: onbeforeunload and Javascript navigation DOS (MFSA 2014-20)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1500.json"},{"CVE":"CVE-2014-1502","severity":"moderate","public_date":"2014-03-18T00:00:00Z","advisories":[],"bugzilla":"1077021","bugzilla_description":"CVE-2014-1502 Mozilla: WebGL content injection from one domain to rendering in another (MFSA 2014-22)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1502.json"},{"CVE":"CVE-2014-1504","severity":"low","public_date":"2014-03-18T00:00:00Z","advisories":[],"bugzilla":"1077022","bugzilla_description":"CVE-2014-1504 Mozilla: Content Security Policy for data: documents not preserved by session restore (MFSA 2014-23)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1504.json"},{"CVE":"CVE-2014-1508","severity":"moderate","public_date":"2014-03-18T00:00:00Z","advisories":["RHSA-2014:0310","RHSA-2014:0316"],"bugzilla":"1077025","bugzilla_description":"CVE-2014-1508 Mozilla: Information disclosure through polygon rendering in MathML (MFSA 2014-26)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["firefox-0:24.4.0-1.el6_5","thunderbird-0:24.4.0-1.el5_10","thunderbird-0:24.4.0-1.el6_5","firefox-0:24.4.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1508.json"},{"CVE":"CVE-2014-1509","severity":"moderate","public_date":"2014-03-18T00:00:00Z","advisories":["RHSA-2014:0310","RHSA-2014:0316"],"bugzilla":"1077028","bugzilla_description":"CVE-2014-1509 Mozilla: Memory corruption in Cairo during PDF font rendering (MFSA 2014-27)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:24.4.0-1.el6_5","thunderbird-0:24.4.0-1.el5_10","thunderbird-0:24.4.0-1.el6_5","firefox-0:24.4.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1509.json"},{"CVE":"CVE-2014-1505","severity":"moderate","public_date":"2014-03-18T00:00:00Z","advisories":["RHSA-2014:0310","RHSA-2014:0316"],"bugzilla":"1077029","bugzilla_description":"CVE-2014-1505 Mozilla: SVG filters information disclosure through feDisplacementMap (MFSA 2014-28)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:24.4.0-1.el6_5","thunderbird-0:24.4.0-1.el5_10","thunderbird-0:24.4.0-1.el6_5","firefox-0:24.4.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1505.json"},{"CVE":"CVE-2014-1510","severity":"critical","public_date":"2014-03-18T00:00:00Z","advisories":["RHSA-2014:0310","RHSA-2014:0316"],"bugzilla":"1077490","bugzilla_description":"CVE-2014-1510 CVE-2014-1511 Mozilla: Privilege escalation using WebIDL-implemented APIs (MFSA 2014-29)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:24.4.0-1.el6_5","thunderbird-0:24.4.0-1.el5_10","thunderbird-0:24.4.0-1.el6_5","firefox-0:24.4.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1510.json"},{"CVE":"CVE-2014-1511","severity":"critical","public_date":"2014-03-18T00:00:00Z","advisories":["RHSA-2014:0310","RHSA-2014:0316"],"bugzilla":"1077490","bugzilla_description":"CVE-2014-1510 CVE-2014-1511 Mozilla: Privilege escalation using WebIDL-implemented APIs (MFSA 2014-29)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:24.4.0-1.el6_5","thunderbird-0:24.4.0-1.el5_10","thunderbird-0:24.4.0-1.el6_5","firefox-0:24.4.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1511.json"},{"CVE":"CVE-2014-1512","severity":"critical","public_date":"2014-03-18T00:00:00Z","advisories":["RHSA-2014:0310","RHSA-2014:0316"],"bugzilla":"1077491","bugzilla_description":"CVE-2014-1512 Mozilla: Use-after-free in TypeObject (MFSA 2014-30)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:24.4.0-1.el6_5","thunderbird-0:24.4.0-1.el5_10","thunderbird-0:24.4.0-1.el6_5","firefox-0:24.4.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1512.json"},{"CVE":"CVE-2014-1513","severity":"critical","public_date":"2014-03-18T00:00:00Z","advisories":["RHSA-2014:0310","RHSA-2014:0316"],"bugzilla":"1077492","bugzilla_description":"CVE-2014-1513 Mozilla: Out-of-bounds read/write through neutering ArrayBuffer objects (MFSA 2014-31)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":["firefox-0:24.4.0-1.el6_5","thunderbird-0:24.4.0-1.el5_10","thunderbird-0:24.4.0-1.el6_5","firefox-0:24.4.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1513.json"},{"CVE":"CVE-2014-1514","severity":"critical","public_date":"2014-03-18T00:00:00Z","advisories":["RHSA-2014:0310","RHSA-2014:0316"],"bugzilla":"1077494","bugzilla_description":"CVE-2014-1514 Mozilla: Out-of-bounds write through TypedArrayObject after neutering (MFSA 2014-32)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-787","affected_packages":["firefox-0:24.4.0-1.el6_5","thunderbird-0:24.4.0-1.el5_10","thunderbird-0:24.4.0-1.el6_5","firefox-0:24.4.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1514.json"},{"CVE":"CVE-2013-6674","severity":"moderate","public_date":"2014-02-06T00:00:00Z","advisories":["RHSA-2013:1823"],"bugzilla":"1063120","bugzilla_description":"CVE-2013-6674 CVE-2014-2018 Mozilla: Script execution in HTML mail replies (MFSA 2014-14)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:24.2.0-1.el6_5","thunderbird-0:24.2.0-2.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6674.json"},{"CVE":"CVE-2014-2018","severity":"moderate","public_date":"2014-02-06T00:00:00Z","advisories":[],"bugzilla":"1063120","bugzilla_description":"CVE-2013-6674 CVE-2014-2018 Mozilla: Script execution in HTML mail replies (MFSA 2014-14)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2018.json"},{"CVE":"CVE-2014-1477","severity":"critical","public_date":"2014-02-04T00:00:00Z","advisories":["RHSA-2014:0133","RHSA-2014:0132"],"bugzilla":"1060938","bugzilla_description":"CVE-2014-1477 Mozilla: Miscellaneous memory safety hazards (rv:24.3) (MFSA 2014-01)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:24.3.0-2.el6_5","thunderbird-0:24.3.0-2.el5_10","thunderbird-0:24.3.0-2.el6_5","firefox-0:24.3.0-2.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1477.json"},{"CVE":"CVE-2014-1478","severity":"critical","public_date":"2014-02-04T00:00:00Z","advisories":[],"bugzilla":"1060939","bugzilla_description":"CVE-2014-1478 Mozilla: Miscellaneous memory safety hazards (rv:27.0) (MFSA 2014-01)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1478.json"},{"CVE":"CVE-2014-1479","severity":"moderate","public_date":"2014-02-04T00:00:00Z","advisories":["RHSA-2014:0133","RHSA-2014:0132"],"bugzilla":"1060940","bugzilla_description":"CVE-2014-1479 Mozilla: Clone protected content with XBL scopes (MFSA 2014-02)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:24.3.0-2.el6_5","thunderbird-0:24.3.0-2.el5_10","thunderbird-0:24.3.0-2.el6_5","firefox-0:24.3.0-2.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1479.json"},{"CVE":"CVE-2014-1480","severity":"moderate","public_date":"2014-02-04T00:00:00Z","advisories":[],"bugzilla":"1060941","bugzilla_description":"CVE-2014-1480 Mozilla: UI selection timeout missing on download prompts (MFSA 2014-03)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1480.json"},{"CVE":"CVE-2014-1482","severity":"critical","public_date":"2014-02-04T00:00:00Z","advisories":["RHSA-2014:0133","RHSA-2014:0132"],"bugzilla":"1060942","bugzilla_description":"CVE-2014-1482 Mozilla: Incorrect use of discarded images by RasterImage (MFSA 2014-04)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:24.3.0-2.el6_5","thunderbird-0:24.3.0-2.el5_10","thunderbird-0:24.3.0-2.el6_5","firefox-0:24.3.0-2.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1482.json"},{"CVE":"CVE-2014-1483","severity":"moderate","public_date":"2014-02-04T00:00:00Z","advisories":[],"bugzilla":"1060943","bugzilla_description":"CVE-2014-1483 Mozilla: Information disclosure with *FromPoint on iframes (MFSA 2014-05)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1483.json"},{"CVE":"CVE-2014-1485","severity":"moderate","public_date":"2014-02-04T00:00:00Z","advisories":[],"bugzilla":"1060944","bugzilla_description":"CVE-2014-1485 Mozilla: XSLT stylesheets treated as styles in Content Security Policy (MFSA 2014-07)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1485.json"},{"CVE":"CVE-2014-1486","severity":"critical","public_date":"2014-02-04T00:00:00Z","advisories":["RHSA-2014:0133","RHSA-2014:0132"],"bugzilla":"1060945","bugzilla_description":"CVE-2014-1486 Mozilla: Use-after-free with imgRequestProxy and image proccessing (MFSA 2014-08)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:24.3.0-2.el6_5","thunderbird-0:24.3.0-2.el5_10","thunderbird-0:24.3.0-2.el6_5","firefox-0:24.3.0-2.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1486.json"},{"CVE":"CVE-2014-1487","severity":"moderate","public_date":"2014-02-04T00:00:00Z","advisories":["RHSA-2014:0133","RHSA-2014:0132"],"bugzilla":"1060947","bugzilla_description":"CVE-2014-1487 Mozilla: Cross-origin information leak through web workers (MFSA 2014-09)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-209","affected_packages":["firefox-0:24.3.0-2.el6_5","thunderbird-0:24.3.0-2.el5_10","thunderbird-0:24.3.0-2.el6_5","firefox-0:24.3.0-2.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1487.json"},{"CVE":"CVE-2014-1489","severity":"low","public_date":"2014-02-04T00:00:00Z","advisories":[],"bugzilla":"1060948","bugzilla_description":"CVE-2014-1489 Mozilla: Firefox default start page UI content invokable by script (MFSA 2014-10)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1489.json"},{"CVE":"CVE-2014-1488","severity":"critical","public_date":"2014-02-04T00:00:00Z","advisories":[],"bugzilla":"1060949","bugzilla_description":"CVE-2014-1488 Mozilla: Crash when using web workers with asm.js (MFSA 2014-11)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1488.json"},{"CVE":"CVE-2014-1481","severity":"moderate","public_date":"2014-02-04T00:00:00Z","advisories":["RHSA-2014:0133","RHSA-2014:0132"],"bugzilla":"1060952","bugzilla_description":"CVE-2014-1481 Mozilla: Inconsistent JavaScript handling of access to Window objects (MFSA 2014-13)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["firefox-0:24.3.0-2.el6_5","thunderbird-0:24.3.0-2.el5_10","thunderbird-0:24.3.0-2.el6_5","firefox-0:24.3.0-2.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1481.json"},{"CVE":"CVE-2014-8636","severity":"moderate","public_date":"2014-01-15T00:00:00Z","advisories":[],"bugzilla":"1180977","bugzilla_description":"CVE-2014-8636 Mozilla: XrayWrapper bypass through DOM objects (MFSA 2015-09)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-250","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8636.json"},{"CVE":"CVE-2013-5609","severity":"important","public_date":"2013-12-10T00:00:00Z","advisories":["RHSA-2013:1812","RHSA-2013:1823"],"bugzilla":"1039417","bugzilla_description":"CVE-2013-5609 Mozilla: Miscellaneous memory safety hazards (rv:24.2) (MFSA 2013-104)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:24.2.0-1.el6_5","thunderbird-0:24.2.0-2.el5_10","firefox-0:24.2.0-1.el6_5","firefox-0:24.2.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5609.json"},{"CVE":"CVE-2013-5610","severity":"critical","public_date":"2013-12-10T00:00:00Z","advisories":[],"bugzilla":"1039418","bugzilla_description":"CVE-2013-5610 Mozilla: Miscellaneous memory safety hazards (rv:26.0) (MFSA 2013-104)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5610.json"},{"CVE":"CVE-2013-5611","severity":"moderate","public_date":"2013-12-10T00:00:00Z","advisories":[],"bugzilla":"1039419","bugzilla_description":"CVE-2013-5611 Mozilla: Application Installation doorhanger persists on navigation (MFSA 2013-105)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5611.json"},{"CVE":"CVE-2013-5612","severity":"moderate","public_date":"2013-12-10T00:00:00Z","advisories":["RHSA-2013:1812","RHSA-2013:1823"],"bugzilla":"1039420","bugzilla_description":"CVE-2013-5612 Mozilla: Character encoding cross-origin XSS attack (MFSA 2013-106)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-79","affected_packages":["thunderbird-0:24.2.0-1.el6_5","thunderbird-0:24.2.0-2.el5_10","firefox-0:24.2.0-1.el6_5","firefox-0:24.2.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5612.json"},{"CVE":"CVE-2013-5614","severity":"low","public_date":"2013-12-10T00:00:00Z","advisories":["RHSA-2013:1812","RHSA-2013:1823"],"bugzilla":"1039421","bugzilla_description":"CVE-2013-5614 Mozilla: Sandbox restrictions not applied to nested object elements (MFSA 2013-107)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:24.2.0-1.el6_5","thunderbird-0:24.2.0-2.el5_10","firefox-0:24.2.0-1.el6_5","firefox-0:24.2.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5614.json"},{"CVE":"CVE-2013-5616","severity":"important","public_date":"2013-12-10T00:00:00Z","advisories":["RHSA-2013:1812","RHSA-2013:1823"],"bugzilla":"1039422","bugzilla_description":"CVE-2013-5616 Mozilla: Use-after-free in event listeners (MFSA 2013-108)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["thunderbird-0:24.2.0-1.el6_5","thunderbird-0:24.2.0-2.el5_10","firefox-0:24.2.0-1.el6_5","firefox-0:24.2.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5616.json"},{"CVE":"CVE-2013-5618","severity":"important","public_date":"2013-12-10T00:00:00Z","advisories":["RHSA-2013:1812","RHSA-2013:1823"],"bugzilla":"1039423","bugzilla_description":"CVE-2013-5618 Mozilla: Use-after-free during Table Editing (MFSA 2013-109)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["thunderbird-0:24.2.0-1.el6_5","thunderbird-0:24.2.0-2.el5_10","firefox-0:24.2.0-1.el6_5","firefox-0:24.2.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5618.json"},{"CVE":"CVE-2013-5619","severity":"moderate","public_date":"2013-12-10T00:00:00Z","advisories":[],"bugzilla":"1039424","bugzilla_description":"CVE-2013-5619 Mozilla: Potential overflow in JavaScript binary search algorithms (MFSA 2013-110)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5619.json"},{"CVE":"CVE-2013-6671","severity":"important","public_date":"2013-12-10T00:00:00Z","advisories":["RHSA-2013:1812","RHSA-2013:1823"],"bugzilla":"1039426","bugzilla_description":"CVE-2013-6671 Mozilla: Segmentation violation when replacing ordered list elements (MFSA 2013-111)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:24.2.0-1.el6_5","thunderbird-0:24.2.0-2.el5_10","firefox-0:24.2.0-1.el6_5","firefox-0:24.2.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6671.json"},{"CVE":"CVE-2013-6672","severity":"low","public_date":"2013-12-10T00:00:00Z","advisories":[],"bugzilla":"1039427","bugzilla_description":"CVE-2013-6672 Mozilla: Linux clipboard information disclosure though selection paste (MFSA 2013-112)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6672.json"},{"CVE":"CVE-2013-6673","severity":"moderate","public_date":"2013-12-10T00:00:00Z","advisories":[],"bugzilla":"1039428","bugzilla_description":"CVE-2013-6673 Mozilla: Trust settings for built-in roots ignored during EV certificate validation (MFSA 2013-113)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6673.json"},{"CVE":"CVE-2013-5613","severity":"important","public_date":"2013-12-10T00:00:00Z","advisories":["RHSA-2013:1812","RHSA-2013:1823"],"bugzilla":"1039429","bugzilla_description":"CVE-2013-5613 Mozilla: Use-after-free in synthetic mouse movement (MFSA 2013-114)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["thunderbird-0:24.2.0-1.el6_5","thunderbird-0:24.2.0-2.el5_10","firefox-0:24.2.0-1.el6_5","firefox-0:24.2.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5613.json"},{"CVE":"CVE-2013-5615","severity":"moderate","public_date":"2013-12-10T00:00:00Z","advisories":[],"bugzilla":"1039430","bugzilla_description":"CVE-2013-5615 Mozilla: GetElementIC typed array stubs can be generated outside observed typesets (MFSA 2013-115)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5615.json"},{"CVE":"CVE-2013-5590","severity":"critical","public_date":"2013-10-29T00:00:00Z","advisories":["RHSA-2013:1480","RHSA-2013:1476"],"bugzilla":"1023835","bugzilla_description":"CVE-2013-5590 Mozilla: Miscellaneous memory safety hazards (rv:17.0.10) (MFSA 2013-93)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:17.0.10-1.el5_10","firefox-0:17.0.10-1.el6_4","thunderbird-0:17.0.10-1.el6_4","thunderbird-0:17.0.10-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5590.json"},{"CVE":"CVE-2013-5593","severity":"moderate","public_date":"2013-10-29T00:00:00Z","advisories":[],"bugzilla":"1023836","bugzilla_description":"CVE-2013-5593 Mozilla: Spoofing addressbar though SELECT element (MFSA 2013-94)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5593.json"},{"CVE":"CVE-2013-5595","severity":"moderate","public_date":"2013-10-29T00:00:00Z","advisories":["RHSA-2013:1480","RHSA-2013:1476"],"bugzilla":"1023839","bugzilla_description":"CVE-2013-5595 Mozilla: Improperly initialized memory and overflows in some JavaScript functions (MFSA 2013-96)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:17.0.10-1.el5_10","firefox-0:17.0.10-1.el6_4","thunderbird-0:17.0.10-1.el6_4","thunderbird-0:17.0.10-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5595.json"},{"CVE":"CVE-2013-5596","severity":"critical","public_date":"2013-10-29T00:00:00Z","advisories":[],"bugzilla":"1023840","bugzilla_description":"CVE-2013-5596 Mozilla: Writing to cycle collected object during image decoding (MFSA 2013-97)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5596.json"},{"CVE":"CVE-2013-5597","severity":"critical","public_date":"2013-10-29T00:00:00Z","advisories":["RHSA-2013:1480","RHSA-2013:1476"],"bugzilla":"1023841","bugzilla_description":"CVE-2013-5597 Mozilla: Use-after-free when updating offline cache (MFSA 2013-98)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:17.0.10-1.el5_10","firefox-0:17.0.10-1.el6_4","thunderbird-0:17.0.10-1.el6_4","thunderbird-0:17.0.10-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5597.json"},{"CVE":"CVE-2013-5598","severity":"critical","public_date":"2013-10-29T00:00:00Z","advisories":[],"bugzilla":"1023842","bugzilla_description":"CVE-2013-5598 Mozilla: Security bypass of PDF.js checks using iframes (MFSA 2013-99)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5598.json"},{"CVE":"CVE-2013-5599","severity":"critical","public_date":"2013-10-29T00:00:00Z","advisories":["RHSA-2013:1480","RHSA-2013:1476"],"bugzilla":"1023843","bugzilla_description":"CVE-2013-5599 CVE-2013-5600 CVE-2013-5601 Mozilla: Miscellaneous use-after-free issues found through ASAN fuzzing (MFSA 2013-100)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:17.0.10-1.el5_10","firefox-0:17.0.10-1.el6_4","thunderbird-0:17.0.10-1.el6_4","thunderbird-0:17.0.10-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5599.json"},{"CVE":"CVE-2013-5600","severity":"critical","public_date":"2013-10-29T00:00:00Z","advisories":["RHSA-2013:1480","RHSA-2013:1476"],"bugzilla":"1023843","bugzilla_description":"CVE-2013-5599 CVE-2013-5600 CVE-2013-5601 Mozilla: Miscellaneous use-after-free issues found through ASAN fuzzing (MFSA 2013-100)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:17.0.10-1.el5_10","firefox-0:17.0.10-1.el6_4","thunderbird-0:17.0.10-1.el6_4","thunderbird-0:17.0.10-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5600.json"},{"CVE":"CVE-2013-5601","severity":"critical","public_date":"2013-10-29T00:00:00Z","advisories":["RHSA-2013:1480","RHSA-2013:1476"],"bugzilla":"1023843","bugzilla_description":"CVE-2013-5599 CVE-2013-5600 CVE-2013-5601 Mozilla: Miscellaneous use-after-free issues found through ASAN fuzzing (MFSA 2013-100)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:17.0.10-1.el5_10","firefox-0:17.0.10-1.el6_4","thunderbird-0:17.0.10-1.el6_4","thunderbird-0:17.0.10-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5601.json"},{"CVE":"CVE-2013-5602","severity":"critical","public_date":"2013-10-29T00:00:00Z","advisories":["RHSA-2013:1480","RHSA-2013:1476"],"bugzilla":"1023844","bugzilla_description":"CVE-2013-5602 Mozilla: Memory corruption in workers (MFSA 2013-101)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:17.0.10-1.el5_10","firefox-0:17.0.10-1.el6_4","thunderbird-0:17.0.10-1.el6_4","thunderbird-0:17.0.10-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5602.json"},{"CVE":"CVE-2013-5603","severity":"critical","public_date":"2013-10-29T00:00:00Z","advisories":[],"bugzilla":"1023845","bugzilla_description":"CVE-2013-5603 Mozilla: Use-after-free in HTML document templates (MFSA 2013-102)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5603.json"},{"CVE":"CVE-2013-5591","severity":"critical","public_date":"2013-10-29T00:00:00Z","advisories":[],"bugzilla":"1023846","bugzilla_description":"CVE-2013-5591 Mozilla: Miscellaneous memory safety hazards (rv:25.0 / rv:124.1) (MFSA 2013-93)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5591.json"},{"CVE":"CVE-2013-5604","severity":"moderate","public_date":"2013-10-29T00:00:00Z","advisories":["RHSA-2013:1480","RHSA-2013:1476"],"bugzilla":"1023863","bugzilla_description":"CVE-2013-5604 Mozilla: Access violation with XSLT and uninitialized data (MFSA 2013-95)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:17.0.10-1.el5_10","firefox-0:17.0.10-1.el6_4","thunderbird-0:17.0.10-1.el6_4","thunderbird-0:17.0.10-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5604.json"},{"CVE":"CVE-2013-1718","severity":"critical","public_date":"2013-09-17T00:00:00Z","advisories":["RHSA-2013:1269","RHSA-2013:1268"],"bugzilla":"1009031","bugzilla_description":"CVE-2013-1718 Mozilla: Miscellaneous memory safety hazards (rv:17.0.9) (MFSA 2013-76)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:17.0.9-1.el6_4","firefox-0:17.0.9-1.el6_4","firefox-0:17.0.9-1.el5_9","thunderbird-0:17.0.9-1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1718.json"},{"CVE":"CVE-2013-1722","severity":"critical","public_date":"2013-09-17T00:00:00Z","advisories":["RHSA-2013:1269","RHSA-2013:1268"],"bugzilla":"1009032","bugzilla_description":"CVE-2013-1722 Mozilla: Use-after-free in Animation Manager during stylesheet cloning (MFSA 2013-79)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["thunderbird-0:17.0.9-1.el6_4","firefox-0:17.0.9-1.el6_4","firefox-0:17.0.9-1.el5_9","thunderbird-0:17.0.9-1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1722.json"},{"CVE":"CVE-2013-1725","severity":"important","public_date":"2013-09-17T00:00:00Z","advisories":["RHSA-2013:1269","RHSA-2013:1268"],"bugzilla":"1009033","bugzilla_description":"CVE-2013-1725 Mozilla: Calling scope for new Javascript objects can lead to memory corruption (MFSA 2013-82)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:17.0.9-1.el6_4","firefox-0:17.0.9-1.el6_4","firefox-0:17.0.9-1.el5_9","thunderbird-0:17.0.9-1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1725.json"},{"CVE":"CVE-2013-1730","severity":"important","public_date":"2013-09-17T00:00:00Z","advisories":["RHSA-2013:1269","RHSA-2013:1268"],"bugzilla":"1009036","bugzilla_description":"CVE-2013-1730 Mozilla: Compartment mismatch re-attaching XBL-backed nodes (MFSA 2013-88)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:17.0.9-1.el6_4","firefox-0:17.0.9-1.el6_4","firefox-0:17.0.9-1.el5_9","thunderbird-0:17.0.9-1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1730.json"},{"CVE":"CVE-2013-1732","severity":"critical","public_date":"2013-09-17T00:00:00Z","advisories":["RHSA-2013:1269","RHSA-2013:1268"],"bugzilla":"1009037","bugzilla_description":"CVE-2013-1732 Mozilla: Buffer overflow with multi-column, lists, and floats (MFSA 2013-89)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:17.0.9-1.el6_4","firefox-0:17.0.9-1.el6_4","firefox-0:17.0.9-1.el5_9","thunderbird-0:17.0.9-1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1732.json"},{"CVE":"CVE-2013-1735","severity":"critical","public_date":"2013-09-17T00:00:00Z","advisories":["RHSA-2013:1269","RHSA-2013:1268"],"bugzilla":"1009039","bugzilla_description":"CVE-2013-1735 CVE-2013-1736 Mozilla: Memory corruption involving scrolling (MFSA 2013-90)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:17.0.9-1.el6_4","firefox-0:17.0.9-1.el6_4","firefox-0:17.0.9-1.el5_9","thunderbird-0:17.0.9-1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1735.json"},{"CVE":"CVE-2013-1736","severity":"critical","public_date":"2013-09-17T00:00:00Z","advisories":["RHSA-2013:1269","RHSA-2013:1268"],"bugzilla":"1009039","bugzilla_description":"CVE-2013-1735 CVE-2013-1736 Mozilla: Memory corruption involving scrolling (MFSA 2013-90)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:17.0.9-1.el6_4","firefox-0:17.0.9-1.el6_4","firefox-0:17.0.9-1.el5_9","thunderbird-0:17.0.9-1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1736.json"},{"CVE":"CVE-2013-1737","severity":"moderate","public_date":"2013-09-17T00:00:00Z","advisories":["RHSA-2013:1269","RHSA-2013:1268"],"bugzilla":"1009041","bugzilla_description":"CVE-2013-1737 Mozilla: User-defined properties on DOM proxies get the wrong \"this\" object (MFSA 2013-91)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["thunderbird-0:17.0.9-1.el6_4","firefox-0:17.0.9-1.el6_4","firefox-0:17.0.9-1.el5_9","thunderbird-0:17.0.9-1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1737.json"},{"CVE":"CVE-2013-1719","severity":"critical","public_date":"2013-09-17T00:00:00Z","advisories":[],"bugzilla":"1009211","bugzilla_description":"CVE-2013-1719 Mozilla: Miscellaneous memory safety hazards (rv:24.0) (MFSA 2013-76)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1719.json"},{"CVE":"CVE-2013-1720","severity":"moderate","public_date":"2013-09-17T00:00:00Z","advisories":[],"bugzilla":"1009212","bugzilla_description":"CVE-2013-1720 Mozilla: Improper state in HTML5 Tree Builder with templates (MFSA 2013-77)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1720.json"},{"CVE":"CVE-2013-1721","severity":"critical","public_date":"2013-09-17T00:00:00Z","advisories":[],"bugzilla":"1009213","bugzilla_description":"CVE-2013-1721 Mozilla: Integer overflow in ANGLE library (MFSA 2013-78)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1721.json"},{"CVE":"CVE-2013-1723","severity":"moderate","public_date":"2013-09-17T00:00:00Z","advisories":[],"bugzilla":"1009214","bugzilla_description":"CVE-2013-1723 Mozilla: NativeKey continues handling key messages after widget is destroyed (MFSA 2013-80)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1723.json"},{"CVE":"CVE-2013-1724","severity":"critical","public_date":"2013-09-17T00:00:00Z","advisories":[],"bugzilla":"1009216","bugzilla_description":"CVE-2013-1724 Mozilla: Use-after-free with select element (MFSA 2013-81)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1724.json"},{"CVE":"CVE-2013-1728","severity":"moderate","public_date":"2013-09-17T00:00:00Z","advisories":[],"bugzilla":"1009217","bugzilla_description":"CVE-2013-1728 Mozilla: Uninitialized data in IonMonkey (MFSA 2013-85)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1728.json"},{"CVE":"CVE-2013-1729","severity":"moderate","public_date":"2013-09-17T00:00:00Z","advisories":[],"bugzilla":"1009218","bugzilla_description":"CVE-2013-1729 Mozilla: WebGL Information disclosure through OS X NVIDIA graphic drivers (MFSA 2013-86)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1729.json"},{"CVE":"CVE-2013-1738","severity":"critical","public_date":"2013-09-17T00:00:00Z","advisories":[],"bugzilla":"1009219","bugzilla_description":"CVE-2013-1738 Mozilla: GC hazard with default compartments and frame chain restoration (MFSA 2013-92)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1738.json"},{"CVE":"CVE-2013-1701","severity":"critical","public_date":"2013-08-07T00:00:00Z","advisories":["RHSA-2013:1142","RHSA-2013:1140"],"bugzilla":"993598","bugzilla_description":"CVE-2013-1701 Mozilla: Miscellaneous memory safety hazards (rv:17.0.8) (MFSA 2013-63)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:17.0.8-5.el5_9","firefox-0:17.0.8-1.el5_9","thunderbird-0:17.0.8-5.el6_4","firefox-0:17.0.8-1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1701.json"},{"CVE":"CVE-2013-1709","severity":"moderate","public_date":"2013-08-07T00:00:00Z","advisories":["RHSA-2013:1142","RHSA-2013:1140"],"bugzilla":"993600","bugzilla_description":"CVE-2013-1709 Mozilla: Document URI misrepresentation and masquerading (MFSA 2013-68)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["thunderbird-0:17.0.8-5.el5_9","firefox-0:17.0.8-1.el5_9","thunderbird-0:17.0.8-5.el6_4","firefox-0:17.0.8-1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1709.json"},{"CVE":"CVE-2013-1710","severity":"critical","public_date":"2013-08-07T00:00:00Z","advisories":["RHSA-2013:1142","RHSA-2013:1140"],"bugzilla":"993602","bugzilla_description":"CVE-2013-1710 Mozilla: CRMF requests allow for code execution and XSS attacks (MFSA 2013-69)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-79","affected_packages":["thunderbird-0:17.0.8-5.el5_9","firefox-0:17.0.8-1.el5_9","thunderbird-0:17.0.8-5.el6_4","firefox-0:17.0.8-1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1710.json"},{"CVE":"CVE-2013-1713","severity":"moderate","public_date":"2013-08-07T00:00:00Z","advisories":["RHSA-2013:1142","RHSA-2013:1140"],"bugzilla":"993603","bugzilla_description":"CVE-2013-1713 Mozilla: Wrong principal used for validating URI for some Javascript components (MFSA 2013-72)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["thunderbird-0:17.0.8-5.el5_9","firefox-0:17.0.8-1.el5_9","thunderbird-0:17.0.8-5.el6_4","firefox-0:17.0.8-1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1713.json"},{"CVE":"CVE-2013-1714","severity":"moderate","public_date":"2013-08-07T00:00:00Z","advisories":["RHSA-2013:1142","RHSA-2013:1140"],"bugzilla":"993604","bugzilla_description":"CVE-2013-1714 Mozilla: Same-origin bypass with web workers and XMLHttpRequest (MFSA 2013-73)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["thunderbird-0:17.0.8-5.el5_9","firefox-0:17.0.8-1.el5_9","thunderbird-0:17.0.8-5.el6_4","firefox-0:17.0.8-1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1714.json"},{"CVE":"CVE-2013-1717","severity":"moderate","public_date":"2013-08-07T00:00:00Z","advisories":["RHSA-2013:1142","RHSA-2013:1140"],"bugzilla":"993605","bugzilla_description":"CVE-2013-1717 Mozilla: Local Java applets may read contents of local file system (MFSA 2013-75)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["thunderbird-0:17.0.8-5.el5_9","firefox-0:17.0.8-1.el5_9","thunderbird-0:17.0.8-5.el6_4","firefox-0:17.0.8-1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1717.json"},{"CVE":"CVE-2013-1702","severity":"critical","public_date":"2013-08-06T00:00:00Z","advisories":[],"bugzilla":"994332","bugzilla_description":"CVE-2013-1702 Mozilla: Miscellaneous memory safety hazards (rv:23.0) (MFSA 2013-63)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1702.json"},{"CVE":"CVE-2013-1704","severity":"critical","public_date":"2013-08-06T00:00:00Z","advisories":[],"bugzilla":"994334","bugzilla_description":"CVE-2013-1704 Mozilla: Use after free mutating DOM during SetBody (MFSA 2013-64)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1704.json"},{"CVE":"CVE-2013-1705","severity":"critical","public_date":"2013-08-06T00:00:00Z","advisories":[],"bugzilla":"994335","bugzilla_description":"CVE-2013-1705 Mozilla: Buffer underflow when generating CRMF requests (MFSA 2013-65)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1705.json"},{"CVE":"CVE-2013-1708","severity":"low","public_date":"2013-08-06T00:00:00Z","advisories":[],"bugzilla":"994337","bugzilla_description":"CVE-2013-1708 Mozilla: Crash during WAV audio file decoding (MFSA 2013-67)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1708.json"},{"CVE":"CVE-2013-1711","severity":"moderate","public_date":"2013-08-06T00:00:00Z","advisories":[],"bugzilla":"994339","bugzilla_description":"CVE-2013-1711 Mozilla: Bypass of XrayWrappers using XBL Scopes (MFSA 2013-70)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1711.json"},{"CVE":"CVE-2013-1682","severity":"critical","public_date":"2013-06-25T00:00:00Z","advisories":["RHSA-2013:0982","RHSA-2013:0981"],"bugzilla":"977597","bugzilla_description":"CVE-2013-1682 Mozilla: Miscellaneous memory safety hazards (rv:17.0.7) (MFSA 2013-49)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:17.0.7-1.el6_4","firefox-0:17.0.7-1.el5_9","thunderbird-0:17.0.7-1.el5_9","thunderbird-0:17.0.7-1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1682.json"},{"CVE":"CVE-2013-1683","severity":"critical","public_date":"2013-06-25T00:00:00Z","advisories":[],"bugzilla":"977598","bugzilla_description":"CVE-2013-1683 Mozilla: Miscellaneous memory safety hazards (rv:22.0) (MFSA 2013-49)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1683.json"},{"CVE":"CVE-2013-1684","severity":"critical","public_date":"2013-06-25T00:00:00Z","advisories":["RHSA-2013:0982","RHSA-2013:0981"],"bugzilla":"977599","bugzilla_description":"CVE-2013-1684 CVE-2013-1685 CVE-2013-1686 Mozilla: Memory corruption found using Address Sanitizer (MFSA 2013-50)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:17.0.7-1.el6_4","firefox-0:17.0.7-1.el5_9","thunderbird-0:17.0.7-1.el5_9","thunderbird-0:17.0.7-1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1684.json"},{"CVE":"CVE-2013-1685","severity":"critical","public_date":"2013-06-25T00:00:00Z","advisories":["RHSA-2013:0982","RHSA-2013:0981"],"bugzilla":"977599","bugzilla_description":"CVE-2013-1684 CVE-2013-1685 CVE-2013-1686 Mozilla: Memory corruption found using Address Sanitizer (MFSA 2013-50)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:17.0.7-1.el6_4","firefox-0:17.0.7-1.el5_9","thunderbird-0:17.0.7-1.el5_9","thunderbird-0:17.0.7-1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1685.json"},{"CVE":"CVE-2013-1686","severity":"critical","public_date":"2013-06-25T00:00:00Z","advisories":["RHSA-2013:0982","RHSA-2013:0981"],"bugzilla":"977599","bugzilla_description":"CVE-2013-1684 CVE-2013-1685 CVE-2013-1686 Mozilla: Memory corruption found using Address Sanitizer (MFSA 2013-50)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:17.0.7-1.el6_4","firefox-0:17.0.7-1.el5_9","thunderbird-0:17.0.7-1.el5_9","thunderbird-0:17.0.7-1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1686.json"},{"CVE":"CVE-2013-1687","severity":"critical","public_date":"2013-06-25T00:00:00Z","advisories":["RHSA-2013:0982","RHSA-2013:0981"],"bugzilla":"977600","bugzilla_description":"CVE-2013-1687 Mozilla: Privileged content access and execution via XBL (MFSA 2013-51)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:17.0.7-1.el6_4","firefox-0:17.0.7-1.el5_9","thunderbird-0:17.0.7-1.el5_9","thunderbird-0:17.0.7-1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1687.json"},{"CVE":"CVE-2013-1688","severity":"moderate","public_date":"2013-06-25T00:00:00Z","advisories":[],"bugzilla":"977601","bugzilla_description":"CVE-2013-1688 Mozilla: Arbitrary code execution within Profiler (MFSA 2013-52)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1688.json"},{"CVE":"CVE-2013-1690","severity":"critical","public_date":"2013-06-25T00:00:00Z","advisories":["RHSA-2013:0982","RHSA-2013:0981"],"bugzilla":"977602","bugzilla_description":"CVE-2013-1690 Mozilla: Execution of unmapped memory through onreadystatechange event (MFSA 2013-53)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:17.0.7-1.el6_4","firefox-0:17.0.7-1.el5_9","thunderbird-0:17.0.7-1.el5_9","thunderbird-0:17.0.7-1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1690.json"},{"CVE":"CVE-2013-1692","severity":"moderate","public_date":"2013-06-25T00:00:00Z","advisories":["RHSA-2013:0982","RHSA-2013:0981"],"bugzilla":"977603","bugzilla_description":"CVE-2013-1692 Mozilla: Data in the body of XHR HEAD requests leads to CSRF attacks (MFSA 2013-54)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-352","affected_packages":["firefox-0:17.0.7-1.el6_4","firefox-0:17.0.7-1.el5_9","thunderbird-0:17.0.7-1.el5_9","thunderbird-0:17.0.7-1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1692.json"},{"CVE":"CVE-2013-1693","severity":"moderate","public_date":"2013-06-25T00:00:00Z","advisories":["RHSA-2013:0982","RHSA-2013:0981"],"bugzilla":"977605","bugzilla_description":"CVE-2013-1693 Mozilla: SVG filters can lead to information disclosure (MFSA 2013-55)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["firefox-0:17.0.7-1.el6_4","firefox-0:17.0.7-1.el5_9","thunderbird-0:17.0.7-1.el5_9","thunderbird-0:17.0.7-1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1693.json"},{"CVE":"CVE-2013-1694","severity":"moderate","public_date":"2013-06-25T00:00:00Z","advisories":["RHSA-2013:0982","RHSA-2013:0981"],"bugzilla":"977610","bugzilla_description":"CVE-2013-1694 Mozilla: PreserveWrapper has inconsistent behavior (MFSA 2013-56)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:17.0.7-1.el6_4","firefox-0:17.0.7-1.el5_9","thunderbird-0:17.0.7-1.el5_9","thunderbird-0:17.0.7-1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1694.json"},{"CVE":"CVE-2013-1695","severity":"moderate","public_date":"2013-06-25T00:00:00Z","advisories":[],"bugzilla":"977611","bugzilla_description":"CVE-2013-1695 Mozilla: Sandbox restrictions not applied to nested frame elements (MFSA 2013-57)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1695.json"},{"CVE":"CVE-2013-1696","severity":"moderate","public_date":"2013-06-25T00:00:00Z","advisories":[],"bugzilla":"977613","bugzilla_description":"CVE-2013-1696 Mozilla: X-Frame-Options ignored when using server push with multi-part responses (MFSA 2013-58)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1696.json"},{"CVE":"CVE-2013-1697","severity":"moderate","public_date":"2013-06-25T00:00:00Z","advisories":["RHSA-2013:0982","RHSA-2013:0981"],"bugzilla":"977614","bugzilla_description":"CVE-2013-1697 Mozilla: XrayWrappers can be bypassed to run user defined methods in a privileged context (MFSA 2013-59)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["firefox-0:17.0.7-1.el6_4","firefox-0:17.0.7-1.el5_9","thunderbird-0:17.0.7-1.el5_9","thunderbird-0:17.0.7-1.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1697.json"},{"CVE":"CVE-2013-1698","severity":"moderate","public_date":"2013-06-25T00:00:00Z","advisories":[],"bugzilla":"977615","bugzilla_description":"CVE-2013-1698 Mozilla: getUserMedia permission dialog incorrectly displays location (MFSA 2013-60)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1698.json"},{"CVE":"CVE-2013-1699","severity":"moderate","public_date":"2013-06-25T00:00:00Z","advisories":[],"bugzilla":"977621","bugzilla_description":"CVE-2013-1699 Mozilla: Homograph domain spoofing in .com, .net and .name (MFSA 2013-61)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1699.json"},{"CVE":"CVE-2013-0801","severity":"critical","public_date":"2013-05-14T00:00:00Z","advisories":["RHSA-2013:0821","RHSA-2013:0820"],"bugzilla":"962591","bugzilla_description":"CVE-2013-0801 Mozilla: Miscellaneous memory safety hazards (rv:17.0.6) (MFSA 2013-41)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:17.0.6-1.el6_4","thunderbird-0:17.0.6-2.el6_4","thunderbird-0:17.0.6-1.el5_9","firefox-0:17.0.6-1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0801.json"},{"CVE":"CVE-2013-1669","severity":"critical","public_date":"2013-05-14T00:00:00Z","advisories":[],"bugzilla":"962594","bugzilla_description":"CVE-2013-1669 Mozilla: Miscellaneous memory safety hazards (rv:21.0) (MFSA 2013-41)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1669.json"},{"CVE":"CVE-2013-1670","severity":"moderate","public_date":"2013-05-14T00:00:00Z","advisories":["RHSA-2013:0821","RHSA-2013:0820"],"bugzilla":"962596","bugzilla_description":"CVE-2013-1670 Mozilla: Privileged access for content level constructor (MFSA 2013-42)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["firefox-0:17.0.6-1.el6_4","thunderbird-0:17.0.6-2.el6_4","thunderbird-0:17.0.6-1.el5_9","firefox-0:17.0.6-1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1670.json"},{"CVE":"CVE-2013-1671","severity":"moderate","public_date":"2013-05-14T00:00:00Z","advisories":[],"bugzilla":"962597","bugzilla_description":"CVE-2013-1671 Mozilla: File input control has access to full path (MFSA 2013-43)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1671.json"},{"CVE":"CVE-2013-1674","severity":"critical","public_date":"2013-05-14T00:00:00Z","advisories":["RHSA-2013:0821","RHSA-2013:0820"],"bugzilla":"962598","bugzilla_description":"CVE-2013-1674 Mozilla: Use-after-free with video and onresize event (MFSA 2013-46)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:17.0.6-1.el6_4","thunderbird-0:17.0.6-2.el6_4","thunderbird-0:17.0.6-1.el5_9","firefox-0:17.0.6-1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1674.json"},{"CVE":"CVE-2013-1675","severity":"critical","public_date":"2013-05-14T00:00:00Z","advisories":["RHSA-2013:0821","RHSA-2013:0820"],"bugzilla":"962601","bugzilla_description":"CVE-2013-1675 Mozilla: Uninitialized functions in DOMSVGZoomEvent (MFSA 2013-47)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-456","affected_packages":["firefox-0:17.0.6-1.el6_4","thunderbird-0:17.0.6-2.el6_4","thunderbird-0:17.0.6-1.el5_9","firefox-0:17.0.6-1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1675.json"},{"CVE":"CVE-2013-1676","severity":"critical","public_date":"2013-05-14T00:00:00Z","advisories":["RHSA-2013:0821","RHSA-2013:0820"],"bugzilla":"962603","bugzilla_description":"CVE-2013-1676 CVE-2013-1677 CVE-2013-1678 CVE-2013-1679 CVE-2013-1680 CVE-2013-1681 Mozilla: Memory corruption found using Address Sanitizer (MFSA 2013-48)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:17.0.6-1.el6_4","thunderbird-0:17.0.6-2.el6_4","thunderbird-0:17.0.6-1.el5_9","firefox-0:17.0.6-1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1676.json"},{"CVE":"CVE-2013-1677","severity":"critical","public_date":"2013-05-14T00:00:00Z","advisories":["RHSA-2013:0821","RHSA-2013:0820"],"bugzilla":"962603","bugzilla_description":"CVE-2013-1676 CVE-2013-1677 CVE-2013-1678 CVE-2013-1679 CVE-2013-1680 CVE-2013-1681 Mozilla: Memory corruption found using Address Sanitizer (MFSA 2013-48)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:17.0.6-1.el6_4","thunderbird-0:17.0.6-2.el6_4","thunderbird-0:17.0.6-1.el5_9","firefox-0:17.0.6-1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1677.json"},{"CVE":"CVE-2013-1678","severity":"critical","public_date":"2013-05-14T00:00:00Z","advisories":["RHSA-2013:0821","RHSA-2013:0820"],"bugzilla":"962603","bugzilla_description":"CVE-2013-1676 CVE-2013-1677 CVE-2013-1678 CVE-2013-1679 CVE-2013-1680 CVE-2013-1681 Mozilla: Memory corruption found using Address Sanitizer (MFSA 2013-48)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:17.0.6-1.el6_4","thunderbird-0:17.0.6-2.el6_4","thunderbird-0:17.0.6-1.el5_9","firefox-0:17.0.6-1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1678.json"},{"CVE":"CVE-2013-1679","severity":"critical","public_date":"2013-05-14T00:00:00Z","advisories":["RHSA-2013:0821","RHSA-2013:0820"],"bugzilla":"962603","bugzilla_description":"CVE-2013-1676 CVE-2013-1677 CVE-2013-1678 CVE-2013-1679 CVE-2013-1680 CVE-2013-1681 Mozilla: Memory corruption found using Address Sanitizer (MFSA 2013-48)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:17.0.6-1.el6_4","thunderbird-0:17.0.6-2.el6_4","thunderbird-0:17.0.6-1.el5_9","firefox-0:17.0.6-1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1679.json"},{"CVE":"CVE-2013-1680","severity":"critical","public_date":"2013-05-14T00:00:00Z","advisories":["RHSA-2013:0821","RHSA-2013:0820"],"bugzilla":"962603","bugzilla_description":"CVE-2013-1676 CVE-2013-1677 CVE-2013-1678 CVE-2013-1679 CVE-2013-1680 CVE-2013-1681 Mozilla: Memory corruption found using Address Sanitizer (MFSA 2013-48)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:17.0.6-1.el6_4","thunderbird-0:17.0.6-2.el6_4","thunderbird-0:17.0.6-1.el5_9","firefox-0:17.0.6-1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1680.json"},{"CVE":"CVE-2013-1681","severity":"critical","public_date":"2013-05-14T00:00:00Z","advisories":["RHSA-2013:0821","RHSA-2013:0820"],"bugzilla":"962603","bugzilla_description":"CVE-2013-1676 CVE-2013-1677 CVE-2013-1678 CVE-2013-1679 CVE-2013-1680 CVE-2013-1681 Mozilla: Memory corruption found using Address Sanitizer (MFSA 2013-48)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:17.0.6-1.el6_4","thunderbird-0:17.0.6-2.el6_4","thunderbird-0:17.0.6-1.el5_9","firefox-0:17.0.6-1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1681.json"},{"CVE":"CVE-2013-0788","severity":"critical","public_date":"2013-04-02T00:00:00Z","advisories":["RHSA-2013:0697","RHSA-2013:0696"],"bugzilla":"946927","bugzilla_description":"CVE-2013-0788 Mozilla: Miscellaneous memory safety hazards (rv:17.0.5) (MFSA 2013-30)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:17.0.5-1.el5_9","firefox-0:17.0.5-1.el6_4","thunderbird-0:17.0.5-1.el6_4","firefox-0:17.0.5-1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0788.json"},{"CVE":"CVE-2013-0789","severity":"critical","public_date":"2013-04-02T00:00:00Z","advisories":[],"bugzilla":"946928","bugzilla_description":"CVE-2013-0789 Mozilla: Miscellaneous memory safety hazards (rv:20.0) (MFSA 2013-30)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0789.json"},{"CVE":"CVE-2013-0800","severity":"important","public_date":"2013-04-02T00:00:00Z","advisories":["RHSA-2013:0697","RHSA-2013:0696"],"bugzilla":"946929","bugzilla_description":"CVE-2013-0800 Mozilla: Out-of-bounds write in Cairo library (MFSA 2013-31)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-787","affected_packages":["thunderbird-0:17.0.5-1.el5_9","firefox-0:17.0.5-1.el6_4","thunderbird-0:17.0.5-1.el6_4","firefox-0:17.0.5-1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0800.json"},{"CVE":"CVE-2013-0796","severity":"critical","public_date":"2013-04-02T00:00:00Z","advisories":["RHSA-2013:0697","RHSA-2013:0696"],"bugzilla":"946931","bugzilla_description":"CVE-2013-0796 Mozilla: WebGL crash with Mesa graphics driver on Linux (MFSA 2013-35)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:17.0.5-1.el5_9","firefox-0:17.0.5-1.el6_4","thunderbird-0:17.0.5-1.el6_4","firefox-0:17.0.5-1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0796.json"},{"CVE":"CVE-2013-0795","severity":"critical","public_date":"2013-04-02T00:00:00Z","advisories":["RHSA-2013:0697","RHSA-2013:0696"],"bugzilla":"946932","bugzilla_description":"CVE-2013-0795 Mozilla: Bypass of SOW protections allows cloning of protected nodes (MFSA 2013-36)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:17.0.5-1.el5_9","firefox-0:17.0.5-1.el6_4","thunderbird-0:17.0.5-1.el6_4","firefox-0:17.0.5-1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0795.json"},{"CVE":"CVE-2013-0793","severity":"moderate","public_date":"2013-04-02T00:00:00Z","advisories":["RHSA-2013:0697","RHSA-2013:0696"],"bugzilla":"946935","bugzilla_description":"CVE-2013-0793 Mozilla: Cross-site scripting (XSS) using timed history navigations (MFSA 2013-38)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-79","affected_packages":["thunderbird-0:17.0.5-1.el5_9","firefox-0:17.0.5-1.el6_4","thunderbird-0:17.0.5-1.el6_4","firefox-0:17.0.5-1.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0793.json"},{"CVE":"CVE-2013-0792","severity":"moderate","public_date":"2013-04-02T00:00:00Z","advisories":[],"bugzilla":"946936","bugzilla_description":"CVE-2013-0792 Mozilla: Memory corruption while rendering grayscale PNG images (MFSA 2013-39)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0792.json"},{"CVE":"CVE-2013-0787","severity":"critical","public_date":"2013-03-08T00:00:00Z","advisories":["RHSA-2013:0614","RHSA-2013:0627"],"bugzilla":"918876","bugzilla_description":"CVE-2013-0787 Mozilla: Use-after-free in HTML Editor (MFSA 2013-29)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["thunderbird-0:17.0.3-2.el6_4","xulrunner-0:17.0.3-2.el5_9","thunderbird-0:17.0.3-2.el5_9","xulrunner-0:17.0.3-2.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0787.json"},{"CVE":"CVE-2013-0783","severity":"critical","public_date":"2013-02-19T00:00:00Z","advisories":["RHSA-2013:0272","RHSA-2013:0271"],"bugzilla":"911836","bugzilla_description":"CVE-2013-0783 Mozilla: Miscellaneous memory safety hazards (rv:17.0.3) (MFSA 2013-21)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:17.0.3-1.el5_9","thunderbird-0:17.0.3-1.el6_3","thunderbird-0:17.0.3-1.el5_9","firefox-0:17.0.3-1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0783.json"},{"CVE":"CVE-2013-0784","severity":"critical","public_date":"2013-02-19T00:00:00Z","advisories":[],"bugzilla":"911837","bugzilla_description":"CVE-2013-0784 Mozilla: Miscellaneous memory safety hazards (rv:19.0) (MFSA 2013-21)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0784.json"},{"CVE":"CVE-2013-0765","severity":"critical","public_date":"2013-02-19T00:00:00Z","advisories":[],"bugzilla":"911838","bugzilla_description":"CVE-2013-0765 Mozilla: Wrapped WebIDL objects can be wrapped again (MFSA 2013-23)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0765.json"},{"CVE":"CVE-2013-0773","severity":"moderate","public_date":"2013-02-19T00:00:00Z","advisories":[],"bugzilla":"911839","bugzilla_description":"CVE-2013-0773 Mozilla: Web content bypass of COW and SOW security wrappers (MFSA 2013-24)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0773.json"},{"CVE":"CVE-2013-0772","severity":"moderate","public_date":"2013-02-19T00:00:00Z","advisories":["RHSA-2013:1812","RHSA-2013:1823"],"bugzilla":"911840","bugzilla_description":"CVE-2013-0772 Mozilla: Out-of-bounds read in image rendering (MFSA 2013-22)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":["thunderbird-0:24.2.0-1.el6_5","thunderbird-0:24.2.0-2.el5_10","firefox-0:24.2.0-1.el6_5","firefox-0:24.2.0-1.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0772.json"},{"CVE":"CVE-2013-0774","severity":"critical","public_date":"2013-02-19T00:00:00Z","advisories":[],"bugzilla":"911842","bugzilla_description":"CVE-2013-0774 Mozilla: Privacy leak in JavaScript Workers (MFSA 2013-25)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0774.json"},{"CVE":"CVE-2013-0775","severity":"critical","public_date":"2013-02-19T00:00:00Z","advisories":["RHSA-2013:0272","RHSA-2013:0271"],"bugzilla":"911843","bugzilla_description":"CVE-2013-0775 Mozilla: Use-after-free in nsImageLoadingContent (MFSA 2013-26)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:17.0.3-1.el5_9","thunderbird-0:17.0.3-1.el6_3","thunderbird-0:17.0.3-1.el5_9","firefox-0:17.0.3-1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0775.json"},{"CVE":"CVE-2013-0776","severity":"moderate","public_date":"2013-02-19T00:00:00Z","advisories":["RHSA-2013:0272","RHSA-2013:0271"],"bugzilla":"911844","bugzilla_description":"CVE-2013-0776 Mozilla: Phishing on HTTPS connection through malicious proxy (MFSA 2013-27)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["firefox-0:17.0.3-1.el5_9","thunderbird-0:17.0.3-1.el6_3","thunderbird-0:17.0.3-1.el5_9","firefox-0:17.0.3-1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0776.json"},{"CVE":"CVE-2013-0780","severity":"critical","public_date":"2013-02-19T00:00:00Z","advisories":["RHSA-2013:0272","RHSA-2013:0271"],"bugzilla":"911865","bugzilla_description":"CVE-2013-0780 CVE-2013-0782 Mozilla: Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer (MFSA 2013-28)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":["firefox-0:17.0.3-1.el5_9","thunderbird-0:17.0.3-1.el6_3","thunderbird-0:17.0.3-1.el5_9","firefox-0:17.0.3-1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0780.json"},{"CVE":"CVE-2013-0782","severity":"critical","public_date":"2013-02-19T00:00:00Z","advisories":["RHSA-2013:0272","RHSA-2013:0271"],"bugzilla":"911865","bugzilla_description":"CVE-2013-0780 CVE-2013-0782 Mozilla: Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer (MFSA 2013-28)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":["firefox-0:17.0.3-1.el5_9","thunderbird-0:17.0.3-1.el6_3","thunderbird-0:17.0.3-1.el5_9","firefox-0:17.0.3-1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0782.json"},{"CVE":"CVE-2013-0777","severity":"critical","public_date":"2013-02-19T00:00:00Z","advisories":[],"bugzilla":"911868","bugzilla_description":"CVE-2013-0777 CVE-2013-0778 CVE-2013-0779 CVE-2013-0781 Mozilla: Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer (MFSA 2013-28)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-125|CWE-119)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0777.json"},{"CVE":"CVE-2013-0778","severity":"critical","public_date":"2013-02-19T00:00:00Z","advisories":[],"bugzilla":"911868","bugzilla_description":"CVE-2013-0777 CVE-2013-0778 CVE-2013-0779 CVE-2013-0781 Mozilla: Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer (MFSA 2013-28)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-125|CWE-119)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0778.json"},{"CVE":"CVE-2013-0779","severity":"critical","public_date":"2013-02-19T00:00:00Z","advisories":[],"bugzilla":"911868","bugzilla_description":"CVE-2013-0777 CVE-2013-0778 CVE-2013-0779 CVE-2013-0781 Mozilla: Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer (MFSA 2013-28)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-125|CWE-119)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0779.json"},{"CVE":"CVE-2013-0781","severity":"critical","public_date":"2013-02-19T00:00:00Z","advisories":[],"bugzilla":"911868","bugzilla_description":"CVE-2013-0777 CVE-2013-0778 CVE-2013-0779 CVE-2013-0781 Mozilla: Use-after-free, out of bounds read, and buffer overflow issues found using Address Sanitizer (MFSA 2013-28)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-125|CWE-119)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0781.json"},{"CVE":"CVE-2013-0769","severity":"critical","public_date":"2013-01-08T00:00:00Z","advisories":["RHSA-2013:0144","RHSA-2013:0145"],"bugzilla":"891811","bugzilla_description":"CVE-2013-0769 Mozilla: Miscellaneous memory safety hazards (rv:10.0.12) (MFSA 2013-01)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:10.0.12-1.el6_3","thunderbird-0:10.0.12-3.el6_3","firefox-0:10.0.12-1.el5_9","thunderbird-0:10.0.12-3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0769.json"},{"CVE":"CVE-2013-0749","severity":"critical","public_date":"2013-01-08T00:00:00Z","advisories":[],"bugzilla":"891813","bugzilla_description":"CVE-2013-0749 CVE-2013-0770 Mozilla: Miscellaneous memory safety hazards (rv:18.0/rv:17.0.1) (MFSA 2013-01)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0749.json"},{"CVE":"CVE-2013-0770","severity":"critical","public_date":"2013-01-08T00:00:00Z","advisories":[],"bugzilla":"891813","bugzilla_description":"CVE-2013-0749 CVE-2013-0770 Mozilla: Miscellaneous memory safety hazards (rv:18.0/rv:17.0.1) (MFSA 2013-01)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0770.json"},{"CVE":"CVE-2013-0762","severity":"critical","public_date":"2013-01-08T00:00:00Z","advisories":["RHSA-2013:0144","RHSA-2013:0145"],"bugzilla":"891821","bugzilla_description":"CVE-2013-0762 CVE-2013-0766 CVE-2013-0767 Mozilla: Use-after-free and buffer overflow issues found using Address Sanitizer (MFSA 2013-02)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-119)","affected_packages":["firefox-0:10.0.12-1.el6_3","thunderbird-0:10.0.12-3.el6_3","firefox-0:10.0.12-1.el5_9","thunderbird-0:10.0.12-3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0762.json"},{"CVE":"CVE-2013-0766","severity":"critical","public_date":"2013-01-08T00:00:00Z","advisories":["RHSA-2013:0144","RHSA-2013:0145"],"bugzilla":"891821","bugzilla_description":"CVE-2013-0762 CVE-2013-0766 CVE-2013-0767 Mozilla: Use-after-free and buffer overflow issues found using Address Sanitizer (MFSA 2013-02)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-119)","affected_packages":["firefox-0:10.0.12-1.el6_3","thunderbird-0:10.0.12-3.el6_3","firefox-0:10.0.12-1.el5_9","thunderbird-0:10.0.12-3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0766.json"},{"CVE":"CVE-2013-0767","severity":"critical","public_date":"2013-01-08T00:00:00Z","advisories":["RHSA-2013:0144","RHSA-2013:0145"],"bugzilla":"891821","bugzilla_description":"CVE-2013-0762 CVE-2013-0766 CVE-2013-0767 Mozilla: Use-after-free and buffer overflow issues found using Address Sanitizer (MFSA 2013-02)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-119)","affected_packages":["firefox-0:10.0.12-1.el6_3","thunderbird-0:10.0.12-3.el6_3","firefox-0:10.0.12-1.el5_9","thunderbird-0:10.0.12-3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0767.json"},{"CVE":"CVE-2013-0760","severity":"critical","public_date":"2013-01-08T00:00:00Z","advisories":[],"bugzilla":"891822","bugzilla_description":"CVE-2013-0760 CVE-2013-0761 CVE-2013-0763 CVE-2013-0771 Mozilla: Use-after-free and buffer overflow issues found using Address Sanitizer (MFSA 2013-02)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-119)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0760.json"},{"CVE":"CVE-2013-0761","severity":"critical","public_date":"2013-01-08T00:00:00Z","advisories":[],"bugzilla":"891822","bugzilla_description":"CVE-2013-0760 CVE-2013-0761 CVE-2013-0763 CVE-2013-0771 Mozilla: Use-after-free and buffer overflow issues found using Address Sanitizer (MFSA 2013-02)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-119)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0761.json"},{"CVE":"CVE-2013-0763","severity":"critical","public_date":"2013-01-08T00:00:00Z","advisories":[],"bugzilla":"891822","bugzilla_description":"CVE-2013-0760 CVE-2013-0761 CVE-2013-0763 CVE-2013-0771 Mozilla: Use-after-free and buffer overflow issues found using Address Sanitizer (MFSA 2013-02)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-119)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0763.json"},{"CVE":"CVE-2013-0771","severity":"critical","public_date":"2013-01-08T00:00:00Z","advisories":[],"bugzilla":"891822","bugzilla_description":"CVE-2013-0760 CVE-2013-0761 CVE-2013-0763 CVE-2013-0771 Mozilla: Use-after-free and buffer overflow issues found using Address Sanitizer (MFSA 2013-02)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-119)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0771.json"},{"CVE":"CVE-2013-0768","severity":"critical","public_date":"2013-01-08T00:00:00Z","advisories":[],"bugzilla":"891823","bugzilla_description":"CVE-2013-0768 Mozilla: Buffer Overflow in Canvas (MFSA 2013-03)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0768.json"},{"CVE":"CVE-2013-0759","severity":"moderate","public_date":"2013-01-08T00:00:00Z","advisories":["RHSA-2013:0144","RHSA-2013:0145"],"bugzilla":"891824","bugzilla_description":"CVE-2013-0759 Mozilla: URL spoofing in addressbar during page loads (MFSA 2013-04)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["firefox-0:10.0.12-1.el6_3","thunderbird-0:10.0.12-3.el6_3","firefox-0:10.0.12-1.el5_9","thunderbird-0:10.0.12-3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0759.json"},{"CVE":"CVE-2013-0744","severity":"critical","public_date":"2013-01-08T00:00:00Z","advisories":["RHSA-2013:0144","RHSA-2013:0145"],"bugzilla":"891825","bugzilla_description":"CVE-2013-0744 Mozilla: Use-after-free when displaying table with many columns and column groups (MFSA 2013-05)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:10.0.12-1.el6_3","thunderbird-0:10.0.12-3.el6_3","firefox-0:10.0.12-1.el5_9","thunderbird-0:10.0.12-3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0744.json"},{"CVE":"CVE-2013-0764","severity":"important","public_date":"2013-01-08T00:00:00Z","advisories":[],"bugzilla":"892140","bugzilla_description":"CVE-2013-0764 Mozilla: Crash due to handling of SSL on threads (MFSA 2013-07)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0764.json"},{"CVE":"CVE-2013-0745","severity":"critical","public_date":"2013-01-08T00:00:00Z","advisories":[],"bugzilla":"892141","bugzilla_description":"CVE-2013-0745 Mozilla: AutoWrapperChanger fails to keep objects alive during garbage collection (MFSA 2013-08)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0745.json"},{"CVE":"CVE-2013-0746","severity":"critical","public_date":"2013-01-08T00:00:00Z","advisories":["RHSA-2013:0144","RHSA-2013:0145"],"bugzilla":"892142","bugzilla_description":"CVE-2013-0746 Mozilla: Compartment mismatch with quickstubs returned values (MFSA 2013-09)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:10.0.12-1.el6_3","thunderbird-0:10.0.12-3.el6_3","firefox-0:10.0.12-1.el5_9","thunderbird-0:10.0.12-3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0746.json"},{"CVE":"CVE-2013-0747","severity":"moderate","public_date":"2013-01-08T00:00:00Z","advisories":[],"bugzilla":"892143","bugzilla_description":"CVE-2013-0747 Mozilla: Event manipulation in plugin handler to bypass same-origin policy (MFSA 2013-10)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0747.json"},{"CVE":"CVE-2013-0748","severity":"moderate","public_date":"2013-01-08T00:00:00Z","advisories":["RHSA-2013:0144","RHSA-2013:0145"],"bugzilla":"892144","bugzilla_description":"CVE-2013-0748 Mozilla: Address space layout leaked in XBL objects (MFSA 2013-11)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["firefox-0:10.0.12-1.el6_3","thunderbird-0:10.0.12-3.el6_3","firefox-0:10.0.12-1.el5_9","thunderbird-0:10.0.12-3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0748.json"},{"CVE":"CVE-2013-0750","severity":"critical","public_date":"2013-01-08T00:00:00Z","advisories":["RHSA-2013:0144","RHSA-2013:0145"],"bugzilla":"892145","bugzilla_description":"CVE-2013-0750 Mozilla: Buffer overflow in Javascript string concatenation (MFSA 2013-12)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:10.0.12-1.el6_3","thunderbird-0:10.0.12-3.el6_3","firefox-0:10.0.12-1.el5_9","thunderbird-0:10.0.12-3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0750.json"},{"CVE":"CVE-2013-0752","severity":"critical","public_date":"2013-01-08T00:00:00Z","advisories":[],"bugzilla":"892146","bugzilla_description":"CVE-2013-0752 Mozilla: Memory corruption in XBL with XML bindings containing SVG (MFSA 2013-13)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0752.json"},{"CVE":"CVE-2013-0757","severity":"critical","public_date":"2013-01-08T00:00:00Z","advisories":[],"bugzilla":"892147","bugzilla_description":"CVE-2013-0757 Mozilla: Chrome Object Wrapper (COW) bypass through changing prototype (MFSA 2013-14)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0757.json"},{"CVE":"CVE-2013-0758","severity":"critical","public_date":"2013-01-08T00:00:00Z","advisories":["RHSA-2013:0144","RHSA-2013:0145"],"bugzilla":"892148","bugzilla_description":"CVE-2013-0758 Mozilla: Chrome Object Wrapper (COW) bypass through plugin objects (MFSA 2013-15)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:10.0.12-1.el6_3","thunderbird-0:10.0.12-3.el6_3","firefox-0:10.0.12-1.el5_9","thunderbird-0:10.0.12-3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0758.json"},{"CVE":"CVE-2013-0753","severity":"critical","public_date":"2013-01-08T00:00:00Z","advisories":["RHSA-2013:0144","RHSA-2013:0145"],"bugzilla":"892149","bugzilla_description":"CVE-2013-0753 Mozilla: Use-after-free in serializeToStream (MFSA 2013-16)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:10.0.12-1.el6_3","thunderbird-0:10.0.12-3.el6_3","firefox-0:10.0.12-1.el5_9","thunderbird-0:10.0.12-3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0753.json"},{"CVE":"CVE-2013-0754","severity":"critical","public_date":"2013-01-08T00:00:00Z","advisories":["RHSA-2013:0144","RHSA-2013:0145"],"bugzilla":"892150","bugzilla_description":"CVE-2013-0754 Mozilla: Use-after-free in ListenerManager (MFSA 2013-17)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:10.0.12-1.el6_3","thunderbird-0:10.0.12-3.el6_3","firefox-0:10.0.12-1.el5_9","thunderbird-0:10.0.12-3.el5_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0754.json"},{"CVE":"CVE-2013-0755","severity":"critical","public_date":"2013-01-08T00:00:00Z","advisories":[],"bugzilla":"892854","bugzilla_description":"CVE-2013-0755 Mozilla: Use-after-free in Vibrate (MFSA 2013-18)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0755.json"},{"CVE":"CVE-2013-0756","severity":"critical","public_date":"2013-01-08T00:00:00Z","advisories":[],"bugzilla":"892858","bugzilla_description":"CVE-2013-0756 Mozilla: garbage collection flaw in Javascript Proxy objects (MFSA 2013-19)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0756.json"},{"CVE":"CVE-2017-7829","severity":"low","public_date":"2012-12-22T00:00:00Z","advisories":["RHSA-2018:0061"],"bugzilla":"1530195","bugzilla_description":"CVE-2017-7829 Mozilla: From address with encoded null character is cut off in message header display","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["thunderbird-0:52.5.2-1.el7_4","thunderbird-0:52.5.2-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7829.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.7"},{"CVE":"CVE-2012-6051","severity":"moderate","public_date":"2012-11-23T00:00:00Z","advisories":[],"bugzilla":"882910","bugzilla_description":"CVE-2012-6051 firefox, thunderbird, xulrunner: Google CityHash hash function collisions (oCERT-2012-001)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6051.json"},{"CVE":"CVE-2012-5843","severity":"critical","public_date":"2012-11-20T00:00:00Z","advisories":[],"bugzilla":"877613","bugzilla_description":"CVE-2012-5843 Mozilla: Miscellaneous memory safety hazards (rv:17.0) (MFSA 2012-91)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5843.json"},{"CVE":"CVE-2012-5842","severity":"critical","public_date":"2012-11-20T00:00:00Z","advisories":["RHSA-2012:1483","RHSA-2012:1482"],"bugzilla":"877614","bugzilla_description":"CVE-2012-5842 Mozilla: Miscellaneous memory safety hazards (rv:10.0.11) (MFSA 2012-91)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:10.0.11-1.el6_3","thunderbird-0:10.0.11-1.el5_8","thunderbird-0:10.0.11-1.el6_3","firefox-0:10.0.11-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5842.json"},{"CVE":"CVE-2012-4202","severity":"critical","public_date":"2012-11-20T00:00:00Z","advisories":["RHSA-2012:1483","RHSA-2012:1482"],"bugzilla":"877615","bugzilla_description":"CVE-2012-4202 Mozilla: Buffer overflow while rendering GIF images (MFSA 2012-92)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:10.0.11-1.el6_3","thunderbird-0:10.0.11-1.el5_8","thunderbird-0:10.0.11-1.el6_3","firefox-0:10.0.11-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4202.json"},{"CVE":"CVE-2012-4201","severity":"moderate","public_date":"2012-11-20T00:00:00Z","advisories":["RHSA-2012:1483","RHSA-2012:1482"],"bugzilla":"877616","bugzilla_description":"CVE-2012-4201 Mozilla: evalInSanbox location context incorrectly applied (MFSA 2012-93)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["firefox-0:10.0.11-1.el6_3","thunderbird-0:10.0.11-1.el5_8","thunderbird-0:10.0.11-1.el6_3","firefox-0:10.0.11-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4201.json"},{"CVE":"CVE-2012-5836","severity":"critical","public_date":"2012-11-20T00:00:00Z","advisories":[],"bugzilla":"877617","bugzilla_description":"CVE-2012-5836 Mozilla: Crash when combining SVG text on path with CSS (MFSA 2012-94)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5836.json"},{"CVE":"CVE-2012-4203","severity":"moderate","public_date":"2012-11-20T00:00:00Z","advisories":[],"bugzilla":"877618","bugzilla_description":"CVE-2012-4203 Mozilla: Javascript: URLs run in privileged context on New Tab page (MFSA 2012-95)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4203.json"},{"CVE":"CVE-2012-4204","severity":"critical","public_date":"2012-11-20T00:00:00Z","advisories":[],"bugzilla":"877624","bugzilla_description":"CVE-2012-4204 Mozilla: Memory corruption in str_unescape (MFSA 2012-96)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4204.json"},{"CVE":"CVE-2012-4205","severity":"moderate","public_date":"2012-11-20T00:00:00Z","advisories":[],"bugzilla":"877625","bugzilla_description":"CVE-2012-4205 Mozilla: XMLHttpRequest inherits incorrect principal within sandbox (MFSA 2012-97)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4205.json"},{"CVE":"CVE-2012-4208","severity":"moderate","public_date":"2012-11-20T00:00:00Z","advisories":[],"bugzilla":"877627","bugzilla_description":"CVE-2012-4208 Mozilla: XrayWrappers exposes chrome-only properties when not in chrome compartment (MFSA 2012-99)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4208.json"},{"CVE":"CVE-2012-5841","severity":"moderate","public_date":"2012-11-20T00:00:00Z","advisories":["RHSA-2012:1483","RHSA-2012:1482"],"bugzilla":"877628","bugzilla_description":"CVE-2012-5841 Mozilla: Improper security filtering for cross-origin wrappers (MFSA 2012-100)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["firefox-0:10.0.11-1.el6_3","thunderbird-0:10.0.11-1.el5_8","thunderbird-0:10.0.11-1.el6_3","firefox-0:10.0.11-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5841.json"},{"CVE":"CVE-2012-4207","severity":"moderate","public_date":"2012-11-20T00:00:00Z","advisories":["RHSA-2012:1483","RHSA-2012:1482"],"bugzilla":"877629","bugzilla_description":"CVE-2012-4207 Mozilla: Improper character decoding in HZ-GB-2312 charset (MFSA 2012-101)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["firefox-0:10.0.11-1.el6_3","thunderbird-0:10.0.11-1.el5_8","thunderbird-0:10.0.11-1.el6_3","firefox-0:10.0.11-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4207.json"},{"CVE":"CVE-2012-5837","severity":"moderate","public_date":"2012-11-20T00:00:00Z","advisories":[],"bugzilla":"877631","bugzilla_description":"CVE-2012-5837 Mozilla: Script entered into Developer Toolbar runs with chrome privileges (MFSA 2012-102)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5837.json"},{"CVE":"CVE-2012-4209","severity":"moderate","public_date":"2012-11-20T00:00:00Z","advisories":["RHSA-2012:1483","RHSA-2012:1482"],"bugzilla":"877632","bugzilla_description":"CVE-2012-4209 Mozilla: Frames can shadow top.location (MFSA 2012-103)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["firefox-0:10.0.11-1.el6_3","thunderbird-0:10.0.11-1.el5_8","thunderbird-0:10.0.11-1.el6_3","firefox-0:10.0.11-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4209.json"},{"CVE":"CVE-2012-4210","severity":"critical","public_date":"2012-11-20T00:00:00Z","advisories":["RHSA-2012:1482"],"bugzilla":"877633","bugzilla_description":"CVE-2012-4210 Mozilla: CSS and HTML injection through Style Inspector (MFSA 2012-104)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:10.0.11-1.el6_3","firefox-0:10.0.11-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4210.json"},{"CVE":"CVE-2012-4214","severity":"critical","public_date":"2012-11-20T00:00:00Z","advisories":["RHSA-2012:1483","RHSA-2012:1482"],"bugzilla":"877634","bugzilla_description":"CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5839 CVE-2012-5840 Mozilla: Use-after-free and buffer overflow issues found using Address Sanitizer (MFSA 2012-105)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-119)","affected_packages":["firefox-0:10.0.11-1.el6_3","thunderbird-0:10.0.11-1.el5_8","thunderbird-0:10.0.11-1.el6_3","firefox-0:10.0.11-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4214.json"},{"CVE":"CVE-2012-4215","severity":"critical","public_date":"2012-11-20T00:00:00Z","advisories":["RHSA-2012:1483","RHSA-2012:1482"],"bugzilla":"877634","bugzilla_description":"CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5839 CVE-2012-5840 Mozilla: Use-after-free and buffer overflow issues found using Address Sanitizer (MFSA 2012-105)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-119)","affected_packages":["firefox-0:10.0.11-1.el6_3","thunderbird-0:10.0.11-1.el5_8","thunderbird-0:10.0.11-1.el6_3","firefox-0:10.0.11-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4215.json"},{"CVE":"CVE-2012-4216","severity":"critical","public_date":"2012-11-20T00:00:00Z","advisories":["RHSA-2012:1483","RHSA-2012:1482"],"bugzilla":"877634","bugzilla_description":"CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5839 CVE-2012-5840 Mozilla: Use-after-free and buffer overflow issues found using Address Sanitizer (MFSA 2012-105)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-119)","affected_packages":["firefox-0:10.0.11-1.el6_3","thunderbird-0:10.0.11-1.el5_8","thunderbird-0:10.0.11-1.el6_3","firefox-0:10.0.11-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4216.json"},{"CVE":"CVE-2012-5829","severity":"critical","public_date":"2012-11-20T00:00:00Z","advisories":["RHSA-2012:1483","RHSA-2012:1482"],"bugzilla":"877634","bugzilla_description":"CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5839 CVE-2012-5840 Mozilla: Use-after-free and buffer overflow issues found using Address Sanitizer (MFSA 2012-105)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-119)","affected_packages":["firefox-0:10.0.11-1.el6_3","thunderbird-0:10.0.11-1.el5_8","thunderbird-0:10.0.11-1.el6_3","firefox-0:10.0.11-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5829.json"},{"CVE":"CVE-2012-5839","severity":"critical","public_date":"2012-11-20T00:00:00Z","advisories":["RHSA-2012:1483","RHSA-2012:1482"],"bugzilla":"877634","bugzilla_description":"CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5839 CVE-2012-5840 Mozilla: Use-after-free and buffer overflow issues found using Address Sanitizer (MFSA 2012-105)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-119)","affected_packages":["firefox-0:10.0.11-1.el6_3","thunderbird-0:10.0.11-1.el5_8","thunderbird-0:10.0.11-1.el6_3","firefox-0:10.0.11-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5839.json"},{"CVE":"CVE-2012-5840","severity":"critical","public_date":"2012-11-20T00:00:00Z","advisories":["RHSA-2012:1483","RHSA-2012:1482"],"bugzilla":"877634","bugzilla_description":"CVE-2012-4214 CVE-2012-4215 CVE-2012-4216 CVE-2012-5829 CVE-2012-5839 CVE-2012-5840 Mozilla: Use-after-free and buffer overflow issues found using Address Sanitizer (MFSA 2012-105)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-119)","affected_packages":["firefox-0:10.0.11-1.el6_3","thunderbird-0:10.0.11-1.el5_8","thunderbird-0:10.0.11-1.el6_3","firefox-0:10.0.11-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5840.json"},{"CVE":"CVE-2012-5830","severity":"critical","public_date":"2012-11-20T00:00:00Z","advisories":["RHSA-2012:1483","RHSA-2012:1482"],"bugzilla":"877635","bugzilla_description":"CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 Mozilla: Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer (MFSA 2012-106)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-119)","affected_packages":["firefox-0:10.0.11-1.el6_3","thunderbird-0:10.0.11-1.el5_8","thunderbird-0:10.0.11-1.el6_3","firefox-0:10.0.11-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5830.json"},{"CVE":"CVE-2012-5833","severity":"critical","public_date":"2012-11-20T00:00:00Z","advisories":["RHSA-2012:1483","RHSA-2012:1482"],"bugzilla":"877635","bugzilla_description":"CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 Mozilla: Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer (MFSA 2012-106)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-119)","affected_packages":["firefox-0:10.0.11-1.el6_3","thunderbird-0:10.0.11-1.el5_8","thunderbird-0:10.0.11-1.el6_3","firefox-0:10.0.11-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5833.json"},{"CVE":"CVE-2012-5835","severity":"critical","public_date":"2012-11-20T00:00:00Z","advisories":["RHSA-2012:1483","RHSA-2012:1482"],"bugzilla":"877635","bugzilla_description":"CVE-2012-5830 CVE-2012-5833 CVE-2012-5835 Mozilla: Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer (MFSA 2012-106)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-119)","affected_packages":["firefox-0:10.0.11-1.el6_3","thunderbird-0:10.0.11-1.el5_8","thunderbird-0:10.0.11-1.el6_3","firefox-0:10.0.11-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5835.json"},{"CVE":"CVE-2012-4212","severity":"critical","public_date":"2012-11-20T00:00:00Z","advisories":[],"bugzilla":"877942","bugzilla_description":"CVE-2012-4212 CVE-2012-4213 CVE-2012-4217 CVE-2012-4218 Mozilla: Use-after-free and buffer overflow issues found using Address Sanitizer (MFSA 2012-105)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-119)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4212.json"},{"CVE":"CVE-2012-4213","severity":"critical","public_date":"2012-11-20T00:00:00Z","advisories":[],"bugzilla":"877942","bugzilla_description":"CVE-2012-4212 CVE-2012-4213 CVE-2012-4217 CVE-2012-4218 Mozilla: Use-after-free and buffer overflow issues found using Address Sanitizer (MFSA 2012-105)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-119)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4213.json"},{"CVE":"CVE-2012-4217","severity":"critical","public_date":"2012-11-20T00:00:00Z","advisories":[],"bugzilla":"877942","bugzilla_description":"CVE-2012-4212 CVE-2012-4213 CVE-2012-4217 CVE-2012-4218 Mozilla: Use-after-free and buffer overflow issues found using Address Sanitizer (MFSA 2012-105)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-119)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4217.json"},{"CVE":"CVE-2012-4218","severity":"critical","public_date":"2012-11-20T00:00:00Z","advisories":[],"bugzilla":"877942","bugzilla_description":"CVE-2012-4212 CVE-2012-4213 CVE-2012-4217 CVE-2012-4218 Mozilla: Use-after-free and buffer overflow issues found using Address Sanitizer (MFSA 2012-105)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-119)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4218.json"},{"CVE":"CVE-2012-5838","severity":"critical","public_date":"2012-11-20T00:00:00Z","advisories":[],"bugzilla":"877945","bugzilla_description":"CVE-2012-5838 Mozilla: Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer (MFSA 2012-106)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-416|CWE-119)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5838.json"},{"CVE":"CVE-2012-4194","severity":"critical","public_date":"2012-10-26T00:00:00Z","advisories":["RHSA-2012:1407","RHSA-2012:1413"],"bugzilla":"869893","bugzilla_description":"CVE-2012-4194 CVE-2012-4195 CVE-2012-4196 Mozilla: Fixes for Location object issues (MFSA 2012-90)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:10.0.10-1.el6_3","firefox-0:10.0.10-1.el6_3","thunderbird-0:10.0.10-1.el5_8","firefox-0:10.0.10-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4194.json"},{"CVE":"CVE-2012-4195","severity":"critical","public_date":"2012-10-26T00:00:00Z","advisories":["RHSA-2012:1407","RHSA-2012:1413"],"bugzilla":"869893","bugzilla_description":"CVE-2012-4194 CVE-2012-4195 CVE-2012-4196 Mozilla: Fixes for Location object issues (MFSA 2012-90)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:10.0.10-1.el6_3","firefox-0:10.0.10-1.el6_3","thunderbird-0:10.0.10-1.el5_8","firefox-0:10.0.10-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4195.json"},{"CVE":"CVE-2012-4196","severity":"critical","public_date":"2012-10-26T00:00:00Z","advisories":["RHSA-2012:1407","RHSA-2012:1413"],"bugzilla":"869893","bugzilla_description":"CVE-2012-4194 CVE-2012-4195 CVE-2012-4196 Mozilla: Fixes for Location object issues (MFSA 2012-90)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:10.0.10-1.el6_3","firefox-0:10.0.10-1.el6_3","thunderbird-0:10.0.10-1.el5_8","firefox-0:10.0.10-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4196.json"},{"CVE":"CVE-2012-4193","severity":"critical","public_date":"2012-10-11T00:00:00Z","advisories":["RHSA-2012:1362","RHSA-2012:1361"],"bugzilla":"865215","bugzilla_description":"CVE-2012-4193 Mozilla: defaultValue security checks not applied (MFSA 2012-89)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["xulrunner-0:10.0.8-2.el5_8","thunderbird-0:10.0.8-2.el5_8","xulrunner-0:10.0.8-2.el6_3","thunderbird-0:10.0.8-2.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4193.json"},{"CVE":"CVE-2012-4192","severity":"critical","public_date":"2012-10-11T00:00:00Z","advisories":[],"bugzilla":"865283","bugzilla_description":"CVE-2012-4192 Mozilla: defaultValue security checks not applied (firefox-16) (MFSA 2012-89)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4192.json"},{"CVE":"CVE-2012-4191","severity":"critical","public_date":"2012-10-11T00:00:00Z","advisories":[],"bugzilla":"865286","bugzilla_description":"CVE-2012-4191 Mozilla: Miscellaneous memory safety hazards (rv:16.0.1) (MFSA 2012-88)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4191.json"},{"CVE":"CVE-2012-3982","severity":"critical","public_date":"2012-10-09T00:00:00Z","advisories":["RHSA-2012:1351","RHSA-2012:1350"],"bugzilla":"863614","bugzilla_description":"CVE-2012-3982 Mozilla: Miscellaneous memory safety hazards (rv:10.0.8) (MFSA 2012-74)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el5_8","thunderbird-0:10.0.8-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3982.json"},{"CVE":"CVE-2012-3983","severity":"critical","public_date":"2012-10-09T00:00:00Z","advisories":[],"bugzilla":"863615","bugzilla_description":"CVE-2012-3983 Mozilla: Miscellaneous memory safety hazards (rv:16.0) (MFSA 2012-74)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3983.json"},{"CVE":"CVE-2012-3984","severity":"critical","public_date":"2012-10-09T00:00:00Z","advisories":[],"bugzilla":"863616","bugzilla_description":"CVE-2012-3984 CVE-2012-5354 Mozilla: Select element persistance allows for attacks (MFSA 2012-75)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3984.json"},{"CVE":"CVE-2012-5354","severity":"critical","public_date":"2012-10-09T00:00:00Z","advisories":[],"bugzilla":"863616","bugzilla_description":"CVE-2012-3984 CVE-2012-5354 Mozilla: Select element persistance allows for attacks (MFSA 2012-75)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5354.json"},{"CVE":"CVE-2012-3985","severity":"moderate","public_date":"2012-10-09T00:00:00Z","advisories":[],"bugzilla":"863617","bugzilla_description":"CVE-2012-3985 Mozilla: Continued access to initial origin after setting document.domain can lead to XSS attacks (MFSA 2012-76)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-79","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3985.json"},{"CVE":"CVE-2012-3986","severity":"moderate","public_date":"2012-10-09T00:00:00Z","advisories":["RHSA-2012:1351","RHSA-2012:1350"],"bugzilla":"863618","bugzilla_description":"CVE-2012-3986 Mozilla: Some DOMWindowUtils methods bypass security checks (MFSA 2012-77)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["thunderbird-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el5_8","thunderbird-0:10.0.8-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3986.json"},{"CVE":"CVE-2012-3988","severity":"critical","public_date":"2012-10-09T00:00:00Z","advisories":["RHSA-2012:1351","RHSA-2012:1350"],"bugzilla":"863619","bugzilla_description":"CVE-2012-3988 Mozilla: DOS and crash with full screen and history navigation (MFSA 2012-79)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el5_8","thunderbird-0:10.0.8-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3988.json"},{"CVE":"CVE-2012-3989","severity":"critical","public_date":"2012-10-09T00:00:00Z","advisories":[],"bugzilla":"863620","bugzilla_description":"CVE-2012-3989 Mozilla: Crash with invalid cast when using instanceof operator (MFSA 2012-80)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3989.json"},{"CVE":"CVE-2012-3991","severity":"critical","public_date":"2012-10-09T00:00:00Z","advisories":["RHSA-2012:1351","RHSA-2012:1350"],"bugzilla":"863621","bugzilla_description":"CVE-2012-3991 Mozilla: GetProperty function can bypass security checks (MFSA 2012-81)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el5_8","thunderbird-0:10.0.8-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3991.json"},{"CVE":"CVE-2012-3994","severity":"moderate","public_date":"2012-10-09T00:00:00Z","advisories":["RHSA-2012:1351","RHSA-2012:1350"],"bugzilla":"863622","bugzilla_description":"CVE-2012-3994 Mozilla: top object and location property accessible by plugins (MFSA 2012-82)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["thunderbird-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el5_8","thunderbird-0:10.0.8-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3994.json"},{"CVE":"CVE-2012-3993","severity":"moderate","public_date":"2012-10-09T00:00:00Z","advisories":["RHSA-2012:1351","RHSA-2012:1350"],"bugzilla":"863623","bugzilla_description":"CVE-2012-3993 CVE-2012-4184 Mozilla: Chrome Object Wrapper (COW) does not disallow acces to privileged functions or properties (MFSA 2012-83)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el5_8","thunderbird-0:10.0.8-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3993.json"},{"CVE":"CVE-2012-4184","severity":"moderate","public_date":"2012-10-09T00:00:00Z","advisories":["RHSA-2012:1351","RHSA-2012:1350"],"bugzilla":"863623","bugzilla_description":"CVE-2012-3993 CVE-2012-4184 Mozilla: Chrome Object Wrapper (COW) does not disallow acces to privileged functions or properties (MFSA 2012-83)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el5_8","thunderbird-0:10.0.8-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4184.json"},{"CVE":"CVE-2012-3992","severity":"moderate","public_date":"2012-10-09T00:00:00Z","advisories":["RHSA-2012:1351","RHSA-2012:1350"],"bugzilla":"863624","bugzilla_description":"CVE-2012-3992 Mozilla: Spoofing and script injection through location.hash (MFSA 2012-84)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["thunderbird-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el5_8","thunderbird-0:10.0.8-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3992.json"},{"CVE":"CVE-2012-3995","severity":"critical","public_date":"2012-10-09T00:00:00Z","advisories":["RHSA-2012:1351","RHSA-2012:1350"],"bugzilla":"863625","bugzilla_description":"CVE-2012-3995 CVE-2012-4179 CVE-2012-4180 CVE-2012-4181 CVE-2012-4182 CVE-2012-4183 Mozilla: Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer (MFSA 2012-85)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":["thunderbird-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el5_8","thunderbird-0:10.0.8-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3995.json"},{"CVE":"CVE-2012-4179","severity":"critical","public_date":"2012-10-09T00:00:00Z","advisories":["RHSA-2012:1351","RHSA-2012:1350"],"bugzilla":"863625","bugzilla_description":"CVE-2012-3995 CVE-2012-4179 CVE-2012-4180 CVE-2012-4181 CVE-2012-4182 CVE-2012-4183 Mozilla: Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer (MFSA 2012-85)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":["thunderbird-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el5_8","thunderbird-0:10.0.8-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4179.json"},{"CVE":"CVE-2012-4180","severity":"critical","public_date":"2012-10-09T00:00:00Z","advisories":["RHSA-2012:1351","RHSA-2012:1350"],"bugzilla":"863625","bugzilla_description":"CVE-2012-3995 CVE-2012-4179 CVE-2012-4180 CVE-2012-4181 CVE-2012-4182 CVE-2012-4183 Mozilla: Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer (MFSA 2012-85)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":["thunderbird-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el5_8","thunderbird-0:10.0.8-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4180.json"},{"CVE":"CVE-2012-4181","severity":"critical","public_date":"2012-10-09T00:00:00Z","advisories":["RHSA-2012:1351","RHSA-2012:1350"],"bugzilla":"863625","bugzilla_description":"CVE-2012-3995 CVE-2012-4179 CVE-2012-4180 CVE-2012-4181 CVE-2012-4182 CVE-2012-4183 Mozilla: Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer (MFSA 2012-85)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":["thunderbird-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el5_8","thunderbird-0:10.0.8-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4181.json"},{"CVE":"CVE-2012-4182","severity":"critical","public_date":"2012-10-09T00:00:00Z","advisories":["RHSA-2012:1351","RHSA-2012:1350"],"bugzilla":"863625","bugzilla_description":"CVE-2012-3995 CVE-2012-4179 CVE-2012-4180 CVE-2012-4181 CVE-2012-4182 CVE-2012-4183 Mozilla: Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer (MFSA 2012-85)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":["thunderbird-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el5_8","thunderbird-0:10.0.8-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4182.json"},{"CVE":"CVE-2012-4183","severity":"critical","public_date":"2012-10-09T00:00:00Z","advisories":["RHSA-2012:1351","RHSA-2012:1350"],"bugzilla":"863625","bugzilla_description":"CVE-2012-3995 CVE-2012-4179 CVE-2012-4180 CVE-2012-4181 CVE-2012-4182 CVE-2012-4183 Mozilla: Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer (MFSA 2012-85)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":["thunderbird-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el5_8","thunderbird-0:10.0.8-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4183.json"},{"CVE":"CVE-2012-4185","severity":"critical","public_date":"2012-10-09T00:00:00Z","advisories":["RHSA-2012:1351","RHSA-2012:1350"],"bugzilla":"863626","bugzilla_description":"CVE-2012-4185 CVE-2012-4186 CVE-2012-4187 CVE-2012-4188 Mozilla: Heap memory corruption issues found using Address Sanitizer (MFSA 2012-86)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el5_8","thunderbird-0:10.0.8-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4185.json"},{"CVE":"CVE-2012-4186","severity":"critical","public_date":"2012-10-09T00:00:00Z","advisories":["RHSA-2012:1351","RHSA-2012:1350"],"bugzilla":"863626","bugzilla_description":"CVE-2012-4185 CVE-2012-4186 CVE-2012-4187 CVE-2012-4188 Mozilla: Heap memory corruption issues found using Address Sanitizer (MFSA 2012-86)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el5_8","thunderbird-0:10.0.8-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4186.json"},{"CVE":"CVE-2012-4187","severity":"critical","public_date":"2012-10-09T00:00:00Z","advisories":["RHSA-2012:1351","RHSA-2012:1350"],"bugzilla":"863626","bugzilla_description":"CVE-2012-4185 CVE-2012-4186 CVE-2012-4187 CVE-2012-4188 Mozilla: Heap memory corruption issues found using Address Sanitizer (MFSA 2012-86)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el5_8","thunderbird-0:10.0.8-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4187.json"},{"CVE":"CVE-2012-4188","severity":"critical","public_date":"2012-10-09T00:00:00Z","advisories":["RHSA-2012:1351","RHSA-2012:1350"],"bugzilla":"863626","bugzilla_description":"CVE-2012-4185 CVE-2012-4186 CVE-2012-4187 CVE-2012-4188 Mozilla: Heap memory corruption issues found using Address Sanitizer (MFSA 2012-86)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["thunderbird-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el5_8","thunderbird-0:10.0.8-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4188.json"},{"CVE":"CVE-2012-3990","severity":"critical","public_date":"2012-10-09T00:00:00Z","advisories":["RHSA-2012:1351","RHSA-2012:1350"],"bugzilla":"863628","bugzilla_description":"CVE-2012-3990 Mozilla: Use-after-free in the IME State Manager (MFSA 2012-87)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["thunderbird-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el5_8","thunderbird-0:10.0.8-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3990.json"},{"CVE":"CVE-2012-1971","severity":"critical","public_date":"2012-08-28T00:00:00Z","advisories":[],"bugzilla":"851908","bugzilla_description":"CVE-2012-1971 Mozilla: Miscellaneous memory safety hazards (rv:15.0) (MFSA 2012-57)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1971.json"},{"CVE":"CVE-2012-1970","severity":"critical","public_date":"2012-08-28T00:00:00Z","advisories":["RHSA-2012:1210","RHSA-2012:1211"],"bugzilla":"851909","bugzilla_description":"CVE-2012-1970 Mozilla: Miscellaneous memory safety hazards (rv:15.0/ rv:10.0.7) (MFSA 2012-57)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:10.0.7-1.el5_8","firefox-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1970.json"},{"CVE":"CVE-2012-1972","severity":"critical","public_date":"2012-08-28T00:00:00Z","advisories":["RHSA-2012:1210","RHSA-2012:1211"],"bugzilla":"851910","bugzilla_description":"Mozilla: Multiple Use-after-free issues (MFSA 2012-58)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:10.0.7-1.el5_8","firefox-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1972.json"},{"CVE":"CVE-2012-1973","severity":"critical","public_date":"2012-08-28T00:00:00Z","advisories":["RHSA-2012:1210","RHSA-2012:1211"],"bugzilla":"851910","bugzilla_description":"Mozilla: Multiple Use-after-free issues (MFSA 2012-58)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:10.0.7-1.el5_8","firefox-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1973.json"},{"CVE":"CVE-2012-1974","severity":"critical","public_date":"2012-08-28T00:00:00Z","advisories":["RHSA-2012:1210","RHSA-2012:1211"],"bugzilla":"851910","bugzilla_description":"Mozilla: Multiple Use-after-free issues (MFSA 2012-58)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:10.0.7-1.el5_8","firefox-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1974.json"},{"CVE":"CVE-2012-1975","severity":"critical","public_date":"2012-08-28T00:00:00Z","advisories":["RHSA-2012:1210","RHSA-2012:1211"],"bugzilla":"851910","bugzilla_description":"Mozilla: Multiple Use-after-free issues (MFSA 2012-58)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:10.0.7-1.el5_8","firefox-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1975.json"},{"CVE":"CVE-2012-1976","severity":"critical","public_date":"2012-08-28T00:00:00Z","advisories":["RHSA-2012:1210","RHSA-2012:1211"],"bugzilla":"851910","bugzilla_description":"Mozilla: Multiple Use-after-free issues (MFSA 2012-58)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:10.0.7-1.el5_8","firefox-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1976.json"},{"CVE":"CVE-2012-3956","severity":"critical","public_date":"2012-08-28T00:00:00Z","advisories":["RHSA-2012:1210","RHSA-2012:1211"],"bugzilla":"851910","bugzilla_description":"Mozilla: Multiple Use-after-free issues (MFSA 2012-58)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:10.0.7-1.el5_8","firefox-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3956.json"},{"CVE":"CVE-2012-3957","severity":"critical","public_date":"2012-08-28T00:00:00Z","advisories":["RHSA-2012:1210","RHSA-2012:1211"],"bugzilla":"851910","bugzilla_description":"Mozilla: Multiple Use-after-free issues (MFSA 2012-58)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:10.0.7-1.el5_8","firefox-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3957.json"},{"CVE":"CVE-2012-3958","severity":"critical","public_date":"2012-08-28T00:00:00Z","advisories":["RHSA-2012:1210","RHSA-2012:1211"],"bugzilla":"851910","bugzilla_description":"Mozilla: Multiple Use-after-free issues (MFSA 2012-58)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:10.0.7-1.el5_8","firefox-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3958.json"},{"CVE":"CVE-2012-3959","severity":"critical","public_date":"2012-08-28T00:00:00Z","advisories":["RHSA-2012:1210","RHSA-2012:1211"],"bugzilla":"851910","bugzilla_description":"Mozilla: Multiple Use-after-free issues (MFSA 2012-58)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:10.0.7-1.el5_8","firefox-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3959.json"},{"CVE":"CVE-2012-3960","severity":"critical","public_date":"2012-08-28T00:00:00Z","advisories":["RHSA-2012:1210","RHSA-2012:1211"],"bugzilla":"851910","bugzilla_description":"Mozilla: Multiple Use-after-free issues (MFSA 2012-58)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:10.0.7-1.el5_8","firefox-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3960.json"},{"CVE":"CVE-2012-3961","severity":"critical","public_date":"2012-08-28T00:00:00Z","advisories":["RHSA-2012:1210","RHSA-2012:1211"],"bugzilla":"851910","bugzilla_description":"Mozilla: Multiple Use-after-free issues (MFSA 2012-58)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:10.0.7-1.el5_8","firefox-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3961.json"},{"CVE":"CVE-2012-3962","severity":"critical","public_date":"2012-08-28T00:00:00Z","advisories":["RHSA-2012:1210","RHSA-2012:1211"],"bugzilla":"851910","bugzilla_description":"Mozilla: Multiple Use-after-free issues (MFSA 2012-58)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:10.0.7-1.el5_8","firefox-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3962.json"},{"CVE":"CVE-2012-3963","severity":"critical","public_date":"2012-08-28T00:00:00Z","advisories":["RHSA-2012:1210","RHSA-2012:1211"],"bugzilla":"851910","bugzilla_description":"Mozilla: Multiple Use-after-free issues (MFSA 2012-58)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:10.0.7-1.el5_8","firefox-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3963.json"},{"CVE":"CVE-2012-3964","severity":"critical","public_date":"2012-08-28T00:00:00Z","advisories":["RHSA-2012:1210","RHSA-2012:1211"],"bugzilla":"851910","bugzilla_description":"Mozilla: Multiple Use-after-free issues (MFSA 2012-58)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:10.0.7-1.el5_8","firefox-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3964.json"},{"CVE":"CVE-2012-1956","severity":"moderate","public_date":"2012-08-28T00:00:00Z","advisories":["RHSA-2012:1351","RHSA-2012:1350"],"bugzilla":"851912","bugzilla_description":"CVE-2012-1956 Mozilla: Location object can be shadowed using Object.defineProperty (MFSA 2012-59)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["thunderbird-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el6_3","firefox-0:10.0.8-1.el5_8","thunderbird-0:10.0.8-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1956.json"},{"CVE":"CVE-2012-3965","severity":"critical","public_date":"2012-08-28T00:00:00Z","advisories":[],"bugzilla":"851916","bugzilla_description":"CVE-2012-3965 Mozilla: Escalation of privilege through about:newtab (MFSA 2012-60)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3965.json"},{"CVE":"CVE-2012-3966","severity":"critical","public_date":"2012-08-28T00:00:00Z","advisories":["RHSA-2012:1210","RHSA-2012:1211"],"bugzilla":"851918","bugzilla_description":"CVE-2012-3966 Mozilla: Memory corruption with bitmap format images with negative height (MFSA 2012-61)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:10.0.7-1.el5_8","firefox-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3966.json"},{"CVE":"CVE-2012-3967","severity":"critical","public_date":"2012-08-28T00:00:00Z","advisories":["RHSA-2012:1210","RHSA-2012:1211"],"bugzilla":"851920","bugzilla_description":"CVE-2012-3967 CVE-2012-3968 Mozilla: WebGL use-after-free and memory corruption (MFSA 2012-62)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:10.0.7-1.el5_8","firefox-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3967.json"},{"CVE":"CVE-2012-3968","severity":"critical","public_date":"2012-08-28T00:00:00Z","advisories":["RHSA-2012:1210","RHSA-2012:1211"],"bugzilla":"851920","bugzilla_description":"CVE-2012-3967 CVE-2012-3968 Mozilla: WebGL use-after-free and memory corruption (MFSA 2012-62)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:10.0.7-1.el5_8","firefox-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3968.json"},{"CVE":"CVE-2012-3969","severity":"critical","public_date":"2012-08-28T00:00:00Z","advisories":["RHSA-2012:1210","RHSA-2012:1211"],"bugzilla":"851922","bugzilla_description":"CVE-2012-3969 CVE-2012-3970 Mozilla: SVG buffer overflow and use-after-free issues (MFSA 2012-63)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-119|CWE-416)","affected_packages":["firefox-0:10.0.7-1.el5_8","firefox-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3969.json"},{"CVE":"CVE-2012-3970","severity":"critical","public_date":"2012-08-28T00:00:00Z","advisories":["RHSA-2012:1210","RHSA-2012:1211"],"bugzilla":"851922","bugzilla_description":"CVE-2012-3969 CVE-2012-3970 Mozilla: SVG buffer overflow and use-after-free issues (MFSA 2012-63)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"(CWE-119|CWE-416)","affected_packages":["firefox-0:10.0.7-1.el5_8","firefox-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3970.json"},{"CVE":"CVE-2012-3971","severity":"moderate","public_date":"2012-08-28T00:00:00Z","advisories":[],"bugzilla":"851923","bugzilla_description":"CVE-2012-3971 Mozilla: Graphite 2 memory corruption (MFSA 2012-64)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3971.json"},{"CVE":"CVE-2012-3972","severity":"moderate","public_date":"2012-08-28T00:00:00Z","advisories":["RHSA-2012:1210","RHSA-2012:1211"],"bugzilla":"851924","bugzilla_description":"CVE-2012-3972 Mozilla: Out-of-bounds read in format-number in XSLT (MFSA 2012-65)","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:P","CWE":"CWE-125","affected_packages":["firefox-0:10.0.7-1.el5_8","firefox-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3972.json"},{"CVE":"CVE-2012-3973","severity":"critical","public_date":"2012-08-28T00:00:00Z","advisories":[],"bugzilla":"851925","bugzilla_description":"CVE-2012-3973 Mozilla: HTTPMonitor extension allows for remote debugging without explicit activation (MFSA 2012-66)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3973.json"},{"CVE":"CVE-2012-3974","severity":"moderate","public_date":"2012-08-28T00:00:00Z","advisories":[],"bugzilla":"851927","bugzilla_description":"CVE-2012-3974 Mozilla: Installer will launch incorrect executable following new installation (MFSA 2012-67)","cvss_score":4.1,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3974.json"},{"CVE":"CVE-2012-3975","severity":"low","public_date":"2012-08-28T00:00:00Z","advisories":[],"bugzilla":"851929","bugzilla_description":"CVE-2012-3975 Mozilla: DOMParser loads linked resources in extensions when parsing text/html (MFSA 2012-68)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3975.json"},{"CVE":"CVE-2012-3978","severity":"moderate","public_date":"2012-08-28T00:00:00Z","advisories":["RHSA-2012:1210","RHSA-2012:1211"],"bugzilla":"851937","bugzilla_description":"CVE-2012-3978 Mozilla: Location object security checks bypassed by chrome code (MFSA 2012-70)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:10.0.7-1.el5_8","firefox-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3978.json"},{"CVE":"CVE-2012-3980","severity":"important","public_date":"2012-08-28T00:00:00Z","advisories":["RHSA-2012:1210","RHSA-2012:1211"],"bugzilla":"851939","bugzilla_description":"CVE-2012-3980 Mozilla: Web console eval capable of executing chrome-privileged code (MFSA 2012-72)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:10.0.7-1.el5_8","firefox-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el6_3","thunderbird-0:10.0.7-1.el5_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3980.json"},{"CVE":"CVE-2012-1948","severity":"critical","public_date":"2012-07-17T00:00:00Z","advisories":["RHSA-2012:1089","RHSA-2012:1088"],"bugzilla":"840201","bugzilla_description":"CVE-2012-1948 Mozilla: Miscellaneous memory safety hazards (rv:14.0/ rv:10.0.6) (MFSA 2012-42)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el6_3","firefox-0:10.0.6-1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1948.json"},{"CVE":"CVE-2012-1949","severity":"critical","public_date":"2012-07-17T00:00:00Z","advisories":[],"bugzilla":"840201","bugzilla_description":"CVE-2012-1948 CVE-2012-1949 Mozilla: Miscellaneous memory safety hazards (rv:14.0/ rv:10.0.6) (MFSA 2012-42)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1949.json"},{"CVE":"CVE-2012-1951","severity":"critical","public_date":"2012-07-17T00:00:00Z","advisories":["RHSA-2012:1089","RHSA-2012:1088"],"bugzilla":"840205","bugzilla_description":"CVE-2012-1951 CVE-2012-1952 CVE-2012-1953 CVE-2012-1954 Mozilla: Gecko memory corruption (MFSA 2012-44)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el6_3","firefox-0:10.0.6-1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1951.json"},{"CVE":"CVE-2012-1952","severity":"critical","public_date":"2012-07-17T00:00:00Z","advisories":["RHSA-2012:1089","RHSA-2012:1088"],"bugzilla":"840205","bugzilla_description":"CVE-2012-1951 CVE-2012-1952 CVE-2012-1953 CVE-2012-1954 Mozilla: Gecko memory corruption (MFSA 2012-44)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el6_3","firefox-0:10.0.6-1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1952.json"},{"CVE":"CVE-2012-1953","severity":"critical","public_date":"2012-07-17T00:00:00Z","advisories":["RHSA-2012:1089","RHSA-2012:1088"],"bugzilla":"840205","bugzilla_description":"CVE-2012-1951 CVE-2012-1952 CVE-2012-1953 CVE-2012-1954 Mozilla: Gecko memory corruption (MFSA 2012-44)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el6_3","firefox-0:10.0.6-1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1953.json"},{"CVE":"CVE-2012-1954","severity":"critical","public_date":"2012-07-17T00:00:00Z","advisories":["RHSA-2012:1089","RHSA-2012:1088"],"bugzilla":"840205","bugzilla_description":"CVE-2012-1951 CVE-2012-1952 CVE-2012-1953 CVE-2012-1954 Mozilla: Gecko memory corruption (MFSA 2012-44)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el6_3","firefox-0:10.0.6-1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1954.json"},{"CVE":"CVE-2012-1955","severity":"moderate","public_date":"2012-07-17T00:00:00Z","advisories":["RHSA-2012:1089","RHSA-2012:1088"],"bugzilla":"840206","bugzilla_description":"CVE-2012-1955 Mozilla: Spoofing issue with location (MFSA 2012-45)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["firefox-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el6_3","firefox-0:10.0.6-1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1955.json"},{"CVE":"CVE-2012-1966","severity":"moderate","public_date":"2012-07-17T00:00:00Z","advisories":["RHSA-2012:1088"],"bugzilla":"840207","bugzilla_description":"CVE-2012-1966 Mozilla: XSS and code execution through data: URLs (MFSA 2012-46)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-79","affected_packages":["firefox-0:10.0.6-1.el5_8","firefox-0:10.0.6-1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1966.json"},{"CVE":"CVE-2012-1957","severity":"moderate","public_date":"2012-07-17T00:00:00Z","advisories":["RHSA-2012:1089","RHSA-2012:1088"],"bugzilla":"840208","bugzilla_description":"CVE-2012-1957 Mozilla: Improper filtering of javascript in HTML feed-view (MFSA 2012-47)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["firefox-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el6_3","firefox-0:10.0.6-1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1957.json"},{"CVE":"CVE-2012-1958","severity":"moderate","public_date":"2012-07-17T00:00:00Z","advisories":["RHSA-2012:1089","RHSA-2012:1088"],"bugzilla":"840211","bugzilla_description":"CVE-2012-1958 Mozilla: use-after-free in nsGlobalWindow::PageHidden (MFSA 2012-48)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["firefox-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el6_3","firefox-0:10.0.6-1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1958.json"},{"CVE":"CVE-2012-1959","severity":"critical","public_date":"2012-07-17T00:00:00Z","advisories":["RHSA-2012:1089","RHSA-2012:1088"],"bugzilla":"840212","bugzilla_description":"CVE-2012-1959 Mozilla: Same-compartment Security Wrappers can be bypassed (MFSA 2012-49)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el6_3","firefox-0:10.0.6-1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1959.json"},{"CVE":"CVE-2012-1960","severity":"low","public_date":"2012-07-17T00:00:00Z","advisories":[],"bugzilla":"840213","bugzilla_description":"CVE-2012-1960 Mozilla: Out of bounds read in QCMS (MFSA 2012-50)","cvss_score":3.3,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1960.json"},{"CVE":"CVE-2012-1961","severity":"moderate","public_date":"2012-07-17T00:00:00Z","advisories":["RHSA-2012:1089","RHSA-2012:1088"],"bugzilla":"840214","bugzilla_description":"CVE-2012-1961 Mozilla: X-Frame-Options header ignored when duplicated (MFSA 2012-51)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["firefox-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el6_3","firefox-0:10.0.6-1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1961.json"},{"CVE":"CVE-2012-1962","severity":"critical","public_date":"2012-07-17T00:00:00Z","advisories":["RHSA-2012:1089","RHSA-2012:1088"],"bugzilla":"840215","bugzilla_description":"CVE-2012-1962 Mozilla: JSDependentString::undepend string conversion results in memory corruption (MFSA 2012-52)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el6_3","firefox-0:10.0.6-1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1962.json"},{"CVE":"CVE-2012-1963","severity":"moderate","public_date":"2012-07-17T00:00:00Z","advisories":["RHSA-2012:1089","RHSA-2012:1088"],"bugzilla":"840220","bugzilla_description":"CVE-2012-1963 Mozilla: Content Security Policy 1.0 implementation errors cause data leakage (MFSA 2012-53)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["firefox-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el6_3","firefox-0:10.0.6-1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1963.json"},{"CVE":"CVE-2012-1964","severity":"moderate","public_date":"2012-07-17T00:00:00Z","advisories":["RHSA-2012:1089","RHSA-2012:1088"],"bugzilla":"840222","bugzilla_description":"CVE-2012-1964 Mozilla: Clickjacking of certificate warning page (MFSA 2012-54)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["firefox-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el6_3","firefox-0:10.0.6-1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1964.json"},{"CVE":"CVE-2012-1965","severity":"moderate","public_date":"2012-07-17T00:00:00Z","advisories":["RHSA-2012:1088"],"bugzilla":"840225","bugzilla_description":"CVE-2012-1965 Mozilla: feed: URLs with an innerURI inherit security context of page (MFSA 2012-55)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["firefox-0:10.0.6-1.el5_8","firefox-0:10.0.6-1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1965.json"},{"CVE":"CVE-2012-1967","severity":"critical","public_date":"2012-07-17T00:00:00Z","advisories":["RHSA-2012:1089","RHSA-2012:1088"],"bugzilla":"840259","bugzilla_description":"CVE-2012-1967 Mozilla: Code execution through javascript: URLs (MFSA 2012-56)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el5_8","thunderbird-0:10.0.6-1.el6_3","firefox-0:10.0.6-1.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1967.json"},{"CVE":"CVE-2011-3101","severity":"critical","public_date":"2012-06-05T00:00:00Z","advisories":["RHSA-2012:0715","RHSA-2012:0710"],"bugzilla":"827829","bugzilla_description":"CVE-2011-3101 CVE-2012-1937 CVE-2012-1938 CVE-2012-1939 CVE-2012-3105 Mozilla: Miscellaneous memory safety hazards (rv:13.0/ rv:10.0.5) (MFSA 2012-34)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:10.0.5-1.el6_2","firefox-0:10.0.5-1.el5_8","thunderbird-0:10.0.5-2.el5_8","thunderbird-0:10.0.5-2.el6_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3101.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tibetan-machine-uni-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tibetan-machine-uni-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tibetan-machine-uni-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tigervnc-icons_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tigervnc-icons_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tigervnc-icons_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tigervnc-license_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tigervnc-license_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tigervnc-license_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tigervnc-server-minimal_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tigervnc-server-minimal_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tigervnc-server-minimal_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tigervnc-server_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tigervnc-server_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tigervnc-server_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tigervnc_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tigervnc_security_api_results.json new file mode 100644 index 0000000..0c08ed4 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tigervnc_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-26117","severity":"moderate","public_date":"2020-09-18T00:00:00Z","advisories":[],"bugzilla":"1882841","bugzilla_description":"CVE-2020-26117 tigervnc: certificate exceptions stored as authorities","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-296","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26117.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2019-15691","severity":"moderate","public_date":"2019-12-20T00:00:00Z","advisories":["RHSA-2020:1497","RHSA-2020:3875"],"bugzilla":"1789908","bugzilla_description":"CVE-2019-15691 tigervnc: Stack use-after-return due to incorrect usage of stack memory in ZRLEDecoder","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-672","affected_packages":["tigervnc-0:1.8.0-21.el7","tigervnc-0:1.9.0-14.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15691.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.2"},{"CVE":"CVE-2019-15693","severity":"moderate","public_date":"2019-12-20T00:00:00Z","advisories":["RHSA-2020:1497","RHSA-2020:3875"],"bugzilla":"1790313","bugzilla_description":"CVE-2019-15693 tigervnc: Heap buffer overflow in TightDecoder::FilterGradient","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["tigervnc-0:1.8.0-21.el7","tigervnc-0:1.9.0-14.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15693.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.2"},{"CVE":"CVE-2019-15694","severity":"moderate","public_date":"2019-12-20T00:00:00Z","advisories":["RHSA-2020:1497","RHSA-2020:3875"],"bugzilla":"1790315","bugzilla_description":"CVE-2019-15694 tigervnc: Heap buffer overflow in DecodeManager::decodeRect","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["tigervnc-0:1.8.0-21.el7","tigervnc-0:1.9.0-14.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15694.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.2"},{"CVE":"CVE-2019-15695","severity":"moderate","public_date":"2019-12-20T00:00:00Z","advisories":["RHSA-2020:1497","RHSA-2020:3875"],"bugzilla":"1790318","bugzilla_description":"CVE-2019-15695 tigervnc: Stack buffer overflow in CMsgReader::readSetCursor","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":["tigervnc-0:1.8.0-21.el7","tigervnc-0:1.9.0-14.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15695.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.2"},{"CVE":"CVE-2019-15692","severity":"moderate","public_date":"2019-09-10T00:00:00Z","advisories":["RHSA-2020:1497","RHSA-2020:3875"],"bugzilla":"1789527","bugzilla_description":"CVE-2019-15692 tigervnc: Heap buffer overflow triggered from CopyRectDecoder due to incorrect value checks","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["tigervnc-0:1.8.0-21.el7","tigervnc-0:1.9.0-14.el8_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15692.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.2"},{"CVE":"CVE-2017-7392","severity":"low","public_date":"2017-03-29T00:00:00Z","advisories":["RHSA-2017:2000"],"bugzilla":"1438694","bugzilla_description":"CVE-2017-7392 tigervnc: SSecurityVeNCrypt memory leak","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tigervnc-0:1.8.0-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7392.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2017-7394","severity":"moderate","public_date":"2017-03-29T00:00:00Z","advisories":["RHSA-2017:2000"],"bugzilla":"1438700","bugzilla_description":"CVE-2017-7394 tigervnc: Server crash via long usernames","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":["tigervnc-0:1.8.0-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7394.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-7393","severity":"moderate","public_date":"2017-03-27T00:00:00Z","advisories":["RHSA-2017:2000"],"bugzilla":"1438697","bugzilla_description":"CVE-2017-7393 tigervnc: Double free via crafted fences","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["tigervnc-0:1.8.0-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7393.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-7395","severity":"moderate","public_date":"2017-03-27T00:00:00Z","advisories":["RHSA-2017:2000"],"bugzilla":"1438701","bugzilla_description":"CVE-2017-7395 tigervnc: Integer overflow in SMsgReader::readClientCutText","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":["tigervnc-0:1.8.0-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7395.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-7396","severity":"low","public_date":"2017-03-27T00:00:00Z","advisories":["RHSA-2017:2000"],"bugzilla":"1438703","bugzilla_description":"CVE-2017-7396 tigervnc: SecurityServer and ClientServer memory leaks","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tigervnc-0:1.8.0-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7396.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2017-5581","severity":"low","public_date":"2017-01-13T00:00:00Z","advisories":["RHSA-2017:2000","RHSA-2017:0630"],"bugzilla":"1415712","bugzilla_description":"CVE-2017-5581 tigervnc: Buffer overflow in ModifiablePixelBuffer::fillRect","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["tigervnc-0:1.8.0-1.el7","tigervnc-0:1.1.0-24.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5581.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.1"},{"CVE":"CVE-2016-10207","severity":"moderate","public_date":"2016-08-23T00:00:00Z","advisories":["RHSA-2017:2000","RHSA-2017:0630"],"bugzilla":"1418761","bugzilla_description":"CVE-2016-10207 tigervnc: VNC server can crash when TLS handshake terminates early","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tigervnc-0:1.8.0-1.el7","tigervnc-0:1.1.0-24.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10207.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2014-8240","severity":"moderate","public_date":"2014-10-10T00:00:00Z","advisories":["RHSA-2015:2233"],"bugzilla":"1151307","bugzilla_description":"CVE-2014-8240 tigervnc: integer overflow flaw, leading to a heap-based buffer overflow in screen size handling","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-190->CWE-122","affected_packages":["tigervnc-0:1.3.1-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8240.json"},{"CVE":"CVE-2014-8241","severity":"moderate","public_date":"2014-10-10T00:00:00Z","advisories":["RHSA-2015:2233"],"bugzilla":"1151312","bugzilla_description":"CVE-2014-8241 tigervnc: NULL pointer dereference flaw in XRegion","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-476","affected_packages":["tigervnc-0:1.3.1-3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8241.json"},{"CVE":"CVE-2014-0011","severity":"moderate","public_date":"2014-03-19T00:00:00Z","advisories":[],"bugzilla":"1050928","bugzilla_description":"CVE-2014-0011 tigervnc: ZRLE decoding heap-based buffer overflow in vncviewer","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0011.json"},{"CVE":"CVE-2011-1775","severity":"moderate","public_date":"2011-05-04T00:00:00Z","advisories":["RHSA-2011:0871"],"bugzilla":"702470","bugzilla_description":"CVE-2011-1775 tigervnc: vncviewer can send password to server without proper validation of the X.509 certificate","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["tigervnc-0:1.0.90-0.15.20110314svn4359.el6_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1775.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/time_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/time_security_api_results.json new file mode 100644 index 0000000..dcc8476 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/time_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-15250","severity":"low","public_date":"2020-10-12T00:00:00Z","advisories":[],"bugzilla":"1887810","bugzilla_description":"CVE-2020-15250 junit4: TemporaryFolder is shared between all users across system which could result in information disclosure","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15250.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"6.2"},{"CVE":"CVE-2020-14040","severity":"moderate","public_date":"2020-06-17T00:00:00Z","advisories":["RHSA-2020:3665","RHSA-2020:3369","RHSA-2020:3578","RHSA-2020:4214","RHSA-2020:3783","RHSA-2020:3087","RHSA-2020:3780","RHSA-2020:3372","RHSA-2020:3727"],"bugzilla":"1853652","bugzilla_description":"CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["openshift3/ose-docker-registry:v3.11.286-1","servicemesh-grafana-0:6.4.3-13.el8","distributed-tracing/jaeger-query-rhel7:1.17.5-3","kiali-0:v1.12.10.redhat2-1.el7","ior-0:1.1.6-1.el8","openshift4/ose-cluster-version-operator:v4.5.0-202008280601.p0","distributed-tracing/jaeger-ingester-rhel7:1.17.5-3","distributed-tracing/jaeger-all-in-one-rhel7:1.17.5-3","distributed-tracing/jaeger-rhel7-operator:1.17.5-3","servicemesh-0:1.1.6-1.el8","servicemesh-cni-0:1.1.6-1.el8","servicemesh-prometheus-0:2.14.0-14.el8","openshift4/ose-cluster-network-operator:v4.4.0-202009120105.p0","openshift-service-mesh/3scale-istio-adapter-rhel8:1.0.0-8","distributed-tracing/jaeger-agent-rhel7:1.17.5-3","openshift4/ose-cluster-svcat-controller-manager-operator:v4.5.0-202008280221.p0","openshift4/ose-cluster-svcat-apiserver-operator:v4.5.0-202009112201.p0","distributed-tracing/jaeger-collector-rhel7:1.17.5-3","openshift4/ose-elasticsearch-operator:v4.5.0-202008310950.p0","servicemesh-operator-0:1.1.6-2.el8","go-toolset:rhel8-8020020200817154239.02f7cb7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14040.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-3896","severity":"important","public_date":"2019-06-17T00:00:00Z","advisories":["RHSA-2019:1489","RHSA-2019:1488","RHSA-2019:1490"],"bugzilla":"1694812","bugzilla_description":"CVE-2019-3896 kernel: Double free in lib/idr.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["kernel-0:2.6.32-754.15.3.el6","kernel-0:2.6.32-431.95.3.el6","kernel-0:2.6.32-504.79.3.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3896.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2019-3837","severity":"moderate","public_date":"2019-04-03T00:00:00Z","advisories":[],"bugzilla":"1678423","bugzilla_description":"CVE-2019-3837 kernel: memory leak in tcp_recvmsg() with NET_DMA","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3837.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"6.1"},{"CVE":"CVE-2018-16882","severity":"important","public_date":"2018-12-18T00:00:00Z","advisories":[],"bugzilla":"1660604","bugzilla_description":"CVE-2018-16882 Kernel: KVM: nVMX: use after free in posted interrupt processing","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16882.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-6554","severity":null,"public_date":"2018-09-04T00:00:00Z","advisories":[],"bugzilla":"1623610","bugzilla_description":"CVE-2018-6554 kernel: irda: Memory leak caused by repeated binds of irda socket","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6554.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-6555","severity":null,"public_date":"2018-09-04T00:00:00Z","advisories":[],"bugzilla":"1623614","bugzilla_description":"CVE-2018-6555 kernel: irda: use-after-free vulnerability in the hashbin list","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6555.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H","cvss3_score":"7.4"},{"CVE":"CVE-2018-14619","severity":"important","public_date":"2018-08-28T00:00:00Z","advisories":["RHSA-2018:2948"],"bugzilla":"1622004","bugzilla_description":"CVE-2018-14619 kernel: crash (possible privesc) in kernel crypto api.","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14619.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.2"},{"CVE":"CVE-2018-10938","severity":"moderate","public_date":"2018-08-27T00:00:00Z","advisories":[],"bugzilla":"1622404","bugzilla_description":"CVE-2018-10938 kernel: infinite loop in net/ipv4/cipso_ipv4.c:cipso_v4_optptr() allows for DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10938.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9363","severity":"moderate","public_date":"2018-08-16T00:00:00Z","advisories":["RHSA-2018:2948","RHSA-2019:2029","RHSA-2019:2043"],"bugzilla":"1623067","bugzilla_description":"CVE-2018-9363 kernel: Buffer overflow in hidp_process_report","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["kernel-rt-0:3.10.0-1062.rt56.1022.el7","kernel-0:3.10.0-1062.el7","kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9363.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"6.1"},{"CVE":"CVE-2018-15471","severity":"important","public_date":"2018-08-14T17:00:00Z","advisories":[],"bugzilla":"1610555","bugzilla_description":"CVE-2018-15471 kernel: net: xen: Linux netback driver OOB access in hash handling (XSA-270)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15471.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","cvss3_score":"8.2"},{"CVE":"CVE-2018-7754","severity":"low","public_date":"2018-08-09T00:00:00Z","advisories":[],"bugzilla":"1616374","bugzilla_description":"CVE-2018-7754 kernel: Information Exposure in aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7754.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2018-5953","severity":null,"public_date":"2018-08-07T00:00:00Z","advisories":[],"bugzilla":"1614057","bugzilla_description":"CVE-2018-5953 kernel: Information Exposure through dmesg data from a \"software IO TLB\" printk call","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5953.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N"},{"CVE":"CVE-2018-5995","severity":null,"public_date":"2018-08-07T00:00:00Z","advisories":[],"bugzilla":"1614061","bugzilla_description":"CVE-2018-5995 kernel: Information Exposure through dmesg data from a \"pages/cpu\" printk call","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5995.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N"},{"CVE":"CVE-2018-15594","severity":"moderate","public_date":"2018-08-03T00:00:00Z","advisories":["RHSA-2019:2029","RHSA-2019:2043"],"bugzilla":"1620555","bugzilla_description":"CVE-2018-15594 kernel: Mishandling of indirect calls weakens Spectre mitigation for paravirtual guests","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["kernel-rt-0:3.10.0-1062.rt56.1022.el7","kernel-0:3.10.0-1062.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15594.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N","cvss3_score":"5.6"},{"CVE":"CVE-2018-14616","severity":"low","public_date":"2018-07-09T00:00:00Z","advisories":[],"bugzilla":"1610106","bugzilla_description":"CVE-2018-14616 kernel: NULL pointer dereference in fs/crypto/crypto.c:fscrypt_do_page_crypto() when operating on a corrupted f2fs image","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476->CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14616.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2018-16276","severity":"moderate","public_date":"2018-07-06T00:00:00Z","advisories":[],"bugzilla":"1624507","bugzilla_description":"CVE-2018-16276 kernel: incorrect bounds checking in yurex_read in drivers/usb/misc/yurex.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16276.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"5.3"},{"CVE":"CVE-2018-13405","severity":"important","public_date":"2018-07-05T00:00:00Z","advisories":["RHSA-2019:2476","RHSA-2019:2696","RHSA-2018:2948","RHSA-2018:3096","RHSA-2018:3083","RHSA-2019:2566","RHSA-2019:4159","RHSA-2019:2730","RHSA-2019:4164","RHSA-2019:0717"],"bugzilla":"1599161","bugzilla_description":"CVE-2018-13405 kernel: Missing check in fs/inode.c:inode_init_owner() does not clear SGID bit on non-directories for non-members","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":["kernel-0:2.6.32-504.80.2.el6","kernel-rt-0:3.10.0-957.rt56.910.el7","kernel-0:3.10.0-693.58.1.el7","kernel-0:3.10.0-862.41.1.el7","kernel-rt-1:3.10.0-693.58.1.rt56.652.el6rt","kernel-0:3.10.0-957.el7","kernel-0:3.10.0-327.83.1.el7","kernel-0:2.6.32-754.12.1.el6","kernel-alt-0:4.14.0-115.el7a","kernel-0:3.10.0-514.71.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13405.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2018-14615","severity":"low","public_date":"2018-07-05T00:00:00Z","advisories":[],"bugzilla":"1610102","bugzilla_description":"CVE-2018-14615 kernel: Buffer overflow in fs/f2fs/inline.c:truncate_inline_inode() when unmounting a crafted f2fs image","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14615.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2018-13053","severity":"low","public_date":"2018-06-27T00:00:00Z","advisories":["RHSA-2019:2029","RHSA-2019:0831","RHSA-2019:2043"],"bugzilla":"1597747","bugzilla_description":"CVE-2018-13053 kernel: Integer overflow in the alarm_timer_nsleep function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":["kernel-rt-0:3.10.0-1062.rt56.1022.el7","kernel-alt-0:4.14.0-115.7.1.el7a","kernel-0:3.10.0-1062.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13053.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-14617","severity":"low","public_date":"2018-06-27T00:00:00Z","advisories":[],"bugzilla":"1610110","bugzilla_description":"CVE-2018-14617 kernel: NULL pointer dereference in fs/hfsplus/dir.c:hfsplus_lookup() when operating on a file in a crafted hfs+ image","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476->CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14617.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2018-12714","severity":"moderate","public_date":"2018-06-23T00:00:00Z","advisories":[],"bugzilla":"1595835","bugzilla_description":"CVE-2018-12714 kernel: slab out-of-bounds write in trace/trace_events_filter.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12714.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2018-12896","severity":null,"public_date":"2018-06-22T00:00:00Z","advisories":[],"bugzilla":"1597759","bugzilla_description":"CVE-2018-12896 kernel: Integer overflow in kernel/time/posix-timers.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12896.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-13096","severity":"low","public_date":"2018-06-22T00:00:00Z","advisories":[],"bugzilla":"1597782","bugzilla_description":"CVE-2018-13096 kernel: out-of-bounds memory access in fs/f2fs/super.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13096.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.0"},{"CVE":"CVE-2018-13097","severity":"low","public_date":"2018-06-22T00:00:00Z","advisories":[],"bugzilla":"1597786","bugzilla_description":"CVE-2018-13097 kernel: divide-by-zero in fs/f2fs/super.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-369","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13097.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.0"},{"CVE":"CVE-2018-13098","severity":"low","public_date":"2018-06-22T00:00:00Z","advisories":[],"bugzilla":"1597792","bugzilla_description":"CVE-2018-13098 kernel: slab out-of-bounds read in fs/f2fs/inode.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13098.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.0"},{"CVE":"CVE-2018-13099","severity":"low","public_date":"2018-06-22T00:00:00Z","advisories":[],"bugzilla":"1597810","bugzilla_description":"CVE-2018-13099 kernel: out-of-bounds memory access in fs/f2fs/inline.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13099.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.0"},{"CVE":"CVE-2018-13100","severity":"low","public_date":"2018-06-22T00:00:00Z","advisories":[],"bugzilla":"1597814","bugzilla_description":"CVE-2018-13100 kernel: divide-by-zero in fs/f2fs/super.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-369","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13100.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.0"},{"CVE":"CVE-2018-10882","severity":"low","public_date":"2018-06-14T00:00:00Z","advisories":["RHSA-2018:2948"],"bugzilla":"1596842","bugzilla_description":"CVE-2018-10882 kernel: stack-out-of-bounds write infs/jbd2/transaction.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":["kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10882.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"4.8"},{"CVE":"CVE-2018-10883","severity":"low","public_date":"2018-06-14T00:00:00Z","advisories":["RHSA-2018:2948","RHSA-2018:3096","RHSA-2018:3083"],"bugzilla":"1596846","bugzilla_description":"CVE-2018-10883 kernel: stack-out-of-bounds write in jbd2_journal_dirty_metadata function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":["kernel-rt-0:3.10.0-957.rt56.910.el7","kernel-0:3.10.0-957.el7","kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10883.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"4.8"},{"CVE":"CVE-2018-12904","severity":"moderate","public_date":"2018-06-12T00:00:00Z","advisories":[],"bugzilla":"1595143","bugzilla_description":"CVE-2018-12904 kernel: kvm: nVMX: missing privilege check allows privilege escalation in nested virtualization","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12904.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2018-10881","severity":"low","public_date":"2018-06-10T00:00:00Z","advisories":["RHSA-2018:2948","RHSA-2018:3096","RHSA-2018:3083"],"bugzilla":"1596828","bugzilla_description":"CVE-2018-10881 kernel: out-of-bound access in ext4_get_group_info() when mounting and operating a crafted ext4 image","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":["kernel-rt-0:3.10.0-957.rt56.910.el7","kernel-0:3.10.0-957.el7","kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10881.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.2"},{"CVE":"CVE-2018-10880","severity":"low","public_date":"2018-06-09T00:00:00Z","advisories":["RHSA-2018:2948"],"bugzilla":"1596812","bugzilla_description":"CVE-2018-10880 kernel: stack-out-of-bounds write in ext4_update_inline_data function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":["kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10880.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2018-10879","severity":"low","public_date":"2018-06-08T00:00:00Z","advisories":["RHSA-2018:2948","RHSA-2018:3096","RHSA-2018:3083"],"bugzilla":"1596806","bugzilla_description":"CVE-2018-10879 kernel: use-after-free detected in ext4_xattr_set_entry with a crafted file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["kernel-rt-0:3.10.0-957.rt56.910.el7","kernel-0:3.10.0-957.el7","kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10879.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.2"},{"CVE":"CVE-2018-13094","severity":"low","public_date":"2018-06-07T00:00:00Z","advisories":["RHSA-2019:2029","RHSA-2019:0831","RHSA-2019:2043"],"bugzilla":"1597771","bugzilla_description":"CVE-2018-13094 kernel: NULL pointer dereference in xfs_da_shrink_inode function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":["kernel-rt-0:3.10.0-1062.rt56.1022.el7","kernel-alt-0:4.14.0-115.7.1.el7a","kernel-0:3.10.0-1062.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13094.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.0"},{"CVE":"CVE-2018-13095","severity":"low","public_date":"2018-06-03T00:00:00Z","advisories":["RHSA-2019:2029","RHSA-2019:2043","RHSA-2019:1350"],"bugzilla":"1597775","bugzilla_description":"CVE-2018-13095 kernel: NULL pointer dereference in fs/xfs/libxfs/xfs_inode_buf.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":["kernel-rt-0:3.10.0-1062.rt56.1022.el7","kernel-alt-0:4.14.0-115.8.1.el7a","kernel-0:3.10.0-1062.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13095.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.0"},{"CVE":"CVE-2018-12233","severity":"moderate","public_date":"2018-06-01T00:00:00Z","advisories":[],"bugzilla":"1590205","bugzilla_description":"CVE-2018-12233 kernel: Memory corruption in JFS setattr","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12233.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2018-14734","severity":"moderate","public_date":"2018-06-01T00:00:00Z","advisories":["RHSA-2019:2029","RHSA-2019:0831","RHSA-2019:2043"],"bugzilla":"1611005","bugzilla_description":"CVE-2018-14734 kernel: use-after-free in ucma_leave_multicast in drivers/infiniband/core/ucma.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["kernel-rt-0:3.10.0-1062.rt56.1022.el7","kernel-alt-0:4.14.0-115.7.1.el7a","kernel-0:3.10.0-1062.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14734.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"5.3"},{"CVE":"CVE-2018-10878","severity":"moderate","public_date":"2018-05-28T00:00:00Z","advisories":["RHSA-2018:2948","RHSA-2018:3096","RHSA-2018:3083"],"bugzilla":"1596802","bugzilla_description":"CVE-2018-10878 kernel: out-of-bound write in ext4_init_block_bitmap function with a crafted ext4 image","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":["kernel-rt-0:3.10.0-957.rt56.910.el7","kernel-0:3.10.0-957.el7","kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10878.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"4.8"},{"CVE":"CVE-2018-14609","severity":"low","public_date":"2018-05-26T00:00:00Z","advisories":[],"bugzilla":"1610074","bugzilla_description":"CVE-2018-14609 kernel: Invalid pointer dereference in fs/btrfs/relocation.c:__del_reloc_root() when mounting crafted btrfs image","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476->CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14609.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2018-14610","severity":"low","public_date":"2018-05-26T00:00:00Z","advisories":[],"bugzilla":"1610079","bugzilla_description":"CVE-2018-14610 kernel: Out-of-bounds access in write_extent_buffer() when mounting and operating a crafted btrfs image","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14610.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2018-14611","severity":"low","public_date":"2018-05-26T00:00:00Z","advisories":[],"bugzilla":"1610084","bugzilla_description":"CVE-2018-14611 kernel: Use-after-free in try_merge_free_space() when mounting crafted btrfs image","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416->CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14611.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"5.2"},{"CVE":"CVE-2018-14612","severity":"low","public_date":"2018-05-26T00:00:00Z","advisories":[],"bugzilla":"1610088","bugzilla_description":"CVE-2018-14612 kernel: Invalid pointer dereference in btrfs_root_node() when mounting a crafted btrfs image","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476->CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14612.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2018-14613","severity":"low","public_date":"2018-05-26T00:00:00Z","advisories":[],"bugzilla":"1610092","bugzilla_description":"CVE-2018-14613 kernel: Invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476->CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14613.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2018-14614","severity":"low","public_date":"2018-05-26T00:00:00Z","advisories":[],"bugzilla":"1610098","bugzilla_description":"CVE-2018-14614 kernel: Out-of-bounds access in fs/f2fs/segment.c:__remove_dirty_segment() when mounting a crafted f2fs image","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14614.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2018-11412","severity":"moderate","public_date":"2018-05-22T00:00:00Z","advisories":["RHSA-2019:0525"],"bugzilla":"1582358","bugzilla_description":"CVE-2018-11412 kernel: out-of-bounds memcpy in fs/ext4/inline.c:ext4_read_inline_data() with crafted ext4 image","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-805","affected_packages":["kernel-alt-0:4.14.0-115.6.1.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11412.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.8"},{"CVE":"CVE-2018-11506","severity":"moderate","public_date":"2018-05-21T00:00:00Z","advisories":["RHSA-2018:2948"],"bugzilla":"1583210","bugzilla_description":"CVE-2018-11506 kernel: Stack-based buffer overflow in drivers/scsi/sr_ioctl.c allows denial of service or other unspecified impact","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":["kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11506.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"5.3"},{"CVE":"CVE-2018-1000204","severity":"low","public_date":"2018-05-18T00:00:00Z","advisories":["RHSA-2018:2948"],"bugzilla":"1589324","bugzilla_description":"CVE-2018-1000204 kernel: Infoleak caused by incorrect handling of the SG_IO ioctl","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000204.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.1"},{"CVE":"CVE-2018-5814","severity":"moderate","public_date":"2018-05-15T00:00:00Z","advisories":[],"bugzilla":"1588620","bugzilla_description":"CVE-2018-5814 kernel: Race condition errors in USB over IP functionality can cause denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5814.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.3"},{"CVE":"CVE-2018-11508","severity":"low","public_date":"2018-05-11T00:00:00Z","advisories":[],"bugzilla":"1583314","bugzilla_description":"CVE-2018-11508 kernel: Missing initialization in kernel/compat.c:compat_get_timex() allows local attacker to obtain possibly sensitive information via adjtimex","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-456->CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11508.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2018-12633","severity":"moderate","public_date":"2018-05-08T00:00:00Z","advisories":[],"bugzilla":"1594170","bugzilla_description":"CVE-2018-12633 kernel: Double-fetch vulnerability in drivers/virt/vboxguest/vboxguest_linux.c:vbg_misc_device_ioctl() allows information leak and local denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12633.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H","cvss3_score":"6.1"},{"CVE":"CVE-2018-1000200","severity":"moderate","public_date":"2018-04-24T00:00:00Z","advisories":["RHSA-2018:2948"],"bugzilla":"1568744","bugzilla_description":"CVE-2018-1000200 kernel: NULL pointer dereference on OOM kill of large mlocked process","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":["kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000200.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2018-1118","severity":"low","public_date":"2018-04-23T00:00:00Z","advisories":["RHSA-2018:2948","RHSA-2018:3096","RHSA-2018:3083"],"bugzilla":"1573699","bugzilla_description":"CVE-2018-1118 kernel: vhost: Information disclosure in vhost/vhost.c:vhost_new_msg()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-665","affected_packages":["kernel-rt-0:3.10.0-957.rt56.910.el7","kernel-0:3.10.0-957.el7","kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1118.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"2.3"},{"CVE":"CVE-2018-10940","severity":"low","public_date":"2018-04-18T00:00:00Z","advisories":["RHSA-2018:2948","RHSA-2018:3096","RHSA-2018:3083"],"bugzilla":"1577408","bugzilla_description":"CVE-2018-10940 kernel: incorrect memory bounds check in drivers/cdrom/cdrom.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["kernel-rt-0:3.10.0-957.rt56.910.el7","kernel-0:3.10.0-957.el7","kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10940.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2018-10323","severity":"low","public_date":"2018-04-17T00:00:00Z","advisories":[],"bugzilla":"1571627","bugzilla_description":"CVE-2018-10323 kernel: Invalid pointer dereference in xfs_bmapi_write() when mounting and operating on crafted xfs image allows denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10323.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2018-10876","severity":"low","public_date":"2018-04-16T00:00:00Z","advisories":["RHSA-2019:0525"],"bugzilla":"1596773","bugzilla_description":"CVE-2018-10876 kernel: use-after-free in jbd2_journal_commit_transaction funtion","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["kernel-alt-0:4.14.0-115.6.1.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10876.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.0"},{"CVE":"CVE-2018-10877","severity":"low","public_date":"2018-04-16T00:00:00Z","advisories":["RHSA-2018:2948"],"bugzilla":"1596795","bugzilla_description":"CVE-2018-10877 kernel: out-of-bound access in ext4_ext_drop_refs function with a crafted ext4 image","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10877.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"5.2"},{"CVE":"CVE-2018-1108","severity":"low","public_date":"2018-04-12T00:00:00Z","advisories":[],"bugzilla":"1567306","bugzilla_description":"CVE-2018-1108 kernel: drivers: getrandom(2) unblocks too early after system boot","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1108.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2018-10322","severity":"low","public_date":"2018-04-12T00:00:00Z","advisories":["RHSA-2018:2948","RHSA-2018:3096","RHSA-2018:3083"],"bugzilla":"1571623","bugzilla_description":"CVE-2018-10322 kernel: Invalid pointer dereference in xfs_ilock_attr_map_shared() when mounting crafted xfs image allowing denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":["kernel-rt-0:3.10.0-957.rt56.910.el7","kernel-0:3.10.0-957.el7","kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10322.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2018-13093","severity":"low","public_date":"2018-04-12T00:00:00Z","advisories":["RHSA-2019:2029","RHSA-2019:2043"],"bugzilla":"1597766","bugzilla_description":"CVE-2018-13093 kernel: NULL pointer dereference in lookup_slow function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":["kernel-rt-0:3.10.0-1062.rt56.1022.el7","kernel-0:3.10.0-1062.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13093.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.0"},{"CVE":"CVE-2018-12928","severity":"low","public_date":"2018-04-12T00:00:00Z","advisories":[],"bugzilla":"1597826","bugzilla_description":"CVE-2018-12928 kernel: NULL pointer dereference in hfs_ext_read_extent in hfs.ko","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12928.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.0"},{"CVE":"CVE-2018-10840","severity":"moderate","public_date":"2018-04-11T00:00:00Z","advisories":["RHSA-2019:0162"],"bugzilla":"1582346","bugzilla_description":"CVE-2018-10840 kernel: Heap-based buffer overflow in fs/ext4/xattr.c:ext4_xattr_set_entry() with crafted ext4 image","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["kernel-alt-0:4.14.0-115.5.1.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10840.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"5.2"},{"CVE":"CVE-2018-9056","severity":"moderate","public_date":"2018-03-28T00:00:00Z","advisories":[],"bugzilla":"1561794","bugzilla_description":"CVE-2018-9056 hw: cpu: speculative execution branch predictor side-channel attack","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-226","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9056.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N","cvss3_score":"5.6"},{"CVE":"CVE-2018-1092","severity":"low","public_date":"2018-03-22T00:00:00Z","advisories":["RHSA-2018:2948","RHSA-2018:3096","RHSA-2018:3083"],"bugzilla":"1560777","bugzilla_description":"CVE-2018-1092 kernel: NULL pointer dereference in ext4/mballoc.c:ext4_process_freed_data() when mounting crafted ext4 image","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":["kernel-rt-0:3.10.0-957.rt56.910.el7","kernel-0:3.10.0-957.el7","kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1092.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2018-1093","severity":"low","public_date":"2018-03-22T00:00:00Z","advisories":[],"bugzilla":"1560782","bugzilla_description":"CVE-2018-1093 kernel: Out of bounds read in ext4/balloc.c:ext4_valid_block_bitmap() causes crash with crafted ext4 image","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1093.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2018-1094","severity":"low","public_date":"2018-03-22T00:00:00Z","advisories":["RHSA-2018:2948","RHSA-2018:3096","RHSA-2018:3083"],"bugzilla":"1560788","bugzilla_description":"CVE-2018-1094 kernel: NULL pointer dereference in ext4/xattr.c:ext4_xattr_inode_hash() causes crash with crafted ext4 image","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":["kernel-rt-0:3.10.0-957.rt56.910.el7","kernel-0:3.10.0-957.el7","kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1094.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2018-1095","severity":"low","public_date":"2018-03-22T00:00:00Z","advisories":["RHSA-2018:2948"],"bugzilla":"1560793","bugzilla_description":"CVE-2018-1095 kernel: out-of-bound access in fs/posix_acl.c:get_acl() causes crash with crafted ext4 image","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":["kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1095.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"5.2"},{"CVE":"CVE-2018-8781","severity":"important","public_date":"2018-03-21T00:00:00Z","advisories":["RHSA-2018:2948","RHSA-2018:3096","RHSA-2018:3083"],"bugzilla":"1571062","bugzilla_description":"CVE-2018-8781 kernel: Integer overflow in drivers/gpu/drm/udl/udl_fb.c:udl_fb_mmap() can allow attackers to execute code in kernel space","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":["kernel-rt-0:3.10.0-957.rt56.910.el7","kernel-0:3.10.0-957.el7","kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8781.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2018-8822","severity":"moderate","public_date":"2018-03-20T00:00:00Z","advisories":[],"bugzilla":"1558697","bugzilla_description":"CVE-2018-8822 kernel: Memory corruption in ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8822.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"6.4"},{"CVE":"CVE-2018-7995","severity":"low","public_date":"2018-03-09T00:00:00Z","advisories":[],"bugzilla":"1553911","bugzilla_description":"CVE-2018-7995 kernel: Race condition in the store_int_with_restart() function in cpu/mcheck/mce.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7995.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2018-7755","severity":"low","public_date":"2018-03-08T00:00:00Z","advisories":["RHSA-2019:2029","RHSA-2019:2043"],"bugzilla":"1553216","bugzilla_description":"CVE-2018-7755 kernel: Information exposure in fd_locked_ioctl function in drivers/block/floppy.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["kernel-rt-0:3.10.0-1062.rt56.1022.el7","kernel-0:3.10.0-1062.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7755.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2018-7757","severity":"low","public_date":"2018-03-08T00:00:00Z","advisories":["RHSA-2018:2948","RHSA-2018:3096","RHSA-2018:3083"],"bugzilla":"1553361","bugzilla_description":"CVE-2018-7757 kernel: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["kernel-rt-0:3.10.0-957.rt56.910.el7","kernel-0:3.10.0-957.el7","kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7757.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-18222","severity":"low","public_date":"2018-03-08T00:00:00Z","advisories":[],"bugzilla":"1553371","bugzilla_description":"CVE-2017-18222 kernel: Memory corruption in ethtool_get_strings function in hns driver","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18222.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.1"},{"CVE":"CVE-2018-10021","severity":null,"public_date":"2018-03-08T00:00:00Z","advisories":[],"bugzilla":"1566407","bugzilla_description":"CVE-2018-10021 kernel: ata qc leak in drivers/scsi/libsas/sas_scsi_host.c allows local users to cause denial-of-service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-772","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10021.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.0"},{"CVE":"CVE-2017-18221","severity":"moderate","public_date":"2018-03-07T00:00:00Z","advisories":[],"bugzilla":"1552849","bugzilla_description":"CVE-2017-18221 kernel: Race condition in __munlock_pagevec function in mm/mlock.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18221.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2018-7740","severity":"low","public_date":"2018-03-07T00:00:00Z","advisories":["RHSA-2018:3096","RHSA-2018:3083"],"bugzilla":"1552867","bugzilla_description":"CVE-2018-7740 kernel: Denial of service in resv_map_release function in mm/hugetlb.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["kernel-rt-0:3.10.0-957.rt56.910.el7","kernel-0:3.10.0-957.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7740.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2018-1130","severity":"moderate","public_date":"2018-03-07T00:00:00Z","advisories":["RHSA-2018:3096","RHSA-2018:3083","RHSA-2018:1854"],"bugzilla":"1576419","bugzilla_description":"CVE-2018-1130 kernel: a null pointer dereference in net/dccp/output.c:dccp_write_xmit() leads to a system crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":["kernel-rt-0:3.10.0-957.rt56.910.el7","kernel-0:2.6.32-754.el6","kernel-0:3.10.0-957.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1130.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-18202","severity":"important","public_date":"2018-02-27T00:00:00Z","advisories":["RHSA-2018:2772"],"bugzilla":"1549621","bugzilla_description":"CVE-2017-18202 kernel: Infoleak/use-after-free in __oom_reap_task_mm function in mm/oom_kill.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["kernel-alt-0:4.14.0-49.13.1.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18202.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2018-7480","severity":"moderate","public_date":"2018-02-25T00:00:00Z","advisories":[],"bugzilla":"1549427","bugzilla_description":"CVE-2018-7480 kernel: Double free in block/blk-cgroup.c:blkcg_init_queue() can allow a local user to cause a denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7480.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2017-18193","severity":"low","public_date":"2018-02-22T00:00:00Z","advisories":[],"bugzilla":"1549421","bugzilla_description":"CVE-2017-18193 kernel: Mishandled extent trees in fs/f2fs/extent_cache.c can allow a local user to cause a denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-391","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18193.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-7273","severity":"low","public_date":"2018-02-20T00:00:00Z","advisories":[],"bugzilla":"1547384","bugzilla_description":"CVE-2018-7273 kernel: Kernel address information leak in drivers/block/floppy.c:show_floppy function potentially allowing KASLR bypass","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7273.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"2.5"},{"CVE":"CVE-2018-6927","severity":"low","public_date":"2018-02-12T00:00:00Z","advisories":["RHSA-2018:1062","RHSA-2018:0676","RHSA-2018:0654"],"bugzilla":"1544612","bugzilla_description":"CVE-2018-6927 kernel: Integer overflow in futex.c:futux_requeue can lead to denial of service or unspecified impact","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":["kernel-rt-0:3.10.0-862.rt56.804.el7","kernel-alt-0:4.14.0-49.el7a","kernel-0:3.10.0-862.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6927.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-6791","severity":"moderate","public_date":"2018-02-08T00:00:00Z","advisories":[],"bugzilla":"1543457","bugzilla_description":"CVE-2018-6791 kde-runtime: Arbitrary command execution in the removable device notifier","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-138","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6791.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.8"},{"CVE":"CVE-2018-1065","severity":"moderate","public_date":"2018-02-04T00:00:00Z","advisories":["RHSA-2018:2948"],"bugzilla":"1547824","bugzilla_description":"CVE-2018-1065 kernel: netfilter: xtables NULL pointer dereference in ip6_tables.c:ip6t_do_table() leading to a crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":["kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1065.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-6412","severity":"low","public_date":"2018-01-31T00:00:00Z","advisories":[],"bugzilla":"1541240","bugzilla_description":"CVE-2018-6412 kernel: Incorrect integer signedness in sbuslibc:sbusfb_ioctl_helper() allows for information leakage","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-194","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6412.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2017-16911","severity":"low","public_date":"2018-01-31T00:00:00Z","advisories":[],"bugzilla":"1541876","bugzilla_description":"CVE-2017-16911 kernel: vhci_cd driver in usbip/vhci_sysfs.c:port_show_vhci() discloses kernel memory addresses to local attackers","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-214","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16911.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2018-11232","severity":"low","public_date":"2018-01-23T00:00:00Z","advisories":[],"bugzilla":"1580583","bugzilla_description":"CVE-2018-11232 kernel: coresight: kernel panic caused by invalid CPU","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-665","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11232.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-8087","severity":"low","public_date":"2018-01-18T00:00:00Z","advisories":["RHSA-2019:2029","RHSA-2019:2043"],"bugzilla":"1555145","bugzilla_description":"CVE-2018-8087 kernel: Memory leak in drivers/net/wireless/mac80211_hwsim.c:hwsim_new_radio_nl() can lead to potential denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["kernel-rt-0:3.10.0-1062.rt56.1022.el7","kernel-0:3.10.0-1062.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8087.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-18174","severity":"moderate","public_date":"2018-01-17T00:00:00Z","advisories":[],"bugzilla":"1544482","bugzilla_description":"CVE-2017-18174 kernel: Double free vulnerability in drivers/pinctrl/pinctrl-amd.c:amd_gpio_remove() function can lead to kernel panic","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18174.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2018-1000026","severity":"moderate","public_date":"2018-01-12T00:00:00Z","advisories":["RHSA-2018:2948","RHSA-2018:3096","RHSA-2018:3083"],"bugzilla":"1541846","bugzilla_description":"CVE-2018-1000026 kernel: Improper validation in bnx2x network card driver can allow for denial of service attacks via crafted packet","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["kernel-rt-0:3.10.0-957.rt56.910.el7","kernel-0:3.10.0-957.el7","kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000026.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H","cvss3_score":"5.8"},{"CVE":"CVE-2018-8043","severity":"low","public_date":"2018-01-11T00:00:00Z","advisories":[],"bugzilla":"1554199","bugzilla_description":"CVE-2018-8043 kernel: NULL pointer dereference in drivers/net/phy/mdio-bcm-unimac.c:unimac_mdio_probe() can lead to denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-252->CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8043.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.1"},{"CVE":"CVE-2018-5344","severity":"moderate","public_date":"2018-01-06T00:00:00Z","advisories":["RHSA-2018:2948","RHSA-2018:3096","RHSA-2018:3083"],"bugzilla":"1533909","bugzilla_description":"CVE-2018-5344 kernel: drivers/block/loop.c mishandles lo_release serialization allowing denial-of-service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["kernel-rt-0:3.10.0-957.rt56.910.el7","kernel-0:3.10.0-957.el7","kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5344.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2018-10074","severity":"moderate","public_date":"2018-01-04T00:00:00Z","advisories":[],"bugzilla":"1567822","bugzilla_description":"CVE-2018-10074 kernel: Null pointer dereference in drivers/clk/hisilicon/clk-hi3660-stub.c:hi3660_stub_clk_probe() allows local users to cause denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10074.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2018-5703","severity":"moderate","public_date":"2018-01-03T00:00:00Z","advisories":[],"bugzilla":"1535110","bugzilla_description":"CVE-2018-5703 kernel: net/ipv6/tcp_ipv6.c:tcp_v6_syn_recv_sock function allows attackers to cause a denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5703.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-13220","severity":"moderate","public_date":"2018-01-02T00:00:00Z","advisories":[],"bugzilla":"1536155","bugzilla_description":"CVE-2017-13220 kernel: Possible out-of-bound access in Bluetooth subsystem","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-843","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13220.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"5.3"},{"CVE":"CVE-2017-17864","severity":"low","public_date":"2017-12-23T00:00:00Z","advisories":[],"bugzilla":"1529120","bugzilla_description":"CVE-2017-17864 kernel: information disclosure via pointer leak in kernel/bpf/verifier.c","cvss_score":5.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:C","CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17864.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H","cvss3_score":"6.2"},{"CVE":"CVE-2017-17863","severity":"moderate","public_date":"2017-12-23T00:00:00Z","advisories":[],"bugzilla":"1529123","bugzilla_description":"CVE-2017-17863 kernel: integer overflow in static int check_alu_op function in bpf/verifier.c","cvss_score":5.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:C","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17863.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H","cvss3_score":"6.2"},{"CVE":"CVE-2017-17862","severity":"low","public_date":"2017-12-23T00:00:00Z","advisories":[],"bugzilla":"1529124","bugzilla_description":"CVE-2017-17862 kernel: Improper logic pruning in bpf/verifier.c","cvss_score":5.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:C","CWE":"CWE-561","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17862.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2017-16996","severity":"important","public_date":"2017-12-22T00:00:00Z","advisories":[],"bugzilla":"1528516","bugzilla_description":"CVE-2017-16996 kernel: memory corruption caused by BPF verifier bugs can allow for arbitrary code execution","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16996.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2017-17852","severity":"moderate","public_date":"2017-12-21T00:00:00Z","advisories":[],"bugzilla":"1530269","bugzilla_description":"CVE-2017-17852 kernel: bpf/verifier.c allows local users to cause a denial of service by leveraging mishandling of 32-bit ALU ops","cvss_score":5.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:C","CWE":"CWE-682","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17852.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H","cvss3_score":"6.2"},{"CVE":"CVE-2017-18075","severity":"moderate","public_date":"2017-12-20T00:00:00Z","advisories":["RHSA-2018:2948"],"bugzilla":"1539508","bugzilla_description":"CVE-2017-18075 kernel: Mishandled freeing of instances in pcrypt.c can allow a local user to cause a denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-628","affected_packages":["kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18075.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-17853","severity":"moderate","public_date":"2017-12-19T00:00:00Z","advisories":[],"bugzilla":"1530270","bugzilla_description":"CVE-2017-17853 kernel: bpf/verifier.c allows local users to cause a denial of service by leveraging incorrect BPF_RSH signed bounds calculations","cvss_score":5.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:C","CWE":"CWE-682","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17853.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H","cvss3_score":"6.2"},{"CVE":"CVE-2017-17854","severity":"moderate","public_date":"2017-12-19T00:00:00Z","advisories":[],"bugzilla":"1530271","bugzilla_description":"CVE-2017-17854 kernel: bpf/verifier.c allows local users to cause a denial of service by leveraging unrestricted integer values for pointer arithmetic","cvss_score":5.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:C","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17854.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H","cvss3_score":"6.2"},{"CVE":"CVE-2017-17855","severity":"moderate","public_date":"2017-12-19T00:00:00Z","advisories":[],"bugzilla":"1530272","bugzilla_description":"CVE-2017-17855 kernel: bpf/verifier.c allows local users to cause a denial of service by leveraging improper use of pointers in place of scalars","cvss_score":5.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:C","CWE":"CWE-822","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17855.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H","cvss3_score":"6.2"},{"CVE":"CVE-2017-17856","severity":"moderate","public_date":"2017-12-19T00:00:00Z","advisories":[],"bugzilla":"1530273","bugzilla_description":"CVE-2017-17856 kernel: bpf/verifier.c allows local users to cause a denial of service by leveraging the lack of stack-pointer alignment enforcement","cvss_score":5.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:C","CWE":"CWE-822","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17856.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H","cvss3_score":"6.2"},{"CVE":"CVE-2017-17857","severity":"moderate","public_date":"2017-12-19T00:00:00Z","advisories":[],"bugzilla":"1530274","bugzilla_description":"CVE-2017-17857 kernel: bpf/verifier.c allows local users to cause a denial of service by leveraging mishandling of invalid variable stack read operations","cvss_score":5.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:C","CWE":"CWE-822","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17857.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H","cvss3_score":"6.2"},{"CVE":"CVE-2017-15129","severity":"moderate","public_date":"2017-12-19T00:00:00Z","advisories":["RHSA-2018:1062","RHSA-2018:0676","RHSA-2018:0654","RHSA-2019:1946"],"bugzilla":"1531174","bugzilla_description":"CVE-2017-15129 kernel: net: double-free and memory corruption in get_net_ns_by_id()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":["kernel-0:3.10.0-693.55.1.el7","kernel-rt-0:3.10.0-862.rt56.804.el7","kernel-alt-0:4.14.0-49.el7a","kernel-0:3.10.0-862.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15129.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"6.1"},{"CVE":"CVE-2018-5750","severity":"moderate","public_date":"2017-12-19T00:00:00Z","advisories":["RHSA-2018:1062","RHSA-2018:2948","RHSA-2018:0676"],"bugzilla":"1539706","bugzilla_description":"CVE-2018-5750 kernel: Kernel address information leak in drivers/acpi/sbshc.c:acpi_smbus_hc_add() function potentially allowing KASLR bypass","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["kernel-rt-0:3.10.0-862.rt56.804.el7","kernel-0:3.10.0-862.el7","kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5750.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2017-17741","severity":"low","public_date":"2017-12-11T00:00:00Z","advisories":[],"bugzilla":"1527112","bugzilla_description":"CVE-2017-17741 kernel: kvm: stack-based out-of-bounds read via vmcall instruction","cvss_score":2.3,"cvss_scoring_vector":"AV:A/AC:M/Au:S/C:P/I:N/A:N","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17741.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N","cvss3_score":"4.1"},{"CVE":"CVE-2017-16912","severity":"moderate","public_date":"2017-12-11T00:00:00Z","advisories":[],"bugzilla":"1541883","bugzilla_description":"CVE-2017-16912 kernel: Out-of-bounds read in usbip/stub_rx.c:get_pipe() allows attackers to cause a denial of service via crafted USB over IP packet","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16912.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2017-17712","severity":"important","public_date":"2017-12-10T00:00:00Z","advisories":["RHSA-2018:0502"],"bugzilla":"1526427","bugzilla_description":"CVE-2017-17712 kernel: Race condition in raw_sendmsg function allows denial-of-service or kernel addresses leak","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":["kernel-alt-0:4.11.0-44.6.1.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17712.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2017-15127","severity":"low","public_date":"2017-12-08T00:00:00Z","advisories":["RHSA-2018:1062","RHSA-2018:0676"],"bugzilla":"1525218","bugzilla_description":"CVE-2017-15127 kernel: Improper error handling of VM_SHARED hugetlbfs mapping in mm/hugetlb.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-460","affected_packages":["kernel-rt-0:3.10.0-862.rt56.804.el7","kernel-0:3.10.0-862.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15127.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2017-15128","severity":"moderate","public_date":"2017-12-08T00:00:00Z","advisories":[],"bugzilla":"1525222","bugzilla_description":"CVE-2017-15128 kernel: Out of bound access in hugetlb_mcopy_atomic_pte function in mm/hugetlb.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15128.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2017-17807","severity":"moderate","public_date":"2017-12-08T00:00:00Z","advisories":["RHSA-2020:1070","RHSA-2020:1016"],"bugzilla":"1528335","bugzilla_description":"CVE-2017-17807 kernel: Missing permissions check for request_key() destination allows local attackers to add keys to keyring without Write permission","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-862","affected_packages":["kernel-rt-0:3.10.0-1127.rt56.1093.el7","kernel-0:3.10.0-1127.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17807.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2017-18232","severity":"low","public_date":"2017-12-08T00:00:00Z","advisories":["RHSA-2018:3096","RHSA-2018:3083"],"bugzilla":"1558066","bugzilla_description":"CVE-2017-18232 kernel: Mishandling mutex within libsas allowing local Denial of Service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-833","affected_packages":["kernel-rt-0:3.10.0-957.rt56.910.el7","kernel-0:3.10.0-957.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18232.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L","cvss3_score":"3.1"},{"CVE":"CVE-2017-16914","severity":"moderate","public_date":"2017-12-07T00:00:00Z","advisories":[],"bugzilla":"1541282","bugzilla_description":"CVE-2017-16914 kernel: NULL pointer dereference in usb/usbip/stub_tx.c:stub_send_ret_submit() can lead to denial of service via crafted USB over IP packet","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16914.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2017-16913","severity":"moderate","public_date":"2017-12-07T00:00:00Z","advisories":[],"bugzilla":"1541888","bugzilla_description":"CVE-2017-16913 kernel: Improper validation in usbip/stub_rx.c:stub_recv_cmd_submit() allows for denial of service via crafted USB over IP CMD_SUBMIT packet","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16913.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-7492","severity":"moderate","public_date":"2017-12-06T00:00:00Z","advisories":[],"bugzilla":"1527393","bugzilla_description":"CVE-2018-7492 kernel: Null pointer dereference in net/rds/rdma.c:__rds_rdma_map() allowing local attackers to cause denial-of-service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7492.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-15121","severity":"moderate","public_date":"2017-12-05T00:00:00Z","advisories":["RHSA-2018:1062","RHSA-2018:0676","RHSA-2018:1854"],"bugzilla":"1520893","bugzilla_description":"CVE-2017-15121 kernel: vfs: BUG in truncate_inode_pages_range() and fuse client","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["kernel-rt-0:3.10.0-862.rt56.804.el7","kernel-0:2.6.32-754.el6","kernel-0:3.10.0-862.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15121.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-15126","severity":"moderate","public_date":"2017-12-05T00:00:00Z","advisories":["RHSA-2018:1062","RHSA-2018:0676"],"bugzilla":"1523481","bugzilla_description":"CVE-2017-15126 kernel: Use-after-free in userfaultfd_event_wait_completion function in userfaultfd.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["kernel-rt-0:3.10.0-862.rt56.804.el7","kernel-0:3.10.0-862.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15126.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2017-17450","severity":"low","public_date":"2017-12-05T00:00:00Z","advisories":[],"bugzilla":"1525761","bugzilla_description":"CVE-2017-17450 kernel: Unchecked capabilities in net/netfilter/xt_osf.c allows for unprivileged modification to systemwide fingerprint list","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17450.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2017-0861","severity":"moderate","public_date":"2017-12-05T00:00:00Z","advisories":["RHSA-2018:3096","RHSA-2020:0036","RHSA-2018:3083","RHSA-2018:2390"],"bugzilla":"1563994","bugzilla_description":"CVE-2017-0861 kernel: Use-after-free in snd_pcm_info function in ALSA subsystem potentially leads to privilege escalation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["kernel-rt-0:3.10.0-957.rt56.910.el7","kernel-0:2.6.32-754.3.5.el6","kernel-0:3.10.0-957.el7","kernel-0:3.10.0-862.46.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0861.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2017-17448","severity":"moderate","public_date":"2017-12-03T00:00:00Z","advisories":["RHSA-2018:1062","RHSA-2018:0676","RHSA-2018:0654"],"bugzilla":"1525768","bugzilla_description":"CVE-2017-17448 kernel: Missing capabilities check in net/netfilter/nfnetlink_cthelper.c allows for unprivileged access to systemwide nfnl_cthelper_list structure","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":["kernel-rt-0:3.10.0-862.rt56.804.el7","kernel-alt-0:4.14.0-49.el7a","kernel-0:3.10.0-862.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17448.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2018-5848","severity":"moderate","public_date":"2017-12-02T00:00:00Z","advisories":["RHSA-2018:2948","RHSA-2018:3096","RHSA-2018:3083"],"bugzilla":"1590799","bugzilla_description":"CVE-2018-5848 kernel: buffer overflow in drivers/net/wireless/ath/wil6210/wmi.c:wmi_set_ie() may lead to memory corruption","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["kernel-rt-0:3.10.0-957.rt56.910.el7","kernel-0:3.10.0-957.el7","kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5848.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"5.3"},{"CVE":"CVE-2017-1000405","severity":"important","public_date":"2017-11-30T00:00:00Z","advisories":["RHSA-2018:0180"],"bugzilla":"1516514","bugzilla_description":"CVE-2017-1000405 kernel: pmd can become dirty without going through a COW cycle","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":["kernel-alt-0:4.11.0-44.4.1.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000405.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L","cvss3_score":"6.1"},{"CVE":"CVE-2017-17805","severity":"moderate","public_date":"2017-11-29T00:00:00Z","advisories":["RHSA-2018:2948","RHSA-2018:3096","RHSA-2019:2473","RHSA-2018:3083"],"bugzilla":"1528312","bugzilla_description":"CVE-2017-17805 kernel: Salsa20 encryption algorithm does not correctly handle zero-length inputs allowing local attackers to cause denial-of-service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["kernel-rt-0:3.10.0-957.rt56.910.el7","kernel-0:2.6.32-754.18.2.el6","kernel-0:3.10.0-957.el7","kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17805.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-17806","severity":"moderate","public_date":"2017-11-29T00:00:00Z","advisories":["RHSA-2018:2948"],"bugzilla":"1528323","bugzilla_description":"CVE-2017-17806 kernel: HMAC implementation does not validate that the underlying cryptographic hash algorithm is unkeyed allowing local attackers to cause denial-of-service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-391","affected_packages":["kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17806.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-17975","severity":"low","public_date":"2017-11-19T00:00:00Z","advisories":[],"bugzilla":"1531142","bugzilla_description":"CVE-2017-17975 kernel: use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17975.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L","cvss3_score":"3.5"},{"CVE":"CVE-2017-18216","severity":"moderate","public_date":"2017-11-16T00:00:00Z","advisories":[],"bugzilla":"1551992","bugzilla_description":"CVE-2017-18216 kernel: Null pointer dereference in fs/ocfs2/cluster/nodemanager.c allows local users to cause denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18216.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-16994","severity":"moderate","public_date":"2017-11-15T00:00:00Z","advisories":["RHSA-2018:0502"],"bugzilla":"1518155","bugzilla_description":"CVE-2017-16994 kernel: mm/pagewalk.c:walk_hugetlb_range function mishandles holes in hugetlb ranges causing information leak","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["kernel-alt-0:4.11.0-44.6.1.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16994.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2017-18204","severity":"moderate","public_date":"2017-11-15T00:00:00Z","advisories":[],"bugzilla":"1550818","bugzilla_description":"CVE-2017-18204 kernel: Deadlock caused in fs/ocfs2/file.c:ocfs2_setattr() can allow local users to cause a denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-667->CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18204.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-18224","severity":"moderate","public_date":"2017-11-15T00:00:00Z","advisories":[],"bugzilla":"1557555","bugzilla_description":"CVE-2017-18224 kernel: race condition due to concurrent access to extent tree in fs/ocfs2/aops.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18224.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-16650","severity":"low","public_date":"2017-11-06T00:00:00Z","advisories":[],"bugzilla":"1516265","bugzilla_description":"CVE-2017-16650 kernel: Divide-by-zero in drivers/net/usb/qmi_wwan.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-369","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16650.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2017-16649","severity":"low","public_date":"2017-11-06T00:00:00Z","advisories":[],"bugzilla":"1516267","bugzilla_description":"CVE-2017-16649 kernel: Divide-by-zero in drivers/net/usb/cdc_ether.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-369","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16649.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2017-18203","severity":"moderate","public_date":"2017-11-01T00:00:00Z","advisories":["RHSA-2018:1062","RHSA-2018:0676","RHSA-2018:1854","RHSA-2019:4154"],"bugzilla":"1550811","bugzilla_description":"CVE-2017-18203 kernel: Race condition in drivers/md/dm.c:dm_get_from_kobject() allows local users to cause a denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362->CWE-400","affected_packages":["kernel-rt-0:3.10.0-862.rt56.804.el7","kernel-0:2.6.32-754.el6","kernel-0:3.10.0-862.el7","kernel-alt-0:4.14.0-115.16.1.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18203.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2017-16645","severity":"low","public_date":"2017-10-28T00:00:00Z","advisories":[],"bugzilla":"1516235","bugzilla_description":"CVE-2017-16645 kernel: Out-of-bounds read in drivers/input/misc/ims-pcu.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16645.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2017-16643","severity":"low","public_date":"2017-10-24T00:00:00Z","advisories":[],"bugzilla":"1516232","bugzilla_description":"CVE-2017-16643 kernel: Out-of-bounds read in drivers/input/tablet/gtco.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16643.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2017-16648","severity":"moderate","public_date":"2017-10-23T00:00:00Z","advisories":["RHSA-2018:2948"],"bugzilla":"1516257","bugzilla_description":"CVE-2017-16648 kernel: Use-after-free in drivers/media/dvb-core/dvb_frontend.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["kernel-alt-0:4.14.0-115.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16648.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2017-16646","severity":"low","public_date":"2017-10-22T00:00:00Z","advisories":[],"bugzilla":"1516272","bugzilla_description":"CVE-2017-16646 kernel: BUG in drivers/media/usb/dvb-usb/dib0700_devices.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16646.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2017-15951","severity":"moderate","public_date":"2017-10-18T00:00:00Z","advisories":[],"bugzilla":"1507539","bugzilla_description":"CVE-2017-15951 kernel: Race condition in the KEYS subsystem","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15951.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-16535","severity":"low","public_date":"2017-10-18T00:00:00Z","advisories":[],"bugzilla":"1510823","bugzilla_description":"CVE-2017-16535 kernel: out-of-bounds read in usb_get_bos_descriptor function in drivers/usb/core/config.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16535.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2017-15115","severity":"low","public_date":"2017-10-17T00:00:00Z","advisories":[],"bugzilla":"1513345","bugzilla_description":"CVE-2017-15115 kernel: use-after-free in sctp_cmp_addr_exact","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15115.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2017-15537","severity":"moderate","public_date":"2017-10-17T00:00:00Z","advisories":[],"bugzilla":"1529302","bugzilla_description":"CVE-2017-15537 kernel: Information leak of x86 FPU registers","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15537.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.1"},{"CVE":"CVE-2017-5123","severity":"important","public_date":"2017-10-12T00:00:00Z","advisories":[],"bugzilla":"1500094","bugzilla_description":"CVE-2017-5123 kernel: Missing access_ok() checks in waitid()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-391","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5123.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2017-12188","severity":"important","public_date":"2017-10-10T00:00:00Z","advisories":["RHSA-2018:0412","RHSA-2018:0395"],"bugzilla":"1500380","bugzilla_description":"CVE-2017-12188 Kernel: KVM: MMU potential stack buffer overrun during page walks","cvss_score":6.5,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:C/I:C/A:C","CWE":"CWE-121","affected_packages":["kernel-0:3.10.0-693.21.1.el7","kernel-rt-0:3.10.0-693.21.1.rt56.639.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12188.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H","cvss3_score":"7.6"},{"CVE":"CVE-2017-16527","severity":"low","public_date":"2017-10-10T00:00:00Z","advisories":[],"bugzilla":"1510828","bugzilla_description":"CVE-2017-16527 kernel: Use-after-free in snd_usb_mixer_interrupt","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16527.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2017-16647","severity":"low","public_date":"2017-10-10T00:00:00Z","advisories":[],"bugzilla":"1516270","bugzilla_description":"CVE-2017-16647 kernel: NULL pointer dereference in drivers/net/usb/asix_devices.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16647.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2017-1000255","severity":"moderate","public_date":"2017-10-09T00:00:00Z","advisories":["RHSA-2018:0654"],"bugzilla":"1498067","bugzilla_description":"CVE-2017-1000255 kernel: Arbitrary stack overwrite causing oops via crafted signal frame","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":["kernel-alt-0:4.14.0-49.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000255.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"6.1"},{"CVE":"CVE-2017-16537","severity":"low","public_date":"2017-10-09T00:00:00Z","advisories":[],"bugzilla":"1510825","bugzilla_description":"CVE-2017-16537 kernel: NULL pointer dereference in imon_probe function in drivers/media/rc/imon.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16537.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2017-16525","severity":"low","public_date":"2017-10-04T00:00:00Z","advisories":[],"bugzilla":"1510799","bugzilla_description":"CVE-2017-16525 kernel: Use-after-free in usb_serial_console_disconnect()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16525.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2017-18200","severity":"moderate","public_date":"2017-10-01T00:00:00Z","advisories":[],"bugzilla":"1549586","bugzilla_description":"CVE-2017-18200 kernel: mishandling reference counts associated with f2fs_wait_discard_bios calls allowing local attacker to cause denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-617","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18200.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-14954","severity":"low","public_date":"2017-09-29T00:00:00Z","advisories":[],"bugzilla":"1497745","bugzilla_description":"CVE-2017-14954 kernel: Info leak in kernel_waitid()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14954.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2017-16532","severity":"low","public_date":"2017-09-29T00:00:00Z","advisories":[],"bugzilla":"1510835","bugzilla_description":"CVE-2017-16532 kernel: Null pointer dereference in get_endpoints function in drivers/usb/misc/usbtest.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16532.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2017-16533","severity":"low","public_date":"2017-09-28T00:00:00Z","advisories":[],"bugzilla":"1510836","bugzilla_description":"CVE-2017-16533 kernel: out-of-bounds read in usbhid_parse function in drivers/hid/usbhid/hid-core.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16533.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2017-15299","severity":"moderate","public_date":"2017-09-27T00:00:00Z","advisories":["RHSA-2018:0654"],"bugzilla":"1498016","bugzilla_description":"CVE-2017-15299 kernel: Incorrect updates of uninstantiated keys crash the kernel","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":["kernel-alt-0:4.14.0-49.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15299.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-16538","severity":"low","public_date":"2017-09-26T00:00:00Z","advisories":[],"bugzilla":"1510826","bugzilla_description":"CVE-2017-16538 kernel: general protection fault in drivers/media/usb/dvb-usb-v2/lmedm04.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-391","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16538.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2017-16529","severity":"low","public_date":"2017-09-22T00:00:00Z","advisories":[],"bugzilla":"1510831","bugzilla_description":"CVE-2017-16529 kernel: out-of-bounds read in snd_usb_create_streams","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16529.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2017-16530","severity":"low","public_date":"2017-09-22T00:00:00Z","advisories":[],"bugzilla":"1510832","bugzilla_description":"CVE-2017-16530 kernel: out-of-bounds read in drivers/usb/storage/uas-detect{.h,.c}","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16530.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2017-16534","severity":"low","public_date":"2017-09-21T00:00:00Z","advisories":[],"bugzilla":"1510822","bugzilla_description":"CVE-2017-16534 kernel: out-of-bounds read in cdc_parse_cdc_header function in drivers/usb/core/message.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16534.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2017-16536","severity":"low","public_date":"2017-09-21T00:00:00Z","advisories":[],"bugzilla":"1510824","bugzilla_description":"CVE-2017-16536 kernel: Null pointer dereference in cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-cards.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16536.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2017-16644","severity":"low","public_date":"2017-09-21T00:00:00Z","advisories":[],"bugzilla":"1516273","bugzilla_description":"CVE-2017-16644 kernel: Improper error handling in drivers/media/usb/hdpvr/hdpvr-core.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16644.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2017-16531","severity":"low","public_date":"2017-09-19T00:00:00Z","advisories":[],"bugzilla":"1510833","bugzilla_description":"CVE-2017-16531 kernel: out-of-bounds read in drivers/usb/core/config.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16531.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2017-1000252","severity":"moderate","public_date":"2017-09-15T00:00:00Z","advisories":["RHSA-2018:1062","RHSA-2018:0676","RHSA-2018:1130"],"bugzilla":"1490781","bugzilla_description":"CVE-2017-1000252 kernel: kvm: Reachable BUG() on out-of-bounds guest IRQ","cvss_score":4.3,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:N/I:N/A:C","CWE":"CWE-617","affected_packages":["kernel-rt-0:3.10.0-862.rt56.804.el7","kernel-0:3.10.0-862.el7","kernel-0:3.10.0-693.25.2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000252.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H","cvss3_score":"5.4"},{"CVE":"CVE-2017-14991","severity":"moderate","public_date":"2017-09-15T00:00:00Z","advisories":[],"bugzilla":"1500366","bugzilla_description":"CVE-2017-14991 kernel: Information leak in the scsi driver","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-456","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14991.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2017-16526","severity":"low","public_date":"2017-09-14T00:00:00Z","advisories":[],"bugzilla":"1510827","bugzilla_description":"CVE-2017-16526 kernel: General protection fault in drivers/uwb/uwbd.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-253","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16526.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2017-12153","severity":"low","public_date":"2017-09-13T00:00:00Z","advisories":[],"bugzilla":"1491046","bugzilla_description":"CVE-2017-12153 kernel: null pointer dereference in nl80211_set_rekey_data()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12153.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.4"},{"CVE":"CVE-2018-1091","severity":"moderate","public_date":"2017-09-13T00:00:00Z","advisories":["RHSA-2018:1318"],"bugzilla":"1558149","bugzilla_description":"CVE-2018-1091 kernel: guest kernel crash during core dump on POWER9 host","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-391","affected_packages":["kernel-0:3.10.0-862.2.3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1091.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2017-12154","severity":"important","public_date":"2017-09-12T00:00:00Z","advisories":["RHSA-2018:1062","RHSA-2018:0676","RHSA-2019:1946"],"bugzilla":"1491224","bugzilla_description":"CVE-2017-12154 Kernel: kvm: nVMX: L2 guest could access hardware(L0) CR8 register","cvss_score":4.3,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:N/I:N/A:C","CWE":"CWE-284","affected_packages":["kernel-0:3.10.0-693.55.1.el7","kernel-rt-0:3.10.0-862.rt56.804.el7","kernel-0:3.10.0-862.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12154.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H","cvss3_score":"5.8"},{"CVE":"CVE-2017-16528","severity":"moderate","public_date":"2017-09-12T00:00:00Z","advisories":[],"bugzilla":"1510830","bugzilla_description":"CVE-2017-16528 kernel: use-after-free in snd_rawmidi_dev_seq_free","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16528.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"6.8"},{"CVE":"CVE-2017-14051","severity":"moderate","public_date":"2017-08-30T00:00:00Z","advisories":[],"bugzilla":"1487126","bugzilla_description":"CVE-2017-14051 kernel: Integer overflow in the qla2x00_sysfs_write_optrom_ctl function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14051.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-14497","severity":"moderate","public_date":"2017-08-28T00:00:00Z","advisories":[],"bugzilla":"1492593","bugzilla_description":"CVE-2017-14497 kernel: buffer overflow in tpacket_rcv() in net/packet/af_packet.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14497.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H","cvss3_score":"6.0"},{"CVE":"CVE-2017-15116","severity":"low","public_date":"2017-08-28T00:00:00Z","advisories":["RHSA-2018:1062","RHSA-2018:0676"],"bugzilla":"1514609","bugzilla_description":"CVE-2017-15116 kernel: Null pointer dereference in rngapi_reset function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["kernel-rt-0:3.10.0-862.rt56.804.el7","kernel-0:3.10.0-862.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15116.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14489","severity":"moderate","public_date":"2017-08-27T00:00:00Z","advisories":[],"bugzilla":"1490421","bugzilla_description":"CVE-2017-14489 kernel: scsi: nlmsg is not properly parsed in iscsi_if_rx function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14489.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-17052","severity":"moderate","public_date":"2017-08-26T00:00:00Z","advisories":[],"bugzilla":"1518632","bugzilla_description":"CVE-2017-17052 kernel: use-after-free in kernel/fork.c:mm_init function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17052.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"6.1"},{"CVE":"CVE-2017-17053","severity":"moderate","public_date":"2017-08-24T00:00:00Z","advisories":[],"bugzilla":"1518638","bugzilla_description":"CVE-2017-17053 kernel: Incorrect handling in arch/x86/include/asm/mmu_context.h:init_new_context function allowing use-after-free","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-252->CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17053.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2017-14140","severity":"low","public_date":"2017-08-20T00:00:00Z","advisories":["RHSA-2018:1062","RHSA-2018:0676"],"bugzilla":"1488329","bugzilla_description":"CVE-2017-14140 kernel: Missing permission check in move_pages system call","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-863","affected_packages":["kernel-rt-0:3.10.0-862.rt56.804.el7","kernel-0:3.10.0-862.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14140.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2017-13686","severity":"moderate","public_date":"2017-08-16T00:00:00Z","advisories":[],"bugzilla":"1485265","bugzilla_description":"CVE-2017-13686 kernel: NULL pointer dereference due to late check for a NULL fi field when RTM_F_FIB_MATCH is set","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13686.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-1000111","severity":"moderate","public_date":"2017-08-10T00:00:00Z","advisories":["RHSA-2017:2930","RHSA-2017:2931","RHSA-2017:2918","RHSA-2017:3200"],"bugzilla":"1479304","bugzilla_description":"CVE-2017-1000111 kernel: Heap out-of-bounds read in AF_PACKET sockets","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":["kernel-rt-0:3.10.0-693.5.2.rt56.626.el7","kernel-0:2.6.32-696.16.1.el6","kernel-rt-1:3.10.0-693.5.2.rt56.592.el6rt","kernel-0:3.10.0-693.5.2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000111.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"4.7"},{"CVE":"CVE-2017-18261","severity":"moderate","public_date":"2017-08-10T00:00:00Z","advisories":[],"bugzilla":"1569560","bugzilla_description":"CVE-2017-18261 kernel: Infinite recursion in arch/arm64/include/asm/arch_timer.h:arch_timer_reg_read_stable macro allows local users to cause denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-674","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18261.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-14156","severity":"low","public_date":"2017-08-03T00:00:00Z","advisories":[],"bugzilla":"1478018","bugzilla_description":"CVE-2017-14156 kernel: driver/video/fbdev/aty/atyfb_base.c: atyfb_ioctl() stack infoleak","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14156.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2017-12762","severity":"low","public_date":"2017-08-03T00:00:00Z","advisories":[],"bugzilla":"1481178","bugzilla_description":"CVE-2017-12762 kernel: Buffer overflow due to unbounded strcpy in ISDN I4L driver","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12762.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2014-9900","severity":"moderate","public_date":"2017-07-25T00:00:00Z","advisories":[],"bugzilla":"1481325","bugzilla_description":"CVE-2014-9900 kernel: Info leak in uninitialized structure ethtool_wolinfo in ethtool_get_wol()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9900.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2017-13693","severity":"moderate","public_date":"2017-07-19T00:00:00Z","advisories":[],"bugzilla":"1485346","bugzilla_description":"CVE-2017-13693 kernel: ACPI operand cache leak in dsutils.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13693.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2017-13695","severity":"moderate","public_date":"2017-07-19T00:00:00Z","advisories":[],"bugzilla":"1485349","bugzilla_description":"CVE-2017-13695 kernel: ACPI operand cache leak in nseval.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13695.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2017-11473","severity":"low","public_date":"2017-07-18T00:00:00Z","advisories":["RHSA-2018:0654"],"bugzilla":"1473209","bugzilla_description":"CVE-2017-11473 kernel: Buffer overflow in mp_override_legacy_irq()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":["kernel-alt-0:4.14.0-49.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11473.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.4"},{"CVE":"CVE-2018-10087","severity":"moderate","public_date":"2017-07-11T00:00:00Z","advisories":[],"bugzilla":"1568011","bugzilla_description":"CVE-2018-10087 kernel: Undefined behavior in kernel/exit.c:kernel_wait4() function allows local denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10087.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N"},{"CVE":"CVE-2018-10124","severity":"moderate","public_date":"2017-07-11T00:00:00Z","advisories":[],"bugzilla":"1568205","bugzilla_description":"CVE-2018-10124 kernel: Undefined behaviour with INT_MIN argument in kernel/signal.c:kill_something_info() allows for denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10124.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N"},{"CVE":"CVE-2017-11089","severity":"moderate","public_date":"2017-07-07T00:00:00Z","advisories":[],"bugzilla":"1564038","bugzilla_description":"CVE-2017-11089 kernel: Out-of-bounds read in nl80211_set_station allows privileged local attacker to cause system crash or possibly code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11089.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.4"},{"CVE":"CVE-2017-18218","severity":"moderate","public_date":"2017-07-06T00:00:00Z","advisories":[],"bugzilla":"1551985","bugzilla_description":"CVE-2017-18218 kernel: Use-after-free vulnerability in drivers/net/ethernet/hisilicon/hns/hns_enet.c allows local attacker to cause denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18218.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-18079","severity":"moderate","public_date":"2017-07-03T00:00:00Z","advisories":[],"bugzilla":"1539725","bugzilla_description":"CVE-2017-18079 kernel: Null pointer dereference in drivers/input/serio/i8042.c leading to denial-of-service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18079.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-9986","severity":"low","public_date":"2017-06-28T00:00:00Z","advisories":[],"bugzilla":"1470211","bugzilla_description":"CVE-2017-9986 kernel: Double fetch in the intr function in sound/oss/msnd_pinnacle.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9986.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2017-9985","severity":"low","public_date":"2017-06-28T00:00:00Z","advisories":[],"bugzilla":"1470213","bugzilla_description":"CVE-2017-9985 kernel: Double fetch in the snd_msndmidi_input_read function in sound/isa/msnd/msnd_midi.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9985.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2017-13694","severity":"moderate","public_date":"2017-06-23T00:00:00Z","advisories":[],"bugzilla":"1485348","bugzilla_description":"CVE-2017-13694 kernel: ACPI node and node_ext cache leak","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13694.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2017-7518","severity":"moderate","public_date":"2017-06-22T00:00:00Z","advisories":["RHSA-2018:0412","RHSA-2018:0395"],"bugzilla":"1464473","bugzilla_description":"CVE-2017-7518 Kernel: KVM: debug exception via syscall emulation","cvss_score":5.4,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-250","affected_packages":["kernel-0:3.10.0-693.21.1.el7","kernel-rt-0:3.10.0-693.21.1.rt56.639.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7518.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.5"},{"CVE":"CVE-2017-9984","severity":"low","public_date":"2017-06-20T00:00:00Z","advisories":[],"bugzilla":"1470178","bugzilla_description":"CVE-2017-9984 kernel: Double fetch in the snd_msnd_interrupt function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9984.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2017-1000365","severity":"low","public_date":"2017-06-19T00:00:00Z","advisories":[],"bugzilla":"1462147","bugzilla_description":"CVE-2017-1000365 kernel: RLIMIT_STACK/RLIMIT_INFINITY string size limitation bypass","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000365.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"2.9"},{"CVE":"CVE-2017-1000370","severity":"low","public_date":"2017-06-19T00:00:00Z","advisories":[],"bugzilla":"1462153","bugzilla_description":"CVE-2017-1000370 kernel: offset2lib patch protection bypass","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000370.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"2.9"},{"CVE":"CVE-2017-1000371","severity":"low","public_date":"2017-06-19T00:00:00Z","advisories":["RHSA-2020:1524"],"bugzilla":"1462158","bugzilla_description":"CVE-2017-1000371 kernel: offset2lib allows for the stack guard page to be jumped over","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["kernel-0:2.6.32-754.29.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000371.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"2.9"},{"CVE":"CVE-2017-15274","severity":"moderate","public_date":"2017-06-08T00:00:00Z","advisories":["RHSA-2018:1062","RHSA-2018:0676","RHSA-2019:1946"],"bugzilla":"1500391","bugzilla_description":"CVE-2017-15274 kernel: dereferencing NULL payload with nonzero length","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":["kernel-0:3.10.0-693.55.1.el7","kernel-rt-0:3.10.0-862.rt56.804.el7","kernel-0:3.10.0-862.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15274.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-9605","severity":"low","public_date":"2017-06-02T00:00:00Z","advisories":[],"bugzilla":"1462172","bugzilla_description":"CVE-2017-9605 kernel: Uninitialized kernel memory leak in vmw_gb_surface_define_ioctl function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9605.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2017-18241","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1559318","bugzilla_description":"CVE-2017-18241 kernel: Null pointer dereference in fs/f2fs/segment.c via mounting fs with noflush_merge option allows local denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18241.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-12146","severity":"moderate","public_date":"2017-05-25T00:00:00Z","advisories":["RHEA-2017:3163"],"bugzilla":"1489078","bugzilla_description":"CVE-2017-12146 kernel: Race condition in driver_override implementation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":["kernel-alt-0:4.11.0-44.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12146.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2017-1000363","severity":"moderate","public_date":"2017-05-22T00:00:00Z","advisories":[],"bugzilla":"1451685","bugzilla_description":"CVE-2017-1000363 kernel: Out-of-bounds write in lp_setup in drivers/char/lp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000363.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2017-9242","severity":"moderate","public_date":"2017-05-19T00:00:00Z","advisories":["RHSA-2017:1842","RHSA-2017:2077"],"bugzilla":"1456388","bugzilla_description":"CVE-2017-9242 kernel: Incorrect overwrite check in __ip6_append_data()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":["kernel-rt-0:3.10.0-693.rt56.617.el7","kernel-0:3.10.0-693.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9242.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-10663","severity":"low","public_date":"2017-05-12T00:00:00Z","advisories":[],"bugzilla":"1481149","bugzilla_description":"CVE-2017-10663 kernel: Missing sanity check for segno and blkoff read","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-391","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10663.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2017-9150","severity":"moderate","public_date":"2017-05-08T00:00:00Z","advisories":[],"bugzilla":"1454647","bugzilla_description":"CVE-2017-9150 kernel: eBPF verifier log leaks lower half of map pointer","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9150.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2017-7487","severity":"low","public_date":"2017-05-02T00:00:00Z","advisories":[],"bugzilla":"1447734","bugzilla_description":"CVE-2017-7487 kernel: Reference counter leak in ipxitf_ioctl resulting into use after free","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7487.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H","cvss3_score":"5.6"},{"CVE":"CVE-2017-10662","severity":"low","public_date":"2017-05-02T00:00:00Z","advisories":[],"bugzilla":"1481146","bugzilla_description":"CVE-2017-10662 kernel: Missing sanity check for segment count in f2fs","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-391","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10662.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2017-0630","severity":"low","public_date":"2017-05-01T00:00:00Z","advisories":[],"bugzilla":"1450039","bugzilla_description":"CVE-2017-0630 kernel: Information disclosure vulnerability in kernel trace subsystem","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0630.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2017-0627","severity":"low","public_date":"2017-05-01T00:00:00Z","advisories":[],"bugzilla":"1450042","bugzilla_description":"CVE-2017-0627 kernel: Information disclosure vulnerability in kernel UVC driver","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0627.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2017-9059","severity":"moderate","public_date":"2017-04-26T00:00:00Z","advisories":[],"bugzilla":"1451386","bugzilla_description":"CVE-2017-9059 kernel: Module reference leak due to improper shut down of callback channel on umount","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-772","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9059.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-11472","severity":"low","public_date":"2017-04-26T00:00:00Z","advisories":[],"bugzilla":"1473214","bugzilla_description":"CVE-2017-11472 kernel: ACPI operand cache leak in acpi_ns_terminate()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-209","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11472.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"2.9"},{"CVE":"CVE-2017-7477","severity":"important","public_date":"2017-04-24T00:00:00Z","advisories":["RHSA-2017:1615","RHSA-2017:1616"],"bugzilla":"1445207","bugzilla_description":"CVE-2017-7477 kernel: net: Heap overflow in skb_to_sgvec in macsec.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["kernel-rt-0:3.10.0-514.26.1.rt56.442.el7","kernel-0:3.10.0-514.26.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7477.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2017-8831","severity":"low","public_date":"2017-04-24T00:00:00Z","advisories":[],"bugzilla":"1449980","bugzilla_description":"CVE-2017-8831 kernel: Double fetch vulnerability in saa7164_bus_get function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8831.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.0"},{"CVE":"CVE-2007-6761","severity":"moderate","public_date":"2017-04-24T00:00:00Z","advisories":[],"bugzilla":"1458182","bugzilla_description":"CVE-2007-6761 kernel: Improper initialization of videobuf_mapping data structures","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6761.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2017-7979","severity":"moderate","public_date":"2017-04-12T00:00:00Z","advisories":[],"bugzilla":"1444501","bugzilla_description":"CVE-2017-7979 kernel: cookie feature in packet action API implementation mishandles tb nlattr array","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7979.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-7618","severity":"low","public_date":"2017-04-10T00:00:00Z","advisories":[],"bugzilla":"1441093","bugzilla_description":"CVE-2017-7618 kernel: Infinite recursion in ahash.c by triggering EBUSY on a full queue","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7618.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-7616","severity":"moderate","public_date":"2017-04-08T00:00:00Z","advisories":["RHSA-2017:1842","RHSA-2018:1854","RHSA-2017:2077"],"bugzilla":"1441088","bugzilla_description":"CVE-2017-7616 kernel: Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-390","affected_packages":["kernel-rt-0:3.10.0-693.rt56.617.el7","kernel-0:2.6.32-754.el6","kernel-0:3.10.0-693.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7616.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2017-10810","severity":"low","public_date":"2017-04-06T00:00:00Z","advisories":[],"bugzilla":"1468023","bugzilla_description":"CVE-2017-10810 Kernel: virtio-gpu: memory leakage while creating gpu object","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-772","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10810.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L","cvss3_score":"4.1"},{"CVE":"CVE-2017-7374","severity":"low","public_date":"2017-03-31T00:00:00Z","advisories":[],"bugzilla":"1438394","bugzilla_description":"CVE-2017-7374 kernel: use-after-free in keyring key revocation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7374.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.1"},{"CVE":"CVE-2017-8106","severity":"moderate","public_date":"2017-03-31T00:00:00Z","advisories":[],"bugzilla":"1445828","bugzilla_description":"CVE-2017-8106 kernel: Null pointer dereference on host in INVEPT emulation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8106.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H","cvss3_score":"7.7"},{"CVE":"CVE-2017-7346","severity":"low","public_date":"2017-03-30T00:00:00Z","advisories":[],"bugzilla":"1437431","bugzilla_description":"CVE-2017-7346 kernel: drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7346.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-7319","severity":null,"public_date":"2017-03-30T00:00:00Z","advisories":[],"bugzilla":"1440877","bugzilla_description":"CVE-2017-7319 kernel: Sending SIGIO signal to any process via fcntl","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7319.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N"},{"CVE":"CVE-2017-7286","severity":null,"public_date":"2017-03-29T00:00:00Z","advisories":[],"bugzilla":"1440871","bugzilla_description":"CVE-2017-7286 kernel: Inode integer overflow","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7286.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N"},{"CVE":"CVE-2017-7294","severity":"moderate","public_date":"2017-03-28T00:00:00Z","advisories":["RHSA-2018:1062","RHSA-2018:0676"],"bugzilla":"1436798","bugzilla_description":"CVE-2017-7294 kernel: drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["kernel-rt-0:3.10.0-862.rt56.804.el7","kernel-0:3.10.0-862.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7294.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"6.1"},{"CVE":"CVE-2017-7261","severity":"low","public_date":"2017-03-24T00:00:00Z","advisories":[],"bugzilla":"1435719","bugzilla_description":"CVE-2017-7261 kernel: drm/vmwgfx: check that number of mip levels is above zero","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-839","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7261.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-18249","severity":"moderate","public_date":"2017-03-22T00:00:00Z","advisories":[],"bugzilla":"1560968","bugzilla_description":"CVE-2017-18249 kernel: Race condition in fs/f2fs/node.c:add_free_nid() function allows local users to cause denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18249.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-7277","severity":"low","public_date":"2017-03-18T00:00:00Z","advisories":[],"bugzilla":"1436629","bugzilla_description":"CVE-2017-7277 kernel: Mishandling SCM_TIMESTAMPING_OPT_STATS feature causes out-of-bounds read","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7277.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H","cvss3_score":"6.1"},{"CVE":"CVE-2017-6874","severity":"moderate","public_date":"2017-03-06T00:00:00Z","advisories":[],"bugzilla":"1432429","bugzilla_description":"CVE-2017-6874 kernel: Race condition in kernel/ucount.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6874.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-8925","severity":"low","public_date":"2017-03-06T00:00:00Z","advisories":[],"bugzilla":"1451393","bugzilla_description":"CVE-2017-8925 kernel: Reference count mishandling in the omninet_open function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-772","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8925.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-8924","severity":"low","public_date":"2017-03-06T00:00:00Z","advisories":[],"bugzilla":"1451399","bugzilla_description":"CVE-2017-8924 kernel: Information leak in completion handler in edge_bulk_in_callback function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8924.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2017-8065","severity":"moderate","public_date":"2017-02-27T00:00:00Z","advisories":[],"bugzilla":"1445338","bugzilla_description":"CVE-2017-8065 kernel: crypto/ccm.c interacts incorrectly with the CONFIG_VMAP_STACK option","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8065.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-8066","severity":"moderate","public_date":"2017-02-24T00:00:00Z","advisories":[],"bugzilla":"1445339","bugzilla_description":"CVE-2017-8066 kernel: gs_usb.c interacts incorrectly with the CONFIG_VMAP_STACK option","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8066.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-6353","severity":"moderate","public_date":"2017-02-23T00:00:00Z","advisories":[],"bugzilla":"1428907","bugzilla_description":"CVE-2017-6353 kernel: Possible double free in stcp_sendmsg() (incorrect fix for CVE-2017-5986)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6353.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-18255","severity":"low","public_date":"2017-02-23T00:00:00Z","advisories":[],"bugzilla":"1563069","bugzilla_description":"CVE-2017-18255 kernel: Integer overflow in events/core.c:perf_cpu_time_max_percent_handler() can allow for denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18255.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L","cvss3_score":"3.4"},{"CVE":"CVE-2017-6347","severity":"moderate","public_date":"2017-02-21T00:00:00Z","advisories":[],"bugzilla":"1427984","bugzilla_description":"CVE-2017-6347 kernel: ipv4: Incorrect IP_CHECKSUM handling","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6347.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2017-6348","severity":"moderate","public_date":"2017-02-17T00:00:00Z","advisories":[],"bugzilla":"1428491","bugzilla_description":"CVE-2017-6348 kernel: net: Improper lock dropping in the hashbin_delete function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-667","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6348.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.2"},{"CVE":"CVE-2017-8062","severity":"moderate","public_date":"2017-02-15T00:00:00Z","advisories":[],"bugzilla":"1445332","bugzilla_description":"CVE-2017-8062 kernel: dw2102.c interacts incorrectly with the CONFIG_VMAP_STACK option","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8062.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-6346","severity":"moderate","public_date":"2017-02-14T00:00:00Z","advisories":[],"bugzilla":"1428487","bugzilla_description":"CVE-2017-6346 kernel: net: Race condition in net/packet/af_packet.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6346.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.2"},{"CVE":"CVE-2017-6345","severity":"moderate","public_date":"2017-02-13T00:00:00Z","advisories":[],"bugzilla":"1428485","bugzilla_description":"CVE-2017-6345 kernel: llc: skb->sk set without skb->destructor","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-456","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6345.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.2"},{"CVE":"CVE-2017-5972","severity":"moderate","public_date":"2017-02-12T00:00:00Z","advisories":[],"bugzilla":"1422081","bugzilla_description":"CVE-2017-5972 kernel: SYN cookie protection mechanism not properly implemented","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5972.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-8061","severity":"moderate","public_date":"2017-02-12T00:00:00Z","advisories":[],"bugzilla":"1445333","bugzilla_description":"CVE-2017-8061 kernel: dvb-usb-firmware.c interacts incorrectly with the CONFIG_VMAP_STACK option","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8061.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-5967","severity":"low","public_date":"2017-02-10T00:00:00Z","advisories":[],"bugzilla":"1422138","bugzilla_description":"CVE-2017-5967 kernel: Time subsystem allows local users to discover real PID values","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-212","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5967.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2017-10661","severity":"moderate","public_date":"2017-02-10T00:00:00Z","advisories":["RHSA-2018:3096","RHSA-2020:0036","RHSA-2018:3083","RHSA-2019:4057","RHSA-2019:4058"],"bugzilla":"1481136","bugzilla_description":"CVE-2017-10661 kernel: Handling of might_cancel queueing is not properly pretected against race","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":["kernel-rt-0:3.10.0-957.rt56.910.el7","kernel-0:3.10.0-693.61.1.el7","kernel-rt-1:3.10.0-693.61.1.rt56.656.el6rt","kernel-0:3.10.0-957.el7","kernel-0:3.10.0-862.46.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10661.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"5.3"},{"CVE":"CVE-2016-8636","severity":"moderate","public_date":"2017-02-07T00:00:00Z","advisories":[],"bugzilla":"1421981","bugzilla_description":"CVE-2016-8636 kernel: Integer overflow in the RDMA over infiniband software implementation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8636.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H","cvss3_score":"5.8"},{"CVE":"CVE-2017-5986","severity":"moderate","public_date":"2017-02-06T00:00:00Z","advisories":["RHSA-2017:1308"],"bugzilla":"1420276","bugzilla_description":"CVE-2017-5986 kernel: Reachable BUG_ON from userspace in sctp_wait_for_sndbuf","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-617","affected_packages":["kernel-0:3.10.0-514.21.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5986.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-5897","severity":"low","public_date":"2017-02-05T00:00:00Z","advisories":[],"bugzilla":"1419848","bugzilla_description":"CVE-2017-5897 kernel: ip6_gre: Invalid reads in ip6gre_err","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5897.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"3.7"},{"CVE":"CVE-2017-8063","severity":"moderate","public_date":"2017-02-05T00:00:00Z","advisories":[],"bugzilla":"1445334","bugzilla_description":"CVE-2017-8063 kernel: cxusb.c interacts incorrectly with the CONFIG_VMAP_STACK option","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8063.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-8070","severity":"moderate","public_date":"2017-02-04T00:00:00Z","advisories":[],"bugzilla":"1445328","bugzilla_description":"CVE-2017-8070 kernel: catc.c interacts incorrectly with the CONFIG_VMAP_STACK option","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8070.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-8068","severity":"moderate","public_date":"2017-02-04T00:00:00Z","advisories":[],"bugzilla":"1445341","bugzilla_description":"CVE-2017-8068 kernel: pegasus.c interacts incorrectly with the CONFIG_VMAP_STACK option","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8068.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-8069","severity":"moderate","public_date":"2017-02-04T00:00:00Z","advisories":[],"bugzilla":"1445343","bugzilla_description":"CVE-2017-8069 kernel: rtl8150.c interacts incorrectly with the CONFIG_VMAP_STACK option","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8069.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-8064","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":[],"bugzilla":"1445336","bugzilla_description":"CVE-2017-8064 kernel: dvb_usb_core.c interacts incorrectly with the CONFIG_VMAP_STACK option","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8064.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-8067","severity":"moderate","public_date":"2017-02-01T00:00:00Z","advisories":[],"bugzilla":"1445340","bugzilla_description":"CVE-2017-8067 kernel: virtio_console.c interacts incorrectly with the CONFIG_VMAP_STACK option","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8067.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-8072","severity":"moderate","public_date":"2017-01-30T00:00:00Z","advisories":[],"bugzilla":"1445330","bugzilla_description":"CVE-2017-8072 kernel: cp2112_gpio_direction_input does not have the expected EIO error status for a zero-length report","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8072.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-8071","severity":"moderate","public_date":"2017-01-30T00:00:00Z","advisories":[],"bugzilla":"1445331","bugzilla_description":"CVE-2017-8071 kernel: hid-cp2112.c uses a spinlock without considering that sleeping is possible in a USB HID request callback","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8071.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-8405","severity":"low","public_date":"2017-01-25T00:00:00Z","advisories":[],"bugzilla":"1426132","bugzilla_description":"CVE-2016-8405 kernel: Copying color maps to userspace vulnerable to heap-buffer overflow","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8405.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.7"},{"CVE":"CVE-2016-10142","severity":"moderate","public_date":"2017-01-24T00:00:00Z","advisories":["RHSA-2017:0817"],"bugzilla":"1415908","bugzilla_description":"CVE-2016-10142 kernel - IPV6 fragmentation flaw","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-406","affected_packages":["kernel-0:2.6.32-696.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10142.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L","cvss3_score":"5.8"},{"CVE":"CVE-2017-2596","severity":"moderate","public_date":"2017-01-24T00:00:00Z","advisories":["RHSA-2017:1842","RHSA-2017:2077"],"bugzilla":"1417812","bugzilla_description":"CVE-2017-2596 Kernel: kvm: page reference leakage in handle_vmon","cvss_score":4.3,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:N/I:N/A:C","CWE":"CWE-772","affected_packages":["kernel-rt-0:3.10.0-693.rt56.617.el7","kernel-0:3.10.0-693.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2596.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H","cvss3_score":"5.8"},{"CVE":"CVE-2017-18257","severity":"low","public_date":"2017-01-22T00:00:00Z","advisories":[],"bugzilla":"1565455","bugzilla_description":"CVE-2017-18257 kernel: Inifinite loop caused by integer overflow in fs/f2fs/data.c:__get_data_block() allows for denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190->CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18257.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-5669","severity":"low","public_date":"2017-01-20T00:00:00Z","advisories":[],"bugzilla":"1427239","bugzilla_description":"CVE-2017-5669 kernel: Shmat allows mmap null page protection bypass","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-270","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5669.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2017-5576","severity":"low","public_date":"2017-01-18T00:00:00Z","advisories":[],"bugzilla":"1416436","bugzilla_description":"CVE-2017-5576 kernel: vc4: Integer overflow in temporary allocation layout","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5576.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H","cvss3_score":"5.8"},{"CVE":"CVE-2017-5577","severity":"low","public_date":"2017-01-18T00:00:00Z","advisories":[],"bugzilla":"1416437","bugzilla_description":"CVE-2017-5577 kernel: vc4: Heap-buffer overflow due to failing checks","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5577.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2017-5550","severity":"moderate","public_date":"2017-01-15T00:00:00Z","advisories":[],"bugzilla":"1416116","bugzilla_description":"CVE-2017-5550 kernel: Information leak due to fencepost error in pipe_advance()","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5550.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2017-5547","severity":"low","public_date":"2017-01-13T00:00:00Z","advisories":[],"bugzilla":"1416096","bugzilla_description":"CVE-2017-5547 kernel: DMA buffers on stack","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5547.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2017-2583","severity":"moderate","public_date":"2017-01-12T00:00:00Z","advisories":["RHSA-2017:1615","RHSA-2017:1616"],"bugzilla":"1414735","bugzilla_description":"CVE-2017-2583 Kernel: Kvm: vmx/svm potential privilege escalation inside guest","cvss_score":4.9,"cvss_scoring_vector":"AV:A/AC:M/Au:S/C:P/I:P/A:P","CWE":"CWE-250","affected_packages":["kernel-rt-0:3.10.0-514.26.1.rt56.442.el7","kernel-0:3.10.0-514.26.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2583.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.4"},{"CVE":"CVE-2017-5548","severity":"moderate","public_date":"2017-01-12T00:00:00Z","advisories":[],"bugzilla":"1416110","bugzilla_description":"CVE-2017-5548 kernel: Using stack for buffers in ieee802154","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5548.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-2584","severity":"low","public_date":"2017-01-11T00:00:00Z","advisories":["RHSA-2017:1842","RHSA-2017:2077"],"bugzilla":"1413001","bugzilla_description":"CVE-2017-2584 Kernel: kvm: use after free in complete_emulated_mmio","cvss_score":5.5,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:P/I:P/A:C","CWE":"CWE-416","affected_packages":["kernel-rt-0:3.10.0-693.rt56.617.el7","kernel-0:3.10.0-693.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2584.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H","cvss3_score":"7.1"},{"CVE":"CVE-2017-5546","severity":"moderate","public_date":"2017-01-11T00:00:00Z","advisories":[],"bugzilla":"1415733","bugzilla_description":"CVE-2017-5546 kernel: SLAB freelist randomization produces duplicate entries","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-391","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5546.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-5549","severity":"low","public_date":"2017-01-10T00:00:00Z","advisories":[],"bugzilla":"1416114","bugzilla_description":"CVE-2017-5549 kernel: Incorrect line-state error handling","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-209","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5549.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2016-8106","severity":"moderate","public_date":"2017-01-09T00:00:00Z","advisories":[],"bugzilla":"1386646","bugzilla_description":"CVE-2016-8106 kernel: DoS of Intel Ethernet controllers after a period of IPv6 fragment flood","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8106.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-0403","severity":"important","public_date":"2017-01-01T00:00:00Z","advisories":[],"bugzilla":"1417833","bugzilla_description":"CVE-2017-0403 kernel: Privilege escalation in Android performance subsystem","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0403.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2017-0404","severity":"important","public_date":"2017-01-01T00:00:00Z","advisories":[],"bugzilla":"1417834","bugzilla_description":"CVE-2017-0404 kernel: Privilege escalation in Android sound subsystem","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0404.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2016-9588","severity":"moderate","public_date":"2016-12-14T00:00:00Z","advisories":["RHSA-2017:1842","RHSA-2017:2077"],"bugzilla":"1404924","bugzilla_description":"CVE-2016-9588 Kernel: kvm: nVMX: uncaught software exceptions in L1 guest leads to DoS","cvss_score":3.3,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-248","affected_packages":["kernel-rt-0:3.10.0-693.rt56.617.el7","kernel-0:3.10.0-693.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9588.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.5"},{"CVE":"CVE-2016-10154","severity":"moderate","public_date":"2016-12-14T00:00:00Z","advisories":[],"bugzilla":"1416104","bugzilla_description":"CVE-2016-10154 kernel: smbencrypt() points a scatterlist to the stack causing DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10154.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-9919","severity":"important","public_date":"2016-12-08T00:00:00Z","advisories":[],"bugzilla":"1403260","bugzilla_description":"CVE-2016-9919 kernel: Linux panic on fragemented IPv6 traffic (icmp6_send)","cvss_score":7.8,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9919.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2015-8967","severity":"important","public_date":"2016-12-08T00:00:00Z","advisories":[],"bugzilla":"1404284","bugzilla_description":"CVE-2015-8967 kernel: arm64: Strict page permission bypass","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":"CWE-471","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8967.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2016-8399","severity":"moderate","public_date":"2016-12-05T00:00:00Z","advisories":["RHSA-2017:2930","RHSA-2017:2931","RHSA-2017:0869","RHSA-2017:0817"],"bugzilla":"1403833","bugzilla_description":"CVE-2016-8399 kernel: net: Out of bounds stack read in memcpy_fromiovec","cvss_score":6.8,"cvss_scoring_vector":"AV:L/AC:L/Au:S/C:C/I:C/A:C","CWE":"CWE-20","affected_packages":["kernel-rt-0:3.10.0-693.5.2.rt56.626.el7","kernel-0:2.6.32-573.41.1.el6","kernel-0:2.6.32-696.el6","kernel-0:3.10.0-693.5.2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8399.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2016-10147","severity":"moderate","public_date":"2016-12-02T00:00:00Z","advisories":["RHSA-2017:1842","RHSA-2017:2077"],"bugzilla":"1404200","bugzilla_description":"CVE-2016-10147 kernel: Kernel crash by spawning mcrypt(alg) with incompatible algorithm","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":["kernel-rt-0:3.10.0-693.rt56.617.el7","kernel-0:3.10.0-693.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10147.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-10153","severity":"moderate","public_date":"2016-12-02T00:00:00Z","advisories":[],"bugzilla":"1416101","bugzilla_description":"CVE-2016-10153 kernel: introduce ceph_crypt() for in-place en/decryption","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10153.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-9685","severity":"low","public_date":"2016-12-01T00:00:00Z","advisories":["RHSA-2017:1842","RHSA-2017:2669","RHSA-2017:2077"],"bugzilla":"1396941","bugzilla_description":"CVE-2016-9685 kernel: Memory leaks in xfs_attr_list.c error paths","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-772","affected_packages":["kernel-rt-0:3.10.0-693.rt56.617.el7","kernel-rt-1:3.10.0-693.2.1.rt56.585.el6rt","kernel-0:3.10.0-693.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9685.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N","cvss3_score":"3.8"},{"CVE":"CVE-2016-10150","severity":"important","public_date":"2016-11-30T00:00:00Z","advisories":[],"bugzilla":"1414506","bugzilla_description":"CVE-2016-10150 Kernel: Kvm: a use-after-free while creating devices","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10150.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.4"},{"CVE":"CVE-2016-9755","severity":"moderate","public_date":"2016-11-26T00:00:00Z","advisories":[],"bugzilla":"1400904","bugzilla_description":"CVE-2016-9755 kernel: netfilter: Out-of-bounds write due to a signedness issue when defragmenting IPv6 packets","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:P","CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9755.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L","cvss3_score":"6.5"},{"CVE":"CVE-2016-9777","severity":"important","public_date":"2016-11-23T00:00:00Z","advisories":[],"bugzilla":"1400804","bugzilla_description":"CVE-2016-9777 Kernel: kvm: out of bounds memory access via vcpu_id","cvss_score":6.5,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:C/I:C/A:C","CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9777.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H","cvss3_score":"8.0"},{"CVE":"CVE-2016-9756","severity":"low","public_date":"2016-11-22T00:00:00Z","advisories":[],"bugzilla":"1400468","bugzilla_description":"CVE-2016-9756 Kernel: kvm: stack memory information leakage","cvss_score":2.3,"cvss_scoring_vector":"AV:A/AC:M/Au:S/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9756.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N","cvss3_score":"4.1"},{"CVE":"CVE-2017-12168","severity":"moderate","public_date":"2016-11-18T00:00:00Z","advisories":["RHEA-2017:3163"],"bugzilla":"1492984","bugzilla_description":"CVE-2017-12168 Kernel: kvm: ARM64: assert failure when accessing PMCCNTR register","cvss_score":5.2,"cvss_scoring_vector":"AV:A/AC:M/Au:S/C:N/I:N/A:C","CWE":"CWE-617","affected_packages":["kernel-alt-0:4.11.0-44.el7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12168.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H","cvss3_score":"6.2"},{"CVE":"CVE-2016-9279","severity":"moderate","public_date":"2016-11-09T00:00:00Z","advisories":[],"bugzilla":"1396669","bugzilla_description":"CVE-2016-9279 kernel: Use After Free in /dev/fimg2d","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9279.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-9278","severity":"moderate","public_date":"2016-11-09T00:00:00Z","advisories":[],"bugzilla":"1396670","bugzilla_description":"CVE-2016-9278 kernel: Kernel Crash on /dev/fimg2d ioctl command","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-391","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9278.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-8632","severity":"moderate","public_date":"2016-11-07T00:00:00Z","advisories":[],"bugzilla":"1390832","bugzilla_description":"CVE-2016-8632 kernel: TIPC subsystem: tipc_msg_build() doesn't validate MTU, may cause memory corruption.","cvss_score":6.8,"cvss_scoring_vector":"AV:L/AC:L/Au:S/C:C/I:C/A:C","CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8632.json"},{"CVE":"CVE-2016-9191","severity":"moderate","public_date":"2016-11-05T00:00:00Z","advisories":[],"bugzilla":"1392439","bugzilla_description":"CVE-2016-9191 kernel: Local DoS via cgroup offline code","cvss_score":5.2,"cvss_scoring_vector":"AV:A/AC:M/Au:S/C:N/I:N/A:C","CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9191.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-9644","severity":"important","public_date":"2016-11-03T00:00:00Z","advisories":[],"bugzilla":"1399528","bugzilla_description":"CVE-2016-9644 kernel: Incorrect fix for CVE-2016-9178","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9644.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-8630","severity":"important","public_date":"2016-11-02T00:00:00Z","advisories":["RHSA-2017:0386","RHSA-2017:0387"],"bugzilla":"1393350","bugzilla_description":"CVE-2016-8630 kernel: kvm: x86: NULL pointer dereference during instruction decode","cvss_score":5.2,"cvss_scoring_vector":"AV:A/AC:M/Au:S/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":["kernel-0:3.10.0-514.10.2.el7","kernel-rt-0:3.10.0-514.10.2.rt56.435.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8630.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H","cvss3_score":"6.2"},{"CVE":"CVE-2016-8660","severity":"low","public_date":"2016-10-13T00:00:00Z","advisories":[],"bugzilla":"1384851","bugzilla_description":"CVE-2016-8660 kernel: xfs: local DoS due to a page lock order bug in the XFS seek hole/data implementation","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-667","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8660.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-9083","severity":"important","public_date":"2016-10-12T00:00:00Z","advisories":["RHSA-2017:0386","RHSA-2017:0387"],"bugzilla":"1389258","bugzilla_description":"CVE-2016-9083 kernel: State machine confusion bug in vfio driver leading to memory corruption","cvss_score":7.2,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","CWE":"CWE-391","affected_packages":["kernel-0:3.10.0-514.10.2.el7","kernel-rt-0:3.10.0-514.10.2.rt56.435.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9083.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"5.3"},{"CVE":"CVE-2016-9084","severity":"moderate","public_date":"2016-10-12T00:00:00Z","advisories":["RHSA-2017:0386","RHSA-2017:0387"],"bugzilla":"1389259","bugzilla_description":"CVE-2016-9084 kernel: Integer overflow when using kzalloc in vfio driver","cvss_score":3.3,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:P/A:P","CWE":"CWE-190","affected_packages":["kernel-0:3.10.0-514.10.2.el7","kernel-rt-0:3.10.0-514.10.2.rt56.435.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9084.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"5.3"},{"CVE":"CVE-2017-15102","severity":"low","public_date":"2016-09-19T00:00:00Z","advisories":[],"bugzilla":"1505905","bugzilla_description":"CVE-2017-15102 kernel: NULL pointer dereference due to race condition in probe function of legousbtower driver","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15102.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.3"},{"CVE":"CVE-2016-10044","severity":"moderate","public_date":"2016-09-16T00:00:00Z","advisories":[],"bugzilla":"1420236","bugzilla_description":"CVE-2016-10044 kernel: aio_mount function does not properly restrict execute access","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-266","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10044.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-7425","severity":"low","public_date":"2016-09-15T00:00:00Z","advisories":[],"bugzilla":"1377330","bugzilla_description":"CVE-2016-7425 kernel: SCSI arcmsr driver: Buffer overflow in arcmsr_iop_message_xfer()","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7425.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2016-9178","severity":"low","public_date":"2016-09-15T00:00:00Z","advisories":[],"bugzilla":"1391908","bugzilla_description":"CVE-2016-9178 kernel: Information leak in get_user_ex function","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9178.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2016-10318","severity":"moderate","public_date":"2016-09-08T00:00:00Z","advisories":[],"bugzilla":"1439768","bugzilla_description":"CVE-2016-10318 kernel: User can assign an encryption policy to a directory owned by a different user","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-266","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10318.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2016-8658","severity":"low","public_date":"2016-09-07T00:00:00Z","advisories":[],"bugzilla":"1384403","bugzilla_description":"CVE-2016-8658 kernel: Stack buffer overflow in brcmf_cfg80211_start_ap","cvss_score":5.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:P/A:C","CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8658.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"6.1"},{"CVE":"CVE-2015-8953","severity":"moderate","public_date":"2016-08-23T00:00:00Z","advisories":[],"bugzilla":"1367814","bugzilla_description":"CVE-2015-8953 kernel: overlayfs: Double dentry reference leak in copy-up failure","cvss_score":5.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:C","CWE":"CWE-772","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8953.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H","cvss3_score":"6.1"},{"CVE":"CVE-2015-8952","severity":"low","public_date":"2016-08-22T00:00:00Z","advisories":[],"bugzilla":"1360968","bugzilla_description":"CVE-2015-8952 kernel: mbcache code subject to softlockup DOS in cache management","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-667","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8952.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-6327","severity":"moderate","public_date":"2016-08-19T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2584"],"bugzilla":"1354525","bugzilla_description":"CVE-2016-6327 kernel: infiniband: Kernel crash by sending ABORT_TASK command","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":["kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6327.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-3841","severity":"important","public_date":"2016-08-08T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2695","RHSA-2016:2584","RHSA-2016:0855"],"bugzilla":"1364971","bugzilla_description":"CVE-2016-3841 kernel: use-after-free via crafted IPV6 sendmsg for raw / tcp / udp / l2tp sockets.","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":"CWE-667","affected_packages":["kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:3.10.0-514.el7","kernel-0:3.10.0-327.41.3.el7","kernel-0:2.6.32-642.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3841.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.4"},{"CVE":"CVE-2016-3857","severity":"important","public_date":"2016-08-05T00:00:00Z","advisories":[],"bugzilla":"1381188","bugzilla_description":"CVE-2016-3857 kernel: privilege escalation in sys_oabi_*() in arm kernel","cvss_score":9.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:C/I:C/A:C","CWE":"CWE-266","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3857.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2016-6480","severity":"moderate","public_date":"2016-08-01T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2584","RHSA-2017:0817"],"bugzilla":"1362466","bugzilla_description":"CVE-2016-6480 kernel: scsi: aacraid: double fetch in ioctl_send_fib()","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-362","affected_packages":["kernel-0:2.6.32-696.el6","kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6480.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.1"},{"CVE":"CVE-2017-0605","severity":"low","public_date":"2016-08-01T00:00:00Z","advisories":[],"bugzilla":"1450028","bugzilla_description":"CVE-2017-0605 kernel: Stack corruption due to string copy","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0605.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2016-6516","severity":"important","public_date":"2016-07-31T00:00:00Z","advisories":[],"bugzilla":"1362457","bugzilla_description":"CVE-2016-6516 kernel: vfs: ioctl: double fetch leading to heap overflow","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6516.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.4"},{"CVE":"CVE-2016-6492","severity":"important","public_date":"2016-07-30T00:00:00Z","advisories":[],"bugzilla":"1363702","bugzilla_description":"CVE-2016-6492 kernel: privilege escalation flaw in mediatek driver","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6492.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.4"},{"CVE":"CVE-2016-5412","severity":"moderate","public_date":"2016-07-28T00:00:00Z","advisories":["RHSA-2016:2574"],"bugzilla":"1349916","bugzilla_description":"CVE-2016-5412 Kernel: powerpc: kvm: Infinite loop via H_CEDE hypercall when running under hypervisor-mode","cvss_score":4.3,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:N/I:N/A:C","CWE":"CWE-835","affected_packages":["kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5412.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H","cvss3_score":"5.4"},{"CVE":"CVE-2016-9313","severity":"moderate","public_date":"2016-07-22T00:00:00Z","advisories":[],"bugzilla":"1399519","bugzilla_description":"CVE-2016-9313 kernel: security/keys/big_key.c mishandles unsuccessful crypto registration","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9313.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-3044","severity":"important","public_date":"2016-07-22T00:00:00Z","advisories":["RHSA-2016:1033","RHSA-2016:2574"],"bugzilla":"1400495","bugzilla_description":"CVE-2016-3044 kernel: Infinite loop vulnerability in KVM","cvss_score":5.2,"cvss_scoring_vector":"AV:A/AC:M/Au:S/C:N/I:N/A:C","CWE":"CWE-835","affected_packages":["kernel-0:3.10.0-514.el7","kernel-0:3.10.0-327.18.2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3044.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H","cvss3_score":"5.4"},{"CVE":"CVE-2016-5400","severity":"low","public_date":"2016-07-20T00:00:00Z","advisories":[],"bugzilla":"1358184","bugzilla_description":"CVE-2016-5400 kernel: memory leak in airspy usb driver","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-401","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5400.json","cvss3_scoring_vector":"AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2016-6213","severity":"low","public_date":"2016-07-13T00:00:00Z","advisories":["RHSA-2017:1842","RHSA-2017:2077"],"bugzilla":"1356471","bugzilla_description":"CVE-2016-6213 kernel: Overflowing kernel mount table using shared bind mount","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":"CWE-770","affected_packages":["kernel-rt-0:3.10.0-693.rt56.617.el7","kernel-0:3.10.0-693.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6213.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2016-6197","severity":"moderate","public_date":"2016-07-11T00:00:00Z","advisories":["RHSA-2016:1847","RHSA-2016:1875"],"bugzilla":"1355650","bugzilla_description":"CVE-2016-6197 kernel: overlayfs: missing upper dentry verification before unlink and rename","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-362","affected_packages":["kernel-0:3.10.0-327.36.1.el7","kernel-rt-0:3.10.0-327.36.1.rt56.237.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6197.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-6198","severity":"moderate","public_date":"2016-07-11T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2584","RHSA-2016:1847","RHSA-2016:1875"],"bugzilla":"1355654","bugzilla_description":"CVE-2016-6198 kernel: vfs: missing detection of hardlinks in vfs_rename() on overlayfs","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-362","affected_packages":["kernel-0:3.10.0-327.36.1.el7","kernel-rt-0:3.10.0-327.36.1.rt56.237.el7","kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6198.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-6187","severity":"important","public_date":"2016-07-08T00:00:00Z","advisories":[],"bugzilla":"1354383","bugzilla_description":"CVE-2016-6187 kernel: apparmor: Potential privilege escalation via oops in apparmor_setprocattr()","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":"CWE-131","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6187.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-6156","severity":"moderate","public_date":"2016-07-04T00:00:00Z","advisories":[],"bugzilla":"1353490","bugzilla_description":"CVE-2016-6156 kernel: Race condition vulnerability in Chrome driver","cvss_score":3.3,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:P","CWE":"CWE-362","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6156.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H","cvss3_score":"5.3"},{"CVE":"CVE-2016-6136","severity":"moderate","public_date":"2016-07-04T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2584","RHSA-2017:0307"],"bugzilla":"1353533","bugzilla_description":"CVE-2016-6136 kernel: Race condition vulnerability in execve argv arguments","cvss_score":3.3,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:P","CWE":"CWE-362","affected_packages":["kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:2.6.32-642.15.1.el6","kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6136.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H","cvss3_score":"5.3"},{"CVE":"CVE-2016-7911","severity":"moderate","public_date":"2016-07-01T00:00:00Z","advisories":[],"bugzilla":"1399722","bugzilla_description":"CVE-2016-7911 kernel: Use after free in sys_ioprio_get()","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7911.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2016-5829","severity":"moderate","public_date":"2016-06-25T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2584","RHSA-2016:2006"],"bugzilla":"1350509","bugzilla_description":"CVE-2016-5829 kernel: Heap buffer overflow in hiddev driver","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":"CWE-122","affected_packages":["kernel-0:2.6.32-642.6.1.el6","kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5829.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2016-5828","severity":"moderate","public_date":"2016-06-24T00:00:00Z","advisories":["RHSA-2016:2574"],"bugzilla":"1349917","bugzilla_description":"CVE-2016-5828 Kernel: powerpc: tm: crash via exec system call on PPC","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5828.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-1237","severity":"important","public_date":"2016-06-24T00:00:00Z","advisories":[],"bugzilla":"1350845","bugzilla_description":"CVE-2016-1237 kernel: Missing check for permissions when setting ACL","cvss_score":7.2,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","CWE":"CWE-863","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1237.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2016-1583","severity":"important","public_date":"2016-06-10T00:00:00Z","advisories":["RHSA-2016:2124","RHSA-2017:2760","RHSA-2016:2766"],"bugzilla":"1344721","bugzilla_description":"CVE-2016-1583 kernel: Stack overflow via ecryptfs and /proc/$pid/environ","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":"CWE-121","affected_packages":["kernel-0:2.6.32-573.47.1.el6","kernel-0:2.6.18-416.el5","kernel-0:2.6.32-642.11.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1583.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2016-5243","severity":"low","public_date":"2016-06-03T00:00:00Z","advisories":[],"bugzilla":"1343335","bugzilla_description":"CVE-2016-5243 kernel: Information leak in tipc_nl_compat_link_dump","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5243.json"},{"CVE":"CVE-2016-5244","severity":"low","public_date":"2016-06-03T00:00:00Z","advisories":[],"bugzilla":"1343337","bugzilla_description":"CVE-2016-5244 kernel: Information leak in rds_inc_info_copy","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5244.json"},{"CVE":"CVE-2016-2143","severity":"moderate","public_date":"2016-06-01T00:00:00Z","advisories":["RHSA-2016:1539","RHSA-2016:2766"],"bugzilla":"1308908","bugzilla_description":"CVE-2016-2143 kernel: Fork of large process causes memory corruption","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-119","affected_packages":["kernel-0:3.10.0-327.28.2.el7","kernel-0:2.6.32-642.11.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2143.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2016-4440","severity":"moderate","public_date":"2016-05-18T00:00:00Z","advisories":[],"bugzilla":"1337806","bugzilla_description":"CVE-2016-4440 Kernel: kvm: vmx: incorrect state update leading to MSR access","cvss_score":5.5,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:P/I:P/A:C","CWE":"CWE-284","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4440.json"},{"CVE":"CVE-2016-3713","severity":"moderate","public_date":"2016-05-16T00:00:00Z","advisories":[],"bugzilla":"1332139","bugzilla_description":"CVE-2016-3713 kernel: kvm: out-of-bounds access in set_var_mtrr_msr","cvss_score":5.5,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:P/I:P/A:C","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3713.json"},{"CVE":"CVE-2016-4951","severity":"moderate","public_date":"2016-05-16T00:00:00Z","advisories":[],"bugzilla":"1338625","bugzilla_description":"CVE-2016-4951 kernel: Null pointer dereference in tipc_nl_publ_dump","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4951.json"},{"CVE":"CVE-2014-8181","severity":"low","public_date":"2016-05-13T00:00:00Z","advisories":[],"bugzilla":"1335817","bugzilla_description":"CVE-2014-8181 kernel: scsi: do not fill dirty page content in the SG_IO buffer","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-665","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8181.json"},{"CVE":"CVE-2016-9754","severity":"important","public_date":"2016-05-13T00:00:00Z","advisories":[],"bugzilla":"1410370","bugzilla_description":"CVE-2016-9754 kernel: Integer overflow in ring_buffer_resize()","cvss_score":7.2,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9754.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2016-3070","severity":"low","public_date":"2016-05-10T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2584"],"bugzilla":"1308846","bugzilla_description":"CVE-2016-3070 kernel: Null pointer dereference in trace_writeback_dirty_page()","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":["kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3070.json"},{"CVE":"CVE-2016-4569","severity":"low","public_date":"2016-05-08T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2584"],"bugzilla":"1334643","bugzilla_description":"CVE-2016-4569 kernel: Information leak in Linux sound module in timer.c","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-665","affected_packages":["kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4569.json"},{"CVE":"CVE-2016-4580","severity":"low","public_date":"2016-05-08T00:00:00Z","advisories":[],"bugzilla":"1338756","bugzilla_description":"CVE-2016-4580 kernel: Information leak in x25 module","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-665","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4580.json"},{"CVE":"CVE-2016-4568","severity":"low","public_date":"2016-05-07T00:00:00Z","advisories":[],"bugzilla":"1334316","bugzilla_description":"CVE-2016-4568 kernel: videobuf2-v412: Planes array amount not verified in buffer dequeueing","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4568.json"},{"CVE":"CVE-2016-4581","severity":"moderate","public_date":"2016-05-05T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2584"],"bugzilla":"1333712","bugzilla_description":"CVE-2016-4581 kernel: Slave being first propagated copy causes oops in propagate_mnt","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":["kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4581.json"},{"CVE":"CVE-2016-4913","severity":"low","public_date":"2016-05-05T00:00:00Z","advisories":["RHSA-2018:3096","RHSA-2018:3083"],"bugzilla":"1337528","bugzilla_description":"CVE-2016-4913 kernel: Information leak when handling NM entries containing NUL","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":["kernel-rt-0:3.10.0-957.rt56.910.el7","kernel-0:3.10.0-957.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4913.json"},{"CVE":"CVE-2016-4485","severity":"low","public_date":"2016-05-04T00:00:00Z","advisories":[],"bugzilla":"1333309","bugzilla_description":"CVE-2016-4485 kernel: Information leak in llc module","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4485.json"},{"CVE":"CVE-2016-4486","severity":"low","public_date":"2016-05-04T00:00:00Z","advisories":[],"bugzilla":"1333316","bugzilla_description":"CVE-2016-4486 kernel: Information leak in rtnetlink","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4486.json"},{"CVE":"CVE-2016-4482","severity":"low","public_date":"2016-05-03T00:00:00Z","advisories":[],"bugzilla":"1332931","bugzilla_description":"CVE-2016-4482 kernel: information leak in devio.c","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-665","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4482.json"},{"CVE":"CVE-2016-4578","severity":"low","public_date":"2016-05-03T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2584"],"bugzilla":"1335215","bugzilla_description":"CVE-2016-4578 kernel: Information leak in events in timer.c","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-665","affected_packages":["kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4578.json"},{"CVE":"CVE-2016-4558","severity":"important","public_date":"2016-04-28T00:00:00Z","advisories":[],"bugzilla":"1334303","bugzilla_description":"CVE-2016-4558 kernel: bpf: refcnt overflow","cvss_score":7.2,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4558.json"},{"CVE":"CVE-2016-5728","severity":"moderate","public_date":"2016-04-27T00:00:00Z","advisories":[],"bugzilla":"1350811","bugzilla_description":"CVE-2016-5728 kernel: Race condition vulnerability in VOP driver","cvss_score":3.3,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:P","CWE":"CWE-362","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5728.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H","cvss3_score":"5.3"},{"CVE":"CVE-2016-4557","severity":"important","public_date":"2016-04-26T00:00:00Z","advisories":[],"bugzilla":"1334307","bugzilla_description":"CVE-2016-4557 kernel: Use after free vulnerability via double fdput","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4557.json"},{"CVE":"CVE-2016-6130","severity":"low","public_date":"2016-04-25T00:00:00Z","advisories":[],"bugzilla":"1352558","bugzilla_description":"CVE-2016-6130 kernel: Race condition in sclp_ctl_ioctl_sccb function leads to information leak","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-367","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6130.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"2.2"},{"CVE":"CVE-2016-3695","severity":"low","public_date":"2016-04-20T00:00:00Z","advisories":[],"bugzilla":"1322755","bugzilla_description":"CVE-2016-3695 kernel: Error injection via EINJ is allowed when securelevel is enabled","cvss_score":1.7,"cvss_scoring_vector":"AV:L/AC:L/Au:S/C:N/I:N/A:P","CWE":"CWE-358","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3695.json"},{"CVE":"CVE-2016-4794","severity":"moderate","public_date":"2016-04-17T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2584"],"bugzilla":"1335889","bugzilla_description":"CVE-2016-4794 kernel: Use after free in array_map_alloc","cvss_score":7.2,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","CWE":"CWE-416","affected_packages":["kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4794.json"},{"CVE":"CVE-2016-9794","severity":"moderate","public_date":"2016-04-14T00:00:00Z","advisories":["RHSA-2016:2574"],"bugzilla":"1401494","bugzilla_description":"CVE-2016-9794 kernel: ALSA: Use-after-free in kill_fasync","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-416","affected_packages":["kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9794.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-7912","severity":"moderate","public_date":"2016-04-14T00:00:00Z","advisories":[],"bugzilla":"1403747","bugzilla_description":"CVE-2016-7912 kernel: media: use-after-free in USB gadget driver","cvss_score":9.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:C/I:C/A:C","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7912.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2015-8844","severity":"moderate","public_date":"2016-04-13T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2584"],"bugzilla":"1326540","bugzilla_description":"CVE-2015-8845 CVE-2015-8844 kernel: incorrect restoration of machine specific registers from userspace","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:N/I:N/A:C","CWE":"CWE-772","affected_packages":["kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8844.json"},{"CVE":"CVE-2015-8845","severity":"moderate","public_date":"2016-04-13T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2584"],"bugzilla":"1326540","bugzilla_description":"CVE-2015-8845 CVE-2015-8844 kernel: incorrect restoration of machine specific registers from userspace","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:N/I:N/A:C","CWE":"CWE-772","affected_packages":["kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8845.json"},{"CVE":"CVE-2016-3672","severity":"low","public_date":"2016-04-06T00:00:00Z","advisories":["RHSA-2018:1062","RHSA-2018:0676"],"bugzilla":"1324749","bugzilla_description":"CVE-2016-3672 kernel: unlimiting the stack disables ASLR","cvss_score":4.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","CWE":"CWE-341","affected_packages":["kernel-rt-0:3.10.0-862.rt56.804.el7","kernel-0:3.10.0-862.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3672.json"},{"CVE":"CVE-2016-7914","severity":"moderate","public_date":"2016-04-06T00:00:00Z","advisories":["RHSA-2016:2574"],"bugzilla":"1404939","bugzilla_description":"CVE-2016-7914 kernel: assoc_array: don't call compare_object() on a node","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:N/A:N","CWE":"(CWE-125|CWE-476)","affected_packages":["kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7914.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"6.2"},{"CVE":"CVE-2016-2187","severity":"low","public_date":"2016-03-21T00:00:00Z","advisories":[],"bugzilla":"1317017","bugzilla_description":"CVE-2016-2187 kernel: Kernel panic on invalid USB device descriptor (gtco driver)","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2187.json"},{"CVE":"CVE-2016-3689","severity":"low","public_date":"2016-03-17T00:00:00Z","advisories":[],"bugzilla":"1320060","bugzilla_description":"CVE-2016-3689 kernel: denial of service via malicious device using ims-pcu driver","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3689.json"},{"CVE":"CVE-2016-3955","severity":"important","public_date":"2016-03-17T00:00:00Z","advisories":[],"bugzilla":"1328478","bugzilla_description":"CVE-2016-3955 Kernel: usbip: buffer overflow by trusting length of incoming packets","cvss_score":7.0,"cvss_scoring_vector":"AV:N/AC:M/Au:S/C:N/I:P/A:C","CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3955.json"},{"CVE":"CVE-2016-2117","severity":"low","public_date":"2016-03-16T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2584"],"bugzilla":"1312298","bugzilla_description":"CVE-2016-2117 kernel: Kernel memory leakage to ethernet frames due to buffer overflow in ethernet drivers","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","CWE":"CWE-120","affected_packages":["kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2117.json"},{"CVE":"CVE-2016-4805","severity":"low","public_date":"2016-03-16T00:00:00Z","advisories":[],"bugzilla":"1335803","bugzilla_description":"CVE-2016-4805 kernel: Use after free vulnerability in ppp_unregister_channel","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4805.json"},{"CVE":"CVE-2016-3156","severity":"moderate","public_date":"2016-03-15T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2584"],"bugzilla":"1318172","bugzilla_description":"CVE-2016-3156 kernel: ipv4: denial of service when destroying a network interface","cvss_score":1.7,"cvss_scoring_vector":"AV:L/AC:L/Au:S/C:N/I:N/A:P","CWE":"CWE-400","affected_packages":["kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3156.json"},{"CVE":"CVE-2016-2184","severity":"low","public_date":"2016-03-14T00:00:00Z","advisories":[],"bugzilla":"1317012","bugzilla_description":"CVE-2016-2184 kernel: Kernel panic on invalid USB device descriptor (snd_usb_audio driver)","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"(CWE-476|CWE-416)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2184.json"},{"CVE":"CVE-2016-2185","severity":"low","public_date":"2016-03-14T00:00:00Z","advisories":[],"bugzilla":"1317014","bugzilla_description":"CVE-2016-2185 kernel: Kernel panic on invalid USB device descriptor (ati_remote2 driver)","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2185.json"},{"CVE":"CVE-2016-2186","severity":"low","public_date":"2016-03-14T00:00:00Z","advisories":[],"bugzilla":"1317015","bugzilla_description":"CVE-2016-2186 kernel: Kernel panic on invalid USB device descriptor (powermate driver)","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2186.json"},{"CVE":"CVE-2016-2188","severity":"low","public_date":"2016-03-14T00:00:00Z","advisories":[],"bugzilla":"1317018","bugzilla_description":"CVE-2016-2188 kernel: Kernel panic on invalid USB device descriptor (iowarrior driver)","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2188.json"},{"CVE":"CVE-2017-8281","severity":"important","public_date":"2016-03-14T00:00:00Z","advisories":[],"bugzilla":"1489092","bugzilla_description":"CVE-2017-8281 kernel: use after free in the recvmmsg exit path","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8281.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2016-3135","severity":"low","public_date":"2016-03-10T00:00:00Z","advisories":[],"bugzilla":"1317386","bugzilla_description":"CVE-2016-3135 kernel: netfilter: size overflow in x_tables","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3135.json"},{"CVE":"CVE-2016-3138","severity":"low","public_date":"2016-03-09T00:00:00Z","advisories":[],"bugzilla":"1316204","bugzilla_description":"CVE-2016-3138 kernel: Crash on invalid USB device descriptors (cdc_acm driver)","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3138.json"},{"CVE":"CVE-2016-3139","severity":"low","public_date":"2016-03-09T00:00:00Z","advisories":[],"bugzilla":"1316993","bugzilla_description":"CVE-2016-3139 kernel: Crash on invalid USB device descriptors (wacom driver)","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3139.json"},{"CVE":"CVE-2016-3140","severity":"low","public_date":"2016-03-09T00:00:00Z","advisories":[],"bugzilla":"1316995","bugzilla_description":"CVE-2016-3140 kernel: Crash on invalid USB device descriptors (digi_acceleport driver)","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3140.json"},{"CVE":"CVE-2016-3137","severity":"low","public_date":"2016-03-09T00:00:00Z","advisories":[],"bugzilla":"1316996","bugzilla_description":"CVE-2016-3137 kernel: Crash on invalid USB device descriptors (cypress_m8 driver)","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3137.json"},{"CVE":"CVE-2016-3136","severity":"low","public_date":"2016-03-09T00:00:00Z","advisories":[],"bugzilla":"1317007","bugzilla_description":"CVE-2016-3136 kernel: Crash on invalid USB device descriptors (mct_u232 driver)","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3136.json"},{"CVE":"CVE-2016-3699","severity":"low","public_date":"2016-03-05T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2584"],"bugzilla":"1329653","bugzilla_description":"CVE-2016-3699 kernel: ACPI table override allowed when securelevel is enabled","cvss_score":3.3,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:P/A:P","CWE":"CWE-358","affected_packages":["kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3699.json"},{"CVE":"CVE-2016-3951","severity":"low","public_date":"2016-03-04T00:00:00Z","advisories":[],"bugzilla":"1324782","bugzilla_description":"CVE-2016-3951 kernel: crash on invalid USB device descriptors (usbnet driver)","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3951.json"},{"CVE":"CVE-2015-1339","severity":"low","public_date":"2016-03-02T00:00:00Z","advisories":[],"bugzilla":"1314331","bugzilla_description":"CVE-2015-1339 kernel: Memory exhaustion via CUSE driver","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1339.json"},{"CVE":"CVE-2015-8816","severity":"low","public_date":"2016-02-23T00:00:00Z","advisories":[],"bugzilla":"1311589","bugzilla_description":"CVE-2015-8816 kernel: USB hub invalid memory access in hub_activate()","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8816.json"},{"CVE":"CVE-2016-2550","severity":"moderate","public_date":"2016-02-22T00:00:00Z","advisories":[],"bugzilla":"1311517","bugzilla_description":"CVE-2016-2550 kernel: incorrectly accounted in-flight fds","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2550.json"},{"CVE":"CVE-2016-2384","severity":"low","public_date":"2016-02-14T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2584","RHSA-2017:0817"],"bugzilla":"1308444","bugzilla_description":"CVE-2016-2384 kernel: double-free in usb-audio triggered by invalid USB descriptor","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-416","affected_packages":["kernel-0:2.6.32-696.el6","kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2384.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-2383","severity":"low","public_date":"2016-02-14T00:00:00Z","advisories":[],"bugzilla":"1308452","bugzilla_description":"CVE-2016-2383 kernel: incorrect branch fixups for eBPG allow arbitrary read","cvss_score":1.7,"cvss_scoring_vector":"AV:L/AC:L/Au:S/C:P/I:N/A:N","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2383.json"},{"CVE":"CVE-2016-2085","severity":"moderate","public_date":"2016-02-11T00:00:00Z","advisories":[],"bugzilla":"1324867","bugzilla_description":"CVE-2016-2085 kernel: timing side channel vulnerability in the Linux Extended Verification Module","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:C/A:N","CWE":"CWE-385","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2085.json"},{"CVE":"CVE-2017-13167","severity":"moderate","public_date":"2016-02-09T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2584","RHSA-2017:0113"],"bugzilla":"1568821","bugzilla_description":"CVE-2017-13167 kernel: sound: a race condition in the kernel sound timer in snd_timer_user_read()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":["kernel-rt-1:3.10.0-514.rt56.210.el6rt","kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13167.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L","cvss3_score":"3.6"},{"CVE":"CVE-2018-9422","severity":null,"public_date":"2016-02-09T00:00:00Z","advisories":[],"bugzilla":"1604217","bugzilla_description":"CVE-2018-9422 kernel: Elevation of Privilege in futex","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9422.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.5"},{"CVE":"CVE-2016-0617","severity":"moderate","public_date":"2016-02-08T00:00:00Z","advisories":[],"bugzilla":"1305803","bugzilla_description":"CVE-2016-0617 kernel: hugetlbfs: fix bugs in hugetlb_vmtruncate_list()","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-772","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0617.json"},{"CVE":"CVE-2016-7917","severity":"low","public_date":"2016-02-02T00:00:00Z","advisories":[],"bugzilla":"1406358","bugzilla_description":"CVE-2016-7917 kernel: netfilter: nfnetlink: correctly validate length of batch messages","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-125->CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7917.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"5.0"},{"CVE":"CVE-2015-8950","severity":"low","public_date":"2016-01-28T00:00:00Z","advisories":[],"bugzilla":"1383382","bugzilla_description":"CVE-2015-8950 kernel: Missing cleaning of allocated buffers","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-456","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8950.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2016-2053","severity":"moderate","public_date":"2016-01-25T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2584"],"bugzilla":"1300237","bugzilla_description":"CVE-2016-2053 kernel: Kernel panic and system lockup by triggering BUG_ON() in public_key_verify_signature()","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-228","affected_packages":["kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2053.json"},{"CVE":"CVE-2016-2069","severity":"moderate","public_date":"2016-01-25T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2584","RHSA-2017:0817"],"bugzilla":"1301893","bugzilla_description":"CVE-2016-2069 kernel: race condition in the TLB flush logic","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-266","affected_packages":["kernel-0:2.6.32-696.el6","kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2069.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"4.9"},{"CVE":"CVE-2013-4312","severity":"moderate","public_date":"2016-01-19T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2584","RHSA-2016:0855"],"bugzilla":"1297813","bugzilla_description":"CVE-2013-4312 kernel: File descriptors passed over unix sockets are not properly accounted","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-400","affected_packages":["kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:3.10.0-514.el7","kernel-0:2.6.32-642.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4312.json"},{"CVE":"CVE-2016-2543","severity":"low","public_date":"2016-01-19T00:00:00Z","advisories":[],"bugzilla":"1311554","bugzilla_description":"CVE-2016-2543 kernel: sound: GPF in snd_seq_fifo_clear","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2543.json"},{"CVE":"CVE-2016-2544","severity":"low","public_date":"2016-01-19T00:00:00Z","advisories":[],"bugzilla":"1311558","bugzilla_description":"CVE-2016-2544 kernel: sound: use-after-free in snd_timer_stop","cvss_score":5.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:P/A:C","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2544.json"},{"CVE":"CVE-2016-2545","severity":"low","public_date":"2016-01-19T00:00:00Z","advisories":[],"bugzilla":"1311560","bugzilla_description":"CVE-2016-2545 kernel: sound: use-after-free in snd_timer_interrupt","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2545.json"},{"CVE":"CVE-2016-2546","severity":"moderate","public_date":"2016-01-19T00:00:00Z","advisories":[],"bugzilla":"1311564","bugzilla_description":"CVE-2016-2546 kernel: sound: GPF in snd_timer_user_params","cvss_score":5.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:P/A:C","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2546.json"},{"CVE":"CVE-2016-2547","severity":"moderate","public_date":"2016-01-19T00:00:00Z","advisories":[],"bugzilla":"1311566","bugzilla_description":"CVE-2016-2547 kernel: sound: use-after-free in snd_timer_user_ioctl","cvss_score":5.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:P/A:C","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2547.json"},{"CVE":"CVE-2016-2548","severity":null,"public_date":"2016-01-19T00:00:00Z","advisories":[],"bugzilla":"1311568","bugzilla_description":"CVE-2016-2548 kernel: sound: linked lists of slave instances not unlinked immediately","cvss_score":5.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:P/A:C","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2548.json"},{"CVE":"CVE-2016-2549","severity":"low","public_date":"2016-01-19T00:00:00Z","advisories":[],"bugzilla":"1311570","bugzilla_description":"CVE-2016-2549 kernel: sound: spinlock lockup in sound/core/timer.c","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-667","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2549.json"},{"CVE":"CVE-2016-7915","severity":"low","public_date":"2016-01-19T00:00:00Z","advisories":["RHSA-2016:2574"],"bugzilla":"1404733","bugzilla_description":"CVE-2016-7915 kernel: HID: core: prevent out-of-bound readings","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-125","affected_packages":["kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7915.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"2.1"},{"CVE":"CVE-2016-7916","severity":"low","public_date":"2016-01-19T00:00:00Z","advisories":[],"bugzilla":"1406085","bugzilla_description":"CVE-2016-7916 kernel: proc: prevent accessing /proc//environ until it's ready","cvss_score":1.5,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:P/I:N/A:N","CWE":"CWE-362","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7916.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"2.3"},{"CVE":"CVE-2016-2782","severity":"low","public_date":"2016-01-12T00:00:00Z","advisories":[],"bugzilla":"1312670","bugzilla_description":"CVE-2016-2782 kernel: visor: crash on invalid USB device descriptors in treo_attach() in visor driver","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2782.json"},{"CVE":"CVE-2015-7566","severity":"low","public_date":"2016-01-11T00:00:00Z","advisories":[],"bugzilla":"1296466","bugzilla_description":"CVE-2015-7566 kernel: Crash on invalid USB device descriptors in visor driver","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7566.json"},{"CVE":"CVE-2015-8963","severity":"moderate","public_date":"2016-01-06T00:00:00Z","advisories":[],"bugzilla":"1411245","bugzilla_description":"CVE-2015-8963 kernel: Race condition on CPU unplug leading to use-after-free","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8963.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2015-7513","severity":"moderate","public_date":"2016-01-05T00:00:00Z","advisories":[],"bugzilla":"1284847","bugzilla_description":"CVE-2015-7513 Kernel: kvm: divide by zero issue leads to DoS","cvss_score":4.3,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:N/I:N/A:C","CWE":"CWE-369","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7513.json"},{"CVE":"CVE-2016-10229","severity":"important","public_date":"2015-12-30T00:00:00Z","advisories":[],"bugzilla":"1439740","bugzilla_description":"CVE-2016-10229 kernel: net: Unsafe second checksum calculation in udp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-662","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10229.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2015-8966","severity":"low","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1403817","bugzilla_description":"CVE-2015-8966 kernel: Local privileges escalation via crafted F_OFD_GETLK/F_OFD_SETLK/F_OFD_SETLKW commands","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-284","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8966.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-2847","severity":"moderate","public_date":"2015-12-28T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2584","RHSA-2017:0217"],"bugzilla":"1313428","bugzilla_description":"CVE-2016-2847 kernel: pipe: limit the per-user amount of pages allocated in pipes","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-400","affected_packages":["kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:3.10.0-514.el7","kernel-0:3.10.0-327.46.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2847.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-2070","severity":"moderate","public_date":"2015-12-21T00:00:00Z","advisories":[],"bugzilla":"1302219","bugzilla_description":"CVE-2016-2070 kernel: potential division by zero in TCP code","cvss_score":5.4,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:C","CWE":"CWE-369","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2070.json"},{"CVE":"CVE-2015-8575","severity":"low","public_date":"2015-12-16T00:00:00Z","advisories":[],"bugzilla":"1292840","bugzilla_description":"CVE-2015-8575 kernel: information leak in sco_sock_bind()","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8575.json"},{"CVE":"CVE-2015-7553","severity":"moderate","public_date":"2015-12-15T00:00:00Z","advisories":["RHSA-2015:2152"],"bugzilla":"1288934","bugzilla_description":"CVE-2015-7553 kernel: nfnetlink race in NETLINK_NFLOG socket creation","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-362","affected_packages":["kernel-0:3.10.0-327.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7553.json"},{"CVE":"CVE-2015-8569","severity":"low","public_date":"2015-12-14T00:00:00Z","advisories":[],"bugzilla":"1292045","bugzilla_description":"CVE-2015-8569 kernel: Information leak from getsockname","cvss_score":1.7,"cvss_scoring_vector":"AV:L/AC:L/Au:S/C:P/I:N/A:N","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8569.json"},{"CVE":"CVE-2017-0750","severity":"moderate","public_date":"2015-12-14T00:00:00Z","advisories":[],"bugzilla":"1564028","bugzilla_description":"CVE-2017-0750 kernel: Out-of-bounds write in f2fs allows code execution when mounted malicious file system","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0750.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2015-8709","severity":"important","public_date":"2015-12-12T00:00:00Z","advisories":[],"bugzilla":"1295287","bugzilla_description":"CVE-2015-8709 Kernel: ptrace: potential privilege escalation in user namespaces","cvss_score":6.0,"cvss_scoring_vector":"AV:L/AC:H/Au:S/C:C/I:C/A:C","CWE":"CWE-271","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8709.json"},{"CVE":"CVE-2015-7550","severity":"moderate","public_date":"2015-12-10T00:00:00Z","advisories":[],"bugzilla":"1291197","bugzilla_description":"CVE-2015-7550 kernel: User triggerable crash from race between key read and rey revoke","cvss_score":4.6,"cvss_scoring_vector":"AV:L/AC:L/Au:S/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7550.json"},{"CVE":"CVE-2015-8543","severity":"moderate","public_date":"2015-12-09T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2584","RHSA-2016:0855"],"bugzilla":"1290475","bugzilla_description":"CVE-2015-8543 kernel: IPv6 connect causes DoS via NULL pointer dereference","cvss_score":4.6,"cvss_scoring_vector":"AV:L/AC:L/Au:S/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":["kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:3.10.0-514.el7","kernel-0:2.6.32-642.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8543.json"},{"CVE":"CVE-2015-8338","severity":"important","public_date":"2015-12-08T00:00:00Z","advisories":[],"bugzilla":"1284911","bugzilla_description":"CVE-2015-8338 xen: Long running memory operations on ARM cause DoS","cvss_score":6.3,"cvss_scoring_vector":"AV:N/AC:M/Au:S/C:N/I:N/A:C","CWE":"CWE-667","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8338.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.2"},{"CVE":"CVE-2015-1142857","severity":"low","public_date":"2015-12-03T00:00:00Z","advisories":[],"bugzilla":"1295480","bugzilla_description":"kernel: net: ethernet flow control vulnerability in SRIOV devices","cvss_score":4.3,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1142857.json"},{"CVE":"CVE-2015-8787","severity":"moderate","public_date":"2015-12-02T00:00:00Z","advisories":[],"bugzilla":"1300731","bugzilla_description":"CVE-2015-8787 kernel: Missing NULL pointer check in nf_nat_redirect_ipv4","cvss_score":5.4,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8787.json"},{"CVE":"CVE-2016-0723","severity":"moderate","public_date":"2015-11-27T00:00:00Z","advisories":[],"bugzilla":"1296253","bugzilla_description":"CVE-2016-0723 kernel: Kernel memory disclosure and crash in tty layer","cvss_score":5.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:C","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0723.json"},{"CVE":"CVE-2015-8964","severity":"low","public_date":"2015-11-27T00:00:00Z","advisories":[],"bugzilla":"1404655","bugzilla_description":"CVE-2015-8964 kernel: tty: Prevent ldisc drivers from re-using stale tty fields","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8964.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2015-7515","severity":"low","public_date":"2015-11-25T00:00:00Z","advisories":[],"bugzilla":"1285326","bugzilla_description":"CVE-2015-7515 kernel: aiptek: crash on invalid USB device descriptors","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7515.json"},{"CVE":"CVE-2015-7509","severity":"low","public_date":"2015-11-24T00:00:00Z","advisories":["RHSA-2016:0855"],"bugzilla":"1259222","bugzilla_description":"CVE-2015-7509 kernel: Mounting ext2 fs e2fsprogs/tests/f_orphan as ext4 crashes system","cvss_score":6.0,"cvss_scoring_vector":"AV:L/AC:H/Au:S/C:C/I:C/A:C","CWE":"CWE-250","affected_packages":["kernel-0:2.6.32-642.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7509.json"},{"CVE":"CVE-2015-8324","severity":"low","public_date":"2015-11-23T00:00:00Z","advisories":["RHSA-2016:0855"],"bugzilla":"1267261","bugzilla_description":"CVE-2015-8324 kernel: Null pointer dereference when mounting ext4","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":["kernel-0:2.6.32-642.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8324.json"},{"CVE":"CVE-2015-5307","severity":"important","public_date":"2015-11-10T00:00:00Z","advisories":["RHSA-2016:0046","RHSA-2016:0024","RHSA-2015:2552","RHSA-2015:2587","RHSA-2015:2645","RHSA-2015:2636","RHSA-2016:0004"],"bugzilla":"1277172","bugzilla_description":"CVE-2015-5307 virt: guest to host DoS by triggering an infinite loop in microcode via #AC exception","cvss_score":5.2,"cvss_scoring_vector":"AV:A/AC:M/Au:S/C:N/I:N/A:C","CWE":"CWE-835","affected_packages":["kernel-0:2.6.32-431.68.1.el6","kernel-0:3.10.0-229.24.2.ael7b","kernel-0:2.6.32-504.40.1.el6","kernel-0:3.10.0-327.3.1.el7","kernel-0:2.6.32-358.69.1.el6","kernel-0:2.6.32-220.65.1.el6","kernel-0:2.6.32-573.12.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5307.json"},{"CVE":"CVE-2015-8104","severity":"important","public_date":"2015-11-10T00:00:00Z","advisories":["RHSA-2016:0046","RHSA-2016:0024","RHSA-2015:2552","RHSA-2015:2645","RHSA-2015:2636","RHSA-2016:0004","RHSA-2016:0103"],"bugzilla":"1278496","bugzilla_description":"CVE-2015-8104 virt: guest to host DoS by triggering an infinite loop in microcode via #DB exception","cvss_score":5.2,"cvss_scoring_vector":"AV:A/AC:M/Au:S/C:N/I:N/A:C","CWE":"CWE-835","affected_packages":["kernel-0:2.6.32-431.68.1.el6","kernel-0:2.6.32-504.40.1.el6","kernel-0:3.10.0-327.3.1.el7","kernel-0:2.6.32-358.69.1.el6","kernel-0:2.6.32-220.65.1.el6","kernel-0:3.10.0-229.26.2.el7","kernel-0:2.6.32-573.12.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8104.json"},{"CVE":"CVE-2015-8962","severity":"moderate","public_date":"2015-11-03T00:00:00Z","advisories":[],"bugzilla":"1400457","bugzilla_description":"CVE-2015-8962 kernel: Double free vulnerability in SCSI driver","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8962.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2015-8019","severity":"moderate","public_date":"2015-10-27T00:00:00Z","advisories":[],"bugzilla":"1276588","bugzilla_description":"CVE-2015-8019 kernel: net: buffer overflow when copying data from skbuff to userspace","cvss_score":7.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:C","CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8019.json"},{"CVE":"CVE-2015-7884","severity":"low","public_date":"2015-10-21T00:00:00Z","advisories":[],"bugzilla":"1274726","bugzilla_description":"CVE-2015-7884 kernel: media/vivid-osd: information leak in ioctl","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7884.json"},{"CVE":"CVE-2015-7885","severity":"low","public_date":"2015-10-21T00:00:00Z","advisories":[],"bugzilla":"1274728","bugzilla_description":"CVE-2015-7885 kernel: staging/dgnc: information leak in ioctl","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7885.json"},{"CVE":"CVE-2015-8961","severity":"moderate","public_date":"2015-10-18T00:00:00Z","advisories":[],"bugzilla":"1399711","bugzilla_description":"CVE-2015-8961 kernel: Use after free in __ext4_journal_stop","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8961.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2015-8374","severity":"moderate","public_date":"2015-10-16T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2584"],"bugzilla":"1286261","bugzilla_description":"CVE-2015-8374 kernel: Information leak when truncating of compressed/inlined extents on BTRFS","cvss_score":3.5,"cvss_scoring_vector":"AV:N/AC:M/Au:S/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":["kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8374.json"},{"CVE":"CVE-2013-7445","severity":"moderate","public_date":"2015-10-15T00:00:00Z","advisories":[],"bugzilla":"1272995","bugzilla_description":"CVE-2013-7445 kernel: memory exhaustion via crafted Graphics Execution Manager (GEM) objects","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7445.json"},{"CVE":"CVE-2015-8785","severity":"low","public_date":"2015-10-12T00:00:00Z","advisories":[],"bugzilla":"1290642","bugzilla_description":"CVE-2015-8785 kernel: fuse: possible denial of service in fuse_fill_write_pages()","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8785.json"},{"CVE":"CVE-2015-7833","severity":"low","public_date":"2015-10-08T00:00:00Z","advisories":[],"bugzilla":"1270158","bugzilla_description":"CVE-2015-7833 kernel: usbvision: crash on invalid USB device descriptors","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7833.json"},{"CVE":"CVE-2015-7799","severity":"low","public_date":"2015-10-08T00:00:00Z","advisories":[],"bugzilla":"1271134","bugzilla_description":"CVE-2015-7799 kernel: net: slip: crash when using PPP character device driver","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7799.json"},{"CVE":"CVE-2015-5283","severity":"moderate","public_date":"2015-09-22T00:00:00Z","advisories":["RHSA-2015:2152","RHSA-2015:2411"],"bugzilla":"1257528","bugzilla_description":"CVE-2015-5283 kernel: Creating multiple sockets when SCTP module isn't loaded leads to kernel panic","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-476->CWE-665","affected_packages":["kernel-0:3.10.0-327.el7","kernel-rt-0:3.10.0-327.rt56.204.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5283.json"},{"CVE":"CVE-2015-6937","severity":"moderate","public_date":"2015-09-14T00:00:00Z","advisories":[],"bugzilla":"1263139","bugzilla_description":"CVE-2015-6937 kernel: net: rds: NULL pointer dereference in net/rds/connection.c","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6937.json"},{"CVE":"CVE-2013-7446","severity":"moderate","public_date":"2015-09-10T00:00:00Z","advisories":[],"bugzilla":"1282688","bugzilla_description":"CVE-2013-7446 kernel: Unix sockets use after free - peer_wait_queue prematurely freed","cvss_score":4.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","CWE":"CWE-362","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7446.json"},{"CVE":"CVE-2016-0821","severity":"moderate","public_date":"2015-09-10T00:00:00Z","advisories":[],"bugzilla":"1317571","bugzilla_description":"CVE-2016-0821 kernel: Too big poison pointer space","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0821.json"},{"CVE":"CVE-2017-13715","severity":"important","public_date":"2015-09-01T00:00:00Z","advisories":[],"bugzilla":"1485246","bugzilla_description":"CVE-2017-13715 kernel: Use of uninitialized value in __skb_flow_dissect()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-456","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13715.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2015-8746","severity":"low","public_date":"2015-08-15T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2584"],"bugzilla":"1295802","bugzilla_description":"CVE-2015-8746 kernel: when NFSv4 migration is executed, kernel oops occurs at NFS client","cvss_score":3.8,"cvss_scoring_vector":"AV:L/AC:H/Au:S/C:N/I:N/A:C","CWE":"CWE-665","affected_packages":["kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8746.json"},{"CVE":"CVE-2015-6252","severity":"low","public_date":"2015-08-10T00:00:00Z","advisories":[],"bugzilla":"1251839","bugzilla_description":"CVE-2015-6252 kernel: vhost fd leak in ioctl VHOST_SET_LOG_FD","cvss_score":1.5,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:N/I:N/A:P","CWE":"CWE-665","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6252.json"},{"CVE":"CVE-2015-9016","severity":"moderate","public_date":"2015-08-09T00:00:00Z","advisories":[],"bugzilla":"1544700","bugzilla_description":"CVE-2015-9016 kernel: Race condition in block/blk-mq.c:blk_mq_tag_to_rq() can lead to kernel oops","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-9016.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2015-5156","severity":"moderate","public_date":"2015-08-06T00:00:00Z","advisories":["RHSA-2016:0855","RHSA-2015:1977","RHSA-2015:1978"],"bugzilla":"1243852","bugzilla_description":"CVE-2015-5156 kernel: buffer overflow with fraglist larger than MAX_SKB_FRAGS + 2 in virtio-net","cvss_score":6.8,"cvss_scoring_vector":"AV:A/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-122","affected_packages":["kernel-rt-0:3.10.0-229.20.1.rt56.141.14.el7_1","kernel-0:3.10.0-229.20.1.ael7b","kernel-0:2.6.32-642.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5156.json"},{"CVE":"CVE-2015-5697","severity":"low","public_date":"2015-07-25T00:00:00Z","advisories":[],"bugzilla":"1249011","bugzilla_description":"CVE-2015-5697 linux kernel: information leak in md driver","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-212","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5697.json"},{"CVE":"CVE-2015-3290","severity":"important","public_date":"2015-07-22T00:00:00Z","advisories":[],"bugzilla":"1243465","bugzilla_description":"CVE-2015-3290 kernel: x86: nested NMI handler and espfix64 interaction privilege escalation","cvss_score":7.2,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","CWE":"CWE-435","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3290.json"},{"CVE":"CVE-2015-3291","severity":"low","public_date":"2015-07-22T00:00:00Z","advisories":[],"bugzilla":"1243489","bugzilla_description":"CVE-2015-3291 kernel: x86/nmi: malicious userspace programs can cause the kernel to skip NMIs","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-440","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3291.json"},{"CVE":"CVE-2015-3288","severity":"low","public_date":"2015-07-06T00:00:00Z","advisories":["RHSA-2015:2152"],"bugzilla":"1333830","bugzilla_description":"CVE-2015-3288 kernel: zero page memory arbitrary modification","cvss_score":7.2,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","CWE":"CWE-391","affected_packages":["kernel-0:3.10.0-327.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3288.json"},{"CVE":"CVE-2015-4177","severity":"moderate","public_date":"2015-07-01T00:00:00Z","advisories":[],"bugzilla":"1248486","bugzilla_description":"CVE-2015-4177 kernel: Race conditions in collect_mounts","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:N/A:N","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4177.json"},{"CVE":"CVE-2015-4178","severity":"moderate","public_date":"2015-07-01T00:00:00Z","advisories":[],"bugzilla":"1249849","bugzilla_description":"CVE-2015-4178 kernel: list corruption of m_list or s_list if unused","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-665","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4178.json"},{"CVE":"CVE-2015-4700","severity":"important","public_date":"2015-06-23T00:00:00Z","advisories":["RHSA-2015:1788","RHSA-2015:1778"],"bugzilla":"1233615","bugzilla_description":"CVE-2015-4700 kernel: Crafted BPF filters may crash kernel during JIT optimisation","cvss_score":7.2,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","CWE":"CWE-665","affected_packages":["kernel-rt-0:3.10.0-229.14.1.rt56.141.13.el7_1","kernel-0:3.10.0-229.14.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4700.json"},{"CVE":"CVE-2015-4692","severity":"moderate","public_date":"2015-06-04T00:00:00Z","advisories":[],"bugzilla":"1230770","bugzilla_description":"CVE-2015-4692 kernel: kvm x86: NULL pointer dereference in kvm_apic_has_events function","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4692.json"},{"CVE":"CVE-2015-8956","severity":"low","public_date":"2015-05-14T00:00:00Z","advisories":["RHSA-2016:2574","RHSA-2016:2584"],"bugzilla":"1383395","bugzilla_description":"CVE-2015-8956 kernel: NULL dereference in RFCOMM bind callback","cvss_score":5.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:C","CWE":"CWE-476","affected_packages":["kernel-rt-0:3.10.0-514.rt56.420.el7","kernel-0:3.10.0-514.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8956.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H","cvss3_score":"6.1"},{"CVE":"CVE-2015-5706","severity":"moderate","public_date":"2015-05-09T00:00:00Z","advisories":[],"bugzilla":"1250047","bugzilla_description":"CVE-2015-5706 kernel: Use-after-free in path lookup","cvss_score":7.2,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5706.json"},{"CVE":"CVE-2015-4176","severity":"moderate","public_date":"2015-05-06T00:00:00Z","advisories":[],"bugzilla":"1249442","bugzilla_description":"CVE-2015-4176 kernel:deletion of a file or directory could unmount and reveal data under a mount point.","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:N/A:N","CWE":"CWE-667","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4176.json"},{"CVE":"CVE-2015-3339","severity":"moderate","public_date":"2015-04-20T00:00:00Z","advisories":["RHSA-2015:2152","RHSA-2015:2411","RHSA-2015:1272"],"bugzilla":"1214030","bugzilla_description":"CVE-2015-3339 kernel: race condition between chown() and execve()","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-362","affected_packages":["kernel-0:2.6.32-573.el6","kernel-0:3.10.0-327.el7","kernel-rt-0:3.10.0-327.rt56.204.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3339.json"},{"CVE":"CVE-2015-3332","severity":"moderate","public_date":"2015-04-14T00:00:00Z","advisories":[],"bugzilla":"1213951","bugzilla_description":"CVE-2015-3332 kernel: TCP Fast Open local DoS","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-665","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3332.json"},{"CVE":"CVE-2015-6526","severity":"moderate","public_date":"2015-04-13T00:00:00Z","advisories":["RHSA-2015:2152"],"bugzilla":"1218454","bugzilla_description":"CVE-2015-6526 kernel: perf on ppc64 can loop forever getting userlevel stacktraces","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-835","affected_packages":["kernel-0:3.10.0-327.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6526.json"},{"CVE":"CVE-2015-5707","severity":"moderate","public_date":"2015-03-22T00:00:00Z","advisories":[],"bugzilla":"1250030","bugzilla_description":"CVE-2015-5707 kernel: number wraparound vulnerability in function start_req()","cvss_score":4.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5707.json"},{"CVE":"CVE-2015-8830","severity":"moderate","public_date":"2015-03-21T00:00:00Z","advisories":["RHSA-2018:3096","RHSA-2018:3083","RHSA-2018:1854"],"bugzilla":"1314275","bugzilla_description":"CVE-2015-8830 kernel: AIO write triggers integer overflow in some protocols","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-190","affected_packages":["kernel-rt-0:3.10.0-957.rt56.910.el7","kernel-0:2.6.32-754.el6","kernel-0:3.10.0-957.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8830.json"},{"CVE":"CVE-2015-8955","severity":"low","public_date":"2015-03-17T00:00:00Z","advisories":[],"bugzilla":"1383391","bugzilla_description":"CVE-2015-8955 kernel: Possible privilege escalation via groups spanning multiple HW PMUs","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":"CWE-822","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8955.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.3"},{"CVE":"CVE-2016-0823","severity":"low","public_date":"2015-03-09T00:00:00Z","advisories":[],"bugzilla":"1317576","bugzilla_description":"CVE-2016-0823 kernel: Leakage of physical address mappings to non-privileged userspace","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-732","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0823.json"},{"CVE":"CVE-2015-2041","severity":"low","public_date":"2015-02-20T00:00:00Z","advisories":[],"bugzilla":"1195350","bugzilla_description":"CVE-2015-2041 kernel: llc: information leak in llc2_timeout_table","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2041.json"},{"CVE":"CVE-2015-2042","severity":"low","public_date":"2015-02-20T00:00:00Z","advisories":[],"bugzilla":"1195355","bugzilla_description":"CVE-2015-2042 kernel: rds: information handling flaw in rds sysctl files.","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2042.json"},{"CVE":"CVE-2014-9683","severity":"moderate","public_date":"2015-02-17T00:00:00Z","advisories":["RHSA-2015:1272"],"bugzilla":"1193830","bugzilla_description":"CVE-2014-9683 kernel: buffer overflow in eCryptfs","cvss_score":3.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:P/A:P","CWE":"CWE-119","affected_packages":["kernel-0:2.6.32-573.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9683.json"},{"CVE":"CVE-2016-6786","severity":"moderate","public_date":"2015-02-04T00:00:00Z","advisories":[],"bugzilla":"1403842","bugzilla_description":"CVE-2016-6786 CVE-2016-6787 kernel: Possible privilege escalation due to lack of locking around changing event->ctx","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-667","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6786.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-6787","severity":"moderate","public_date":"2015-02-04T00:00:00Z","advisories":[],"bugzilla":"1403842","bugzilla_description":"CVE-2016-6786 CVE-2016-6787 kernel: Possible privilege escalation due to lack of locking around changing event->ctx","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-667","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6787.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2015-0239","severity":"low","public_date":"2015-01-27T00:00:00Z","advisories":["RHSA-2015:2152","RHSA-2015:1272"],"bugzilla":"1186448","bugzilla_description":"CVE-2015-0239 kernel: kvm: insufficient sysenter emulation when invoked from 16-bit code","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-391","affected_packages":["kernel-0:2.6.32-573.el6","kernel-0:3.10.0-327.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0239.json"},{"CVE":"CVE-2015-9004","severity":"moderate","public_date":"2015-01-23T00:00:00Z","advisories":[],"bugzilla":"1447676","bugzilla_description":"CVE-2015-9004 kernel: Allows creating groups that can't be co-scheduled","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-266","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-9004.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2015-4170","severity":"moderate","public_date":"2015-01-19T00:00:00Z","advisories":["RHSA-2015:2152","RHSA-2016:1395","RHSA-2015:2411"],"bugzilla":"1218879","bugzilla_description":"CVE-2015-4170 kernel: pty layer race condition on tty ldisc shutdown.","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-667","affected_packages":["kernel-0:3.10.0-327.el7","kernel-rt-0:3.10.0-327.rt56.204.el7","kernel-0:3.10.0-229.38.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4170.json"},{"CVE":"CVE-2015-4167","severity":"moderate","public_date":"2015-01-07T00:00:00Z","advisories":[],"bugzilla":"1228204","bugzilla_description":"CVE-2015-4167 Kernel: fs: udf: Check length of extended attributes to avoid oops","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-130","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4167.json"},{"CVE":"CVE-2014-9728","severity":"moderate","public_date":"2014-12-19T00:00:00Z","advisories":[],"bugzilla":"1228229","bugzilla_description":"CVE-2014-9728 CVE-2014-9729 CVE-2014-9730 Kernel: fs: udf: heap overflow in __udf_adinicb_readpage","cvss_score":5.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:P/A:C","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9728.json"},{"CVE":"CVE-2014-9729","severity":"moderate","public_date":"2014-12-19T00:00:00Z","advisories":[],"bugzilla":"1228229","bugzilla_description":"CVE-2014-9728 CVE-2014-9729 CVE-2014-9730 Kernel: fs: udf: heap overflow in __udf_adinicb_readpage","cvss_score":5.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:P/A:C","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9729.json"},{"CVE":"CVE-2014-9730","severity":"moderate","public_date":"2014-12-19T00:00:00Z","advisories":[],"bugzilla":"1228229","bugzilla_description":"CVE-2014-9728 CVE-2014-9729 CVE-2014-9730 Kernel: fs: udf: heap overflow in __udf_adinicb_readpage","cvss_score":5.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:P/A:C","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9730.json"},{"CVE":"CVE-2017-15868","severity":"moderate","public_date":"2014-12-19T00:00:00Z","advisories":[],"bugzilla":"1522893","bugzilla_description":"CVE-2017-15868 kernel: bnep_add_connection does not check if l2cap socket is available allowing privilege escalation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-391","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15868.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2014-9731","severity":"low","public_date":"2014-12-18T00:00:00Z","advisories":[],"bugzilla":"1228220","bugzilla_description":"CVE-2014-9731 Kernel: fs: udf: information leakage when reading symlink","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9731.json"},{"CVE":"CVE-2014-9940","severity":"low","public_date":"2014-12-04T00:00:00Z","advisories":[],"bugzilla":"1449558","bugzilla_description":"CVE-2014-9940 kernel: Use-after-free in the regulator_ena_gpio_free function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9940.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2015-1350","severity":"low","public_date":"2014-11-21T00:00:00Z","advisories":[],"bugzilla":"1185139","bugzilla_description":"CVE-2015-1350 kernel: denial of service in notify_change for filesystem xattrs","cvss_score":3.2,"cvss_scoring_vector":"AV:L/AC:L/Au:S/C:N/I:P/A:P","CWE":"CWE-552","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1350.json"},{"CVE":"CVE-2014-8884","severity":"low","public_date":"2014-11-14T00:00:00Z","advisories":["RHSA-2015:0290","RHSA-2015:0864","RHSA-2015:0782"],"bugzilla":"1164266","bugzilla_description":"CVE-2014-8884 kernel: usb: buffer overflow in ttusb-dec","cvss_score":6.0,"cvss_scoring_vector":"AV:L/AC:H/Au:S/C:C/I:C/A:C","CWE":"CWE-121","affected_packages":["kernel-0:2.6.32-504.16.2.el6","kernel-0:3.10.0-229.el7","kernel-0:2.6.32-431.53.2.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8884.json"},{"CVE":"CVE-2014-7843","severity":"moderate","public_date":"2014-11-13T00:00:00Z","advisories":[],"bugzilla":"1163744","bugzilla_description":"CVE-2014-7843 kernel: aarch64: copying from /dev/zero causes local DoS","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":"CWE-390","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7843.json"},{"CVE":"CVE-2014-8600","severity":"low","public_date":"2014-11-13T00:00:00Z","advisories":[],"bugzilla":"1164293","bugzilla_description":"CVE-2014-8600 kwebkitpart, kde-runtime: Insufficient Input Validation By IO Slaves and Webkit Part","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8600.json"},{"CVE":"CVE-2014-7841","severity":"important","public_date":"2014-11-10T00:00:00Z","advisories":["RHSA-2015:0102","RHSA-2015:0695","RHSA-2015:0087","RHSA-2015:0285","RHSA-2015:0284"],"bugzilla":"1163087","bugzilla_description":"CVE-2014-7841 kernel: net: sctp: NULL pointer dereference in af->from_addr_param on malformed packet","cvss_score":7.1,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":["kernel-0:2.6.32-220.60.2.el6","kernel-0:2.6.32-358.56.1.el6","kernel-0:2.6.32-504.8.1.el6","kernel-0:2.6.32-431.50.1.el6","kernel-0:3.10.0-123.20.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7841.json"},{"CVE":"CVE-2014-9710","severity":"moderate","public_date":"2014-11-07T00:00:00Z","advisories":[],"bugzilla":"1205079","bugzilla_description":"CVE-2014-9710 Kernel: fs: btrfs: non-atomic xattr replace operation","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9710.json"},{"CVE":"CVE-2014-8369","severity":"moderate","public_date":"2014-10-24T00:00:00Z","advisories":["RHSA-2015:0674"],"bugzilla":"1156518","bugzilla_description":"CVE-2014-8369 kernel: kvm: excessive pages un-pinning in kvm_iommu_map error path","cvss_score":4.3,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-504.12.2.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8369.json"},{"CVE":"CVE-2014-9922","severity":"moderate","public_date":"2014-10-24T00:00:00Z","advisories":[],"bugzilla":"1439087","bugzilla_description":"CVE-2014-9922 kernel: Privilege escalation in eCryptfs subsystem via a large filesystem stack","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9922.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2014-3690","severity":"moderate","public_date":"2014-10-21T00:00:00Z","advisories":["RHSA-2015:0290","RHSA-2015:0864","RHSA-2015:0782"],"bugzilla":"1153322","bugzilla_description":"CVE-2014-3690 kernel: kvm: vmx: invalid host cr4 handling across vm entries","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-504.16.2.el6","kernel-0:3.10.0-229.el7","kernel-0:2.6.32-431.53.2.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3690.json"},{"CVE":"CVE-2018-1066","severity":"moderate","public_date":"2014-10-20T00:00:00Z","advisories":[],"bugzilla":"1539599","bugzilla_description":"CVE-2018-1066 kernel: Null pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() when empty TargetInfo is returned in NTLMSSP setup negotiation response allowing to crash client's kernel","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1066.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2014-8480","severity":"important","public_date":"2014-10-13T00:00:00Z","advisories":[],"bugzilla":"1156615","bugzilla_description":"CVE-2014-8480 CVE-2014-8481 kernel: kvm: NULL pointer dereference during rip relative instruction emulation","cvss_score":6.1,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8480.json"},{"CVE":"CVE-2014-8481","severity":"important","public_date":"2014-10-13T00:00:00Z","advisories":[],"bugzilla":"1156615","bugzilla_description":"CVE-2014-8480 CVE-2014-8481 kernel: kvm: NULL pointer dereference during rip relative instruction emulation","cvss_score":6.1,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8481.json"},{"CVE":"CVE-2014-3673","severity":"important","public_date":"2014-10-09T00:00:00Z","advisories":["RHSA-2014:1971","RHSA-2015:0115","RHSA-2014:1997","RHSA-2015:0043","RHSA-2015:0062"],"bugzilla":"1147850","bugzilla_description":"CVE-2014-3673 kernel: sctp: skb_over_panic when receiving malformed ASCONF chunks","cvss_score":7.1,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-20","affected_packages":["kernel-0:2.6.32-504.3.3.el6","kernel-0:2.6.32-358.55.1.el6","kernel-0:2.6.32-431.46.2.el6","kernel-0:3.10.0-123.13.1.el7","kernel-0:2.6.32-220.58.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3673.json"},{"CVE":"CVE-2014-3687","severity":"important","public_date":"2014-10-09T00:00:00Z","advisories":["RHSA-2014:1971","RHSA-2015:0115","RHSA-2014:1997","RHSA-2015:0043","RHSA-2015:0062"],"bugzilla":"1155731","bugzilla_description":"CVE-2014-3687 kernel: net: sctp: fix panic on duplicate ASCONF chunks","cvss_score":7.1,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-504.3.3.el6","kernel-0:2.6.32-358.55.1.el6","kernel-0:2.6.32-431.46.2.el6","kernel-0:3.10.0-123.13.1.el7","kernel-0:2.6.32-220.58.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3687.json"},{"CVE":"CVE-2014-3688","severity":"important","public_date":"2014-10-09T00:00:00Z","advisories":["RHSA-2014:1971","RHSA-2015:0115","RHSA-2014:1997","RHSA-2015:0043","RHSA-2015:0062"],"bugzilla":"1155745","bugzilla_description":"CVE-2014-3688 kernel: net: sctp: remote memory pressure from excessive queueing","cvss_score":7.1,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-504.3.3.el6","kernel-0:2.6.32-358.55.1.el6","kernel-0:2.6.32-431.46.2.el6","kernel-0:3.10.0-123.13.1.el7","kernel-0:2.6.32-220.58.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3688.json"},{"CVE":"CVE-2014-7970","severity":"low","public_date":"2014-10-08T00:00:00Z","advisories":["RHSA-2017:1842","RHSA-2017:2077"],"bugzilla":"1151095","bugzilla_description":"CVE-2014-7970 Kernel: fs: VFS denial of service","cvss_score":1.0,"cvss_scoring_vector":"AV:L/AC:H/Au:S/C:N/I:N/A:P","CWE":null,"affected_packages":["kernel-rt-0:3.10.0-693.rt56.617.el7","kernel-0:3.10.0-693.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7970.json"},{"CVE":"CVE-2014-7975","severity":"low","public_date":"2014-10-08T00:00:00Z","advisories":["RHSA-2017:1842","RHSA-2017:2077"],"bugzilla":"1151108","bugzilla_description":"CVE-2014-7975 Kernel: fs: umount denial of service","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["kernel-rt-0:3.10.0-693.rt56.617.el7","kernel-0:3.10.0-693.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7975.json"},{"CVE":"CVE-2014-7284","severity":"important","public_date":"2014-10-01T00:00:00Z","advisories":[],"bugzilla":"1148788","bugzilla_description":"CVE-2014-7284 kernel: randomness degradation due to bug in net_get_random_once()","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:P","CWE":"CWE-456->CWE-331","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7284.json"},{"CVE":"CVE-2010-5313","severity":"moderate","public_date":"2014-09-24T00:00:00Z","advisories":["RHSA-2015:2152","RHSA-2016:0855"],"bugzilla":"1163762","bugzilla_description":"CVE-2010-5313 CVE-2014-7842 kernel: kvm: reporting emulation failures to userspace","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:3.10.0-327.el7","kernel-0:2.6.32-642.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-5313.json"},{"CVE":"CVE-2014-7842","severity":"moderate","public_date":"2014-09-24T00:00:00Z","advisories":["RHSA-2015:2152","RHSA-2016:0855"],"bugzilla":"1163762","bugzilla_description":"CVE-2010-5313 CVE-2014-7842 kernel: kvm: reporting emulation failures to userspace","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:3.10.0-327.el7","kernel-0:2.6.32-642.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7842.json"},{"CVE":"CVE-2014-0205","severity":"important","public_date":"2014-09-09T00:00:00Z","advisories":["RHSA-2014:1763","RHSA-2014:1167","RHSA-2014:1365"],"bugzilla":"1094455","bugzilla_description":"CVE-2014-0205 kernel: futex: refcount issue in case of requeue","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":"CWE-682->CWE-416","affected_packages":["kernel-0:2.6.32-358.49.1.el6","kernel-0:2.6.32-220.56.1.el6","kernel-0:2.6.32-431.29.2.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0205.json"},{"CVE":"CVE-2014-3535","severity":"important","public_date":"2014-09-09T00:00:00Z","advisories":["RHSA-2014:1168","RHSA-2014:1167"],"bugzilla":"1114540","bugzilla_description":"CVE-2014-3535 Kernel: netdevice.h: NULL pointer dereference over VxLAN","cvss_score":5.4,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:C","CWE":"CWE-228->CWE-476","affected_packages":["rhev-hypervisor6-0:6.5-20140821.1.el6ev","kernel-0:2.6.32-431.29.2.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3535.json"},{"CVE":"CVE-2014-3631","severity":"moderate","public_date":"2014-09-09T00:00:00Z","advisories":["RHSA-2014:1971"],"bugzilla":"1140325","bugzilla_description":"CVE-2014-3631 kernel: keys: incorrect termination condition in assoc array garbage collection","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:3.10.0-123.13.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3631.json"},{"CVE":"CVE-2014-3186","severity":"moderate","public_date":"2014-08-27T00:00:00Z","advisories":["RHSA-2014:1971"],"bugzilla":"1141407","bugzilla_description":"CVE-2014-3186 Kernel: HID: memory corruption via OOB write","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-787","affected_packages":["kernel-0:3.10.0-123.13.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3186.json"},{"CVE":"CVE-2014-3183","severity":"moderate","public_date":"2014-08-21T00:00:00Z","advisories":[],"bugzilla":"1141344","bugzilla_description":"CVE-2014-3183 Kernel: HID: heap overflow due to lack of bounds checking","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":"(CWE-787|CWE-122)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3183.json"},{"CVE":"CVE-2014-3601","severity":"moderate","public_date":"2014-08-19T00:00:00Z","advisories":["RHSA-2014:1392"],"bugzilla":"1131951","bugzilla_description":"CVE-2014-3601 kernel: kvm: invalid parameter passing in kvm_iommu_map_pages()","cvss_score":4.3,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-504.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3601.json"},{"CVE":"CVE-2014-7145","severity":"moderate","public_date":"2014-08-17T00:00:00Z","advisories":["RHSA-2015:0102"],"bugzilla":"1147522","bugzilla_description":"CVE-2014-7145 Kernel: cifs: NULL pointer dereference in SMB2_tcon","cvss_score":4.6,"cvss_scoring_vector":"AV:A/AC:H/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":["kernel-0:3.10.0-123.20.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7145.json"},{"CVE":"CVE-2014-3534","severity":"important","public_date":"2014-07-21T00:00:00Z","advisories":["RHSA-2014:1023"],"bugzilla":"1114089","bugzilla_description":"CVE-2014-3534 kernel: s390: ptrace: insufficient sanitization when setting psw mask","cvss_score":7.2,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","CWE":"CWE-697->CWE-266","affected_packages":["kernel-0:3.10.0-123.6.3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3534.json"},{"CVE":"CVE-2014-5045","severity":"moderate","public_date":"2014-07-20T00:00:00Z","advisories":["RHSA-2014:1971","RHSA-2014:1392","RHSA-2015:0062"],"bugzilla":"1122472","bugzilla_description":"CVE-2014-5045 kernel: vfs: refcount issues during unmount on symlink","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-431.46.2.el6","kernel-0:2.6.32-504.el6","kernel-0:3.10.0-123.13.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5045.json"},{"CVE":"CVE-2014-4943","severity":"important","public_date":"2014-07-16T00:00:00Z","advisories":["RHSA-2014:1025","RHSA-2014:0924","RHSA-2014:0925","RHSA-2014:0923"],"bugzilla":"1119458","bugzilla_description":"CVE-2014-4943 kernel: net: pppol2tp: level handling in pppol2tp_[s,g]etsockopt()","cvss_score":7.2,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-431.20.5.el6","kernel-0:2.6.32-358.46.2.el6","kernel-0:2.6.32-220.54.1.el6","kernel-0:3.10.0-123.4.4.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4943.json"},{"CVE":"CVE-2014-9904","severity":"low","public_date":"2014-07-16T00:00:00Z","advisories":[],"bugzilla":"1350801","bugzilla_description":"CVE-2014-9904 kernel: Integer overflow in snd_compr_allocate_buffer()","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9904.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2014-4715","severity":"moderate","public_date":"2014-07-03T00:00:00Z","advisories":[],"bugzilla":"1115767","bugzilla_description":"CVE-2014-4715 lz4: LZ4_decompress_generic() integer overflow (32-bit arches)","cvss_score":6.0,"cvss_scoring_vector":"AV:L/AC:H/Au:S/C:C/I:C/A:C","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4715.json"},{"CVE":"CVE-2014-4611","severity":"moderate","public_date":"2014-06-26T00:00:00Z","advisories":[],"bugzilla":"1112436","bugzilla_description":"CVE-2014-4611 lz4: LZ4_decompress_generic() integer overflow","cvss_score":6.0,"cvss_scoring_vector":"AV:L/AC:H/Au:S/C:C/I:C/A:C","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4611.json"},{"CVE":"CVE-2014-4608","severity":"low","public_date":"2014-06-26T00:00:00Z","advisories":["RHSA-2014:1392","RHSA-2015:0062"],"bugzilla":"1113899","bugzilla_description":"CVE-2014-4608 kernel: lzo1x_decompress_safe() integer overflow","cvss_score":6.0,"cvss_scoring_vector":"AV:L/AC:H/Au:S/C:C/I:C/A:C","CWE":"CWE-190","affected_packages":["kernel-0:2.6.32-431.46.2.el6","kernel-0:2.6.32-504.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4608.json"},{"CVE":"CVE-2014-0203","severity":"moderate","public_date":"2014-06-19T00:00:00Z","advisories":["RHSA-2014:0771"],"bugzilla":"1094363","bugzilla_description":"CVE-2014-0203 kernel: fs: slab corruption due to the invalid last component type during do_filp_open()","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-431.20.3.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0203.json"},{"CVE":"CVE-2014-4508","severity":"moderate","public_date":"2014-06-16T00:00:00Z","advisories":[],"bugzilla":"1111590","bugzilla_description":"CVE-2014-4508 Kernel: x86_32: BUG in syscall auditing","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4508.json"},{"CVE":"CVE-2014-4014","severity":"important","public_date":"2014-06-10T00:00:00Z","advisories":[],"bugzilla":"1107966","bugzilla_description":"CVE-2014-4014 Kernel: possible privilege escalation in user namespace","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4014.json"},{"CVE":"CVE-2014-9914","severity":"moderate","public_date":"2014-06-10T00:00:00Z","advisories":[],"bugzilla":"1420250","bugzilla_description":"CVE-2014-9914 kernel: Race condition in the ip4_datagram_release_cb function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-362","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9914.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2014-1739","severity":"low","public_date":"2014-04-30T00:00:00Z","advisories":["RHSA-2014:1971"],"bugzilla":"1109774","bugzilla_description":"CVE-2014-1739 Kernel: drivers: media: an information leakage","cvss_score":1.7,"cvss_scoring_vector":"AV:L/AC:L/Au:S/C:P/I:N/A:N","CWE":null,"affected_packages":["kernel-0:3.10.0-123.13.1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1739.json"},{"CVE":"CVE-2014-0155","severity":"important","public_date":"2014-04-04T00:00:00Z","advisories":[],"bugzilla":"1081589","bugzilla_description":"CVE-2014-0155 kernel: kvm: BUG caused by invalid entry in guest ioapic redirection table","cvss_score":5.5,"cvss_scoring_vector":"AV:A/AC:L/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0155.json"},{"CVE":"CVE-2014-0077","severity":"moderate","public_date":"2014-03-27T00:00:00Z","advisories":["RHSA-2014:0475","RHSA-2014:0634","RHSA-2014:0593","RHSA-2014:0629"],"bugzilla":"1064440","bugzilla_description":"CVE-2014-0077 kernel: vhost-net: insufficiency in handling of big packets in handle_rx()","cvss_score":5.5,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:P/I:P/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-279.46.1.el6","kernel-0:2.6.32-431.17.1.el6","rhev-hypervisor6-0:6.5-20140603.1.el6ev","kernel-0:2.6.32-358.44.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0077.json"},{"CVE":"CVE-2014-2739","severity":"moderate","public_date":"2014-03-26T00:00:00Z","advisories":[],"bugzilla":"1085415","bugzilla_description":"CVE-2014-2739 Kernel: IB/core: crash while resolving passive side RoCE L2 address in cma req handler","cvss_score":4.6,"cvss_scoring_vector":"AV:A/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2739.json"},{"CVE":"CVE-2014-0055","severity":"important","public_date":"2014-03-25T00:00:00Z","advisories":["RHSA-2014:0328","RHSA-2014:0339"],"bugzilla":"1062577","bugzilla_description":"CVE-2014-0055 kernel: vhost-net: insufficient handling of error conditions in get_rx_bufs()","cvss_score":5.2,"cvss_scoring_vector":"AV:A/AC:M/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-431.11.2.el6","rhev-hypervisor6-0:6.5-20140324.0.el6ev"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0055.json"},{"CVE":"CVE-2014-2568","severity":"low","public_date":"2014-03-18T00:00:00Z","advisories":["RHSA-2014:0786"],"bugzilla":"1079012","bugzilla_description":"CVE-2014-2568 kernel: net: potential information leak when ubuf backed skbs are skb_zerocopy()ied","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["kernel-0:3.10.0-123.4.2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2568.json"},{"CVE":"CVE-2014-0131","severity":"low","public_date":"2014-03-10T00:00:00Z","advisories":[],"bugzilla":"1074589","bugzilla_description":"CVE-2014-0131 kernel: net: use-after-free during segmentation with zerocopy","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0131.json"},{"CVE":"CVE-2014-2673","severity":"moderate","public_date":"2014-03-07T00:00:00Z","advisories":["RHSA-2014:1023"],"bugzilla":"1083213","bugzilla_description":"CVE-2014-2673 kernel: powerpc: tm: crash when forking inside a transaction","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:3.10.0-123.6.3.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2673.json"},{"CVE":"CVE-2014-0049","severity":"important","public_date":"2014-03-03T00:00:00Z","advisories":[],"bugzilla":"1062368","bugzilla_description":"CVE-2014-0049 kernel: kvm: mmio_fragments out-of-the-bounds access","cvss_score":6.5,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:C/I:C/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0049.json"},{"CVE":"CVE-2014-0101","severity":"important","public_date":"2014-03-03T00:00:00Z","advisories":["RHSA-2014:0520","RHSA-2014:0432","RHSA-2014:0419","RHSA-2014:0328"],"bugzilla":"1070705","bugzilla_description":"CVE-2014-0101 kernel: net: sctp: null pointer dereference when processing authenticated cookie_echo chunk","cvss_score":7.1,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":["kernel-0:2.6.32-358.41.1.el6","kernel-0:2.6.32-279.43.1.el6","kernel-0:2.6.32-220.51.1.el6","kernel-0:2.6.32-431.11.2.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0101.json"},{"CVE":"CVE-2014-0102","severity":"moderate","public_date":"2014-02-28T00:00:00Z","advisories":[],"bugzilla":"1072419","bugzilla_description":"CVE-2014-0102 kernel: security: keyring cycle detector DoS","cvss_score":5.2,"cvss_scoring_vector":"AV:A/AC:M/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0102.json"},{"CVE":"CVE-2014-9903","severity":"low","public_date":"2014-02-16T00:00:00Z","advisories":[],"bugzilla":"1350796","bugzilla_description":"CVE-2014-9903 kernel: Information leak in sys_sched_getattr()","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9903.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2014-2039","severity":"moderate","public_date":"2014-02-03T00:00:00Z","advisories":["RHSA-2014:0771"],"bugzilla":"1067558","bugzilla_description":"CVE-2014-2039 Kernel: s390: crash due to linkage stack instructions","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-431.20.3.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2039.json"},{"CVE":"CVE-2014-0038","severity":"important","public_date":"2014-01-31T00:00:00Z","advisories":[],"bugzilla":"1060023","bugzilla_description":"CVE-2014-0038 Kernel: 3.4+ arbitrary write with CONFIG_X86_X32","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0038.json"},{"CVE":"CVE-2014-2038","severity":"low","public_date":"2014-01-17T00:00:00Z","advisories":["RHSA-2014:0328"],"bugzilla":"1066939","bugzilla_description":"CVE-2014-2038 kernel: nfs: data leak during extended writes","cvss_score":3.3,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["kernel-0:2.6.32-431.11.2.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2038.json"},{"CVE":"CVE-2014-1446","severity":"low","public_date":"2013-12-17T00:00:00Z","advisories":[],"bugzilla":"1053620","bugzilla_description":"CVE-2014-1446 Kernel: hamradio/yam: information leak in ioctl","cvss_score":1.7,"cvss_scoring_vector":"AV:L/AC:L/Au:S/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1446.json"},{"CVE":"CVE-2013-4587","severity":"important","public_date":"2013-12-12T00:00:00Z","advisories":[],"bugzilla":"1030986","bugzilla_description":"CVE-2013-4587 kernel: kvm: rtc_status.dest_map out-of-bounds access","cvss_score":7.2,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4587.json"},{"CVE":"CVE-2013-6367","severity":"important","public_date":"2013-12-12T00:00:00Z","advisories":["RHSA-2013:1801","RHSA-2013:1802","RHSA-2014:0163","RHSA-2014:0284"],"bugzilla":"1032207","bugzilla_description":"CVE-2013-6367 kvm: division by zero in apic_get_tmcct()","cvss_score":5.7,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kvm-0:83-266.el5_10.1","rhev-hypervisor6-0:6.5-20131204.0.3.2.el6_5","kernel-0:2.6.32-431.1.2.el6","kernel-0:2.6.32-358.37.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6367.json"},{"CVE":"CVE-2013-6368","severity":"important","public_date":"2013-12-12T00:00:00Z","advisories":["RHSA-2013:1801","RHSA-2014:0163","RHSA-2014:0284"],"bugzilla":"1032210","bugzilla_description":"CVE-2013-6368 kvm: cross page vapic_addr access","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["kvm-0:83-266.el5_10.1","kernel-0:2.6.32-431.1.2.el6","kernel-0:2.6.32-358.37.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6368.json"},{"CVE":"CVE-2013-6376","severity":"important","public_date":"2013-12-12T00:00:00Z","advisories":[],"bugzilla":"1033106","bugzilla_description":"CVE-2013-6376 kernel: kvm: BUG_ON() in apic_cluster_id()","cvss_score":5.2,"cvss_scoring_vector":"AV:A/AC:M/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6376.json"},{"CVE":"CVE-2013-4513","severity":"low","public_date":"2013-11-22T00:00:00Z","advisories":[],"bugzilla":"1033582","bugzilla_description":"CVE-2013-4513 Kernel: staging: ozwpan: buffer overflow in oz_cdev_write","cvss_score":6.6,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:C/I:C/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4513.json"},{"CVE":"CVE-2013-6380","severity":"low","public_date":"2013-11-22T00:00:00Z","advisories":[],"bugzilla":"1033593","bugzilla_description":"CVE-2013-6380 Kernel: aacraid: invalid pointer dereference","cvss_score":6.0,"cvss_scoring_vector":"AV:L/AC:H/Au:S/C:C/I:C/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6380.json"},{"CVE":"CVE-2013-6381","severity":"important","public_date":"2013-11-22T00:00:00Z","advisories":["RHSA-2014:0476","RHSA-2014:0159","RHSA-2014:0285","RHSA-2014:0284"],"bugzilla":"1033600","bugzilla_description":"CVE-2013-6381 Kernel: qeth: buffer overflow in snmp ioctl","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-119","affected_packages":["kernel-0:2.6.32-431.5.1.el6","kernel-0:2.6.18-371.6.1.el5","kernel-0:2.6.18-348.25.1.el5","kernel-0:2.6.32-358.37.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6381.json"},{"CVE":"CVE-2013-6382","severity":"low","public_date":"2013-11-22T00:00:00Z","advisories":[],"bugzilla":"1033603","bugzilla_description":"CVE-2013-6382 Kernel: fs: xfs: missing check for ZERO_SIZE_PTR","cvss_score":6.0,"cvss_scoring_vector":"AV:L/AC:H/Au:S/C:C/I:C/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6382.json"},{"CVE":"CVE-2013-7266","severity":"low","public_date":"2013-11-21T00:00:00Z","advisories":["RHSA-2014:0328"],"bugzilla":"1039845","bugzilla_description":"CVE-2013-7271 Kernel: net: information leak in recvmsg handler msg_name & msg_namelen logic","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["kernel-0:2.6.32-431.11.2.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7266.json"},{"CVE":"CVE-2013-7267","severity":"low","public_date":"2013-11-21T00:00:00Z","advisories":[],"bugzilla":"1039845","bugzilla_description":"CVE-2013-7271 Kernel: net: information leak in recvmsg handler msg_name & msg_namelen logic","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7267.json"},{"CVE":"CVE-2013-7268","severity":"low","public_date":"2013-11-21T00:00:00Z","advisories":[],"bugzilla":"1039845","bugzilla_description":"CVE-2013-7271 Kernel: net: information leak in recvmsg handler msg_name & msg_namelen logic","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7268.json"},{"CVE":"CVE-2013-7269","severity":"low","public_date":"2013-11-21T00:00:00Z","advisories":[],"bugzilla":"1039845","bugzilla_description":"CVE-2013-7271 Kernel: net: information leak in recvmsg handler msg_name & msg_namelen logic","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7269.json"},{"CVE":"CVE-2013-7270","severity":"low","public_date":"2013-11-21T00:00:00Z","advisories":["RHSA-2014:0328"],"bugzilla":"1039845","bugzilla_description":"CVE-2013-7271 Kernel: net: information leak in recvmsg handler msg_name & msg_namelen logic","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["kernel-0:2.6.32-431.11.2.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7270.json"},{"CVE":"CVE-2013-7271","severity":"low","public_date":"2013-11-21T00:00:00Z","advisories":[],"bugzilla":"1039845","bugzilla_description":"CVE-2013-7271 Kernel: net: information leak in recvmsg handler msg_name & msg_namelen logic","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7271.json"},{"CVE":"CVE-2013-7026","severity":"moderate","public_date":"2013-11-21T00:00:00Z","advisories":[],"bugzilla":"1039951","bugzilla_description":"CVE-2013-7026 Kernel: ipc,shm: oops caused by shm_file deletion race condition","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7026.json"},{"CVE":"CVE-2013-7348","severity":"moderate","public_date":"2013-11-19T00:00:00Z","advisories":[],"bugzilla":"1083270","bugzilla_description":"CVE-2013-7348 kernel: aio: double free in ioctx_alloc","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7348.json"},{"CVE":"CVE-2013-7264","severity":"low","public_date":"2013-11-18T00:00:00Z","advisories":[],"bugzilla":"1035875","bugzilla_description":"CVE-2013-7263 CVE-2013-7265 Kernel: net: leakage of uninitialized memory to user-space via recv syscalls","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7264.json"},{"CVE":"CVE-2013-7281","severity":"low","public_date":"2013-11-18T00:00:00Z","advisories":[],"bugzilla":"1035875","bugzilla_description":"CVE-2013-7263 CVE-2013-7265 Kernel: net: leakage of uninitialized memory to user-space via recv syscalls","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7281.json"},{"CVE":"CVE-2013-6432","severity":"moderate","public_date":"2013-11-18T00:00:00Z","advisories":[],"bugzilla":"1039046","bugzilla_description":"CVE-2013-6432 Kernel: ping: NULL pointer dereference on write to msg_name","cvss_score":4.6,"cvss_scoring_vector":"AV:L/AC:L/Au:S/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6432.json"},{"CVE":"CVE-2013-4579","severity":"low","public_date":"2013-11-14T00:00:00Z","advisories":[],"bugzilla":"1032753","bugzilla_description":"CVE-2013-4579 kernel: ath9k_htc driver improperly updates MAC","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4579.json"},{"CVE":"CVE-2013-4588","severity":null,"public_date":"2013-11-11T00:00:00Z","advisories":[],"bugzilla":"1030800","bugzilla_description":"CVE-2013-4588 Kernel: net: ipvs: stack buffer overflow","cvss_score":6.6,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:C/I:C/A:C","CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4588.json"},{"CVE":"CVE-2013-4494","severity":"moderate","public_date":"2013-11-01T00:00:00Z","advisories":["RHSA-2014:0108"],"bugzilla":"1026243","bugzilla_description":"CVE-2013-4494 kernel: xen: Lock order reversal between page allocation and grant table locks","cvss_score":4.3,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.18-371.4.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4494.json"},{"CVE":"CVE-2013-4563","severity":"important","public_date":"2013-10-29T00:00:00Z","advisories":[],"bugzilla":"1030015","bugzilla_description":"CVE-2013-4563 kernel: net: large udp packet over IPv6 over UFO-enabled device with TBF qdisc panic","cvss_score":7.1,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4563.json"},{"CVE":"CVE-2014-1445","severity":"low","public_date":"2013-10-16T00:00:00Z","advisories":[],"bugzilla":"1053613","bugzilla_description":"CVE-2014-1445 Kernel: wanxl: information leak in ioctl","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1445.json"},{"CVE":"CVE-2014-1444","severity":"low","public_date":"2013-10-11T00:00:00Z","advisories":[],"bugzilla":"1053610","bugzilla_description":"CVE-2014-1444 Kernel: farsync: information leak in ioctl","cvss_score":1.7,"cvss_scoring_vector":"AV:L/AC:L/Au:S/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1444.json"},{"CVE":"CVE-2013-4361","severity":"low","public_date":"2013-09-30T00:00:00Z","advisories":[],"bugzilla":"1009817","bugzilla_description":"CVE-2013-4361 Kernel: Xen: Xsa-66: information leak through fbld instruction emulation","cvss_score":1.0,"cvss_scoring_vector":"AV:L/AC:H/Au:S/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4361.json"},{"CVE":"CVE-2013-1442","severity":"moderate","public_date":"2013-09-24T00:00:00Z","advisories":[],"bugzilla":"1006431","bugzilla_description":"CVE-2013-1442 kernel: xen: information leak on AVX and/or LWP capable CPUs","cvss_score":2.3,"cvss_scoring_vector":"AV:A/AC:M/Au:S/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1442.json"},{"CVE":"CVE-2013-2894","severity":"moderate","public_date":"2013-08-29T00:00:00Z","advisories":[],"bugzilla":"1000137","bugzilla_description":"CVE-2013-2894 Kernel: HID: lenovo-tpkbd: heap overflow flaw","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2894.json"},{"CVE":"CVE-2013-2899","severity":"moderate","public_date":"2013-08-29T00:00:00Z","advisories":[],"bugzilla":"1000373","bugzilla_description":"CVE-2013-2899 Kernel: HID: picolcd_core: NULL pointer dereference","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2899.json"},{"CVE":"CVE-2013-2898","severity":"low","public_date":"2013-08-29T00:00:00Z","advisories":[],"bugzilla":"1000474","bugzilla_description":"CVE-2013-2898 Kernel: HID: sensor-hub: memory leak flaw","cvss_score":1.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:N/A:N","CWE":"CWE-401","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2898.json"},{"CVE":"CVE-2013-2890","severity":"moderate","public_date":"2013-08-29T00:00:00Z","advisories":[],"bugzilla":"1000519","bugzilla_description":"CVE-2013-2890 Kernel: HID: Sony heap overflow flaw","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2890.json"},{"CVE":"CVE-2013-2897","severity":"moderate","public_date":"2013-08-29T00:00:00Z","advisories":[],"bugzilla":"1000536","bugzilla_description":"CVE-2013-2897 Kernel: HID: multitouch: heap overflow flaw","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2897.json"},{"CVE":"CVE-2013-2889","severity":"moderate","public_date":"2013-08-29T00:00:00Z","advisories":["RHSA-2013:1527","RHSA-2013:1645"],"bugzilla":"999890","bugzilla_description":"CVE-2013-2889 Kernel: HID: zeroplus: heap overflow flaw","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-122","affected_packages":["rhev-hypervisor6-0:6.5-20131115.0.3.2.el6_5","kernel-0:2.6.32-431.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2889.json"},{"CVE":"CVE-2013-2891","severity":"moderate","public_date":"2013-08-29T00:00:00Z","advisories":[],"bugzilla":"999960","bugzilla_description":"CVE-2013-2891 Kernel: HID: steelseries: heap overflow flaw","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2891.json"},{"CVE":"CVE-2013-4300","severity":"important","public_date":"2013-08-22T00:00:00Z","advisories":[],"bugzilla":"1004736","bugzilla_description":"CVE-2013-4300 Kernel: net: PID spoofing privilege escalation flaw","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4300.json"},{"CVE":"CVE-2013-4254","severity":"important","public_date":"2013-08-05T00:00:00Z","advisories":[],"bugzilla":"998878","bugzilla_description":"CVE-2013-4254 Kernel: ARM: perf: NULL pointer dereference in validate_event","cvss_score":7.2,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4254.json"},{"CVE":"CVE-2013-7252","severity":"low","public_date":"2013-07-24T00:00:00Z","advisories":[],"bugzilla":"1048168","bugzilla_description":"CVE-2013-7252 kwallet: crypto misuse","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-327","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7252.json"},{"CVE":"CVE-2013-2212","severity":"moderate","public_date":"2013-07-24T00:00:00Z","advisories":[],"bugzilla":"986295","bugzilla_description":"CVE-2013-2212 kernel: xen: Excessive time to disable caching with HVM guests with PCI passthrough","cvss_score":4.3,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2212.json"},{"CVE":"CVE-2013-4125","severity":"important","public_date":"2013-07-15T00:00:00Z","advisories":[],"bugzilla":"984664","bugzilla_description":"CVE-2013-4125 kernel: ipv6: BUG_ON in fib6_add_rt2node()","cvss_score":7.1,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4125.json"},{"CVE":"CVE-2013-4127","severity":"important","public_date":"2013-07-03T00:00:00Z","advisories":[],"bugzilla":"984722","bugzilla_description":"CVE-2013-4127 kernel: vhost-net: use-after-free in vhost_net_flush","cvss_score":6.5,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:C/I:C/A:C","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4127.json"},{"CVE":"CVE-2013-1059","severity":"important","public_date":"2013-07-01T00:00:00Z","advisories":[],"bugzilla":"977356","bugzilla_description":"CVE-2013-1059 Kernel: libceph: Fix NULL pointer dereference in auth client code","cvss_score":7.1,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1059.json"},{"CVE":"CVE-2013-4129","severity":"moderate","public_date":"2013-07-01T00:00:00Z","advisories":[],"bugzilla":"984743","bugzilla_description":"CVE-2013-4129 kernel: bridge: kernel BUG at kernel/timer.c:729","cvss_score":6.5,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:C/I:C/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4129.json"},{"CVE":"CVE-2013-2224","severity":"important","public_date":"2013-06-30T00:00:00Z","advisories":["RHSA-2013:1450","RHSA-2013:1195","RHSA-2013:1173","RHSA-2013:1166"],"bugzilla":"979936","bugzilla_description":"CVE-2013-2224 kernel: net: IP_REPOPTS invalid free","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-279.37.2.el6","kernel-0:2.6.32-358.18.1.el6","kernel-0:2.6.18-348.16.1.el5","kernel-0:2.6.32-358.118.1.openstack.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2224.json"},{"CVE":"CVE-2013-1432","severity":"important","public_date":"2013-06-26T00:00:00Z","advisories":[],"bugzilla":"974250","bugzilla_description":"CVE-2013-1432 kernel: xen: Page reference counting error due to XSA-45/CVE-2013-1918 fixes","cvss_score":6.5,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:C/I:C/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1432.json"},{"CVE":"CVE-2013-2188","severity":"moderate","public_date":"2013-06-17T00:00:00Z","advisories":["RHSA-2013:0911"],"bugzilla":"975406","bugzilla_description":"CVE-2013-2188 kernel: fs: filp leak on ro filesystem","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-358.11.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2188.json"},{"CVE":"CVE-2013-1935","severity":"important","public_date":"2013-06-10T00:00:00Z","advisories":["RHSA-2013:0911","RHSA-2013:0907"],"bugzilla":"949981","bugzilla_description":"CVE-2013-1935 kernel: kvm: pv_eoi guest updates with interrupts disabled","cvss_score":5.7,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-358.11.1.el6","rhev-hypervisor6-0:6.4-20130528.0.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1935.json"},{"CVE":"CVE-2013-1943","severity":"important","public_date":"2013-06-10T00:00:00Z","advisories":["RHSA-2013:0911"],"bugzilla":"950490","bugzilla_description":"CVE-2013-1943 kernel: kvm: missing check in kvm_set_memory_region()","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":"CWE-119","affected_packages":["kernel-0:2.6.32-358.11.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1943.json"},{"CVE":"CVE-2013-2140","severity":"moderate","public_date":"2013-06-05T00:00:00Z","advisories":[],"bugzilla":"971146","bugzilla_description":"CVE-2013-2140 kernel: xen: blkback: insufficient permission checks for BLKIF_OP_DISCARD","cvss_score":3.8,"cvss_scoring_vector":"AV:A/AC:M/Au:S/C:N/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2140.json"},{"CVE":"CVE-2013-2076","severity":"moderate","public_date":"2013-06-03T00:00:00Z","advisories":[],"bugzilla":"964259","bugzilla_description":"CVE-2013-2076 kernel: xen: Information leak on XSAVE/XRSTOR capable AMD CPUs","cvss_score":4.3,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:C/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2076.json"},{"CVE":"CVE-2013-4247","severity":"moderate","public_date":"2013-05-31T00:00:00Z","advisories":[],"bugzilla":"998401","bugzilla_description":"CVE-2013-4247 kernel: cifs: off-by-one bug in build_unc_path_to_root","cvss_score":4.6,"cvss_scoring_vector":"AV:A/AC:H/Au:N/C:N/I:N/A:C","CWE":"CWE-193","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4247.json"},{"CVE":"CVE-2013-4220","severity":"moderate","public_date":"2013-05-24T00:00:00Z","advisories":[],"bugzilla":"996380","bugzilla_description":"CVE-2013-4220 Kernel: arm64: unhandled esr by el0_sync_compat","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4220.json"},{"CVE":"CVE-2013-1918","severity":"moderate","public_date":"2013-05-02T00:00:00Z","advisories":[],"bugzilla":"956163","bugzilla_description":"CVE-2013-1918 kernel: xen: Several long latency operations are not preemptible","cvss_score":5.2,"cvss_scoring_vector":"AV:A/AC:M/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1918.json"},{"CVE":"CVE-2013-1952","severity":"moderate","public_date":"2013-05-02T00:00:00Z","advisories":[],"bugzilla":"956309","bugzilla_description":"CVE-2013-1952 kernel: xen: VT-d interrupt remapping source validation flaw for bridges","cvss_score":5.2,"cvss_scoring_vector":"AV:A/AC:M/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1952.json"},{"CVE":"CVE-2013-1917","severity":"important","public_date":"2013-04-18T00:00:00Z","advisories":[],"bugzilla":"950668","bugzilla_description":"CVE-2013-1917 kernel: xen: Xen PV DoS vulnerability with SYSENTER","cvss_score":5.7,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1917.json"},{"CVE":"CVE-2013-1919","severity":"moderate","public_date":"2013-04-18T00:00:00Z","advisories":[],"bugzilla":"950686","bugzilla_description":"CVE-2013-1919 kernel: xen: Several access permission issues with IRQs for unprivileged guests","cvss_score":4.3,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1919.json"},{"CVE":"CVE-2013-1964","severity":"important","public_date":"2013-04-18T00:00:00Z","advisories":[],"bugzilla":"953632","bugzilla_description":"CVE-2013-1964 xen: grant table hypercall acquire/release imbalance","cvss_score":5.7,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1964.json"},{"CVE":"CVE-2013-2596","severity":"important","public_date":"2013-04-09T00:00:00Z","advisories":["RHSA-2016:0450","RHSA-2015:0695","RHSA-2015:0782","RHSA-2014:1392","RHSA-2015:0803"],"bugzilla":"1034490","bugzilla_description":"CVE-2013-2596 kernel: integer overflow in fb_mmap","cvss_score":6.0,"cvss_scoring_vector":"AV:L/AC:H/Au:S/C:C/I:C/A:C","CWE":"CWE-190","affected_packages":["kernel-0:2.6.18-409.el5","kernel-0:2.6.32-220.60.2.el6","kernel-0:2.6.32-504.el6","kernel-0:2.6.32-358.59.1.el6","kernel-0:2.6.32-431.53.2.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2596.json"},{"CVE":"CVE-2013-3223","severity":"low","public_date":"2013-04-07T00:00:00Z","advisories":[],"bugzilla":"955662","bugzilla_description":"CVE-2013-3223 Kernel: ax25: information leak via msg_name in ax25_recvmsg()","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3223.json"},{"CVE":"CVE-2013-3226","severity":"low","public_date":"2013-04-07T00:00:00Z","advisories":[],"bugzilla":"956048","bugzilla_description":"CVE-2013-3226 Kernel: Bluetooth: SCO - missing msg_namelen update in sco_sock_recvmsg","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3226.json"},{"CVE":"CVE-2013-3227","severity":"low","public_date":"2013-04-07T00:00:00Z","advisories":[],"bugzilla":"956061","bugzilla_description":"CVE-2013-3227 Kernel: caif: missing msg_namelen update in caif_seqpkt_recvmsg","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3227.json"},{"CVE":"CVE-2013-3228","severity":"low","public_date":"2013-04-07T00:00:00Z","advisories":[],"bugzilla":"956069","bugzilla_description":"CVE-2013-3228 Kernel: irda: missing msg_namelen update in irda_recvmsg_dgram","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3228.json"},{"CVE":"CVE-2013-3229","severity":"low","public_date":"2013-04-07T00:00:00Z","advisories":[],"bugzilla":"956079","bugzilla_description":"CVE-2013-3229 Kernel: iucv: missing msg_namelen update in iucv_sock_recvmsg","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3229.json"},{"CVE":"CVE-2013-3230","severity":"low","public_date":"2013-04-07T00:00:00Z","advisories":[],"bugzilla":"956088","bugzilla_description":"CVE-2013-3230 Kernel: l2tp: info leak in l2tp_ip6_recvmsg","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3230.json"},{"CVE":"CVE-2013-3232","severity":"low","public_date":"2013-04-07T00:00:00Z","advisories":[],"bugzilla":"956110","bugzilla_description":"CVE-2013-3232 Kernel: netrom: information leak via msg_name in nr_recvmsg","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3232.json"},{"CVE":"CVE-2013-3233","severity":"low","public_date":"2013-04-07T00:00:00Z","advisories":[],"bugzilla":"956125","bugzilla_description":"CVE-2013-3233 Kernel: NFC: llcp: info leaks via msg_name in llcp_sock_recvmsg","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3233.json"},{"CVE":"CVE-2013-3234","severity":"low","public_date":"2013-04-07T00:00:00Z","advisories":[],"bugzilla":"956135","bugzilla_description":"CVE-2013-3234 Kernel: rose: info leak via msg_name in rose_recvmsg","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3234.json"},{"CVE":"CVE-2013-3235","severity":"low","public_date":"2013-04-07T00:00:00Z","advisories":["RHSA-2013:1034"],"bugzilla":"956145","bugzilla_description":"CVE-2013-3235 Kernel: tipc: info leaks via msg_name in recv_msg/recv_stream","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["kernel-0:2.6.18-348.12.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3235.json"},{"CVE":"CVE-2013-3236","severity":"low","public_date":"2013-04-07T00:00:00Z","advisories":[],"bugzilla":"956154","bugzilla_description":"CVE-2013-3236 Kernel: VSOCK: vmci -possible info leak in vmci_transport_dgram_dequeue","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3236.json"},{"CVE":"CVE-2013-3237","severity":"low","public_date":"2013-04-07T00:00:00Z","advisories":[],"bugzilla":"956158","bugzilla_description":"CVE-2013-3237 kernel: VSOCK: Fix missing msg_namelen update in vsock_stream_recvmsg","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3237.json"},{"CVE":"CVE-2013-1796","severity":"important","public_date":"2013-03-20T00:00:00Z","advisories":["RHSA-2013:0727","RHSA-2013:0928","RHSA-2013:0746","RHSA-2013:0744","RHSA-2013:1026"],"bugzilla":"917012","bugzilla_description":"CVE-2013-1796 kernel: kvm: buffer overflow in handling of MSR_KVM_SYSTEM_TIME","cvss_score":6.5,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:C/I:C/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-358.6.1.el6","kernel-0:2.6.32-220.39.1.el6","kernel-0:2.6.32-279.31.1.el6","kvm-0:83-262.el5_9.3","rhev-hypervisor6-0:6.4-20130415.0.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1796.json"},{"CVE":"CVE-2013-1797","severity":"important","public_date":"2013-03-20T00:00:00Z","advisories":["RHSA-2013:0727","RHSA-2013:0928","RHSA-2013:0746","RHSA-2013:0744","RHSA-2013:1026"],"bugzilla":"917013","bugzilla_description":"CVE-2013-1797 kernel: kvm: after free issue with the handling of MSR_KVM_SYSTEM_TIME","cvss_score":6.5,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:C/I:C/A:C","CWE":"CWE-416","affected_packages":["kernel-0:2.6.32-358.6.1.el6","kernel-0:2.6.32-220.39.1.el6","kernel-0:2.6.32-279.31.1.el6","kvm-0:83-262.el5_9.3","rhev-hypervisor6-0:6.4-20130415.0.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1797.json"},{"CVE":"CVE-2013-1798","severity":"important","public_date":"2013-03-20T00:00:00Z","advisories":["RHSA-2013:0727","RHSA-2013:0928","RHSA-2013:0746","RHSA-2013:0744","RHSA-2013:1026"],"bugzilla":"917017","bugzilla_description":"CVE-2013-1798 kernel: kvm: out-of-bounds access in ioapic indirect register reads","cvss_score":5.9,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:C/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-358.6.1.el6","kernel-0:2.6.32-220.39.1.el6","kernel-0:2.6.32-279.31.1.el6","kvm-0:83-262.el5_9.3","rhev-hypervisor6-0:6.4-20130415.0.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1798.json"},{"CVE":"CVE-2013-1858","severity":"important","public_date":"2013-03-13T00:00:00Z","advisories":[],"bugzilla":"921448","bugzilla_description":"CVE-2013-1858 kernel: CLONE_NEWUSER | CLONE_FS chroot exploit","cvss_score":7.2,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","CWE":"CWE-284","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1858.json"},{"CVE":"CVE-2013-2206","severity":"important","public_date":"2013-03-13T00:00:00Z","advisories":["RHSA-2013:1195","RHSA-2013:1173","RHSA-2013:1166"],"bugzilla":"976562","bugzilla_description":"CVE-2013-2206 kernel: sctp: duplicate cookie handling NULL pointer dereference","cvss_score":5.4,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":["kernel-0:2.6.32-358.18.1.el6","kernel-0:2.6.18-348.16.1.el5","kernel-0:2.6.32-358.118.1.openstack.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2206.json"},{"CVE":"CVE-2013-1873","severity":null,"public_date":"2013-03-09T00:00:00Z","advisories":[],"bugzilla":"923652","bugzilla_description":"CVE-2013-1873 Kernel: information leaks via netlink interface","cvss_score":1.5,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1873.json"},{"CVE":"CVE-2013-2636","severity":"low","public_date":"2013-03-09T00:00:00Z","advisories":[],"bugzilla":"924693","bugzilla_description":"CVE-2013-2636 kernel: Information leak in the Linux ethernet bridge component","cvss_score":1.5,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2636.json"},{"CVE":"CVE-2013-1828","severity":"important","public_date":"2013-03-08T00:00:00Z","advisories":[],"bugzilla":"919315","bugzilla_description":"CVE-2013-1828 kernel: sctp: SCTP_GET_ASSOC_STATS stack buffer overflow","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1828.json"},{"CVE":"CVE-2013-0309","severity":"moderate","public_date":"2013-02-19T00:00:00Z","advisories":["RHSA-2013:0496"],"bugzilla":"912898","bugzilla_description":"CVE-2013-0309 kernel: mm: thp: pmd_present and PROT_NONE local DoS","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-358.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0309.json"},{"CVE":"CVE-2013-0310","severity":"moderate","public_date":"2013-02-19T00:00:00Z","advisories":["RHSA-2013:0496"],"bugzilla":"912900","bugzilla_description":"CVE-2013-0310 kernel: net: CIPSO_V4_TAG_LOCAL tag NULL pointer dereference","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":["kernel-0:2.6.32-358.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0310.json"},{"CVE":"CVE-2013-0311","severity":"important","public_date":"2013-02-19T00:00:00Z","advisories":["RHSA-2013:0928","RHSA-2013:0579","RHSA-2013:0496","RHSA-2013:0882"],"bugzilla":"912905","bugzilla_description":"CVE-2013-0311 kernel: vhost: fix length for cross region descriptor","cvss_score":6.5,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:C/I:C/A:C","CWE":null,"affected_packages":["rhev-hypervisor6-0:6.4-20130221.0.el6","kernel-0:2.6.32-279.31.1.el6","kernel-0:2.6.32-358.el6","kernel-0:2.6.32-220.38.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0311.json"},{"CVE":"CVE-2013-0228","severity":"important","public_date":"2013-02-13T00:00:00Z","advisories":["RHSA-2013:0630"],"bugzilla":"906309","bugzilla_description":"CVE-2013-0228 kernel: xen: userspace alterable %ds access in xen_iret()","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-358.2.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0228.json"},{"CVE":"CVE-2013-0231","severity":"moderate","public_date":"2013-02-05T00:00:00Z","advisories":["RHSA-2013:0747"],"bugzilla":"910874","bugzilla_description":"CVE-2013-0231 kernel: xen: pciback DoS via not rate limited log messages","cvss_score":5.2,"cvss_scoring_vector":"AV:A/AC:M/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.18-348.4.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0231.json"},{"CVE":"CVE-2013-0216","severity":"moderate","public_date":"2013-02-05T00:00:00Z","advisories":["RHSA-2013:0747"],"bugzilla":"910883","bugzilla_description":"CVE-2013-0216 CVE-2013-0217 kernel: xen: Linux netback DoS via malicious guest ring.","cvss_score":5.2,"cvss_scoring_vector":"AV:A/AC:M/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.18-348.4.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0216.json"},{"CVE":"CVE-2013-0217","severity":"moderate","public_date":"2013-02-05T00:00:00Z","advisories":[],"bugzilla":"910883","bugzilla_description":"CVE-2013-0216 CVE-2013-0217 kernel: xen: Linux netback DoS via malicious guest ring.","cvss_score":5.2,"cvss_scoring_vector":"AV:A/AC:M/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0217.json"},{"CVE":"CVE-2013-0153","severity":"moderate","public_date":"2013-02-05T00:00:00Z","advisories":["RHSA-2013:0847"],"bugzilla":"910903","bugzilla_description":"CVE-2013-0153 kernel: xen: interrupt remap entries shared and old ones not cleared on AMD IOMMUs","cvss_score":4.3,"cvss_scoring_vector":"AV:A/AC:H/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.18-348.6.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0153.json"},{"CVE":"CVE-2013-0313","severity":"moderate","public_date":"2013-01-21T00:00:00Z","advisories":[],"bugzilla":"913266","bugzilla_description":"CVE-2013-0313 kernel: evm: NULL pointer de-reference local DoS","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0313.json"},{"CVE":"CVE-2013-0190","severity":"moderate","public_date":"2013-01-16T00:00:00Z","advisories":["RHSA-2013:0496"],"bugzilla":"896038","bugzilla_description":"CVE-2013-0190 kernel: stack corruption in xen_failsafe_callback()","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-358.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0190.json"},{"CVE":"CVE-2013-0349","severity":"low","public_date":"2013-01-09T00:00:00Z","advisories":["RHSA-2013:0744"],"bugzilla":"914298","bugzilla_description":"CVE-2013-0349 kernel: bluetooth HIDP implementation information disclosure","cvss_score":1.5,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:P/I:N/A:N","CWE":null,"affected_packages":["kernel-0:2.6.32-358.6.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0349.json"},{"CVE":"CVE-2013-0160","severity":"low","public_date":"2013-01-07T00:00:00Z","advisories":[],"bugzilla":"892983","bugzilla_description":"CVE-2013-0160 kernel: /dev/ptmx to measure inter-keystroke timing","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-385","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0160.json"},{"CVE":"CVE-2013-3302","severity":"low","public_date":"2012-12-27T00:00:00Z","advisories":[],"bugzilla":"952260","bugzilla_description":"CVE-2013-3302 Kernel: cifs: NULL pointer dereference","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3302.json"},{"CVE":"CVE-2013-2015","severity":"low","public_date":"2012-12-27T00:00:00Z","advisories":[],"bugzilla":"957123","bugzilla_description":"CVE-2013-2015 Kernel: ext4: hang when mounting non-journal filesystems with orphan list","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2015.json"},{"CVE":"CVE-2013-4591","severity":"moderate","public_date":"2012-12-11T00:00:00Z","advisories":["RHSA-2013:1645","RHSA-2014:0284"],"bugzilla":"1031678","bugzilla_description":"CVE-2013-4591 kernel: nfs: missing check for buffer length in __nfs4_get_acl_uncached","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-431.el6","kernel-0:2.6.32-358.37.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4591.json"},{"CVE":"CVE-2013-4592","severity":"moderate","public_date":"2012-12-10T00:00:00Z","advisories":["RHSA-2013:1645"],"bugzilla":"1031702","bugzilla_description":"CVE-2013-4592 kernel: kvm: memory leak when memory slot is moved with assigned device","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":"CWE-401","affected_packages":["kernel-0:2.6.32-431.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4592.json"},{"CVE":"CVE-2012-4461","severity":"moderate","public_date":"2012-11-06T00:00:00Z","advisories":["RHSA-2013:0223","RHSA-2013:0882"],"bugzilla":"862900","bugzilla_description":"CVE-2012-4461 kernel: kvm: invalid opcode oops on SET_SREGS with OSXSAVE bit set","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-220.38.1.el6","kernel-0:2.6.32-279.22.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4461.json"},{"CVE":"CVE-2013-1928","severity":"low","public_date":"2012-10-25T00:00:00Z","advisories":["RHSA-2013:1645"],"bugzilla":"949567","bugzilla_description":"CVE-2013-1928 Kernel: information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE","cvss_score":1.7,"cvss_scoring_vector":"AV:L/AC:L/Au:S/C:P/I:N/A:N","CWE":null,"affected_packages":["kernel-0:2.6.32-431.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1928.json"},{"CVE":"CVE-2012-6536","severity":"low","public_date":"2012-09-20T00:00:00Z","advisories":[],"bugzilla":"922039","bugzilla_description":"CVE-2012-6536 Kernel: xfrm_user: ensure user supplied esn replay window is valid","cvss_score":1.5,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6536.json"},{"CVE":"CVE-2012-6538","severity":"low","public_date":"2012-09-19T00:00:00Z","advisories":["RHSA-2013:0744"],"bugzilla":"922253","bugzilla_description":"CVE-2012-6538 Kernel: xfrm_user: info leak in copy_to_user_auth","cvss_score":1.5,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:P/I:N/A:N","CWE":null,"affected_packages":["kernel-0:2.6.32-358.6.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6538.json"},{"CVE":"CVE-2012-6537","severity":"low","public_date":"2012-09-19T00:00:00Z","advisories":["RHSA-2013:0747","RHSA-2013:0744"],"bugzilla":"922424","bugzilla_description":"CVE-2012-6537 Kernel: xfrm_user information leaks copy_to_user_","cvss_score":1.5,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:P/I:N/A:N","CWE":null,"affected_packages":["kernel-0:2.6.32-358.6.1.el6","kernel-0:2.6.18-348.4.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6537.json"},{"CVE":"CVE-2013-1826","severity":"moderate","public_date":"2012-09-13T00:00:00Z","advisories":["RHSA-2013:0747","RHSA-2013:0744"],"bugzilla":"919384","bugzilla_description":"CVE-2013-1826 Kernel: xfrm_user: return error pointer instead of NULL","cvss_score":3.8,"cvss_scoring_vector":"AV:L/AC:H/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-358.6.1.el6","kernel-0:2.6.18-348.4.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1826.json"},{"CVE":"CVE-2012-6703","severity":"moderate","public_date":"2012-09-05T00:00:00Z","advisories":[],"bugzilla":"1351076","bugzilla_description":"CVE-2012-6703 kernel: Integer overflow in compress_core","cvss_score":3.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:P/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6703.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2013-1827","severity":"moderate","public_date":"2012-08-15T00:00:00Z","advisories":["RHSA-2013:0744"],"bugzilla":"919164","bugzilla_description":"CVE-2013-1827 Kernel: dccp: check ccid before NULL poiter dereference","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-358.6.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1827.json"},{"CVE":"CVE-2012-6539","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":[],"bugzilla":"922133","bugzilla_description":"CVE-2012-6539 Kernel: net: info leak in compat dev_ifconf","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6539.json"},{"CVE":"CVE-2012-6540","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":[],"bugzilla":"922308","bugzilla_description":"CVE-2012-6540 Kernel: ipvs: information leak in getsockopt(IP_VS_SO_GET_TIMEOUT)","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6540.json"},{"CVE":"CVE-2012-6541","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":[],"bugzilla":"922314","bugzilla_description":"CVE-2012-6541 Kernel: dccp: informaion leak via getsockopt(DCCP_SOCKOPT_CCID_TX_INFO)","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6541.json"},{"CVE":"CVE-2012-6542","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":["RHSA-2013:0747","RHSA-2013:1645"],"bugzilla":"922322","bugzilla_description":"CVE-2012-6542 Kernel: llc: information leak via getsockname","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["kernel-0:2.6.18-348.4.1.el5","kernel-0:2.6.32-431.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6542.json"},{"CVE":"CVE-2012-6543","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":[],"bugzilla":"922341","bugzilla_description":"CVE-2012-6543 Kernel: l2tp: information leak via getsockname","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6543.json"},{"CVE":"CVE-2012-6547","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":["RHSA-2013:0747","RHSA-2013:0744"],"bugzilla":"922344","bugzilla_description":"CVE-2012-6547 Kernel: net/tun: ioctl() based information leaks","cvss_score":1.7,"cvss_scoring_vector":"AV:L/AC:L/Au:S/C:P/I:N/A:N","CWE":null,"affected_packages":["kernel-0:2.6.32-358.6.1.el6","kernel-0:2.6.18-348.4.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6547.json"},{"CVE":"CVE-2012-6548","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":["RHSA-2013:1051","RHSA-2013:1080"],"bugzilla":"922353","bugzilla_description":"CVE-2012-6548 Kernel: udf: information leak on export","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["kernel-0:2.6.32-358.14.1.el6","kernel-0:2.6.32-358.114.1.openstack.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6548.json"},{"CVE":"CVE-2012-6549","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":[],"bugzilla":"922359","bugzilla_description":"CVE-2012-6549 Kernel: isofs: information leak on export","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6549.json"},{"CVE":"CVE-2012-6546","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":["RHSA-2013:0747","RHSA-2013:0744"],"bugzilla":"922383","bugzilla_description":"CVE-2012-6546 Kernel: atm: information leak in getsockopt & getsockname","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["kernel-0:2.6.32-358.6.1.el6","kernel-0:2.6.18-348.4.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6546.json"},{"CVE":"CVE-2012-6545","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":["RHSA-2013:1645","RHSA-2013:1034"],"bugzilla":"922404","bugzilla_description":"CVE-2012-6545 Kernel: Bluetooth: RFCOMM - information leak","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["kernel-0:2.6.32-431.el6","kernel-0:2.6.18-348.12.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6545.json"},{"CVE":"CVE-2012-6544","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":["RHSA-2013:1195","RHSA-2013:1173","RHSA-2013:1034"],"bugzilla":"922414","bugzilla_description":"CVE-2012-6544 Kernel: Bluetooth: HCI & L2CAP information leaks","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["kernel-0:2.6.32-358.18.1.el6","kernel-0:2.6.18-348.12.1.el5","kernel-0:2.6.32-358.118.1.openstack.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6544.json"},{"CVE":"CVE-2012-3433","severity":"important","public_date":"2012-08-09T00:00:00Z","advisories":[],"bugzilla":"843582","bugzilla_description":"CVE-2012-3433 kernel: xen: HVM guest destroy p2m teardown host DoS vulnerability","cvss_score":5.5,"cvss_scoring_vector":"AV:A/AC:L/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3433.json"},{"CVE":"CVE-2012-5517","severity":"moderate","public_date":"2012-08-01T00:00:00Z","advisories":["RHSA-2012:1580"],"bugzilla":"875374","bugzilla_description":"CVE-2012-5517 kernel: mm/hotplug: failure in propagating hot-added memory to other nodes","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-279.19.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5517.json"},{"CVE":"CVE-2012-3412","severity":"important","public_date":"2012-07-30T00:00:00Z","advisories":["RHSA-2012:1430","RHSA-2012:1375","RHSA-2012:1366","RHSA-2012:1401","RHSA-2012:1324","RHSA-2012:1323","RHSA-2012:1347"],"bugzilla":"844714","bugzilla_description":"CVE-2012-3412 kernel: sfc: potential remote denial of service through TCP MSS option","cvss_score":7.1,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-400","affected_packages":["kernel-0:2.6.32-131.35.1.el6","kernel-0:2.6.32-279.11.1.el6","kernel-0:2.6.18-238.45.1.el5","rhev-hypervisor6-0:6.3-20121012.0.el6_3","kernel-0:2.6.32-220.28.1.el6","kernel-0:2.6.18-308.16.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3412.json"},{"CVE":"CVE-2012-3432","severity":"moderate","public_date":"2012-07-26T00:00:00Z","advisories":[],"bugzilla":"843570","bugzilla_description":"CVE-2012-3432 kernel: xen: HVM guest user mode MMIO emulation DoS","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3432.json"},{"CVE":"CVE-2012-6647","severity":"moderate","public_date":"2012-07-20T00:00:00Z","advisories":["RHSA-2014:0981"],"bugzilla":"1097746","bugzilla_description":"CVE-2012-6647 Kernel: futex: forbid uaddr == uaddr2 in futex_wait_requeue_pi()","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-431.23.3.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6647.json"},{"CVE":"CVE-2012-2744","severity":"important","public_date":"2012-07-10T00:00:00Z","advisories":["RHSA-2012:1129","RHSA-2012:1064","RHSA-2012:1148","RHSA-2012:1114"],"bugzilla":"833402","bugzilla_description":"CVE-2012-2744 kernel: netfilter: null pointer dereference in nf_ct_frag6_reasm()","cvss_score":7.8,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-228->CWE-476","affected_packages":["kernel-0:2.6.32-220.24.1.el6","kernel-0:2.6.32-71.40.1.el6","kernel-0:2.6.32-131.30.1.el6","kernel-0:2.6.32-279.1.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2744.json"},{"CVE":"CVE-2012-2745","severity":"moderate","public_date":"2012-07-10T00:00:00Z","advisories":["RHSA-2012:1064"],"bugzilla":"833428","bugzilla_description":"CVE-2012-2745 kernel: cred: copy_process() should clear child->replacement_session_keyring","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-279.1.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2745.json"},{"CVE":"CVE-2012-3400","severity":"low","public_date":"2012-06-27T00:00:00Z","advisories":["RHSA-2012:1426","RHSA-2012:1491","RHSA-2013:0594"],"bugzilla":"843139","bugzilla_description":"CVE-2012-3400 kernel: udf: buffer overflow when parsing sparing table","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["kernel-0:2.6.18-348.2.1.el5","kernel-rt-0:3.2.33-rt50.66.el6rt","kernel-0:2.6.32-279.14.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3400.json"},{"CVE":"CVE-2012-0217","severity":"important","public_date":"2012-06-12T00:00:00Z","advisories":["RHSA-2012:0721","RHSA-2012:0720"],"bugzilla":"813428","bugzilla_description":"CVE-2012-0217 kernel: x86-64: avoid sysret to non-canonical address","cvss_score":7.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["kernel-0:2.6.18-308.8.2.el5","kernel-0:2.6.18-238.39.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0217.json"},{"CVE":"CVE-2012-0218","severity":"moderate","public_date":"2012-06-12T00:00:00Z","advisories":[],"bugzilla":"813908","bugzilla_description":"CVE-2012-0218 kernel: xen: guest denial of service on syscall/sysenter exception generation","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0218.json"},{"CVE":"CVE-2012-2934","severity":"moderate","public_date":"2012-06-12T00:00:00Z","advisories":["RHSA-2012:0721"],"bugzilla":"824966","bugzilla_description":"CVE-2012-2934 kernel: denial of service due to AMD Erratum #121","cvss_score":4.6,"cvss_scoring_vector":"AV:A/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.18-308.8.2.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2934.json"},{"CVE":"CVE-2012-2137","severity":"important","public_date":"2012-06-05T00:00:00Z","advisories":["RHSA-2012:0743"],"bugzilla":"816151","bugzilla_description":"CVE-2012-2137 kernel: kvm: buffer overflow in kvm_set_irq()","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-220.23.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2137.json"},{"CVE":"CVE-2012-2372","severity":"moderate","public_date":"2012-06-05T00:00:00Z","advisories":["RHSA-2012:1540","RHSA-2012:0743"],"bugzilla":"822754","bugzilla_description":"CVE-2012-2372 kernel: rds-ping cause kernel panic","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.18-308.24.1.el5","kernel-0:2.6.32-220.23.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2372.json"},{"CVE":"CVE-2012-2136","severity":"important","public_date":"2012-05-29T00:00:00Z","advisories":["RHSA-2012:1087","RHSA-2012:0690","RHSA-2012:0743"],"bugzilla":"816289","bugzilla_description":"CVE-2012-2136 kernel: net: insufficient data_len validation in sock_alloc_send_pskb()","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-228->CWE-119","affected_packages":["kernel-0:2.6.18-238.40.1.el5","kernel-0:2.6.18-308.8.1.el5","kernel-0:2.6.32-220.23.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2136.json"},{"CVE":"CVE-2012-6701","severity":"moderate","public_date":"2012-05-21T00:00:00Z","advisories":["RHSA-2018:1854"],"bugzilla":"1314288","bugzilla_description":"CVE-2012-6701 kernel: AIO interface didn't use rw_verify_area() for checking mandatory locking on files and size of access","cvss_score":3.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:P/A:N","CWE":"CWE-190","affected_packages":["kernel-0:2.6.32-754.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6701.json"},{"CVE":"CVE-2012-2373","severity":"moderate","public_date":"2012-05-17T00:00:00Z","advisories":["RHSA-2012:0743"],"bugzilla":"822821","bugzilla_description":"CVE-2012-2373 kernel: mm: read_pmd_atomic: 32bit PAE pmd walk vs pmd_populate SMP race condition","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-220.23.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2373.json"},{"CVE":"CVE-2012-2319","severity":"low","public_date":"2012-05-04T00:00:00Z","advisories":["RHSA-2012:1323","RHSA-2012:1347"],"bugzilla":"819471","bugzilla_description":"CVE-2012-2319 kernel: Buffer overflow in the HFS plus filesystem (different issue than CVE-2009-4020)","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-119","affected_packages":["kernel-0:2.6.18-238.45.1.el5","kernel-0:2.6.18-308.16.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2319.json"},{"CVE":"CVE-2012-6704","severity":"moderate","public_date":"2012-04-26T00:00:00Z","advisories":[],"bugzilla":"1402024","bugzilla_description":"CVE-2012-6704 kernel: Signed overflows in SO_{SND|RCV}BUF in sock_setsockopt()","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6704.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2012-2383","severity":"moderate","public_date":"2012-04-23T00:00:00Z","advisories":["RHSA-2012:1156"],"bugzilla":"824176","bugzilla_description":"CVE-2012-2383 kernel: drm/i915: integer overflow in i915_gem_execbuffer2()","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-190","affected_packages":["kernel-0:2.6.32-279.5.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2383.json"},{"CVE":"CVE-2012-2384","severity":"moderate","public_date":"2012-04-23T00:00:00Z","advisories":["RHSA-2012:1304"],"bugzilla":"824178","bugzilla_description":"CVE-2012-2384 kernel: drm/i915: integer overflow in i915_gem_do_execbuffer()","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-190","affected_packages":["kernel-0:2.6.32-279.9.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2384.json"},{"CVE":"CVE-2012-2127","severity":"moderate","public_date":"2012-04-20T00:00:00Z","advisories":[],"bugzilla":"815188","bugzilla_description":"CVE-2012-2127 kernel: pid namespace leak in kernel 3.0 and 3.1","cvss_score":4.6,"cvss_scoring_vector":"AV:L/AC:L/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2127.json"},{"CVE":"CVE-2012-1583","severity":"important","public_date":"2012-04-17T00:00:00Z","advisories":["RHSA-2012:0480","RHSA-2012:0720"],"bugzilla":"752304","bugzilla_description":"CVE-2012-1583 kernel: ipv6: panic using raw sockets","cvss_score":7.8,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-393->CWE-119","affected_packages":["kernel-0:2.6.18-308.4.1.el5","kernel-0:2.6.18-238.39.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1583.json"},{"CVE":"CVE-2012-2119","severity":"important","public_date":"2012-04-16T00:00:00Z","advisories":["RHSA-2012:0743"],"bugzilla":"814278","bugzilla_description":"CVE-2012-2119 kernel: macvtap: zerocopy: vector length is not validated before pinning user pages","cvss_score":5.2,"cvss_scoring_vector":"AV:A/AC:M/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-220.23.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2119.json"},{"CVE":"CVE-2012-2121","severity":"moderate","public_date":"2012-03-29T00:00:00Z","advisories":["RHSA-2012:0743","RHSA-2012:0676"],"bugzilla":"814149","bugzilla_description":"CVE-2012-2121 kvm: device assignment page leak","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kvm-0:83-249.el5_8.4","kernel-0:2.6.32-220.23.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2121.json"},{"CVE":"CVE-2012-1568","severity":"low","public_date":"2012-03-17T00:00:00Z","advisories":["RHSA-2012:1426","RHSA-2013:0168"],"bugzilla":"804947","bugzilla_description":"CVE-2012-1568 kernel: execshield: predictable ascii armour base address","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["kernel-0:2.6.18-348.1.1.el5","kernel-0:2.6.32-279.14.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1568.json"},{"CVE":"CVE-2012-1179","severity":"moderate","public_date":"2012-03-15T00:00:00Z","advisories":["RHSA-2012:1042","RHSA-2012:0743"],"bugzilla":"803793","bugzilla_description":"CVE-2012-1179 kernel: thp:__split_huge_page() mapcount != page_mapcount BUG_ON()","cvss_score":5.2,"cvss_scoring_vector":"AV:A/AC:M/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-131.29.1.el6","kernel-0:2.6.32-220.23.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1179.json"},{"CVE":"CVE-2012-1097","severity":"moderate","public_date":"2012-03-03T00:00:00Z","advisories":["RHSA-2012:0481","RHSA-2012:1042"],"bugzilla":"799209","bugzilla_description":"CVE-2012-1097 kernel: regset: Prevent null pointer reference on readonly regsets","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-131.29.1.el6","kernel-0:2.6.32-220.13.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1097.json"},{"CVE":"CVE-2012-1146","severity":"moderate","public_date":"2012-02-24T00:00:00Z","advisories":[],"bugzilla":"800813","bugzilla_description":"CVE-2012-1146 kernel: mm: memcg: unregistring of events attached to the same eventfd can lead to oops","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1146.json"},{"CVE":"CVE-2012-1090","severity":"moderate","public_date":"2012-02-23T00:00:00Z","advisories":["RHSA-2012:0481"],"bugzilla":"798293","bugzilla_description":"CVE-2012-1090 kernel: cifs: dentry refcount leak when opening a FIFO on lookup leads to panic on unmount","cvss_score":5.7,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-220.13.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1090.json"},{"CVE":"CVE-2012-1601","severity":"moderate","public_date":"2012-02-07T00:00:00Z","advisories":["RHSA-2012:0571","RHSA-2012:0676"],"bugzilla":"808199","bugzilla_description":"CVE-2012-1601 kernel: kvm: irqchip_in_kernel() and vcpu->arch.apic inconsistency","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-220.17.1.el6","kvm-0:83-249.el5_8.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1601.json"},{"CVE":"CVE-2011-4325","severity":"moderate","public_date":"2012-01-10T00:00:00Z","advisories":["RHSA-2012:0007"],"bugzilla":"755455","bugzilla_description":"CVE-2011-4325 kernel: nfs: diotest4 from LTP crash client null pointer deref","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":["kernel-0:2.6.18-274.17.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4325.json"},{"CVE":"CVE-2011-4348","severity":"important","public_date":"2012-01-10T00:00:00Z","advisories":["RHSA-2012:0007"],"bugzilla":"757143","bugzilla_description":"CVE-2011-4348 kernel: incomplete fix for CVE-2011-2482","cvss_score":7.1,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-662->CWE-362->CWE-672->CWE-119","affected_packages":["kernel-0:2.6.18-274.17.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4348.json"},{"CVE":"CVE-2012-2100","severity":"low","public_date":"2012-01-10T00:00:00Z","advisories":["RHSA-2012:1580","RHSA-2012:1445"],"bugzilla":"809687","bugzilla_description":"CVE-2012-2100 kernel: ext4: fix inconsistency in ext4_fill_flex_info()","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.18-308.20.1.el5","kernel-0:2.6.32-279.19.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2100.json"},{"CVE":"CVE-2012-0058","severity":"moderate","public_date":"2012-01-08T00:00:00Z","advisories":[],"bugzilla":"782696","bugzilla_description":"CVE-2012-0058 kernel: Unused iocbs in a batch should not be accounted as active","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0058.json"},{"CVE":"CVE-2012-0045","severity":"moderate","public_date":"2011-12-29T00:00:00Z","advisories":["RHSA-2012:0350","RHSA-2012:0422"],"bugzilla":"773370","bugzilla_description":"CVE-2012-0045 kernel: kvm: syscall instruction induced guest panic","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["rhev-hypervisor6-0:6.2-20120320.0.el6_2","kernel-0:2.6.32-220.7.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0045.json"},{"CVE":"CVE-2011-4622","severity":"moderate","public_date":"2011-12-14T00:00:00Z","advisories":["RHSA-2012:0051","RHSA-2012:0350"],"bugzilla":"769721","bugzilla_description":"CVE-2011-4622 kernel: kvm: pit timer with no irqchip crashes the system","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kvm-0:83-239.el5_7.1","kernel-0:2.6.32-220.7.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4622.json"},{"CVE":"CVE-2011-4604","severity":"low","public_date":"2011-12-10T00:00:00Z","advisories":[],"bugzilla":"767495","bugzilla_description":"CVE-2011-4604 kernel: bat_socket_read memory corruption","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4604.json"},{"CVE":"CVE-2012-6638","severity":"moderate","public_date":"2011-12-02T00:00:00Z","advisories":["RHSA-2014:0433","RHSA-2014:0772"],"bugzilla":"1066055","bugzilla_description":"CVE-2012-6638 Kernel: net: tcp: potential DoS via SYN+FIN messages","cvss_score":6.4,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:P","CWE":null,"affected_packages":["kernel-0:2.6.18-371.8.1.el5","kernel-0:2.6.18-348.27.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6638.json"},{"CVE":"CVE-2011-4347","severity":"moderate","public_date":"2011-11-20T00:00:00Z","advisories":["RHSA-2012:0350","RHSA-2012:1042","RHSA-2012:0149"],"bugzilla":"756084","bugzilla_description":"CVE-2011-4347 kernel: kvm: device assignment DoS","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-131.29.1.el6","kernel-0:2.6.32-220.7.1.el6","kvm-0:83-249.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4347.json"},{"CVE":"CVE-2011-4330","severity":"moderate","public_date":"2011-11-09T00:00:00Z","advisories":["RHSA-2012:0007","RHSA-2012:0358"],"bugzilla":"755431","bugzilla_description":"CVE-2011-4330 kernel: hfs: add sanity check for file name length","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["kernel-0:2.6.18-274.17.1.el5","kernel-0:2.6.18-238.35.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4330.json"},{"CVE":"CVE-2011-2942","severity":"moderate","public_date":"2011-10-20T00:00:00Z","advisories":["RHSA-2011:1386","RHSA-2011:1408"],"bugzilla":"730917","bugzilla_description":"CVE-2011-2942 kernel: bridge: null pointer dereference in __br_deliver","cvss_score":6.1,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":["kernel-0:2.6.18-274.7.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2942.json"},{"CVE":"CVE-2011-3347","severity":"moderate","public_date":"2011-10-20T00:00:00Z","advisories":["RHSA-2011:1386","RHSA-2011:1530","RHSA-2011:1408","RHSA-2012:0116"],"bugzilla":"736425","bugzilla_description":"CVE-2011-3347 kernel: be2net: promiscuous mode and non-member VLAN packets DoS","cvss_score":4.6,"cvss_scoring_vector":"AV:A/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-131.25.1.el6","kernel-0:2.6.18-274.7.1.el5","kernel-0:2.6.32-220.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3347.json"},{"CVE":"CVE-2011-5321","severity":"moderate","public_date":"2011-10-12T00:00:00Z","advisories":["RHSA-2015:1221"],"bugzilla":"1201887","bugzilla_description":"CVE-2011-5321 Kernel: tty: driver reference leakage in tty_open","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-504.30.3.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-5321.json"},{"CVE":"CVE-2011-3638","severity":"moderate","public_date":"2011-09-28T00:00:00Z","advisories":["RHSA-2012:0107","RHSA-2012:0517","RHSA-2011:1530","RHSA-2012:0116"],"bugzilla":"747942","bugzilla_description":"CVE-2011-3638 kernel: ext4: ext4_ext_insert_extent() kernel oops","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-131.25.1.el6","kernel-0:2.6.18-274.18.1.el5","kernel-0:2.6.18-238.37.1.el5","kernel-0:2.6.32-220.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3638.json"},{"CVE":"CVE-2011-2482","severity":"important","public_date":"2011-08-30T00:00:00Z","advisories":["RHSA-2011:1212","RHSA-2011:1813"],"bugzilla":"714867","bugzilla_description":"CVE-2011-2482 kernel: sctp dos","cvss_score":7.8,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-662->CWE-362->CWE-672->CWE-476","affected_packages":["kernel-0:2.6.18-238.31.1.el5","kernel-0:2.6.18-274.3.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2482.json"},{"CVE":"CVE-2011-2519","severity":"moderate","public_date":"2011-08-30T00:00:00Z","advisories":["RHSA-2011:1212","RHSA-2011:1813"],"bugzilla":"718882","bugzilla_description":"CVE-2011-2519 kernel: xen: x86_emulate: fix SAHF emulation","cvss_score":5.2,"cvss_scoring_vector":"AV:A/AC:M/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.18-238.31.1.el5","kernel-0:2.6.18-274.3.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2519.json"},{"CVE":"CVE-2011-1833","severity":"moderate","public_date":"2011-08-09T00:00:00Z","advisories":["RHSA-2011:1386","RHSA-2011:1350"],"bugzilla":"731172","bugzilla_description":"CVE-2011-1833 kernel: ecryptfs: mount source TOCTOU race","cvss_score":3.3,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:N","CWE":"CWE-367","affected_packages":["kernel-0:2.6.32-131.17.1.el6","kernel-0:2.6.18-274.7.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1833.json"},{"CVE":"CVE-2011-2905","severity":"low","public_date":"2011-08-07T00:00:00Z","advisories":["RHSA-2011:1465"],"bugzilla":"729808","bugzilla_description":"CVE-2011-2905 kernel: perf tools: may parse user-controlled configuration file","cvss_score":2.6,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:P/A:P","CWE":null,"affected_packages":["kernel-0:2.6.32-131.21.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2905.json"},{"CVE":"CVE-2011-4112","severity":null,"public_date":"2011-07-26T00:00:00Z","advisories":[],"bugzilla":"751006","bugzilla_description":"CVE-2011-4112 kernel: null ptr deref at dev_queue_xmit+0x35/0x4d0","cvss_score":6.1,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4112.json"},{"CVE":"CVE-2011-2699","severity":"important","public_date":"2011-07-20T00:00:00Z","advisories":["RHSA-2011:1465","RHSA-2011:1386","RHSA-2012:0358"],"bugzilla":"723429","bugzilla_description":"CVE-2011-2699 kernel: ipv6: make fragment identifications less predictable","cvss_score":7.1,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.18-238.35.1.el5","kernel-0:2.6.18-274.7.1.el5","kernel-0:2.6.32-131.21.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2699.json"},{"CVE":"CVE-2011-1576","severity":"moderate","public_date":"2011-06-06T00:00:00Z","advisories":["RHSA-2011:0927","RHSA-2011:1253","RHSA-2011:1189","RHSA-2011:1106","RHSA-2011:1090"],"bugzilla":"695173","bugzilla_description":"CVE-2011-1576 kernel: net: Fix memory leak/corruption on VLAN GRO_DROP","cvss_score":5.7,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-401","affected_packages":["kernel-0:2.6.32-131.12.1.el6","kernel-0:2.6.32-71.34.1.el6","kernel-0:2.6.18-238.19.1.el5","kernel-rt-0:2.6.33.9-rt31.75.el6rt"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1576.json"},{"CVE":"CVE-2011-2491","severity":"important","public_date":"2011-05-31T00:00:00Z","advisories":["RHSA-2011:1212","RHSA-2011:1253","RHSA-2011:1189","RHSA-2011:1813"],"bugzilla":"709393","bugzilla_description":"CVE-2011-2491 kernel: rpc task leak after flock()ing NFS share","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-131.12.1.el6","kernel-0:2.6.18-238.31.1.el5","kernel-rt-0:2.6.33.9-rt31.75.el6rt","kernel-0:2.6.18-274.3.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2491.json"},{"CVE":"CVE-2011-2492","severity":"low","public_date":"2011-05-09T00:00:00Z","advisories":["RHSA-2011:0927","RHSA-2011:1253","RHSA-2011:1189"],"bugzilla":"703019","bugzilla_description":"CVE-2011-2492 kernel: bluetooth: l2cap and rfcomm: fix 1 byte infoleak to userspace","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["kernel-0:2.6.32-131.12.1.el6","kernel-0:2.6.18-238.19.1.el5","kernel-rt-0:2.6.33.9-rt31.75.el6rt"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2492.json"},{"CVE":"CVE-2011-1770","severity":"important","public_date":"2011-05-06T00:00:00Z","advisories":["RHSA-2011:1253","RHSA-2011:0836"],"bugzilla":"703011","bugzilla_description":"CVE-2011-1770 kernel: dccp: handle invalid feature options length","cvss_score":7.8,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-190->CWE-119","affected_packages":["kernel-rt-0:2.6.33.9-rt31.75.el6rt","kernel-0:2.6.32-131.2.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1770.json"},{"CVE":"CVE-2011-1776","severity":"low","public_date":"2011-05-06T00:00:00Z","advisories":["RHSA-2011:0927","RHSA-2011:1253","RHSA-2011:1189"],"bugzilla":"703026","bugzilla_description":"CVE-2011-1776 kernel: validate size of EFI GUID partition entries","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-131.12.1.el6","kernel-0:2.6.18-238.19.1.el5","kernel-rt-0:2.6.33.9-rt31.75.el6rt"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1776.json"},{"CVE":"CVE-2011-2689","severity":"moderate","public_date":"2011-04-26T00:00:00Z","advisories":["RHSA-2011:1065","RHSA-2011:1189"],"bugzilla":"720861","bugzilla_description":"CVE-2011-2689 kernel: gfs2: make sure fallocate bytes is a multiple of blksize","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-131.12.1.el6","kernel-0:2.6.18-274.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2689.json"},{"CVE":"CVE-2012-3552","severity":"moderate","public_date":"2011-04-21T00:00:00Z","advisories":["RHSA-2012:1540","RHSA-2012:1304"],"bugzilla":"853465","bugzilla_description":"CVE-2012-3552 kernel: net: slab corruption due to improper synchronization around inet->opt","cvss_score":5.4,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-279.9.1.el6","kernel-0:2.6.18-308.24.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3552.json"},{"CVE":"CVE-2011-1598","severity":"moderate","public_date":"2011-04-20T00:00:00Z","advisories":["RHSA-2011:1253","RHSA-2011:0836"],"bugzilla":"698057","bugzilla_description":"CVE-2011-1598 CVE-2011-1748 kernel: missing check in can/bcm and can/raw socket releases","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-rt-0:2.6.33.9-rt31.75.el6rt","kernel-0:2.6.32-131.2.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1598.json"},{"CVE":"CVE-2011-1748","severity":"moderate","public_date":"2011-04-20T00:00:00Z","advisories":["RHSA-2011:1253","RHSA-2011:0836"],"bugzilla":"698057","bugzilla_description":"CVE-2011-1598 CVE-2011-1748 kernel: missing check in can/bcm and can/raw socket releases","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-rt-0:2.6.33.9-rt31.75.el6rt","kernel-0:2.6.32-131.2.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1748.json"},{"CVE":"CVE-2011-1745","severity":"important","public_date":"2011-04-14T00:00:00Z","advisories":["RHSA-2011:0927","RHSA-2011:1253","RHSA-2011:1350"],"bugzilla":"698996","bugzilla_description":"CVE-2011-1745 CVE-2011-2022 kernel: agp: insufficient pg_start parameter checking in AGPIOC_BIND and AGPIOC_UNBIND ioctls","cvss_score":6.6,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:C/I:C/A:C","CWE":null,"affected_packages":["kernel-0:2.6.18-238.19.1.el5","kernel-rt-0:2.6.33.9-rt31.75.el6rt","kernel-0:2.6.32-131.17.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1745.json"},{"CVE":"CVE-2011-2022","severity":"important","public_date":"2011-04-14T00:00:00Z","advisories":["RHSA-2011:0927","RHSA-2011:1253","RHSA-2011:1350"],"bugzilla":"698996","bugzilla_description":"CVE-2011-1745 CVE-2011-2022 kernel: agp: insufficient pg_start parameter checking in AGPIOC_BIND and AGPIOC_UNBIND ioctls","cvss_score":6.6,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:C/I:C/A:C","CWE":null,"affected_packages":["kernel-0:2.6.18-238.19.1.el5","kernel-rt-0:2.6.33.9-rt31.75.el6rt","kernel-0:2.6.32-131.17.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2022.json"},{"CVE":"CVE-2011-1746","severity":"important","public_date":"2011-04-14T00:00:00Z","advisories":["RHSA-2011:0927","RHSA-2011:1253","RHSA-2011:1350"],"bugzilla":"698998","bugzilla_description":"CVE-2011-1746 kernel: agp: insufficient page_count parameter checking in agp_allocate_memory()","cvss_score":6.6,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:C/I:C/A:C","CWE":null,"affected_packages":["kernel-0:2.6.18-238.19.1.el5","kernel-rt-0:2.6.33.9-rt31.75.el6rt","kernel-0:2.6.32-131.17.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1746.json"},{"CVE":"CVE-2011-1747","severity":null,"public_date":"2011-04-14T00:00:00Z","advisories":[],"bugzilla":"698999","bugzilla_description":"CVE-2011-1747 kernel: agp: possible kernel mem exhaustion via AGPIOC_RESERVE and AGPIOC_ALLOCATE ioctls","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1747.json"},{"CVE":"CVE-2011-1577","severity":"low","public_date":"2011-04-13T00:00:00Z","advisories":["RHSA-2011:1465","RHSA-2011:1253","RHSA-2011:0833"],"bugzilla":"695976","bugzilla_description":"CVE-2011-1577 kernel: corrupted GUID partition tables can cause kernel oops","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.18-238.12.1.el5","kernel-rt-0:2.6.33.9-rt31.75.el6rt","kernel-0:2.6.32-131.21.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1577.json"},{"CVE":"CVE-2011-1593","severity":"moderate","public_date":"2011-04-13T00:00:00Z","advisories":["RHSA-2011:0927","RHSA-2011:1253","RHSA-2011:1189"],"bugzilla":"697822","bugzilla_description":"CVE-2011-1593 kernel: proc: signedness issue in next_pidmap()","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-131.12.1.el6","kernel-0:2.6.18-238.19.1.el5","kernel-rt-0:2.6.33.9-rt31.75.el6rt"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1593.json"},{"CVE":"CVE-2011-1479","severity":"moderate","public_date":"2011-04-05T00:00:00Z","advisories":["RHSA-2011:1253"],"bugzilla":"691793","bugzilla_description":"CVE-2011-1479 kernel: DoS (crash) due slab corruption in inotify_init1 (incomplete fix for CVE-2010-4250)","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-rt-0:2.6.33.9-rt31.75.el6rt"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1479.json"},{"CVE":"CVE-2011-1494","severity":"important","public_date":"2011-04-05T00:00:00Z","advisories":["RHSA-2011:0542","RHSA-2011:0883","RHSA-2011:1253","RHSA-2011:0833"],"bugzilla":"694021","bugzilla_description":"CVE-2011-1494 CVE-2011-1495 kernel: drivers/scsi/mpt2sas: prevent heap overflows","cvss_score":7.2,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","CWE":"CWE-119","affected_packages":["kernel-0:2.6.32-71.31.1.el6","kernel-0:2.6.18-238.12.1.el5","kernel-rt-0:2.6.33.9-rt31.75.el6rt","kernel-0:2.6.32-131.0.15.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1494.json"},{"CVE":"CVE-2011-1495","severity":"important","public_date":"2011-04-05T00:00:00Z","advisories":["RHSA-2011:0542","RHSA-2011:0883","RHSA-2011:1253","RHSA-2011:0833"],"bugzilla":"694021","bugzilla_description":"CVE-2011-1494 CVE-2011-1495 kernel: drivers/scsi/mpt2sas: prevent heap overflows","cvss_score":7.2,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","CWE":"CWE-119","affected_packages":["kernel-0:2.6.32-71.31.1.el6","kernel-0:2.6.18-238.12.1.el5","kernel-rt-0:2.6.33.9-rt31.75.el6rt","kernel-0:2.6.32-131.0.15.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1495.json"},{"CVE":"CVE-2011-1771","severity":"moderate","public_date":"2011-04-05T00:00:00Z","advisories":["RHSA-2011:0836"],"bugzilla":"703016","bugzilla_description":"CVE-2011-1771 kernel: cifs oops when creating file with O_DIRECT set","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-131.2.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1771.json"},{"CVE":"CVE-2011-2479","severity":"moderate","public_date":"2011-03-24T00:00:00Z","advisories":["RHSA-2011:0928"],"bugzilla":"714761","bugzilla_description":"CVE-2011-2479 kernel: thp: madvise on top of /dev/zero private mapping can lead to panic","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-131.6.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2479.json"},{"CVE":"CVE-2011-1182","severity":"low","public_date":"2011-03-23T00:00:00Z","advisories":["RHSA-2011:0883","RHSA-2011:0927","RHSA-2011:1189"],"bugzilla":"690028","bugzilla_description":"CVE-2011-1182 kernel signal spoofing issue","cvss_score":3.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:P/A:P","CWE":null,"affected_packages":["kernel-0:2.6.32-131.12.1.el6","kernel-0:2.6.32-71.31.1.el6","kernel-0:2.6.18-238.19.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1182.json"},{"CVE":"CVE-2011-4080","severity":"low","public_date":"2011-03-23T00:00:00Z","advisories":["RHSA-2012:0481"],"bugzilla":"749243","bugzilla_description":"CVE-2011-4080 kernel: sysctl: restrict write access to dmesg_restrict","cvss_score":1.5,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:P/I:N/A:N","CWE":null,"affected_packages":["kernel-0:2.6.32-220.13.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4080.json"},{"CVE":"CVE-2011-1493","severity":"important","public_date":"2011-03-20T00:00:00Z","advisories":[],"bugzilla":"770777","bugzilla_description":"CVE-2011-1493 CVE-2011-4913 CVE-2011-4914 kernel: multiple issues in rose protocol","cvss_score":8.3,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:C/I:C/A:C","CWE":"CWE-228->CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1493.json"},{"CVE":"CVE-2011-4913","severity":"important","public_date":"2011-03-20T00:00:00Z","advisories":[],"bugzilla":"770777","bugzilla_description":"CVE-2011-1493 CVE-2011-4913 CVE-2011-4914 kernel: multiple issues in rose protocol","cvss_score":8.3,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:C/I:C/A:C","CWE":"CWE-228->CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4913.json"},{"CVE":"CVE-2011-4914","severity":"important","public_date":"2011-03-20T00:00:00Z","advisories":[],"bugzilla":"770777","bugzilla_description":"CVE-2011-1493 CVE-2011-4913 CVE-2011-4914 kernel: multiple issues in rose protocol","cvss_score":8.3,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:C/I:C/A:C","CWE":"CWE-228->CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4914.json"},{"CVE":"CVE-2011-2521","severity":"moderate","public_date":"2011-03-19T00:00:00Z","advisories":["RHSA-2011:1350"],"bugzilla":"719228","bugzilla_description":"CVE-2011-2521 kernel: perf, x86: fix Intel fixed counters base initialization","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-131.17.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2521.json"},{"CVE":"CVE-2011-2693","severity":null,"public_date":"2011-03-19T00:00:00Z","advisories":[],"bugzilla":"721283","bugzilla_description":"CVE-2011-2693 kernel: panic with NMI enabled while using perf","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2693.json"},{"CVE":"CVE-2011-4611","severity":"moderate","public_date":"2011-03-16T00:00:00Z","advisories":["RHSA-2012:0350"],"bugzilla":"767914","bugzilla_description":"CVE-2011-4611 kernel: perf, powerpc: Handle events that raise an exception without overflowing","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-220.7.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4611.json"},{"CVE":"CVE-2011-1581","severity":"important","public_date":"2011-03-14T00:00:00Z","advisories":["RHSA-2011:0542"],"bugzilla":"696029","bugzilla_description":"CVE-2011-1581 kernel: bonding: Incorrect TX queue offset","cvss_score":4.6,"cvss_scoring_vector":"AV:A/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-131.0.15.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1581.json"},{"CVE":"CVE-2011-2534","severity":"low","public_date":"2011-03-10T00:00:00Z","advisories":[],"bugzilla":"689337","bugzilla_description":"CVE-2011-2534 ipv4: netfilter: ipt_CLUSTERIP: fix buffer overflow","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2534.json"},{"CVE":"CVE-2011-0714","severity":"important","public_date":"2011-03-08T00:00:00Z","advisories":["RHSA-2011:0329"],"bugzilla":"678144","bugzilla_description":"CVE-2011-0714 kernel: deficiency in handling of invalid data packets in lockd","cvss_score":5.7,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-71.18.2.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0714.json"},{"CVE":"CVE-2011-1160","severity":"low","public_date":"2011-03-08T00:00:00Z","advisories":["RHSA-2011:1253","RHSA-2011:1386","RHSA-2011:1350"],"bugzilla":"684671","bugzilla_description":"CVE-2011-1160 kernel: tpm infoleaks","cvss_score":1.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["kernel-rt-0:2.6.33.9-rt31.75.el6rt","kernel-0:2.6.32-131.17.1.el6","kernel-0:2.6.18-274.7.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1160.json"},{"CVE":"CVE-2011-1090","severity":"moderate","public_date":"2011-03-05T00:00:00Z","advisories":["RHSA-2011:0542","RHSA-2011:0883","RHSA-2011:1253","RHSA-2011:0429"],"bugzilla":"682641","bugzilla_description":"CVE-2011-1090 kernel: nfs4: Ensure that ACL pages sent over NFS were not allocated from the slab","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-71.31.1.el6","kernel-rt-0:2.6.33.9-rt31.75.el6rt","kernel-0:2.6.18-238.9.1.el5","kernel-0:2.6.32-131.0.15.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1090.json"},{"CVE":"CVE-2011-1023","severity":"moderate","public_date":"2011-03-02T00:00:00Z","advisories":["RHSA-2011:0542"],"bugzilla":"680345","bugzilla_description":"CVE-2011-1023 kernel: BUG_ON() in rds_send_xmit()","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-131.0.15.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1023.json"},{"CVE":"CVE-2011-2189","severity":"moderate","public_date":"2011-02-16T00:00:00Z","advisories":[],"bugzilla":"711245","bugzilla_description":"CVE-2011-2189 kernel: net_ns: oom killer fires because of slow net_ns cleanup","cvss_score":4.6,"cvss_scoring_vector":"AV:L/AC:L/Au:S/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2189.json"},{"CVE":"CVE-2011-1016","severity":"important","public_date":"2011-02-14T00:00:00Z","advisories":["RHSA-2011:0498"],"bugzilla":"680000","bugzilla_description":"CVE-2011-1016 kernel: drm/radeon/kms: check AA resolve registers on r300","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-71.29.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1016.json"},{"CVE":"CVE-2011-1020","severity":"moderate","public_date":"2011-02-07T00:00:00Z","advisories":["RHSA-2012:0007","RHSA-2011:1253","RHSA-2011:1530","RHSA-2012:0116"],"bugzilla":"680358","bugzilla_description":"CVE-2011-1020 kernel: no access restrictions of /proc/pid/* after setuid program exec","cvss_score":3.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["kernel-0:2.6.18-274.17.1.el5","kernel-0:2.6.32-131.25.1.el6","kernel-rt-0:2.6.33.9-rt31.75.el6rt","kernel-0:2.6.32-220.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1020.json"},{"CVE":"CVE-2011-1478","severity":"moderate","public_date":"2011-02-02T00:00:00Z","advisories":["RHSA-2011:0421","RHSA-2011:1253","RHSA-2011:0439","RHSA-2011:0429"],"bugzilla":"691270","bugzilla_description":"CVE-2011-1478 kernel: gro: reset dev and skb_iff on skb reuse","cvss_score":5.7,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-71.24.1.el6","kernel-rt-0:2.6.33.9-rt31.75.el6rt","kernel-0:2.6.18-238.9.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1478.json"},{"CVE":"CVE-2010-4258","severity":"moderate","public_date":"2010-12-03T00:00:00Z","advisories":[],"bugzilla":"659567","bugzilla_description":"CVE-2010-4258 kernel: failure to revert address limit override in OOPS error path","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4258.json"},{"CVE":"CVE-2010-4650","severity":null,"public_date":"2010-11-30T00:00:00Z","advisories":[],"bugzilla":"667892","bugzilla_description":"CVE-2010-4650 kernel: fuse: verify ioctl retries","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4650.json"},{"CVE":"CVE-2011-4621","severity":"moderate","public_date":"2010-11-21T00:00:00Z","advisories":["RHSA-2011:1849"],"bugzilla":"769711","bugzilla_description":"CVE-2011-4621 kernel: tight loop and no preemption can cause system stall","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-220.2.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4621.json"},{"CVE":"CVE-2018-10901","severity":"important","public_date":"2010-08-02T00:00:00Z","advisories":["RHSA-2018:2393","RHSA-2018:2394","RHSA-2018:2391","RHSA-2018:2392","RHSA-2018:2390"],"bugzilla":"1601849","bugzilla_description":"CVE-2018-10901 kernel: kvm: vmx: host GDT limit corruption","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-665","affected_packages":["kernel-0:2.6.32-754.3.5.el6","kernel-0:2.6.32-358.91.4.el6","kernel-0:2.6.32-504.72.4.el6","kernel-0:2.6.32-431.91.3.el6","kernel-0:2.6.32-573.60.4.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10901.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2011-1585","severity":"low","public_date":"2010-08-02T00:00:00Z","advisories":["RHSA-2011:1253","RHSA-2011:1386"],"bugzilla":"697394","bugzilla_description":"CVE-2011-1585 kernel: cifs session reuse","cvss_score":3.3,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["kernel-rt-0:2.6.33.9-rt31.75.el6rt","kernel-0:2.6.18-274.7.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1585.json"},{"CVE":"CVE-2010-5329","severity":"low","public_date":"2010-07-12T00:00:00Z","advisories":[],"bugzilla":"1455067","bugzilla_description":"CVE-2010-5329 kernel: video_usercopy function uses count value of a v4l2_ext_controls data structure","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-5329.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2010-5328","severity":"low","public_date":"2010-05-27T00:00:00Z","advisories":[],"bugzilla":"1358840","bugzilla_description":"CVE-2010-5328 kernel: Processes having the same group as `init` can crash kernel","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-456","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-5328.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2011-2525","severity":"moderate","public_date":"2010-05-21T00:00:00Z","advisories":["RHSA-2011:1065","RHSA-2011:1163"],"bugzilla":"720552","bugzilla_description":"CVE-2011-2525 kernel: kernel: net_sched: fix qdisc_notify()","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.18-274.el5","kernel-0:2.6.18-238.21.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2525.json"},{"CVE":"CVE-2010-4526","severity":"important","public_date":"2010-05-06T00:00:00Z","advisories":["RHSA-2011:0421","RHSA-2011:0163","RHSA-2011:1253"],"bugzilla":"664914","bugzilla_description":"CVE-2010-4526 kernel: sctp: a race between ICMP protocol unreachable and connect()","cvss_score":7.1,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:C","CWE":"CWE-662->CWE-362->CWE-672->CWE-119","affected_packages":["kernel-0:2.6.32-71.24.1.el6","kernel-0:2.6.18-238.1.1.el5","kernel-rt-0:2.6.33.9-rt31.75.el6rt"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4526.json"},{"CVE":"CVE-2013-2017","severity":"moderate","public_date":"2010-05-06T00:00:00Z","advisories":["RHSA-2013:0911"],"bugzilla":"957705","bugzilla_description":"CVE-2013-2017 kernel: veth: double-free flaw in case of congestion","cvss_score":5.4,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-358.11.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2017.json"},{"CVE":"CVE-2013-2128","severity":"moderate","public_date":"2010-03-30T00:00:00Z","advisories":["RHSA-2013:1051","RHSA-2013:1080"],"bugzilla":"968484","bugzilla_description":"CVE-2013-2128 Kernel: net: oops from tcp_collapse() when using splice(2)","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-358.14.1.el6","kernel-0:2.6.32-358.114.1.openstack.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2128.json"},{"CVE":"CVE-2010-3448","severity":"moderate","public_date":"2010-02-26T00:00:00Z","advisories":["RHSA-2010:0839"],"bugzilla":"652122","bugzilla_description":"CVE-2010-3448 kernel: thinkpad-acpi: lock down video output state access","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.18-194.26.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3448.json"},{"CVE":"CVE-2011-1767","severity":"moderate","public_date":"2010-02-16T00:00:00Z","advisories":["RHSA-2011:0928","RHSA-2011:1253"],"bugzilla":"702303","bugzilla_description":"CVE-2011-1767 CVE-2011-1768 kernel: netns vs proto registration ordering","cvss_score":5.4,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-rt-0:2.6.33.9-rt31.75.el6rt","kernel-0:2.6.32-131.6.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1767.json"},{"CVE":"CVE-2011-1768","severity":"moderate","public_date":"2010-02-16T00:00:00Z","advisories":["RHSA-2011:0928","RHSA-2011:1253"],"bugzilla":"702303","bugzilla_description":"CVE-2011-1767 CVE-2011-1768 kernel: netns vs proto registration ordering","cvss_score":5.4,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-rt-0:2.6.33.9-rt31.75.el6rt","kernel-0:2.6.32-131.6.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1768.json"},{"CVE":"CVE-2012-0879","severity":"moderate","public_date":"2009-12-04T00:00:00Z","advisories":["RHSA-2012:0481"],"bugzilla":"796829","bugzilla_description":"CVE-2012-0879 kernel: block: CLONE_IO io_context refcounting issues","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.32-220.13.1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0879.json"},{"CVE":"CVE-2012-4444","severity":"low","public_date":"2009-12-01T00:00:00Z","advisories":["RHSA-2012:1580","RHSA-2013:0168"],"bugzilla":"874835","bugzilla_description":"CVE-2012-4444 kernel: net: acceptation of overlapping ipv6 fragments","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["kernel-0:2.6.32-279.19.1.el6","kernel-0:2.6.18-348.1.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4444.json"},{"CVE":"CVE-2009-4067","severity":"low","public_date":"2009-10-29T00:00:00Z","advisories":["RHSA-2011:1386"],"bugzilla":"722393","bugzilla_description":"CVE-2009-4067 kernel: usb: buffer overflow in auerswald_probe()","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["kernel-0:2.6.18-274.7.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4067.json"},{"CVE":"CVE-2011-4324","severity":"moderate","public_date":"2008-12-23T00:00:00Z","advisories":["RHSA-2012:0007"],"bugzilla":"755440","bugzilla_description":"CVE-2011-4324 kernel: nfsv4: mknod(2) DoS","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.18-274.17.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4324.json"},{"CVE":"CVE-2012-0028","severity":"important","public_date":"2008-11-15T00:00:00Z","advisories":["RHSA-2012:0107","RHSA-2012:0358"],"bugzilla":"771764","bugzilla_description":"CVE-2012-0028 kernel: futex: clear robust_list on execve","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["kernel-0:2.6.18-274.18.1.el5","kernel-0:2.6.18-238.35.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0028.json"},{"CVE":"CVE-2006-3635","severity":"moderate","public_date":"2008-05-27T00:00:00Z","advisories":[],"bugzilla":"1483905","bugzilla_description":"CVE-2006-3635 kernel: Mishandling of invalid Register Stack Engine (RSE) state causes stack consumption and system crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3635.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2011-3209","severity":"moderate","public_date":"2008-05-01T00:00:00Z","advisories":["RHSA-2011:1386","RHSA-2011:1418","RHSA-2011:1419"],"bugzilla":"732878","bugzilla_description":"CVE-2011-3209 kernel: panic occurs when clock_gettime() is called","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["kernel-0:2.6.18-128.36.1.el5","kernel-0:2.6.18-274.7.1.el5","kernel-0:2.6.18-238.28.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3209.json"},{"CVE":"CVE-2012-3510","severity":"moderate","public_date":"2006-10-30T00:00:00Z","advisories":["RHSA-2012:1323"],"bugzilla":"849722","bugzilla_description":"CVE-2012-3510 kernel: taskstats: use-after-free in xacct_add_tsk()","cvss_score":5.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:C","CWE":"CWE-416","affected_packages":["kernel-0:2.6.18-308.16.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3510.json"},{"CVE":"CVE-2003-1604","severity":"moderate","public_date":"2003-10-20T00:00:00Z","advisories":[],"bugzilla":"1303072","bugzilla_description":"CVE-2003-1604 kernel: Missing NULL pointer check in nf_nat_redirect_ipv4","cvss_score":5.4,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:C","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-1604.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tk-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tk-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tk-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tk_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tk_security_api_results.json new file mode 100644 index 0000000..51f3d49 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tk_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-14355","severity":"important","public_date":"2020-10-06T12:00:00Z","advisories":["RHSA-2020:4187","RHSA-2020:4186","RHSA-2020:4185","RHSA-2020:4184"],"bugzilla":"1868435","bugzilla_description":"CVE-2020-14355 spice: multiple buffer overflow vulnerabilities in QUIC decoding code","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["spice-gtk-0:0.35-5.el7_9.1","spice-gtk-0:0.37-1.el8_2.2","spice-0:0.14.0-9.el7_9.1","spice-0:0.14.2-1.el8_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14355.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L","cvss3_score":"5.5"},{"CVE":"CVE-2020-9862","severity":"moderate","public_date":"2020-07-29T00:00:00Z","advisories":[],"bugzilla":"1879532","bugzilla_description":"CVE-2020-9862 webkitgtk: Command injection in web inspector","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-77","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9862.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2020-9893","severity":"moderate","public_date":"2020-07-29T00:00:00Z","advisories":[],"bugzilla":"1879535","bugzilla_description":"CVE-2020-9893 webkitgtk: Use-after-free may lead to application termination or arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119->CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9893.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-9894","severity":"moderate","public_date":"2020-07-29T00:00:00Z","advisories":[],"bugzilla":"1879536","bugzilla_description":"CVE-2020-9894 webkitgtk: Out-of-bounds read may lead to unexpected application termination or arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9894.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2020-9895","severity":"moderate","public_date":"2020-07-29T00:00:00Z","advisories":[],"bugzilla":"1879538","bugzilla_description":"CVE-2020-9895 webkitgtk: Use-after-free may lead to application termination or arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9895.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2020-9915","severity":"moderate","public_date":"2020-07-29T00:00:00Z","advisories":[],"bugzilla":"1879540","bugzilla_description":"CVE-2020-9915 webkitgtk: Access issue in content security policy","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9915.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2020-9925","severity":"moderate","public_date":"2020-07-29T00:00:00Z","advisories":[],"bugzilla":"1879541","bugzilla_description":"CVE-2020-9925 webkitgtk: A logic issue may lead to cross site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-841->CWE-79","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9925.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","cvss3_score":"7.1"},{"CVE":"CVE-2020-9802","severity":"moderate","public_date":"2020-07-10T00:00:00Z","advisories":[],"bugzilla":"1879545","bugzilla_description":"CVE-2020-9802 webkitgtk: Logic issue may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-841","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9802.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-9803","severity":"moderate","public_date":"2020-07-10T00:00:00Z","advisories":[],"bugzilla":"1879557","bugzilla_description":"CVE-2020-9803 webkitgtk: Memory corruption may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9803.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-9805","severity":"moderate","public_date":"2020-07-10T00:00:00Z","advisories":[],"bugzilla":"1879559","bugzilla_description":"CVE-2020-9805 webkitgtk: Logic issue may lead to cross site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-841->CWE-79","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9805.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","cvss3_score":"7.1"},{"CVE":"CVE-2020-9806","severity":"moderate","public_date":"2020-07-10T00:00:00Z","advisories":[],"bugzilla":"1879563","bugzilla_description":"CVE-2020-9806 webkitgtk: Memory corruption may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9806.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-9807","severity":"moderate","public_date":"2020-07-10T00:00:00Z","advisories":[],"bugzilla":"1879564","bugzilla_description":"CVE-2020-9807 webkitgtk: Memory corruption may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9807.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-9843","severity":"moderate","public_date":"2020-07-10T00:00:00Z","advisories":[],"bugzilla":"1879566","bugzilla_description":"CVE-2020-9843 webkitgtk: Input validation issue may lead to cross site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->CWE-79","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9843.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","cvss3_score":"7.1"},{"CVE":"CVE-2020-9850","severity":"moderate","public_date":"2020-07-10T00:00:00Z","advisories":[],"bugzilla":"1879568","bugzilla_description":"CVE-2020-9850 webkitgtk: Logic issue may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-841","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9850.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2020-13753","severity":"moderate","public_date":"2020-07-10T00:00:00Z","advisories":[],"bugzilla":"1879570","bugzilla_description":"CVE-2020-13753 webkitgtk: Improper access management to CLONE_NEWUSER and the TIOCSTI ioctl","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284->CWE-77","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13753.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","cvss3_score":"10.0"},{"CVE":"CVE-2020-3885","severity":"low","public_date":"2020-04-27T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876462","bugzilla_description":"CVE-2020-3885 webkitgtk: Incorrect processing of file URLs","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3885.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2020-3894","severity":"low","public_date":"2020-04-27T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876463","bugzilla_description":"CVE-2020-3894 webkitgtk: Race condition allows reading of restricted memory","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3894.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"3.1"},{"CVE":"CVE-2020-3895","severity":"moderate","public_date":"2020-04-27T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876465","bugzilla_description":"CVE-2020-3895 webkitgtk: Memory corruption triggered by a malicious web content","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3895.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-3897","severity":"moderate","public_date":"2020-04-27T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876468","bugzilla_description":"CVE-2020-3897 webkitgtk: Type confusion leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3897.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-3899","severity":"moderate","public_date":"2020-04-27T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876470","bugzilla_description":"CVE-2020-3899 webkitgtk: Memory consumption issue leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3899.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-3900","severity":"moderate","public_date":"2020-04-27T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876472","bugzilla_description":"CVE-2020-3900 webkitgtk: Memory corruption triggered by a malicious web content","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3900.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-3901","severity":"moderate","public_date":"2020-04-27T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876473","bugzilla_description":"CVE-2020-3901 webkitgtk: Type confusion leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3901.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-3902","severity":"moderate","public_date":"2020-04-27T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876476","bugzilla_description":"CVE-2020-3902 webkitgtk: Input validation issue leading to cross-site script attack","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3902.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2020-11793","severity":"moderate","public_date":"2020-04-16T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1829369","bugzilla_description":"CVE-2020-11793 webkitgtk: use-after-free via crafted web content","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11793.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-10018","severity":"moderate","public_date":"2020-03-02T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1811721","bugzilla_description":"CVE-2020-10018 webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10018.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-3862","severity":"low","public_date":"2020-02-14T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876516","bugzilla_description":"CVE-2020-3862 webkitgtk: Denial of service via incorrect memory handling","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3862.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2020-3864","severity":"moderate","public_date":"2020-02-14T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876518","bugzilla_description":"CVE-2020-3864 webkitgtk: Non-unique security origin for DOM object contexts","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3864.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2020-3865","severity":"moderate","public_date":"2020-02-14T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876521","bugzilla_description":"CVE-2020-3865 webkitgtk: Incorrect security check for a top-level DOM object context","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3865.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-3867","severity":"moderate","public_date":"2020-02-14T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876522","bugzilla_description":"CVE-2020-3867 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3867.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2020-3868","severity":"moderate","public_date":"2020-02-14T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876523","bugzilla_description":"CVE-2020-3868 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3868.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8846","severity":"moderate","public_date":"2020-01-23T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1816678","bugzilla_description":"CVE-2019-8846 webkitgtk: Use after free issue may lead to remote code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8846.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2019-8835","severity":"moderate","public_date":"2020-01-23T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1816684","bugzilla_description":"CVE-2019-8835 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8835.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2019-8844","severity":"moderate","public_date":"2020-01-23T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1816686","bugzilla_description":"CVE-2019-8844 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8844.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2016-4761","severity":"moderate","public_date":"2020-01-22T00:00:00Z","advisories":[],"bugzilla":"1800137","bugzilla_description":"CVE-2016-4761 webkitgtk: use-after-free leads to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4761.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8710","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876536","bugzilla_description":"CVE-2019-8710 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8710.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8743","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876537","bugzilla_description":"CVE-2019-8743 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8743.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8764","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876540","bugzilla_description":"CVE-2019-8764 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8764.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-8765","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876542","bugzilla_description":"CVE-2019-8765 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8765.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8766","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876543","bugzilla_description":"CVE-2019-8766 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8766.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8782","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876545","bugzilla_description":"CVE-2019-8782 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8782.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8783","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876548","bugzilla_description":"CVE-2019-8783 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8783.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8808","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876549","bugzilla_description":"CVE-2019-8808 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8808.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8811","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876550","bugzilla_description":"CVE-2019-8811 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8811.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8812","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876552","bugzilla_description":"CVE-2019-8812 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8812.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8813","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876553","bugzilla_description":"CVE-2019-8813 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8813.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-8814","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876554","bugzilla_description":"CVE-2019-8814 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8814.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8815","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876555","bugzilla_description":"CVE-2019-8815 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8815.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8816","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876556","bugzilla_description":"CVE-2019-8816 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8816.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8819","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876590","bugzilla_description":"CVE-2019-8819 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8819.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8820","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876591","bugzilla_description":"CVE-2019-8820 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8820.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8821","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876592","bugzilla_description":"CVE-2019-8821 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8821.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8822","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876593","bugzilla_description":"CVE-2019-8822 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8822.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8823","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876594","bugzilla_description":"CVE-2019-8823 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8823.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8625","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876607","bugzilla_description":"CVE-2019-8625 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8625.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-8674","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876608","bugzilla_description":"CVE-2019-8674 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8674.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-8707","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876609","bugzilla_description":"CVE-2019-8707 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8707.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8719","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876610","bugzilla_description":"CVE-2019-8719 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8719.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-8720","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876611","bugzilla_description":"CVE-2019-8720 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8720.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8726","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876612","bugzilla_description":"CVE-2019-8726 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8726.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8733","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876613","bugzilla_description":"CVE-2019-8733 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8733.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8735","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876614","bugzilla_description":"CVE-2019-8735 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8735.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8763","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876615","bugzilla_description":"CVE-2019-8763 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8763.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8768","severity":"low","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876616","bugzilla_description":"CVE-2019-8768 webkitgtk: Browsing history could not be deleted","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8768.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2019-8769","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876617","bugzilla_description":"CVE-2019-8769 webkitgtk: Websites could reveal browsing history","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8769.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2019-8771","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876619","bugzilla_description":"CVE-2019-8771 webkitgtk: Violation of iframe sandboxing policy","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8771.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","cvss3_score":"5.4"},{"CVE":"CVE-2019-8644","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876626","bugzilla_description":"CVE-2019-8644 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8644.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8649","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876628","bugzilla_description":"CVE-2019-8649 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8649.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-8658","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876629","bugzilla_description":"CVE-2019-8658 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8658.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-8666","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876630","bugzilla_description":"CVE-2019-8666 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8666.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8669","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876631","bugzilla_description":"CVE-2019-8669 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8669.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8671","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876632","bugzilla_description":"CVE-2019-8671 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8671.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8672","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876634","bugzilla_description":"CVE-2019-8672 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8672.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8673","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876643","bugzilla_description":"CVE-2019-8673 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8673.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8676","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876644","bugzilla_description":"CVE-2019-8676 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8676.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8677","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876645","bugzilla_description":"CVE-2019-8677 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8677.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8678","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876646","bugzilla_description":"CVE-2019-8678 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8678.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8679","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876647","bugzilla_description":"CVE-2019-8679 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8679.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8680","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876648","bugzilla_description":"CVE-2019-8680 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8680.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8681","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876650","bugzilla_description":"CVE-2019-8681 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8681.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8683","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876651","bugzilla_description":"CVE-2019-8683 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8683.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8684","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876652","bugzilla_description":"CVE-2019-8684 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8684.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8686","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876653","bugzilla_description":"CVE-2019-8686 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8686.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8687","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876655","bugzilla_description":"CVE-2019-8687 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8687.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8688","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876656","bugzilla_description":"CVE-2019-8688 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8688.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8689","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876657","bugzilla_description":"CVE-2019-8689 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8689.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8690","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876664","bugzilla_description":"CVE-2019-8690 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8690.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-6237","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876880","bugzilla_description":"CVE-2019-6237 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6237.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8571","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876881","bugzilla_description":"CVE-2019-8571 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8571.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8583","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876882","bugzilla_description":"CVE-2019-8583 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8583.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8584","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876883","bugzilla_description":"CVE-2019-8584 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8584.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8586","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876884","bugzilla_description":"CVE-2019-8586 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8586.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8587","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876887","bugzilla_description":"CVE-2019-8587 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8587.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8594","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876891","bugzilla_description":"CVE-2019-8594 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8594.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8595","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876892","bugzilla_description":"CVE-2019-8595 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8595.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8596","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876893","bugzilla_description":"CVE-2019-8596 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8596.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8597","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876894","bugzilla_description":"CVE-2019-8597 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8597.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8601","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876895","bugzilla_description":"CVE-2019-8601 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8601.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8607","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876897","bugzilla_description":"CVE-2019-8607 webkitgtk: Out-of-bounds read leading to memory disclosure","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8607.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2019-8608","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876898","bugzilla_description":"CVE-2019-8608 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8608.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8609","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876899","bugzilla_description":"CVE-2019-8609 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8609.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8610","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876900","bugzilla_description":"CVE-2019-8610 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8610.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8615","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1877045","bugzilla_description":"CVE-2019-8615 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8615.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8611","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1877046","bugzilla_description":"CVE-2019-8611 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8611.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8619","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1877047","bugzilla_description":"CVE-2019-8619 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8619.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8622","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1877048","bugzilla_description":"CVE-2019-8622 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8622.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8623","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1877049","bugzilla_description":"CVE-2019-8623 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8623.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-11070","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1709289","bugzilla_description":"CVE-2019-11070 webkitgtk: HTTP proxy setting deanonymization information disclosure","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11070.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2019-7285","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":[],"bugzilla":"1718725","bugzilla_description":"CVE-2019-7285 webkitgtk: crafted web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7285.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-7292","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":[],"bugzilla":"1719131","bugzilla_description":"CVE-2019-7292 webkitgtk: arbitrary code execution via malicious web content","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7292.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8503","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":[],"bugzilla":"1719147","bugzilla_description":"CVE-2019-8503 webkitgtk: logic issue leads to code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8503.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8506","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719199","bugzilla_description":"CVE-2019-8506 webkitgtk: malicous web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8506.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8515","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":[],"bugzilla":"1719204","bugzilla_description":"CVE-2019-8515 webkitgtk: malicious crafted web content leads to information disclosure","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8515.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2019-8518","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719206","bugzilla_description":"CVE-2019-8518 webkitgtk: malicious web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8518.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8523","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719208","bugzilla_description":"CVE-2019-8523 webkitgtk: malicious web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8523.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8524","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719209","bugzilla_description":"CVE-2019-8524 webkitgtk: malicious web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8524.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8535","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719210","bugzilla_description":"CVE-2019-8535 webkitgtk: malicious crafted web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8535.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8536","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719213","bugzilla_description":"CVE-2019-8536 webkitgtk: malicious crafted web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8536.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8544","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719224","bugzilla_description":"CVE-2019-8544 webkitgtk: malicious crafted web content leads to arbitrary we content","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8544.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8558","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719231","bugzilla_description":"CVE-2019-8558 webkitgtk: malicious crafted web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8558.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8559","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719235","bugzilla_description":"CVE-2019-8559 webkitgtk: malicious web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8559.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8563","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719237","bugzilla_description":"CVE-2019-8563 webkitgtk: malicious web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8563.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8551","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1719238","bugzilla_description":"CVE-2019-8551 webkitgtk: malicious web content leads to cross site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8551.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-18928","severity":"low","public_date":"2018-10-30T00:00:00Z","advisories":[],"bugzilla":"1646702","bugzilla_description":"CVE-2018-18928 icu: integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18928.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2019-6251","severity":"moderate","public_date":"2018-09-11T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1667409","bugzilla_description":"CVE-2019-6251 webkitgtk: processing maliciously crafted web content lead to URI spoofing","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6251.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2018-10893","severity":"moderate","public_date":"2018-06-25T00:00:00Z","advisories":["RHSA-2020:0471","RHSA-2019:2229"],"bugzilla":"1598234","bugzilla_description":"CVE-2018-10893 spice-client: Insufficient encoding checks for LZ can cause different integer/buffer overflows","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-122|CWE-190)","affected_packages":["spice-gtk-0:0.26-8.el6_10.2","spice-gtk-0:0.35-4.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10893.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L","cvss3_score":"7.6"},{"CVE":"CVE-2018-11713","severity":"moderate","public_date":"2018-06-07T00:00:00Z","advisories":[],"bugzilla":"1588739","bugzilla_description":"CVE-2018-11713 webkitgtk: WebSockets don't use system proxy settings","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11713.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2018-11712","severity":"moderate","public_date":"2018-06-07T00:00:00Z","advisories":[],"bugzilla":"1588742","bugzilla_description":"CVE-2018-11712 webkitgtk: Improper TLS certificate verification for WebSocket connections","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-295","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11712.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2018-4204","severity":"moderate","public_date":"2018-05-07T00:00:00Z","advisories":[],"bugzilla":"1577374","bugzilla_description":"CVE-2018-4204 webkitgtk: memory corruption processing maliciously crafted web content","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-4204.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"5.0"},{"CVE":"CVE-2018-4200","severity":"moderate","public_date":"2018-05-07T00:00:00Z","advisories":[],"bugzilla":"1577385","bugzilla_description":"CVE-2018-4200 webkitgtk: memory corruption processing maliciously crafted web content","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-4200.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"5.0"},{"CVE":"CVE-2018-4121","severity":"moderate","public_date":"2018-05-07T00:00:00Z","advisories":[],"bugzilla":"1577387","bugzilla_description":"CVE-2018-4121 webkitgtk: memory corruption processing maliciously crafted web content","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-4121.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"5.0"},{"CVE":"CVE-2017-12194","severity":"moderate","public_date":"2018-03-14T00:00:00Z","advisories":[],"bugzilla":"1501200","bugzilla_description":"CVE-2017-12194 spice-gtk: Integer overflows causing buffer overflows in spice-client","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12194.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"5.5"},{"CVE":"CVE-2017-13856","severity":"moderate","public_date":"2017-12-13T00:00:00Z","advisories":[],"bugzilla":"1527747","bugzilla_description":"CVE-2017-13856 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13856.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2017-13866","severity":"moderate","public_date":"2017-12-13T00:00:00Z","advisories":[],"bugzilla":"1527756","bugzilla_description":"CVE-2017-13866 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13866.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2017-13870","severity":"moderate","public_date":"2017-12-13T00:00:00Z","advisories":[],"bugzilla":"1527757","bugzilla_description":"CVE-2017-13870 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13870.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2017-7156","severity":"moderate","public_date":"2017-12-13T00:00:00Z","advisories":[],"bugzilla":"1527759","bugzilla_description":"CVE-2017-7156 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7156.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2017-7157","severity":"moderate","public_date":"2017-12-13T00:00:00Z","advisories":[],"bugzilla":"1527760","bugzilla_description":"CVE-2017-7157 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7157.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2017-5884","severity":"low","public_date":"2017-02-01T00:00:00Z","advisories":["RHSA-2017:2258"],"bugzilla":"1418944","bugzilla_description":"CVE-2017-5884 gtk-vnc: Improper check of framebuffer boundaries when processing a tile","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":["gtk-vnc-0:0.7.0-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5884.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.1"},{"CVE":"CVE-2017-5885","severity":"low","public_date":"2017-02-01T00:00:00Z","advisories":["RHSA-2017:2258"],"bugzilla":"1418952","bugzilla_description":"CVE-2017-5885 gtk-vnc: Integer overflow when processing SetColorMapEntries","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":["gtk-vnc-0:0.7.0-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5885.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.1"},{"CVE":"CVE-2016-3066","severity":"low","public_date":"2016-03-22T00:00:00Z","advisories":[],"bugzilla":"1320263","bugzilla_description":"CVE-2016-3066 spice-gtk: hijacks clipboard and sends contents to remote servers","cvss_score":3.5,"cvss_scoring_vector":"AV:N/AC:M/Au:S/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3066.json"},{"CVE":"CVE-2015-2330","severity":"moderate","public_date":"2015-03-17T00:00:00Z","advisories":[],"bugzilla":"1204653","bugzilla_description":"CVE-2015-2330 webkitgtk: TLS certificate late verification","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2330.json"},{"CVE":"CVE-2015-1209","severity":"important","public_date":"2015-02-04T00:00:00Z","advisories":["RHSA-2015:0163"],"bugzilla":"1190123","bugzilla_description":"CVE-2015-1209 chromium-browser: use-after-free in DOM","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["chromium-browser-0:40.0.2214.111-1.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1209.json"},{"CVE":"CVE-2015-1212","severity":"important","public_date":"2015-02-04T00:00:00Z","advisories":["RHSA-2015:0163"],"bugzilla":"1190158","bugzilla_description":"CVE-2015-1212 chromium-browser: various security fixes in Chrome 40.0.2214.111","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["chromium-browser-0:40.0.2214.111-1.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1212.json"},{"CVE":"CVE-2013-2871","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186231","bugzilla_description":"CVE-2013-2871 webkitgtk: use-after-free vulnerability in the handling of input (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2871.json"},{"CVE":"CVE-2013-2875","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186232","bugzilla_description":"CVE-2013-2875 webkitgtk: out-of-bounds read in the SVG implementation (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2875.json"},{"CVE":"CVE-2013-2927","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186233","bugzilla_description":"CVE-2013-2927 webkitgtk: use-after-free in the HTMLFormElement::prepareForSubmission() (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2927.json"},{"CVE":"CVE-2014-1292","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186234","bugzilla_description":"CVE-2014-1292 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1292.json"},{"CVE":"CVE-2014-1297","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186236","bugzilla_description":"CVE-2014-1297 webkitgtk: improper WebProcess IPC messages validation (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1297.json"},{"CVE":"CVE-2014-1298","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186237","bugzilla_description":"CVE-2014-1298 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1298.json"},{"CVE":"CVE-2014-1299","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186238","bugzilla_description":"CVE-2014-1299 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1299.json"},{"CVE":"CVE-2014-1300","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186239","bugzilla_description":"CVE-2014-1300 webkitgtk: arbitrary code execution with root privileges (WSA-2015-0001)","cvss_score":7.3,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:C/I:C/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1300.json"},{"CVE":"CVE-2014-1303","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186241","bugzilla_description":"CVE-2014-1303 webkitgtk: heap-based buffer overflow (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1303.json"},{"CVE":"CVE-2014-1304","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186242","bugzilla_description":"CVE-2014-1304 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1304.json"},{"CVE":"CVE-2014-1305","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186243","bugzilla_description":"CVE-2014-1305 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1305.json"},{"CVE":"CVE-2014-1307","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186245","bugzilla_description":"CVE-2014-1307 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1307.json"},{"CVE":"CVE-2014-1308","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186246","bugzilla_description":"CVE-2014-1308 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1308.json"},{"CVE":"CVE-2014-1309","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186247","bugzilla_description":"CVE-2014-1309 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1309.json"},{"CVE":"CVE-2014-1311","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186248","bugzilla_description":"CVE-2014-1311 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1311.json"},{"CVE":"CVE-2014-1313","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186250","bugzilla_description":"CVE-2014-1313 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1313.json"},{"CVE":"CVE-2014-1323","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186251","bugzilla_description":"CVE-2014-1323 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1323.json"},{"CVE":"CVE-2014-1326","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186252","bugzilla_description":"CVE-2014-1326 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1326.json"},{"CVE":"CVE-2014-1329","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186253","bugzilla_description":"CVE-2014-1329 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1329.json"},{"CVE":"CVE-2014-1330","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186254","bugzilla_description":"CVE-2014-1330 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1330.json"},{"CVE":"CVE-2014-1331","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186255","bugzilla_description":"CVE-2014-1331 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1331.json"},{"CVE":"CVE-2014-1333","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186258","bugzilla_description":"CVE-2014-1333 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1333.json"},{"CVE":"CVE-2014-1334","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186259","bugzilla_description":"CVE-2014-1334 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1334.json"},{"CVE":"CVE-2014-1335","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186262","bugzilla_description":"CVE-2014-1335 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1335.json"},{"CVE":"CVE-2014-1336","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186263","bugzilla_description":"CVE-2014-1336 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1336.json"},{"CVE":"CVE-2014-1337","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186264","bugzilla_description":"CVE-2014-1337 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1337.json"},{"CVE":"CVE-2014-1338","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186265","bugzilla_description":"CVE-2014-1338 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1338.json"},{"CVE":"CVE-2014-1339","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186266","bugzilla_description":"CVE-2014-1339 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1339.json"},{"CVE":"CVE-2014-1341","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186267","bugzilla_description":"CVE-2014-1341 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1341.json"},{"CVE":"CVE-2014-1342","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186268","bugzilla_description":"CVE-2014-1342 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1342.json"},{"CVE":"CVE-2014-1343","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186269","bugzilla_description":"CVE-2014-1343 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1343.json"},{"CVE":"CVE-2014-1346","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186270","bugzilla_description":"CVE-2014-1346 webkitgtk: improper Unicode encoding interpretation (WSA-2015-0001)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1346.json"},{"CVE":"CVE-2014-1713","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186271","bugzilla_description":"CVE-2014-1713 webkitgtk: use-after-free in the AttributeSetter function (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1713.json"},{"CVE":"CVE-2014-1731","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186273","bugzilla_description":"CVE-2014-1731 webkitgtk: improper renderer state check in core/html/HTMLSelectElement.cpp (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1731.json"},{"CVE":"CVE-2014-7907","severity":"important","public_date":"2014-11-18T00:00:00Z","advisories":["RHSA-2014:1894"],"bugzilla":"1165656","bugzilla_description":"CVE-2014-7907 chromium-browser: Use-after-free in blink","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["chromium-browser-0:39.0.2171.65-2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7907.json"},{"CVE":"CVE-2014-7908","severity":"important","public_date":"2014-11-18T00:00:00Z","advisories":["RHSA-2014:1894"],"bugzilla":"1165657","bugzilla_description":"CVE-2014-7908 chromium-browser: Integer overflow in media","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-190","affected_packages":["chromium-browser-0:39.0.2171.65-2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7908.json"},{"CVE":"CVE-2014-7910","severity":"moderate","public_date":"2014-11-18T00:00:00Z","advisories":["RHSA-2014:1894"],"bugzilla":"1165662","bugzilla_description":"CVE-2014-7910 chromium-browser: Unspecified security issues","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["chromium-browser-0:39.0.2171.65-2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7910.json"},{"CVE":"CVE-2014-1344","severity":"moderate","public_date":"2014-11-08T00:00:00Z","advisories":[],"bugzilla":"1181090","bugzilla_description":"CVE-2014-1344 webkitgtk: arbitrary code execution and denial of service","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1344.json"},{"CVE":"CVE-2014-1384","severity":"moderate","public_date":"2014-11-08T00:00:00Z","advisories":[],"bugzilla":"1181095","bugzilla_description":"CVE-2014-1384 webkitgtk: arbitrary code execution and denial of service","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1384.json"},{"CVE":"CVE-2014-1385","severity":"moderate","public_date":"2014-11-08T00:00:00Z","advisories":[],"bugzilla":"1181096","bugzilla_description":"CVE-2014-1385 webkitgtk: arbitrary code execution and denial of service","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1385.json"},{"CVE":"CVE-2014-1386","severity":"moderate","public_date":"2014-11-08T00:00:00Z","advisories":[],"bugzilla":"1181098","bugzilla_description":"CVE-2014-1386 webkitgtk: arbitrary code execution and denial of service","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1386.json"},{"CVE":"CVE-2014-1387","severity":"moderate","public_date":"2014-11-08T00:00:00Z","advisories":[],"bugzilla":"1181099","bugzilla_description":"CVE-2014-1387 webkitgtk: arbitrary code execution and denial of service","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1387.json"},{"CVE":"CVE-2014-1388","severity":"moderate","public_date":"2014-11-08T00:00:00Z","advisories":[],"bugzilla":"1181101","bugzilla_description":"CVE-2014-1388 webkitgtk: arbitrary code execution and denial of service","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1388.json"},{"CVE":"CVE-2014-1389","severity":"moderate","public_date":"2014-11-08T00:00:00Z","advisories":[],"bugzilla":"1181102","bugzilla_description":"CVE-2014-1389 webkitgtk: arbitrary code execution and denial of service","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1389.json"},{"CVE":"CVE-2014-1390","severity":"moderate","public_date":"2014-11-08T00:00:00Z","advisories":[],"bugzilla":"1181103","bugzilla_description":"CVE-2014-1390 webkitgtk: arbitrary code execution and denial of service","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1390.json"},{"CVE":"CVE-2014-3194","severity":"critical","public_date":"2014-10-07T00:00:00Z","advisories":["RHSA-2014:1626"],"bugzilla":"1151383","bugzilla_description":"CVE-2014-3194 chromium: use-after-free issue in Web Workers fixed in Chrome 38.0.2125.101","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["chromium-browser-0:38.0.2125.101-2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3194.json"},{"CVE":"CVE-2014-3192","severity":"critical","public_date":"2014-10-07T00:00:00Z","advisories":["RHSA-2014:1626"],"bugzilla":"1151395","bugzilla_description":"CVE-2014-3192 chromium: use-after-free in DOM, fixed in Chrome 38.0.2125.101","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["chromium-browser-0:38.0.2125.101-2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3192.json"},{"CVE":"CVE-2014-3197","severity":"moderate","public_date":"2014-10-07T00:00:00Z","advisories":["RHSA-2014:1626"],"bugzilla":"1151422","bugzilla_description":"CVE-2014-3197 chromium: information leak in XSS Auditor fixed in Chrome 38.0.2125.101","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":["chromium-browser-0:38.0.2125.101-2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3197.json"},{"CVE":"CVE-2014-3200","severity":"critical","public_date":"2014-10-07T00:00:00Z","advisories":["RHSA-2014:1626"],"bugzilla":"1151425","bugzilla_description":"CVE-2014-3200 chromium: multiple unspecified issues fixed in Chrome 38.0.2125.101","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["chromium-browser-0:38.0.2125.101-2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3200.json"},{"CVE":"CVE-2013-4324","severity":"important","public_date":"2013-09-18T00:00:00Z","advisories":["RHSA-2013:1273"],"bugzilla":"1006669","bugzilla_description":"CVE-2013-4324 spice-gtk: Insecure calling of polkit via polkit_unix_process_new()","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["spice-gtk-0:0.14-7.el6_4.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4324.json"},{"CVE":"CVE-2013-4326","severity":"important","public_date":"2013-09-18T00:00:00Z","advisories":["RHSA-2013:1282"],"bugzilla":"1006677","bugzilla_description":"CVE-2013-4326 rtkit: insecure calling of polkit","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["rtkit-0:0.5-2.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4326.json"},{"CVE":"CVE-2013-7447","severity":"low","public_date":"2013-06-27T00:00:00Z","advisories":[],"bugzilla":"1306681","bugzilla_description":"CVE-2013-7447 gtk2, gtk3: Integer overflow in image handling","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7447.json"},{"CVE":"CVE-2012-4425","severity":"moderate","public_date":"2012-09-12T00:00:00Z","advisories":["RHSA-2012:1284"],"bugzilla":"857283","bugzilla_description":"CVE-2012-4425 spice-gtk/glib: Possible privilege escalation via un-sanitized environment variable","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["spice-gtk-0:0.11-11.el6_3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4425.json"},{"CVE":"CVE-2011-3105","severity":"moderate","public_date":"2012-05-23T00:00:00Z","advisories":[],"bugzilla":"825914","bugzilla_description":"CVE-2011-3105 webkitgtk: Use-after-free in first-letter handling","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3105.json"},{"CVE":"CVE-2011-3086","severity":"moderate","public_date":"2012-05-15T00:00:00Z","advisories":[],"bugzilla":"825957","bugzilla_description":"Webkitgtk: google chrome update [15-May-2012]","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3086.json"},{"CVE":"CVE-2011-3089","severity":"moderate","public_date":"2012-05-15T00:00:00Z","advisories":[],"bugzilla":"825957","bugzilla_description":"Webkitgtk: google chrome update [15-May-2012]","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3089.json"},{"CVE":"CVE-2011-3090","severity":"moderate","public_date":"2012-05-15T00:00:00Z","advisories":[],"bugzilla":"825957","bugzilla_description":"Webkitgtk: google chrome update [15-May-2012]","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3090.json"},{"CVE":"CVE-2011-3093","severity":"moderate","public_date":"2012-05-15T00:00:00Z","advisories":[],"bugzilla":"825957","bugzilla_description":"Webkitgtk: google chrome update [15-May-2012]","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3093.json"},{"CVE":"CVE-2011-3078","severity":"moderate","public_date":"2012-05-01T00:00:00Z","advisories":[],"bugzilla":"817755","bugzilla_description":"Webkitgtk: google chrome update [30-April-2012]","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3078.json"},{"CVE":"CVE-2011-3081","severity":"moderate","public_date":"2012-05-01T00:00:00Z","advisories":[],"bugzilla":"817755","bugzilla_description":"Webkitgtk: google chrome update [30-April-2012]","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3081.json"},{"CVE":"CVE-2012-1521","severity":"moderate","public_date":"2012-05-01T00:00:00Z","advisories":[],"bugzilla":"817755","bugzilla_description":"Webkitgtk: google chrome update [30-April-2012]","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1521.json"},{"CVE":"CVE-2011-3059","severity":"moderate","public_date":"2012-03-28T00:00:00Z","advisories":[],"bugzilla":"807588","bugzilla_description":"Webkitgtk: google chrome update [28-March-2012]","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3059.json"},{"CVE":"CVE-2011-3060","severity":"moderate","public_date":"2012-03-28T00:00:00Z","advisories":[],"bugzilla":"807588","bugzilla_description":"Webkitgtk: google chrome update [28-March-2012]","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3060.json"},{"CVE":"CVE-2011-3064","severity":"moderate","public_date":"2012-03-28T00:00:00Z","advisories":[],"bugzilla":"807596","bugzilla_description":"CVE-2011-3064 WebkitGtk: Use-after-free in SVG clipping.","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3064.json"},{"CVE":"CVE-2012-2370","severity":"low","public_date":"2012-03-25T00:00:00Z","advisories":["RHSA-2013:0135"],"bugzilla":"822468","bugzilla_description":"CVE-2012-2370 gdk-pixbuf: DoS (GLib error and application abort) due to an integer overflow in the XBM image file format loader","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190","affected_packages":["gtk2-0:2.10.4-29.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2370.json"},{"CVE":"CVE-2011-3050","severity":"moderate","public_date":"2012-03-21T00:00:00Z","advisories":[],"bugzilla":"807184","bugzilla_description":"Webkitgtk: google chrome update [21-March-2012]","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3050.json"},{"CVE":"CVE-2011-3051","severity":"moderate","public_date":"2012-03-21T00:00:00Z","advisories":[],"bugzilla":"807184","bugzilla_description":"Webkitgtk: google chrome update [21-March-2012]","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3051.json"},{"CVE":"CVE-2011-3053","severity":"moderate","public_date":"2012-03-21T00:00:00Z","advisories":[],"bugzilla":"807184","bugzilla_description":"Webkitgtk: google chrome update [21-March-2012]","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3053.json"},{"CVE":"CVE-2011-3056","severity":"moderate","public_date":"2012-03-21T00:00:00Z","advisories":[],"bugzilla":"807184","bugzilla_description":"Webkitgtk: google chrome update [21-March-2012]","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3056.json"},{"CVE":"CVE-2011-2896","severity":"moderate","public_date":"2011-08-10T00:00:00Z","advisories":["RHSA-2012:1180","RHSA-2012:1181","RHSA-2011:1635","RHSA-2012:0302"],"bugzilla":"727800","bugzilla_description":"CVE-2011-2896 David Koblas' GIF decoder LZW decoder buffer overflow","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["gimp-2:2.6.9-4.el6_3.3","cups-1:1.3.7-30.el5","gimp-2:2.2.13-2.0.7.el5_8.5","cups-1:1.4.2-44.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2896.json"},{"CVE":"CVE-2011-2485","severity":"low","public_date":"2011-06-23T00:00:00Z","advisories":[],"bugzilla":"715337","bugzilla_description":"CVE-2011-2485 gdk-pixbuf: incorrect error detection in the GIF image loader","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2485.json"},{"CVE":"CVE-2011-0778","severity":"moderate","public_date":"2011-02-03T00:00:00Z","advisories":[],"bugzilla":"676209","bugzilla_description":"CVE-2011-0778 WebKit: restrict cross-origin drag+drop in WebKit","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0778.json"},{"CVE":"CVE-2011-0482","severity":"moderate","public_date":"2011-01-12T00:00:00Z","advisories":[],"bugzilla":"676203","bugzilla_description":"CVE-2011-0482 WebKit: Bad cast during handling of anchors causes crash via crafted HTML documents","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0482.json"},{"CVE":"CVE-2010-4577","severity":"moderate","public_date":"2010-12-13T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"667025","bugzilla_description":"CVE-2010-4577 webkit: CSS Font Face Parsing Type Confusion Vulnerability","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4577.json"},{"CVE":"CVE-2010-4578","severity":"moderate","public_date":"2010-12-13T00:00:00Z","advisories":[],"bugzilla":"676207","bugzilla_description":"CVE-2010-4578 WebKit: Stale SVG pointer in Cursors DOM","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4578.json"},{"CVE":"CVE-2010-4492","severity":"important","public_date":"2010-12-02T00:00:00Z","advisories":[],"bugzilla":"676201","bugzilla_description":"CVE-2010-4492 WebKit: Use-after-free vulnerability in SVG animations","cvss_score":7.5,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","CWE":"CWE-416->CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4492.json"},{"CVE":"CVE-2010-4493","severity":"moderate","public_date":"2010-12-02T00:00:00Z","advisories":[],"bugzilla":"676202","bugzilla_description":"CVE-2010-4493 WebKit: Use-after-free vulnerability related to handling of mouse dragging events.","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4493.json"},{"CVE":"CVE-2017-1000044","severity":"moderate","public_date":"2010-11-29T00:00:00Z","advisories":[],"bugzilla":"1426766","bugzilla_description":"CVE-2017-1000044 gtk-vnc: Incorrect boundaries check when updating framebuffer","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000044.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2010-3813","severity":"moderate","public_date":"2010-11-18T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"667024","bugzilla_description":"CVE-2010-3813 webkit: HTMLLinkElement ignores dnsPrefetchingEnabled setting","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3813.json"},{"CVE":"CVE-2010-4197","severity":"moderate","public_date":"2010-11-04T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"656115","bugzilla_description":"CVE-2010-4197 WebKit: Use-after-free vulnerabiity related to text editing causes memory corruption","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4197.json"},{"CVE":"CVE-2010-4198","severity":"moderate","public_date":"2010-11-04T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"656118","bugzilla_description":"CVE-2010-4198 WebKit: Memory corruption due to improper handling of large text area","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4198.json"},{"CVE":"CVE-2010-4199","severity":"moderate","public_date":"2010-11-04T00:00:00Z","advisories":[],"bugzilla":"656122","bugzilla_description":"CVE-2010-4199 WebKit: Improper cast of an unspecified variable during processing of an SVG use element","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4199.json"},{"CVE":"CVE-2010-4201","severity":"moderate","public_date":"2010-11-04T00:00:00Z","advisories":[],"bugzilla":"656124","bugzilla_description":"CVE-2010-4201 WebKit: Use-after-free vulnerability related to text control selections","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4201.json"},{"CVE":"CVE-2010-4204","severity":"moderate","public_date":"2010-11-04T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"656126","bugzilla_description":"CVE-2010-4204 WebKit: Use-after-free vulnerability related frame object","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4204.json"},{"CVE":"CVE-2010-4206","severity":"moderate","public_date":"2010-11-04T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"656129","bugzilla_description":"CVE-2010-4206 WebKit: Array index error during processing of an SVG document","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4206.json"},{"CVE":"CVE-2010-4205","severity":"moderate","public_date":"2010-11-04T00:00:00Z","advisories":[],"bugzilla":"656132","bugzilla_description":"CVE-2010-4205 WebKit: Improper handling of data types from event objects","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4205.json"},{"CVE":"CVE-2010-4037","severity":"moderate","public_date":"2010-10-19T00:00:00Z","advisories":[],"bugzilla":"657099","bugzilla_description":"CVE-2010-4037 webkit: remote bypass of pop-up blocker","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4037.json"},{"CVE":"CVE-2010-4040","severity":"moderate","public_date":"2010-10-19T00:00:00Z","advisories":[],"bugzilla":"657101","bugzilla_description":"CVE-2010-4040 WebKit: crafted animated GIF image could cause DoS (memory corruption)","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4040.json"},{"CVE":"CVE-2010-4042","severity":"moderate","public_date":"2010-10-19T00:00:00Z","advisories":[],"bugzilla":"676212","bugzilla_description":"CVE-2010-4042 WebKit: Stale elements in an element map causes webkit to crash","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4042.json"},{"CVE":"CVE-2010-1822","severity":"important","public_date":"2010-09-17T00:00:00Z","advisories":[],"bugzilla":"640290","bugzilla_description":"CVE-2010-1822 WebKit: DoS (crash) by processing certain SVG images","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1822.json"},{"CVE":"CVE-2010-3408","severity":"moderate","public_date":"2010-09-14T00:00:00Z","advisories":[],"bugzilla":"634748","bugzilla_description":"CVE-2010-3408 webkit: use-after-free vulnerability in document.close()","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3408.json"},{"CVE":"CVE-2010-3409","severity":"moderate","public_date":"2010-09-14T00:00:00Z","advisories":[],"bugzilla":"634752","bugzilla_description":"CVE-2010-3409 webkit: use-after-free vulnerability in SVG use","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3409.json"},{"CVE":"CVE-2010-3410","severity":"moderate","public_date":"2010-09-14T00:00:00Z","advisories":[],"bugzilla":"634756","bugzilla_description":"CVE-2010-3410 webkit: use-after-free vulnerability when using SVG nested elements","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3410.json"},{"CVE":"CVE-2010-1812","severity":"moderate","public_date":"2010-09-08T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"631939","bugzilla_description":"CVE-2010-1812 webkit: use-after-free flaw in handling of selections","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1812.json"},{"CVE":"CVE-2010-1813","severity":"moderate","public_date":"2010-09-08T00:00:00Z","advisories":[],"bugzilla":"631942","bugzilla_description":"CVE-2010-1813 webkit: memory corruption flaw in rendering of HTML object outlines","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1813.json"},{"CVE":"CVE-2010-1814","severity":"moderate","public_date":"2010-09-08T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"631946","bugzilla_description":"CVE-2010-1814 webkit: memory corruption flaw when handling form menus","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1814.json"},{"CVE":"CVE-2010-1815","severity":"moderate","public_date":"2010-09-08T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"631948","bugzilla_description":"CVE-2010-1815 webkit: use-after-free flaw when handling scrollbars","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1815.json"},{"CVE":"CVE-2010-1807","severity":"moderate","public_date":"2010-09-07T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"627703","bugzilla_description":"CVE-2010-1807 webkit: input validation error when parsing certain NaN values","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-20","affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1807.json"},{"CVE":"CVE-2010-1806","severity":"moderate","public_date":"2010-09-07T00:00:00Z","advisories":[],"bugzilla":"627712","bugzilla_description":"CVE-2010-1806 webkit: memory corruption in handling of run-in styling (ZDI-CAN-806)","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1806.json"},{"CVE":"CVE-2010-3257","severity":"moderate","public_date":"2010-09-02T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"640357","bugzilla_description":"CVE-2010-3257 webkit: stale pointer issue with focusing","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3257.json"},{"CVE":"CVE-2010-3259","severity":"moderate","public_date":"2010-09-02T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"640360","bugzilla_description":"CVE-2010-3259 webkit: cross-origin image theft","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3259.json"},{"CVE":"CVE-2010-3255","severity":"moderate","public_date":"2010-09-02T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"645914","bugzilla_description":"CVE-2010-3255 webkit: DoS via improper handling of counter nodes","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3255.json"},{"CVE":"CVE-2010-3113","severity":"moderate","public_date":"2010-08-19T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"628032","bugzilla_description":"CVE-2010-3113 webkit: memory corruption when handling SVG documents","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3113.json"},{"CVE":"CVE-2010-3114","severity":"moderate","public_date":"2010-08-19T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"628035","bugzilla_description":"CVE-2010-3114 webkit: bad cast with text editing","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3114.json"},{"CVE":"CVE-2010-3115","severity":"moderate","public_date":"2010-08-19T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"628071","bugzilla_description":"CVE-2010-3115 webkit: address bar spoofing with history bug","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3115.json"},{"CVE":"CVE-2010-3119","severity":"moderate","public_date":"2010-08-19T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"628076","bugzilla_description":"CVE-2010-3119 webkit: DoS due to improper Ruby support","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3119.json"},{"CVE":"CVE-2010-3116","severity":"moderate","public_date":"2010-08-19T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"640353","bugzilla_description":"CVE-2010-3116 webkit: memory corruption with MIME types","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3116.json"},{"CVE":"CVE-2010-1780","severity":"moderate","public_date":"2010-08-11T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"627366","bugzilla_description":"CVE-2010-1780 CVE-2010-1782 CVE-2010-1783 CVE-2010-1784 CVE-2010-1785 CVE-2010-1786 CVE-2010-1787 CVE-2010-1788 CVE-2010-1790 CVE-2010-1792 CVE-2010-1793 WebKit: multiple vulnerabilities in WebKitGTK","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1780.json"},{"CVE":"CVE-2010-1782","severity":"moderate","public_date":"2010-08-11T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"627366","bugzilla_description":"CVE-2010-1780 CVE-2010-1782 CVE-2010-1783 CVE-2010-1784 CVE-2010-1785 CVE-2010-1786 CVE-2010-1787 CVE-2010-1788 CVE-2010-1790 CVE-2010-1792 CVE-2010-1793 WebKit: multiple vulnerabilities in WebKitGTK","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1782.json"},{"CVE":"CVE-2010-1783","severity":"moderate","public_date":"2010-08-11T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"627366","bugzilla_description":"CVE-2010-1780 CVE-2010-1782 CVE-2010-1783 CVE-2010-1784 CVE-2010-1785 CVE-2010-1786 CVE-2010-1787 CVE-2010-1788 CVE-2010-1790 CVE-2010-1792 CVE-2010-1793 WebKit: multiple vulnerabilities in WebKitGTK","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1783.json"},{"CVE":"CVE-2010-1784","severity":"moderate","public_date":"2010-08-11T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"627366","bugzilla_description":"CVE-2010-1780 CVE-2010-1782 CVE-2010-1783 CVE-2010-1784 CVE-2010-1785 CVE-2010-1786 CVE-2010-1787 CVE-2010-1788 CVE-2010-1790 CVE-2010-1792 CVE-2010-1793 WebKit: multiple vulnerabilities in WebKitGTK","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1784.json"},{"CVE":"CVE-2010-1785","severity":"moderate","public_date":"2010-08-11T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"627366","bugzilla_description":"CVE-2010-1780 CVE-2010-1782 CVE-2010-1783 CVE-2010-1784 CVE-2010-1785 CVE-2010-1786 CVE-2010-1787 CVE-2010-1788 CVE-2010-1790 CVE-2010-1792 CVE-2010-1793 WebKit: multiple vulnerabilities in WebKitGTK","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1785.json"},{"CVE":"CVE-2010-1786","severity":"moderate","public_date":"2010-08-11T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"627366","bugzilla_description":"CVE-2010-1780 CVE-2010-1782 CVE-2010-1783 CVE-2010-1784 CVE-2010-1785 CVE-2010-1786 CVE-2010-1787 CVE-2010-1788 CVE-2010-1790 CVE-2010-1792 CVE-2010-1793 WebKit: multiple vulnerabilities in WebKitGTK","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1786.json"},{"CVE":"CVE-2010-1787","severity":"moderate","public_date":"2010-08-11T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"627366","bugzilla_description":"CVE-2010-1780 CVE-2010-1782 CVE-2010-1783 CVE-2010-1784 CVE-2010-1785 CVE-2010-1786 CVE-2010-1787 CVE-2010-1788 CVE-2010-1790 CVE-2010-1792 CVE-2010-1793 WebKit: multiple vulnerabilities in WebKitGTK","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1787.json"},{"CVE":"CVE-2010-1788","severity":"moderate","public_date":"2010-08-11T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"627366","bugzilla_description":"CVE-2010-1780 CVE-2010-1782 CVE-2010-1783 CVE-2010-1784 CVE-2010-1785 CVE-2010-1786 CVE-2010-1787 CVE-2010-1788 CVE-2010-1790 CVE-2010-1792 CVE-2010-1793 WebKit: multiple vulnerabilities in WebKitGTK","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1788.json"},{"CVE":"CVE-2010-1790","severity":"moderate","public_date":"2010-08-11T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"627366","bugzilla_description":"CVE-2010-1780 CVE-2010-1782 CVE-2010-1783 CVE-2010-1784 CVE-2010-1785 CVE-2010-1786 CVE-2010-1787 CVE-2010-1788 CVE-2010-1790 CVE-2010-1792 CVE-2010-1793 WebKit: multiple vulnerabilities in WebKitGTK","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1790.json"},{"CVE":"CVE-2010-1792","severity":"moderate","public_date":"2010-08-11T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"627366","bugzilla_description":"CVE-2010-1780 CVE-2010-1782 CVE-2010-1783 CVE-2010-1784 CVE-2010-1785 CVE-2010-1786 CVE-2010-1787 CVE-2010-1788 CVE-2010-1790 CVE-2010-1792 CVE-2010-1793 WebKit: multiple vulnerabilities in WebKitGTK","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1792.json"},{"CVE":"CVE-2010-1793","severity":"moderate","public_date":"2010-08-11T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"627366","bugzilla_description":"CVE-2010-1780 CVE-2010-1782 CVE-2010-1783 CVE-2010-1784 CVE-2010-1785 CVE-2010-1786 CVE-2010-1787 CVE-2010-1788 CVE-2010-1790 CVE-2010-1792 CVE-2010-1793 WebKit: multiple vulnerabilities in WebKitGTK","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1793.json"},{"CVE":"CVE-2010-2901","severity":"moderate","public_date":"2010-07-10T00:00:00Z","advisories":[],"bugzilla":"676210","bugzilla_description":"CVE-2010-2901 WebKit: Memory corruption with crash in RenderObject::containingBlock()","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2901.json"},{"CVE":"CVE-2010-2647","severity":null,"public_date":"2010-07-02T00:00:00Z","advisories":[],"bugzilla":"668336","bugzilla_description":"CVE-2010-2647 Webkit:SVG ForeignObject Rendering Layout Vulnerability","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2647.json"},{"CVE":"CVE-2010-1392","severity":null,"public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596382","bugzilla_description":"CVE-2010-1392 WebKit: use-after-free vulnerabiity when rendering HTML buttons","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1392.json"},{"CVE":"CVE-2010-1119","severity":"critical","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596386","bugzilla_description":"CVE-2010-1119 WebKit: use-after-free vulnerability in handling of attribute manipulation","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1119.json"},{"CVE":"CVE-2010-1396","severity":"critical","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596397","bugzilla_description":"CVE-2010-1396 WebKit: use-after-free vulnerability in handling the removal of container elements (ZDI-CAN-688)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1396.json"},{"CVE":"CVE-2010-1397","severity":"critical","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596401","bugzilla_description":"CVE-2010-1397 WebKit: use-after-free vulnerabiity when rendering a selection when the layout changes (ZDI-CAN-632)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1397.json"},{"CVE":"CVE-2010-1398","severity":"critical","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596403","bugzilla_description":"CVE-2010-1398 WebKit: memory corruption flaw in handling of ordered list insertions (ZDI-CAN-686)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1398.json"},{"CVE":"CVE-2010-1399","severity":"critical","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596408","bugzilla_description":"CVE-2010-1399 WebKit: uninitialized memory access vulnerability in handling of selection changes on form input elements (ZDI-CAN-687)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1399.json"},{"CVE":"CVE-2010-1400","severity":"critical","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596424","bugzilla_description":"CVE-2010-1400 WebKit: use-after-free vulnerability in handling of caption elements","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1400.json"},{"CVE":"CVE-2010-1401","severity":"critical","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596425","bugzilla_description":"CVE-2010-1401 WebKit: use-after-free vulnerability in handling of the ':first-letter' pseudo-element in CSS (ZDI-CAN-689)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1401.json"},{"CVE":"CVE-2010-1402","severity":"critical","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596429","bugzilla_description":"CVE-2010-1402 WebKit: double-free vulnerability in handling of event listeners in SVG documents (ZDI-CAN-704)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1402.json"},{"CVE":"CVE-2010-1403","severity":"critical","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596432","bugzilla_description":"CVE-2010-1403 WebKit: uninitialized memory access vulnerability in handling of 'use' elements in SVG documents (ZDI-CAN-702)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1403.json"},{"CVE":"CVE-2010-1404","severity":"critical","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596437","bugzilla_description":"CVE-2010-1404 WebKit: use-after-free vulnerability in handling of SVG documents with multiple 'use' elements (ZDI-CAN-711)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1404.json"},{"CVE":"CVE-2010-1410","severity":"critical","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596452","bugzilla_description":"CVE-2010-1410 WebKit: memory corruption vulnerability in handling of nested 'use' elements in SVG documents","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1410.json"},{"CVE":"CVE-2010-1749","severity":"critical","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596454","bugzilla_description":"CVE-2010-1749 WebKit: use-after-free vulnerability in handling of CSS run-ins","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1749.json"},{"CVE":"CVE-2010-1405","severity":"critical","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596456","bugzilla_description":"CVE-2010-1405 WebKit: use-after-free vulnerability in handling of HTML elements with custom vertical positioning","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1405.json"},{"CVE":"CVE-2010-1412","severity":"critical","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596458","bugzilla_description":"CVE-2010-1412 WebKit: use-after-free vulnerability in handling of hover events","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1412.json"},{"CVE":"CVE-2010-1414","severity":"critical","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596459","bugzilla_description":"CVE-2010-1414 WebKit: use-after-free vulnerability in handling of the removeChild DOM method","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1414.json"},{"CVE":"CVE-2010-1415","severity":null,"public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596460","bugzilla_description":"CVE-2010-1415 WebKit: API abuse vulnerability in handling of libxml contexts","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1415.json"},{"CVE":"CVE-2010-1417","severity":"critical","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596471","bugzilla_description":"CVE-2010-1417 WebKit: memory corruption vulnerability in rendering of certain CSS-styled HTML content","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1417.json"},{"CVE":"CVE-2010-1419","severity":"critical","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596478","bugzilla_description":"CVE-2010-1419 WebKit: use-after-free vulnerability in handling of certain drag and drop operations","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1419.json"},{"CVE":"CVE-2010-1758","severity":"critical","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596479","bugzilla_description":"CVE-2010-1758 WebKit: use-after-free vulnerability in handling of DOM Range objects","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1758.json"},{"CVE":"CVE-2010-1759","severity":"critical","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596485","bugzilla_description":"CVE-2010-1759 WebKit: use-after-free vulnerability in handling of the Node.normalize method","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1759.json"},{"CVE":"CVE-2010-1770","severity":"critical","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596487","bugzilla_description":"CVE-2010-1770 WebKit: type checking vulnerability in handling of text nodes (ZDI-CAN-765)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1770.json"},{"CVE":"CVE-2010-1387","severity":null,"public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596493","bugzilla_description":"CVE-2010-1387 WebKit: use-after-free vulnerability in JavaScriptCore during page transitions","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1387.json"},{"CVE":"CVE-2010-1766","severity":"critical","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596494","bugzilla_description":"CVE-2010-1766 WebKit: off-by-one memory corruption flaw WebSocketHandshake::readServerHandshake()","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-193","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1766.json"},{"CVE":"CVE-2010-1771","severity":"critical","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596497","bugzilla_description":"CVE-2010-1771 WebKit: use-after-free vulnerability in font handling","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1771.json"},{"CVE":"CVE-2010-1772","severity":"critical","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596498","bugzilla_description":"CVE-2010-1772 WebKit: use-after-free vulnerability in handling of geolocation events","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1772.json"},{"CVE":"CVE-2010-1773","severity":"low","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596500","bugzilla_description":"CVE-2010-1773 WebKit: off-by-one memory read out of bounds vulnerability in handling of HTML lists","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","CWE":"CWE-193->CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1773.json"},{"CVE":"CVE-2010-1774","severity":"critical","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"596501","bugzilla_description":"CVE-2010-1774 WebKit: out-of-bounds memory access vulnerability in handling of HTML tables","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1774.json"},{"CVE":"CVE-2010-1761","severity":"critical","public_date":"2010-06-07T00:00:00Z","advisories":[],"bugzilla":"603237","bugzilla_description":"CVE-2010-1761 webkit: use-after-free vulnerability when marking layout root's parent as needing layout","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1761.json"},{"CVE":"CVE-2010-2304","severity":null,"public_date":"2010-05-24T00:00:00Z","advisories":[],"bugzilla":"606295","bugzilla_description":"CVE-2010-2304 webkitgtk: Memory corruption by rendering the list item's marker","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P/","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2304.json"},{"CVE":"CVE-2010-3812","severity":"moderate","public_date":"2010-01-01T00:00:00Z","advisories":["RHSA-2011:0177"],"bugzilla":"667022","bugzilla_description":"CVE-2010-3812 webkit: Integer overflow in WebKit's handling of Text objects","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-190","affected_packages":["webkitgtk-0:1.2.6-2.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3812.json"},{"CVE":"CVE-2008-0553","severity":"moderate","public_date":"2008-02-01T00:00:00Z","advisories":["RHSA-2008:0136","RHSA-2008:0135","RHSA-2008:0134"],"bugzilla":"431518","bugzilla_description":"CVE-2008-0553 tk: GIF handling buffer overflow","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tk-0:8.4.7-3.el4_6.1","tk-0:8.4.13-5.el5_1.1","tcltk-0:8.3.5-92.8","tcltk-0:8.3.3-75"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0553.json"},{"CVE":"CVE-2007-4772","severity":"moderate","public_date":"2008-01-07T00:00:00Z","advisories":["RHSA-2008:0038","RHSA-2008:0134","RHSA-2008:0040","RHSA-2013:0122"],"bugzilla":"316511","bugzilla_description":"CVE-2007-4772 postgresql DoS via infinite loop in regex NFA optimization code","cvss_score":1.5,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["postgresql-0:8.1.11-1.el5_1.1","postgresql-0:8.1.11-1.el4s1.1","tcl-0:8.4.13-6.el5","tcltk-0:8.3.5-92.8","postgresql-0:7.4.19-1.el4_6.1","postgresql-0:8.2.6-1.el5s2","tcltk-0:8.3.3-75"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4772.json"},{"CVE":"CVE-2007-5137","severity":"low","public_date":"2007-09-07T00:00:00Z","advisories":["RHSA-2008:0136"],"bugzilla":"290991","bugzilla_description":"CVE-2007-5137 Tk GIF processing buffer overflow","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tk-0:8.4.13-5.el5_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5137.json"},{"CVE":"CVE-2007-0010","severity":"moderate","public_date":"2007-01-10T00:00:00Z","advisories":["RHSA-2007:0019"],"bugzilla":"1618260","bugzilla_description":"CVE-2007-0010 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["gtk2-0:2.4.13-22"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0010.json"},{"CVE":"CVE-2007-5378","severity":"low","public_date":"2006-03-25T00:00:00Z","advisories":["RHSA-2008:0135","RHSA-2008:0134"],"bugzilla":"332021","bugzilla_description":"CVE-2007-5378 Tk GIF processing buffer overflow","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tk-0:8.4.7-3.el4_6.1","tcltk-0:8.3.5-92.8","tcltk-0:8.3.3-75"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5378.json"},{"CVE":"CVE-2005-2975","severity":"important","public_date":"2005-11-15T14:00:00Z","advisories":["RHSA-2005:810","RHSA-2005:811"],"bugzilla":"1617771","bugzilla_description":"CVE-2005-2975 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["gdk-pixbuf-1:0.22.0-13.el3.3","gdk-pixbuf-1:0.22.0-17.el4.3","gtk2-0:2.2.4-19","gtk2-0:2.4.13-18"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2975.json"},{"CVE":"CVE-2005-3186","severity":"important","public_date":"2005-11-03T00:00:00Z","advisories":["RHSA-2005:810","RHSA-2005:811"],"bugzilla":"1617795","bugzilla_description":"CVE-2005-3186 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["gdk-pixbuf-1:0.22.0-13.el3.3","gdk-pixbuf-1:0.22.0-17.el4.3","gtk2-0:2.2.4-19","gtk2-0:2.4.13-18"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3186.json"},{"CVE":"CVE-2005-0891","severity":"important","public_date":"2005-03-26T00:00:00Z","advisories":["RHSA-2005:344","RHSA-2005:343"],"bugzilla":"1617587","bugzilla_description":"CVE-2005-0891 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["gtk2-0:2.4.13-14","gtk2-0:2.2.4-15","gdk-pixbuf-1:0.22.0-16.el4","gdk-pixbuf-1:0.22.0-12.el3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0891.json"},{"CVE":"CVE-2004-0782","severity":"important","public_date":"2004-09-15T00:00:00Z","advisories":["RHSA-2004:466","RHSA-2004:447"],"bugzilla":"1617283","bugzilla_description":"CVE-2004-0782 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["gdk-pixbuf-1:0.22.0-11.3.3","gtk2-0:2.2.4-8.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0782.json"},{"CVE":"CVE-2004-0783","severity":"important","public_date":"2004-09-15T00:00:00Z","advisories":["RHSA-2004:466","RHSA-2004:447"],"bugzilla":"1617284","bugzilla_description":"CVE-2004-0783 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["gdk-pixbuf-1:0.22.0-11.3.3","gtk2-0:2.2.4-8.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0783.json"},{"CVE":"CVE-2004-0788","severity":"moderate","public_date":"2004-09-15T00:00:00Z","advisories":["RHSA-2004:466","RHSA-2004:447"],"bugzilla":"1617290","bugzilla_description":"CVE-2004-0788 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["gdk-pixbuf-1:0.22.0-11.3.3","gtk2-0:2.2.4-8.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0788.json"},{"CVE":"CVE-2004-0753","severity":"moderate","public_date":"2004-08-20T00:00:00Z","advisories":["RHSA-2004:466","RHSA-2004:447"],"bugzilla":"1617266","bugzilla_description":"CVE-2004-0753 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["gdk-pixbuf-1:0.22.0-11.3.3","gtk2-0:2.2.4-8.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0753.json"},{"CVE":"CVE-2011-2897","severity":"moderate","public_date":"2001-06-01T00:00:00Z","advisories":[],"bugzilla":"727081","bugzilla_description":"CVE-2011-2897 gdk-pixbuf: GIF loader buffer overflow when initializing decompression tables","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2897.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tmpwatch_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tmpwatch_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tmpwatch_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tmux_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tmux_security_api_results.json new file mode 100644 index 0000000..50f5c02 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tmux_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2018-19387","severity":"low","public_date":"2018-11-19T00:00:00Z","advisories":[],"bugzilla":"1652127","bugzilla_description":"CVE-2018-19387 tmux: NULL Pointer Dereference in format_cb_pane_tabs in format.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19387.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tn5250_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tn5250_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tn5250_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tncfhh-libs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tncfhh-libs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tncfhh-libs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tncfhh-utils_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tncfhh-utils_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tncfhh-utils_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tncfhh_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tncfhh_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tncfhh_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tog-pegasus-libs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tog-pegasus-libs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tog-pegasus-libs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tog-pegasus_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tog-pegasus_security_api_results.json new file mode 100644 index 0000000..d6a7021 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tog-pegasus_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2011-4967","severity":"moderate","public_date":"2012-02-21T00:00:00Z","advisories":[],"bugzilla":"796015","bugzilla_description":"CVE-2011-4967 tog-pegasus: xml hash table collision CPU usage DoS","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4967.json"},{"CVE":"CVE-2008-4313","severity":"important","public_date":"2008-08-14T00:00:00Z","advisories":["RHSA-2008:1001"],"bugzilla":"459217","bugzilla_description":"CVE-2008-4313 tog-pegasus: WBEM services access not restricted to dedicated user after 2.7.0 rebase","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tog-pegasus-2:2.7.0-2.el5_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4313.json"},{"CVE":"CVE-2008-4315","severity":"low","public_date":"2008-08-14T00:00:00Z","advisories":["RHSA-2008:1001"],"bugzilla":"472017","bugzilla_description":"CVE-2008-4315 tog-pegasus: failed authentication attempts not logged via PAM","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tog-pegasus-2:2.7.0-2.el5_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4315.json"},{"CVE":"CVE-2008-0003","severity":"critical","public_date":"2008-01-07T00:00:00Z","advisories":["RHSA-2008:0002"],"bugzilla":"426578","bugzilla_description":"CVE-2008-0003 tog-pegasus pam authentication buffer overflow","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":["tog-pegasus-2:2.6.1-2.el5_1.1","tog-pegasus-2:2.5.1-2.el4_5.1","tog-pegasus-2:2.5.1-5.el4_6.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0003.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tokyocabinet_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tokyocabinet_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tokyocabinet_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat-admin-webapps_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat-admin-webapps_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat-admin-webapps_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat-el-2.2-api_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat-el-2.2-api_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat-el-2.2-api_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat-jsp-2.2-api_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat-jsp-2.2-api_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat-jsp-2.2-api_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat-lib_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat-lib_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat-lib_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat-servlet-3.0-api_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat-servlet-3.0-api_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat-servlet-3.0-api_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat-webapps_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat-webapps_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat-webapps_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat_security_api_results.json new file mode 100644 index 0000000..e87bff6 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcat_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-13943","severity":"moderate","public_date":"2020-10-12T00:00:00Z","advisories":[],"bugzilla":"1887648","bugzilla_description":"CVE-2020-13943 tomcat: Apache Tomcat HTTP/2 Request mix-up","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13943.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2020-1710","severity":"important","public_date":"2020-08-06T00:00:00Z","advisories":["RHSA-2020:3501","RHSA-2020:3642","RHSA-2020:3463","RHSA-2020:3464","RHSA-2020:3461","RHSA-2020:3462","RHSA-2020:3638","RHSA-2020:3539","RHSA-2020:3639","RHSA-2020:3779","RHSA-2020:3637"],"bugzilla":"1793970","bugzilla_description":"CVE-2020-1710 EAP: field-name is not parsed in accordance to RFC7230","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-74->CWE-113","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1710.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2020-13935","severity":"important","public_date":"2020-07-15T00:00:00Z","advisories":["RHSA-2020:3303","RHSA-2020:4004","RHSA-2020:3382","RHSA-2020:3383","RHSA-2020:3806","RHSA-2020:3308","RHSA-2020:3306","RHSA-2020:3305"],"bugzilla":"1857024","bugzilla_description":"CVE-2020-13935 tomcat: multiple requests with invalid payload length in a WebSocket frame could lead to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["jws5-tomcat-0:9.0.30-5.redhat_6.1.el6jws","tomcat-0:7.0.76-15.el7","jbossweb-0:7.5.31-2.Final_redhat_2.1.ep6.el7","jbossweb-0:7.5.31-2.Final_redhat_2.1.ep6.el5","jbossweb-0:7.5.31-2.Final_redhat_2.1.ep6.el6","jws5-tomcat-0:9.0.30-5.redhat_6.1.el8jws","jws5-tomcat-0:9.0.30-5.redhat_6.1.el7jws"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13935.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-13934","severity":"important","public_date":"2020-07-15T00:00:00Z","advisories":["RHSA-2020:3806","RHSA-2020:3308","RHSA-2020:3306"],"bugzilla":"1857040","bugzilla_description":"CVE-2020-13934 tomcat: OutOfMemoryException caused by HTTP/2 connection leak could lead to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["jws5-tomcat-0:9.0.30-5.redhat_6.1.el6jws","jws5-tomcat-0:9.0.30-5.redhat_6.1.el8jws","jws5-tomcat-0:9.0.30-5.redhat_6.1.el7jws"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13934.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-8022","severity":"moderate","public_date":"2020-06-29T00:00:00Z","advisories":[],"bugzilla":"1852863","bugzilla_description":"CVE-2020-8022 tomcat: /usr/lib/tmpfiles.d/tomcat.conf is group-writable","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-276","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8022.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"7.7"},{"CVE":"CVE-2020-11996","severity":"moderate","public_date":"2020-06-25T00:00:00Z","advisories":[],"bugzilla":"1851420","bugzilla_description":"CVE-2020-11996 tomcat: specially crafted sequence of HTTP/2 requests can lead to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11996.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-9484","severity":"important","public_date":"2020-05-20T00:00:00Z","advisories":["RHSA-2020:3017","RHSA-2020:2530","RHSA-2020:2487","RHSA-2020:2509","RHSA-2020:2483","RHSA-2020:2529","RHSA-2020:2506"],"bugzilla":"1838332","bugzilla_description":"CVE-2020-9484 tomcat: deserialization flaw in session persistence storage leading to RCE","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-502","affected_packages":["tomcat-0:7.0.76-12.el7_8","tomcat6-0:6.0.24-115.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9484.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2020-1935","severity":"low","public_date":"2020-02-24T00:00:00Z","advisories":["RHSA-2020:2367","RHSA-2020:3303","RHSA-2020:1521","RHSA-2020:1520","RHSA-2020:3305"],"bugzilla":"1806835","bugzilla_description":"CVE-2020-1935 tomcat: Mishandling of Transfer-Encoding header allows for HTTP request smuggling","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-444","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1935.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2019-17569","severity":"low","public_date":"2020-02-24T00:00:00Z","advisories":["RHSA-2020:1521","RHSA-2020:1520"],"bugzilla":"1806849","bugzilla_description":"CVE-2019-17569 tomcat: Regression in handling of Transfer-Encoding header allows for HTTP request smuggling","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-444","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17569.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2020-1938","severity":"important","public_date":"2020-02-20T00:00:00Z","advisories":["RHSA-2020:2840","RHSA-2020:2367","RHSA-2020:2783","RHSA-2020:0861","RHSA-2020:1521","RHSA-2020:0860","RHSA-2020:1520","RHSA-2020:2781","RHSA-2020:2780","RHSA-2020:0855","RHSA-2020:0912","RHSA-2020:1479","RHSA-2020:1478","RHSA-2020:2779"],"bugzilla":"1806398","bugzilla_description":"CVE-2020-1938 tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-285","affected_packages":["tomcat-0:7.0.76-11.el7_7","jbossweb-0:7.5.30-2.Final_redhat_2.1.ep6.el7","tomcat6-0:6.0.24-114.el6_10","jbossweb-0:7.5.30-2.Final_redhat_2.1.ep6.el6","jbossweb-0:7.5.30-2.Final_redhat_2.1.ep6.el5","tomcat-0:7.0.76-10.el7_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1938.json","cvss3_scoring_vector":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L","cvss3_score":"7.6"},{"CVE":"CVE-2019-17563","severity":"low","public_date":"2019-12-18T00:00:00Z","advisories":["RHSA-2020:0861","RHSA-2020:1521","RHSA-2020:4004","RHSA-2020:0860","RHSA-2020:1520"],"bugzilla":"1785711","bugzilla_description":"CVE-2019-17563 tomcat: session fixation when using FORM authentication","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-384","affected_packages":["tomcat-0:7.0.76-15.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17563.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-12418","severity":"moderate","public_date":"2019-11-21T00:00:00Z","advisories":["RHSA-2020:0861","RHSA-2020:1521","RHSA-2020:0860","RHSA-2020:1520"],"bugzilla":"1785699","bugzilla_description":"CVE-2019-12418 tomcat: local privilege escalation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12418.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.4"},{"CVE":"CVE-2019-10072","severity":"moderate","public_date":"2019-06-21T00:00:00Z","advisories":["RHSA-2019:3931","RHSA-2019:3929"],"bugzilla":"1723708","bugzilla_description":"CVE-2019-10072 tomcat: HTTP/2 connection window exhaustion on write, incomplete fix of CVE-2019-0199","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10072.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2019-0221","severity":"low","public_date":"2019-04-13T00:00:00Z","advisories":["RHSA-2020:0861","RHSA-2019:3931","RHSA-2020:0860","RHSA-2019:3929"],"bugzilla":"1713275","bugzilla_description":"CVE-2019-0221 tomcat: XSS in SSI printenv","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0221.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"5.0"},{"CVE":"CVE-2019-0232","severity":"important","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2019:1712","RHSA-2019:3929"],"bugzilla":"1701056","bugzilla_description":"CVE-2019-0232 tomcat: Remote Code Execution on Windows","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0232.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2019-0199","severity":"important","public_date":"2019-03-25T00:00:00Z","advisories":["RHSA-2019:3931","RHSA-2020:2366","RHSA-2019:3929"],"bugzilla":"1693325","bugzilla_description":"CVE-2019-0199 tomcat: Apache Tomcat HTTP/2 DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-0199.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-11784","severity":"moderate","public_date":"2018-10-03T00:00:00Z","advisories":["RHSA-2019:0485","RHSA-2019:0130","RHSA-2019:0131","RHSA-2018:2868","RHSA-2018:2867","RHSA-2019:1529"],"bugzilla":"1636512","bugzilla_description":"CVE-2018-11784 tomcat: Open redirect in default servlet","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-99","affected_packages":["pki-deps:10.6-8000020190524054914.55190bc5","tomcat-0:7.0.76-9.el7_6","jws5-tomcat-0:9.0.7-12.redhat_12.1.el6jws","jws5-tomcat-0:9.0.7-12.redhat_12.1.el7jws"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11784.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2018-8034","severity":"low","public_date":"2018-07-22T00:00:00Z","advisories":["RHSA-2019:0451","RHSA-2019:0130","RHSA-2019:0131","RHSA-2019:0450","RHSA-2019:2205","RHSA-2019:3892","RHSA-2019:1159","RHSA-2019:1162","RHSA-2019:1529","RHSA-2019:1161","RHSA-2019:1160"],"bugzilla":"1607580","bugzilla_description":"CVE-2018-8034 tomcat: Host name verification missing in WebSocket client","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["pki-deps:10.6-8000020190524054914.55190bc5","tomcat-0:7.0.76-9.el7","jbossweb-0:7.5.30-1.Final_redhat_1.1.ep6.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8034.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2018-8037","severity":"important","public_date":"2018-07-22T00:00:00Z","advisories":["RHSA-2018:2868","RHSA-2018:2867","RHSA-2019:1529"],"bugzilla":"1607582","bugzilla_description":"CVE-2018-8037 tomcat: Due to a mishandling of close in NIO/NIO2 connectors user sessions can get mixed up","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["pki-deps:10.6-8000020190524054914.55190bc5","jws5-tomcat-0:9.0.7-12.redhat_12.1.el6jws","jws5-tomcat-0:9.0.7-12.redhat_12.1.el7jws"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8037.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"9.1"},{"CVE":"CVE-2018-1336","severity":"important","public_date":"2018-07-22T00:00:00Z","advisories":["RHSA-2018:2945","RHSA-2018:2921","RHSA-2018:3768","RHSA-2018:2701","RHEA-2018:2189","RHSA-2018:2700","RHEA-2018:2188","RHSA-2018:2939","RHSA-2018:2743","RHSA-2018:2930","RHSA-2018:2742","RHSA-2018:2741","RHSA-2018:2740"],"bugzilla":"1607591","bugzilla_description":"CVE-2018-1336 tomcat: A bug in the UTF-8 decoder can lead to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["jbossweb-0:7.5.29-1.Final_redhat_1.1.ep6.el5","tomcat8-0:8.0.36-33.ep7.el7","tomcat8-0:8.0.36-33.ep7.el6","tomcat-0:7.0.76-8.el7_5","tomcat7-0:7.0.70-29.ep7.el6","tomcat7-0:7.0.70-29.ep7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1336.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-8020","severity":"important","public_date":"2018-07-21T00:00:00Z","advisories":["RHSA-2018:2470","RHSA-2018:2469"],"bugzilla":"1581569","bugzilla_description":"CVE-2018-8020 tomcat-native: Mishandled OCSP responses can allow clients to authenticate with revoked certificates","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287","affected_packages":["tomcat-native-0:1.2.17-17.redhat_17.ep7.el6","tomcat-native-0:1.2.17-17.redhat_17.ep7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8020.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N","cvss3_score":"7.1"},{"CVE":"CVE-2018-8019","severity":"moderate","public_date":"2018-07-21T00:00:00Z","advisories":["RHSA-2018:2470","RHSA-2018:2469"],"bugzilla":"1583998","bugzilla_description":"CVE-2018-8019 tomcat-native: Mishandled OCSP invalid response","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287","affected_packages":["tomcat-native-0:1.2.17-17.redhat_17.ep7.el6","tomcat-native-0:1.2.17-17.redhat_17.ep7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8019.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2018-8014","severity":"moderate","public_date":"2018-05-17T00:00:00Z","advisories":["RHSA-2018:2470","RHSA-2019:0451","RHSA-2019:0450","RHSA-2019:2205","RHSA-2018:3768","RHSA-2018:2469","RHSA-2019:1529"],"bugzilla":"1579611","bugzilla_description":"CVE-2018-8014 tomcat: Insecure defaults in CORS filter enable 'supportsCredentials' for all origins","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":["pki-deps:10.6-8000020190524054914.55190bc5","tomcat-0:7.0.76-9.el7","tomcat8-0:8.0.36-31.ep7.el7","tomcat7-0:7.0.70-27.ep7.el7","tomcat7-0:7.0.70-27.ep7.el6","tomcat8-0:8.0.36-31.ep7.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8014.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"5.7"},{"CVE":"CVE-2018-1067","severity":"moderate","public_date":"2018-04-25T17:51:00Z","advisories":["RHSA-2020:2562","RHSA-2018:1248","RHSA-2018:1249","RHSA-2019:0877","RHSA-2018:2643","RHSA-2018:1247","RHSA-2018:1251"],"bugzilla":"1550671","bugzilla_description":"CVE-2018-1067 undertow: HTTP header injection using CRLF with UTF-8 Encoding (incomplete fix of CVE-2016-4993)","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":"CWE-113","affected_packages":["eap7-jboss-ec2-eap-0:7.1.2-1.GA_redhat_1.ep7.el7","rhvm-appliance-0:4.2-20180828.0.el7","eap7-jboss-ec2-eap-0:7.1.2-1.GA_redhat_1.ep7.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1067.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","cvss3_score":"5.4"},{"CVE":"CVE-2018-1275","severity":"critical","public_date":"2018-04-09T19:00:00Z","advisories":["RHSA-2018:1320","RHSA-2018:2939"],"bugzilla":"1565307","bugzilla_description":"CVE-2018-1275 spring-framework: Address partial fix for CVE-2018-1270","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1275.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2018-1270","severity":"critical","public_date":"2018-04-05T00:00:00Z","advisories":["RHSA-2018:2939"],"bugzilla":"1564405","bugzilla_description":"CVE-2018-1270 spring-framework: Possible RCE via spring messaging","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1270.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2018-1272","severity":"low","public_date":"2018-04-05T00:00:00Z","advisories":["RHSA-2018:2669","RHSA-2018:1320"],"bugzilla":"1564408","bugzilla_description":"CVE-2018-1272 spring-framework: Multipart content pollution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-88","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1272.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2018-1305","severity":"moderate","public_date":"2018-02-23T00:00:00Z","advisories":["RHSA-2019:2205","RHSA-2018:0465","RHSA-2018:0466","RHSA-2018:1320","RHSA-2018:2939"],"bugzilla":"1548282","bugzilla_description":"CVE-2018-1305 tomcat: Late application of security constraints can lead to resource exposure for unauthorised users","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":["tomcat-0:7.0.76-9.el7","tomcat8-0:8.0.36-29.ep7.el6","tomcat8-0:8.0.36-29.ep7.el7","tomcat7-0:7.0.70-25.ep7.el6","tomcat7-0:7.0.70-25.ep7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1305.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"4.8"},{"CVE":"CVE-2017-15698","severity":"moderate","public_date":"2018-01-31T00:00:00Z","advisories":["RHSA-2018:0465","RHSA-2018:0466"],"bugzilla":"1540824","bugzilla_description":"CVE-2017-15698 tomcat-native: Mishandling of client certificates can allow for OCSP check bypass","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-299","affected_packages":["tomcat-native-0:1.2.8-11.redhat_11.ep7.el6","tomcat-native-0:1.2.8-11.redhat_11.ep7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15698.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","cvss3_score":"5.4"},{"CVE":"CVE-2017-15706","severity":"low","public_date":"2018-01-31T00:00:00Z","advisories":[],"bugzilla":"1540828","bugzilla_description":"CVE-2017-15706 tomcat: Incorrect documentation of CGI Servlet search algorithm may lead to misconfiguration","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15706.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N"},{"CVE":"CVE-2018-1304","severity":"moderate","public_date":"2018-01-31T00:00:00Z","advisories":["RHSA-2019:2205","RHSA-2018:1448","RHSA-2018:1449","RHSA-2018:1447","RHSA-2018:0465","RHSA-2018:0466","RHSA-2018:1451","RHSA-2018:1320","RHSA-2018:1450","RHSA-2018:2939"],"bugzilla":"1548289","bugzilla_description":"CVE-2018-1304 tomcat: Incorrect handling of empty string URL in security constraints can lead to unintended exposure of resources","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":["tomcat-0:7.0.76-9.el7","jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6","tomcat8-0:8.0.36-29.ep7.el6","tomcat8-0:8.0.36-29.ep7.el7","tomcat7-0:7.0.70-25.ep7.el6","tomcat7-0:7.0.70-25.ep7.el7","jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1304.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2018-1199","severity":"important","public_date":"2018-01-29T00:00:00Z","advisories":["RHSA-2018:2405"],"bugzilla":"1540030","bugzilla_description":"CVE-2018-1199 spring-framework: Improper URL path validation allows for bypassing of security checks on static resources","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1199.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2017-12617","severity":"important","public_date":"2017-09-21T00:00:00Z","advisories":["RHSA-2017:3081","RHSA-2018:0270","RHSA-2018:0271","RHSA-2017:3080","RHSA-2018:0269","RHSA-2018:0465","RHSA-2018:0268","RHSA-2018:0466","RHSA-2018:0275","RHSA-2017:3113","RHSA-2018:2939","RHSA-2017:3114"],"bugzilla":"1494283","bugzilla_description":"CVE-2017-12617 tomcat: Remote Code Execution bypass for CVE-2017-12615","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["tomcat-0:7.0.76-3.el7_4","tomcat6-0:6.0.41-19_patch_04.ep6.el7","tomcat7-0:7.0.54-28_patch_05.ep6.el7","tomcat6-0:6.0.41-19_patch_04.ep6.el6","tomcat7-0:7.0.54-28_patch_05.ep6.el6","tomcat8-0:8.0.36-29.ep7.el6","jboss-ec2-eap-0:7.5.19-2.Final_redhat_2.ep6.el6","tomcat8-0:8.0.36-29.ep7.el7","tomcat7-0:7.0.70-25.ep7.el6","tomcat7-0:7.0.70-25.ep7.el7","tomcat6-0:6.0.24-111.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12617.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2017-12615","severity":"important","public_date":"2017-09-19T00:00:00Z","advisories":["RHSA-2017:3081","RHSA-2017:3080","RHSA-2018:0465","RHSA-2018:0466","RHSA-2017:3113","RHSA-2017:3114"],"bugzilla":"1493220","bugzilla_description":"CVE-2017-12615 tomcat: Remote Code Execution via JSP Upload","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["tomcat-0:7.0.76-3.el7_4","tomcat6-0:6.0.41-19_patch_04.ep6.el7","tomcat7-0:7.0.54-28_patch_05.ep6.el7","tomcat6-0:6.0.41-19_patch_04.ep6.el6","tomcat7-0:7.0.54-28_patch_05.ep6.el6","tomcat8-0:8.0.36-29.ep7.el6","tomcat8-0:8.0.36-29.ep7.el7","tomcat7-0:7.0.70-25.ep7.el6","tomcat7-0:7.0.70-25.ep7.el7","tomcat6-0:6.0.24-111.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12615.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2017-12616","severity":"moderate","public_date":"2017-09-19T00:00:00Z","advisories":["RHSA-2018:0465","RHSA-2018:0466"],"bugzilla":"1493222","bugzilla_description":"CVE-2017-12616 tomcat: Information Disclosure when using VirtualDirContext","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["tomcat8-0:8.0.36-29.ep7.el6","tomcat8-0:8.0.36-29.ep7.el7","tomcat7-0:7.0.70-25.ep7.el6","tomcat7-0:7.0.70-25.ep7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12616.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2017-7674","severity":"moderate","public_date":"2017-08-10T00:00:00Z","advisories":["RHSA-2017:3081","RHSA-2017:1802","RHSA-2017:1801"],"bugzilla":"1480618","bugzilla_description":"CVE-2017-7674 tomcat: Vary header not added by CORS filter leading to cache poisoning","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tomcat-0:7.0.76-3.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7674.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2017-7675","severity":"important","public_date":"2017-08-10T00:00:00Z","advisories":[],"bugzilla":"1480626","bugzilla_description":"CVE-2017-7675 tomcat: Security Constraint Bypass","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-358","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7675.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-5664","severity":"important","public_date":"2017-06-06T00:00:00Z","advisories":["RHSA-2017:2635","RHSA-2017:2636","RHSA-2017:2633","RHSA-2017:3080","RHSA-2017:1802","RHSA-2017:1801","RHSA-2017:2637","RHSA-2017:2638","RHSA-2017:2493","RHSA-2017:2494","RHSA-2017:1809"],"bugzilla":"1459158","bugzilla_description":"CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-266","affected_packages":["tomcat-0:7.0.69-12.el7_3","tomcat8-0:8.0.36-24.ep7.el7","tomcat7-0:7.0.70-22.ep7.el6","tomcat8-0:8.0.36-24.ep7.el6","jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7","tomcat7-0:7.0.70-22.ep7.el7","tomcat7-0:7.0.54-25_patch_05.ep6.el7","tomcat7-0:7.0.54-25_patch_05.ep6.el6","tomcat6-0:6.0.24-111.el6_9","tomcat6-0:6.0.41-17_patch_04.ep6.el7","jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6","tomcat6-0:6.0.41-17_patch_04.ep6.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5664.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2017-7464","severity":"moderate","public_date":"2017-05-11T00:00:00Z","advisories":[],"bugzilla":"1439520","bugzilla_description":"CVE-2017-7464 JBoss: JAXP in EAP 7.0 allows info disclosure via XXE","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:P","CWE":"CWE-611","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7464.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:H","cvss3_score":"8.7"},{"CVE":"CVE-2017-7465","severity":"important","public_date":"2017-04-11T00:00:00Z","advisories":["RHSA-2020:2563"],"bugzilla":"1439980","bugzilla_description":"CVE-2017-7465 JBoss: JAXP in EAP 7.0 allows RCE via XSL","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-611","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7465.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","cvss3_score":"9.0"},{"CVE":"CVE-2017-5647","severity":"important","public_date":"2017-04-10T00:00:00Z","advisories":["RHSA-2017:3081","RHSA-2017:3080","RHSA-2017:1802","RHSA-2017:1801","RHSA-2017:2493","RHSA-2017:2494"],"bugzilla":"1441205","bugzilla_description":"CVE-2017-5647 tomcat: Incorrect handling of pipelined requests when send file was used","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["tomcat-0:7.0.76-3.el7_4","tomcat8-0:8.0.36-24.ep7.el7","tomcat7-0:7.0.70-22.ep7.el6","tomcat8-0:8.0.36-24.ep7.el6","tomcat7-0:7.0.70-22.ep7.el7","tomcat7-0:7.0.54-25_patch_05.ep6.el7","tomcat7-0:7.0.54-25_patch_05.ep6.el6","tomcat6-0:6.0.24-111.el6_9","tomcat6-0:6.0.41-17_patch_04.ep6.el7","tomcat6-0:6.0.41-17_patch_04.ep6.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5647.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2017-5648","severity":"moderate","public_date":"2017-04-10T00:00:00Z","advisories":["RHSA-2017:1802","RHSA-2017:1801","RHSA-2017:1809"],"bugzilla":"1441223","bugzilla_description":"CVE-2017-5648 tomcat: Calls to application listeners did not use the appropriate facade object","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tomcat-0:7.0.69-12.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5648.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N","cvss3_score":"3.6"},{"CVE":"CVE-2017-5651","severity":"important","public_date":"2017-04-10T00:00:00Z","advisories":[],"bugzilla":"1441226","bugzilla_description":"CVE-2017-5651 tomcat: Incorrect handling of send file processing could result into adding Processort to the cache twice","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5651.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2017-5650","severity":"important","public_date":"2017-04-10T00:00:00Z","advisories":[],"bugzilla":"1441230","bugzilla_description":"CVE-2017-5650 tomcat: Handling of HTTP/2 GOAWAY frame for a connection did not close streams associated with that connection","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5650.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2016-8747","severity":"moderate","public_date":"2017-03-13T00:00:00Z","advisories":[],"bugzilla":"1432006","bugzilla_description":"CVE-2016-8747 tomcat: Information leak between requests on the same connection","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8747.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N","cvss3_score":"4.7"},{"CVE":"CVE-2016-8745","severity":"important","public_date":"2016-12-12T00:00:00Z","advisories":["RHSA-2017:0456","RHSA-2017:0455","RHSA-2017:0457","RHSA-2017:0935","RHSA-2017:0527"],"bugzilla":"1403824","bugzilla_description":"CVE-2016-8745 tomcat: information disclosure due to incorrect Processor sharing","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["tomcat-0:7.0.69-11.el7_3","tomcat6-0:6.0.24-105.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8745.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2016-6817","severity":"important","public_date":"2016-11-22T00:00:00Z","advisories":[],"bugzilla":"1397474","bugzilla_description":"CVE-2016-6817 tomcat: Infinite loop in HTTP/2 header parser","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6817.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2016-6816","severity":"moderate","public_date":"2016-11-22T00:00:00Z","advisories":["RHSA-2017:0247","RHSA-2017:0456","RHSA-2017:0246","RHSA-2017:0455","RHSA-2017:0457","RHSA-2017:0935","RHSA-2017:0527","RHSA-2017:0250","RHSA-2017:0245","RHSA-2017:0244"],"bugzilla":"1397484","bugzilla_description":"CVE-2016-6816 tomcat: HTTP Request smuggling vulnerability due to permitting invalid character in HTTP requests","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":"CWE-444","affected_packages":["tomcat-0:7.0.69-11.el7_3","tomcat6-0:6.0.24-105.el6_8","jboss-ec2-eap-0:7.5.13-1.Final_redhat_2.ep6.el6","jbossweb-0:7.5.20-1.Final_redhat_1.1.ep6.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6816.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2016-8735","severity":"important","public_date":"2016-11-22T00:00:00Z","advisories":["RHSA-2017:0456","RHSA-2017:0455","RHSA-2017:0457"],"bugzilla":"1397485","bugzilla_description":"CVE-2016-8735 tomcat: Remote code execution vulnerability in JmxRemoteLifecycleListener","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-502","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8735.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2016-6797","severity":"low","public_date":"2016-10-27T00:00:00Z","advisories":["RHSA-2017:0456","RHSA-2017:0455","RHSA-2017:0457","RHSA-2017:2247"],"bugzilla":"1390493","bugzilla_description":"CVE-2016-6797 tomcat: unrestricted access to global resources","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["tomcat7-0:7.0.70-16.ep7.el6","tomcat8-0:8.0.36-17.ep7.el6","tomcat-0:7.0.76-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6797.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.7"},{"CVE":"CVE-2016-6796","severity":"low","public_date":"2016-10-27T00:00:00Z","advisories":["RHSA-2017:0456","RHSA-2017:0455","RHSA-2017:0457","RHSA-2017:1549","RHSA-2017:1548","RHSA-2017:1550","RHSA-2017:1552","RHSA-2017:2247","RHSA-2017:1551"],"bugzilla":"1390515","bugzilla_description":"CVE-2016-6796 tomcat: security manager bypass via JSP Servlet config parameters","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["jboss-ec2-eap-0:7.5.16-1.Final_redhat_1.ep6.el6","jbossweb-0:7.5.23-1.Final_redhat_1.1.ep6.el7","tomcat-0:7.0.76-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6796.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"4.2"},{"CVE":"CVE-2016-6794","severity":"low","public_date":"2016-10-27T00:00:00Z","advisories":["RHSA-2017:0456","RHSA-2017:0455","RHSA-2017:0457","RHSA-2017:2247"],"bugzilla":"1390520","bugzilla_description":"CVE-2016-6794 tomcat: system property disclosure","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["tomcat7-0:7.0.70-16.ep7.el6","tomcat8-0:8.0.36-17.ep7.el6","tomcat-0:7.0.76-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6794.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.1"},{"CVE":"CVE-2016-5018","severity":"low","public_date":"2016-10-27T00:00:00Z","advisories":["RHSA-2017:0456","RHSA-2017:0455","RHSA-2017:0457","RHSA-2017:1549","RHSA-2017:1548","RHSA-2017:1550","RHSA-2017:1552","RHSA-2017:2247","RHSA-2017:1551"],"bugzilla":"1390525","bugzilla_description":"CVE-2016-5018 tomcat: security manager bypass via IntrospectHelper utility function","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["jboss-ec2-eap-0:7.5.16-1.Final_redhat_1.ep6.el6","jbossweb-0:7.5.23-1.Final_redhat_1.1.ep6.el7","tomcat-0:7.0.76-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5018.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"4.2"},{"CVE":"CVE-2016-0762","severity":"low","public_date":"2016-10-27T00:00:00Z","advisories":["RHSA-2017:0456","RHSA-2017:0455","RHSA-2017:0457","RHSA-2017:2247"],"bugzilla":"1390526","bugzilla_description":"CVE-2016-0762 tomcat: timing attack in Realm implementation","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["tomcat7-0:7.0.70-16.ep7.el6","tomcat8-0:8.0.36-17.ep7.el6","tomcat-0:7.0.76-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0762.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.7"},{"CVE":"CVE-2016-5425","severity":"important","public_date":"2016-10-10T00:00:00Z","advisories":["RHSA-2016:2046"],"bugzilla":"1362545","bugzilla_description":"CVE-2016-5425 tomcat: Local privilege escalation via systemd-tmpfiles service","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":"CWE-284","affected_packages":["tomcat-0:7.0.54-8.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5425.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-6325","severity":"important","public_date":"2016-10-10T00:00:00Z","advisories":["RHSA-2016:2046","RHSA-2017:0456","RHSA-2016:2045","RHSA-2017:0455","RHSA-2017:0457"],"bugzilla":"1367447","bugzilla_description":"CVE-2016-6325 tomcat: tomcat writable config files allow privilege escalation","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":"CWE-284","affected_packages":["tomcat-0:7.0.54-8.el7_2","tomcat6-0:6.0.24-98.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6325.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2016-1240","severity":"important","public_date":"2016-09-15T00:00:00Z","advisories":["RHSA-2017:0456","RHSA-2017:0455","RHSA-2017:0457"],"bugzilla":"1376712","bugzilla_description":"CVE-2016-1240 tomcat: unsafe chown of catalina.log in tomcat init script allows privilege escalation","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":"CWE-284","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1240.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-4993","severity":"moderate","public_date":"2016-09-08T00:00:00Z","advisories":["RHSA-2017:3458","RHSA-2016:1838","RHSA-2016:1839","RHSA-2017:3456","RHSA-2016:1840","RHSA-2016:1841","RHSA-2017:3454","RHSA-2017:3455"],"bugzilla":"1344321","bugzilla_description":"CVE-2016-4993 eap: HTTP header injection / response splitting","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":"CWE-113","affected_packages":["eap7-jboss-ec2-eap-0:7.1.0-5.GA_redhat_5.ep7.el7","eap7-jboss-ec2-eap-0:7.0.2-2.GA_redhat_1.ep7.el6","eap7-jboss-ec2-eap-0:7.1.0-5.GA_redhat_5.ep7.el6","eap7-jboss-ec2-eap-0:7.0.2-2.GA_redhat_1.ep7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4993.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","cvss3_score":"5.4"},{"CVE":"CVE-2016-5388","severity":"moderate","public_date":"2016-07-18T00:00:00Z","advisories":["RHSA-2016:2046","RHSA-2016:2045","RHSA-2016:1624","RHSA-2016:1635","RHSA-2016:1636"],"bugzilla":"1353809","bugzilla_description":"CVE-2016-5388 Tomcat: CGI sets environmental variable based on user supplied Proxy request header","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:P/A:N","CWE":"CWE-20","affected_packages":["tomcat-0:7.0.54-8.el7_2","tomcat7-0:7.0.59-51_patch_01.ep7.el7","tomcat6-0:6.0.24-98.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5388.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N","cvss3_score":"3.5"},{"CVE":"CVE-2016-3092","severity":"moderate","public_date":"2016-06-21T00:00:00Z","advisories":["RHSA-2016:2068","RHSA-2017:0456","RHSA-2017:0455","RHSA-2016:2069","RHSA-2017:0457","RHSA-2016:2808","RHSA-2016:2807","RHSA-2016:2071","RHSA-2016:2070","RHSA-2016:2072","RHSA-2016:2599"],"bugzilla":"1349468","bugzilla_description":"CVE-2016-3092 tomcat: Usage of vulnerable FileUpload package can result in denial of service","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20","affected_packages":["tomcat-0:7.0.69-10.el7","tomcat7-0:7.0.54-23_patch_05.ep6.el7","tomcat7-0:7.0.54-23_patch_05.ep6.el6","jboss-ec2-eap-0:7.5.11-1.Final_redhat_1.ep6.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3092.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2016-1000031","severity":"moderate","public_date":"2016-04-20T00:00:00Z","advisories":[],"bugzilla":"1393454","bugzilla_description":"CVE-2016-1000031 Apache Commons FileUpload: DiskFileItem file manipulation","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-502","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000031.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2015-5174","severity":"low","public_date":"2016-02-22T00:00:00Z","advisories":["RHSA-2016:2045","RHSA-2016:1432","RHSA-2015:2660","RHBA-2016:0090","RHSA-2015:2661","RHSA-2016:1433","RHSA-2016:2599","RHSA-2016:1434","RHSA-2016:1435","RHSA-2015:2659"],"bugzilla":"1265698","bugzilla_description":"CVE-2015-5174 tomcat: URL Normalization issue","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:L/Au:S/C:P/I:N/A:N","CWE":null,"affected_packages":["tomcat7-0:7.0.54-21_patch_05.ep6.el5","tomcat7-0:7.0.54-21_patch_05.ep6.el7","tomcat-0:7.0.69-10.el7","tomcat7-0:7.0.54-21_patch_05.ep6.el6","tomcat7-0:7.0.59-42_patch_01.ep7.el6","tomcat8-0:8.0.18-52_patch_01.ep7.el6","jboss-ec2-eap-0:7.5.9-2.Final_redhat_2.ep6.el6","tomcat6-0:6.0.24-98.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5174.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2015-5351","severity":"moderate","public_date":"2016-02-22T00:00:00Z","advisories":["RHSA-2016:1088","RHSA-2016:1089","RHSA-2016:2808","RHSA-2016:2807","RHSA-2016:1087","RHSA-2016:2599"],"bugzilla":"1311076","bugzilla_description":"CVE-2015-5351 tomcat: CSRF token leak","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-352","affected_packages":["tomcat-0:7.0.69-10.el7","tomcat7-0:7.0.54-23_patch_05.ep6.el7","tomcat8-0:8.0.18-61_patch_01.ep7.el7","tomcat7-0:7.0.54-23_patch_05.ep6.el6","tomcat7-0:7.0.59-50_patch_01.ep7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5351.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2016-0714","severity":"moderate","public_date":"2016-02-22T00:00:00Z","advisories":["RHSA-2016:1088","RHSA-2016:2045","RHSA-2016:1089","RHSA-2016:2808","RHSA-2016:2807","RHSA-2016:1087","RHSA-2016:2599"],"bugzilla":"1311082","bugzilla_description":"CVE-2016-0714 tomcat: Security Manager bypass via persistence mechanisms","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-290","affected_packages":["tomcat-0:7.0.69-10.el7","tomcat7-0:7.0.54-23_patch_05.ep6.el7","tomcat8-0:8.0.18-61_patch_01.ep7.el7","tomcat7-0:7.0.54-23_patch_05.ep6.el6","tomcat7-0:7.0.59-50_patch_01.ep7.el7","tomcat6-0:6.0.24-98.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0714.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2015-5346","severity":"low","public_date":"2016-02-22T00:00:00Z","advisories":["RHSA-2016:2046","RHSA-2016:1088","RHSA-2016:1089","RHSA-2016:2808","RHSA-2016:2807","RHSA-2016:1087"],"bugzilla":"1311085","bugzilla_description":"CVE-2015-5346 tomcat: Session fixation","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["tomcat-0:7.0.54-8.el7_2","tomcat7-0:7.0.54-23_patch_05.ep6.el7","tomcat8-0:8.0.18-61_patch_01.ep7.el7","tomcat7-0:7.0.54-23_patch_05.ep6.el6","tomcat7-0:7.0.59-50_patch_01.ep7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5346.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2016-0706","severity":"low","public_date":"2016-02-22T00:00:00Z","advisories":["RHSA-2016:1088","RHSA-2016:2045","RHSA-2016:1089","RHSA-2016:2808","RHSA-2016:2807","RHSA-2016:1087","RHSA-2016:2599"],"bugzilla":"1311087","bugzilla_description":"CVE-2016-0706 tomcat: security manager bypass via StatusManagerServlet","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-287","affected_packages":["tomcat-0:7.0.69-10.el7","tomcat7-0:7.0.54-23_patch_05.ep6.el7","tomcat8-0:8.0.18-61_patch_01.ep7.el7","tomcat7-0:7.0.54-23_patch_05.ep6.el6","tomcat7-0:7.0.59-50_patch_01.ep7.el7","tomcat6-0:6.0.24-98.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0706.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2015-5345","severity":"low","public_date":"2016-02-22T00:00:00Z","advisories":["RHSA-2016:1088","RHSA-2016:2045","RHSA-2016:1089","RHSA-2016:1087","RHSA-2016:2599"],"bugzilla":"1311089","bugzilla_description":"CVE-2015-5345 tomcat: directory disclosure","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-552","affected_packages":["tomcat-0:7.0.69-10.el7","tomcat8-0:8.0.18-61_patch_01.ep7.el7","tomcat7-0:7.0.59-50_patch_01.ep7.el7","tomcat6-0:6.0.24-98.el6_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5345.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2016-0763","severity":"moderate","public_date":"2016-02-22T00:00:00Z","advisories":["RHSA-2016:1088","RHSA-2016:1089","RHSA-2016:2808","RHSA-2016:2807","RHSA-2016:1087","RHSA-2016:2599"],"bugzilla":"1311093","bugzilla_description":"CVE-2016-0763 tomcat: security manager bypass via setGlobalContext()","cvss_score":4.3,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:P/I:P/A:N","CWE":"CWE-287","affected_packages":["tomcat-0:7.0.69-10.el7","tomcat7-0:7.0.54-23_patch_05.ep6.el7","tomcat8-0:8.0.18-61_patch_01.ep7.el7","tomcat7-0:7.0.54-23_patch_05.ep6.el6","tomcat7-0:7.0.59-50_patch_01.ep7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0763.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2015-7501","severity":"critical","public_date":"2015-11-06T00:00:00Z","advisories":["RHSA-2016:1773","RHSA-2016:0040","RHSA-2015:2578","RHSA-2015:2534","RHSA-2015:2556","RHSA-2015:2557","RHSA-2015:2579","RHSA-2015:2535","RHSA-2015:2514","RHSA-2015:2536","RHSA-2015:2559","RHSA-2015:2537","RHSA-2015:2538","RHSA-2015:2516","RHSA-2015:2539","RHSA-2015:2517","RHSA-2015:2670","RHSA-2015:2671","RHSA-2020:4274","RHSA-2015:2521","RHSA-2015:2522","RHSA-2015:2500","RHSA-2015:2501","RHSA-2015:2523","RHSA-2015:2502","RHSA-2015:2524","RHSA-2015:2547","RHSA-2015:2548","RHSA-2015:2560","RHSA-2015:2540","RHSA-2015:2541","RHSA-2015:2542","RHSA-2016:0118"],"bugzilla":"1279330","bugzilla_description":"CVE-2015-7501 apache-commons-collections: InvokerTransformer code execution during deserialisation","cvss_score":7.5,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","CWE":"CWE-502->CWE-284","affected_packages":["jboss-ec2-eap-0:7.5.5-3.Final_redhat_3.ep6.el6","apache-commons-collections-0:3.2.1-22.el7_2","jakarta-commons-collections-0:3.2.1-3.5.el6_7","jenkins-0:1.651.2-1.el6op","rh-maven35-apache-commons-collections4-0:4.0-7.3.el7","rh-java-common-apache-commons-collections-0:3.2.1-21.13.el7","rh-java-common-apache-commons-collections-0:3.2.1-21.13.el6","jakarta-commons-collections-0:3.2.1-5.ep5.el4","jakarta-commons-collections-0:3.2.1-5.ep5.el5","jakarta-commons-collections-0:3.2.1-5.ep5.el6","apache-commons-collections-eap6-0:3.2.1-16.redhat_5.1.ep6.el7","apache-commons-collections-eap6-0:3.2.1-16.redhat_5.1.ep6.el5","jakarta-commons-collections-0:3.2-2jpp.4","apache-commons-collections-eap6-0:3.2.1-16.redhat_5.1.ep6.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7501.json"},{"CVE":"CVE-2014-7810","severity":"moderate","public_date":"2015-05-14T00:00:00Z","advisories":["RHSA-2016:2046","RHSA-2015:1622","RHSA-2015:1621","RHSA-2016:0492"],"bugzilla":"1222573","bugzilla_description":"CVE-2014-7810 Tomcat/JbossWeb: security manager bypass via EL expressions","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["tomcat-0:7.0.54-8.el7_2","tomcat7-0:7.0.54-19_patch_04.ep6.el5","tomcat7-0:7.0.54-19_patch_04.ep6.el6","tomcat6-0:6.0.41-15_patch_04.ep6.el7","tomcat6-0:6.0.24-94.el6_7","tomcat6-0:6.0.41-15_patch_04.ep6.el6","tomcat6-0:6.0.41-15_patch_04.ep6.el5","tomcat7-0:7.0.54-20_patch_04.ep6.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7810.json"},{"CVE":"CVE-2015-0254","severity":"important","public_date":"2015-02-27T00:00:00Z","advisories":["RHSA-2016:0121","RHSA-2016:0122","RHSA-2016:1376","RHSA-2016:0123","RHSA-2016:1838","RHSA-2016:1839","RHSA-2015:1695","RHSA-2016:0124","RHSA-2016:1840","RHSA-2016:1841","RHSA-2016:0125"],"bugzilla":"1198606","bugzilla_description":"CVE-2015-0254 jakarta-taglibs-standard: XXE and RCE via XSL extension in JSTL XML tags","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["jakarta-taglibs-standard-0:1.1.1-11.7.el6_7","jboss-ec2-eap-0:7.5.6-1.Final_redhat_1.ep6.el6","eap7-jboss-ec2-eap-0:7.0.2-2.GA_redhat_1.ep7.el6","eap7-jboss-ec2-eap-0:7.0.2-2.GA_redhat_1.ep7.el7","jakarta-taglibs-standard-0:1.1.2-14.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0254.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L","cvss3_score":"7.6"},{"CVE":"CVE-2014-0227","severity":"moderate","public_date":"2015-02-09T00:00:00Z","advisories":["RHSA-2015:1009","RHSA-2015:0765","RHSA-2015:0720","RHSA-2015:0983","RHSA-2015:0235","RHSA-2015:0675","RHSA-2015:0234","RHSA-2014:1088","RHSA-2014:1021","RHSA-2014:1087","RHSA-2014:1020","RHSA-2014:1086","RHSA-2015:0091","RHSA-2014:1019","RHSA-2015:0991","RHSA-2014:1904"],"bugzilla":"1109196","bugzilla_description":"CVE-2014-0227 Tomcat/JBossWeb: request smuggling and limited DoS in ChunkedInputFilter","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-400","affected_packages":["tomcat6-0:6.0.24-83.el6_6","tomcat-0:7.0.54-2.el7_1","jbossweb-0:7.4.8-4.Final_redhat_4.1.ep6.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0227.json"},{"CVE":"CVE-2017-6056","severity":"important","public_date":"2015-02-06T00:00:00Z","advisories":["RHSA-2017:0517","RHSA-2017:0827","RHSA-2017:0826","RHSA-2017:0829","RHSA-2017:0828"],"bugzilla":"1422148","bugzilla_description":"CVE-2017-6056 tomcat: Infinite loop in the processing of https requests","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["jbossweb-0:7.5.21-2.Final_redhat_2.1.ep6.el6","jboss-ec2-eap-0:7.5.14-2.Final_redhat_2.ep6.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6056.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2013-4444","severity":"important","public_date":"2014-09-10T00:00:00Z","advisories":[],"bugzilla":"1140314","bugzilla_description":"CVE-2013-4444 tomcat: remote code execution via uploaded JSP","cvss_score":7.5,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4444.json"},{"CVE":"CVE-2014-0230","severity":"low","public_date":"2014-07-19T00:00:00Z","advisories":["RHSA-2016:0595","RHSA-2016:0596","RHSA-2015:1622","RHSA-2015:1621","RHSA-2015:2659","RHSA-2015:2660","RHSA-2015:2661","RHEA-2015:1770","RHSA-2016:0597","RHEA-2015:1771","RHSA-2016:2599","RHSA-2016:0598","RHSA-2016:0599"],"bugzilla":"1191200","bugzilla_description":"CVE-2014-0230 tomcat: non-persistent DoS attack by feeding data by aborting an upload","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-770","affected_packages":["tomcat8-0:8.0.18-25_patch_00.ep7.el6","jbossweb-0:7.5.15-1.Final_redhat_1.1.ep6.el5","jboss-ec2-eap-0:7.5.7-2.Final_redhat_3.ep6.el6","tomcat-0:7.0.69-10.el7","tomcat7-0:7.0.59-26_patch_00.ep7.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0230.json"},{"CVE":"CVE-2014-0186","severity":"important","public_date":"2014-06-10T00:00:00Z","advisories":["RHSA-2014:0686"],"bugzilla":"1089884","bugzilla_description":"CVE-2014-0186 tomcat7: RHEL-7 regression causing DoS","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["tomcat-0:7.0.42-5.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0186.json"},{"CVE":"CVE-2014-0095","severity":"moderate","public_date":"2014-05-30T00:00:00Z","advisories":[],"bugzilla":"1103804","bugzilla_description":"CVE-2014-0095 Apache Tomcat 8: Denial of service via AJP requests with content length zero","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-130->CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0095.json"},{"CVE":"CVE-2014-0075","severity":"moderate","public_date":"2014-05-27T00:00:00Z","advisories":["RHSA-2015:1009","RHSA-2015:0765","RHSA-2015:0720","RHSA-2015:0235","RHSA-2015:0675","RHSA-2015:0234","RHSA-2014:0895","RHSA-2014:0865","RHSA-2014:0843","RHSA-2014:0833","RHSA-2014:0842","RHSA-2014:1149","RHSA-2014:0836","RHSA-2014:0834","RHSA-2014:0835","RHSA-2014:0827"],"bugzilla":"1072776","bugzilla_description":"CVE-2014-0075 Tomcat/JBossWeb: Limited DoS in chunked transfer encoding input filter","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20->CWE-400","affected_packages":["jbossweb-0:7.3.2-4.Final_redhat_3.1.ep6.el5","tomcat7-0:7.0.40-14_patch_03.ep6.el5","tomcat6-0:6.0.24-72.el6_5","tomcat-0:7.0.42-6.el7_0","tomcat6-0:6.0.37-29_patch_05.ep6.el6","tomcat7-0:7.0.40-11_patch_03.ep6.el6","tomcat6-0:6.0.37-20_patch_04.ep6.el5","jbossweb-0:7.3.2-4.Final_redhat_3.1.ep6.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0075.json"},{"CVE":"CVE-2014-0096","severity":"low","public_date":"2014-05-27T00:00:00Z","advisories":["RHSA-2015:1009","RHSA-2015:0765","RHSA-2015:0720","RHSA-2015:0235","RHSA-2015:0675","RHSA-2015:0234","RHSA-2014:0895","RHSA-2014:0865","RHSA-2014:0843","RHSA-2014:0833","RHSA-2014:0842","RHSA-2014:0836","RHSA-2014:0834","RHSA-2014:0835","RHSA-2014:0827"],"bugzilla":"1088342","bugzilla_description":"CVE-2014-0096 Tomcat/JBossWeb: XXE vulnerability via user supplied XSLTs","cvss_score":2.1,"cvss_scoring_vector":"AV:N/AC:H/Au:S/C:P/I:N/A:N","CWE":"CWE-611","affected_packages":["jbossweb-0:7.3.2-4.Final_redhat_3.1.ep6.el5","tomcat7-0:7.0.40-14_patch_03.ep6.el5","tomcat6-0:6.0.24-72.el6_5","tomcat-0:7.0.42-6.el7_0","tomcat6-0:6.0.37-29_patch_05.ep6.el6","tomcat7-0:7.0.40-11_patch_03.ep6.el6","tomcat6-0:6.0.37-20_patch_04.ep6.el5","jbossweb-0:7.3.2-4.Final_redhat_3.1.ep6.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0096.json"},{"CVE":"CVE-2014-0099","severity":"moderate","public_date":"2014-05-27T00:00:00Z","advisories":["RHSA-2015:1009","RHSA-2015:0765","RHSA-2015:0720","RHSA-2015:0235","RHSA-2015:0675","RHSA-2015:0234","RHSA-2014:0895","RHSA-2014:0865","RHSA-2014:0843","RHSA-2014:0833","RHSA-2014:0842","RHSA-2014:1149","RHSA-2014:0836","RHSA-2014:0834","RHSA-2014:0835","RHSA-2014:0827"],"bugzilla":"1102030","bugzilla_description":"CVE-2014-0099 Tomcat/JBossWeb: Request smuggling via malicious content length header","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":"CWE-190->CWE-444","affected_packages":["jbossweb-0:7.3.2-4.Final_redhat_3.1.ep6.el5","tomcat7-0:7.0.40-14_patch_03.ep6.el5","tomcat6-0:6.0.24-72.el6_5","tomcat-0:7.0.42-6.el7_0","tomcat6-0:6.0.37-29_patch_05.ep6.el6","tomcat7-0:7.0.40-11_patch_03.ep6.el6","tomcat6-0:6.0.37-20_patch_04.ep6.el5","jbossweb-0:7.3.2-4.Final_redhat_3.1.ep6.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0099.json"},{"CVE":"CVE-2014-0119","severity":"low","public_date":"2014-05-27T00:00:00Z","advisories":["RHSA-2015:1009","RHSA-2015:0765","RHSA-2015:0720","RHSA-2015:0235","RHSA-2015:0675","RHSA-2015:0234","RHSA-2014:1034","RHSA-2014:1088","RHSA-2014:1087","RHSA-2014:1086","RHSA-2014:1038","RHSA-2014:0895","RHSA-2014:0843","RHSA-2014:0842"],"bugzilla":"1102038","bugzilla_description":"CVE-2014-0119 Tomcat/JBossWeb: XML parser hijack by malicious web application","cvss_score":2.1,"cvss_scoring_vector":"AV:N/AC:H/Au:S/C:P/I:N/A:N","CWE":"CWE-470","affected_packages":["jbossweb-0:7.3.2-4.Final_redhat_3.1.ep6.el5","tomcat6-0:6.0.24-78.el6_5","tomcat-0:7.0.42-8.el7_0","jbossweb-0:7.3.2-4.Final_redhat_3.1.ep6.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0119.json"},{"CVE":"CVE-2013-4322","severity":"moderate","public_date":"2014-02-25T00:00:00Z","advisories":["RHSA-2014:0686","RHSA-2014:0525","RHSA-2014:0429","RHSA-2014:0528","RHSA-2014:0526","RHSA-2014:0527"],"bugzilla":"1069905","bugzilla_description":"CVE-2013-4322 tomcat: incomplete fix for CVE-2012-3544","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["tomcat-0:7.0.42-5.el7_0","tomcat6-0:6.0.37-27_patch_04.ep6.el6","tomcat7-0:7.0.40-9_patch_02.ep6.el6","tomcat6-0:6.0.37-19_patch_04.ep6.el5","tomcat7-0:7.0.40-13_patch_02.ep6.el5","tomcat6-0:6.0.24-64.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4322.json"},{"CVE":"CVE-2013-4590","severity":"low","public_date":"2014-02-25T00:00:00Z","advisories":["RHSA-2014:1038","RHSA-2014:1088","RHSA-2014:1087","RHSA-2014:1086"],"bugzilla":"1069911","bugzilla_description":"CVE-2013-4590 tomcat: information disclosure via XXE when running untrusted web applications","cvss_score":1.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:N/A:N","CWE":"CWE-611","affected_packages":["tomcat6-0:6.0.24-78.el6_5","tomcat6-0:6.0.41-5_patch_02.ep6.el6","tomcat7-0:7.0.54-6_patch_02.ep6.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4590.json"},{"CVE":"CVE-2014-0033","severity":"moderate","public_date":"2014-02-25T00:00:00Z","advisories":["RHSA-2014:0525","RHSA-2014:0528"],"bugzilla":"1069919","bugzilla_description":"CVE-2014-0033 tomcat: session fixation still possible with disableURLRewriting enabled","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-384","affected_packages":["tomcat6-0:6.0.37-27_patch_04.ep6.el6","tomcat6-0:6.0.37-19_patch_04.ep6.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0033.json"},{"CVE":"CVE-2013-4286","severity":"moderate","public_date":"2014-02-25T00:00:00Z","advisories":["RHSA-2015:1009","RHSA-2014:0373","RHSA-2014:0374","RHSA-2014:0344","RHSA-2014:0686","RHSA-2014:0345","RHSA-2014:0343","RHSA-2014:0458","RHSA-2014:0525","RHSA-2014:0459","RHSA-2014:0511","RHSA-2014:0429","RHSA-2014:0528","RHSA-2014:0526","RHSA-2014:0527"],"bugzilla":"1069921","bugzilla_description":"CVE-2013-4286 tomcat: multiple content-length header poisoning flaws","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["tomcat-0:7.0.42-5.el7_0","tomcat6-0:6.0.37-27_patch_04.ep6.el6","jbossweb-0:7.3.1-1.Final_redhat_1.1.ep6.el5","tomcat7-0:7.0.40-9_patch_02.ep6.el6","tomcat6-0:6.0.37-19_patch_04.ep6.el5","tomcat7-0:7.0.40-13_patch_02.ep6.el5","tomcat6-0:6.0.24-64.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4286.json"},{"CVE":"CVE-2014-0050","severity":"moderate","public_date":"2014-02-06T00:00:00Z","advisories":["RHSA-2015:1009","RHSA-2014:0373","RHSA-2014:0252","RHSA-2014:0253","RHSA-2014:0473","RHSA-2014:0400","RHSA-2014:0452","RHSA-2014:0525","RHSA-2014:0459","RHSA-2014:0401","RHSA-2014:0429","RHSA-2014:0528","RHSA-2014:0526","RHSA-2014:0527"],"bugzilla":"1062337","bugzilla_description":"CVE-2014-0050 apache-commons-fileupload: denial of service due to too-small buffer size used by MultipartStream","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["jbossweb-0:7.3.0-2.Final_redhat_2.1.ep6.el5","jbossweb-0:7.3.0-2.Final_redhat_2.1.ep6.el6","tomcat6-0:6.0.37-27_patch_04.ep6.el6","tomcat7-0:7.0.40-9_patch_02.ep6.el6","tomcat6-0:6.0.37-19_patch_04.ep6.el5","tomcat7-0:7.0.40-13_patch_02.ep6.el5","tomcat6-0:6.0.24-64.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0050.json"},{"CVE":"CVE-2013-6357","severity":"moderate","public_date":"2013-11-04T00:00:00Z","advisories":[],"bugzilla":"1030090","bugzilla_description":"CVE-2013-6357 tomcat5: CSRF vulnerability in Manager application","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-352","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6357.json"},{"CVE":"CVE-2013-2185","severity":"important","public_date":"2013-09-03T00:00:00Z","advisories":["RHSA-2013:1193","RHSA-2013:1194","RHSA-2013:1265"],"bugzilla":"974813","bugzilla_description":"CVE-2013-2185 Tomcat/JBossWeb: Arbitrary file upload via deserialization","cvss_score":7.5,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","CWE":"CWE-626","affected_packages":["jbossweb-0:7.2.0-3.redhat_2.ep6.el6","jbossweb-0:7.2.0-3.redhat_2.ep6.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2185.json"},{"CVE":"CVE-2013-1976","severity":"important","public_date":"2013-05-28T00:00:00Z","advisories":["RHSA-2013:0869","RHSA-2013:0870","RHSA-2013:0872","RHSA-2013:0871"],"bugzilla":"927622","bugzilla_description":"CVE-2013-1976 tomcat: Improper TOMCAT_LOG management in init script (DoS, ACE)","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["tomcat7-0:7.0.30-7_patch_03.ep6.el6","tomcat6-0:6.0.35-12_patch_07.ep6.el5","tomcat5-0:5.5.33-36_patch_09.ep5.el6","tomcat6-0:6.0.24-55.el6_4","tomcat6-0:6.0.32-35_patch_09.ep5.el6","tomcat7-0:7.0.30-5_patch_03.ep6.el5","tomcat6-0:6.0.32-32_patch_09.ep5.el5","tomcat6-0:6.0.35-33_patch_07.ep6.el6","tomcat5-0:5.5.23-0jpp.40.el5_9","tomcat5-0:5.5.33-33_patch_09.ep5.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1976.json"},{"CVE":"CVE-2013-2051","severity":"low","public_date":"2013-05-28T00:00:00Z","advisories":["RHSA-2013:0869"],"bugzilla":"959047","bugzilla_description":"CVE-2013-2051 tomcat: DIGEST authentication vulnerable to replay attacks","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["tomcat6-0:6.0.24-55.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2051.json"},{"CVE":"CVE-2013-2067","severity":"moderate","public_date":"2013-05-10T00:00:00Z","advisories":["RHSA-2013:1011","RHSA-2013:0839","RHSA-2013:0834","RHSA-2013:0833","RHSA-2013:1437","RHSA-2013:0964","RHSA-2013:1012","RHSA-2013:1013"],"bugzilla":"961779","bugzilla_description":"CVE-2013-2067 tomcat: Session fixation in form authenticator","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:P/A:N","CWE":"CWE-384","affected_packages":["tomcat6-0:6.0.37-8_patch_01.ep6.el5","tomcat6-0:6.0.24-57.el6_4","tomcat7-0:7.0.40-9_patch_01.ep6.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2067.json"},{"CVE":"CVE-2012-3544","severity":"moderate","public_date":"2013-05-10T00:00:00Z","advisories":["RHSA-2013:1011","RHSA-2013:1012","RHSA-2013:1013"],"bugzilla":"961783","bugzilla_description":"CVE-2012-3544 tomcat: Limited DoS in chunked transfer encoding input filter","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["tomcat6-0:6.0.37-8_patch_01.ep6.el5","tomcat7-0:7.0.40-9_patch_01.ep6.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3544.json"},{"CVE":"CVE-2013-2071","severity":"low","public_date":"2013-05-10T00:00:00Z","advisories":["RHSA-2013:1011","RHSA-2013:1012","RHSA-2013:1013"],"bugzilla":"961803","bugzilla_description":"CVE-2013-2071 tomcat: Information disclosure in asynchronous context when using AsyncListeners that threw RuntimeExceptions","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["tomcat6-0:6.0.37-8_patch_01.ep6.el5","tomcat7-0:7.0.40-9_patch_01.ep6.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2071.json"},{"CVE":"CVE-2012-3546","severity":"important","public_date":"2012-12-04T00:00:00Z","advisories":["RHSA-2013:0195","RHSA-2013:0151","RHSA-2013:0162","RHSA-2013:0194","RHSA-2013:0197","RHSA-2013:0164","RHSA-2013:0196","RHSA-2013:0163","RHSA-2013:0191","RHSA-2013:0193","RHSA-2013:0192","RHSA-2013:0005","RHSA-2013:0147","RHSA-2013:0158","RHSA-2013:0235","RHSA-2013:0642","RHSA-2013:0004","RHSA-2013:0623","RHSA-2013:0221","RHSA-2013:0198","RHSA-2013:0146","RHSA-2013:0641","RHSA-2013:0157","RHSA-2013:0640"],"bugzilla":"883634","bugzilla_description":"CVE-2012-3546 Tomcat/JBoss Web: Bypass of security constraints","cvss_score":5.5,"cvss_scoring_vector":"AV:N/AC:L/Au:S/C:P/I:P/A:N","CWE":null,"affected_packages":["tomcat5-0:5.5.33-31_patch_08.ep5.el5","tomcat5-0:5.5.23-0jpp.38.el5_9","jbossas-0:4.3.0-11.GA_CP10_patch_02.2.ep1.el5","tomcat6-0:6.0.35-6_patch_02.ep6.el5","tomcat6-0:6.0.32-28_patch_08.ep5.el5","jbossas-0:4.3.0-11.GA_CP10_patch_02.1.ep1.el4","tomcat5-0:5.5.33-34_patch_08.ep5.el6","jbossweb-0:7.0.17-3.Final_redhat_2.ep6.el6","jbossweb-0:7.0.17-3.Final_redhat_2.ep6.el5","tomcat6-0:6.0.32-31_patch_08.ep5.el6","tomcat6-0:6.0.24-52.el6_4","tomcat6-0:6.0.35-25_patch_01.ep6.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3546.json"},{"CVE":"CVE-2012-4431","severity":"moderate","public_date":"2012-12-04T00:00:00Z","advisories":["RHSA-2013:0647","RHSA-2013:0648","RHSA-2013:0665","RHSA-2013:0268","RHSA-2013:1437","RHSA-2013:1853","RHSA-2013:0265","RHSA-2013:0267","RHSA-2013:0266"],"bugzilla":"883636","bugzilla_description":"CVE-2012-4431 Tomcat/JBoss Web - Bypass of CSRF prevention filter","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-352","affected_packages":["tomcat7-0:7.0.30-3_patch_02.ep6.el5","jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5","jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6","tomcat6-0:6.0.35-6_patch_06.ep6.el5","tomcat7-0:7.0.30-5_patch_02.ep6.el6","tomcat6-0:6.0.35-29_patch_06.ep6.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4431.json"},{"CVE":"CVE-2012-4534","severity":"moderate","public_date":"2012-12-04T00:00:00Z","advisories":["RHSA-2013:0623","RHSA-2013:0265","RHSA-2013:0266"],"bugzilla":"883637","bugzilla_description":"CVE-2012-4534 Tomcat - Denial Of Service when using NIO+SSL+sendfile","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["tomcat6-0:6.0.35-6_patch_06.ep6.el5","tomcat6-0:6.0.35-29_patch_06.ep6.el6","tomcat6-0:6.0.24-52.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4534.json"},{"CVE":"CVE-2012-5885","severity":"moderate","public_date":"2012-11-05T00:00:00Z","advisories":["RHSA-2013:0629","RHSA-2013:0647","RHSA-2013:0726","RHSA-2013:0648","RHSA-2013:0665","RHSA-2013:0632","RHSA-2013:0631","RHSA-2013:0623","RHSA-2013:1006","RHSA-2013:0633","RHSA-2013:0265","RHSA-2013:0640","RHSA-2013:0266"],"bugzilla":"873664","bugzilla_description":"CVE-2012-5885 CVE-2012-5886 CVE-2012-5887 tomcat: three DIGEST authentication implementation issues","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5","tomcat5-0:5.5.23-0jpp.38.el5_9","jbossweb-0:2.1.13-3_patch_02.ep5.el4","jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6","jbossweb-0:2.1.13-3_patch_02.ep5.el5","tomcat6-0:6.0.35-6_patch_06.ep6.el5","jbossweb-0:2.1.13-4_patch_02.ep5.el6","tomcat6-0:6.0.35-29_patch_06.ep6.el6","tomcat6-0:6.0.24-52.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5885.json"},{"CVE":"CVE-2012-5886","severity":"moderate","public_date":"2012-11-05T00:00:00Z","advisories":["RHSA-2013:0629","RHSA-2013:0647","RHSA-2013:0726","RHSA-2013:0648","RHSA-2013:0665","RHSA-2013:0632","RHSA-2013:0631","RHSA-2013:0623","RHSA-2013:1006","RHSA-2013:0633","RHSA-2013:0265","RHSA-2013:0640","RHSA-2013:0266"],"bugzilla":"873664","bugzilla_description":"CVE-2012-5885 CVE-2012-5886 CVE-2012-5887 tomcat: three DIGEST authentication implementation issues","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5","tomcat5-0:5.5.23-0jpp.38.el5_9","jbossweb-0:2.1.13-3_patch_02.ep5.el4","jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6","jbossweb-0:2.1.13-3_patch_02.ep5.el5","tomcat6-0:6.0.35-6_patch_06.ep6.el5","jbossweb-0:2.1.13-4_patch_02.ep5.el6","tomcat6-0:6.0.35-29_patch_06.ep6.el6","tomcat6-0:6.0.24-52.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5886.json"},{"CVE":"CVE-2012-5887","severity":"moderate","public_date":"2012-11-05T00:00:00Z","advisories":["RHSA-2013:0629","RHSA-2013:0647","RHSA-2013:0726","RHSA-2013:0648","RHSA-2013:0665","RHSA-2013:0632","RHSA-2013:0631","RHSA-2013:0623","RHSA-2013:1006","RHSA-2013:0633","RHSA-2013:0265","RHSA-2013:0640","RHSA-2013:0266"],"bugzilla":"873664","bugzilla_description":"CVE-2012-5885 CVE-2012-5886 CVE-2012-5887 tomcat: three DIGEST authentication implementation issues","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el5","tomcat5-0:5.5.23-0jpp.38.el5_9","jbossweb-0:2.1.13-3_patch_02.ep5.el4","jbossweb-0:7.0.17-4.Final_redhat_3.ep6.el6","jbossweb-0:2.1.13-3_patch_02.ep5.el5","tomcat6-0:6.0.35-6_patch_06.ep6.el5","jbossweb-0:2.1.13-4_patch_02.ep5.el6","tomcat6-0:6.0.35-29_patch_06.ep6.el6","tomcat6-0:6.0.24-52.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5887.json"},{"CVE":"CVE-2012-2733","severity":"moderate","public_date":"2012-11-05T00:00:00Z","advisories":["RHSA-2013:0265","RHSA-2013:0266"],"bugzilla":"873695","bugzilla_description":"CVE-2012-2733 tomcat: HTTP NIO connector OOM DoS via a request with large headers","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["tomcat6-0:6.0.35-6_patch_06.ep6.el5","tomcat6-0:6.0.35-29_patch_06.ep6.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2733.json"},{"CVE":"CVE-2012-4529","severity":"low","public_date":"2012-10-10T00:00:00Z","advisories":["RHSA-2013:0839","RHSA-2013:0834","RHSA-2013:0833","RHSA-2013:1437"],"bugzilla":"868202","bugzilla_description":"CVE-2012-4529 JBoss Web: jsessionid exposed via encoded url when using cookie based session tracking","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4529.json"},{"CVE":"CVE-2011-4610","severity":"important","public_date":"2012-01-31T00:00:00Z","advisories":["RHSA-2012:0074","RHSA-2012:0075","RHSA-2012:0076","RHSA-2012:0077","RHSA-2012:0078","RHSA-2012:0325"],"bugzilla":"767871","bugzilla_description":"CVE-2011-4610 JBoss Web remote denial of service when surrogate pair character is placed at buffer boundary","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["jbossweb-0:2.1.12-3_patch_03.2.ep5.el5","jbossweb-0:2.1.12-3_patch_03.2.ep5.el6","jbossweb-0:2.1.12-3_patch_03.2.ep5.el4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4610.json"},{"CVE":"CVE-2011-3375","severity":"moderate","public_date":"2012-01-17T00:00:00Z","advisories":["RHSA-2012:0682","RHSA-2012:0681"],"bugzilla":"782624","bugzilla_description":"CVE-2011-3375 tomcat: information disclosure due to improper response and request object recycling","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["tomcat6-0:6.0.32-24_patch_07.ep5.el6","tomcat6-0:6.0.32-24_patch_07.ep5.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3375.json"},{"CVE":"CVE-2012-0022","severity":"moderate","public_date":"2012-01-17T00:00:00Z","advisories":["RHSA-2012:0679","RHSA-2012:0076","RHSA-2012:0682","RHSA-2012:1331","RHSA-2012:0077","RHSA-2012:0681","RHSA-2012:0078","RHSA-2012:0474","RHSA-2012:0475","RHSA-2012:0345","RHSA-2012:0325","RHSA-2012:0074","RHSA-2012:0680","RHSA-2012:0075"],"bugzilla":"783359","bugzilla_description":"CVE-2012-0022 tomcat: large number of parameters DoS","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["tomcat5-0:5.5.33-27_patch_07.ep5.el5","tomcat6-0:6.0.24-36.el6_2","jbossweb-0:2.1.12-3_patch_03.2.ep5.el5","jbossweb-0:2.1.12-3_patch_03.2.ep5.el6","tomcat6-0:6.0.32-24_patch_07.ep5.el6","jbossweb-0:2.1.12-3_patch_03.2.ep5.el4","tomcat5-0:5.5.23-0jpp.31.el5_8","tomcat6-0:6.0.32-24_patch_07.ep5.el5","tomcat5-0:5.5.33-28_patch_07.ep5.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0022.json"},{"CVE":"CVE-2011-4084","severity":"moderate","public_date":"2011-12-28T00:00:00Z","advisories":[],"bugzilla":"750521","bugzilla_description":"CVE-2011-4858 tomcat: hash table collisions CPU usage DoS (oCERT-2011-003)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4084.json"},{"CVE":"CVE-2011-4858","severity":"moderate","public_date":"2011-12-28T00:00:00Z","advisories":["RHSA-2012:0679","RHSA-2012:0406","RHSA-2012:0076","RHSA-2012:0682","RHSA-2012:0077","RHSA-2012:0681","RHSA-2012:0078","RHSA-2012:0474","RHSA-2012:0089","RHSA-2012:0475","RHSA-2012:0325","RHSA-2012:0091","RHSA-2012:0041","RHSA-2012:0074","RHSA-2012:0680","RHSA-2012:0075"],"bugzilla":"750521","bugzilla_description":"CVE-2011-4858 tomcat: hash table collisions CPU usage DoS (oCERT-2011-003)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["tomcat5-0:5.5.33-27_patch_07.ep5.el5","tomcat6-0:6.0.24-36.el6_2","jbossweb-0:2.1.12-3_patch_03.2.ep5.el5","jbossweb-0:2.1.12-3_patch_03.2.ep5.el6","tomcat6-0:6.0.32-24_patch_07.ep5.el6","jbossweb-0:2.1.12-3_patch_03.2.ep5.el4","tomcat5-0:5.5.23-0jpp.31.el5_8","tomcat6-0:6.0.32-24_patch_07.ep5.el5","tomcat5-0:5.5.33-28_patch_07.ep5.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4858.json"},{"CVE":"CVE-2011-1184","severity":"moderate","public_date":"2011-09-26T00:00:00Z","advisories":["RHSA-2012:0679","RHSA-2012:0076","RHSA-2012:0682","RHSA-2012:0077","RHSA-2012:0681","RHSA-2012:0078","RHSA-2012:0325","RHSA-2012:0091","RHSA-2011:1780","RHSA-2012:0041","RHSA-2012:0074","RHSA-2012:0680","RHSA-2012:0075","RHSA-2011:1845"],"bugzilla":"741401","bugzilla_description":"CVE-2011-1184 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064 tomcat: Multiple weaknesses in HTTP DIGEST authentication","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["tomcat5-0:5.5.33-27_patch_07.ep5.el5","tomcat5-0:5.5.23-0jpp.22.el5_7","jbossweb-0:2.1.12-3_patch_03.2.ep5.el5","jbossweb-0:2.1.12-3_patch_03.2.ep5.el6","tomcat6-0:6.0.24-35.el6_1","tomcat6-0:6.0.32-24_patch_07.ep5.el6","jbossweb-0:2.1.12-3_patch_03.2.ep5.el4","tomcat6-0:6.0.32-24_patch_07.ep5.el5","tomcat5-0:5.5.33-28_patch_07.ep5.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1184.json"},{"CVE":"CVE-2011-5062","severity":"moderate","public_date":"2011-09-26T00:00:00Z","advisories":["RHSA-2012:0679","RHSA-2012:0076","RHSA-2012:0682","RHSA-2012:0077","RHSA-2012:0681","RHSA-2012:0078","RHSA-2012:0325","RHSA-2012:0091","RHSA-2011:1780","RHSA-2012:0041","RHSA-2012:0074","RHSA-2012:0680","RHSA-2012:0075","RHSA-2011:1845"],"bugzilla":"741401","bugzilla_description":"CVE-2011-1184 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064 tomcat: Multiple weaknesses in HTTP DIGEST authentication","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["tomcat5-0:5.5.33-27_patch_07.ep5.el5","tomcat5-0:5.5.23-0jpp.22.el5_7","jbossweb-0:2.1.12-3_patch_03.2.ep5.el5","jbossweb-0:2.1.12-3_patch_03.2.ep5.el6","tomcat6-0:6.0.24-35.el6_1","tomcat6-0:6.0.32-24_patch_07.ep5.el6","jbossweb-0:2.1.12-3_patch_03.2.ep5.el4","tomcat6-0:6.0.32-24_patch_07.ep5.el5","tomcat5-0:5.5.33-28_patch_07.ep5.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-5062.json"},{"CVE":"CVE-2011-5063","severity":"moderate","public_date":"2011-09-26T00:00:00Z","advisories":["RHSA-2012:0679","RHSA-2012:0076","RHSA-2012:0682","RHSA-2012:0077","RHSA-2012:0681","RHSA-2012:0078","RHSA-2012:0325","RHSA-2012:0091","RHSA-2011:1780","RHSA-2012:0041","RHSA-2012:0074","RHSA-2012:0680","RHSA-2012:0075","RHSA-2011:1845"],"bugzilla":"741401","bugzilla_description":"CVE-2011-1184 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064 tomcat: Multiple weaknesses in HTTP DIGEST authentication","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["tomcat5-0:5.5.33-27_patch_07.ep5.el5","tomcat5-0:5.5.23-0jpp.22.el5_7","jbossweb-0:2.1.12-3_patch_03.2.ep5.el5","jbossweb-0:2.1.12-3_patch_03.2.ep5.el6","tomcat6-0:6.0.24-35.el6_1","tomcat6-0:6.0.32-24_patch_07.ep5.el6","jbossweb-0:2.1.12-3_patch_03.2.ep5.el4","tomcat6-0:6.0.32-24_patch_07.ep5.el5","tomcat5-0:5.5.33-28_patch_07.ep5.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-5063.json"},{"CVE":"CVE-2011-5064","severity":"moderate","public_date":"2011-09-26T00:00:00Z","advisories":["RHSA-2012:0679","RHSA-2012:0076","RHSA-2012:0682","RHSA-2012:0077","RHSA-2012:0681","RHSA-2012:0078","RHSA-2012:0325","RHSA-2012:0091","RHSA-2011:1780","RHSA-2012:0041","RHSA-2012:0074","RHSA-2012:0680","RHSA-2012:0075","RHSA-2011:1845"],"bugzilla":"741401","bugzilla_description":"CVE-2011-1184 CVE-2011-5062 CVE-2011-5063 CVE-2011-5064 tomcat: Multiple weaknesses in HTTP DIGEST authentication","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["tomcat5-0:5.5.33-27_patch_07.ep5.el5","tomcat5-0:5.5.23-0jpp.22.el5_7","jbossweb-0:2.1.12-3_patch_03.2.ep5.el5","jbossweb-0:2.1.12-3_patch_03.2.ep5.el6","tomcat6-0:6.0.24-35.el6_1","tomcat6-0:6.0.32-24_patch_07.ep5.el6","jbossweb-0:2.1.12-3_patch_03.2.ep5.el4","tomcat6-0:6.0.32-24_patch_07.ep5.el5","tomcat5-0:5.5.33-28_patch_07.ep5.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-5064.json"},{"CVE":"CVE-2011-3190","severity":"moderate","public_date":"2011-08-20T00:00:00Z","advisories":["RHSA-2012:0679","RHSA-2011:1780","RHSA-2012:0680","RHSA-2012:0682","RHSA-2012:0681"],"bugzilla":"734868","bugzilla_description":"CVE-2011-3190 tomcat: authentication bypass and information disclosure","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["tomcat5-0:5.5.33-27_patch_07.ep5.el5","tomcat6-0:6.0.24-35.el6_1","tomcat6-0:6.0.32-24_patch_07.ep5.el6","tomcat6-0:6.0.32-24_patch_07.ep5.el5","tomcat5-0:5.5.33-28_patch_07.ep5.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3190.json"},{"CVE":"CVE-2011-2481","severity":"low","public_date":"2011-08-12T00:00:00Z","advisories":[],"bugzilla":"732820","bugzilla_description":"CVE-2011-2481 Apache Tomcat CVE-2009-0783 regression","cvss_score":1.5,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2481.json"},{"CVE":"CVE-2011-2526","severity":"low","public_date":"2011-07-13T00:00:00Z","advisories":["RHSA-2012:0679","RHSA-2012:0076","RHSA-2012:0682","RHSA-2012:0077","RHSA-2012:0681","RHSA-2012:0078","RHSA-2012:0325","RHSA-2012:0091","RHSA-2011:1780","RHSA-2012:0041","RHSA-2012:0074","RHSA-2012:0680","RHSA-2012:0075"],"bugzilla":"720948","bugzilla_description":"CVE-2011-2526 tomcat: security manager restrictions bypass","cvss_score":2.6,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:N/A:P","CWE":null,"affected_packages":["tomcat5-0:5.5.33-27_patch_07.ep5.el5","jbossweb-0:2.1.12-3_patch_03.2.ep5.el5","jbossweb-0:2.1.12-3_patch_03.2.ep5.el6","tomcat6-0:6.0.24-35.el6_1","tomcat6-0:6.0.32-24_patch_07.ep5.el6","jbossweb-0:2.1.12-3_patch_03.2.ep5.el4","tomcat6-0:6.0.32-24_patch_07.ep5.el5","tomcat5-0:5.5.33-28_patch_07.ep5.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2526.json"},{"CVE":"CVE-2011-2204","severity":"low","public_date":"2011-06-27T00:00:00Z","advisories":["RHSA-2012:0679","RHSA-2011:1780","RHSA-2012:0680","RHSA-2012:0682","RHSA-2012:0681","RHSA-2011:1845"],"bugzilla":"717013","bugzilla_description":"CVE-2011-2204 tomcat: password disclosure vulnerability","cvss_score":2.1,"cvss_scoring_vector":"AV:N/AC:H/Au:S/C:P/I:N/A:N","CWE":null,"affected_packages":["tomcat5-0:5.5.33-27_patch_07.ep5.el5","tomcat5-0:5.5.23-0jpp.22.el5_7","tomcat6-0:6.0.24-35.el6_1","tomcat6-0:6.0.32-24_patch_07.ep5.el6","tomcat6-0:6.0.32-24_patch_07.ep5.el5","tomcat5-0:5.5.33-28_patch_07.ep5.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2204.json"},{"CVE":"CVE-2011-1475","severity":"low","public_date":"2011-04-06T00:00:00Z","advisories":[],"bugzilla":"708969","bugzilla_description":"CVE-2011-1475 tomcat: Information disclosure due improper handling of HTTP pipelining","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1475.json"},{"CVE":"CVE-2011-1088","severity":"moderate","public_date":"2011-03-02T00:00:00Z","advisories":[],"bugzilla":"708955","bugzilla_description":"CVE-2011-1088 CVE-2011-1183 CVE-2011-1419 CVE-2011-1582 tomcat: various flaws due not following ServletSecurity annotations","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1088.json"},{"CVE":"CVE-2011-1183","severity":"moderate","public_date":"2011-03-02T00:00:00Z","advisories":[],"bugzilla":"708955","bugzilla_description":"CVE-2011-1088 CVE-2011-1183 CVE-2011-1419 CVE-2011-1582 tomcat: various flaws due not following ServletSecurity annotations","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1183.json"},{"CVE":"CVE-2011-1419","severity":"moderate","public_date":"2011-03-02T00:00:00Z","advisories":[],"bugzilla":"708955","bugzilla_description":"CVE-2011-1088 CVE-2011-1183 CVE-2011-1419 CVE-2011-1582 tomcat: various flaws due not following ServletSecurity annotations","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1419.json"},{"CVE":"CVE-2011-1582","severity":"moderate","public_date":"2011-03-02T00:00:00Z","advisories":[],"bugzilla":"708955","bugzilla_description":"CVE-2011-1088 CVE-2011-1183 CVE-2011-1419 CVE-2011-1582 tomcat: various flaws due not following ServletSecurity annotations","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1582.json"},{"CVE":"CVE-2010-3718","severity":"moderate","public_date":"2011-02-05T00:00:00Z","advisories":["RHSA-2011:0896","RHSA-2011:0791","RHSA-2011:0897","RHSA-2011:1845"],"bugzilla":"675792","bugzilla_description":"CVE-2010-3718 tomcat: file permission bypass flaw","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["tomcat6-0:6.0.24-33.el6","tomcat5-0:5.5.23-0jpp.22.el5_7","tomcat5-0:5.5.33-14_patch_04.ep5.el4","tomcat5-0:5.5.33-16_patch_04.ep5.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3718.json"},{"CVE":"CVE-2010-4476","severity":"moderate","public_date":"2011-02-01T00:00:00Z","advisories":["RHSA-2011:0291","RHSA-2011:0292","RHSA-2011:0282","RHSA-2011:0290","RHSA-2011:0211","RHSA-2011:0299","RHSA-2011:0212","RHSA-2011:0333","RHSA-2011:0334","RHSA-2011:0213","RHSA-2011:0214","RHSA-2011:0335","RHSA-2011:0350","RHSA-2011:0880","RHSA-2011:0210","RHSA-2011:0336","RHSA-2011:0348","RHSA-2011:0349"],"bugzilla":"674336","bugzilla_description":"CVE-2010-4476 JDK Double.parseDouble Denial-Of-Service","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.6.0-openjdk-1:1.6.0.0-1.18.b17.el5","tomcat6-0:6.0.24-24.el6_0","java-1.6.0-sun-1:1.6.0.24-1jpp.1.el4","java-1.4.2-ibm-sap-0:1.4.2.13.8.sap-1jpp.2.el5","tomcat5-0:5.5.23-0jpp.17.el5_6","java-1.6.0-openjdk-1:1.6.0.0-1.36.b17.el6_0","java-1.6.0-sun-1:1.6.0.24-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.24-1jpp.1.el5","java-1.5.0-ibm-1:1.5.0.12.3-1jpp.2.el4","java-1.4.2-ibm-sap-0:1.4.2.13.8.sap-1jpp.2.el4_8","java-1.5.0-ibm-1:1.5.0.12.3-1jpp.2.el5","tomcat5-0:5.5.28-12_patch_03.ep5.el5","java-1.6.0-ibm-1:1.6.0.9.0-1jpp.4.el4","jbossweb-0:2.1.10-5.patch01.1.1.ep5.el5","java-1.6.0-ibm-1:1.6.0.9.0-1jpp.4.el5","java-1.4.2-ibm-0:1.4.2.13.8-1jpp.3.el5","java-1.6.0-ibm-1:1.6.0.9.1-1jpp.1.el5","java-1.6.0-ibm-1:1.6.0.9.0-1jpp.5.el6","java-1.5.0-ibm-1:1.5.0.12.3-1jpp.3.el6","jbossweb-0:2.0.0-8.CP15.patch01.0jpp.ep1.1.el5","jbossweb-0:2.0.0-8.CP15.patch01.0jpp.ep1.1.el4","tomcat5-0:5.5.28-18_patch_03.ep5.el4","tomcat6-0:6.0.24-11.patch_03.ep5.el5","tomcat6-0:6.0.24-11.patch_03.ep5.el4","jbossweb-0:2.1.10-5.patch01.1.ep5.el4","java-1.4.2-ibm-0:1.4.2.13.8-1jpp.4.el4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4476.json"},{"CVE":"CVE-2011-0534","severity":"moderate","public_date":"2011-01-21T00:00:00Z","advisories":["RHSA-2011:0335","RHSA-2011:0350","RHSA-2011:0348"],"bugzilla":"675338","bugzilla_description":"CVE-2011-0534 tomcat: remote DoS via NIO connector","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["tomcat6-0:6.0.24-24.el6_0","tomcat6-0:6.0.24-11.patch_03.ep5.el5","tomcat6-0:6.0.24-11.patch_03.ep5.el4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0534.json"},{"CVE":"CVE-2011-0013","severity":"moderate","public_date":"2011-01-11T00:00:00Z","advisories":["RHSA-2011:0896","RHSA-2011:0791","RHSA-2011:0897","RHSA-2011:1845"],"bugzilla":"675786","bugzilla_description":"CVE-2011-0013 tomcat: XSS vulnerability in HTML Manager interface","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-79","affected_packages":["tomcat6-0:6.0.24-33.el6","tomcat5-0:5.5.23-0jpp.22.el5_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0013.json"},{"CVE":"CVE-2010-4172","severity":"moderate","public_date":"2010-11-22T00:00:00Z","advisories":["RHSA-2011:0896","RHSA-2011:0791","RHSA-2011:0897"],"bugzilla":"656246","bugzilla_description":"CVE-2010-4172 tomcat: cross-site-scripting vulnerability in the manager application","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-79","affected_packages":["tomcat6-0:6.0.24-33.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4172.json"},{"CVE":"CVE-2010-4312","severity":"moderate","public_date":"2010-11-22T00:00:00Z","advisories":[],"bugzilla":"658267","bugzilla_description":"CVE-2010-4312 tomcat6: does not use HTTPOnly for session cookies by default","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4312.json"},{"CVE":"CVE-2009-2696","severity":"low","public_date":"2010-08-02T00:00:00Z","advisories":["RHSA-2010:0580"],"bugzilla":"616717","bugzilla_description":"CVE-2009-2696 tomcat: missing fix for CVE-2009-0781","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["tomcat5-0:5.5.23-0jpp.9.el5_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2696.json"},{"CVE":"CVE-2010-2227","severity":"important","public_date":"2010-07-08T00:00:00Z","advisories":["RHSA-2010:0584","RHSA-2010:0693","RHSA-2010:0583","RHSA-2010:0582","RHSA-2010:0581","RHSA-2010:0580"],"bugzilla":"612799","bugzilla_description":"CVE-2010-2227 tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header","cvss_score":6.4,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:P","CWE":null,"affected_packages":["jbossweb-0:2.0.0-6.CP14.0jpp.ep1.1.el4","jbossweb-0:2.0.0-6.CP14.0jpp.ep1.1.el5","tomcat5-0:5.5.23-0jpp_21rh","tomcat5-0:5.5.23-0jpp_4rh.17","tomcat5-0:5.5.23-0jpp_4rh.19","tomcat6-0:6.0.24-7.patch_01.jdk6.ep5.el5","tomcat5-0:5.5.28-9.patch_01.jdk6.ep5.el4","tomcat6-0:6.0.24-7.patch_01.jdk6.ep5.el4","tomcat5-0:5.5.28-9.patch_01.1.jdk6.ep5.el5","tomcat5-0:5.5.23-0jpp.9.el5_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2227.json"},{"CVE":"CVE-2010-1157","severity":"low","public_date":"2010-04-21T00:00:00Z","advisories":["RHSA-2011:0896","RHSA-2010:0584","RHSA-2011:0897"],"bugzilla":"585331","bugzilla_description":"CVE-2010-1157 tomcat: information disclosure in authentication headers","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["jbossweb-0:2.0.0-6.CP14.0jpp.ep1.1.el4","jbossweb-0:2.0.0-6.CP14.0jpp.ep1.1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1157.json"},{"CVE":"CVE-2009-2693","severity":"low","public_date":"2010-01-24T00:00:00Z","advisories":["RHSA-2010:0119","RHSA-2010:0693","RHSA-2010:0582","RHSA-2010:0580"],"bugzilla":"559738","bugzilla_description":"CVE-2009-2693 tomcat: unexpected file deletion and/or alteration","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["tomcat5-0:5.5.23-0jpp_4rh.17","tomcat5-0:5.5.23-0jpp_4rh.19","tomcat5-0:5.5.23-0jpp.9.el5_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2693.json"},{"CVE":"CVE-2009-2902","severity":"low","public_date":"2010-01-24T00:00:00Z","advisories":["RHSA-2010:0119","RHSA-2010:0693","RHSA-2010:0582","RHSA-2010:0580"],"bugzilla":"559761","bugzilla_description":"CVE-2009-2902 tomcat: unexpected file deletion in work directory","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["tomcat5-0:5.5.23-0jpp_4rh.17","tomcat5-0:5.5.23-0jpp_4rh.19","tomcat5-0:5.5.23-0jpp.9.el5_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2902.json"},{"CVE":"CVE-2008-5515","severity":"important","public_date":"2009-06-08T00:00:00Z","advisories":["RHSA-2009:1617","RHSA-2009:1164","RHSA-2010:0602","RHSA-2009:1506","RHSA-2009:1616","RHSA-2009:1144","RHSA-2009:1562","RHSA-2009:1143","RHSA-2009:1454","RHSA-2009:1146","RHSA-2009:1563","RHSA-2009:1145"],"bugzilla":"504753","bugzilla_description":"CVE-2008-5515 tomcat request dispatcher information disclosure vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tomcat5-0:5.5.23-0jpp.7.el5_3.2","tomcat5-0:5.5.23-0jpp_4rh.16","tomcat6-0:6.0.18-12.0.ep5.el5","tomcat5-0:5.5.23-0jpp.9.6.ep5.el5","tomcat5-0:5.0.30-0jpp_16rh","tomcat5-0:5.5.23-1.patch07.19.ep5.el4","tomcat6-0:6.0.18-11.3.ep5.el4","tomcat5-0:5.5.23-0jpp_18rh"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5515.json"},{"CVE":"CVE-2009-0783","severity":"low","public_date":"2009-06-04T00:00:00Z","advisories":["RHSA-2009:1617","RHSA-2009:1164","RHSA-2009:1506","RHSA-2009:1616","RHSA-2009:1144","RHSA-2009:1562","RHSA-2009:1143","RHSA-2009:1454","RHSA-2009:1146","RHSA-2009:1563","RHSA-2009:1145"],"bugzilla":"504153","bugzilla_description":"CVE-2009-0783 tomcat XML parser information disclosure","cvss_score":1.5,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:P/I:N/A:N","CWE":null,"affected_packages":["tomcat5-0:5.5.23-0jpp.7.el5_3.2","tomcat5-0:5.5.23-0jpp_4rh.16","tomcat6-0:6.0.18-12.0.ep5.el5","tomcat5-0:5.5.23-0jpp.9.6.ep5.el5","tomcat5-0:5.0.30-0jpp_16rh","tomcat5-0:5.5.23-1.patch07.19.ep5.el4","tomcat6-0:6.0.18-11.3.ep5.el4","tomcat5-0:5.5.23-0jpp_18rh"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0783.json"},{"CVE":"CVE-2009-0033","severity":"important","public_date":"2009-06-03T00:00:00Z","advisories":["RHSA-2009:1617","RHSA-2009:1164","RHSA-2010:0602","RHSA-2009:1506","RHSA-2009:1616","RHSA-2009:1562","RHSA-2009:1454","RHSA-2009:1563"],"bugzilla":"493381","bugzilla_description":"CVE-2009-0033 tomcat6 Denial-Of-Service with AJP connection","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["tomcat5-0:5.5.23-0jpp.7.el5_3.2","tomcat5-0:5.5.23-0jpp_4rh.16","tomcat6-0:6.0.18-12.0.ep5.el5","tomcat5-0:5.5.23-0jpp.9.6.ep5.el5","tomcat5-0:5.0.30-0jpp_16rh","tomcat5-0:5.5.23-1.patch07.19.ep5.el4","tomcat6-0:6.0.18-11.3.ep5.el4","tomcat5-0:5.5.23-0jpp_18rh"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0033.json"},{"CVE":"CVE-2009-0580","severity":"low","public_date":"2009-06-03T00:00:00Z","advisories":["RHSA-2009:1164","RHSA-2010:0602","RHSA-2009:1506","RHSA-2009:1616","RHSA-2009:1144","RHSA-2009:1562","RHSA-2009:1143","RHSA-2009:1454","RHSA-2009:1146","RHSA-2009:1563","RHSA-2009:1145"],"bugzilla":"503978","bugzilla_description":"CVE-2009-0580 tomcat6 Information disclosure in authentication classes","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["tomcat5-0:5.5.23-0jpp.7.el5_3.2","tomcat5-0:5.5.23-0jpp_4rh.16","tomcat6-0:6.0.18-12.0.ep5.el5","tomcat5-0:5.5.23-0jpp.9.6.ep5.el5","tomcat5-0:5.5.23-1.patch07.19.ep5.el4","tomcat6-0:6.0.18-11.3.ep5.el4","tomcat5-0:5.5.23-0jpp_18rh"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0580.json"},{"CVE":"CVE-2009-0781","severity":"low","public_date":"2009-03-06T00:00:00Z","advisories":["RHSA-2009:1164","RHSA-2009:1562"],"bugzilla":"489028","bugzilla_description":"CVE-2009-0781 tomcat: XSS in Apache Tomcat calendar application","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-79","affected_packages":["tomcat5-0:5.5.23-0jpp.7.el5_3.2","tomcat5-0:5.5.23-0jpp_4rh.16"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0781.json"},{"CVE":"CVE-2008-3271","severity":"low","public_date":"2008-10-09T00:00:00Z","advisories":["RHSA-2008:1007"],"bugzilla":"466875","bugzilla_description":"CVE-2008-3271 tomcat RemoteFilterValve Information disclosure","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tomcat5-0:5.0.30-0jpp_12rh"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3271.json"},{"CVE":"CVE-2008-2938","severity":"moderate","public_date":"2008-08-11T00:00:00Z","advisories":["RHSA-2008:1007","RHSA-2008:0862","RHSA-2008:0648","RHSA-2008:0877","RHSA-2008:0864"],"bugzilla":"456120","bugzilla_description":"CVE-2008-2938 tomcat Unicode directory traversal vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tomcat5-0:5.5.23-0jpp_12rh","tomcat5-0:5.5.23-0jpp.7.el5_2.1","tomcat5-0:5.5.23-0jpp_4rh.9","jbossweb-0:2.0.0-5.CP07.0jpp.ep1.1.el5","tomcat5-0:5.0.30-0jpp_12rh","jbossweb-0:2.0.0-5.CP07.0jpp.ep1.1.el4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2938.json"},{"CVE":"CVE-2008-1232","severity":"low","public_date":"2008-08-01T00:00:00Z","advisories":["RHSA-2008:1007","RHSA-2008:0862","RHSA-2010:0602","RHSA-2008:0648","RHSA-2008:0877","RHSA-2008:0864"],"bugzilla":"457597","bugzilla_description":"CVE-2008-1232 tomcat: Cross-Site-Scripting enabled by sendError call","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":["tomcat5-0:5.5.23-0jpp_12rh","tomcat5-0:5.5.23-0jpp.7.el5_2.1","tomcat5-0:5.5.23-0jpp_4rh.9","jbossweb-0:2.0.0-5.CP07.0jpp.ep1.1.el5","tomcat5-0:5.0.30-0jpp_12rh","jbossweb-0:2.0.0-5.CP07.0jpp.ep1.1.el4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1232.json"},{"CVE":"CVE-2008-2370","severity":"important","public_date":"2008-08-01T00:00:00Z","advisories":["RHSA-2008:1007","RHSA-2008:0862","RHSA-2010:0602","RHSA-2008:0648","RHSA-2008:0877","RHSA-2008:0864"],"bugzilla":"457934","bugzilla_description":"CVE-2008-2370 tomcat RequestDispatcher information disclosure vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tomcat5-0:5.5.23-0jpp_12rh","tomcat5-0:5.5.23-0jpp.7.el5_2.1","tomcat5-0:5.5.23-0jpp_4rh.9","jbossweb-0:2.0.0-5.CP07.0jpp.ep1.1.el5","tomcat5-0:5.0.30-0jpp_12rh","jbossweb-0:2.0.0-5.CP07.0jpp.ep1.1.el4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2370.json"},{"CVE":"CVE-2008-1947","severity":"low","public_date":"2008-06-02T00:00:00Z","advisories":["RHSA-2008:1007","RHSA-2008:0862","RHSA-2008:0648","RHSA-2008:0864"],"bugzilla":"446393","bugzilla_description":"CVE-2008-1947 Tomcat host manager xss - name field","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":["tomcat5-0:5.5.23-0jpp_12rh","tomcat5-0:5.5.23-0jpp.7.el5_2.1","tomcat5-0:5.5.23-0jpp_4rh.9","tomcat5-0:5.0.30-0jpp_12rh"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1947.json"},{"CVE":"CVE-2007-5333","severity":"low","public_date":"2008-02-11T00:00:00Z","advisories":["RHSA-2009:1164","RHSA-2010:0602","RHSA-2009:1616","RHSA-2009:1562","RHSA-2009:1454","RHSA-2009:1563"],"bugzilla":"427766","bugzilla_description":"CVE-2007-5333 Improve cookie parsing for tomcat5","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tomcat5-0:5.5.23-0jpp.7.el5_3.2","tomcat5-0:5.5.23-0jpp_4rh.16","tomcat5-0:5.5.23-0jpp.9.6.ep5.el5","tomcat5-0:5.5.23-1.patch07.19.ep5.el4","tomcat5-0:5.5.23-0jpp_18rh"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5333.json"},{"CVE":"CVE-2007-5342","severity":"low","public_date":"2007-12-23T00:00:00Z","advisories":["RHSA-2008:0862","RHSA-2008:0042","RHSA-2008:0195","RHSA-2008:0834","RHSA-2008:0833","RHSA-2008:0832","RHSA-2008:0831"],"bugzilla":"427216","bugzilla_description":"CVE-2007-5342 Apache Tomcat's default security policy is too open","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tomcat5-0:5.5.23-0jpp_11rh","tomcat5-0:5.5.23-0jpp_4rh.9","tomcat5-0:5.5.23-0jpp.3.0.3.el5_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5342.json"},{"CVE":"CVE-2007-5461","severity":"important","public_date":"2007-10-14T00:00:00Z","advisories":["RHSA-2008:0213","RHSA-2008:0158","RHSA-2008:0862","RHSA-2008:0630","RHSA-2010:0602","RHSA-2008:0042","RHSA-2008:0151","RHSA-2008:0195","RHSA-2008:0261","RHSA-2008:0524"],"bugzilla":"333791","bugzilla_description":"CVE-2007-5461 Absolute path traversal Apache Tomcat WEBDAV","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tomcat5-0:5.5.23-0jpp_11rh","tomcat5-0:5.5.23-0jpp_4rh.9","tomcat5-0:5.5.23-0jpp.3.0.3.el5_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5461.json"},{"CVE":"CVE-2007-3382","severity":"low","public_date":"2007-08-14T00:00:00Z","advisories":["RHSA-2010:0602","RHSA-2007:0950","RHSA-2007:0871","RHSA-2007:1069","RHSA-2008:0195","RHSA-2008:0261","RHSA-2007:0876","RHSA-2008:0524"],"bugzilla":"247972","bugzilla_description":"CVE-2007-3382 tomcat handling of cookies","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tomcat5-0:5.5.23-0jpp_11rh","tomcat5-0:5.5.23-0jpp.3.0.2.el5","tomcat5-0:5.5.23-0jpp_4rh.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3382.json"},{"CVE":"CVE-2007-3385","severity":"low","public_date":"2007-08-14T00:00:00Z","advisories":["RHSA-2010:0602","RHSA-2007:0950","RHSA-2007:0871","RHSA-2007:1069","RHSA-2008:0195","RHSA-2008:0261","RHSA-2007:0876","RHSA-2008:0524"],"bugzilla":"247976","bugzilla_description":"CVE-2007-3385 tomcat handling of cookie values","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tomcat5-0:5.5.23-0jpp_11rh","tomcat5-0:5.5.23-0jpp.3.0.2.el5","tomcat5-0:5.5.23-0jpp_4rh.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3385.json"},{"CVE":"CVE-2007-3386","severity":"low","public_date":"2007-08-14T00:00:00Z","advisories":["RHSA-2007:0871","RHSA-2007:0876"],"bugzilla":"247994","bugzilla_description":"CVE-2007-3386 tomcat host manager xss","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":["tomcat5-0:5.5.23-0jpp.3.0.2.el5","tomcat5-0:5.5.23-0jpp_4rh.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3386.json"},{"CVE":"CVE-2007-2449","severity":"moderate","public_date":"2007-06-13T00:00:00Z","advisories":["RHSA-2008:0630","RHSA-2008:0261","RHSA-2007:0569","RHSA-2007:0876","RHSA-2008:0524"],"bugzilla":"244804","bugzilla_description":"CVE-2007-2449 tomcat examples jsp XSS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":["tomcat5-0:5.5.23-0jpp.1.0.4.el5","tomcat5-0:5.5.23-0jpp_4rh.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2449.json"},{"CVE":"CVE-2007-2450","severity":"low","public_date":"2007-06-13T00:00:00Z","advisories":["RHSA-2008:0261","RHSA-2007:0569","RHSA-2007:0876","RHSA-2008:0524"],"bugzilla":"244808","bugzilla_description":"CVE-2007-2450 tomcat host manager XSS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":["tomcat5-0:5.5.23-0jpp.1.0.4.el5","tomcat5-0:5.5.23-0jpp_4rh.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2450.json"},{"CVE":"CVE-2007-1358","severity":"low","public_date":"2007-06-06T00:00:00Z","advisories":["RHSA-2008:0630","RHSA-2007:0360","RHSA-2010:0602","RHSA-2008:0261","RHSA-2007:0326","RHSA-2007:0327","RHSA-2007:0876","RHSA-2007:0328","RHSA-2008:0524"],"bugzilla":"244803","bugzilla_description":"CVE-2007-1358 tomcat accept-language xss flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":["tomcat5-0:5.5.23-0jpp_4rh.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1358.json"},{"CVE":"CVE-2006-7196","severity":"moderate","public_date":"2007-04-26T00:00:00Z","advisories":["RHSA-2007:0340","RHSA-2008:0261","RHSA-2007:0326","RHSA-2008:0524"],"bugzilla":"238131","bugzilla_description":"CVE-2006-7196 tomcat XSS in example webapps","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":["tomcat5-0:5.0.30-0jpp_5rh"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-7196.json"},{"CVE":"CVE-2006-7195","severity":"moderate","public_date":"2007-04-19T00:00:00Z","advisories":["RHSA-2007:0340","RHSA-2008:0261","RHSA-2007:0326","RHSA-2007:0327","RHSA-2007:0328","RHSA-2008:0524"],"bugzilla":"237081","bugzilla_description":"CVE-2006-7195 tomcat XSS in example webapps","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":["tomcat5-0:5.0.30-0jpp_5rh"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-7195.json"},{"CVE":"CVE-2007-1858","severity":"moderate","public_date":"2007-04-19T00:00:00Z","advisories":["RHSA-2007:0340","RHSA-2007:1069","RHSA-2007:0326"],"bugzilla":"237083","bugzilla_description":"CVE-2007-1858 tomcat anonymous cipher issue","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tomcat5-0:5.0.30-0jpp_5rh"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1858.json"},{"CVE":"CVE-2007-0450","severity":"important","public_date":"2007-03-14T00:00:00Z","advisories":["RHSA-2007:0340","RHSA-2007:0360","RHSA-2010:0602","RHSA-2007:1069","RHSA-2008:0261","RHSA-2007:0326","RHSA-2007:0327","RHSA-2007:0328","RHSA-2008:0524"],"bugzilla":"237080","bugzilla_description":"CVE-2007-0450 tomcat directory traversal","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tomcat5-0:5.0.30-0jpp_5rh"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0450.json"},{"CVE":"CVE-2006-3835","severity":"low","public_date":"2006-07-21T00:00:00Z","advisories":["RHSA-2007:0340","RHSA-2010:0602","RHSA-2007:1069","RHSA-2008:0261","RHSA-2007:0326","RHSA-2008:0524"],"bugzilla":"237084","bugzilla_description":"CVE-2006-3835 tomcat directory listing issue","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tomcat5-0:5.0.30-0jpp_5rh"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3835.json"},{"CVE":"CVE-2005-3510","severity":"moderate","public_date":"2005-11-03T00:00:00Z","advisories":["RHSA-2007:0340","RHSA-2010:0602","RHSA-2007:1069","RHSA-2008:0261","RHSA-2006:0161","RHSA-2008:0524"],"bugzilla":"237085","bugzilla_description":"CVE-2005-3510 tomcat DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tomcat5-0:5.0.30-0jpp_5rh"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3510.json"},{"CVE":"CVE-2005-2090","severity":"moderate","public_date":"2005-06-06T00:00:00Z","advisories":["RHSA-2007:0340","RHSA-2007:0360","RHSA-2010:0602","RHSA-2007:1069","RHSA-2008:0261","RHSA-2007:0326","RHSA-2007:0327","RHSA-2007:0328","RHSA-2008:0524"],"bugzilla":"237079","bugzilla_description":"CVE-2005-2090 tomcat multiple content-length header poisioning","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tomcat5-0:5.0.30-0jpp_5rh"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2090.json"},{"CVE":"CVE-2005-4838","severity":"low","public_date":"2005-01-03T00:00:00Z","advisories":["RHSA-2007:0340","RHSA-2008:0630","RHSA-2008:0261","RHSA-2008:0524"],"bugzilla":"238401","bugzilla_description":"CVE-2005-4838 tomcat manager example DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["tomcat5-0:5.0.30-0jpp_5rh"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-4838.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcatjss_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcatjss_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tomcatjss_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/totem-nautilus_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/totem-nautilus_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/totem-nautilus_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/totem-pl-parser_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/totem-pl-parser_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/totem-pl-parser_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/totem_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/totem_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/totem_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tpm-quote-tools_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tpm-quote-tools_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tpm-quote-tools_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tpm-tools_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tpm-tools_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tpm-tools_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tpm2-abrmd_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tpm2-abrmd_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tpm2-abrmd_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tpm2-tools_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tpm2-tools_security_api_results.json new file mode 100644 index 0000000..52e329c --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tpm2-tools_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2017-7524","severity":"moderate","public_date":"2017-06-21T00:00:00Z","advisories":[],"bugzilla":"1465341","bugzilla_description":"CVE-2017-7524 tpm2-tools: Sending password in plaintext for HMAC generation on server","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-522","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7524.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"5.3"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tpm2-tss-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tpm2-tss-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tpm2-tss-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tpm2-tss_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tpm2-tss_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tpm2-tss_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/trace-cmd_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/trace-cmd_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/trace-cmd_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/traceroute_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/traceroute_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/traceroute_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tracker_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tracker_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tracker_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tree_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tree_security_api_results.json new file mode 100644 index 0000000..1eed823 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tree_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-9283","severity":"important","public_date":"2020-02-21T00:00:00Z","advisories":["RHSA-2020:3369","RHSA-2020:2412","RHSA-2020:3078","RHSA-2020:2793","RHSA-2020:2790","RHSA-2020:4264","RHSA-2020:2789","RHSA-2020:2878","RHSA-2020:2413","RHSA-2020:3414","RHBA-2020:3179","RHBA-2020:3180","RHSA-2020:3809","RHSA-2020:3372","RHSA-2020:3370"],"bugzilla":"1804533","bugzilla_description":"CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-130","affected_packages":["openshift4/ose-cluster-policy-controller-rhel7:v4.3.40-202010141211.p0","openshift-clients-0:4.3.31-202007250052.p0.git.3329.59998b9.el8","openshift4/ose-oauth-proxy:v4.3.40-202010141211.p0","servicemesh-grafana-0:6.4.3-13.el8","kiali-0:v1.12.10.redhat2-1.el7","openshift4/ose-vertical-pod-autoscaler-rhel7:v4.5.0-202007012112.p0","openshift4/ose-installer:v4.3.40-202010141211.p0","openshift4/ose-cluster-capacity:v4.5.0-202007012112.p0","openshift4/ose-cloud-credential-operator:v4.4.0-202007060343.p0","servicemesh-cni-0:1.1.6-1.el8","openshift4/ose-cluster-config-operator:v4.3.40-202010141858.p0","openshift4/ose-console-operator:v4.3.40-202010141211.p0","openshift4/ose-operator-marketplace:v4.3.40-202010141211.p0","servicemesh-operator-0:1.1.6-2.el8","openshift-0:4.5.0-202007012112.p0.git.0.582d7fc.el7","openshift4/ose-cluster-autoscaler:v4.3.40-202010141211.p0","openshift4/ose-cluster-network-operator:v4.3.40-202010141211.p0","openshift4/ose-baremetal-rhel7-operator:v4.3.40-202010141211.p0","openshift4/ose-cluster-kube-descheduler-operator:v4.5.0-202007131801.p0","distributed-tracing/jaeger-query-rhel7:1.17.6-1","openshift4/ose-service-catalog:v4.3.40-202010141211.p0","distributed-tracing/jaeger-all-in-one-rhel7:1.17.6-1","distributed-tracing/jaeger-rhel7-operator:1.17.6-1","openshift4/ose-installer-artifacts:v4.3.40-202010141211.p0","openshift4/ose-kube-proxy:v4.3.40-202010141211.p0","openshift4/ose-azure-machine-controllers:v4.4.0-202006290400.p0","openshift4/ose-cluster-svcat-apiserver-operator:v4.3.40-202010141211.p0","openshift4/ose-baremetal-installer-rhel7:v4.3.40-202010141211.p0","openshift4/ose-azure-machine-controllers:v4.3.40-202010141211.p0","openshift4/ose-sdn-rhel7:v4.3.40-202010141211.p0","openshift4/ose-libvirt-machine-controllers:v4.3.40-202010141858.p0","openshift4/ose-cluster-svcat-controller-manager-operator:v4.3.40-202010141211.p0","openshift4/ose-baremetal-machine-controllers:v4.3.40-202010141211.p0","openshift4/ose-cluster-bootstrap:v4.3.40-202010141211.p0","openshift4/ose-service-ca-operator:v4.3.40-202010141211.p0","openshift4/ose-baremetal-rhel7-operator:v4.4.0-202006290400.p0","servicemesh-0:1.1.6-1.el8","servicemesh-prometheus-0:2.14.0-14.el8","openshift-service-mesh/3scale-istio-adapter-rhel8:1.0.0-8","distributed-tracing/jaeger-agent-rhel7:1.17.6-1","openshift4/ose-cluster-logging-operator:v4.5.0-202007012112.p0","openshift4/ose-cluster-authentication-operator:v4.3.40-202010141211.p0","openshift4/ose-pod:v4.3.31-202007272153.p0","openshift4/ose-descheduler:v4.4.0-202006290400.p0","openshift4/ose-local-storage-static-provisioner:v4.3.40-202010141211.p0","openshift4/ose-cluster-machine-approver:v4.4.0-202007171809.p0","openshift4/ose-descheduler:v4.5.0-202007101023.p0","openshift4/ose-cluster-machine-approver:v4.3.40-202010141858.p0","distributed-tracing/jaeger-ingester-rhel7:1.17.6-1","ior-0:1.1.6-1.el8","openshift4/ose-sriov-dp-admission-controller:v4.3.37-202009151447.p0","openshift4/ose-cluster-openshift-apiserver-operator:v4.3.40-202010141211.p0","openshift4/ose-cloud-credential-operator:v4.3.40-202010141211.p0","distributed-tracing/jaeger-collector-rhel7:1.17.6-1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9283.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-11840","severity":"moderate","public_date":"2019-03-20T00:00:00Z","advisories":["RHBA-2020:0063"],"bugzilla":"1691529","bugzilla_description":"CVE-2019-11840 golang.org/x/crypto: Keystream loop in amd64 assembly when overflowing 32-bit counter","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-330","affected_packages":["openshift-0:4.3.0-202001131753.git.0.0aee6a8.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11840.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2017-3204","severity":"moderate","public_date":"2017-03-29T00:00:00Z","advisories":[],"bugzilla":"1439748","bugzilla_description":"CVE-2017-3204 golang-googlecode-go-crypto: Go SSH library does not verify host keys by default","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3204.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"4.8"},{"CVE":"CVE-2017-2623","severity":"moderate","public_date":"2017-03-02T00:00:00Z","advisories":["RHSA-2017:0444"],"bugzilla":"1422157","bugzilla_description":"CVE-2017-2623 rpm-ostree, rpm-ostree-client: fails to check gpg package signatures when layering","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-295","affected_packages":["rpm-ostree-0:2017.1-5.atomic.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2623.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N","cvss3_score":"5.3"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/trousers_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/trousers_security_api_results.json new file mode 100644 index 0000000..25c80a3 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/trousers_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-24330","severity":"low","public_date":"2020-09-02T00:00:00Z","advisories":[],"bugzilla":"1870054","bugzilla_description":"CVE-2020-24330 trousers: fails to drop the root gid privilege when no longer needed","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-271","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24330.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2020-24332","severity":"moderate","public_date":"2020-08-13T00:00:00Z","advisories":[],"bugzilla":"1870052","bugzilla_description":"CVE-2020-24332 trousers: tss user can be used to create or corrupt existing files, this could lead to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-59->CWE-22","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24332.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2020-24331","severity":"moderate","public_date":"2020-08-13T00:00:00Z","advisories":[],"bugzilla":"1870056","bugzilla_description":"CVE-2020-24331 trousers: tss user still has read and write access to the /etc/tcsd.conf file if tcsd is started as root","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-24331.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2019-18898","severity":"low","public_date":"2019-11-25T00:00:00Z","advisories":[],"bugzilla":"1787080","bugzilla_description":"CVE-2019-18898 trousers: local privilege escalation from tss to root","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-266","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18898.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N","cvss3_score":"3.1"},{"CVE":"CVE-2012-0698","severity":"low","public_date":"2012-01-13T00:00:00Z","advisories":["RHSA-2014:1507"],"bugzilla":"781648","bugzilla_description":"CVE-2012-0698 trousers: DoS vulnerability in tcsd","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["trousers-0:0.3.13-2.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0698.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tss2_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tss2_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tss2_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ttmkfdir_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ttmkfdir_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ttmkfdir_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tuna_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tuna_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tuna_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tuned-profiles-cpu-partitioning_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tuned-profiles-cpu-partitioning_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tuned-profiles-cpu-partitioning_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tuned-utils_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tuned-utils_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tuned-utils_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tuned_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tuned_security_api_results.json new file mode 100644 index 0000000..a08c498 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tuned_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-14040","severity":"moderate","public_date":"2020-06-17T00:00:00Z","advisories":["RHSA-2020:3665","RHSA-2020:3369","RHSA-2020:3578","RHSA-2020:4214","RHSA-2020:3783","RHSA-2020:3087","RHSA-2020:3780","RHSA-2020:3372","RHSA-2020:3727"],"bugzilla":"1853652","bugzilla_description":"CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["openshift3/ose-docker-registry:v3.11.286-1","servicemesh-grafana-0:6.4.3-13.el8","distributed-tracing/jaeger-query-rhel7:1.17.5-3","kiali-0:v1.12.10.redhat2-1.el7","ior-0:1.1.6-1.el8","openshift4/ose-cluster-version-operator:v4.5.0-202008280601.p0","distributed-tracing/jaeger-ingester-rhel7:1.17.5-3","distributed-tracing/jaeger-all-in-one-rhel7:1.17.5-3","distributed-tracing/jaeger-rhel7-operator:1.17.5-3","servicemesh-0:1.1.6-1.el8","servicemesh-cni-0:1.1.6-1.el8","servicemesh-prometheus-0:2.14.0-14.el8","openshift4/ose-cluster-network-operator:v4.4.0-202009120105.p0","openshift-service-mesh/3scale-istio-adapter-rhel8:1.0.0-8","distributed-tracing/jaeger-agent-rhel7:1.17.5-3","openshift4/ose-cluster-svcat-controller-manager-operator:v4.5.0-202008280221.p0","openshift4/ose-cluster-svcat-apiserver-operator:v4.5.0-202009112201.p0","distributed-tracing/jaeger-collector-rhel7:1.17.5-3","openshift4/ose-elasticsearch-operator:v4.5.0-202008310950.p0","servicemesh-operator-0:1.1.6-2.el8","go-toolset:rhel8-8020020200817154239.02f7cb7a"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14040.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2012-6136","severity":"low","public_date":"2012-08-02T00:00:00Z","advisories":["RHBA-2013:0386"],"bugzilla":"918813","bugzilla_description":"CVE-2012-6136 tuned: insecure permissions of tuned.pid","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["tuned-0:0.2.19-11.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6136.json"},{"CVE":"CVE-2013-1820","severity":"low","public_date":"2012-02-26T00:00:00Z","advisories":[],"bugzilla":"918229","bugzilla_description":"CVE-2013-1820 tuned: insecure permissions of pmqos-static.pid","cvss_score":4.0,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1820.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/txw2_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/txw2_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/txw2_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tzdata-java_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tzdata-java_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tzdata-java_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tzdata_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tzdata_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/tzdata_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ucs-miscfixed-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ucs-miscfixed-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ucs-miscfixed-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ucx_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ucx_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ucx_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/udftools_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/udftools_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/udftools_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/udisks2-iscsi_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/udisks2-iscsi_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/udisks2-iscsi_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/udisks2-lsm_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/udisks2-lsm_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/udisks2-lsm_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/udisks2-lvm2_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/udisks2-lvm2_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/udisks2-lvm2_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/udisks2_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/udisks2_security_api_results.json new file mode 100644 index 0000000..e8af2f1 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/udisks2_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2018-17336","severity":"moderate","public_date":"2018-09-22T00:00:00Z","advisories":["RHSA-2019:2178"],"bugzilla":"1632828","bugzilla_description":"CVE-2018-17336 udisks: Format string vulnerability in udisks_log in udiskslogging.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-134","affected_packages":["udisks2-0:2.7.3-9.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17336.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2014-0004","severity":"important","public_date":"2014-03-10T00:00:00Z","advisories":["RHSA-2014:0293"],"bugzilla":"1049703","bugzilla_description":"CVE-2014-0004 udisks and udisks2: stack-based buffer overflow when handling long path names","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-121","affected_packages":["udisks-0:1.0.1-7.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0004.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unbound-libs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unbound-libs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unbound-libs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unbound_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unbound_security_api_results.json new file mode 100644 index 0000000..6caabba --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unbound_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-10772","severity":"important","public_date":"2020-06-10T00:00:00Z","advisories":["RHSA-2020:2642"],"bugzilla":"1846026","bugzilla_description":"CVE-2020-10772 unbound: incomplete fix for CVE-2020-12662 in RHEL7","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-406->CWE-400","affected_packages":["unbound-0:1.6.6-5.el7_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10772.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-12662","severity":"important","public_date":"2020-05-19T00:00:00Z","advisories":["RHSA-2020:2640","RHSA-2020:2419","RHSA-2020:2418","RHSA-2020:4181","RHSA-2020:2416","RHSA-2020:2414"],"bugzilla":"1837597","bugzilla_description":"CVE-2020-12662 unbound: amplification of an incoming query into a large number of queries directed to a target","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-406->CWE-400","affected_packages":["unbound-0:1.7.3-11.el8_2","unbound-0:1.6.6-4.el7_8","unbound-0:1.4.20-29.el6_10.1","unbound-0:1.7.3-9.el8_0","unbound-0:1.7.3-9.el8_1","unbound-0:1.6.6-2.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12662.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-12663","severity":"important","public_date":"2020-05-19T00:00:00Z","advisories":["RHSA-2020:2640","RHSA-2020:2419","RHSA-2020:2418","RHSA-2020:4181","RHSA-2020:2416","RHSA-2020:2414"],"bugzilla":"1837604","bugzilla_description":"CVE-2020-12663 unbound: infinite loop via malformed DNS answers received from upstream servers","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->CWE-835","affected_packages":["unbound-0:1.7.3-11.el8_2","unbound-0:1.6.6-4.el7_8","unbound-0:1.4.20-29.el6_10.1","unbound-0:1.7.3-9.el8_0","unbound-0:1.7.3-9.el8_1","unbound-0:1.6.6-2.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12663.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-18934","severity":"moderate","public_date":"2019-11-26T00:00:00Z","advisories":["RHSA-2020:1716"],"bugzilla":"1776762","bugzilla_description":"CVE-2019-18934 unbound: command injection with data coming from a specially crafted IPSECKEY answer","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-78","affected_packages":["unbound-0:1.7.3-10.el8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18934.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2019-16866","severity":"low","public_date":"2019-10-03T00:00:00Z","advisories":[],"bugzilla":"1767955","bugzilla_description":"CVE-2019-16866 unbound: uninitialized memory accesses leads to crash via a crafted NOTIFY query","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-822","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16866.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.3"},{"CVE":"CVE-2018-1000134","severity":"moderate","public_date":"2018-03-16T00:00:00Z","advisories":["RHSA-2018:1713"],"bugzilla":"1557531","bugzilla_description":"CVE-2018-1000134 unboundid-ldapsdk: Incorrect Access Control vulnerability in process function in SimpleBindRequest class","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":["unboundid-ldapsdk-0:4.0.5-1.el7ev"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000134.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2017-15105","severity":"moderate","public_date":"2018-01-19T00:00:00Z","advisories":[],"bugzilla":"1507049","bugzilla_description":"CVE-2017-15105 unbound: Improper validation of wildcard synthesized NSEC records","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-358","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15105.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L","cvss3_score":"5.4"},{"CVE":"CVE-2014-8602","severity":"low","public_date":"2014-12-08T00:00:00Z","advisories":["RHSA-2015:2455"],"bugzilla":"1172065","bugzilla_description":"CVE-2014-8602 unbound: specially crafted request can lead to denial of service","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":"CWE-770","affected_packages":["unbound-0:1.4.20-26.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8602.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unique3-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unique3-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unique3-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unique3_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unique3_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unique3_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unit-api_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unit-api_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unit-api_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/units_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/units_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/units_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unixODBC-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unixODBC-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unixODBC-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unixODBC_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unixODBC_security_api_results.json new file mode 100644 index 0000000..f33f902 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unixODBC_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2018-7485","severity":"moderate","public_date":"2018-02-27T00:00:00Z","advisories":["RHSA-2019:2336"],"bugzilla":"1549636","bugzilla_description":"CVE-2018-7485 unixODBC: Insecure buffer copy in SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["unixODBC-0:2.3.1-14.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7485.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H","cvss3_score":"6.8"},{"CVE":"CVE-2018-7409","severity":"moderate","public_date":"2018-01-02T00:00:00Z","advisories":["RHSA-2019:2336"],"bugzilla":"1548305","bugzilla_description":"CVE-2018-7409 unixODBC: Buffer overflow in unicode_to_ansi_copy() can lead to crash or other unspecified impact","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["unixODBC-0:2.3.1-14.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7409.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2012-2657","severity":"low","public_date":"2012-05-29T00:00:00Z","advisories":[],"bugzilla":"826262","bugzilla_description":"CVE-2012-2657 unixodbc: buffer overflow due to improper checking of FILESDN= input","cvss_score":3.3,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2657.json"},{"CVE":"CVE-2012-2658","severity":"low","public_date":"2012-05-29T00:00:00Z","advisories":[],"bugzilla":"826263","bugzilla_description":"CVE-2012-2658 unixodbc: buffer overflow due to improper checking of DRIVER= input","cvss_score":3.3,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2658.json"},{"CVE":"CVE-2011-1145","severity":"low","public_date":"2011-03-09T00:00:00Z","advisories":[],"bugzilla":"684036","bugzilla_description":"CVE-2011-1145 unixODBC: possible buffer overrun in SQLDriverConnect()","cvss_score":1.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1145.json"},{"CVE":"CVE-2009-3736","severity":"moderate","public_date":"2009-11-16T00:00:00Z","advisories":["RHSA-2009:1646","RHSA-2010:0039"],"bugzilla":"537941","bugzilla_description":"CVE-2009-3736 libtool: libltdl may load and execute code from a library in the current directory","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["libtool-0:1.5.6-5.el4_8","gcc-0:4.1.2-46.el5_4.2","libtool-0:1.4.3-7","gcc-0:3.2.3-60","gcc-0:3.4.6-11.el4_8.1","libtool-0:1.5.22-7.el5_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3736.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unoconv_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unoconv_security_api_results.json new file mode 100644 index 0000000..27d94ba --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unoconv_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2019-17400","severity":"moderate","public_date":"2019-10-21T00:00:00Z","advisories":["RHSA-2020:3944"],"bugzilla":"1765007","bugzilla_description":"CVE-2019-17400 unoconv: mishandling of pathname leads to SSRF and local file inclusion","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-602|CWE-829)","affected_packages":["unoconv-0:0.6-8.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17400.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"7.5"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unzip_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unzip_security_api_results.json new file mode 100644 index 0000000..7a4cae8 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/unzip_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2019-13232","severity":"low","public_date":"2019-07-02T00:00:00Z","advisories":["RHSA-2020:2486","RHSA-2020:1181","RHSA-2020:1787"],"bugzilla":"1727761","bugzilla_description":"CVE-2019-13232 unzip: overlapping of files in ZIP container leads to denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["unzip-0:6.0-43.el8","unzip-0:6.0-21.el7","unzip-0:6.0-20.el7_7.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13232.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2018-18384","severity":"low","public_date":"2018-09-28T00:00:00Z","advisories":["RHSA-2019:2159"],"bugzilla":"1642931","bugzilla_description":"CVE-2018-18384 unzip: Buffer overflow in list.c resulting in a denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["unzip-0:6.0-20.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18384.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-1000035","severity":"low","public_date":"2018-02-07T00:00:00Z","advisories":[],"bugzilla":"1537043","bugzilla_description":"CVE-2018-1000035 unzip: Heap-based buffer overflow in fileio.c:UzpPassword function allows code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000035.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2018-1000032","severity":"moderate","public_date":"2018-02-07T00:00:00Z","advisories":[],"bugzilla":"1537055","bugzilla_description":"CVE-2018-1000032 unzip: Heap-based buffer overflow in charset_to_intern()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000032.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2018-1000031","severity":"low","public_date":"2018-02-07T00:00:00Z","advisories":[],"bugzilla":"1537059","bugzilla_description":"CVE-2018-1000031 unzip: Heap-based out-of-bounds write in fileio.c:set_zipfn_sgmnt_name() possibly causing crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000031.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-1000033","severity":"low","public_date":"2018-02-07T00:00:00Z","advisories":[],"bugzilla":"1537062","bugzilla_description":"CVE-2018-1000033 unzip: Heap-based out-of-bounds access in extract.c:ef_scan_for_stream() possibly causing crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000033.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-1000034","severity":"low","public_date":"2018-02-07T00:00:00Z","advisories":[],"bugzilla":"1543333","bugzilla_description":"CVE-2018-1000034 unzip: Invalid access in the LZMA compression algorithm","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000034.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-9844","severity":"low","public_date":"2016-12-05T00:00:00Z","advisories":[],"bugzilla":"1401864","bugzilla_description":"CVE-2016-9844 unzip: methbuf[] buffer overflow in zipinfo's zi_short()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9844.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2015-7696","severity":"moderate","public_date":"2015-09-07T00:00:00Z","advisories":[],"bugzilla":"1260944","bugzilla_description":"CVE-2015-7696 CVE-2015-7697 unzip: Heap overflow and DoS in 6.0","cvss_score":6.0,"cvss_scoring_vector":"AV:N/AC:M/Au:S/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7696.json"},{"CVE":"CVE-2015-7697","severity":"moderate","public_date":"2015-09-07T00:00:00Z","advisories":[],"bugzilla":"1260944","bugzilla_description":"CVE-2015-7696 CVE-2015-7697 unzip: Heap overflow and DoS in 6.0","cvss_score":6.0,"cvss_scoring_vector":"AV:N/AC:M/Au:S/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7697.json"},{"CVE":"CVE-2015-1315","severity":"moderate","public_date":"2015-02-17T00:00:00Z","advisories":[],"bugzilla":"1192603","bugzilla_description":"CVE-2015-1315 unzip: charset_to_intern() buffer overflow","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1315.json"},{"CVE":"CVE-2014-8139","severity":"low","public_date":"2014-12-22T00:00:00Z","advisories":["RHSA-2015:0700"],"bugzilla":"1174844","bugzilla_description":"CVE-2014-8139 unzip: CRC32 verification heap-based buffer overread (oCERT-2014-011)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190->CWE-125","affected_packages":["unzip-0:6.0-15.ael7b","unzip-0:6.0-2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8139.json"},{"CVE":"CVE-2014-8140","severity":"low","public_date":"2014-12-22T00:00:00Z","advisories":["RHSA-2015:0700"],"bugzilla":"1174851","bugzilla_description":"CVE-2014-8140 unzip: out-of-bounds write issue in test_compr_eb() (oCERT-2014-011)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20->CWE-190->CWE-120","affected_packages":["unzip-0:6.0-15.ael7b","unzip-0:6.0-2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8140.json"},{"CVE":"CVE-2014-8141","severity":"low","public_date":"2014-12-22T00:00:00Z","advisories":["RHSA-2015:0700"],"bugzilla":"1174856","bugzilla_description":"CVE-2014-8141 unzip: getZip64Data() out-of-bounds read issues (oCERT-2014-011)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":["unzip-0:6.0-15.ael7b","unzip-0:6.0-2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8141.json"},{"CVE":"CVE-2014-9913","severity":"low","public_date":"2014-11-03T00:00:00Z","advisories":[],"bugzilla":"1401865","bugzilla_description":"CVE-2014-9913 unzip: methbuf[] buffer overflow in unzip's list_files()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9913.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2014-9636","severity":"moderate","public_date":"2014-11-02T00:00:00Z","advisories":["RHSA-2015:0700"],"bugzilla":"1184985","bugzilla_description":"CVE-2014-9636 unzip: out-of-bounds read/write in test_compr_eb() in extract.c","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-20->CWE-122","affected_packages":["unzip-0:6.0-15.ael7b","unzip-0:6.0-2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9636.json"},{"CVE":"CVE-2008-0888","severity":"moderate","public_date":"2008-03-17T00:00:00Z","advisories":["RHSA-2008:0196"],"bugzilla":"431438","bugzilla_description":"CVE-2008-0888 unzip: free() called for uninitialized or already freed pointer","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["unzip-0:5.50-36.EL3","unzip-0:5.50-31.EL2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0888.json"},{"CVE":"CVE-2005-4667","severity":"low","public_date":"2005-12-19T00:00:00Z","advisories":["RHBA-2007:0418","RHSA-2007:0203"],"bugzilla":"1617861","bugzilla_description":"CVE-2005-4667 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["unzip-0:5.50-35.EL3","unzip-0:5.51-9.EL4.5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-4667.json"},{"CVE":"CVE-2005-2475","severity":"low","public_date":"2005-08-02T00:00:00Z","advisories":["RHBA-2007:0418","RHSA-2007:0203"],"bugzilla":"1617723","bugzilla_description":"CVE-2005-2475 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["unzip-0:5.50-35.EL3","unzip-0:5.51-9.EL4.5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2475.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/uom-lib_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/uom-lib_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/uom-lib_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/uom-se_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/uom-se_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/uom-se_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/uom-systems_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/uom-systems_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/uom-systems_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/upower_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/upower_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/upower_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urlview_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urlview_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urlview_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-bookman-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-bookman-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-bookman-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-c059-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-c059-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-c059-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-d050000l-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-d050000l-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-d050000l-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-fonts-common_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-fonts-common_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-fonts-common_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-gothic-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-gothic-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-gothic-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-nimbus-mono-ps-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-nimbus-mono-ps-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-nimbus-mono-ps-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-nimbus-roman-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-nimbus-roman-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-nimbus-roman-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-nimbus-sans-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-nimbus-sans-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-nimbus-sans-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-p052-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-p052-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-p052-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-standard-symbols-ps-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-standard-symbols-ps-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-standard-symbols-ps-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-z003-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-z003-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-base35-z003-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/urw-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usb_modeswitch-data_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usb_modeswitch-data_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usb_modeswitch-data_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usb_modeswitch_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usb_modeswitch_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usb_modeswitch_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usbguard_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usbguard_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usbguard_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usbmuxd_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usbmuxd_security_api_results.json new file mode 100644 index 0000000..b31ef06 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usbmuxd_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2016-5104","severity":"low","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1339988","bugzilla_description":"CVE-2016-5104 libimobiledevice: Sockets listening on INADDR_ANY","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5104.json"},{"CVE":"CVE-2012-0065","severity":"low","public_date":"2012-01-12T00:00:00Z","advisories":[],"bugzilla":"783318","bugzilla_description":"CVE-2012-0065 usbmuxd 1.0.7 receive_packet() Buffer Overflow Vulnerability","cvss_score":4.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0065.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usbredir_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usbredir_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usbredir_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usbutils_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usbutils_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usbutils_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usermode-gtk_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usermode-gtk_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usermode-gtk_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usermode_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usermode_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usermode_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usnic-tools_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usnic-tools_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/usnic-tools_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ustr_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ustr_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ustr_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/util-linux_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/util-linux_security_api_results.json new file mode 100644 index 0000000..d16a16a --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/util-linux_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2018-7738","severity":"moderate","public_date":"2018-03-07T00:00:00Z","advisories":[],"bugzilla":"1552641","bugzilla_description":"CVE-2018-7738 util-linux: Shell command injection in unescaped bash-completed mount point names","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-78","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7738.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"6.7"},{"CVE":"CVE-2017-2616","severity":"moderate","public_date":"2017-02-22T00:00:00Z","advisories":["RHSA-2017:0654","RHSA-2017:0907"],"bugzilla":"1418710","bugzilla_description":"CVE-2017-2616 util-linux: Sending SIGKILL to other processes with root privileges via su","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-267","affected_packages":["coreutils-0:8.4-46.el6","util-linux-0:2.23.2-33.el7_3.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2616.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-5011","severity":"low","public_date":"2016-07-11T00:00:00Z","advisories":["RHSA-2016:2605"],"bugzilla":"1349741","bugzilla_description":"CVE-2016-5011 util-linux: Extended partition loop in MBR partition table leads to DOS","cvss_score":4.9,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["util-linux-0:2.23.2-33.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5011.json","cvss3_scoring_vector":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"4.6"},{"CVE":"CVE-2016-2779","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312852","bugzilla_description":"CVE-2016-2779 util-linux: runuser tty hijack via TIOCSTI ioctl","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-270","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2779.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","cvss3_score":"8.6"},{"CVE":"CVE-2015-5218","severity":"low","public_date":"2015-09-02T00:00:00Z","advisories":[],"bugzilla":"1259322","bugzilla_description":"CVE-2015-5218 colcrt: global-buffer-overflow","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5218.json"},{"CVE":"CVE-2015-5224","severity":"low","public_date":"2015-08-24T00:00:00Z","advisories":[],"bugzilla":"1256686","bugzilla_description":"CVE-2015-5224 util-linux: File name collision due to incorrect mkstemp use","cvss_score":2.6,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5224.json"},{"CVE":"CVE-2014-9114","severity":"moderate","public_date":"2014-11-26T00:00:00Z","advisories":[],"bugzilla":"1168485","bugzilla_description":"CVE-2014-9114 util-linux: command injection flaw in blkid","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-77","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9114.json"},{"CVE":"CVE-2013-0157","severity":"low","public_date":"2013-01-05T00:00:00Z","advisories":["RHSA-2013:0517"],"bugzilla":"892330","bugzilla_description":"CVE-2013-0157 util-linux: mount folder existence information disclosure","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["util-linux-ng-0:2.17.2-12.9.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0157.json"},{"CVE":"CVE-2011-1675","severity":"low","public_date":"2011-03-03T00:00:00Z","advisories":["RHSA-2012:0307","RHSA-2011:1691"],"bugzilla":"695916","bugzilla_description":"CVE-2011-1675 util-linux: mount fails to anticipate RLIMIT_FSIZE","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["util-linux-ng-0:2.17.2-12.4.el6","util-linux-0:2.13-0.59.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1675.json"},{"CVE":"CVE-2011-1676","severity":null,"public_date":"2011-03-03T00:00:00Z","advisories":[],"bugzilla":"695921","bugzilla_description":"CVE-2011-1676 util-linux: mount does not remove /etc/mtab.tmp after failed mount entry addition","cvss_score":3.3,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1676.json"},{"CVE":"CVE-2011-1677","severity":"low","public_date":"2011-03-03T00:00:00Z","advisories":["RHSA-2012:0307","RHSA-2011:1691"],"bugzilla":"695924","bugzilla_description":"CVE-2011-1677 util-linux: umount may fail to remove /etc/mtab~ lock file","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["util-linux-ng-0:2.17.2-12.4.el6","util-linux-0:2.13-0.59.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1677.json"},{"CVE":"CVE-2011-0721","severity":"moderate","public_date":"2011-02-15T00:00:00Z","advisories":[],"bugzilla":"678897","bugzilla_description":"CVE-2011-0721 shadow: Multiple CRLF injections in chfn and chsh","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0721.json"},{"CVE":"CVE-2010-3879","severity":"low","public_date":"2010-11-02T00:00:00Z","advisories":["RHSA-2011:1083"],"bugzilla":"651183","bugzilla_description":"CVE-2010-3879 CVE-2011-0541 CVE-2011-0542 CVE-2011-0543 fuse: unprivileged user can unmount arbitrary locations via symlink attack","cvss_score":2.6,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:P/A:P","CWE":null,"affected_packages":["fuse-0:2.8.3-3.el6_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3879.json"},{"CVE":"CVE-2011-0541","severity":"low","public_date":"2010-11-02T00:00:00Z","advisories":["RHSA-2011:1083"],"bugzilla":"651183","bugzilla_description":"CVE-2010-3879 CVE-2011-0541 CVE-2011-0542 CVE-2011-0543 fuse: unprivileged user can unmount arbitrary locations via symlink attack","cvss_score":2.6,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:P/A:P","CWE":null,"affected_packages":["fuse-0:2.8.3-3.el6_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0541.json"},{"CVE":"CVE-2011-0542","severity":"low","public_date":"2010-11-02T00:00:00Z","advisories":["RHSA-2011:1083"],"bugzilla":"651183","bugzilla_description":"CVE-2010-3879 CVE-2011-0541 CVE-2011-0542 CVE-2011-0543 fuse: unprivileged user can unmount arbitrary locations via symlink attack","cvss_score":2.6,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:P/A:P","CWE":null,"affected_packages":["fuse-0:2.8.3-3.el6_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0542.json"},{"CVE":"CVE-2011-0543","severity":"low","public_date":"2010-11-02T00:00:00Z","advisories":["RHSA-2011:1083"],"bugzilla":"651183","bugzilla_description":"CVE-2010-3879 CVE-2011-0541 CVE-2011-0542 CVE-2011-0543 fuse: unprivileged user can unmount arbitrary locations via symlink attack","cvss_score":2.6,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:P/A:P","CWE":null,"affected_packages":["fuse-0:2.8.3-3.el6_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0543.json"},{"CVE":"CVE-2008-1926","severity":"low","public_date":"2008-04-21T00:00:00Z","advisories":["RHBA-2009:0070","RHSA-2009:0981"],"bugzilla":"443925","bugzilla_description":"CVE-2008-1926 util-linux: audit log injection via login","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/AU:N/C:N/I:P/A:N","CWE":null,"affected_packages":["util-linux-0:2.12a-24.el4","util-linux-0:2.13-0.50.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1926.json"},{"CVE":"CVE-2007-5191","severity":"moderate","public_date":"2007-09-20T00:00:00Z","advisories":["RHSA-2007:0969"],"bugzilla":"320041","bugzilla_description":"CVE-2007-5191 util-linux (u)mount doesn't drop privileges properly when calling helpers","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["util-linux-0:2.12a-17.el4_6.1","util-linux-0:2.11y-31.24","util-linux-0:2.13-0.45.el5_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5191.json"},{"CVE":"CVE-2006-7108","severity":"low","public_date":"2006-01-09T00:00:00Z","advisories":["RHSA-2007:0235"],"bugzilla":"1618255","bugzilla_description":"CVE-2006-7108 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["util-linux-0:2.12a-16.EL4.25"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-7108.json"},{"CVE":"CVE-2005-2876","severity":"moderate","public_date":"2005-09-13T00:00:00Z","advisories":["RHSA-2005:782"],"bugzilla":"1617764","bugzilla_description":"CVE-2005-2876 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["util-linux-0:2.12a-16.EL4.12","util-linux-0:2.11y-31.11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2876.json"},{"CVE":"CVE-2001-1494","severity":"low","public_date":"2001-12-12T00:00:00Z","advisories":["RHSA-2005:782"],"bugzilla":"1616708","bugzilla_description":"CVE-2001-1494 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["util-linux-0:2.12a-16.EL4.12","util-linux-0:2.11y-31.11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2001-1494.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/uuid_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/uuid_security_api_results.json new file mode 100644 index 0000000..b449165 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/uuid_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2015-8851","severity":"moderate","public_date":"2016-03-30T00:00:00Z","advisories":["RHBA-2016:1343"],"bugzilla":"1327056","bugzilla_description":"CVE-2015-8851 nodejs-node-uuid: insecure entropy source - Math.random()","cvss_score":4.3,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:P/I:P/A:N","CWE":"CWE-331","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8851.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/uuidd_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/uuidd_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/uuidd_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/valgrind_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/valgrind_security_api_results.json new file mode 100644 index 0000000..d203409 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/valgrind_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2008-4865","severity":"low","public_date":"2008-10-27T00:00:00Z","advisories":["RHEA-2010:0272"],"bugzilla":"469657","bugzilla_description":"CVE-2008-4865 valgrind: .valgrindrc loaded from untrusted locations","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["valgrind-1:3.5.0-1.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4865.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vdo_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vdo_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vdo_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/velocity_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/velocity_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/velocity_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vemana2000-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vemana2000-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vemana2000-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vim-X11_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vim-X11_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vim-X11_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vim-common_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vim-common_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vim-common_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vim-enhanced_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vim-enhanced_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vim-enhanced_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vim-filesystem_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vim-filesystem_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vim-filesystem_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vim-minimal_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vim-minimal_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vim-minimal_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vinagre_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vinagre_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vinagre_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vino_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vino_security_api_results.json new file mode 100644 index 0000000..68201af --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vino_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-14405","severity":"moderate","public_date":"2020-06-17T00:00:00Z","advisories":[],"bugzilla":"1860325","bugzilla_description":"CVE-2020-14405 libvncserver: libvncclient/rfbproto.c does not limit TextChat size","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->CWE-770","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14405.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2020-14403","severity":"low","public_date":"2020-06-17T00:00:00Z","advisories":[],"bugzilla":"1860334","bugzilla_description":"CVE-2020-14403 libvncserver: libvncserver/hextile.c allows out-of-bounds access via encodings","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119->CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14403.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"5.4"},{"CVE":"CVE-2020-14404","severity":"low","public_date":"2020-06-17T00:00:00Z","advisories":[],"bugzilla":"1860337","bugzilla_description":"CVE-2020-14404 libvncserver: libvncserver/rre.c allows out-of-bounds access via encodings","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119->CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14404.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"5.4"},{"CVE":"CVE-2020-14396","severity":"moderate","public_date":"2020-06-17T00:00:00Z","advisories":[],"bugzilla":"1860340","bugzilla_description":"CVE-2020-14396 libvncserver: libvncclient/tls_openssl.c has a NULL pointer dereference","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14396.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-14397","severity":"moderate","public_date":"2020-06-17T00:00:00Z","advisories":[],"bugzilla":"1860344","bugzilla_description":"CVE-2020-14397 libvncserver: libvncserver/rfbregion.c has a NULL pointer dereference","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14397.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-14398","severity":"moderate","public_date":"2020-06-17T00:00:00Z","advisories":[],"bugzilla":"1860348","bugzilla_description":"CVE-2020-14398 libvncserver: an improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14398.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-14399","severity":null,"public_date":"2020-06-17T00:00:00Z","advisories":[],"bugzilla":"1860354","bugzilla_description":"CVE-2020-14399 libvncserver: byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14399.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N"},{"CVE":"CVE-2020-14400","severity":null,"public_date":"2020-06-17T00:00:00Z","advisories":[],"bugzilla":"1860361","bugzilla_description":"CVE-2020-14400 libvncserver: byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14400.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N"},{"CVE":"CVE-2020-14401","severity":"low","public_date":"2020-06-17T00:00:00Z","advisories":[],"bugzilla":"1860364","bugzilla_description":"CVE-2020-14401 libvncserver: libvncserver/scale.c has a pixel_value integer overflow","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14401.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L","cvss3_score":"6.5"},{"CVE":"CVE-2020-14402","severity":"low","public_date":"2020-06-17T00:00:00Z","advisories":[],"bugzilla":"1860367","bugzilla_description":"CVE-2020-14402 libvncserver: libvncserver/corre.c allows out-of-bounds access via encodings","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119->CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14402.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"5.4"},{"CVE":"CVE-2019-15681","severity":"low","public_date":"2019-10-30T00:00:00Z","advisories":[],"bugzilla":"1854761","bugzilla_description":"CVE-2019-15681 libvncserver: information disclosure and ASLR bypass","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15681.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2012-4429","severity":"moderate","public_date":"2012-06-20T00:00:00Z","advisories":["RHSA-2013:0169"],"bugzilla":"857250","bugzilla_description":"CVE-2012-4429 vino: information leak and authentication bypass","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["vino-0:2.28.1-8.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4429.json"},{"CVE":"CVE-2011-0904","severity":"low","public_date":"2011-05-02T00:00:00Z","advisories":["RHSA-2013:0169"],"bugzilla":"694455","bugzilla_description":"CVE-2011-0904 vino: Out of bounds read flaw by processing certain client raw encoding framebuffer update requests","cvss_score":3.5,"cvss_scoring_vector":"AV:N/AC:M/Au:S/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":["vino-0:2.28.1-8.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0904.json"},{"CVE":"CVE-2011-0905","severity":"low","public_date":"2011-05-02T00:00:00Z","advisories":["RHSA-2013:0169"],"bugzilla":"694456","bugzilla_description":"CVE-2011-0905 vino: Out of bounds read flaw by processing certain client tight encoding framebuffer update requests","cvss_score":3.5,"cvss_scoring_vector":"AV:N/AC:M/Au:S/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":["vino-0:2.28.1-8.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0905.json"},{"CVE":"CVE-2013-5745","severity":"moderate","public_date":"2010-04-21T00:00:00Z","advisories":["RHSA-2013:1452"],"bugzilla":"910082","bugzilla_description":"CVE-2013-5745 vino: denial of service flaw","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-400","affected_packages":["vino-0:2.28.1-9.el6_4","vino-0:2.13.5-10.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5745.json"},{"CVE":"CVE-2011-1165","severity":"low","public_date":"2009-09-08T00:00:00Z","advisories":["RHSA-2013:0169"],"bugzilla":"678846","bugzilla_description":"CVE-2011-1165 vino-preferences does not warn about UPnP especially with no password and no confirmation.","cvss_score":4.6,"cvss_scoring_vector":"AV:N/AC:H/Au:S/C:P/I:P/A:P","CWE":null,"affected_packages":["vino-0:2.28.1-8.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1165.json"},{"CVE":"CVE-2011-1164","severity":"low","public_date":"2009-03-17T00:00:00Z","advisories":["RHSA-2013:0169"],"bugzilla":"553477","bugzilla_description":"CVE-2011-1164 vino: vino-preferences incorrectly indicates that computer is only reachable over local network","cvss_score":4.6,"cvss_scoring_vector":"AV:N/AC:H/Au:S/C:P/I:P/A:P","CWE":null,"affected_packages":["vino-0:2.28.1-8.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1164.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-install_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-install_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-install_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-manager-common_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-manager-common_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-manager-common_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-manager_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-manager_security_api_results.json new file mode 100644 index 0000000..d70b59a --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-manager_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2019-10183","severity":"low","public_date":"2019-07-02T00:00:00Z","advisories":["RHSA-2019:3464"],"bugzilla":"1726232","bugzilla_description":"CVE-2019-10183 virt-install: unattended option leaks password via command line argument","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["virt-manager-0:2.2.1-2.el8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10183.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"2.8"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-p2v-maker_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-p2v-maker_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-p2v-maker_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-top_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-top_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-top_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-v2v_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-v2v_security_api_results.json new file mode 100644 index 0000000..26adc43 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-v2v_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2011-1773","severity":"low","public_date":"2010-01-23T00:00:00Z","advisories":["RHSA-2011:1615"],"bugzilla":"702754","bugzilla_description":"CVE-2011-1773 virt-v2v: vnc password protection is missing after vm conversion","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["virt-v2v-0:0.8.3-5.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1773.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-viewer_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-viewer_security_api_results.json new file mode 100644 index 0000000..909f978 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-viewer_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2018-9252","severity":"low","public_date":"2018-04-02T00:00:00Z","advisories":[],"bugzilla":"1565333","bugzilla_description":"CVE-2018-9252 jasper: reachable assertion in jpc_abstorelstepsize() in jpc_enc.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-617","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9252.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-9055","severity":"low","public_date":"2018-03-26T00:00:00Z","advisories":[],"bugzilla":"1561699","bugzilla_description":"CVE-2018-9055 jasper: reachable assertion in jpc_firstone() in jpc_math.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-617","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9055.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-3737","severity":"moderate","public_date":"2017-12-07T00:00:00Z","advisories":["RHSA-2018:2185","RHSA-2018:0998","RHSA-2018:2186","RHSA-2018:2187"],"bugzilla":"1523504","bugzilla_description":"CVE-2017-3737 openssl: Read/write after SSL object in error state","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-391","affected_packages":["openssl-1:1.0.2k-12.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3737.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2017-3738","severity":"low","public_date":"2017-12-07T00:00:00Z","advisories":["RHSA-2018:2185","RHSA-2018:0998","RHSA-2018:2186","RHSA-2018:2187"],"bugzilla":"1523510","bugzilla_description":"CVE-2017-3738 openssl: rsaz_1024_mul_avx2 overflow bug on x86_64","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":["openssl-1:1.0.2k-12.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3738.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2017-3736","severity":"moderate","public_date":"2017-11-02T00:00:00Z","advisories":["RHSA-2018:2185","RHSA-2018:0998","RHSA-2018:2713","RHSA-2018:2568","RHSA-2018:2575","RHSA-2018:2186","RHSA-2018:2187"],"bugzilla":"1509169","bugzilla_description":"CVE-2017-3736 openssl: bn_sqrx8x_internal carry bug on x86_64","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-682","affected_packages":["openssl-1:1.0.2k-12.el7","java-1.8.0-ibm-1:1.8.0.5.20-1jpp.1.el7","java-1.8.0-ibm-1:1.8.0.5.20-1jpp.1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3736.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2017-1000257","severity":"moderate","public_date":"2017-10-23T00:00:00Z","advisories":["RHSA-2018:3558","RHSA-2017:3263","RHSA-2018:2486"],"bugzilla":"1503705","bugzilla_description":"CVE-2017-1000257 curl: IMAP FETCH response out of bounds read","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["httpd24-curl-0:7.61.1-1.el7","httpd24-curl-0:7.61.1-1.el6","curl-0:7.29.0-42.el7_4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000257.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"4.8"},{"CVE":"CVE-2017-5130","severity":"important","public_date":"2017-10-17T00:00:00Z","advisories":["RHSA-2017:2997"],"bugzilla":"1503537","bugzilla_description":"CVE-2017-5130 chromium-browser: heap overflow in libxml2","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["chromium-browser-0:62.0.3202.62-2.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5130.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-1000256","severity":"low","public_date":"2017-10-16T00:00:00Z","advisories":[],"bugzilla":"1503658","bugzilla_description":"CVE-2017-1000256 libvirt: TLS certificate verification disabled for clients","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-295","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000256.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.0"},{"CVE":"CVE-2017-15286","severity":"low","public_date":"2017-10-12T00:00:00Z","advisories":[],"bugzilla":"1510438","bugzilla_description":"CVE-2017-15286 sqlite: NULL pointer dereference in tableColumnList","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15286.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-1000254","severity":"moderate","public_date":"2017-10-04T00:00:00Z","advisories":["RHSA-2018:3558","RHSA-2018:2486"],"bugzilla":"1495541","bugzilla_description":"CVE-2017-1000254 curl: FTP PWD response parser out of bounds read","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["httpd24-curl-0:7.61.1-1.el7","httpd24-curl-0:7.61.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000254.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2017-15232","severity":"low","public_date":"2017-09-30T00:00:00Z","advisories":[],"bugzilla":"1500678","bugzilla_description":"CVE-2017-15232 libjpeg-turbo: NULL pointer dereference in jdpostct.c and jquant1.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15232.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14229","severity":"moderate","public_date":"2017-09-11T00:00:00Z","advisories":[],"bugzilla":"1491853","bugzilla_description":"CVE-2017-14229 jasper: excessive looping in jpc_dec_tileinit()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14229.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-14132","severity":"low","public_date":"2017-09-01T00:00:00Z","advisories":[],"bugzilla":"1489304","bugzilla_description":"CVE-2017-14132 jasper: heap-based buffer over-read in jas_image_ishomosamp()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14132.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-3735","severity":"low","public_date":"2017-08-28T00:00:00Z","advisories":["RHSA-2018:3221"],"bugzilla":"1486144","bugzilla_description":"CVE-2017-3735 openssl: Malformed X.509 IPAdressFamily could cause OOB read","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["openssl-1:1.0.2k-16.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3735.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2017-13685","severity":"low","public_date":"2017-08-28T00:00:00Z","advisories":[],"bugzilla":"1488881","bugzilla_description":"CVE-2017-13685 sqlite: Local DoS via dump_callback function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13685.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-0379","severity":"moderate","public_date":"2017-08-27T00:00:00Z","advisories":[],"bugzilla":"1485921","bugzilla_description":"CVE-2017-0379 libgcrypt: Missing input validation for X25519 curve","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0379.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2017-13745","severity":"low","public_date":"2017-08-25T00:00:00Z","advisories":[],"bugzilla":"1488958","bugzilla_description":"CVE-2017-13745 jasper: reachable abort in jpc_dec_process_sot()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-617","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13745.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13746","severity":"low","public_date":"2017-08-25T00:00:00Z","advisories":[],"bugzilla":"1488959","bugzilla_description":"CVE-2017-13746 jasper: reachable assertion in jpc_dec_process_siz() - dec->numvtiles","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-617","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13746.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13747","severity":"low","public_date":"2017-08-25T00:00:00Z","advisories":[],"bugzilla":"1488960","bugzilla_description":"CVE-2017-13747 jasper: reachable assertion in jpc_floorlog2()","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13747.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13748","severity":"moderate","public_date":"2017-08-25T00:00:00Z","advisories":[],"bugzilla":"1488961","bugzilla_description":"CVE-2017-13748 jasper: tile memory not released on image parsing errors","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-772","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13748.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13749","severity":"low","public_date":"2017-08-25T00:00:00Z","advisories":[],"bugzilla":"1488962","bugzilla_description":"CVE-2017-13749 jasper: reachable assertion in jpc_pi_nextrpcl()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-617","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13749.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13750","severity":"low","public_date":"2017-08-25T00:00:00Z","advisories":[],"bugzilla":"1488963","bugzilla_description":"CVE-2017-13750 jasper: reachable assertion in jpc_dec_process_siz() - dec->numhtiles","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-617","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13750.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13751","severity":"low","public_date":"2017-08-25T00:00:00Z","advisories":[],"bugzilla":"1488964","bugzilla_description":"CVE-2017-13751 jasper: reachable assertion in calcstepsizes()","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13751.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-13752","severity":"low","public_date":"2017-08-25T00:00:00Z","advisories":[],"bugzilla":"1488965","bugzilla_description":"CVE-2017-13752 jasper: reachable assertion in jpc_dequantize()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-617","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13752.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-1000101","severity":"low","public_date":"2017-08-09T00:00:00Z","advisories":["RHSA-2018:3558"],"bugzilla":"1478309","bugzilla_description":"CVE-2017-1000101 curl: URL globbing out of bounds read","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000101.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3_score":"4.2"},{"CVE":"CVE-2017-1000100","severity":"low","public_date":"2017-08-09T00:00:00Z","advisories":["RHSA-2018:3558"],"bugzilla":"1478310","bugzilla_description":"CVE-2017-1000100 curl: TFTP sends more than buffer size","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["httpd24-curl-0:7.61.1-1.el7","httpd24-curl-0:7.61.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000100.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"4.8"},{"CVE":"CVE-2017-1000099","severity":"moderate","public_date":"2017-08-09T00:00:00Z","advisories":[],"bugzilla":"1478316","bugzilla_description":"CVE-2017-1000099 curl: FILE buffer read out of bounds","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000099.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"4.7"},{"CVE":"CVE-2017-9614","severity":"low","public_date":"2017-07-26T00:00:00Z","advisories":[],"bugzilla":"1475742","bugzilla_description":"CVE-2017-9614 libjpeg-turbo: Invalid memory access in the fill_input_buffer function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9614.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-7000","severity":"moderate","public_date":"2017-07-25T00:00:00Z","advisories":["RHSA-2017:1833"],"bugzilla":"1475207","bugzilla_description":"CVE-2017-7000 chromium-browser: pointer disclosure in sqlite","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["chromium-browser-0:60.0.3112.78-1.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7000.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2017-10989","severity":"low","public_date":"2017-07-06T00:00:00Z","advisories":[],"bugzilla":"1469672","bugzilla_description":"CVE-2017-10989 sqlite: Heap-buffer overflow in the getNodeSize function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10989.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"3.6"},{"CVE":"CVE-2017-7526","severity":"moderate","public_date":"2017-06-29T00:00:00Z","advisories":[],"bugzilla":"1466265","bugzilla_description":"CVE-2017-7526 libgcrypt: Use of left-to-right sliding window method allows full RSA key recovery","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7526.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2017-10790","severity":"low","public_date":"2017-06-22T00:00:00Z","advisories":[],"bugzilla":"1473192","bugzilla_description":"CVE-2017-10790 libtasn1: NULL pointer dereference in the _asn1_check_identifier function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10790.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-9814","severity":"low","public_date":"2017-06-21T00:00:00Z","advisories":[],"bugzilla":"1472788","bugzilla_description":"CVE-2017-9814 cairo: Out-of-bounds read due to mishandling of unexpected malloc(0) call","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9814.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-9502","severity":"moderate","public_date":"2017-06-14T00:00:00Z","advisories":[],"bugzilla":"1461321","bugzilla_description":"CVE-2017-9502 curl: URL file scheme drive letter buffer overflow","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9502.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2017-9233","severity":"moderate","public_date":"2017-06-14T00:00:00Z","advisories":[],"bugzilla":"1462729","bugzilla_description":"CVE-2017-9233 expat: Inifinite loop due to invalid XML in external entity","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9233.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2017-9782","severity":"low","public_date":"2017-06-14T00:00:00Z","advisories":[],"bugzilla":"1463993","bugzilla_description":"CVE-2017-9782 jasper: cdef.ents[] heap-based buffer over-read in jp2_decode()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9782.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-7507","severity":"moderate","public_date":"2017-06-07T00:00:00Z","advisories":["RHSA-2017:2292"],"bugzilla":"1454621","bugzilla_description":"CVE-2017-7507 gnutls: Crash upon receiving well-formed status_request extension","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["gnutls-0:3.3.26-9.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7507.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-9526","severity":"low","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1459887","bugzilla_description":"CVE-2017-9526 libgcrypt: Possible timing attack on EdDSA session key","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-385","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9526.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2017-6891","severity":"low","public_date":"2017-05-18T00:00:00Z","advisories":[],"bugzilla":"1456763","bugzilla_description":"CVE-2017-6891 libtasn1: Stack-based buffer overflow in asn1_find_node()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6891.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2017-7475","severity":"low","public_date":"2017-04-23T00:00:00Z","advisories":[],"bugzilla":"1447949","bugzilla_description":"CVE-2017-7475 cairo: NULL pointer dereference with a crafted font file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7475.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-7468","severity":"moderate","public_date":"2017-04-19T00:00:00Z","advisories":[],"bugzilla":"1443381","bugzilla_description":"CVE-2017-7468 curl: TLS session resumption client cert bypass","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-295","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7468.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"4.8"},{"CVE":"CVE-2017-7375","severity":"moderate","public_date":"2017-04-17T00:00:00Z","advisories":[],"bugzilla":"1462203","bugzilla_description":"CVE-2017-7375 libxml2: Missing validation for external entities in xmlParsePEReference","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-611","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7375.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L","cvss3_score":"6.5"},{"CVE":"CVE-2017-7376","severity":"low","public_date":"2017-04-17T00:00:00Z","advisories":[],"bugzilla":"1462216","bugzilla_description":"CVE-2017-7376 libxml2: Incorrect limit used for port values","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-682","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7376.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-0663","severity":"moderate","public_date":"2017-04-17T00:00:00Z","advisories":[],"bugzilla":"1462225","bugzilla_description":"CVE-2017-0663 libxml2: Heap buffer overflow in xmlAddID","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-0663.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2017-7869","severity":"moderate","public_date":"2017-04-14T00:00:00Z","advisories":["RHSA-2017:2292"],"bugzilla":"1443033","bugzilla_description":"CVE-2017-7869 gnutls: Out-of-bounds write related to the cdk_pkt_read function (GNUTLS-SA-2017-3)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":["gnutls-0:3.3.26-9.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7869.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2017-7407","severity":"low","public_date":"2017-04-04T00:00:00Z","advisories":["RHSA-2018:3558"],"bugzilla":"1439190","bugzilla_description":"CVE-2017-7407 curl: --write-out out of bounds read","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["httpd24-curl-0:7.61.1-1.el7","httpd24-curl-0:7.61.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7407.json","cvss3_scoring_vector":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"2.4"},{"CVE":"CVE-2017-2628","severity":"moderate","public_date":"2017-03-29T00:00:00Z","advisories":["RHSA-2017:0847"],"bugzilla":"1422464","bugzilla_description":"CVE-2017-2628 curl: negotiate not treated as connection-oriented (incomplete fix for CVE-2015-3148)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287","affected_packages":["curl-0:7.19.7-53.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2628.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"4.8"},{"CVE":"CVE-2017-8287","severity":"moderate","public_date":"2017-03-26T00:00:00Z","advisories":[],"bugzilla":"1446073","bugzilla_description":"CVE-2017-8287 freetype: heap-based buffer overflow related to the t1_builder_close_contour function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8287.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2017-8105","severity":"moderate","public_date":"2017-03-24T00:00:00Z","advisories":[],"bugzilla":"1446500","bugzilla_description":"CVE-2017-8105 freetype: heap-based buffer overflow related to the t1_decoder_parse_charstrings","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8105.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2017-7857","severity":"moderate","public_date":"2017-03-08T00:00:00Z","advisories":[],"bugzilla":"1444898","bugzilla_description":"CVE-2017-7857 freetype: heap-based buffer overflow related to the TT_Get_MM_Var function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7857.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2017-7858","severity":"moderate","public_date":"2017-03-07T00:00:00Z","advisories":[],"bugzilla":"1444904","bugzilla_description":"CVE-2017-7858 freetype: out-of-bounds write related to the TT_Get_MM_Var and sfnt_init_face functions","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7858.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2017-1000050","severity":"low","public_date":"2017-03-05T00:00:00Z","advisories":["RHSA-2018:3253"],"bugzilla":"1472888","bugzilla_description":"CVE-2017-1000050 jasper: NULL pointer exception in jp2_encode()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":["jasper-0:1.900.1-33.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000050.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-2629","severity":"moderate","public_date":"2017-02-22T00:00:00Z","advisories":[],"bugzilla":"1425746","bugzilla_description":"CVE-2017-2629 curl: SSL_VERIFYSTATUS ignored","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-295","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2629.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2017-6313","severity":"moderate","public_date":"2017-02-21T00:00:00Z","advisories":[],"bugzilla":"1427217","bugzilla_description":"CVE-2017-6313 gdk-pixbuf: Integer underflow in io-icns.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6313.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2017-6314","severity":"low","public_date":"2017-02-21T00:00:00Z","advisories":[],"bugzilla":"1427218","bugzilla_description":"CVE-2017-6314 gdk-pixbuf: Infinite loop in io-tiff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6314.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-6312","severity":"low","public_date":"2017-02-21T00:00:00Z","advisories":[],"bugzilla":"1427221","bugzilla_description":"CVE-2017-6312 gdk-pixbuf: Out-of-bounds read in io-ico.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6312.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-3733","severity":"important","public_date":"2017-02-16T00:00:00Z","advisories":[],"bugzilla":"1421695","bugzilla_description":"CVE-2017-3733 openssl: Encrypt-Then-Mac renegotiation crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3733.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-2635","severity":"moderate","public_date":"2017-02-09T00:00:00Z","advisories":[],"bugzilla":"1427090","bugzilla_description":"CVE-2017-2635 libvirt: Null pointer dereference when updating storage size on empty drives","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2635.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H","cvss3_score":"7.7"},{"CVE":"CVE-2017-6311","severity":"low","public_date":"2017-02-05T00:00:00Z","advisories":[],"bugzilla":"1427222","bugzilla_description":"CVE-2017-6311 gdk-pixbuf: NULL pointer dereference in gdk-pixbuf-thumbnailer","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6311.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-7864","severity":"moderate","public_date":"2017-02-02T00:00:00Z","advisories":[],"bugzilla":"1444911","bugzilla_description":"CVE-2017-7864 freetype: heap-based buffer overflow related to the tt_size_reset function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7864.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2017-5884","severity":"low","public_date":"2017-02-01T00:00:00Z","advisories":["RHSA-2017:2258"],"bugzilla":"1418944","bugzilla_description":"CVE-2017-5884 gtk-vnc: Improper check of framebuffer boundaries when processing a tile","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":["gtk-vnc-0:0.7.0-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5884.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.1"},{"CVE":"CVE-2017-5885","severity":"low","public_date":"2017-02-01T00:00:00Z","advisories":["RHSA-2017:2258"],"bugzilla":"1418952","bugzilla_description":"CVE-2017-5885 gtk-vnc: Integer overflow when processing SetColorMapEntries","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":["gtk-vnc-0:0.7.0-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5885.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.1"},{"CVE":"CVE-2017-3731","severity":"moderate","public_date":"2017-01-26T00:00:00Z","advisories":["RHSA-2018:2185","RHSA-2017:0286","RHSA-2018:2186","RHSA-2018:2187"],"bugzilla":"1416852","bugzilla_description":"CVE-2017-3731 openssl: Truncated packet could crash via OOB read","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190->CWE-125","affected_packages":["openssl-0:1.0.1e-48.el6_8.4","openssl-1:1.0.1e-60.el7_3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3731.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-3730","severity":"moderate","public_date":"2017-01-26T00:00:00Z","advisories":[],"bugzilla":"1416855","bugzilla_description":"CVE-2017-3730 openssl: Bad (EC)DHE parameters cause a client crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3730.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-3732","severity":"moderate","public_date":"2017-01-26T00:00:00Z","advisories":["RHSA-2018:2185","RHSA-2018:2713","RHSA-2018:2568","RHSA-2018:2575","RHSA-2018:2186","RHSA-2018:2187"],"bugzilla":"1416856","bugzilla_description":"CVE-2017-3732 openssl: BN_mod_exp may produce incorrect results on x86_64","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["java-1.8.0-ibm-1:1.8.0.5.20-1jpp.1.el7","java-1.8.0-ibm-1:1.8.0.5.20-1jpp.1.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3732.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.9"},{"CVE":"CVE-2017-6850","severity":"moderate","public_date":"2017-01-25T00:00:00Z","advisories":[],"bugzilla":"1434458","bugzilla_description":"CVE-2017-6850 jasper: uninitialized pointer use in jp2_cdef_destroy()","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6850.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2017-6852","severity":"moderate","public_date":"2017-01-25T00:00:00Z","advisories":[],"bugzilla":"1434459","bugzilla_description":"CVE-2017-6852 jasper: Out of bounds heap read in jpc_dec_decodepkt","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6852.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-6851","severity":"low","public_date":"2017-01-21T00:00:00Z","advisories":[],"bugzilla":"1435324","bugzilla_description":"CVE-2017-6851 jasper: Invalid memory read in jas_matrix_bindsub (jas_seq.c)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6851.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-5844","severity":"low","public_date":"2017-01-20T00:00:00Z","advisories":["RHSA-2017:2060"],"bugzilla":"1419600","bugzilla_description":"CVE-2017-5844 gstreamer-plugins-base: Floating point exception in gst_riff_create_audio_caps","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-369","affected_packages":["gstreamer1-plugins-base-0:1.10.4-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5844.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-5841","severity":"low","public_date":"2017-01-19T00:00:00Z","advisories":["RHSA-2017:2060"],"bugzilla":"1419589","bugzilla_description":"CVE-2017-5841 gstreamer-plugins-good: Heap out-of-bounds read in gst_avi_demux_parse_ncdt","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["gstreamer-plugins-good-0:0.10.31-13.el7","gstreamer1-plugins-good-0:1.10.4-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5841.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-5842","severity":"low","public_date":"2017-01-19T00:00:00Z","advisories":["RHSA-2017:2060"],"bugzilla":"1419591","bugzilla_description":"CVE-2017-5842 gstreamer-plugins-base: Out-of-bounds heap read in html_context_handle_element","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["gstreamer1-plugins-base-0:1.10.4-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5842.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-5843","severity":"low","public_date":"2017-01-19T00:00:00Z","advisories":["RHSA-2017:2060"],"bugzilla":"1419592","bugzilla_description":"CVE-2017-5843 gstreamer-plugins-bad-free: Use after free in gst_mini_object_unref / gst_tag_list_unref / gst_mxf_demux_update_essence_tracks","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["gstreamer1-plugins-bad-free-0:1.10.4-2.el7","gstreamer-plugins-bad-free-0:0.10.23-23.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5843.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"2.5"},{"CVE":"CVE-2017-5837","severity":"low","public_date":"2017-01-15T00:00:00Z","advisories":["RHSA-2017:2060"],"bugzilla":"1419584","bugzilla_description":"CVE-2017-5837 gstreamer-plugins-base: Floating point exception in gst_riff_create_audio_caps","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-369","affected_packages":["gstreamer1-plugins-base-0:1.10.4-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5837.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-7056","severity":"moderate","public_date":"2017-01-10T00:00:00Z","advisories":["RHSA-2017:1413","RHSA-2017:1415","RHSA-2017:1414","RHSA-2017:1802","RHSA-2017:1801","RHBA-2017:1929"],"bugzilla":"1412120","bugzilla_description":"CVE-2016-7056 openssl: ECDSA P-256 timing attack key recovery","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-385","affected_packages":["openssl-1:1.0.2k-8.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7056.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2016-10087","severity":"low","public_date":"2016-12-29T00:00:00Z","advisories":[],"bugzilla":"1409617","bugzilla_description":"CVE-2016-10087 libpng: NULL pointer dereference in png_set_text_2()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10087.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-9600","severity":"low","public_date":"2016-12-29T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1410026","bugzilla_description":"CVE-2016-9600 jasper: JP2 encoder NULL pointer dereference due to uninitialized cmprof_","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9600.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2016-9594","severity":"moderate","public_date":"2016-12-23T00:00:00Z","advisories":[],"bugzilla":"1408385","bugzilla_description":"CVE-2016-9594 curl: Unitialized random","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-665","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9594.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2016-10328","severity":"moderate","public_date":"2016-12-23T00:00:00Z","advisories":[],"bugzilla":"1444895","bugzilla_description":"CVE-2016-10328 freetype: heap-based buffer overflow related to the cff_parser_run function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10328.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2016-9586","severity":"low","public_date":"2016-12-21T00:00:00Z","advisories":["RHSA-2018:3558"],"bugzilla":"1406712","bugzilla_description":"CVE-2016-9586 curl: printf floating point buffer overflow","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":["httpd24-curl-0:7.61.1-1.el7","httpd24-curl-0:7.61.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9586.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-9591","severity":"low","public_date":"2016-12-16T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1406405","bugzilla_description":"CVE-2016-9591 jasper: use-after-free / double-free in JPC encoder","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9591.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-9583","severity":"low","public_date":"2016-12-09T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1405148","bugzilla_description":"CVE-2016-9583 jasper: integer overflows leading to out of bounds read in packet iterators in JPC decoder","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190->CWE-125","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9583.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-10198","severity":"low","public_date":"2016-12-01T00:00:00Z","advisories":["RHSA-2017:2060"],"bugzilla":"1419558","bugzilla_description":"CVE-2016-10198 gstreamer-plugins-good: Invalid memory read in gst_aac_parse_sink_setcaps","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["gstreamer-plugins-good-0:0.10.31-13.el7","gstreamer1-plugins-good-0:1.10.4-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10198.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-10199","severity":"low","public_date":"2016-12-01T00:00:00Z","advisories":["RHSA-2017:2060"],"bugzilla":"1419580","bugzilla_description":"CVE-2016-10199 gstreamer-plugins-good: Out of bounds read in qtdemux_tag_add_str_full","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["gstreamer-plugins-good-0:0.10.31-13.el7","gstreamer1-plugins-good-0:1.10.4-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10199.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-8872","severity":"low","public_date":"2016-11-28T00:00:00Z","advisories":[],"bugzilla":"1449541","bugzilla_description":"CVE-2017-8872 libxml2: Out-of-bounds read in htmlParseTryOrFinish","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8872.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3_score":"5.4"},{"CVE":"CVE-2016-8654","severity":"important","public_date":"2016-11-25T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1399167","bugzilla_description":"CVE-2016-8654 jasper: heap-based buffer overflow in QMFB code in JPC codec","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8654.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2016-9813","severity":"low","public_date":"2016-11-25T00:00:00Z","advisories":["RHSA-2017:0021"],"bugzilla":"1401934","bugzilla_description":"CVE-2016-9813 gstreamer-plugins-bad-free: NULL pointer dereference in mpegts parser","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125->CWE-476","affected_packages":["gstreamer1-plugins-bad-free-0:1.4.5-6.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9813.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2016-9812","severity":"low","public_date":"2016-11-24T00:00:00Z","advisories":["RHSA-2017:0021"],"bugzilla":"1401930","bugzilla_description":"CVE-2016-9812 gstreamer1-plugins-bad-free: Out-of-bounds read in gst_mpegts_section_new","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":["gstreamer1-plugins-bad-free-0:1.4.5-6.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9812.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2016-9809","severity":"low","public_date":"2016-11-23T00:00:00Z","advisories":["RHSA-2017:0018","RHSA-2017:0021"],"bugzilla":"1401880","bugzilla_description":"CVE-2016-9809 gstreamer-plugins-bad-free: Off-by-one read in gst_h264_parse_set_caps","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":"CWE-193","affected_packages":["gstreamer-plugins-bad-free-0:0.10.23-22.el7_3","gstreamer1-plugins-bad-free-0:1.4.5-6.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9809.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.1"},{"CVE":"CVE-2016-9811","severity":"low","public_date":"2016-11-23T00:00:00Z","advisories":["RHSA-2017:2060"],"bugzilla":"1401918","bugzilla_description":"CVE-2016-9811 gstreamer: Out of bounds heap read in windows_icon_typefind","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":["gstreamer1-plugins-base-0:1.10.4-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9811.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2016-9807","severity":"low","public_date":"2016-11-22T00:00:00Z","advisories":["RHSA-2017:0019","RHSA-2017:0020","RHSA-2016:2975"],"bugzilla":"1401874","bugzilla_description":"CVE-2016-9807 gstreamer-plugins-good: Invalid memory read in flx_decode_chunks","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":["gstreamer1-plugins-good-0:1.4.5-3.el7_3","gstreamer-plugins-good-0:0.10.23-4.el6_8","gstreamer-plugins-good-0:0.10.31-12.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9807.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2016-9634","severity":"moderate","public_date":"2016-11-21T00:00:00Z","advisories":["RHSA-2017:0019","RHSA-2017:0020","RHSA-2016:2975"],"bugzilla":"1397441","bugzilla_description":"CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 CVE-2016-9808 gstreamer-plugins-good: Heap buffer overflow in FLIC decoder","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["gstreamer1-plugins-good-0:1.4.5-3.el7_3","gstreamer-plugins-good-0:0.10.23-4.el6_8","gstreamer-plugins-good-0:0.10.31-12.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9634.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2016-9635","severity":"moderate","public_date":"2016-11-21T00:00:00Z","advisories":["RHSA-2017:0019","RHSA-2017:0020","RHSA-2016:2975"],"bugzilla":"1397441","bugzilla_description":"CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 CVE-2016-9808 gstreamer-plugins-good: Heap buffer overflow in FLIC decoder","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["gstreamer1-plugins-good-0:1.4.5-3.el7_3","gstreamer-plugins-good-0:0.10.23-4.el6_8","gstreamer-plugins-good-0:0.10.31-12.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9635.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2016-9636","severity":"moderate","public_date":"2016-11-21T00:00:00Z","advisories":["RHSA-2017:0019","RHSA-2017:0020","RHSA-2016:2975"],"bugzilla":"1397441","bugzilla_description":"CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 CVE-2016-9808 gstreamer-plugins-good: Heap buffer overflow in FLIC decoder","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["gstreamer1-plugins-good-0:1.4.5-3.el7_3","gstreamer-plugins-good-0:0.10.23-4.el6_8","gstreamer-plugins-good-0:0.10.31-12.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9636.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2016-9808","severity":"moderate","public_date":"2016-11-21T00:00:00Z","advisories":["RHSA-2017:0019","RHSA-2017:0020","RHSA-2016:2975"],"bugzilla":"1397441","bugzilla_description":"CVE-2016-9634 CVE-2016-9635 CVE-2016-9636 CVE-2016-9808 gstreamer-plugins-good: Heap buffer overflow in FLIC decoder","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["gstreamer1-plugins-good-0:1.4.5-3.el7_3","gstreamer-plugins-good-0:0.10.23-4.el6_8","gstreamer-plugins-good-0:0.10.31-12.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9808.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2016-9560","severity":"important","public_date":"2016-11-20T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1398256","bugzilla_description":"CVE-2016-9560 jasper: stack-based buffer overflow in jpc_dec_tileinit()","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-121","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9560.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2017-5503","severity":"moderate","public_date":"2016-11-20T00:00:00Z","advisories":[],"bugzilla":"1416056","bugzilla_description":"CVE-2017-5503 jasper: invalid memory write in dec_clnpass()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5503.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2017-5505","severity":"moderate","public_date":"2016-11-20T00:00:00Z","advisories":[],"bugzilla":"1416068","bugzilla_description":"CVE-2017-5505 jasper: Invalid memory read in jas_matrix_asl","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5505.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2017-5504","severity":"moderate","public_date":"2016-11-20T00:00:00Z","advisories":[],"bugzilla":"1416069","bugzilla_description":"CVE-2017-5504 jasper: Invalid memory read in jpc_undo_roi","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5504.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2016-9396","severity":"low","public_date":"2016-11-16T00:00:00Z","advisories":["RHSA-2018:3253"],"bugzilla":"1396978","bugzilla_description":"CVE-2016-9396 jasper: reachable assertion in JPC_NOMINALGAIN()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-617","affected_packages":["jasper-0:1.900.1-33.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9396.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-9397","severity":"low","public_date":"2016-11-16T00:00:00Z","advisories":[],"bugzilla":"1396979","bugzilla_description":"CVE-2016-9397 jasper: reachable assertion in jpc_dequantize()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-617","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9397.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-9398","severity":"low","public_date":"2016-11-16T00:00:00Z","advisories":[],"bugzilla":"1396980","bugzilla_description":"CVE-2016-9398 jasper: reachable assertion in jpc_floorlog2()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-617","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9398.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-9399","severity":"low","public_date":"2016-11-16T00:00:00Z","advisories":[],"bugzilla":"1396981","bugzilla_description":"CVE-2016-9399 jasper: reachable assertion in calcstepsizes()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-617","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9399.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-9445","severity":"moderate","public_date":"2016-11-15T00:00:00Z","advisories":["RHSA-2017:0018","RHSA-2017:0021","RHSA-2016:2974"],"bugzilla":"1395767","bugzilla_description":"CVE-2016-9445 gstreamer-plugins-bad-free: Integer overflow when allocating render buffer in VMnc decoder","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-190->CWE-122","affected_packages":["gstreamer-plugins-bad-free-0:0.10.19-5.el6_8","gstreamer-plugins-bad-free-0:0.10.23-22.el7_3","gstreamer1-plugins-bad-free-0:1.4.5-6.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9445.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2016-9063","severity":"low","public_date":"2016-11-15T00:00:00Z","advisories":[],"bugzilla":"1396540","bugzilla_description":"CVE-2016-9063 firefox: Possible integer overflow to fix inside XML_Parse in Expat","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9063.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.1"},{"CVE":"CVE-2016-9447","severity":"moderate","public_date":"2016-11-14T00:00:00Z","advisories":["RHSA-2017:0018","RHSA-2016:2974"],"bugzilla":"1395126","bugzilla_description":"CVE-2016-9447 gstreamer-plugins-bad-free: Memory corruption flaw in NSF decoder","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":["gstreamer-plugins-bad-free-0:0.10.19-5.el6_8","gstreamer-plugins-bad-free-0:0.10.23-22.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9447.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2016-9395","severity":"low","public_date":"2016-11-12T00:00:00Z","advisories":[],"bugzilla":"1396977","bugzilla_description":"CVE-2016-9395 jasper: reachable assertion failure in jas_seq2d_create()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-617","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9395.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-9557","severity":"low","public_date":"2016-11-12T00:00:00Z","advisories":[],"bugzilla":"1398251","bugzilla_description":"CVE-2016-9557 jasper: signed integer overflow in jas_image_create()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9557.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-9262","severity":"moderate","public_date":"2016-11-06T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1393882","bugzilla_description":"CVE-2016-9262 jasper: integer truncation in jas_image_cmpt_create()","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-681","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9262.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-10251","severity":"low","public_date":"2016-11-04T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1434461","bugzilla_description":"CVE-2016-10251 jasper: integer overflow in jpc_pi_nextcprl(), leading to out-of-bounds read","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190->CWE-125","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10251.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-8615","severity":"moderate","public_date":"2016-11-02T00:00:00Z","advisories":["RHSA-2018:3558","RHSA-2018:2486"],"bugzilla":"1388370","bugzilla_description":"CVE-2016-8615 curl: Cookie injection for other servers","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-99","affected_packages":["httpd24-curl-0:7.61.1-1.el7","httpd24-curl-0:7.61.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8615.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2016-8616","severity":"low","public_date":"2016-11-02T00:00:00Z","advisories":["RHSA-2018:3558","RHSA-2018:2486"],"bugzilla":"1388371","bugzilla_description":"CVE-2016-8616 curl: Case insensitive password comparison","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:P/A:N","CWE":"CWE-287","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8616.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"3.7"},{"CVE":"CVE-2016-8617","severity":"moderate","public_date":"2016-11-02T00:00:00Z","advisories":["RHSA-2018:3558","RHSA-2018:2486"],"bugzilla":"1388377","bugzilla_description":"CVE-2016-8617 curl: Out-of-bounds write via unchecked multiplication","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-787","affected_packages":["httpd24-curl-0:7.61.1-1.el7","httpd24-curl-0:7.61.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8617.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2016-8618","severity":"moderate","public_date":"2016-11-02T00:00:00Z","advisories":["RHSA-2018:3558","RHSA-2018:2486"],"bugzilla":"1388378","bugzilla_description":"CVE-2016-8618 curl: Double-free in curl_maprintf","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-416","affected_packages":["httpd24-curl-0:7.61.1-1.el7","httpd24-curl-0:7.61.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8618.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2016-8619","severity":"moderate","public_date":"2016-11-02T00:00:00Z","advisories":["RHSA-2018:3558","RHSA-2018:2486"],"bugzilla":"1388379","bugzilla_description":"CVE-2016-8619 curl: Double-free in krb5 code","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-416","affected_packages":["httpd24-curl-0:7.61.1-1.el7","httpd24-curl-0:7.61.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8619.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2016-8620","severity":"moderate","public_date":"2016-11-02T00:00:00Z","advisories":["RHSA-2018:3558"],"bugzilla":"1388382","bugzilla_description":"CVE-2016-8620 curl: Glob parser write/read out of bounds","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":"CWE-120","affected_packages":["httpd24-curl-0:7.61.1-1.el7","httpd24-curl-0:7.61.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8620.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2016-8621","severity":"low","public_date":"2016-11-02T00:00:00Z","advisories":["RHSA-2018:3558","RHSA-2018:2486"],"bugzilla":"1388385","bugzilla_description":"CVE-2016-8621 curl: curl_getdate out-of-bounds read","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-125","affected_packages":["httpd24-curl-0:7.61.1-1.el7","httpd24-curl-0:7.61.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8621.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2016-8622","severity":"low","public_date":"2016-11-02T00:00:00Z","advisories":["RHSA-2018:3558","RHSA-2018:2486"],"bugzilla":"1388386","bugzilla_description":"CVE-2016-8622 curl: URL unescape heap overflow via integer truncation","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:P/A:N","CWE":"CWE-190->CWE-122","affected_packages":["httpd24-curl-0:7.61.1-1.el7","httpd24-curl-0:7.61.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8622.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"3.7"},{"CVE":"CVE-2016-8623","severity":"low","public_date":"2016-11-02T00:00:00Z","advisories":["RHSA-2018:3558","RHSA-2018:2486"],"bugzilla":"1388388","bugzilla_description":"CVE-2016-8623 curl: Use-after-free via shared cookies","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-416","affected_packages":["httpd24-curl-0:7.61.1-1.el7","httpd24-curl-0:7.61.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8623.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2016-8624","severity":"moderate","public_date":"2016-11-02T00:00:00Z","advisories":["RHSA-2018:3558","RHSA-2018:2486"],"bugzilla":"1388390","bugzilla_description":"CVE-2016-8624 curl: Invalid URL parsing with '#'","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-20","affected_packages":["httpd24-curl-0:7.61.1-1.el7","httpd24-curl-0:7.61.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8624.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2016-8625","severity":"moderate","public_date":"2016-11-02T00:00:00Z","advisories":["RHSA-2018:3558","RHSA-2018:2486"],"bugzilla":"1388392","bugzilla_description":"CVE-2016-8625 curl: IDNA 2003 makes curl use wrong host","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-20","affected_packages":["httpd24-curl-0:7.61.1-1.el7","httpd24-curl-0:7.61.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8625.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2016-9392","severity":"low","public_date":"2016-10-28T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1396971","bugzilla_description":"CVE-2016-9392 CVE-2016-9393 CVE-2016-9394 jasper: insufficient SIZ marker segment data sanity checks","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-617","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9392.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-9393","severity":"low","public_date":"2016-10-28T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1396971","bugzilla_description":"CVE-2016-9392 CVE-2016-9393 CVE-2016-9394 jasper: insufficient SIZ marker segment data sanity checks","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-617","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9393.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-9394","severity":"low","public_date":"2016-10-28T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1396971","bugzilla_description":"CVE-2016-9392 CVE-2016-9393 CVE-2016-9394 jasper: insufficient SIZ marker segment data sanity checks","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-617","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9394.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-5498","severity":"low","public_date":"2016-10-28T00:00:00Z","advisories":[],"bugzilla":"1416060","bugzilla_description":"CVE-2017-5498 jasper: Left shift of negative value in jas_fast32_asl() in jas_math.h","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5498.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"2.5"},{"CVE":"CVE-2017-5499","severity":"low","public_date":"2016-10-28T00:00:00Z","advisories":[],"bugzilla":"1416061","bugzilla_description":"CVE-2017-5499 jasper: Signed integer overflow in jpc_dequantize() in jpc_dec.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5499.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"2.5"},{"CVE":"CVE-2017-5500","severity":"low","public_date":"2016-10-28T00:00:00Z","advisories":[],"bugzilla":"1416063","bugzilla_description":"CVE-2017-5500 jasper: Invalid exponent shift in jpc_calcabsstepsize() in jpc_dec.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5500.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"2.5"},{"CVE":"CVE-2017-5501","severity":"low","public_date":"2016-10-28T00:00:00Z","advisories":[],"bugzilla":"1416064","bugzilla_description":"CVE-2017-5501 jasper: Signed integer overflow in jpc_tsfb_getbands2() in jpc_tsfb.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5501.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"2.5"},{"CVE":"CVE-2017-5502","severity":"low","public_date":"2016-10-28T00:00:00Z","advisories":[],"bugzilla":"1416066","bugzilla_description":"CVE-2017-5502 jasper: Left shift of negative value in jp2_validate() in jp2_dec.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5502.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"2.5"},{"CVE":"CVE-2016-9391","severity":"low","public_date":"2016-10-25T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1396967","bugzilla_description":"CVE-2016-9391 jasper: reachable assertions in the JPC bitstream code","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-617","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9391.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-9388","severity":"low","public_date":"2016-10-24T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1396962","bugzilla_description":"CVE-2016-9388 jasper: reachable assertions in RAS encoder/decoder","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-617","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9388.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-9389","severity":"low","public_date":"2016-10-24T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1396963","bugzilla_description":"CVE-2016-9389 jasper: reachable assertions caused by insufficient component domains checks in ICT/RCT in JPC codec","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-617","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9389.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-9390","severity":"low","public_date":"2016-10-24T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1396965","bugzilla_description":"CVE-2016-9390 jasper: insufficient SIZ marker tilexoff and tileyoff checks","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20->CWE-617","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9390.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-10249","severity":"important","public_date":"2016-10-23T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1388840","bugzilla_description":"CVE-2016-10249 jasper: integer overflow in jas_matrix_create()","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-190->CWE-122","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10249.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2016-9387","severity":"low","public_date":"2016-10-23T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1396959","bugzilla_description":"CVE-2016-9387 jasper: integer overflow in jpc_dec_process_siz()","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:P/A:N","CWE":"CWE-190","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9387.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"2.5"},{"CVE":"CVE-2016-10248","severity":"low","public_date":"2016-10-20T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1434447","bugzilla_description":"CVE-2016-10248 jasper: NULL pointer dereference in jpc_tsfb_synthesize()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10248.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-8887","severity":"moderate","public_date":"2016-10-18T00:00:00Z","advisories":[],"bugzilla":"1388828","bugzilla_description":"CVE-2016-8887 jasper: uninitialized pointer use in jp2_box_get()","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-456","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8887.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-10250","severity":"moderate","public_date":"2016-10-18T00:00:00Z","advisories":[],"bugzilla":"1388829","bugzilla_description":"CVE-2016-10250 jasper: Null pointer dereference in jp2_colr_destroy (incomplete fix for CVE-2016-8887)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-456","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10250.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-8886","severity":"low","public_date":"2016-10-18T00:00:00Z","advisories":[],"bugzilla":"1388880","bugzilla_description":"CVE-2016-8886 jasper: no upper limit on memory allocations in jas_malloc()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-770","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8886.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-8880","severity":null,"public_date":"2016-10-17T00:00:00Z","advisories":[],"bugzilla":"1388863","bugzilla_description":"CVE-2016-8880 jasper: heap buffer overflow in jpc_dec_cp_setfromcox() (rejected duplicate of CVE-2011-4516)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8880.json"},{"CVE":"CVE-2016-8881","severity":null,"public_date":"2016-10-17T00:00:00Z","advisories":[],"bugzilla":"1388864","bugzilla_description":"CVE-2016-8881 jasper: insufficient memory allocation in jpc_crg_getparms() (rejected duplicate of CVE-2011-4517)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8881.json"},{"CVE":"CVE-2016-8882","severity":"moderate","public_date":"2016-10-17T00:00:00Z","advisories":[],"bugzilla":"1388866","bugzilla_description":"CVE-2016-8882 jasper: uninitialized tile->pi pointer use in JPC decoder","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-822","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8882.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-8883","severity":"low","public_date":"2016-10-17T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1388870","bugzilla_description":"CVE-2016-8883 jasper: reachable asserts in jpc_dec_tiledecode()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-617","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8883.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-8690","severity":"moderate","public_date":"2016-10-15T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1385499","bugzilla_description":"CVE-2016-8690 CVE-2016-8884 CVE-2016-8885 jasper: missing jas_matrix_create() parameter checks","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-20","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8690.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-8884","severity":"moderate","public_date":"2016-10-15T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1385499","bugzilla_description":"CVE-2016-8690 CVE-2016-8884 CVE-2016-8885 jasper: missing jas_matrix_create() parameter checks","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-20","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8884.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-8885","severity":"moderate","public_date":"2016-10-15T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1385499","bugzilla_description":"CVE-2016-8690 CVE-2016-8884 CVE-2016-8885 jasper: missing jas_matrix_create() parameter checks","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-20","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8885.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-8691","severity":"low","public_date":"2016-10-15T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1385502","bugzilla_description":"CVE-2016-8691 CVE-2016-8692 jasper: missing SIZ marker segment XRsiz and YRsiz fields range check","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20->CWE-369","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8691.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-8692","severity":"low","public_date":"2016-10-15T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1385502","bugzilla_description":"CVE-2016-8691 CVE-2016-8692 jasper: missing SIZ marker segment XRsiz and YRsiz fields range check","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20->CWE-369","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8692.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-8693","severity":"moderate","public_date":"2016-10-15T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1385507","bugzilla_description":"CVE-2016-8693 jasper: incorrect handling of bufsize 0 in mem_resize()","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8693.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-9082","severity":"low","public_date":"2016-10-05T00:00:00Z","advisories":[],"bugzilla":"1312337","bugzilla_description":"CVE-2016-9082 cairo: Out of bounds read in read_png/write_png in cairo-png.c","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9082.json"},{"CVE":"CVE-2016-7167","severity":"low","public_date":"2016-09-14T00:00:00Z","advisories":["RHSA-2018:3558","RHSA-2017:2016","RHSA-2018:2486"],"bugzilla":"1375906","bugzilla_description":"CVE-2016-7167 curl: escape and unescape integer overflows","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190","affected_packages":["curl-0:7.29.0-42.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7167.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"2.9"},{"CVE":"CVE-2016-7141","severity":"low","public_date":"2016-09-05T00:00:00Z","advisories":["RHSA-2016:2575","RHSA-2018:3558","RHSA-2016:2957"],"bugzilla":"1373229","bugzilla_description":"CVE-2016-7141 curl: Incorrect reuse of client certificates","cvss_score":4.9,"cvss_scoring_vector":"AV:N/AC:M/Au:S/C:P/I:P/A:N","CWE":"CWE-295","affected_packages":["httpd24-curl-0:7.61.1-1.el7","httpd24-curl-0:7.61.1-1.el6","curl-0:7.29.0-35.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7141.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"4.2"},{"CVE":"CVE-2016-10244","severity":"moderate","public_date":"2016-08-25T00:00:00Z","advisories":[],"bugzilla":"1429965","bugzilla_description":"CVE-2016-10244 freetype: parse_charstrings function in type1/t1load.c does not ensure that a font contains a glyph name","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10244.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-4973","severity":"moderate","public_date":"2016-08-17T00:00:00Z","advisories":[],"bugzilla":"1324759","bugzilla_description":"CVE-2016-4973 gcc: Targets using libssp for SSP are missing -D_FORTIFY_SOURCE functionality","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4973.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N","cvss3_score":"3.6"},{"CVE":"CVE-2016-5384","severity":"moderate","public_date":"2016-08-05T00:00:00Z","advisories":["RHSA-2016:2601"],"bugzilla":"1350891","bugzilla_description":"CVE-2016-5384 fontconfig: Possible double free due to insufficiently validated cache files","cvss_score":3.7,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-20","affected_packages":["fontconfig-0:2.10.95-10.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5384.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"4.5"},{"CVE":"CVE-2016-5419","severity":"moderate","public_date":"2016-08-03T00:00:00Z","advisories":["RHSA-2016:2575","RHSA-2018:3558","RHSA-2016:2957"],"bugzilla":"1362183","bugzilla_description":"CVE-2016-5419 curl: TLS session resumption client cert bypass","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":"CWE-295","affected_packages":["httpd24-curl-0:7.61.1-1.el7","httpd24-curl-0:7.61.1-1.el6","curl-0:7.29.0-35.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5419.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"4.8"},{"CVE":"CVE-2016-5420","severity":"low","public_date":"2016-08-03T00:00:00Z","advisories":["RHSA-2016:2575","RHSA-2018:3558","RHSA-2016:2957"],"bugzilla":"1362190","bugzilla_description":"CVE-2016-5420 curl: Re-using connection with wrong client cert","cvss_score":4.9,"cvss_scoring_vector":"AV:N/AC:M/Au:S/C:P/I:P/A:N","CWE":"CWE-295","affected_packages":["httpd24-curl-0:7.61.1-1.el7","httpd24-curl-0:7.61.1-1.el6","curl-0:7.29.0-35.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5420.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"4.2"},{"CVE":"CVE-2016-5421","severity":"moderate","public_date":"2016-08-03T00:00:00Z","advisories":["RHSA-2018:3558"],"bugzilla":"1362199","bugzilla_description":"CVE-2016-5421 curl: Use of connection struct after free","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-416","affected_packages":["httpd24-curl-0:7.61.1-1.el7","httpd24-curl-0:7.61.1-1.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5421.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2016-6352","severity":"moderate","public_date":"2016-07-13T00:00:00Z","advisories":[],"bugzilla":"1349751","bugzilla_description":"CVE-2016-6352 gdk-pixbuf: Out-of-bounds write in OneLine32() function","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6352.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L","cvss3_score":"6.5"},{"CVE":"CVE-2016-4456","severity":"moderate","public_date":"2016-06-06T00:00:00Z","advisories":[],"bugzilla":"1343505","bugzilla_description":"CVE-2016-4456 gnutls: Environment variable GNUTLS_KEYLOGFILE is obtained via insecure getenv()","cvss_score":5.6,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:C/A:C","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4456.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H","cvss3_score":"6.3"},{"CVE":"CVE-2016-3739","severity":"moderate","public_date":"2016-05-18T00:00:00Z","advisories":[],"bugzilla":"1335430","bugzilla_description":"CVE-2016-3739 curl: TLS certificate name check bypass with mbedTLS and PolarSSL","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","CWE":"CWE-345","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3739.json"},{"CVE":"CVE-2016-4008","severity":"moderate","public_date":"2016-04-11T00:00:00Z","advisories":[],"bugzilla":"1325965","bugzilla_description":"CVE-2016-4008 libtasn1: infinite loop while parsing DER certificates","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4008.json"},{"CVE":"CVE-2016-3616","severity":"moderate","public_date":"2016-03-30T00:00:00Z","advisories":["RHSA-2019:2052"],"bugzilla":"1319661","bugzilla_description":"CVE-2016-3616 libjpeg: null pointer dereference in cjpeg","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-476","affected_packages":["libjpeg-turbo-0:1.2.90-8.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3616.json"},{"CVE":"CVE-2016-1577","severity":"moderate","public_date":"2016-03-03T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1314466","bugzilla_description":"CVE-2016-1577 jasper: double free issue in jas_iccattrval_destroy()","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1577.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-2116","severity":"low","public_date":"2016-03-03T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1314472","bugzilla_description":"CVE-2016-2116 jasper: memory leak in jas_iccprof_createfrombuf()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-400","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2116.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-5848","severity":"low","public_date":"2016-01-30T00:00:00Z","advisories":["RHSA-2017:2060"],"bugzilla":"1419583","bugzilla_description":"CVE-2017-5848 gstreamer-plugins-bad-free: Invalid memory read in gst_ps_demux_parse_psm","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["gstreamer1-plugins-bad-free-0:1.10.4-2.el7","gstreamer-plugins-bad-free-0:0.10.23-23.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5848.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-2089","severity":"low","public_date":"2016-01-27T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1302636","bugzilla_description":"CVE-2016-2089 jasper: matrix rows_ NULL pointer dereference in jas_matrix_clip()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2089.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2015-7552","severity":"moderate","public_date":"2016-01-25T00:00:00Z","advisories":["RHBA-2017:2100"],"bugzilla":"1378894","bugzilla_description":"CVE-2015-7552 gdk-pixbuf: Heap-based buffer overflow in the gdk_pixbuf_flip function","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":["gdk-pixbuf2-0:2.36.5-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7552.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-5845","severity":"low","public_date":"2016-01-20T00:00:00Z","advisories":["RHSA-2017:2060"],"bugzilla":"1419582","bugzilla_description":"CVE-2017-5845 gstreamer-plugins-good: Invalid memory read in gst_avi_demux_parse_ncdt","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["gstreamer-plugins-good-0:0.10.31-13.el7","gstreamer1-plugins-good-0:1.10.4-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5845.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-5840","severity":"low","public_date":"2016-01-18T00:00:00Z","advisories":["RHSA-2017:2060"],"bugzilla":"1419588","bugzilla_description":"CVE-2017-5840 gstreamer-plugins-good: Out of bounds heap read in qtdemux_parse_samples","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["gstreamer-plugins-good-0:0.10.31-13.el7","gstreamer1-plugins-good-0:1.10.4-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5840.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-5839","severity":"low","public_date":"2016-01-15T00:00:00Z","advisories":["RHSA-2017:2060"],"bugzilla":"1419586","bugzilla_description":"CVE-2017-5839 gstreamer-plugins-base: Stack overflow in gst_riff_create_audio_caps","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-674","affected_packages":["gstreamer1-plugins-base-0:1.10.4-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5839.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-5838","severity":"low","public_date":"2016-01-15T00:00:00Z","advisories":["RHSA-2017:2060"],"bugzilla":"1419587","bugzilla_description":"CVE-2017-5838 gstreamer: Out-of-bounds read in gst_date_time_new_from_iso8601_string()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["gstreamer1-0:1.10.4-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5838.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2016-1867","severity":"low","public_date":"2016-01-13T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1298135","bugzilla_description":"CVE-2016-1867 jasper: out-of-bounds read in jpc_pi_nextcprl()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1867.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2015-8751","severity":"moderate","public_date":"2015-12-24T00:00:00Z","advisories":[],"bugzilla":"1296949","bugzilla_description":"CVE-2015-8751 jasper: integer overflow in the jas_matrix_create() function","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8751.json"},{"CVE":"CVE-2015-5203","severity":"moderate","public_date":"2015-08-16T00:00:00Z","advisories":["RHSA-2017:1208"],"bugzilla":"1254242","bugzilla_description":"CVE-2015-5203 jasper: integer overflow in jas_image_cmpt_create()","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-190","affected_packages":["jasper-0:1.900.1-30.el7_3","jasper-0:1.900.1-21.el6_9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5203.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2015-3622","severity":"moderate","public_date":"2015-04-30T00:00:00Z","advisories":["RHSA-2017:1860"],"bugzilla":"1218141","bugzilla_description":"CVE-2015-3622 libtasn1: heap overflow flaw in _asn1_extract_der_octet()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":["libtasn1-0:4.10-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3622.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2015-3153","severity":"moderate","public_date":"2015-04-29T00:00:00Z","advisories":[],"bugzilla":"1217341","bugzilla_description":"CVE-2015-3153 curl: sensitive HTTP server headers also sent to proxies","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-201","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3153.json"},{"CVE":"CVE-2015-3143","severity":"moderate","public_date":"2015-04-22T00:00:00Z","advisories":["RHSA-2015:1254","RHSA-2015:2159"],"bugzilla":"1213306","bugzilla_description":"CVE-2015-3143 curl: re-using authenticated connection when unauthenticated","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","CWE":"CWE-287","affected_packages":["curl-0:7.29.0-25.el7","curl-0:7.19.7-46.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3143.json"},{"CVE":"CVE-2015-3144","severity":"low","public_date":"2015-04-22T00:00:00Z","advisories":[],"bugzilla":"1213335","bugzilla_description":"CVE-2015-3144 curl: host name out of boundary memory access","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":"CWE-125->CWE-129->CWE-131->CWE-193","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3144.json"},{"CVE":"CVE-2015-3145","severity":"low","public_date":"2015-04-22T00:00:00Z","advisories":[],"bugzilla":"1213347","bugzilla_description":"CVE-2015-3145 curl: cookie parser out of boundary memory access","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125->CWE-129->CWE-131->CWE-193","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3145.json"},{"CVE":"CVE-2015-3148","severity":"moderate","public_date":"2015-04-22T00:00:00Z","advisories":["RHSA-2015:1254","RHSA-2015:2159"],"bugzilla":"1213351","bugzilla_description":"CVE-2015-3148 curl: Negotiate not treated as connection-oriented","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","CWE":"CWE-287","affected_packages":["curl-0:7.29.0-25.el7","curl-0:7.19.7-46.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3148.json"},{"CVE":"CVE-2015-3308","severity":"moderate","public_date":"2015-04-16T00:00:00Z","advisories":[],"bugzilla":"1212459","bugzilla_description":"CVE-2015-3308 gnutls: use-after-free flaw in CRL distribution points parsing","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3308.json"},{"CVE":"CVE-2015-2806","severity":"low","public_date":"2015-03-26T00:00:00Z","advisories":["RHSA-2017:1860"],"bugzilla":"1207192","bugzilla_description":"CVE-2015-2806 libtasn1: stack overflow in asn1_der_decoding","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["libtasn1-0:4.10-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2806.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2015-0291","severity":"important","public_date":"2015-03-19T00:00:00Z","advisories":[],"bugzilla":"1202338","bugzilla_description":"CVE-2015-0291 openssl: ClientHello sigalgs NULL pointer dereference DoS","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0291.json"},{"CVE":"CVE-2015-0290","severity":"low","public_date":"2015-03-19T00:00:00Z","advisories":[],"bugzilla":"1202345","bugzilla_description":"CVE-2015-0290 openssl: multiblock corrupted pointer","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0290.json"},{"CVE":"CVE-2015-0207","severity":"moderate","public_date":"2015-03-19T00:00:00Z","advisories":[],"bugzilla":"1202351","bugzilla_description":"CVE-2015-0207 openssl: DTLS segmentation fault in DTLSv1_listen","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-822","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0207.json"},{"CVE":"CVE-2015-0286","severity":"moderate","public_date":"2015-03-19T00:00:00Z","advisories":["RHSA-2015:0752","RHSA-2016:2957","RHSA-2015:0716","RHSA-2015:0715"],"bugzilla":"1202366","bugzilla_description":"CVE-2015-0286 openssl: invalid pointer use in ASN1_TYPE_cmp()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-822->CWE-125","affected_packages":["openssl-0:1.0.1e-30.el6_6.7","openssl-1:1.0.1e-42.el7_1.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0286.json"},{"CVE":"CVE-2015-0208","severity":"moderate","public_date":"2015-03-19T00:00:00Z","advisories":[],"bugzilla":"1202369","bugzilla_description":"CVE-2015-0208 openssl: segmentation fault for invalid PSS parameters","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0208.json"},{"CVE":"CVE-2015-0287","severity":"low","public_date":"2015-03-19T00:00:00Z","advisories":["RHSA-2015:0800","RHSA-2015:0752","RHSA-2015:0716","RHSA-2015:0715"],"bugzilla":"1202380","bugzilla_description":"CVE-2015-0287 openssl: ASN.1 structure reuse memory corruption","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":"CWE-787","affected_packages":["openssl-0:1.0.1e-30.el6_6.7","openssl-1:1.0.1e-42.el7_1.4","openssl-0:0.9.8e-33.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0287.json"},{"CVE":"CVE-2015-0289","severity":"low","public_date":"2015-03-19T00:00:00Z","advisories":["RHSA-2015:0800","RHSA-2015:0752","RHSA-2015:0716","RHSA-2015:0715"],"bugzilla":"1202384","bugzilla_description":"CVE-2015-0289 openssl: PKCS7 NULL pointer dereference","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":["openssl-0:1.0.1e-30.el6_6.7","openssl-1:1.0.1e-42.el7_1.4","openssl-0:0.9.8e-33.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0289.json"},{"CVE":"CVE-2015-0292","severity":"moderate","public_date":"2015-03-19T00:00:00Z","advisories":["RHSA-2015:0800","RHSA-2015:0752","RHSA-2015:0716","RHSA-2015:0715"],"bugzilla":"1202395","bugzilla_description":"CVE-2015-0292 openssl: integer underflow leading to buffer overflow in base64 decoding","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-190->CWE-120","affected_packages":["openssl-0:1.0.1e-30.el6_6.7","openssl-1:1.0.1e-42.el7_1.4","openssl-0:0.9.8e-33.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0292.json"},{"CVE":"CVE-2015-0293","severity":"moderate","public_date":"2015-03-19T00:00:00Z","advisories":["RHSA-2015:0800","RHSA-2016:0490","RHSA-2015:0752","RHSA-2016:0372","RHSA-2016:0304","RHSA-2016:0306","RHSA-2015:0716","RHSA-2015:0715","RHSA-2016:0445","RHSA-2016:0303","RHSA-2016:0446"],"bugzilla":"1202404","bugzilla_description":"CVE-2015-0293 openssl: assertion failure in SSLv2 servers","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-617","affected_packages":["openssl-0:1.0.1e-16.el6_5.16","openssl-0:1.0.1e-30.el6_6.7","openssl-0:0.9.7a-43.23.el4","openssl-0:0.9.8e-26.el5_9.5","openssl-0:1.0.0-27.el6_4.5","openssl098e-0:0.9.8e-20.el6_7.1","openssl-1:1.0.1e-42.el7_1.4","openssl098e-0:0.9.8e-29.el7_2.3","openssl-0:0.9.8e-33.el5_11","openssl-0:0.9.8e-12.el5_6.13","openssl-0:1.0.0-20.el6_2.8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0293.json"},{"CVE":"CVE-2015-1787","severity":"moderate","public_date":"2015-03-19T00:00:00Z","advisories":[],"bugzilla":"1202406","bugzilla_description":"CVE-2015-1787 openssl: segmentation fault in client authentication with empty CKE and DHE","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1787.json"},{"CVE":"CVE-2015-0285","severity":"low","public_date":"2015-03-19T00:00:00Z","advisories":[],"bugzilla":"1202410","bugzilla_description":"CVE-2015-0285 openssl: handshake with unseeded PRNG","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","CWE":"CWE-335","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0285.json"},{"CVE":"CVE-2015-0288","severity":"low","public_date":"2015-03-19T00:00:00Z","advisories":["RHSA-2015:0800","RHSA-2015:0752","RHEA-2015:1770","RHEA-2015:1771","RHSA-2015:0716","RHSA-2015:0715"],"bugzilla":"1202418","bugzilla_description":"CVE-2015-0288 openssl: X509_to_X509_REQ NULL pointer dereference","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":["openssl-0:1.0.1e-30.el6_6.7","openssl-1:1.0.1e-42.el7_1.4","openssl-0:0.9.8e-33.el5_11"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0288.json"},{"CVE":"CVE-2009-5146","severity":"moderate","public_date":"2015-03-16T00:00:00Z","advisories":[],"bugzilla":"1203232","bugzilla_description":"CVE-2009-5146 openssl: memory leak in hostname TLS extension","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-401","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-5146.json"},{"CVE":"CVE-2015-0282","severity":"moderate","public_date":"2015-03-11T00:00:00Z","advisories":["RHSA-2015:1457"],"bugzilla":"1194371","bugzilla_description":"CVE-2015-0282 gnutls: RSA PKCS#1 signature verification forgery","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","CWE":"CWE-295","affected_packages":["gnutls-0:2.8.5-18.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0282.json"},{"CVE":"CVE-2015-0294","severity":"low","public_date":"2015-02-27T00:00:00Z","advisories":["RHSA-2015:1457"],"bugzilla":"1196323","bugzilla_description":"CVE-2015-0294 gnutls: certificate algorithm consistency checking issue","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-295","affected_packages":["gnutls-0:2.8.5-18.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0294.json"},{"CVE":"CVE-2014-3591","severity":"low","public_date":"2015-02-27T00:00:00Z","advisories":[],"bugzilla":"1198145","bugzilla_description":"CVE-2014-3591 libgcrypt: use ciphertext blinding for Elgamal decryption (new side-channel attack)","cvss_score":1.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3591.json"},{"CVE":"CVE-2015-0837","severity":"low","public_date":"2015-02-27T00:00:00Z","advisories":[],"bugzilla":"1198147","bugzilla_description":"CVE-2015-0837 libgcrypt: last-level cache side-channel attack","cvss_score":1.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0837.json"},{"CVE":"CVE-2015-0209","severity":"low","public_date":"2015-02-09T00:00:00Z","advisories":["RHSA-2016:1089","RHSA-2015:0752","RHSA-2016:2957","RHSA-2015:0716","RHSA-2015:0715"],"bugzilla":"1196737","bugzilla_description":"CVE-2015-0209 openssl: use-after-free on invalid EC private key import","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["openssl-0:1.0.1e-30.el6_6.7","openssl-1:1.0.1e-42.el7_1.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0209.json"},{"CVE":"CVE-2014-9674","severity":"important","public_date":"2015-02-08T00:00:00Z","advisories":["RHSA-2015:0696"],"bugzilla":"1191190","bugzilla_description":"CVE-2014-9674 freetype: multiple integer overflows Mac_Read_POST_Resource() leading to heap-based buffer overflows","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-190->CWE-122","affected_packages":["freetype-0:2.3.11-15.el6_6.1","freetype-0:2.4.11-10.ael7b_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9674.json"},{"CVE":"CVE-2014-9675","severity":"low","public_date":"2015-02-08T00:00:00Z","advisories":["RHSA-2015:0696"],"bugzilla":"1191192","bugzilla_description":"CVE-2014-9675 freetype: information leak in _bdf_add_property()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":["freetype-0:2.3.11-15.el6_6.1","freetype-0:2.4.11-10.ael7b_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9675.json"},{"CVE":"CVE-2016-5008","severity":"moderate","public_date":"2015-01-18T00:00:00Z","advisories":["RHSA-2016:2577"],"bugzilla":"1351514","bugzilla_description":"CVE-2016-5008 libvirt: Setting empty VNC password allows access to unauthorized users","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["libvirt-0:2.0.0-10.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5008.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2014-8150","severity":"moderate","public_date":"2015-01-08T00:00:00Z","advisories":["RHSA-2015:1254","RHSA-2015:2159"],"bugzilla":"1178692","bugzilla_description":"CVE-2014-8150 curl: URL request injection vulnerability in parseurlandfillconn()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-113","affected_packages":["curl-0:7.29.0-25.el7","curl-0:7.19.7-46.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8150.json"},{"CVE":"CVE-2014-9656","severity":"low","public_date":"2014-11-24T00:00:00Z","advisories":[],"bugzilla":"1191078","bugzilla_description":"CVE-2014-9656 freetype: integer underflow in the tt_sbit_decoder_load_image()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190->CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9656.json"},{"CVE":"CVE-2014-9657","severity":"low","public_date":"2014-11-24T00:00:00Z","advisories":["RHSA-2015:0696"],"bugzilla":"1191079","bugzilla_description":"CVE-2014-9657 freetype: off-by-one buffer over-read in tt_face_load_hdmx()","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":"CWE-193->CWE-125","affected_packages":["freetype-0:2.3.11-15.el6_6.1","freetype-0:2.4.11-10.ael7b_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9657.json"},{"CVE":"CVE-2014-9658","severity":"low","public_date":"2014-11-24T00:00:00Z","advisories":["RHSA-2015:0696"],"bugzilla":"1191080","bugzilla_description":"CVE-2014-9658 freetype: buffer over-read and integer underflow in tt_face_load_kern()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20->CWE-190->CWE-125","affected_packages":["freetype-0:2.3.11-15.el6_6.1","freetype-0:2.4.11-10.ael7b_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9658.json"},{"CVE":"CVE-2014-9659","severity":"important","public_date":"2014-11-24T00:00:00Z","advisories":[],"bugzilla":"1191081","bugzilla_description":"CVE-2014-9659 freetype: stack-based buffer overflow in cff/cf2intrp.c in the CFF CharString interpreter","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9659.json"},{"CVE":"CVE-2014-9660","severity":"low","public_date":"2014-11-24T00:00:00Z","advisories":["RHSA-2015:0696"],"bugzilla":"1191082","bugzilla_description":"CVE-2014-9660 freetype: missing ENDCHAR NULL pointer dereference in the _bdf_parse_glyphs()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":["freetype-0:2.3.11-15.el6_6.1","freetype-0:2.4.11-10.ael7b_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9660.json"},{"CVE":"CVE-2014-9661","severity":"low","public_date":"2014-11-24T00:00:00Z","advisories":["RHSA-2015:0696"],"bugzilla":"1191083","bugzilla_description":"CVE-2014-9661 freetype: out of bounds read in Type42 font parser","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":["freetype-0:2.3.11-15.el6_6.1","freetype-0:2.4.11-10.ael7b_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9661.json"},{"CVE":"CVE-2014-9662","severity":"important","public_date":"2014-11-24T00:00:00Z","advisories":[],"bugzilla":"1191084","bugzilla_description":"CVE-2014-9662 freetype: heap-based buffer overflow in cff/cf2ft.c","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9662.json"},{"CVE":"CVE-2014-9663","severity":"low","public_date":"2014-11-24T00:00:00Z","advisories":["RHSA-2015:0696"],"bugzilla":"1191085","bugzilla_description":"CVE-2014-9663 freetype: out-of-bounds read in tt_cmap4_validate()","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":["freetype-0:2.3.11-15.el6_6.1","freetype-0:2.4.11-10.ael7b_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9663.json"},{"CVE":"CVE-2014-9664","severity":"low","public_date":"2014-11-24T00:00:00Z","advisories":["RHSA-2015:0696"],"bugzilla":"1191086","bugzilla_description":"CVE-2014-9664 freetype: off-by-one buffer over-read in parse_charstrings() / t42_parse_charstrings()","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":"CWE-193->CWE-125","affected_packages":["freetype-0:2.3.11-15.el6_6.1","freetype-0:2.4.11-10.ael7b_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9664.json"},{"CVE":"CVE-2014-9665","severity":"important","public_date":"2014-11-24T00:00:00Z","advisories":[],"bugzilla":"1191087","bugzilla_description":"CVE-2014-9665 freetype: integer overflow leading to heap-based buffer overflow in Load_SBit_Png()","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-190->CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9665.json"},{"CVE":"CVE-2014-9666","severity":"low","public_date":"2014-11-24T00:00:00Z","advisories":[],"bugzilla":"1191089","bugzilla_description":"CVE-2014-9666 freetype: integer overflow in tt_sbit_decoder_init() leading to out-of-bounds read","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190->CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9666.json"},{"CVE":"CVE-2014-9667","severity":"low","public_date":"2014-11-24T00:00:00Z","advisories":["RHSA-2015:0696"],"bugzilla":"1191090","bugzilla_description":"CVE-2014-9667 freetype: integer overflow in tt_face_load_font_dir() leading to out-of-bounds read","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190->CWE-125","affected_packages":["freetype-0:2.3.11-15.el6_6.1","freetype-0:2.4.11-10.ael7b_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9667.json"},{"CVE":"CVE-2014-9668","severity":"important","public_date":"2014-11-24T00:00:00Z","advisories":[],"bugzilla":"1191091","bugzilla_description":"CVE-2014-9668 freetype: integer overflow in woff_open_font() leading to heap-based buffer overflow","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-190->CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9668.json"},{"CVE":"CVE-2014-9669","severity":"low","public_date":"2014-11-24T00:00:00Z","advisories":["RHSA-2015:0696"],"bugzilla":"1191092","bugzilla_description":"CVE-2014-9669 freetype: multiple integer overflows leading to buffer over-reads in cmap handling","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190->CWE-125","affected_packages":["freetype-0:2.3.11-15.el6_6.1","freetype-0:2.4.11-10.ael7b_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9669.json"},{"CVE":"CVE-2014-9670","severity":"low","public_date":"2014-11-24T00:00:00Z","advisories":["RHSA-2015:0696"],"bugzilla":"1191093","bugzilla_description":"CVE-2014-9670 freetype: integer overflow in pcf_get_encodings() leading to NULL pointer dereference","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190->CWE-476","affected_packages":["freetype-0:2.3.11-15.el6_6.1","freetype-0:2.4.11-10.ael7b_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9670.json"},{"CVE":"CVE-2014-9671","severity":"low","public_date":"2014-11-24T00:00:00Z","advisories":["RHSA-2015:0696"],"bugzilla":"1191094","bugzilla_description":"CVE-2014-9671 freetype: integer overflow in pcf_get_properties() leading to NULL pointer dereference","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190->CWE-476","affected_packages":["freetype-0:2.3.11-15.el6_6.1","freetype-0:2.4.11-10.ael7b_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9671.json"},{"CVE":"CVE-2014-9672","severity":"low","public_date":"2014-11-24T00:00:00Z","advisories":[],"bugzilla":"1191095","bugzilla_description":"CVE-2014-9672 freetype: Array index error in the parse_fond function in base/ftmac.c","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-129","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9672.json"},{"CVE":"CVE-2014-9673","severity":"important","public_date":"2014-11-24T00:00:00Z","advisories":["RHSA-2015:0696"],"bugzilla":"1191096","bugzilla_description":"CVE-2014-9673 freetype: integer signedness error in Mac_Read_POST_Resource() leading to heap-based buffer overflow","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-20->CWE-122","affected_packages":["freetype-0:2.3.11-15.el6_6.1","freetype-0:2.4.11-10.ael7b_1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9673.json"},{"CVE":"CVE-2014-3707","severity":"moderate","public_date":"2014-11-05T00:00:00Z","advisories":["RHSA-2015:1254","RHSA-2015:2159"],"bugzilla":"1154941","bugzilla_description":"CVE-2014-3707 curl: incorrect handle duplication after COPYPOSTFIELDS","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:P","CWE":"(CWE-125|CWE-416)","affected_packages":["curl-0:7.29.0-25.el7","curl-0:7.19.7-46.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3707.json"},{"CVE":"CVE-2014-3513","severity":"important","public_date":"2014-10-15T00:00:00Z","advisories":["RHSA-2014:1652","RHSA-2014:1692"],"bugzilla":"1152953","bugzilla_description":"CVE-2014-3513 openssl: SRTP memory leak causes crash when using specially-crafted handshake message","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-401","affected_packages":["openssl-0:1.0.1e-30.el6_6.2","openssl-1:1.0.1e-34.el7_0.6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3513.json"},{"CVE":"CVE-2014-3566","severity":"important","public_date":"2014-10-14T00:00:00Z","advisories":["RHSA-2015:1546","RHSA-2015:1545","RHSA-2015:0069","RHSA-2015:0079","RHSA-2015:0068","RHSA-2014:1881","RHSA-2014:1880","RHSA-2015:0080","RHSA-2014:1882","RHSA-2014:1877","RHSA-2014:1876","RHSA-2014:1920","RHSA-2015:0067","RHSA-2015:0012","RHSA-2015:0011","RHSA-2015:0264","RHSA-2015:0010","RHSA-2015:0086","RHSA-2015:0085","RHBA-2014:1857"],"bugzilla":"1152789","bugzilla_description":"CVE-2014-3566 SSL/TLS: Padding Oracle On Downgraded Legacy Encryption attack","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":"(CWE-636|CWE-757)","affected_packages":["java-1.8.0-openjdk-1:1.8.0.31-1.b13.el6_6","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el5","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el6_6","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el6_6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el5_11","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el6_6","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el7_0","java-1.8.0-oracle-1:1.8.0.31-1jpp.1.el6","openshift-origin-node-proxy-0:1.16.4.2-1.el6op","java-1.7.1-ibm-1:1.7.1.2.0-1jpp.3.el7_0","java-1.7.0-ibm-1:1.7.0.8.0-1jpp.1.el6_6","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.2.el7_0","java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el5_11","java-1.5.0-ibm-1:1.5.0.16.8-1jpp.1.el5","java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el5_11","java-1.6.0-ibm-1:1.6.0.16.2-1jpp.1.el5","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el6","java-1.5.0-ibm-1:1.5.0.16.8-1jpp.1.el6_6","java-1.6.0-sun-1:1.6.0.91-1jpp.1.el7","openshift-origin-node-proxy-0:1.22.3.4-1.el6op","java-1.7.0-oracle-1:1.7.0.75-1jpp.2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3566.json"},{"CVE":"CVE-2014-3613","severity":"moderate","public_date":"2014-09-10T00:00:00Z","advisories":["RHSA-2015:1254","RHSA-2015:2159"],"bugzilla":"1136154","bugzilla_description":"CVE-2014-3613 curl: incorrect handling of IP addresses in cookie domain","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-20->CWE-284","affected_packages":["curl-0:7.29.0-25.el7","curl-0:7.19.7-46.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3613.json"},{"CVE":"CVE-2014-3620","severity":"moderate","public_date":"2014-09-10T00:00:00Z","advisories":[],"bugzilla":"1138846","bugzilla_description":"CVE-2014-3620 curl: cookies accepted for TLDs","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-20->CWE-284","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3620.json"},{"CVE":"CVE-2014-3508","severity":"moderate","public_date":"2014-08-06T00:00:00Z","advisories":["RHSA-2014:1256","RHSA-2014:1052","RHSA-2014:1297","RHSA-2014:1054","RHSA-2014:1053"],"bugzilla":"1127490","bugzilla_description":"CVE-2014-3508 openssl: information leak in pretty printing functions","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":["openssl-0:1.0.1e-16.el6_5.15","openssl-0:0.9.8e-27.el5_10.4","openssl-1:1.0.1e-34.el7_0.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3508.json"},{"CVE":"CVE-2014-5139","severity":"moderate","public_date":"2014-08-06T00:00:00Z","advisories":[],"bugzilla":"1127491","bugzilla_description":"CVE-2014-5139 openssl: crash with SRP ciphersuite in Server Hello message","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5139.json"},{"CVE":"CVE-2014-3505","severity":"moderate","public_date":"2014-08-06T00:00:00Z","advisories":["RHSA-2014:1256","RHSA-2014:1052","RHSA-2014:1297","RHSA-2014:1054","RHSA-2014:1053"],"bugzilla":"1127499","bugzilla_description":"CVE-2014-3505 openssl: DTLS packet processing double free","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-672","affected_packages":["openssl-0:1.0.1e-16.el6_5.15","openssl-0:0.9.8e-27.el5_10.4","openssl-1:1.0.1e-34.el7_0.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3505.json"},{"CVE":"CVE-2014-3506","severity":"moderate","public_date":"2014-08-06T00:00:00Z","advisories":["RHSA-2014:1256","RHSA-2014:1052","RHSA-2014:1297","RHSA-2014:1054","RHSA-2014:1053"],"bugzilla":"1127500","bugzilla_description":"CVE-2014-3506 openssl: DTLS memory exhaustion","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-862->CWE-400","affected_packages":["openssl-0:1.0.1e-16.el6_5.15","openssl-0:0.9.8e-27.el5_10.4","openssl-1:1.0.1e-34.el7_0.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3506.json"},{"CVE":"CVE-2014-3507","severity":"moderate","public_date":"2014-08-06T00:00:00Z","advisories":["RHSA-2014:1052","RHSA-2014:1054"],"bugzilla":"1127502","bugzilla_description":"CVE-2014-3507 openssl: DTLS memory leak from zero-length fragments","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-401","affected_packages":["openssl-0:1.0.1e-16.el6_5.15","openssl-1:1.0.1e-34.el7_0.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3507.json"},{"CVE":"CVE-2014-3510","severity":"moderate","public_date":"2014-08-06T00:00:00Z","advisories":["RHSA-2014:1256","RHSA-2014:1052","RHSA-2014:1297","RHSA-2014:1054","RHSA-2014:1053"],"bugzilla":"1127503","bugzilla_description":"CVE-2014-3510 openssl: DTLS anonymous (EC)DH denial of service","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":["openssl-0:1.0.1e-16.el6_5.15","openssl-0:0.9.8e-27.el5_10.4","openssl-1:1.0.1e-34.el7_0.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3510.json"},{"CVE":"CVE-2014-3512","severity":"moderate","public_date":"2014-08-06T00:00:00Z","advisories":[],"bugzilla":"1127505","bugzilla_description":"CVE-2014-3512 openssl: SRP buffer overrun","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3512.json"},{"CVE":"CVE-2014-0224","severity":"important","public_date":"2014-06-05T00:00:00Z","advisories":["RHSA-2014:0630","RHSA-2014:0631","RHSA-2014:0624","RHSA-2014:0679","RHSA-2014:0632","RHSA-2014:0633","RHSA-2014:0627","RHSA-2014:0628","RHSA-2014:0625","RHSA-2014:0626","RHSA-2014:0629","RHSA-2014:0680"],"bugzilla":"1103586","bugzilla_description":"CVE-2014-0224 openssl: SSL/TLS MITM vulnerability","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":"CWE-841","affected_packages":["openssl-0:0.9.8e-27.el5_10.3","openssl-0:1.0.1e-16.el6_5.14","openssl097a-0:0.9.7a-12.el5_10.1","openssl098e-0:0.9.8e-18.el6_5.2","openssl-1:1.0.1e-34.el7_0.3","openssl098e-0:0.9.8e-29.el7_0.2","rhev-hypervisor6-0:6.5-20140603.1.el6ev","openssl-0:0.9.8e-26.el5_9.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0224.json"},{"CVE":"CVE-2014-0221","severity":"moderate","public_date":"2014-06-05T00:00:00Z","advisories":["RHSA-2014:0679","RHSA-2014:0628","RHSA-2014:0625","RHSA-2014:1021","RHSA-2014:1053","RHSA-2014:1086"],"bugzilla":"1103593","bugzilla_description":"CVE-2014-0221 openssl: DoS when sending invalid DTLS handshake","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-400","affected_packages":["openssl-0:0.9.8e-27.el5_10.4","openssl-0:1.0.1e-16.el6_5.14","openssl-1:1.0.1e-34.el7_0.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0221.json"},{"CVE":"CVE-2014-0195","severity":"important","public_date":"2014-06-05T00:00:00Z","advisories":["RHSA-2014:0679","RHSA-2014:0628","RHSA-2014:0625"],"bugzilla":"1103598","bugzilla_description":"CVE-2014-0195 openssl: Buffer overflow via DTLS invalid fragment","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":"CWE-119","affected_packages":["openssl-0:1.0.1e-16.el6_5.14","openssl-1:1.0.1e-34.el7_0.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0195.json"},{"CVE":"CVE-2014-3470","severity":"moderate","public_date":"2014-06-05T00:00:00Z","advisories":["RHSA-2014:0679","RHSA-2014:0628","RHSA-2014:0625"],"bugzilla":"1103600","bugzilla_description":"CVE-2014-3470 openssl: client-side denial of service when using anonymous ECDH","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":["openssl-0:1.0.1e-16.el6_5.14","openssl-1:1.0.1e-34.el7_0.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3470.json"},{"CVE":"CVE-2014-0198","severity":"moderate","public_date":"2014-04-21T00:00:00Z","advisories":["RHSA-2014:0679","RHSA-2014:0628","RHSA-2014:0625"],"bugzilla":"1093837","bugzilla_description":"CVE-2014-0198 openssl: SSL_MODE_RELEASE_BUFFERS NULL pointer dereference in do_ssl3_write()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":["openssl-0:1.0.1e-16.el6_5.14","openssl-1:1.0.1e-34.el7_0.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0198.json"},{"CVE":"CVE-2010-5298","severity":"moderate","public_date":"2014-04-08T00:00:00Z","advisories":["RHSA-2014:0679","RHSA-2014:0628","RHSA-2014:0625"],"bugzilla":"1087195","bugzilla_description":"CVE-2010-5298 openssl: freelist misuse causing a possible use-after-free","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-416","affected_packages":["openssl-0:1.0.1e-16.el6_5.14","openssl-1:1.0.1e-34.el7_0.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-5298.json"},{"CVE":"CVE-2014-5116","severity":null,"public_date":"2014-02-14T00:00:00Z","advisories":[],"bugzilla":"1124500","bugzilla_description":"CVE-2014-5116 cairo: NULL pointer dereference in cairo_image_surface_get_data()","cvss_score":1.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5116.json"},{"CVE":"CVE-2017-1000044","severity":"moderate","public_date":"2010-11-29T00:00:00Z","advisories":[],"bugzilla":"1426766","bugzilla_description":"CVE-2017-1000044 gtk-vnc: Incorrect boundaries check when updating framebuffer","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000044.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-1000376","severity":"moderate","public_date":null,"advisories":[],"bugzilla":"1462164","bugzilla_description":"CVE-2017-1000376 libffi: Requests an executable stack","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000376.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-what_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-what_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-what_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-who_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-who_security_api_results.json new file mode 100644 index 0000000..b0ed0f3 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virt-who_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2014-0189","severity":"moderate","public_date":"2014-03-26T00:00:00Z","advisories":["RHBA-2014:1206","RHBA-2014:1513","RHSA-2015:0430"],"bugzilla":"1088732","bugzilla_description":"CVE-2014-0189 virt-who: plaintext hypervisor passwords in world-readable /etc/sysconfig/virt-who configuration file","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":"(CWE-732|CWE-522)","affected_packages":["virt-who-0:0.11-5.el7","virt-who-0:0.9-6.el5","virt-who-0:0.10-8.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0189.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virtio-win_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virtio-win_security_api_results.json new file mode 100644 index 0000000..e23c272 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virtio-win_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2019-12247","severity":null,"public_date":"2019-01-07T00:00:00Z","advisories":[],"bugzilla":"1712834","bugzilla_description":"CVE-2019-12247 QEMU: qemu-guest-agent: integer overflow while running guest-exec command","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12247.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L","cvss3_score":"3.8"},{"CVE":"CVE-2018-12617","severity":"low","public_date":"2018-06-22T00:00:00Z","advisories":[],"bugzilla":"1594054","bugzilla_description":"CVE-2018-12617 Qemu: qemu-guest-agent: Integer overflow causes segmentation fault in qmp_guest_file_read()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12617.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L","cvss3_score":"3.8"},{"CVE":"CVE-2015-3215","severity":"important","public_date":"2014-12-15T00:00:00Z","advisories":["RHSA-2015:1044","RHSA-2015:1043"],"bugzilla":"1227634","bugzilla_description":"CVE-2015-3215 virtio-win: netkvm: malformed packet can cause BSOD","cvss_score":6.1,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:N/I:N/A:C","CWE":"CWE-20","affected_packages":["virtio-win-0:1.7.4-1.el7","virtio-win-0:1.7.4-1.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3215.json"},{"CVE":"CVE-2013-2231","severity":"important","public_date":"2013-07-22T00:00:00Z","advisories":["RHSA-2013:1100","RHSA-2013:1101"],"bugzilla":"980757","bugzilla_description":"CVE-2013-2231 qemu: qemu-ga win32 service unquoted search path","cvss_score":7.2,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","CWE":"CWE-428","affected_packages":["virtio-win-0:1.6.5-6.el6_4","qemu-kvm-2:0.12.1.2-2.355.el6_4.6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2231.json"},{"CVE":"CVE-2013-2007","severity":"moderate","public_date":"2013-05-06T00:00:00Z","advisories":["RHSA-2013:0896"],"bugzilla":"956082","bugzilla_description":"CVE-2013-2007 qemu: guest agent creates files with insecure permissions in deamon mode","cvss_score":6.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["qemu-kvm-2:0.12.1.2-2.355.el6_4.5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2007.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virtuoso-opensource_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virtuoso-opensource_security_api_results.json new file mode 100644 index 0000000..6dd8b5c --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/virtuoso-opensource_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2019-20454","severity":"moderate","public_date":"2019-07-28T00:00:00Z","advisories":["RHSA-2020:3662"],"bugzilla":"1735494","bugzilla_description":"CVE-2019-20454 pcre: Out of bounds read in JIT mode when \\X is used in non-UTF mode","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["php:7.3-8020020200715124551.ceb1cf90"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20454.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-16231","severity":null,"public_date":"2017-11-01T00:00:00Z","advisories":[],"bugzilla":"1700392","bugzilla_description":"CVE-2017-16231 pcre: self-recursive call in match() in pcre_exec.c leads to denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119->CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16231.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2017-11164","severity":"low","public_date":"2017-07-10T00:00:00Z","advisories":[],"bugzilla":"1470107","bugzilla_description":"CVE-2017-11164 pcre: OP_KETRMAX feature in the match function in pcre_exec.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-674","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11164.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-7244","severity":"low","public_date":"2017-03-23T00:00:00Z","advisories":["RHSA-2018:2486"],"bugzilla":"1437364","bugzilla_description":"CVE-2017-7244 pcre: invalid memory read in _pcre32_xclass (pcre_xclass.c)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7244.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2017-7245","severity":"low","public_date":"2017-03-23T00:00:00Z","advisories":["RHSA-2018:2486"],"bugzilla":"1437367","bugzilla_description":"CVE-2017-7245 pcre: stack-based buffer overflow write in pcre32_copy_substring","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7245.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2017-7246","severity":"low","public_date":"2017-03-23T00:00:00Z","advisories":["RHSA-2018:2486"],"bugzilla":"1437369","bugzilla_description":"CVE-2017-7246 pcre: stack-based buffer overflow write in pcre32_copy_substring","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7246.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2017-8399","severity":"moderate","public_date":"2017-03-10T00:00:00Z","advisories":[],"bugzilla":"1449629","bugzilla_description":"CVE-2017-8399 pcre2: Stack-based buffer overflow in pcre2_match.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8399.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2017-7186","severity":"moderate","public_date":"2017-02-23T00:00:00Z","advisories":["RHSA-2018:2486"],"bugzilla":"1434504","bugzilla_description":"CVE-2017-7186 pcre: Invalid Unicode property lookup (8.41/7, 10.24/2)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7186.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2017-6004","severity":"moderate","public_date":"2017-02-14T00:00:00Z","advisories":["RHSA-2018:2486"],"bugzilla":"1425365","bugzilla_description":"CVE-2017-6004 pcre: Out-of-bounds read in compile_bracket_matchingpath function (8.41/3)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6004.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2014-9769","severity":"moderate","public_date":"2016-03-23T00:00:00Z","advisories":[],"bugzilla":"1320995","bugzilla_description":"CVE-2014-9769 pcre: incorrect nested table jumps when JIT is used (8.36/6)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9769.json"},{"CVE":"CVE-2016-3191","severity":"important","public_date":"2016-02-09T00:00:00Z","advisories":["RHSA-2016:1132","RHSA-2016:1025"],"bugzilla":"1311503","bugzilla_description":"CVE-2016-3191 pcre: workspace overflow for (*ACCEPT) with deeply nested parentheses (8.39/13, 10.22/12)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-121","affected_packages":["rh-mariadb100-mariadb-1:10.0.25-4.el6","rh-mariadb100-mariadb-1:10.0.25-4.el7","pcre-0:8.32-15.el7_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3191.json"},{"CVE":"CVE-2016-1283","severity":"important","public_date":"2016-01-04T00:00:00Z","advisories":["RHSA-2016:1132"],"bugzilla":"1295385","bugzilla_description":"CVE-2016-1283 pcre: heap buffer overflow in handling of duplicate named groups (8.39/14)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["rh-mariadb100-mariadb-1:10.0.25-4.el6","rh-mariadb100-mariadb-1:10.0.25-4.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1283.json"},{"CVE":"CVE-2015-8383","severity":"important","public_date":"2015-11-23T00:00:00Z","advisories":["RHSA-2016:1132","RHSA-2016:2750"],"bugzilla":"1287614","bugzilla_description":"CVE-2015-8383 pcre: Buffer overflow caused by repeated conditional group (8.38/3)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-120","affected_packages":["rh-mariadb100-mariadb-1:10.0.25-4.el6","rh-mariadb100-mariadb-1:10.0.25-4.el7","rh-php56-php-0:5.6.25-1.el6","rh-php56-php-0:5.6.25-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8383.json"},{"CVE":"CVE-2015-3210","severity":"important","public_date":"2015-11-23T00:00:00Z","advisories":["RHSA-2016:1132","RHSA-2016:2750"],"bugzilla":"1287623","bugzilla_description":"CVE-2015-3210 CVE-2015-8384 pcre: buffer overflow caused by recursive back reference by name within certain group (8.38/4)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["rh-mariadb100-mariadb-1:10.0.25-4.el6","rh-mariadb100-mariadb-1:10.0.25-4.el7","rh-php56-php-0:5.6.25-1.el6","rh-php56-php-0:5.6.25-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3210.json"},{"CVE":"CVE-2015-8384","severity":"important","public_date":"2015-11-23T00:00:00Z","advisories":["RHSA-2016:1132","RHSA-2016:2750"],"bugzilla":"1287623","bugzilla_description":"CVE-2015-3210 CVE-2015-8384 pcre: buffer overflow caused by recursive back reference by name within certain group (8.38/4)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["rh-mariadb100-mariadb-1:10.0.25-4.el6","rh-mariadb100-mariadb-1:10.0.25-4.el7","rh-php56-php-0:5.6.25-1.el6","rh-php56-php-0:5.6.25-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8384.json"},{"CVE":"CVE-2015-8385","severity":"important","public_date":"2015-11-23T00:00:00Z","advisories":["RHSA-2016:1132","RHSA-2016:2750","RHSA-2016:1025"],"bugzilla":"1287629","bugzilla_description":"CVE-2015-8385 pcre: buffer overflow caused by named forward reference to duplicate group number (8.38/30)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-120","affected_packages":["rh-mariadb100-mariadb-1:10.0.25-4.el6","rh-mariadb100-mariadb-1:10.0.25-4.el7","rh-php56-php-0:5.6.25-1.el6","rh-php56-php-0:5.6.25-1.el7","pcre-0:8.32-15.el7_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8385.json"},{"CVE":"CVE-2015-8386","severity":"low","public_date":"2015-11-23T00:00:00Z","advisories":["RHSA-2016:1132","RHSA-2016:2750","RHSA-2016:1025"],"bugzilla":"1287636","bugzilla_description":"CVE-2015-8386 pcre: Buffer overflow caused by lookbehind assertion (8.38/6)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":"CWE-120","affected_packages":["rh-mariadb100-mariadb-1:10.0.25-4.el6","rh-mariadb100-mariadb-1:10.0.25-4.el7","rh-php56-php-0:5.6.25-1.el6","rh-php56-php-0:5.6.25-1.el7","pcre-0:8.32-15.el7_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8386.json"},{"CVE":"CVE-2015-8387","severity":null,"public_date":"2015-11-23T00:00:00Z","advisories":[],"bugzilla":"1287646","bugzilla_description":"CVE-2015-8387 pcre: Integer overflow in subroutine calls (8.38/8)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8387.json"},{"CVE":"CVE-2015-8389","severity":"moderate","public_date":"2015-11-23T00:00:00Z","advisories":[],"bugzilla":"1287659","bugzilla_description":"CVE-2015-8389 pcre: infinite recursion in JIT compiler when processing certain patterns (8.38/21)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-674","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8389.json"},{"CVE":"CVE-2015-8390","severity":null,"public_date":"2015-11-23T00:00:00Z","advisories":[],"bugzilla":"1287666","bugzilla_description":"CVE-2015-8390 pcre: uninitialized memory read triggered by malformed posix character class (8.38/22)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8390.json"},{"CVE":"CVE-2015-8391","severity":"moderate","public_date":"2015-11-23T00:00:00Z","advisories":["RHSA-2016:1132","RHSA-2016:2750","RHSA-2016:1025"],"bugzilla":"1287671","bugzilla_description":"CVE-2015-8391 pcre: inefficient posix character class syntax check (8.38/16)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-407","affected_packages":["rh-mariadb100-mariadb-1:10.0.25-4.el6","rh-mariadb100-mariadb-1:10.0.25-4.el7","rh-php56-php-0:5.6.25-1.el6","rh-php56-php-0:5.6.25-1.el7","pcre-0:8.32-15.el7_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8391.json"},{"CVE":"CVE-2015-8392","severity":"important","public_date":"2015-11-23T00:00:00Z","advisories":["RHSA-2016:1132","RHSA-2016:2750"],"bugzilla":"1287690","bugzilla_description":"CVE-2015-8392 pcre: buffer overflow caused by patterns with duplicated named groups with (?| (8.38/27)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-120","affected_packages":["rh-mariadb100-mariadb-1:10.0.25-4.el6","rh-mariadb100-mariadb-1:10.0.25-4.el7","rh-php56-php-0:5.6.25-1.el6","rh-php56-php-0:5.6.25-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8392.json"},{"CVE":"CVE-2015-8393","severity":null,"public_date":"2015-11-23T00:00:00Z","advisories":[],"bugzilla":"1287695","bugzilla_description":"CVE-2015-8393 pcre: pcregrep -q is not always quiet (8.38/28)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8393.json"},{"CVE":"CVE-2015-8394","severity":null,"public_date":"2015-11-23T00:00:00Z","advisories":[],"bugzilla":"1287702","bugzilla_description":"CVE-2015-8394 pcre: Integer overflow caused by missing check for certain conditions (8.38/31)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8394.json"},{"CVE":"CVE-2015-8381","severity":"important","public_date":"2015-11-23T00:00:00Z","advisories":["RHSA-2016:1132","RHSA-2016:2750"],"bugzilla":"1287711","bugzilla_description":"CVE-2015-8381 CVE-2015-8395 pcre: Buffer overflow caused by duplicate named references (8.38/36)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-120","affected_packages":["rh-mariadb100-mariadb-1:10.0.25-4.el6","rh-mariadb100-mariadb-1:10.0.25-4.el7","rh-php56-php-0:5.6.25-1.el6","rh-php56-php-0:5.6.25-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8381.json"},{"CVE":"CVE-2015-8395","severity":"important","public_date":"2015-11-23T00:00:00Z","advisories":["RHSA-2016:1132","RHSA-2016:2750"],"bugzilla":"1287711","bugzilla_description":"CVE-2015-8381 CVE-2015-8395 pcre: Buffer overflow caused by duplicate named references (8.38/36)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-120","affected_packages":["rh-mariadb100-mariadb-1:10.0.25-4.el6","rh-mariadb100-mariadb-1:10.0.25-4.el7","rh-php56-php-0:5.6.25-1.el6","rh-php56-php-0:5.6.25-1.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8395.json"},{"CVE":"CVE-2015-5073","severity":"moderate","public_date":"2015-06-23T00:00:00Z","advisories":["RHSA-2016:1132","RHSA-2016:2750","RHSA-2016:1025"],"bugzilla":"1237223","bugzilla_description":"CVE-2015-5073 CVE-2015-8388 pcre: buffer overflow for forward reference within backward assertion with excess closing parenthesis (8.38/18)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":["rh-mariadb100-mariadb-1:10.0.25-4.el6","rh-mariadb100-mariadb-1:10.0.25-4.el7","rh-php56-php-0:5.6.25-1.el6","rh-php56-php-0:5.6.25-1.el7","pcre-0:8.32-15.el7_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5073.json"},{"CVE":"CVE-2015-8388","severity":"moderate","public_date":"2015-06-23T00:00:00Z","advisories":["RHSA-2016:1132","RHSA-2016:2750","RHSA-2016:1025"],"bugzilla":"1237223","bugzilla_description":"CVE-2015-5073 CVE-2015-8388 pcre: buffer overflow for forward reference within backward assertion with excess closing parenthesis (8.38/18)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":["rh-mariadb100-mariadb-1:10.0.25-4.el6","rh-mariadb100-mariadb-1:10.0.25-4.el7","rh-php56-php-0:5.6.25-1.el6","rh-php56-php-0:5.6.25-1.el7","pcre-0:8.32-15.el7_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8388.json"},{"CVE":"CVE-2015-3217","severity":"moderate","public_date":"2015-06-03T00:00:00Z","advisories":["RHSA-2016:1132","RHSA-2016:2750","RHSA-2016:1025"],"bugzilla":"1228283","bugzilla_description":"CVE-2015-3217 pcre: stack overflow caused by mishandled group empty match (8.38/11)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-674","affected_packages":["rh-mariadb100-mariadb-1:10.0.25-4.el6","rh-mariadb100-mariadb-1:10.0.25-4.el7","rh-php56-php-0:5.6.25-1.el6","rh-php56-php-0:5.6.25-1.el7","pcre-0:8.32-15.el7_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3217.json"},{"CVE":"CVE-2015-8380","severity":null,"public_date":"2015-06-01T00:00:00Z","advisories":[],"bugzilla":"1285413","bugzilla_description":"CVE-2015-8380 pcre: OOB write when pcre_exec() is called with ovecsize of 1 (8.38/10)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8380.json"},{"CVE":"CVE-2015-2328","severity":"moderate","public_date":"2014-08-07T00:00:00Z","advisories":["RHSA-2016:2750","RHSA-2016:1025"],"bugzilla":"1285399","bugzilla_description":"CVE-2015-2328 pcre: infinite recursion compiling pattern with recursive reference in a group with indefinite repeat (8.36/20)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-674","affected_packages":["rh-php56-php-0:5.6.25-1.el6","rh-php56-php-0:5.6.25-1.el7","pcre-0:8.32-15.el7_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2328.json"},{"CVE":"CVE-2015-2327","severity":"moderate","public_date":"2014-07-11T00:00:00Z","advisories":["RHBA-2015:2142","RHSA-2016:2750"],"bugzilla":"1285408","bugzilla_description":"CVE-2015-2327 pcre: infinite recursion compiling pattern with zero-repeated groups that include recursive back reference (8.36/19)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-674","affected_packages":["rh-php56-php-0:5.6.25-1.el6","rh-php56-php-0:5.6.25-1.el7","pcre-0:8.32-15.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2327.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vlgothic-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vlgothic-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vlgothic-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vlgothic-p-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vlgothic-p-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vlgothic-p-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/volume_key-libs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/volume_key-libs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/volume_key-libs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/volume_key_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/volume_key_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/volume_key_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vorbis-tools_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vorbis-tools_security_api_results.json new file mode 100644 index 0000000..acdccca --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vorbis-tools_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2017-11331","severity":"low","public_date":"2017-07-30T00:00:00Z","advisories":[],"bugzilla":"1480656","bugzilla_description":"CVE-2017-11331 vorbis-tools: Invalid memory allocation in wav_open function in oggenc/audio.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11331.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2015-6749","severity":"low","public_date":"2015-08-30T00:00:00Z","advisories":[],"bugzilla":"1258443","bugzilla_description":"CVE-2015-6749 vorbis-tools: invalid AIFF file causes alloca() buffer overflow","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6749.json"},{"CVE":"CVE-2014-9638","severity":"low","public_date":"2015-01-18T00:00:00Z","advisories":[],"bugzilla":"1184448","bugzilla_description":"CVE-2014-9638 vorbis-tools: division by zero on crafted WAV file","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-369","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9638.json"},{"CVE":"CVE-2014-9639","severity":"low","public_date":"2015-01-18T00:00:00Z","advisories":[],"bugzilla":"1184449","bugzilla_description":"CVE-2014-9639 vorbis-tools: integer overflow on crafted WAV file","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9639.json"},{"CVE":"CVE-2014-9640","severity":"low","public_date":"2014-06-20T00:00:00Z","advisories":[],"bugzilla":"1185272","bugzilla_description":"CVE-2014-9640 vorbis-tools: segfault when trying to encode trivial raw input","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9640.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vsftpd_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vsftpd_security_api_results.json new file mode 100644 index 0000000..c51f3e1 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vsftpd_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2015-1419","severity":null,"public_date":"2015-01-19T00:00:00Z","advisories":[],"bugzilla":"1187041","bugzilla_description":"CVE-2015-1419 vsftpd: access restrictions bypass","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1419.json"},{"CVE":"CVE-2011-2523","severity":"important","public_date":"2011-07-04T00:00:00Z","advisories":[],"bugzilla":"1778781","bugzilla_description":"CVE-2011-2523 vsftpd: backdoor which opens a shell on port 6200/tcp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-78","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2523.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2011-0762","severity":"important","public_date":"2011-03-01T00:00:00Z","advisories":["RHSA-2011:0337"],"bugzilla":"681667","bugzilla_description":"CVE-2011-0762 vsftpd: remote DoS via crafted glob pattern","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["vsftpd-0:2.0.1-9.el4","vsftpd-0:2.0.5-16.el5_6.1","vsftpd-0:2.2.2-6.el6_0.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0762.json"},{"CVE":"CVE-2007-5962","severity":"low","public_date":"2008-05-21T00:00:00Z","advisories":["RHSA-2008:0295"],"bugzilla":"397011","bugzilla_description":"CVE-2007-5962 vsftpd: memory leak when deny_file option is set","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":["vsftpd-0:2.0.5-12.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5962.json"},{"CVE":"CVE-2008-2375","severity":"moderate","public_date":"2006-06-28T00:00:00Z","advisories":["RHSA-2008:0680","RHSA-2008:0579"],"bugzilla":"453376","bugzilla_description":"CVE-2008-2375 older vsftpd authentication memory leak","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-401","affected_packages":["vsftpd-0:2.0.1-6.el4","vsftpd-0:1.2.1-3E.16"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2375.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vte-profile_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vte-profile_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vte-profile_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vte291_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vte291_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vte291_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vte3_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vte3_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/vte3_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/watchdog_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/watchdog_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/watchdog_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wavpack_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wavpack_security_api_results.json new file mode 100644 index 0000000..f0b0ffa --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wavpack_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2019-1010319","severity":"low","public_date":"2019-08-06T00:00:00Z","advisories":["RHSA-2020:1581"],"bugzilla":"1737740","bugzilla_description":"CVE-2019-1010319 wavpack: Use of uninitialized variable in ParseWave64HeaderConfig leads to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-665->CWE-369","affected_packages":["wavpack-0:5.1.0-15.el8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1010319.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"2.5"},{"CVE":"CVE-2019-1010317","severity":"low","public_date":"2019-08-06T00:00:00Z","advisories":["RHSA-2020:1581"],"bugzilla":"1737747","bugzilla_description":"CVE-2019-1010317 wavpack: Use of uninitialized variable in ParseCaffHeaderConfig leads to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->CWE-665","affected_packages":["wavpack-0:5.1.0-15.el8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1010317.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"3.3"},{"CVE":"CVE-2019-1010315","severity":"low","public_date":"2019-07-12T00:00:00Z","advisories":["RHSA-2020:1581"],"bugzilla":"1729418","bugzilla_description":"CVE-2019-1010315 wavpack: Divide by zero in ParseDsdiffHeaderConfig leads to crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-369","affected_packages":["wavpack-0:5.1.0-15.el8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1010315.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2019-11498","severity":"low","public_date":"2019-03-05T00:00:00Z","advisories":["RHSA-2020:1581"],"bugzilla":"1704633","bugzilla_description":"CVE-2019-11498 wavpack: Use of uninitialized variable in WavpackSetConfiguration64 leads to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-456","affected_packages":["wavpack-0:5.1.0-15.el8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11498.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2018-19841","severity":"low","public_date":"2018-11-29T00:00:00Z","advisories":["RHSA-2020:1581"],"bugzilla":"1661449","bugzilla_description":"CVE-2018-19841 wawpack: Out-of-bounds read in WavpackVerifySingleBlock function leads to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["wavpack-0:5.1.0-15.el8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19841.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-19840","severity":"low","public_date":"2018-11-26T00:00:00Z","advisories":["RHSA-2020:1581"],"bugzilla":"1661448","bugzilla_description":"CVE-2018-19840 wawpack: Infinite loop in WavpackPackInit function lead to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["wavpack-0:5.1.0-15.el8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19840.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-10536","severity":"moderate","public_date":"2018-04-22T00:00:00Z","advisories":[],"bugzilla":"1574719","bugzilla_description":"CVE-2018-10536 wavpack: out of bounds write in ParseRiffHeaderConfig in riff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10536.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2018-10537","severity":"moderate","public_date":"2018-04-22T00:00:00Z","advisories":[],"bugzilla":"1574726","bugzilla_description":"CVE-2018-10537 wavpack: out of bounds write in ParseWave64HeaderConfig in wave64.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10537.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2018-10538","severity":"moderate","public_date":"2018-04-22T00:00:00Z","advisories":[],"bugzilla":"1574728","bugzilla_description":"CVE-2018-10538 wavpack: out of bounds write in ParseRiffHeaderConfig in riff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10538.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2018-10539","severity":"moderate","public_date":"2018-04-22T00:00:00Z","advisories":[],"bugzilla":"1574729","bugzilla_description":"CVE-2018-10539 wavpack: out of bounds write in ParseDsdiffHeaderConfig in dsdiff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10539.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2018-10540","severity":"moderate","public_date":"2018-04-22T00:00:00Z","advisories":[],"bugzilla":"1574731","bugzilla_description":"CVE-2018-10540 wavpack: out of bounds write in ParseWave64HeaderConfig in wave64.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10540.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2018-7253","severity":"low","public_date":"2018-02-19T00:00:00Z","advisories":[],"bugzilla":"1547719","bugzilla_description":"CVE-2018-7253 wavpack: Heap-based buffer over-read in ParseDsdiffHeaderConfig function in cli/dsdiff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7253.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-7254","severity":"low","public_date":"2018-02-19T00:00:00Z","advisories":[],"bugzilla":"1547735","bugzilla_description":"CVE-2018-7254 wavpack: Global buffer over-read in ParseCaffHeaderConfig function in cli/caff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7254.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-6767","severity":"low","public_date":"2018-02-03T00:00:00Z","advisories":[],"bugzilla":"1542550","bugzilla_description":"CVE-2018-6767 wavpack: stack buffer overread via crafted wav file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6767.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-10170","severity":"moderate","public_date":"2016-12-20T00:00:00Z","advisories":[],"bugzilla":"1417851","bugzilla_description":"CVE-2016-10170 wavpack: Heap out of bounds read in WriteCaffHeader / caff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10170.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2016-10171","severity":"moderate","public_date":"2016-12-20T00:00:00Z","advisories":[],"bugzilla":"1417852","bugzilla_description":"CVE-2016-10171 wavpack: Heap out of bounds read in unreorder_channels / wvunpack.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10171.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2016-10172","severity":"moderate","public_date":"2016-12-20T00:00:00Z","advisories":[],"bugzilla":"1417853","bugzilla_description":"CVE-2016-10172 wavpack: Heap out of bounds read in read_new_config_info / open_utils.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10172.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3_score":"4.4"},{"CVE":"CVE-2016-10169","severity":"moderate","public_date":"2016-12-18T00:00:00Z","advisories":[],"bugzilla":"1417850","bugzilla_description":"CVE-2016-10169 wavpack: Global buffer overread in read_code / read_words.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10169.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3_score":"4.4"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wayland-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wayland-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wayland-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wayland-protocols-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wayland-protocols-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wayland-protocols-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/webkitgtk3_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/webkitgtk3_security_api_results.json new file mode 100644 index 0000000..b30696f --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/webkitgtk3_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-9862","severity":"moderate","public_date":"2020-07-29T00:00:00Z","advisories":[],"bugzilla":"1879532","bugzilla_description":"CVE-2020-9862 webkitgtk: Command injection in web inspector","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-77","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9862.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2020-9893","severity":"moderate","public_date":"2020-07-29T00:00:00Z","advisories":[],"bugzilla":"1879535","bugzilla_description":"CVE-2020-9893 webkitgtk: Use-after-free may lead to application termination or arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119->CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9893.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-9894","severity":"moderate","public_date":"2020-07-29T00:00:00Z","advisories":[],"bugzilla":"1879536","bugzilla_description":"CVE-2020-9894 webkitgtk: Out-of-bounds read may lead to unexpected application termination or arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9894.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2020-9895","severity":"moderate","public_date":"2020-07-29T00:00:00Z","advisories":[],"bugzilla":"1879538","bugzilla_description":"CVE-2020-9895 webkitgtk: Use-after-free may lead to application termination or arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9895.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2020-9915","severity":"moderate","public_date":"2020-07-29T00:00:00Z","advisories":[],"bugzilla":"1879540","bugzilla_description":"CVE-2020-9915 webkitgtk: Access issue in content security policy","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9915.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2020-9925","severity":"moderate","public_date":"2020-07-29T00:00:00Z","advisories":[],"bugzilla":"1879541","bugzilla_description":"CVE-2020-9925 webkitgtk: A logic issue may lead to cross site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-841->CWE-79","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9925.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","cvss3_score":"7.1"},{"CVE":"CVE-2020-9802","severity":"moderate","public_date":"2020-07-10T00:00:00Z","advisories":[],"bugzilla":"1879545","bugzilla_description":"CVE-2020-9802 webkitgtk: Logic issue may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-841","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9802.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-9803","severity":"moderate","public_date":"2020-07-10T00:00:00Z","advisories":[],"bugzilla":"1879557","bugzilla_description":"CVE-2020-9803 webkitgtk: Memory corruption may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9803.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-9805","severity":"moderate","public_date":"2020-07-10T00:00:00Z","advisories":[],"bugzilla":"1879559","bugzilla_description":"CVE-2020-9805 webkitgtk: Logic issue may lead to cross site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-841->CWE-79","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9805.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","cvss3_score":"7.1"},{"CVE":"CVE-2020-9806","severity":"moderate","public_date":"2020-07-10T00:00:00Z","advisories":[],"bugzilla":"1879563","bugzilla_description":"CVE-2020-9806 webkitgtk: Memory corruption may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9806.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-9807","severity":"moderate","public_date":"2020-07-10T00:00:00Z","advisories":[],"bugzilla":"1879564","bugzilla_description":"CVE-2020-9807 webkitgtk: Memory corruption may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9807.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-9843","severity":"moderate","public_date":"2020-07-10T00:00:00Z","advisories":[],"bugzilla":"1879566","bugzilla_description":"CVE-2020-9843 webkitgtk: Input validation issue may lead to cross site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->CWE-79","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9843.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","cvss3_score":"7.1"},{"CVE":"CVE-2020-9850","severity":"moderate","public_date":"2020-07-10T00:00:00Z","advisories":[],"bugzilla":"1879568","bugzilla_description":"CVE-2020-9850 webkitgtk: Logic issue may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-841","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9850.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2020-13753","severity":"moderate","public_date":"2020-07-10T00:00:00Z","advisories":[],"bugzilla":"1879570","bugzilla_description":"CVE-2020-13753 webkitgtk: Improper access management to CLONE_NEWUSER and the TIOCSTI ioctl","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284->CWE-77","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13753.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","cvss3_score":"10.0"},{"CVE":"CVE-2020-3885","severity":"low","public_date":"2020-04-27T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876462","bugzilla_description":"CVE-2020-3885 webkitgtk: Incorrect processing of file URLs","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3885.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2020-3894","severity":"low","public_date":"2020-04-27T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876463","bugzilla_description":"CVE-2020-3894 webkitgtk: Race condition allows reading of restricted memory","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3894.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"3.1"},{"CVE":"CVE-2020-3895","severity":"moderate","public_date":"2020-04-27T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876465","bugzilla_description":"CVE-2020-3895 webkitgtk: Memory corruption triggered by a malicious web content","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3895.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-3897","severity":"moderate","public_date":"2020-04-27T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876468","bugzilla_description":"CVE-2020-3897 webkitgtk: Type confusion leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3897.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-3899","severity":"moderate","public_date":"2020-04-27T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876470","bugzilla_description":"CVE-2020-3899 webkitgtk: Memory consumption issue leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3899.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-3900","severity":"moderate","public_date":"2020-04-27T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876472","bugzilla_description":"CVE-2020-3900 webkitgtk: Memory corruption triggered by a malicious web content","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3900.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-3901","severity":"moderate","public_date":"2020-04-27T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876473","bugzilla_description":"CVE-2020-3901 webkitgtk: Type confusion leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3901.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-3902","severity":"moderate","public_date":"2020-04-27T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876476","bugzilla_description":"CVE-2020-3902 webkitgtk: Input validation issue leading to cross-site script attack","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3902.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2020-11793","severity":"moderate","public_date":"2020-04-16T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1829369","bugzilla_description":"CVE-2020-11793 webkitgtk: use-after-free via crafted web content","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11793.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-10018","severity":"moderate","public_date":"2020-03-02T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1811721","bugzilla_description":"CVE-2020-10018 webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10018.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-3862","severity":"low","public_date":"2020-02-14T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876516","bugzilla_description":"CVE-2020-3862 webkitgtk: Denial of service via incorrect memory handling","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3862.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2020-3864","severity":"moderate","public_date":"2020-02-14T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876518","bugzilla_description":"CVE-2020-3864 webkitgtk: Non-unique security origin for DOM object contexts","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3864.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2020-3865","severity":"moderate","public_date":"2020-02-14T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876521","bugzilla_description":"CVE-2020-3865 webkitgtk: Incorrect security check for a top-level DOM object context","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3865.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-3867","severity":"moderate","public_date":"2020-02-14T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876522","bugzilla_description":"CVE-2020-3867 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3867.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2020-3868","severity":"moderate","public_date":"2020-02-14T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876523","bugzilla_description":"CVE-2020-3868 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3868.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8846","severity":"moderate","public_date":"2020-01-23T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1816678","bugzilla_description":"CVE-2019-8846 webkitgtk: Use after free issue may lead to remote code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8846.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2019-8835","severity":"moderate","public_date":"2020-01-23T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1816684","bugzilla_description":"CVE-2019-8835 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8835.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2019-8844","severity":"moderate","public_date":"2020-01-23T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1816686","bugzilla_description":"CVE-2019-8844 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8844.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2016-4761","severity":"moderate","public_date":"2020-01-22T00:00:00Z","advisories":[],"bugzilla":"1800137","bugzilla_description":"CVE-2016-4761 webkitgtk: use-after-free leads to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4761.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8710","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876536","bugzilla_description":"CVE-2019-8710 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8710.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8743","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876537","bugzilla_description":"CVE-2019-8743 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8743.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8764","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876540","bugzilla_description":"CVE-2019-8764 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8764.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-8765","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876542","bugzilla_description":"CVE-2019-8765 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8765.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8766","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876543","bugzilla_description":"CVE-2019-8766 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8766.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8782","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876545","bugzilla_description":"CVE-2019-8782 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8782.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8783","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876548","bugzilla_description":"CVE-2019-8783 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8783.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8808","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876549","bugzilla_description":"CVE-2019-8808 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8808.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8811","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876550","bugzilla_description":"CVE-2019-8811 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8811.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8812","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876552","bugzilla_description":"CVE-2019-8812 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8812.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8813","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876553","bugzilla_description":"CVE-2019-8813 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8813.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-8814","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876554","bugzilla_description":"CVE-2019-8814 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8814.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8815","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876555","bugzilla_description":"CVE-2019-8815 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8815.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8816","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876556","bugzilla_description":"CVE-2019-8816 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8816.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8819","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876590","bugzilla_description":"CVE-2019-8819 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8819.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8820","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876591","bugzilla_description":"CVE-2019-8820 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8820.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8821","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876592","bugzilla_description":"CVE-2019-8821 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8821.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8822","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876593","bugzilla_description":"CVE-2019-8822 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8822.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8823","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876594","bugzilla_description":"CVE-2019-8823 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8823.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8625","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876607","bugzilla_description":"CVE-2019-8625 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8625.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-8674","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876608","bugzilla_description":"CVE-2019-8674 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8674.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-8707","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876609","bugzilla_description":"CVE-2019-8707 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8707.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8719","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876610","bugzilla_description":"CVE-2019-8719 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8719.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-8720","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876611","bugzilla_description":"CVE-2019-8720 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8720.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8726","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876612","bugzilla_description":"CVE-2019-8726 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8726.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8733","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876613","bugzilla_description":"CVE-2019-8733 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8733.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8735","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876614","bugzilla_description":"CVE-2019-8735 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8735.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8763","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876615","bugzilla_description":"CVE-2019-8763 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8763.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8768","severity":"low","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876616","bugzilla_description":"CVE-2019-8768 webkitgtk: Browsing history could not be deleted","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8768.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2019-8769","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876617","bugzilla_description":"CVE-2019-8769 webkitgtk: Websites could reveal browsing history","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8769.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2019-8771","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876619","bugzilla_description":"CVE-2019-8771 webkitgtk: Violation of iframe sandboxing policy","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8771.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","cvss3_score":"5.4"},{"CVE":"CVE-2019-8644","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876626","bugzilla_description":"CVE-2019-8644 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8644.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8649","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876628","bugzilla_description":"CVE-2019-8649 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8649.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-8658","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876629","bugzilla_description":"CVE-2019-8658 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8658.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-8666","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876630","bugzilla_description":"CVE-2019-8666 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8666.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8669","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876631","bugzilla_description":"CVE-2019-8669 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8669.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8671","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876632","bugzilla_description":"CVE-2019-8671 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8671.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8672","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876634","bugzilla_description":"CVE-2019-8672 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8672.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8673","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876643","bugzilla_description":"CVE-2019-8673 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8673.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8676","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876644","bugzilla_description":"CVE-2019-8676 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8676.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8677","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876645","bugzilla_description":"CVE-2019-8677 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8677.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8678","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876646","bugzilla_description":"CVE-2019-8678 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8678.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8679","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876647","bugzilla_description":"CVE-2019-8679 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8679.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8680","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876648","bugzilla_description":"CVE-2019-8680 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8680.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8681","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876650","bugzilla_description":"CVE-2019-8681 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8681.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8683","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876651","bugzilla_description":"CVE-2019-8683 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8683.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8684","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876652","bugzilla_description":"CVE-2019-8684 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8684.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8686","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876653","bugzilla_description":"CVE-2019-8686 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8686.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8687","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876655","bugzilla_description":"CVE-2019-8687 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8687.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8688","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876656","bugzilla_description":"CVE-2019-8688 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8688.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8689","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876657","bugzilla_description":"CVE-2019-8689 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8689.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8690","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876664","bugzilla_description":"CVE-2019-8690 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8690.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-6237","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876880","bugzilla_description":"CVE-2019-6237 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6237.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8571","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876881","bugzilla_description":"CVE-2019-8571 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8571.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8583","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876882","bugzilla_description":"CVE-2019-8583 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8583.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8584","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876883","bugzilla_description":"CVE-2019-8584 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8584.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8586","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876884","bugzilla_description":"CVE-2019-8586 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8586.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8587","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876887","bugzilla_description":"CVE-2019-8587 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8587.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8594","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876891","bugzilla_description":"CVE-2019-8594 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8594.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8595","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876892","bugzilla_description":"CVE-2019-8595 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8595.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8596","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876893","bugzilla_description":"CVE-2019-8596 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8596.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8597","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876894","bugzilla_description":"CVE-2019-8597 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8597.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8601","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876895","bugzilla_description":"CVE-2019-8601 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8601.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8607","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876897","bugzilla_description":"CVE-2019-8607 webkitgtk: Out-of-bounds read leading to memory disclosure","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8607.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2019-8608","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876898","bugzilla_description":"CVE-2019-8608 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8608.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8609","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876899","bugzilla_description":"CVE-2019-8609 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8609.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8610","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876900","bugzilla_description":"CVE-2019-8610 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8610.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8615","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1877045","bugzilla_description":"CVE-2019-8615 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8615.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8611","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1877046","bugzilla_description":"CVE-2019-8611 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8611.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8619","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1877047","bugzilla_description":"CVE-2019-8619 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8619.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8622","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1877048","bugzilla_description":"CVE-2019-8622 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8622.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8623","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1877049","bugzilla_description":"CVE-2019-8623 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8623.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-11070","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1709289","bugzilla_description":"CVE-2019-11070 webkitgtk: HTTP proxy setting deanonymization information disclosure","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11070.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2019-7285","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":[],"bugzilla":"1718725","bugzilla_description":"CVE-2019-7285 webkitgtk: crafted web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7285.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-7292","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":[],"bugzilla":"1719131","bugzilla_description":"CVE-2019-7292 webkitgtk: arbitrary code execution via malicious web content","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7292.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8503","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":[],"bugzilla":"1719147","bugzilla_description":"CVE-2019-8503 webkitgtk: logic issue leads to code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8503.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8506","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719199","bugzilla_description":"CVE-2019-8506 webkitgtk: malicous web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8506.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8515","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":[],"bugzilla":"1719204","bugzilla_description":"CVE-2019-8515 webkitgtk: malicious crafted web content leads to information disclosure","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8515.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2019-8518","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719206","bugzilla_description":"CVE-2019-8518 webkitgtk: malicious web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8518.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8523","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719208","bugzilla_description":"CVE-2019-8523 webkitgtk: malicious web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8523.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8524","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719209","bugzilla_description":"CVE-2019-8524 webkitgtk: malicious web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8524.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8535","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719210","bugzilla_description":"CVE-2019-8535 webkitgtk: malicious crafted web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8535.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8536","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719213","bugzilla_description":"CVE-2019-8536 webkitgtk: malicious crafted web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8536.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8544","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719224","bugzilla_description":"CVE-2019-8544 webkitgtk: malicious crafted web content leads to arbitrary we content","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8544.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8558","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719231","bugzilla_description":"CVE-2019-8558 webkitgtk: malicious crafted web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8558.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8559","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719235","bugzilla_description":"CVE-2019-8559 webkitgtk: malicious web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8559.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8563","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719237","bugzilla_description":"CVE-2019-8563 webkitgtk: malicious web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8563.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8551","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1719238","bugzilla_description":"CVE-2019-8551 webkitgtk: malicious web content leads to cross site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8551.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-6251","severity":"moderate","public_date":"2018-09-11T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1667409","bugzilla_description":"CVE-2019-6251 webkitgtk: processing maliciously crafted web content lead to URI spoofing","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6251.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2018-11713","severity":"moderate","public_date":"2018-06-07T00:00:00Z","advisories":[],"bugzilla":"1588739","bugzilla_description":"CVE-2018-11713 webkitgtk: WebSockets don't use system proxy settings","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11713.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2018-11712","severity":"moderate","public_date":"2018-06-07T00:00:00Z","advisories":[],"bugzilla":"1588742","bugzilla_description":"CVE-2018-11712 webkitgtk: Improper TLS certificate verification for WebSocket connections","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-295","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11712.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2018-4204","severity":"moderate","public_date":"2018-05-07T00:00:00Z","advisories":[],"bugzilla":"1577374","bugzilla_description":"CVE-2018-4204 webkitgtk: memory corruption processing maliciously crafted web content","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-4204.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"5.0"},{"CVE":"CVE-2018-4200","severity":"moderate","public_date":"2018-05-07T00:00:00Z","advisories":[],"bugzilla":"1577385","bugzilla_description":"CVE-2018-4200 webkitgtk: memory corruption processing maliciously crafted web content","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-4200.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"5.0"},{"CVE":"CVE-2018-4121","severity":"moderate","public_date":"2018-05-07T00:00:00Z","advisories":[],"bugzilla":"1577387","bugzilla_description":"CVE-2018-4121 webkitgtk: memory corruption processing maliciously crafted web content","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-4121.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"5.0"},{"CVE":"CVE-2017-13856","severity":"moderate","public_date":"2017-12-13T00:00:00Z","advisories":[],"bugzilla":"1527747","bugzilla_description":"CVE-2017-13856 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13856.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2017-13866","severity":"moderate","public_date":"2017-12-13T00:00:00Z","advisories":[],"bugzilla":"1527756","bugzilla_description":"CVE-2017-13866 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13866.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2017-13870","severity":"moderate","public_date":"2017-12-13T00:00:00Z","advisories":[],"bugzilla":"1527757","bugzilla_description":"CVE-2017-13870 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13870.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2017-7156","severity":"moderate","public_date":"2017-12-13T00:00:00Z","advisories":[],"bugzilla":"1527759","bugzilla_description":"CVE-2017-7156 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7156.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2017-7157","severity":"moderate","public_date":"2017-12-13T00:00:00Z","advisories":[],"bugzilla":"1527760","bugzilla_description":"CVE-2017-7157 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7157.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2015-2330","severity":"moderate","public_date":"2015-03-17T00:00:00Z","advisories":[],"bugzilla":"1204653","bugzilla_description":"CVE-2015-2330 webkitgtk: TLS certificate late verification","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2330.json"},{"CVE":"CVE-2015-1209","severity":"important","public_date":"2015-02-04T00:00:00Z","advisories":["RHSA-2015:0163"],"bugzilla":"1190123","bugzilla_description":"CVE-2015-1209 chromium-browser: use-after-free in DOM","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["chromium-browser-0:40.0.2214.111-1.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1209.json"},{"CVE":"CVE-2015-1212","severity":"important","public_date":"2015-02-04T00:00:00Z","advisories":["RHSA-2015:0163"],"bugzilla":"1190158","bugzilla_description":"CVE-2015-1212 chromium-browser: various security fixes in Chrome 40.0.2214.111","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["chromium-browser-0:40.0.2214.111-1.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1212.json"},{"CVE":"CVE-2013-2871","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186231","bugzilla_description":"CVE-2013-2871 webkitgtk: use-after-free vulnerability in the handling of input (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2871.json"},{"CVE":"CVE-2013-2875","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186232","bugzilla_description":"CVE-2013-2875 webkitgtk: out-of-bounds read in the SVG implementation (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2875.json"},{"CVE":"CVE-2013-2927","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186233","bugzilla_description":"CVE-2013-2927 webkitgtk: use-after-free in the HTMLFormElement::prepareForSubmission() (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2927.json"},{"CVE":"CVE-2014-1292","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186234","bugzilla_description":"CVE-2014-1292 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1292.json"},{"CVE":"CVE-2014-1297","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186236","bugzilla_description":"CVE-2014-1297 webkitgtk: improper WebProcess IPC messages validation (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1297.json"},{"CVE":"CVE-2014-1298","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186237","bugzilla_description":"CVE-2014-1298 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1298.json"},{"CVE":"CVE-2014-1299","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186238","bugzilla_description":"CVE-2014-1299 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1299.json"},{"CVE":"CVE-2014-1300","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186239","bugzilla_description":"CVE-2014-1300 webkitgtk: arbitrary code execution with root privileges (WSA-2015-0001)","cvss_score":7.3,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:C/I:C/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1300.json"},{"CVE":"CVE-2014-1303","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186241","bugzilla_description":"CVE-2014-1303 webkitgtk: heap-based buffer overflow (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1303.json"},{"CVE":"CVE-2014-1304","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186242","bugzilla_description":"CVE-2014-1304 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1304.json"},{"CVE":"CVE-2014-1305","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186243","bugzilla_description":"CVE-2014-1305 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1305.json"},{"CVE":"CVE-2014-1307","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186245","bugzilla_description":"CVE-2014-1307 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1307.json"},{"CVE":"CVE-2014-1308","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186246","bugzilla_description":"CVE-2014-1308 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1308.json"},{"CVE":"CVE-2014-1309","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186247","bugzilla_description":"CVE-2014-1309 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1309.json"},{"CVE":"CVE-2014-1311","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186248","bugzilla_description":"CVE-2014-1311 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1311.json"},{"CVE":"CVE-2014-1313","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186250","bugzilla_description":"CVE-2014-1313 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1313.json"},{"CVE":"CVE-2014-1323","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186251","bugzilla_description":"CVE-2014-1323 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1323.json"},{"CVE":"CVE-2014-1326","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186252","bugzilla_description":"CVE-2014-1326 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1326.json"},{"CVE":"CVE-2014-1329","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186253","bugzilla_description":"CVE-2014-1329 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1329.json"},{"CVE":"CVE-2014-1330","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186254","bugzilla_description":"CVE-2014-1330 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1330.json"},{"CVE":"CVE-2014-1331","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186255","bugzilla_description":"CVE-2014-1331 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1331.json"},{"CVE":"CVE-2014-1333","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186258","bugzilla_description":"CVE-2014-1333 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1333.json"},{"CVE":"CVE-2014-1334","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186259","bugzilla_description":"CVE-2014-1334 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1334.json"},{"CVE":"CVE-2014-1335","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186262","bugzilla_description":"CVE-2014-1335 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1335.json"},{"CVE":"CVE-2014-1336","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186263","bugzilla_description":"CVE-2014-1336 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1336.json"},{"CVE":"CVE-2014-1337","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186264","bugzilla_description":"CVE-2014-1337 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1337.json"},{"CVE":"CVE-2014-1338","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186265","bugzilla_description":"CVE-2014-1338 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1338.json"},{"CVE":"CVE-2014-1339","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186266","bugzilla_description":"CVE-2014-1339 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1339.json"},{"CVE":"CVE-2014-1341","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186267","bugzilla_description":"CVE-2014-1341 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1341.json"},{"CVE":"CVE-2014-1342","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186268","bugzilla_description":"CVE-2014-1342 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1342.json"},{"CVE":"CVE-2014-1343","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186269","bugzilla_description":"CVE-2014-1343 webkitgtk: arbitrary code execution and denial of service via a crafted web site (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1343.json"},{"CVE":"CVE-2014-1346","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186270","bugzilla_description":"CVE-2014-1346 webkitgtk: improper Unicode encoding interpretation (WSA-2015-0001)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1346.json"},{"CVE":"CVE-2014-1713","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186271","bugzilla_description":"CVE-2014-1713 webkitgtk: use-after-free in the AttributeSetter function (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1713.json"},{"CVE":"CVE-2014-1731","severity":"moderate","public_date":"2015-01-26T00:00:00Z","advisories":[],"bugzilla":"1186273","bugzilla_description":"CVE-2014-1731 webkitgtk: improper renderer state check in core/html/HTMLSelectElement.cpp (WSA-2015-0001)","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1731.json"},{"CVE":"CVE-2014-7907","severity":"important","public_date":"2014-11-18T00:00:00Z","advisories":["RHSA-2014:1894"],"bugzilla":"1165656","bugzilla_description":"CVE-2014-7907 chromium-browser: Use-after-free in blink","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["chromium-browser-0:39.0.2171.65-2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7907.json"},{"CVE":"CVE-2014-7908","severity":"important","public_date":"2014-11-18T00:00:00Z","advisories":["RHSA-2014:1894"],"bugzilla":"1165657","bugzilla_description":"CVE-2014-7908 chromium-browser: Integer overflow in media","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-190","affected_packages":["chromium-browser-0:39.0.2171.65-2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7908.json"},{"CVE":"CVE-2014-7910","severity":"moderate","public_date":"2014-11-18T00:00:00Z","advisories":["RHSA-2014:1894"],"bugzilla":"1165662","bugzilla_description":"CVE-2014-7910 chromium-browser: Unspecified security issues","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["chromium-browser-0:39.0.2171.65-2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7910.json"},{"CVE":"CVE-2014-1344","severity":"moderate","public_date":"2014-11-08T00:00:00Z","advisories":[],"bugzilla":"1181090","bugzilla_description":"CVE-2014-1344 webkitgtk: arbitrary code execution and denial of service","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1344.json"},{"CVE":"CVE-2014-1384","severity":"moderate","public_date":"2014-11-08T00:00:00Z","advisories":[],"bugzilla":"1181095","bugzilla_description":"CVE-2014-1384 webkitgtk: arbitrary code execution and denial of service","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1384.json"},{"CVE":"CVE-2014-1385","severity":"moderate","public_date":"2014-11-08T00:00:00Z","advisories":[],"bugzilla":"1181096","bugzilla_description":"CVE-2014-1385 webkitgtk: arbitrary code execution and denial of service","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1385.json"},{"CVE":"CVE-2014-1386","severity":"moderate","public_date":"2014-11-08T00:00:00Z","advisories":[],"bugzilla":"1181098","bugzilla_description":"CVE-2014-1386 webkitgtk: arbitrary code execution and denial of service","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1386.json"},{"CVE":"CVE-2014-1387","severity":"moderate","public_date":"2014-11-08T00:00:00Z","advisories":[],"bugzilla":"1181099","bugzilla_description":"CVE-2014-1387 webkitgtk: arbitrary code execution and denial of service","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1387.json"},{"CVE":"CVE-2014-1388","severity":"moderate","public_date":"2014-11-08T00:00:00Z","advisories":[],"bugzilla":"1181101","bugzilla_description":"CVE-2014-1388 webkitgtk: arbitrary code execution and denial of service","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1388.json"},{"CVE":"CVE-2014-1389","severity":"moderate","public_date":"2014-11-08T00:00:00Z","advisories":[],"bugzilla":"1181102","bugzilla_description":"CVE-2014-1389 webkitgtk: arbitrary code execution and denial of service","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1389.json"},{"CVE":"CVE-2014-1390","severity":"moderate","public_date":"2014-11-08T00:00:00Z","advisories":[],"bugzilla":"1181103","bugzilla_description":"CVE-2014-1390 webkitgtk: arbitrary code execution and denial of service","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1390.json"},{"CVE":"CVE-2014-3194","severity":"critical","public_date":"2014-10-07T00:00:00Z","advisories":["RHSA-2014:1626"],"bugzilla":"1151383","bugzilla_description":"CVE-2014-3194 chromium: use-after-free issue in Web Workers fixed in Chrome 38.0.2125.101","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["chromium-browser-0:38.0.2125.101-2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3194.json"},{"CVE":"CVE-2014-3192","severity":"critical","public_date":"2014-10-07T00:00:00Z","advisories":["RHSA-2014:1626"],"bugzilla":"1151395","bugzilla_description":"CVE-2014-3192 chromium: use-after-free in DOM, fixed in Chrome 38.0.2125.101","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["chromium-browser-0:38.0.2125.101-2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3192.json"},{"CVE":"CVE-2014-3197","severity":"moderate","public_date":"2014-10-07T00:00:00Z","advisories":["RHSA-2014:1626"],"bugzilla":"1151422","bugzilla_description":"CVE-2014-3197 chromium: information leak in XSS Auditor fixed in Chrome 38.0.2125.101","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":["chromium-browser-0:38.0.2125.101-2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3197.json"},{"CVE":"CVE-2014-3200","severity":"critical","public_date":"2014-10-07T00:00:00Z","advisories":["RHSA-2014:1626"],"bugzilla":"1151425","bugzilla_description":"CVE-2014-3200 chromium: multiple unspecified issues fixed in Chrome 38.0.2125.101","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["chromium-browser-0:38.0.2125.101-2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3200.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/webkitgtk4-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/webkitgtk4-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/webkitgtk4-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/webkitgtk4-jsc-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/webkitgtk4-jsc-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/webkitgtk4-jsc-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/webkitgtk4-jsc_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/webkitgtk4-jsc_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/webkitgtk4-jsc_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/webkitgtk4_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/webkitgtk4_security_api_results.json new file mode 100644 index 0000000..149b6e2 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/webkitgtk4_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-9862","severity":"moderate","public_date":"2020-07-29T00:00:00Z","advisories":[],"bugzilla":"1879532","bugzilla_description":"CVE-2020-9862 webkitgtk: Command injection in web inspector","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-77","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9862.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2020-9893","severity":"moderate","public_date":"2020-07-29T00:00:00Z","advisories":[],"bugzilla":"1879535","bugzilla_description":"CVE-2020-9893 webkitgtk: Use-after-free may lead to application termination or arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119->CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9893.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-9894","severity":"moderate","public_date":"2020-07-29T00:00:00Z","advisories":[],"bugzilla":"1879536","bugzilla_description":"CVE-2020-9894 webkitgtk: Out-of-bounds read may lead to unexpected application termination or arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9894.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2020-9895","severity":"moderate","public_date":"2020-07-29T00:00:00Z","advisories":[],"bugzilla":"1879538","bugzilla_description":"CVE-2020-9895 webkitgtk: Use-after-free may lead to application termination or arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9895.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2020-9915","severity":"moderate","public_date":"2020-07-29T00:00:00Z","advisories":[],"bugzilla":"1879540","bugzilla_description":"CVE-2020-9915 webkitgtk: Access issue in content security policy","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9915.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2020-9925","severity":"moderate","public_date":"2020-07-29T00:00:00Z","advisories":[],"bugzilla":"1879541","bugzilla_description":"CVE-2020-9925 webkitgtk: A logic issue may lead to cross site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-841->CWE-79","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9925.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","cvss3_score":"7.1"},{"CVE":"CVE-2020-9802","severity":"moderate","public_date":"2020-07-10T00:00:00Z","advisories":[],"bugzilla":"1879545","bugzilla_description":"CVE-2020-9802 webkitgtk: Logic issue may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-841","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9802.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-9803","severity":"moderate","public_date":"2020-07-10T00:00:00Z","advisories":[],"bugzilla":"1879557","bugzilla_description":"CVE-2020-9803 webkitgtk: Memory corruption may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9803.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-9805","severity":"moderate","public_date":"2020-07-10T00:00:00Z","advisories":[],"bugzilla":"1879559","bugzilla_description":"CVE-2020-9805 webkitgtk: Logic issue may lead to cross site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-841->CWE-79","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9805.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","cvss3_score":"7.1"},{"CVE":"CVE-2020-9806","severity":"moderate","public_date":"2020-07-10T00:00:00Z","advisories":[],"bugzilla":"1879563","bugzilla_description":"CVE-2020-9806 webkitgtk: Memory corruption may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9806.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-9807","severity":"moderate","public_date":"2020-07-10T00:00:00Z","advisories":[],"bugzilla":"1879564","bugzilla_description":"CVE-2020-9807 webkitgtk: Memory corruption may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9807.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-9843","severity":"moderate","public_date":"2020-07-10T00:00:00Z","advisories":[],"bugzilla":"1879566","bugzilla_description":"CVE-2020-9843 webkitgtk: Input validation issue may lead to cross site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->CWE-79","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9843.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","cvss3_score":"7.1"},{"CVE":"CVE-2020-9850","severity":"moderate","public_date":"2020-07-10T00:00:00Z","advisories":[],"bugzilla":"1879568","bugzilla_description":"CVE-2020-9850 webkitgtk: Logic issue may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-841","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9850.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2020-13753","severity":"moderate","public_date":"2020-07-10T00:00:00Z","advisories":[],"bugzilla":"1879570","bugzilla_description":"CVE-2020-13753 webkitgtk: Improper access management to CLONE_NEWUSER and the TIOCSTI ioctl","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284->CWE-77","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13753.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","cvss3_score":"10.0"},{"CVE":"CVE-2020-3885","severity":"low","public_date":"2020-04-27T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876462","bugzilla_description":"CVE-2020-3885 webkitgtk: Incorrect processing of file URLs","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3885.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2020-3894","severity":"low","public_date":"2020-04-27T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876463","bugzilla_description":"CVE-2020-3894 webkitgtk: Race condition allows reading of restricted memory","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3894.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"3.1"},{"CVE":"CVE-2020-3895","severity":"moderate","public_date":"2020-04-27T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876465","bugzilla_description":"CVE-2020-3895 webkitgtk: Memory corruption triggered by a malicious web content","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3895.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-3897","severity":"moderate","public_date":"2020-04-27T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876468","bugzilla_description":"CVE-2020-3897 webkitgtk: Type confusion leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3897.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-3899","severity":"moderate","public_date":"2020-04-27T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876470","bugzilla_description":"CVE-2020-3899 webkitgtk: Memory consumption issue leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3899.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-3900","severity":"moderate","public_date":"2020-04-27T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876472","bugzilla_description":"CVE-2020-3900 webkitgtk: Memory corruption triggered by a malicious web content","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3900.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-3901","severity":"moderate","public_date":"2020-04-27T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876473","bugzilla_description":"CVE-2020-3901 webkitgtk: Type confusion leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3901.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-3902","severity":"moderate","public_date":"2020-04-27T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876476","bugzilla_description":"CVE-2020-3902 webkitgtk: Input validation issue leading to cross-site script attack","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3902.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2020-11793","severity":"moderate","public_date":"2020-04-16T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1829369","bugzilla_description":"CVE-2020-11793 webkitgtk: use-after-free via crafted web content","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11793.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-10018","severity":"moderate","public_date":"2020-03-02T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1811721","bugzilla_description":"CVE-2020-10018 webkitgtk: Use-after-free issue in accessibility/AXObjectCache.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10018.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-3862","severity":"low","public_date":"2020-02-14T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876516","bugzilla_description":"CVE-2020-3862 webkitgtk: Denial of service via incorrect memory handling","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3862.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2020-3864","severity":"moderate","public_date":"2020-02-14T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876518","bugzilla_description":"CVE-2020-3864 webkitgtk: Non-unique security origin for DOM object contexts","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3864.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2020-3865","severity":"moderate","public_date":"2020-02-14T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876521","bugzilla_description":"CVE-2020-3865 webkitgtk: Incorrect security check for a top-level DOM object context","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3865.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2020-3867","severity":"moderate","public_date":"2020-02-14T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876522","bugzilla_description":"CVE-2020-3867 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3867.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2020-3868","severity":"moderate","public_date":"2020-02-14T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876523","bugzilla_description":"CVE-2020-3868 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-3868.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8846","severity":"moderate","public_date":"2020-01-23T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1816678","bugzilla_description":"CVE-2019-8846 webkitgtk: Use after free issue may lead to remote code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8846.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2019-8835","severity":"moderate","public_date":"2020-01-23T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1816684","bugzilla_description":"CVE-2019-8835 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8835.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2019-8844","severity":"moderate","public_date":"2020-01-23T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1816686","bugzilla_description":"CVE-2019-8844 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8844.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2016-4761","severity":"moderate","public_date":"2020-01-22T00:00:00Z","advisories":[],"bugzilla":"1800137","bugzilla_description":"CVE-2016-4761 webkitgtk: use-after-free leads to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4761.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8710","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876536","bugzilla_description":"CVE-2019-8710 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8710.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8743","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876537","bugzilla_description":"CVE-2019-8743 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8743.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8764","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876540","bugzilla_description":"CVE-2019-8764 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8764.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-8765","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876542","bugzilla_description":"CVE-2019-8765 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8765.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8766","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876543","bugzilla_description":"CVE-2019-8766 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8766.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8782","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876545","bugzilla_description":"CVE-2019-8782 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8782.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8783","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876548","bugzilla_description":"CVE-2019-8783 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8783.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8808","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876549","bugzilla_description":"CVE-2019-8808 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8808.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8811","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876550","bugzilla_description":"CVE-2019-8811 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8811.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8812","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876552","bugzilla_description":"CVE-2019-8812 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8812.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8813","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876553","bugzilla_description":"CVE-2019-8813 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8813.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-8814","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876554","bugzilla_description":"CVE-2019-8814 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8814.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8815","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876555","bugzilla_description":"CVE-2019-8815 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8815.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8816","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876556","bugzilla_description":"CVE-2019-8816 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8816.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8819","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876590","bugzilla_description":"CVE-2019-8819 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8819.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8820","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876591","bugzilla_description":"CVE-2019-8820 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8820.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8821","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876592","bugzilla_description":"CVE-2019-8821 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8821.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8822","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876593","bugzilla_description":"CVE-2019-8822 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8822.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8823","severity":"moderate","public_date":"2019-11-08T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876594","bugzilla_description":"CVE-2019-8823 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8823.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8625","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876607","bugzilla_description":"CVE-2019-8625 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8625.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-8674","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876608","bugzilla_description":"CVE-2019-8674 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8674.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-8707","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876609","bugzilla_description":"CVE-2019-8707 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8707.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8719","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876610","bugzilla_description":"CVE-2019-8719 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8719.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-8720","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876611","bugzilla_description":"CVE-2019-8720 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8720.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8726","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876612","bugzilla_description":"CVE-2019-8726 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8726.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8733","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876613","bugzilla_description":"CVE-2019-8733 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8733.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8735","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876614","bugzilla_description":"CVE-2019-8735 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8735.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8763","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876615","bugzilla_description":"CVE-2019-8763 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8763.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8768","severity":"low","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876616","bugzilla_description":"CVE-2019-8768 webkitgtk: Browsing history could not be deleted","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8768.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2019-8769","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876617","bugzilla_description":"CVE-2019-8769 webkitgtk: Websites could reveal browsing history","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8769.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2019-8771","severity":"moderate","public_date":"2019-10-29T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1876619","bugzilla_description":"CVE-2019-8771 webkitgtk: Violation of iframe sandboxing policy","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8771.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","cvss3_score":"5.4"},{"CVE":"CVE-2019-8644","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876626","bugzilla_description":"CVE-2019-8644 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8644.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8649","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876628","bugzilla_description":"CVE-2019-8649 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8649.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-8658","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876629","bugzilla_description":"CVE-2019-8658 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8658.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-8666","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876630","bugzilla_description":"CVE-2019-8666 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8666.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8669","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876631","bugzilla_description":"CVE-2019-8669 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8669.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8671","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876632","bugzilla_description":"CVE-2019-8671 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8671.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8672","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876634","bugzilla_description":"CVE-2019-8672 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8672.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8673","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876643","bugzilla_description":"CVE-2019-8673 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8673.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8676","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876644","bugzilla_description":"CVE-2019-8676 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8676.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8677","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876645","bugzilla_description":"CVE-2019-8677 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8677.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8678","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876646","bugzilla_description":"CVE-2019-8678 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8678.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8679","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876647","bugzilla_description":"CVE-2019-8679 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8679.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8680","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876648","bugzilla_description":"CVE-2019-8680 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8680.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8681","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876650","bugzilla_description":"CVE-2019-8681 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8681.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8683","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876651","bugzilla_description":"CVE-2019-8683 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8683.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8684","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876652","bugzilla_description":"CVE-2019-8684 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8684.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8686","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876653","bugzilla_description":"CVE-2019-8686 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8686.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8687","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876655","bugzilla_description":"CVE-2019-8687 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8687.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8688","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHEA-2019:4262"],"bugzilla":"1876656","bugzilla_description":"CVE-2019-8688 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.4-2.el8_1","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8688.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8689","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876657","bugzilla_description":"CVE-2019-8689 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8689.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8690","severity":"moderate","public_date":"2019-08-29T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876664","bugzilla_description":"CVE-2019-8690 webkitgtk: Incorrect state management leading to universal cross-site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8690.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2019-6237","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876880","bugzilla_description":"CVE-2019-6237 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6237.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8571","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876881","bugzilla_description":"CVE-2019-8571 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8571.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8583","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876882","bugzilla_description":"CVE-2019-8583 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8583.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8584","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876883","bugzilla_description":"CVE-2019-8584 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8584.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8586","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876884","bugzilla_description":"CVE-2019-8586 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8586.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8587","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876887","bugzilla_description":"CVE-2019-8587 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8587.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8594","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876891","bugzilla_description":"CVE-2019-8594 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8594.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8595","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876892","bugzilla_description":"CVE-2019-8595 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8595.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8596","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876893","bugzilla_description":"CVE-2019-8596 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8596.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8597","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876894","bugzilla_description":"CVE-2019-8597 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8597.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8601","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876895","bugzilla_description":"CVE-2019-8601 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8601.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8607","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876897","bugzilla_description":"CVE-2019-8607 webkitgtk: Out-of-bounds read leading to memory disclosure","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8607.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2019-8608","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876898","bugzilla_description":"CVE-2019-8608 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8608.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8609","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876899","bugzilla_description":"CVE-2019-8609 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8609.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8610","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1876900","bugzilla_description":"CVE-2019-8610 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8610.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8615","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1877045","bugzilla_description":"CVE-2019-8615 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8615.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8611","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1877046","bugzilla_description":"CVE-2019-8611 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8611.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8619","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1877047","bugzilla_description":"CVE-2019-8619 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8619.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8622","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1877048","bugzilla_description":"CVE-2019-8622 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8622.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-8623","severity":"moderate","public_date":"2019-05-20T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1877049","bugzilla_description":"CVE-2019-8623 webkitgtk: Multiple memory corruption issues leading to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8623.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2019-11070","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1709289","bugzilla_description":"CVE-2019-11070 webkitgtk: HTTP proxy setting deanonymization information disclosure","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11070.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","cvss3_score":"6.5"},{"CVE":"CVE-2019-7285","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":[],"bugzilla":"1718725","bugzilla_description":"CVE-2019-7285 webkitgtk: crafted web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7285.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-7292","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":[],"bugzilla":"1719131","bugzilla_description":"CVE-2019-7292 webkitgtk: arbitrary code execution via malicious web content","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7292.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8503","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":[],"bugzilla":"1719147","bugzilla_description":"CVE-2019-8503 webkitgtk: logic issue leads to code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8503.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8506","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719199","bugzilla_description":"CVE-2019-8506 webkitgtk: malicous web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8506.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8515","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":[],"bugzilla":"1719204","bugzilla_description":"CVE-2019-8515 webkitgtk: malicious crafted web content leads to information disclosure","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8515.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2019-8518","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719206","bugzilla_description":"CVE-2019-8518 webkitgtk: malicious web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8518.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8523","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719208","bugzilla_description":"CVE-2019-8523 webkitgtk: malicious web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8523.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8524","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719209","bugzilla_description":"CVE-2019-8524 webkitgtk: malicious web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8524.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8535","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719210","bugzilla_description":"CVE-2019-8535 webkitgtk: malicious crafted web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8535.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8536","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719213","bugzilla_description":"CVE-2019-8536 webkitgtk: malicious crafted web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8536.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8544","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719224","bugzilla_description":"CVE-2019-8544 webkitgtk: malicious crafted web content leads to arbitrary we content","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8544.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8558","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719231","bugzilla_description":"CVE-2019-8558 webkitgtk: malicious crafted web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8558.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8559","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719235","bugzilla_description":"CVE-2019-8559 webkitgtk: malicious web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8559.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8563","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1719237","bugzilla_description":"CVE-2019-8563 webkitgtk: malicious web content leads to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-94","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8563.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2019-8551","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":["RHSA-2020:4035"],"bugzilla":"1719238","bugzilla_description":"CVE-2019-8551 webkitgtk: malicious web content leads to cross site scripting","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-79","affected_packages":["webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8551.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","cvss3_score":"6.1"},{"CVE":"CVE-2018-18928","severity":"low","public_date":"2018-10-30T00:00:00Z","advisories":[],"bugzilla":"1646702","bugzilla_description":"CVE-2018-18928 icu: integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18928.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2019-6251","severity":"moderate","public_date":"2018-09-11T00:00:00Z","advisories":["RHSA-2020:4035","RHSA-2019:3553","RHBA-2019:3303"],"bugzilla":"1667409","bugzilla_description":"CVE-2019-6251 webkitgtk: processing maliciously crafted web content lead to URI spoofing","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["webkit2gtk3-0:2.24.3-1.el8","redhat-coreos-42.81.20191107.0","webkitgtk4-0:2.28.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6251.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2018-11713","severity":"moderate","public_date":"2018-06-07T00:00:00Z","advisories":[],"bugzilla":"1588739","bugzilla_description":"CVE-2018-11713 webkitgtk: WebSockets don't use system proxy settings","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11713.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2018-11712","severity":"moderate","public_date":"2018-06-07T00:00:00Z","advisories":[],"bugzilla":"1588742","bugzilla_description":"CVE-2018-11712 webkitgtk: Improper TLS certificate verification for WebSocket connections","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-295","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11712.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2018-4204","severity":"moderate","public_date":"2018-05-07T00:00:00Z","advisories":[],"bugzilla":"1577374","bugzilla_description":"CVE-2018-4204 webkitgtk: memory corruption processing maliciously crafted web content","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-4204.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"5.0"},{"CVE":"CVE-2018-4200","severity":"moderate","public_date":"2018-05-07T00:00:00Z","advisories":[],"bugzilla":"1577385","bugzilla_description":"CVE-2018-4200 webkitgtk: memory corruption processing maliciously crafted web content","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-4200.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"5.0"},{"CVE":"CVE-2018-4121","severity":"moderate","public_date":"2018-05-07T00:00:00Z","advisories":[],"bugzilla":"1577387","bugzilla_description":"CVE-2018-4121 webkitgtk: memory corruption processing maliciously crafted web content","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-4121.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"5.0"},{"CVE":"CVE-2017-13856","severity":"moderate","public_date":"2017-12-13T00:00:00Z","advisories":[],"bugzilla":"1527747","bugzilla_description":"CVE-2017-13856 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13856.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2017-13866","severity":"moderate","public_date":"2017-12-13T00:00:00Z","advisories":[],"bugzilla":"1527756","bugzilla_description":"CVE-2017-13866 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13866.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2017-13870","severity":"moderate","public_date":"2017-12-13T00:00:00Z","advisories":[],"bugzilla":"1527757","bugzilla_description":"CVE-2017-13870 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13870.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2017-7156","severity":"moderate","public_date":"2017-12-13T00:00:00Z","advisories":[],"bugzilla":"1527759","bugzilla_description":"CVE-2017-7156 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7156.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2017-7157","severity":"moderate","public_date":"2017-12-13T00:00:00Z","advisories":[],"bugzilla":"1527760","bugzilla_description":"CVE-2017-7157 webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7157.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/webrtc-audio-processing_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/webrtc-audio-processing_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/webrtc-audio-processing_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wget_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wget_security_api_results.json new file mode 100644 index 0000000..541dd31 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wget_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2019-5953","severity":"important","public_date":"2019-04-03T00:00:00Z","advisories":["RHSA-2019:0983","RHSA-2019:3168","RHSA-2019:2979","RHSA-2019:1228"],"bugzilla":"1695679","bugzilla_description":"CVE-2019-5953 wget: do_conversion() heap-based buffer overflow vulnerability","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["wget-0:1.19.5-7.el8_0.1","wget-0:1.14-18.el7_6.1","wget-0:1.14-15.el7_4.2","wget-0:1.14-16.el7_5.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5953.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2018-20483","severity":"moderate","public_date":"2018-12-26T00:00:00Z","advisories":["RHSA-2019:3701","RHBA-2019:3303"],"bugzilla":"1662705","bugzilla_description":"CVE-2018-20483 wget: Information exposure in set_file_metadata function in xattr.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["curl-0:7.61.1-11.el8","redhat-coreos-42.81.20191107.0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20483.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2018-0494","severity":"moderate","public_date":"2018-05-06T00:00:00Z","advisories":["RHSA-2018:3052"],"bugzilla":"1575634","bugzilla_description":"CVE-2018-0494 wget: Cookie injection allows malicious website to write arbitrary cookie entries into cookie jar","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["wget-0:1.14-18.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0494.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N","cvss3_score":"7.1"},{"CVE":"CVE-2017-13089","severity":"important","public_date":"2017-10-26T15:00:00Z","advisories":["RHSA-2017:3075"],"bugzilla":"1505444","bugzilla_description":"CVE-2017-13089 wget: Stack-based buffer overflow in HTTP protocol handling","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":["wget-0:1.14-15.el7_4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13089.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2017-13090","severity":"important","public_date":"2017-10-26T15:00:00Z","advisories":["RHSA-2017:3075"],"bugzilla":"1505445","bugzilla_description":"CVE-2017-13090 wget: Heap-based buffer overflow in HTTP protocol handling","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["wget-0:1.14-15.el7_4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13090.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2017-6508","severity":"low","public_date":"2017-03-07T00:00:00Z","advisories":[],"bugzilla":"1429984","bugzilla_description":"CVE-2017-6508 wget: CRLF injection in the url_parse function in url.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-77","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6508.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2016-7098","severity":null,"public_date":"2016-08-11T00:00:00Z","advisories":[],"bugzilla":"1328137","bugzilla_description":"CVE-2016-7098 wget: files rejected by access list are kept on the disk for the duration of HTTP connection","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7098.json"},{"CVE":"CVE-2016-4971","severity":"moderate","public_date":"2016-06-09T00:00:00Z","advisories":["RHSA-2016:2587"],"bugzilla":"1343666","bugzilla_description":"CVE-2016-4971 wget: Lack of filename checking allows arbitrary file upload via FTP redirect","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-73","affected_packages":["wget-0:1.14-13.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4971.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2014-4877","severity":"moderate","public_date":"2014-10-27T00:00:00Z","advisories":["RHSA-2014:1764","RHSA-2014:1955"],"bugzilla":"1139181","bugzilla_description":"CVE-2014-4877 wget: FTP symlink arbitrary filesystem access","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-59","affected_packages":["wget-0:1.12-1.12.el6_5","wget-0:1.12-5.el6_6.1","wget-0:1.14-10.el7_0.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4877.json"},{"CVE":"CVE-2010-2252","severity":"low","public_date":"2010-05-17T00:00:00Z","advisories":["RHSA-2014:0151"],"bugzilla":"602797","bugzilla_description":"CVE-2010-2252 wget: multiple HTTP client download filename vulnerability [OCERT 2010-001]","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:P","CWE":null,"affected_packages":["wget-0:1.12-1.11.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2252.json"},{"CVE":"CVE-2009-3490","severity":"moderate","public_date":"2009-08-12T00:00:00Z","advisories":["RHSA-2009:1549"],"bugzilla":"520454","bugzilla_description":"CVE-2009-3490 wget: incorrect verification of SSL certificate with NUL in name","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":["wget-0:1.10.2-0.30E.1","wget-0:1.10.2-1.el4_8.1","wget-0:1.11.4-2.el5_4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3490.json"},{"CVE":"CVE-2005-3185","severity":"important","public_date":"2005-10-12T00:00:00Z","advisories":["RHSA-2005:807","RHSA-2005:812"],"bugzilla":"1617794","bugzilla_description":"CVE-2005-3185 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["curl-0:7.10.6-7.rhel3","wget-0:1.10.2-0.40E","wget-0:1.10.2-0.30E","curl-0:7.12.1-6.rhel4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3185.json"},{"CVE":"CVE-2004-1487","severity":"low","public_date":"2004-12-10T00:00:00Z","advisories":["RHSA-2005:771"],"bugzilla":"1617413","bugzilla_description":"CVE-2004-1487 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wget-0:1.10.1-2.4E.1","wget-0:1.10.1-1.30E.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1487.json"},{"CVE":"CVE-2004-1488","severity":"low","public_date":"2004-12-10T00:00:00Z","advisories":["RHSA-2005:771"],"bugzilla":"1617414","bugzilla_description":"CVE-2004-1488 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wget-0:1.10.1-2.4E.1","wget-0:1.10.1-1.30E.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1488.json"},{"CVE":"CVE-2004-2014","severity":"low","public_date":"2004-05-16T00:00:00Z","advisories":["RHSA-2005:771"],"bugzilla":"1617420","bugzilla_description":"CVE-2004-2014 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wget-0:1.10.1-2.4E.1","wget-0:1.10.1-1.30E.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-2014.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/which_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/which_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/which_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/whois_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/whois_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/whois_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wireshark-gnome_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wireshark-gnome_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wireshark-gnome_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wireshark_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wireshark_security_api_results.json new file mode 100644 index 0000000..a999e51 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wireshark_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-26575","severity":"moderate","public_date":"2020-10-06T00:00:00Z","advisories":[],"bugzilla":"1886047","bugzilla_description":"CVE-2020-26575 wireshark: FBZERO dissector could enter an infinite loop","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-26575.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-25862","severity":"moderate","public_date":"2020-09-23T00:00:00Z","advisories":[],"bugzilla":"1886041","bugzilla_description":"CVE-2020-25862 wireshark: TCP dissector crash (wnpa-sec-2020-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25862.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-25863","severity":"moderate","public_date":"2020-09-23T00:00:00Z","advisories":[],"bugzilla":"1886044","bugzilla_description":"CVE-2020-25863 wireshark: MIME multipart dissector crash (wnpa-sec-2020-11)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25863.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-25866","severity":"moderate","public_date":"2020-09-23T00:00:00Z","advisories":[],"bugzilla":"1886051","bugzilla_description":"CVE-2020-25866 wireshark: BLIP dissector crash (wnpa-sec-2020-13)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25866.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-17498","severity":"moderate","public_date":"2020-08-12T00:00:00Z","advisories":[],"bugzilla":"1868885","bugzilla_description":"CVE-2020-17498 wireshark: Kafka protocol dissector could crash (wnpa-sec-2020-10)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-17498.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-15466","severity":"moderate","public_date":"2020-07-05T00:00:00Z","advisories":[],"bugzilla":"1854882","bugzilla_description":"CVE-2020-15466 wireshark: GVCP dissector infinite loop","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15466.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-13164","severity":"moderate","public_date":"2020-04-02T00:00:00Z","advisories":[],"bugzilla":"1839874","bugzilla_description":"CVE-2020-13164 wireshark: NFS dissector crash (wnpa-sec-2020-08)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13164.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-11647","severity":"moderate","public_date":"2020-04-01T00:00:00Z","advisories":[],"bugzilla":"1824157","bugzilla_description":"CVE-2020-11647 wireshark: BACapp dissector crash (wnpa-sec-2020-07)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-121|CWE-674)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11647.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-9429","severity":"moderate","public_date":"2020-02-28T00:00:00Z","advisories":[],"bugzilla":"1828780","bugzilla_description":"CVE-2020-9429 wireshark: WireGuard dissector could crash due to NULL pointer dereference","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9429.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-9431","severity":"low","public_date":"2020-02-26T00:00:00Z","advisories":[],"bugzilla":"1814586","bugzilla_description":"CVE-2020-9431 wireshark: LTE RRC dissector memory leak could result in excessive memory resource consumption","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9431.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-9430","severity":"moderate","public_date":"2020-02-26T00:00:00Z","advisories":[],"bugzilla":"1814615","bugzilla_description":"CVE-2020-9430 wireshark: injecting a malformed packet may cause WiMax DLMAP dissector to crash due to out-of-bound read","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9430.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-9428","severity":"moderate","public_date":"2020-02-26T00:00:00Z","advisories":[],"bugzilla":"1814622","bugzilla_description":"CVE-2020-9428 wireshark: injecting a malformed packet may cause the EAP dissector to crash due to out-of-bounds read","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-9428.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-7044","severity":"moderate","public_date":"2020-01-15T00:00:00Z","advisories":[],"bugzilla":"1796459","bugzilla_description":"CVE-2020-7044 wireshark: WASSP dissector crash (wnpa-sec-2020-01)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7044.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2020-7045","severity":"moderate","public_date":"2020-01-15T00:00:00Z","advisories":[],"bugzilla":"1798671","bugzilla_description":"CVE-2020-7045 wireshark: invalid memory access in BT ATT dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7045.json","cvss3_scoring_vector":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-16319","severity":"moderate","public_date":"2019-08-25T00:00:00Z","advisories":[],"bugzilla":"1775149","bugzilla_description":"CVE-2019-16319 wireshark: gryphon dissector infinite loop (wnpa-sec-2019-21)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16319.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-19553","severity":"moderate","public_date":"2019-08-02T00:00:00Z","advisories":[],"bugzilla":"1782988","bugzilla_description":"CVE-2019-19553 wireshark: CMS dissector crash (wnpa-sec-2019-22)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-456","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19553.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-13619","severity":"moderate","public_date":"2019-07-17T00:00:00Z","advisories":[],"bugzilla":"1731022","bugzilla_description":"CVE-2019-13619 wireshark: ASN.1 BER dissector crash (wnpa-sec-2019-20)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13619.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-12295","severity":"moderate","public_date":"2019-05-21T00:00:00Z","advisories":[],"bugzilla":"1831675","bugzilla_description":"CVE-2019-12295 wireshark: missing dissection recursion checks leads to denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-674","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12295.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-10901","severity":"moderate","public_date":"2019-03-19T00:00:00Z","advisories":[],"bugzilla":"1697938","bugzilla_description":"CVE-2019-10901 wireshark: LDSS dissector crash (wnpa-sec-2019-17)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10901.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-10902","severity":"moderate","public_date":"2019-03-19T00:00:00Z","advisories":[],"bugzilla":"1697942","bugzilla_description":"CVE-2019-10902 wireshark: TSDNS dissector crash (wnpa-sec-2019-16)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10902.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-10896","severity":"moderate","public_date":"2019-03-18T00:00:00Z","advisories":[],"bugzilla":"1697944","bugzilla_description":"CVE-2019-10896 wireshark: DOF dissector crash (wnpa-sec-2019-15)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10896.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-10894","severity":"moderate","public_date":"2019-03-18T00:00:00Z","advisories":[],"bugzilla":"1697947","bugzilla_description":"CVE-2019-10894 wireshark: GSS-API dissector crash (wnpa-sec-2019-14)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-617","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10894.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-10900","severity":"moderate","public_date":"2019-03-18T00:00:00Z","advisories":[],"bugzilla":"1697952","bugzilla_description":"CVE-2019-10900 wireshark: Rbm dissector infinite loop (wnpa-sec-2019-13)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10900.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-10898","severity":"moderate","public_date":"2019-03-10T00:00:00Z","advisories":[],"bugzilla":"1697955","bugzilla_description":"CVE-2019-10898 wireshark: GSUP dissector infinite loop (wnpa-sec-2019-18)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10898.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-10903","severity":"moderate","public_date":"2019-03-05T00:00:00Z","advisories":[],"bugzilla":"1697898","bugzilla_description":"CVE-2019-10903 wireshark: DCERPC SPOOLSS dissector crash (wnpa-sec-2019-18)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10903.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-10897","severity":"moderate","public_date":"2019-03-04T00:00:00Z","advisories":[],"bugzilla":"1697961","bugzilla_description":"CVE-2019-10897 wireshark: IEEE 802.11 dissector infinite loop (wnpa-sec-2019-11 )","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10897.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"4.5"},{"CVE":"CVE-2019-10899","severity":"moderate","public_date":"2019-03-01T00:00:00Z","advisories":[],"bugzilla":"1697979","bugzilla_description":"CVE-2019-10899 wireshark: SRVLOC dissector crash (wnpa-sec-2019-10)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10899.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-9214","severity":"moderate","public_date":"2019-02-27T00:00:00Z","advisories":[],"bugzilla":"1684115","bugzilla_description":"CVE-2019-9214 wireshark: null-deference read in RPCAP dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9214.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-10895","severity":"moderate","public_date":"2019-02-13T00:00:00Z","advisories":[],"bugzilla":"1697982","bugzilla_description":"CVE-2019-10895 wireshark: NetScaler file parser crash (wnpa-sec-2019-09)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10895.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-9208","severity":"moderate","public_date":"2019-01-29T00:00:00Z","advisories":[],"bugzilla":"1685001","bugzilla_description":"CVE-2019-9208 wireshark: null-pointer dereference in TCAP dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9208.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-9209","severity":"low","public_date":"2019-01-25T00:00:00Z","advisories":[],"bugzilla":"1685009","bugzilla_description":"CVE-2019-9209 wireshark: Stack-based off-by-one buffer overflow in dissect_ber_GeneralizedTime","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9209.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"7.3"},{"CVE":"CVE-2019-5721","severity":"moderate","public_date":"2019-01-08T00:00:00Z","advisories":[],"bugzilla":"1666277","bugzilla_description":"CVE-2019-5721 wireshark: use-after-free in ENIP dissector results in denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5721.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-5716","severity":"low","public_date":"2019-01-08T00:00:00Z","advisories":[],"bugzilla":"1667579","bugzilla_description":"CVE-2019-5716 wireshark: reachable assertion in fast_ensure_contiguous() from 6LoWPAN dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-617","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5716.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2019-5717","severity":"low","public_date":"2019-01-08T00:00:00Z","advisories":[],"bugzilla":"1667581","bugzilla_description":"CVE-2019-5717 wireshark: P_MUL dissector crash in epan/dissectors/packet-p_mul.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5717.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2019-5718","severity":"low","public_date":"2019-01-08T00:00:00Z","advisories":[],"bugzilla":"1667586","bugzilla_description":"CVE-2019-5718 wireshark: out-of-bounds read in get_t61_string() in epan/charsets.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5718.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.5"},{"CVE":"CVE-2019-5719","severity":"low","public_date":"2019-01-08T00:00:00Z","advisories":[],"bugzilla":"1667592","bugzilla_description":"CVE-2019-5719 wireshark: ISAKMP dissector crash in epan/dissectors/packet-isakmp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5719.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-19622","severity":"low","public_date":"2018-11-27T00:00:00Z","advisories":["RHSA-2020:1047"],"bugzilla":"1655932","bugzilla_description":"CVE-2018-19622 wireshark: Infinite loop in the MMSE dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["wireshark-0:1.10.14-24.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19622.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-19623","severity":"moderate","public_date":"2018-11-27T00:00:00Z","advisories":[],"bugzilla":"1655933","bugzilla_description":"CVE-2018-19623 wireshark: Heap buffer overflow in packet-lbmpdm.c:dissect_segment_ofstable() allows denial of service or possibly arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19623.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-19624","severity":"low","public_date":"2018-11-27T00:00:00Z","advisories":[],"bugzilla":"1655934","bugzilla_description":"CVE-2018-19624 wireshark: NULL pointer dereference resulting in a PVFS dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19624.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-19625","severity":"low","public_date":"2018-11-27T00:00:00Z","advisories":[],"bugzilla":"1655935","bugzilla_description":"CVE-2018-19625 wireshark: Heap-based buffer over-read in the dissection engine","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19625.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-19626","severity":"moderate","public_date":"2018-11-27T00:00:00Z","advisories":[],"bugzilla":"1655936","bugzilla_description":"CVE-2018-19626 wireshark: DCOM dissector crash resulting in information leak","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-456","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19626.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2018-19627","severity":"low","public_date":"2018-11-27T00:00:00Z","advisories":[],"bugzilla":"1655940","bugzilla_description":"CVE-2018-19627 wireshark: IxVeriWave parser crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19627.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.1"},{"CVE":"CVE-2018-19628","severity":"low","public_date":"2018-11-27T00:00:00Z","advisories":[],"bugzilla":"1655941","bugzilla_description":"CVE-2018-19628 wireshark: ZigBee ZCL dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-369","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19628.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2018-18227","severity":"moderate","public_date":"2018-10-10T00:00:00Z","advisories":[],"bugzilla":"1642909","bugzilla_description":"CVE-2018-18227 wireshark: MS-WSP dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18227.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-18226","severity":"moderate","public_date":"2018-10-10T00:00:00Z","advisories":[],"bugzilla":"1642910","bugzilla_description":"CVE-2018-18226 wireshark: Steam IHS Discovery dissector memory leak","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18226.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-18225","severity":"moderate","public_date":"2018-10-10T00:00:00Z","advisories":[],"bugzilla":"1642913","bugzilla_description":"CVE-2018-18225 wireshark: CoAP dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18225.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-12086","severity":"moderate","public_date":"2018-10-10T00:00:00Z","advisories":[],"bugzilla":"1642915","bugzilla_description":"CVE-2018-12086 wireshark: OpcUa dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12086.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-16058","severity":"moderate","public_date":"2018-08-29T00:00:00Z","advisories":[],"bugzilla":"1625921","bugzilla_description":"CVE-2018-16058 wireshark: Bluetooth AVDTP dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16058.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-16056","severity":"moderate","public_date":"2018-08-29T00:00:00Z","advisories":[],"bugzilla":"1625922","bugzilla_description":"CVE-2018-16056 wireshark: Bluetooth Attribute Protocol dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16056.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-16057","severity":"low","public_date":"2018-08-29T00:00:00Z","advisories":["RHSA-2020:1047"],"bugzilla":"1625925","bugzilla_description":"CVE-2018-16057 wireshark: Radiotap dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["wireshark-0:1.10.14-24.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16057.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.7"},{"CVE":"CVE-2018-14342","severity":"moderate","public_date":"2018-07-18T00:00:00Z","advisories":[],"bugzilla":"1607321","bugzilla_description":"CVE-2018-14342 wireshark: BGP dissector large loop (wnpa-sec-2018-34)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14342.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-14344","severity":"moderate","public_date":"2018-07-18T00:00:00Z","advisories":[],"bugzilla":"1607322","bugzilla_description":"CVE-2018-14344 wireshark: ISMP dissector crash (wnpa-sec-2018-35)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14344.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-14340","severity":"moderate","public_date":"2018-07-18T00:00:00Z","advisories":["RHSA-2020:1047"],"bugzilla":"1607323","bugzilla_description":"CVE-2018-14340 wireshark: Multiple dissectors could crash (wnpa-sec-2018-36)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["wireshark-0:1.10.14-24.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14340.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-14343","severity":"moderate","public_date":"2018-07-18T00:00:00Z","advisories":[],"bugzilla":"1607324","bugzilla_description":"CVE-2018-14343 wireshark: ASN.1 BER and related dissectors crash (wnpa-sec-2018-37)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14343.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-14339","severity":"moderate","public_date":"2018-07-18T00:00:00Z","advisories":[],"bugzilla":"1607325","bugzilla_description":"CVE-2018-14339 wireshark: MMSE dissector infinite loop (wnpa-sec-2018-38)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14339.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-14341","severity":"moderate","public_date":"2018-07-18T00:00:00Z","advisories":["RHSA-2020:1047"],"bugzilla":"1607326","bugzilla_description":"CVE-2018-14341 wireshark: DICOM dissector infinite loop (wnpa-sec-2018-39)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["wireshark-0:1.10.14-24.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14341.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-14368","severity":"moderate","public_date":"2018-07-18T00:00:00Z","advisories":["RHSA-2020:1047"],"bugzilla":"1607327","bugzilla_description":"CVE-2018-14368 wireshark: Bazaar dissector infinite loop (wnpa-sec-2018-40)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["wireshark-0:1.10.14-24.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14368.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-14369","severity":"moderate","public_date":"2018-07-18T00:00:00Z","advisories":[],"bugzilla":"1607328","bugzilla_description":"CVE-2018-14369 wireshark: HTTP2 dissector infinite loop (wnpa-sec-2018-41)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14369.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-14367","severity":"moderate","public_date":"2018-07-18T00:00:00Z","advisories":[],"bugzilla":"1607329","bugzilla_description":"CVE-2018-14367 wireshark: CoAP dissector infinite loop (wnpa-sec-2018-42)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14367.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-14370","severity":"moderate","public_date":"2018-07-18T00:00:00Z","advisories":[],"bugzilla":"1607331","bugzilla_description":"CVE-2018-14370 wireshark: IEEE dissector infinite loop (wnpa-sec-2018-43)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14370.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-14438","severity":"moderate","public_date":"2018-06-28T00:00:00Z","advisories":[],"bugzilla":"1609948","bugzilla_description":"CVE-2018-14438 wireshark: Improper Access Control in create_app_running_mutex function in wsutil/file_util.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-284","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14438.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","cvss3_score":"5.6"},{"CVE":"CVE-2018-11359","severity":"moderate","public_date":"2018-05-18T00:00:00Z","advisories":[],"bugzilla":"1581778","bugzilla_description":"CVE-2018-11359 wireshark: Out-of-bounds Read in proto.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11359.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.3"},{"CVE":"CVE-2018-11358","severity":"moderate","public_date":"2018-05-13T00:00:00Z","advisories":[],"bugzilla":"1581773","bugzilla_description":"CVE-2018-11358 wireshark: Use after free in packet-q931.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11358.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2018-11355","severity":"moderate","public_date":"2018-05-12T00:00:00Z","advisories":[],"bugzilla":"1581758","bugzilla_description":"CVE-2018-11355 wireshark: Heap-based Buffer Overflow in packet-rtcp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11355.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-11356","severity":"moderate","public_date":"2018-05-12T00:00:00Z","advisories":[],"bugzilla":"1581768","bugzilla_description":"CVE-2018-11356 wireshark: DNS dissector crash in packet-dns.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11356.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-11357","severity":"moderate","public_date":"2018-05-12T00:00:00Z","advisories":[],"bugzilla":"1581771","bugzilla_description":"CVE-2018-11357 wireshark: Uncontrolled Resource Consumption in epan/tvbuff.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11357.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-11360","severity":"moderate","public_date":"2018-05-12T00:00:00Z","advisories":[],"bugzilla":"1581781","bugzilla_description":"CVE-2018-11360 wireshark: Heap-based Buffer Overflow in packet-gsm_a_dtap.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11360.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2018-11361","severity":"moderate","public_date":"2018-05-12T00:00:00Z","advisories":[],"bugzilla":"1581782","bugzilla_description":"CVE-2018-11361 wireshark: Heap-based Buffer Overflow in dot11decrypt.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11361.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-11354","severity":"moderate","public_date":"2018-05-02T00:00:00Z","advisories":[],"bugzilla":"1581752","bugzilla_description":"CVE-2018-11354 wireshark: Out-of-bounds Read in packet-ieee1905.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11354.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-11362","severity":"moderate","public_date":"2018-04-24T00:00:00Z","advisories":["RHSA-2020:1047"],"bugzilla":"1581787","bugzilla_description":"CVE-2018-11362 wireshark: Out-of-bounds read in packet-ldss.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["wireshark-0:1.10.14-24.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11362.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-9263","severity":"low","public_date":"2018-03-28T00:00:00Z","advisories":[],"bugzilla":"1565749","bugzilla_description":"CVE-2018-9263 wireshark: Kerberos dissector crash in epan/dissectors/packet-kerberos.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-665","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9263.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9257","severity":"low","public_date":"2018-03-14T00:00:00Z","advisories":[],"bugzilla":"1565683","bugzilla_description":"CVE-2018-9257 wireshark: infinite loop in the CQL dissector in epan/dissectors/packet-cql.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9257.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2018-9264","severity":"low","public_date":"2018-03-06T00:00:00Z","advisories":[],"bugzilla":"1565751","bugzilla_description":"CVE-2018-9264 wireshark: memory leak in ui/failure_message.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9264.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9265","severity":"low","public_date":"2018-03-06T00:00:00Z","advisories":[],"bugzilla":"1565785","bugzilla_description":"CVE-2018-9265 wireshark: memory leak in epan/dissectors/packet-tn3270.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9265.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9266","severity":"low","public_date":"2018-03-06T00:00:00Z","advisories":[],"bugzilla":"1565789","bugzilla_description":"CVE-2018-9266 wireshark: memory leak in epan/dissectors/packet-isup.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9266.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9267","severity":"low","public_date":"2018-03-06T00:00:00Z","advisories":[],"bugzilla":"1565798","bugzilla_description":"CVE-2018-9267 wireshark: memory leak in epan/dissectors/packet-lapd.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9267.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9268","severity":"low","public_date":"2018-03-06T00:00:00Z","advisories":[],"bugzilla":"1565812","bugzilla_description":"CVE-2018-9268 wireshark: memory leak in epan/dissectors/packet-smb2.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9268.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9269","severity":"low","public_date":"2018-03-06T00:00:00Z","advisories":[],"bugzilla":"1565813","bugzilla_description":"CVE-2018-9269 wireshark: memory leak in epan/dissectors/packet-giop.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9269.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9270","severity":"low","public_date":"2018-03-06T00:00:00Z","advisories":[],"bugzilla":"1565817","bugzilla_description":"CVE-2018-9270 wireshark: memory leak in epan/oids.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9270.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9271","severity":"low","public_date":"2018-03-06T00:00:00Z","advisories":[],"bugzilla":"1565823","bugzilla_description":"CVE-2018-9271 wireshark: memory leak in epan/dissectors/packet-multipart.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9271.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9272","severity":"low","public_date":"2018-03-06T00:00:00Z","advisories":[],"bugzilla":"1565825","bugzilla_description":"CVE-2018-9272 wireshark: memory leak in epan/dissectors/packet-h223.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9272.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9273","severity":"low","public_date":"2018-03-06T00:00:00Z","advisories":[],"bugzilla":"1565832","bugzilla_description":"CVE-2018-9273 wireshark: memory leak in epan/dissectors/packet-pcp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9273.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9274","severity":"low","public_date":"2018-03-06T00:00:00Z","advisories":[],"bugzilla":"1565833","bugzilla_description":"CVE-2018-9274 wireshark: memory leak in ui/failure_message.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9274.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9256","severity":"low","public_date":"2018-03-02T00:00:00Z","advisories":[],"bugzilla":"1565674","bugzilla_description":"CVE-2018-9256 wireshark: stack overflow via crafted LWAPP Layer 3 Packet","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9256.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9258","severity":"low","public_date":"2018-03-02T00:00:00Z","advisories":[],"bugzilla":"1565710","bugzilla_description":"CVE-2018-9258 wireshark: TCP dissector could crash in epan/dissectors/packet-tcp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-841","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9258.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9260","severity":"low","public_date":"2018-03-02T00:00:00Z","advisories":[],"bugzilla":"1565731","bugzilla_description":"CVE-2018-9260 wireshark: IEEE 802.15.4 dissector crash in epan/dissectors/packet-ieee802154.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-665","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9260.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9261","severity":"low","public_date":"2018-03-02T00:00:00Z","advisories":[],"bugzilla":"1565742","bugzilla_description":"CVE-2018-9261 wireshark: NBAP dissector crash in epan/dissectors/packet-nbap.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9261.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-9262","severity":"low","public_date":"2018-03-02T00:00:00Z","advisories":[],"bugzilla":"1565743","bugzilla_description":"CVE-2018-9262 wireshark: VLAN dissector crash in epan/dissectors/packet-vlan.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9262.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-7337","severity":"low","public_date":"2018-02-19T00:00:00Z","advisories":[],"bugzilla":"1549265","bugzilla_description":"CVE-2018-7337 wireshark: DOCSIS dissector crash in packet-docsis.c by injecting a malformed packet","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7337.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-7335","severity":"low","public_date":"2018-02-18T00:00:00Z","advisories":[],"bugzilla":"1549244","bugzilla_description":"CVE-2018-7335 wireshark: IEEE 802.11 dissector crash in airpdcap.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-130","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7335.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-7419","severity":"low","public_date":"2018-02-18T00:00:00Z","advisories":[],"bugzilla":"1549308","bugzilla_description":"CVE-2018-7419 wireshark: NBAP dissector crash in nbap.cnf","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-665","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7419.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-7417","severity":"low","public_date":"2018-02-11T00:00:00Z","advisories":[],"bugzilla":"1549301","bugzilla_description":"CVE-2018-7417 wireshark: IPMI dissector crash in packet-ipmi-picmg.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-170","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7417.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-7418","severity":"low","public_date":"2018-02-11T00:00:00Z","advisories":["RHSA-2020:1047"],"bugzilla":"1549305","bugzilla_description":"CVE-2018-7418 wireshark: SIGCOMP dissector crash in packet-sigcomp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["wireshark-0:1.10.14-24.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7418.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-7420","severity":"low","public_date":"2018-02-08T00:00:00Z","advisories":[],"bugzilla":"1549284","bugzilla_description":"CVE-2018-7420 wireshark: Pcapng file parser crash in pcapng.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-770","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7420.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-7320","severity":"low","public_date":"2018-02-06T00:00:00Z","advisories":[],"bugzilla":"1549277","bugzilla_description":"CVE-2018-7320 wireshark: Heap-based Buffer Overflow in SIGCOMP dissector crash in packet-sigcomp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7320.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-6836","severity":"low","public_date":"2018-02-05T00:00:00Z","advisories":[],"bugzilla":"1543582","bugzilla_description":"CVE-2018-6836 wireshark: free operation on an uninitialized memory address in wiretap/netmon.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6836.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-7336","severity":"low","public_date":"2018-01-30T00:00:00Z","advisories":[],"bugzilla":"1549270","bugzilla_description":"CVE-2018-7336 wireshark: FCP dissector crash in packet-fcp.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7336.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-7334","severity":"low","public_date":"2018-01-13T00:00:00Z","advisories":[],"bugzilla":"1549255","bugzilla_description":"CVE-2018-7334 wireshark: out of bounds access in UMTS MAC dissector in packet-umts_mac.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7334.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-5334","severity":"moderate","public_date":"2018-01-11T00:00:00Z","advisories":[],"bugzilla":"1534361","bugzilla_description":"CVE-2018-5334 wireshark: IxVeriWave file parser crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5334.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-5335","severity":"moderate","public_date":"2018-01-11T00:00:00Z","advisories":[],"bugzilla":"1534364","bugzilla_description":"CVE-2018-5335 wireshark: WCP dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5335.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2018-5336","severity":"moderate","public_date":"2018-01-11T00:00:00Z","advisories":[],"bugzilla":"1534374","bugzilla_description":"CVE-2018-5336 wireshark: Missing recursion limit in epan/tvbparse.c can cause multiple dissectors to crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5336.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-17997","severity":"moderate","public_date":"2017-12-29T00:00:00Z","advisories":[],"bugzilla":"1530893","bugzilla_description":"CVE-2017-17997 wireshark: Misuse of NULL pointer in MRDISC dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17997.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-17935","severity":"low","public_date":"2017-12-27T00:00:00Z","advisories":[],"bugzilla":"1529592","bugzilla_description":"CVE-2017-17935 Wireshark: denial of service in the File_read_line function in epan/wslua/wslua_file.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17935.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2017-17084","severity":"moderate","public_date":"2017-11-30T00:00:00Z","advisories":[],"bugzilla":"1524471","bugzilla_description":"CVE-2017-17084 wireshark: IWARP_MPA dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17084.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-17083","severity":"moderate","public_date":"2017-11-30T00:00:00Z","advisories":[],"bugzilla":"1524474","bugzilla_description":"CVE-2017-17083 wireshark: NetBIOS dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17083.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-17085","severity":"moderate","public_date":"2017-11-30T00:00:00Z","advisories":[],"bugzilla":"1524475","bugzilla_description":"CVE-2017-17085 wireshark: CIP Safety dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17085.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-15189","severity":"moderate","public_date":"2017-10-10T00:00:00Z","advisories":[],"bugzilla":"1500762","bugzilla_description":"CVE-2017-15189 wireshark: DOCSIS infinite loop","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15189.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-15190","severity":"moderate","public_date":"2017-10-10T00:00:00Z","advisories":[],"bugzilla":"1500763","bugzilla_description":"CVE-2017-15190 wireshark: RTSP dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15190.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-15191","severity":"moderate","public_date":"2017-10-10T00:00:00Z","advisories":[],"bugzilla":"1500765","bugzilla_description":"CVE-2017-15191 wireshark: DMP dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15191.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-15192","severity":"moderate","public_date":"2017-10-10T00:00:00Z","advisories":[],"bugzilla":"1500767","bugzilla_description":"CVE-2017-15192 wireshark: BT ATT dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15192.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-15193","severity":"moderate","public_date":"2017-10-10T00:00:00Z","advisories":[],"bugzilla":"1500768","bugzilla_description":"CVE-2017-15193 wireshark: MBIM dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15193.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-13767","severity":"moderate","public_date":"2017-08-29T00:00:00Z","advisories":[],"bugzilla":"1486628","bugzilla_description":"CVE-2017-13767 wireshark: MSDP dissector infinite loop (wnpa-sec-2017-38)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13767.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-13766","severity":"moderate","public_date":"2017-08-29T00:00:00Z","advisories":[],"bugzilla":"1486629","bugzilla_description":"CVE-2017-13766 wireshark: Profinet I/O buffer overrun (wnpa-sec-2017-39)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13766.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-13764","severity":"moderate","public_date":"2017-08-29T00:00:00Z","advisories":[],"bugzilla":"1486630","bugzilla_description":"CVE-2017-13764 wireshark: Modbus dissector crash (wnpa-sec-2017-40)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13764.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-13765","severity":"moderate","public_date":"2017-08-29T00:00:00Z","advisories":[],"bugzilla":"1486631","bugzilla_description":"CVE-2017-13765 wireshark: IrCOMM dissector buffer overrun (wnpa-sec-2017-41)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13765.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-11408","severity":"moderate","public_date":"2017-07-18T00:00:00Z","advisories":[],"bugzilla":"1472766","bugzilla_description":"CVE-2017-11408 wireshark: AMQP dissector crash (wnpa-sec-2017-34)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11408.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-11407","severity":"moderate","public_date":"2017-07-18T00:00:00Z","advisories":[],"bugzilla":"1472767","bugzilla_description":"CVE-2017-11407 wireshark: MQ dissector crash (wnpa-sec-2017-35)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11407.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-11406","severity":"moderate","public_date":"2017-07-18T00:00:00Z","advisories":[],"bugzilla":"1472768","bugzilla_description":"CVE-2017-11406 wireshark: DOCSIS infinite loop (wnpa-sec-2017-36)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11406.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-11409","severity":"moderate","public_date":"2017-07-18T00:00:00Z","advisories":[],"bugzilla":"1472769","bugzilla_description":"CVE-2017-11409 wireshark: GPRS LLC dissector large loop. (wnpa-sec-2017-37)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11409.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-9766","severity":"low","public_date":"2017-06-19T00:00:00Z","advisories":[],"bugzilla":"1464051","bugzilla_description":"CVE-2017-9766 wireshark: PROFINET IO data with a high recursion depth can cause stack exhaustion","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9766.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-9617","severity":"low","public_date":"2017-06-13T00:00:00Z","advisories":[],"bugzilla":"1464050","bugzilla_description":"CVE-2017-9617 wireshark: Deeply nested DAAP data may cause stack exhaustion","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-674","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9617.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-9616","severity":"low","public_date":"2017-06-08T00:00:00Z","advisories":[],"bugzilla":"1464048","bugzilla_description":"CVE-2017-9616 wireshark: Overly deep mp4 chunks may cause stack exhaustion","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-674","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9616.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-9259","severity":"low","public_date":"2017-06-08T00:00:00Z","advisories":[],"bugzilla":"1565721","bugzilla_description":"CVE-2018-9259 wirehsark: MP4 dissector crash in epan/dissectors/file-mp4.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-674","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9259.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2017-9352","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458136","bugzilla_description":"CVE-2017-9352 wireshark: Bazaar dissector infinite loop (wnpa-sec-2017-22)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9352.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-9348","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458137","bugzilla_description":"CVE-2017-9348 wireshark: DOF dissector read overflow (wnpa-sec-2017-23)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9348.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-9351","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458138","bugzilla_description":"CVE-2017-9351 wireshark: DHCP dissector read overflow (wnpa-sec-2017-24)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9351.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-9346","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458139","bugzilla_description":"CVE-2017-9346 wireshark: SoulSeek dissector infinite loop (wnpa-sec-2017-25)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9346.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-9345","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458140","bugzilla_description":"CVE-2017-9345 wireshark: DNS dissector infinite loop (wnpa-sec-2017-26)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9345.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-9349","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458141","bugzilla_description":"CVE-2017-9349 wireshark: DICOM dissector infinite loop (wnpa-sec-2017-27)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9349.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-11411","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458142","bugzilla_description":"CVE-2017-9350 CVE-2017-11411 wireshark: openSAFETY dissector memory exhaustion (wnpa-sec-2017-28)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11411.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-9350","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458142","bugzilla_description":"CVE-2017-9350 CVE-2017-11411 wireshark: openSAFETY dissector memory exhaustion (wnpa-sec-2017-28)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9350.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-9344","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458143","bugzilla_description":"CVE-2017-9344 wireshark: BT L2CAP dissector divide by zero (wnpa-sec-2017-29)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9344.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-9343","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458144","bugzilla_description":"CVE-2017-9343 wireshark: MSNIP dissector crash (wnpa-sec-2017-30)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9343.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-9347","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458145","bugzilla_description":"CVE-2017-9347 wireshark: ROS dissector crash (wnpa-sec-2017-31)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9347.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-9354","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458147","bugzilla_description":"CVE-2017-9354 wireshark: RGMP dissector crash (wnpa-sec-2017-32)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9354.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-9353","severity":"moderate","public_date":"2017-06-01T00:00:00Z","advisories":[],"bugzilla":"1458148","bugzilla_description":"CVE-2017-9353 wireshark: IPv6 dissector crash (wnpa-sec-2017-33)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9353.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-7703","severity":"moderate","public_date":"2017-04-12T00:00:00Z","advisories":[],"bugzilla":"1441969","bugzilla_description":"CVE-2017-7703 wireshark: IMAP dissector crash (wnpa-sec-2017-12)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7703.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-11410","severity":"moderate","public_date":"2017-04-12T00:00:00Z","advisories":[],"bugzilla":"1441970","bugzilla_description":"CVE-2017-7702 CVE-2017-11410 wireshark: WBXML dissector infinite loop (wnpa-sec-2017-13)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11410.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-7702","severity":"moderate","public_date":"2017-04-12T00:00:00Z","advisories":[],"bugzilla":"1441970","bugzilla_description":"CVE-2017-7702 CVE-2017-11410 wireshark: WBXML dissector infinite loop (wnpa-sec-2017-13)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7702.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-7700","severity":"moderate","public_date":"2017-04-12T00:00:00Z","advisories":[],"bugzilla":"1441971","bugzilla_description":"CVE-2017-7700 wireshark: NetScaler file parser infinite loop (wnpa-sec-2017-14)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7700.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-7705","severity":"moderate","public_date":"2017-04-12T00:00:00Z","advisories":[],"bugzilla":"1441972","bugzilla_description":"CVE-2017-7705 wireshark: RPCoRDMA dissector infinite loop (wnpa-sec-2017-15)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7705.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-7701","severity":"moderate","public_date":"2017-04-12T00:00:00Z","advisories":[],"bugzilla":"1441973","bugzilla_description":"CVE-2017-7701 wireshark: BGP dissector infinite loop (wnpa-sec-2017-16)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7701.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-7704","severity":"moderate","public_date":"2017-04-12T00:00:00Z","advisories":[],"bugzilla":"1441975","bugzilla_description":"CVE-2017-7704 wireshark: DOF dissector infinite loop (wnpa-sec-2017-17)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7704.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-7747","severity":"moderate","public_date":"2017-04-12T00:00:00Z","advisories":[],"bugzilla":"1441976","bugzilla_description":"CVE-2017-7747 wireshark: PacketBB dissector crash (wnpa-sec-2017-18)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7747.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-7746","severity":"moderate","public_date":"2017-04-12T00:00:00Z","advisories":[],"bugzilla":"1441978","bugzilla_description":"CVE-2017-7746 wireshark: SLSK dissector long loop (wnpa-sec-2017-19)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7746.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-7745","severity":"moderate","public_date":"2017-04-12T00:00:00Z","advisories":[],"bugzilla":"1441979","bugzilla_description":"CVE-2017-7745 wireshark: SIGCOMP dissector infinite loop (wnpa-sec-2017-20)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7745.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-7748","severity":"moderate","public_date":"2017-04-12T00:00:00Z","advisories":[],"bugzilla":"1441980","bugzilla_description":"CVE-2017-7748 wireshark: WSP dissector infinite loop (wnpa-sec-2017-21)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7748.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-6469","severity":"moderate","public_date":"2017-03-03T00:00:00Z","advisories":[],"bugzilla":"1429579","bugzilla_description":"CVE-2017-6469 wireshark: LDSS dissector crash (wnpa-sec-2017-03)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6469.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-6472","severity":"moderate","public_date":"2017-03-03T00:00:00Z","advisories":[],"bugzilla":"1429580","bugzilla_description":"CVE-2017-6472 wireshark: RTMPT dissector infinite loop (wnpa-sec-2017-04)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6472.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-6471","severity":"moderate","public_date":"2017-03-03T00:00:00Z","advisories":[],"bugzilla":"1429581","bugzilla_description":"CVE-2017-6471 wireshark: WSP infinite loop (wnpa-sec-2017-05)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6471.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-6474","severity":"moderate","public_date":"2017-03-03T00:00:00Z","advisories":[],"bugzilla":"1429583","bugzilla_description":"CVE-2017-6474 wireshark: NetScaler file parser infinite loop (wnpa-sec-2017-07)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6474.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-6468","severity":"moderate","public_date":"2017-03-03T00:00:00Z","advisories":[],"bugzilla":"1429585","bugzilla_description":"CVE-2017-6468 wireshark: NetScaler file parser crash (wnpa-sec-2017-08)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6468.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-6473","severity":"moderate","public_date":"2017-03-03T00:00:00Z","advisories":[],"bugzilla":"1429586","bugzilla_description":"CVE-2017-6473 wireshark: K12 file parser crash (wnpa-sec-2017-09)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6473.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-6470","severity":"moderate","public_date":"2017-03-03T00:00:00Z","advisories":[],"bugzilla":"1429588","bugzilla_description":"CVE-2017-6470 wireshark: IAX2 infinite loop (wnpa-sec-2017-10)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6470.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-6467","severity":"moderate","public_date":"2017-03-03T00:00:00Z","advisories":[],"bugzilla":"1429589","bugzilla_description":"CVE-2017-6467 wireshark: Netscaler file parser infinite loop (wnpa-sec-2017-11)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6467.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-6014","severity":"low","public_date":"2017-02-16T00:00:00Z","advisories":[],"bugzilla":"1425375","bugzilla_description":"CVE-2017-6014 wireshark: Memory exhaustion/infinite loop via malformed STANAG 4607 capture file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-835|CWE-400)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6014.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-5596","severity":"moderate","public_date":"2017-01-23T00:00:00Z","advisories":[],"bugzilla":"1415964","bugzilla_description":"CVE-2017-5596 wireshark: ASTERIX infinite loop (wnpa-sec-2017-01)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5596.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2017-5597","severity":"moderate","public_date":"2017-01-23T00:00:00Z","advisories":[],"bugzilla":"1415965","bugzilla_description":"CVE-2017-5597 wireshark: DHCPv6 large loop (wnpa-sec-2017-02)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5597.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-9372","severity":"moderate","public_date":"2016-11-16T00:00:00Z","advisories":[],"bugzilla":"1396409","bugzilla_description":"CVE-2016-9372 wireshark: Profinet I/O dissector long loop (wnpa-sec-2016-58)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9372.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-9374","severity":"moderate","public_date":"2016-11-16T00:00:00Z","advisories":[],"bugzilla":"1396410","bugzilla_description":"CVE-2016-9374 wireshark: AllJoyn crash (wnpa-sec-2016-59)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9374.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-9376","severity":"moderate","public_date":"2016-11-16T00:00:00Z","advisories":[],"bugzilla":"1396411","bugzilla_description":"CVE-2016-9376 wireshark: OpenFlow crash (wnpa-sec-2016-60)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9376.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-9373","severity":"moderate","public_date":"2016-11-16T00:00:00Z","advisories":[],"bugzilla":"1396413","bugzilla_description":"CVE-2016-9373 wireshark: DCERPC crash (wnpa-sec-2016-61)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9373.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-9375","severity":"moderate","public_date":"2016-11-16T00:00:00Z","advisories":[],"bugzilla":"1396415","bugzilla_description":"CVE-2016-9375 wireshark: DTN infinite loop (wnpa-sec-2016-62)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9375.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-7957","severity":"moderate","public_date":"2016-10-04T00:00:00Z","advisories":[],"bugzilla":"1381837","bugzilla_description":"CVE-2016-7957 wireshark: Bluetooth L2CAP dissector crash","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7957.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-7958","severity":"moderate","public_date":"2016-10-04T00:00:00Z","advisories":[],"bugzilla":"1381838","bugzilla_description":"CVE-2016-7958 wireshark: NCP dissector crash","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7958.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-7175","severity":"moderate","public_date":"2016-09-08T00:00:00Z","advisories":[],"bugzilla":"1375109","bugzilla_description":"CVE-2016-7175 wireshark: QNX6 QNET dissector crash","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7175.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-7176","severity":"moderate","public_date":"2016-09-08T00:00:00Z","advisories":[],"bugzilla":"1375112","bugzilla_description":"CVE-2016-7176 wireshark: H.225 dissector crash","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7176.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-7177","severity":"moderate","public_date":"2016-09-08T00:00:00Z","advisories":[],"bugzilla":"1375115","bugzilla_description":"CVE-2016-7177 wireshark: Catapult DCT2000 dissector crash","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7177.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-7178","severity":"moderate","public_date":"2016-09-08T00:00:00Z","advisories":[],"bugzilla":"1375116","bugzilla_description":"CVE-2016-7178 wireshark: UMTS FP dissector crash","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7178.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-7179","severity":"moderate","public_date":"2016-09-08T00:00:00Z","advisories":[],"bugzilla":"1375118","bugzilla_description":"CVE-2016-7179 wireshark: Catapult DCT2000 dissector crash","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7179.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-7180","severity":"moderate","public_date":"2016-09-08T00:00:00Z","advisories":[],"bugzilla":"1375119","bugzilla_description":"CVE-2016-7180 wireshark: IPMI Trace dissector crash","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7180.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-6505","severity":"moderate","public_date":"2016-07-27T00:00:00Z","advisories":[],"bugzilla":"1361135","bugzilla_description":"CVE-2016-6505 wireshark: PacketBB crash (wnpa-sec-2016-41)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6505.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-6506","severity":"moderate","public_date":"2016-07-27T00:00:00Z","advisories":[],"bugzilla":"1361137","bugzilla_description":"CVE-2016-6506 wireshark: WSP infinite loop (wnpa-sec-2016-42)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6506.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-6507","severity":"moderate","public_date":"2016-07-27T00:00:00Z","advisories":[],"bugzilla":"1361138","bugzilla_description":"CVE-2016-6507 wireshark: MMSE infinite loop (wnpa-sec-2016-43)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6507.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-6508","severity":"moderate","public_date":"2016-07-27T00:00:00Z","advisories":[],"bugzilla":"1361139","bugzilla_description":"CVE-2016-6508 wireshark: RLC long loop (wnpa-sec-2016-44)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6508.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-6509","severity":"moderate","public_date":"2016-07-27T00:00:00Z","advisories":[],"bugzilla":"1361140","bugzilla_description":"CVE-2016-6509 wireshark: LDSS dissector crash (wnpa-sec-2016-45)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6509.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-6510","severity":"moderate","public_date":"2016-07-27T00:00:00Z","advisories":[],"bugzilla":"1361141","bugzilla_description":"CVE-2016-6510 wireshark: RLC dissector crash (wnpa-sec-2016-46)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6510.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-6511","severity":"moderate","public_date":"2016-07-27T00:00:00Z","advisories":[],"bugzilla":"1361142","bugzilla_description":"CVE-2016-6511 wireshark: OpenFlow long loop (wnpa-sec-2016-47)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6511.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-6512","severity":"moderate","public_date":"2016-07-27T00:00:00Z","advisories":[],"bugzilla":"1361143","bugzilla_description":"CVE-2016-6512 wireshark: MMSE, WAP, WBXML, and WSP infinite loop. (wnpa-sec-2016-48)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6512.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-6513","severity":"moderate","public_date":"2016-07-27T00:00:00Z","advisories":[],"bugzilla":"1361144","bugzilla_description":"CVE-2016-6513 wireshark: WBXML crash (wnpa-sec-2016-49)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6513.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-5350","severity":"moderate","public_date":"2016-06-07T00:00:00Z","advisories":[],"bugzilla":"1343963","bugzilla_description":"CVE-2016-5350 wireshark: SPOOLS infinite loop (wnpa-sec-2016-29)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5350.json"},{"CVE":"CVE-2016-5351","severity":"moderate","public_date":"2016-06-07T00:00:00Z","advisories":[],"bugzilla":"1343964","bugzilla_description":"CVE-2016-5351 wireshark: IEEE 802.11 dissector crash (wnpa-sec-2016-30)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5351.json"},{"CVE":"CVE-2016-5352","severity":"moderate","public_date":"2016-06-07T00:00:00Z","advisories":[],"bugzilla":"1343965","bugzilla_description":"CVE-2016-5352 wireshark: IEEE 802.11 dissector crash (wnpa-sec-2016-31)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5352.json"},{"CVE":"CVE-2016-5353","severity":"moderate","public_date":"2016-06-07T00:00:00Z","advisories":[],"bugzilla":"1343966","bugzilla_description":"CVE-2016-5353 wireshark: UMTS FP crash (wnpa-sec-2016-32)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5353.json"},{"CVE":"CVE-2016-5354","severity":"moderate","public_date":"2016-06-07T00:00:00Z","advisories":[],"bugzilla":"1343967","bugzilla_description":"CVE-2016-5354 wireshark: USB dissector crash (wnpa-sec-2016-33)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5354.json"},{"CVE":"CVE-2016-5355","severity":"moderate","public_date":"2016-06-07T00:00:00Z","advisories":[],"bugzilla":"1343968","bugzilla_description":"CVE-2016-5355 wireshark: Toshiba file parser crash (wnpa-sec-2016-34)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5355.json"},{"CVE":"CVE-2016-5356","severity":"moderate","public_date":"2016-06-07T00:00:00Z","advisories":[],"bugzilla":"1343969","bugzilla_description":"CVE-2016-5356 wireshark: CoSine file parser crash (wnpa-sec-2016-35)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5356.json"},{"CVE":"CVE-2016-5357","severity":"moderate","public_date":"2016-06-07T00:00:00Z","advisories":[],"bugzilla":"1343970","bugzilla_description":"CVE-2016-5357 wireshark: NetScreen file parser crash (wnpa-sec-2016-36)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5357.json"},{"CVE":"CVE-2016-5358","severity":"moderate","public_date":"2016-06-07T00:00:00Z","advisories":[],"bugzilla":"1343971","bugzilla_description":"CVE-2016-5358 wireshark: Ethernet dissector crash (wnpa-sec-2016-37)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5358.json"},{"CVE":"CVE-2016-5359","severity":"moderate","public_date":"2016-06-07T00:00:00Z","advisories":[],"bugzilla":"1343972","bugzilla_description":"CVE-2016-5359 wireshark: WBXML infinite loop (wnpa-sec-2016-38)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5359.json"},{"CVE":"CVE-2016-4076","severity":"moderate","public_date":"2016-04-22T00:00:00Z","advisories":[],"bugzilla":"1330066","bugzilla_description":"CVE-2016-4076 wireshark: NCP dissector crash (wnpa-sec-2016-19)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4076.json"},{"CVE":"CVE-2016-4077","severity":"moderate","public_date":"2016-04-22T00:00:00Z","advisories":[],"bugzilla":"1330067","bugzilla_description":"CVE-2016-4077 wireshark: TShark reassembly crash (wnpa-sec-2016-20)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4077.json"},{"CVE":"CVE-2016-4078","severity":"moderate","public_date":"2016-04-22T00:00:00Z","advisories":[],"bugzilla":"1330068","bugzilla_description":"CVE-2016-4078 wireshark: IEEE 802.11 dissector crash (wnpa-sec-2016-21)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4078.json"},{"CVE":"CVE-2016-4079","severity":"moderate","public_date":"2016-04-22T00:00:00Z","advisories":[],"bugzilla":"1330069","bugzilla_description":"CVE-2016-4079 wireshark: PKTC dissector crash (wnpa-sec-2016-22)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4079.json"},{"CVE":"CVE-2016-4080","severity":"moderate","public_date":"2016-04-22T00:00:00Z","advisories":[],"bugzilla":"1330070","bugzilla_description":"CVE-2016-4080 wireshark: PKTC dissector crash (wnpa-sec-2016-23)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4080.json"},{"CVE":"CVE-2016-4081","severity":"moderate","public_date":"2016-04-22T00:00:00Z","advisories":[],"bugzilla":"1330071","bugzilla_description":"CVE-2016-4081 wireshark: IAX2 infinite loop (wnpa-sec-2016-24)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4081.json"},{"CVE":"CVE-2016-4006","severity":"moderate","public_date":"2016-04-22T00:00:00Z","advisories":[],"bugzilla":"1330073","bugzilla_description":"CVE-2016-4006 wireshark: Wireshark and TShark crash (wnpa-sec-2016-25)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4006.json"},{"CVE":"CVE-2016-4082","severity":"moderate","public_date":"2016-04-22T00:00:00Z","advisories":[],"bugzilla":"1330075","bugzilla_description":"CVE-2016-4082 wireshark: GSM CBCH dissector crash (wnpa-sec-2016-26)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4082.json"},{"CVE":"CVE-2016-4083","severity":"moderate","public_date":"2016-04-22T00:00:00Z","advisories":[],"bugzilla":"1330076","bugzilla_description":"CVE-2016-4083 CVE-2016-4084 wireshark: MS-WSP dissector crash (wnpa-sec-2016-27)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4083.json"},{"CVE":"CVE-2016-4084","severity":"moderate","public_date":"2016-04-22T00:00:00Z","advisories":[],"bugzilla":"1330076","bugzilla_description":"CVE-2016-4083 CVE-2016-4084 wireshark: MS-WSP dissector crash (wnpa-sec-2016-27)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4084.json"},{"CVE":"CVE-2016-4085","severity":"moderate","public_date":"2016-04-22T00:00:00Z","advisories":[],"bugzilla":"1330077","bugzilla_description":"CVE-2016-4085 wireshark: NCP dissector crash (wnpa-sec-2016-28)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4085.json"},{"CVE":"CVE-2016-2521","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312776","bugzilla_description":"CVE-2016-2521 wireshark: DLL hijacking vulnerability (wnpa-sec-2016-01)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2521.json"},{"CVE":"CVE-2016-2522","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312777","bugzilla_description":"CVE-2016-2522 wireshark: ASN.1 BER dissector crash (wnpa-sec-2016-02)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2522.json"},{"CVE":"CVE-2016-2523","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312779","bugzilla_description":"CVE-2016-2523 wireshark: DNP3 dissector infinite loop (wnpa-sec-2016-03)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2523.json"},{"CVE":"CVE-2016-2524","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312780","bugzilla_description":"CVE-2016-2524 wireshark: X.509AF crash (wnpa-sec-2016-04)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2524.json"},{"CVE":"CVE-2016-2525","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312781","bugzilla_description":"CVE-2016-2525 wireshark: HTTP/2 dissector crash (wnpa-sec-2016-05)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2525.json"},{"CVE":"CVE-2016-2526","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312783","bugzilla_description":"CVE-2016-2526 wireshark: HiQnet dissector crash (wnpa-sec-2016-06)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2526.json"},{"CVE":"CVE-2016-2527","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312784","bugzilla_description":"CVE-2016-2527 wireshark: 3GPP TS 32.423 Trace file parser crash (wnpa-sec-2016-07)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2527.json"},{"CVE":"CVE-2016-2528","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312785","bugzilla_description":"CVE-2016-2528 wireshark: LBMC dissector crash (wnpa-sec-2016-08)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2528.json"},{"CVE":"CVE-2016-2529","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312787","bugzilla_description":"CVE-2016-2529 wireshark: iSeries file parser crash (wnpa-sec-2016-09)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2529.json"},{"CVE":"CVE-2016-2530","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312790","bugzilla_description":"CVE-2016-2530 CVE-2016-2531 wireshark: RSL dissector crash (wnpa-sec-2016-10)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2530.json"},{"CVE":"CVE-2016-2531","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312790","bugzilla_description":"CVE-2016-2530 CVE-2016-2531 wireshark: RSL dissector crash (wnpa-sec-2016-10)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2531.json"},{"CVE":"CVE-2016-2532","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312792","bugzilla_description":"CVE-2016-2532 wireshark: LLRP dissector crash (wnpa-sec-2016-11)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2532.json"},{"CVE":"CVE-2016-4415","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312795","bugzilla_description":"CVE-2016-4415 wireshark: Ixia IxVeriWave file parser crash (wnpa-sec-2016-12)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4415.json"},{"CVE":"CVE-2016-4416","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312796","bugzilla_description":"CVE-2016-4416 wireshark: IEEE 802.11 dissector crash (wnpa-sec-2016-13)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4416.json"},{"CVE":"CVE-2016-4417","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312797","bugzilla_description":"CVE-2016-4417 wireshark: GSM A-bis OML dissector crash (wnpa-sec-2016-14)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4417.json"},{"CVE":"CVE-2016-4418","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312798","bugzilla_description":"CVE-2016-4418 wireshark: ASN.1 BER dissector crash (wnpa-sec-2016-15)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4418.json"},{"CVE":"CVE-2016-4419","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312799","bugzilla_description":"CVE-2016-4419 wireshark: SPICE dissector large loop (wnpa-sec-2016-16)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4419.json"},{"CVE":"CVE-2016-4420","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312800","bugzilla_description":"CVE-2016-4420 wireshark: NFS dissector crash (wnpa-sec-2016-17)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4420.json"},{"CVE":"CVE-2016-4421","severity":"moderate","public_date":"2016-02-26T00:00:00Z","advisories":[],"bugzilla":"1312801","bugzilla_description":"CVE-2016-4421 wireshark: ASN.1 BER dissector crash. (wnpa-sec-2016-18)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4421.json"},{"CVE":"CVE-2015-8711","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296054","bugzilla_description":"CVE-2015-8711 wireshark: NBAP dissector crashes (wnpa-sec-2015-31)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8711.json"},{"CVE":"CVE-2015-8712","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296055","bugzilla_description":"CVE-2015-8712 CVE-2015-8713 wireshark: UMTS FP dissector crashes (wnpa-sec-2015-32)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8712.json"},{"CVE":"CVE-2015-8713","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296055","bugzilla_description":"CVE-2015-8712 CVE-2015-8713 wireshark: UMTS FP dissector crashes (wnpa-sec-2015-32)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8713.json"},{"CVE":"CVE-2015-8714","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296056","bugzilla_description":"CVE-2015-8714 wireshark: DCOM dissector crash (wnpa-sec-2015-33)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-456","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8714.json"},{"CVE":"CVE-2015-8715","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296057","bugzilla_description":"CVE-2015-8715 wireshark: AllJoyn dissector infinite loop (wnpa-sec-2015-34)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8715.json"},{"CVE":"CVE-2015-8716","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296059","bugzilla_description":"CVE-2015-8716 wireshark: T.38 dissector crash (wnpa-sec-2015-35)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8716.json"},{"CVE":"CVE-2015-8717","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296061","bugzilla_description":"CVE-2015-8717 wireshark: SDP dissector crash (wnpa-sec-2015-36)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8717.json"},{"CVE":"CVE-2015-8718","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296062","bugzilla_description":"CVE-2015-8718 wireshark: NLM dissector crash (wnpa-sec-2015-37)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8718.json"},{"CVE":"CVE-2015-8719","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296063","bugzilla_description":"CVE-2015-8719 wireshark: DNS dissector crash (wnpa-sec-2015-38)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8719.json"},{"CVE":"CVE-2015-8720","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296064","bugzilla_description":"CVE-2015-8720 wireshark: BER dissector crash (wnpa-sec-2015-39)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8720.json"},{"CVE":"CVE-2015-8721","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296065","bugzilla_description":"CVE-2015-8721 wireshark: Zlib decompression crash (wnpa-sec-2015-40)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8721.json"},{"CVE":"CVE-2015-8722","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296066","bugzilla_description":"CVE-2015-8722 wireshark: SCTP dissector crash (wnpa-sec-2015-41)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8722.json"},{"CVE":"CVE-2015-8723","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296067","bugzilla_description":"CVE-2015-8723 CVE-2015-8724 wireshark: 802.11 decryption crash (wnpa-sec-2015-42)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"(CWE-121|CWE-122)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8723.json"},{"CVE":"CVE-2015-8724","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296067","bugzilla_description":"CVE-2015-8723 CVE-2015-8724 wireshark: 802.11 decryption crash (wnpa-sec-2015-42)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"(CWE-121|CWE-122)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8724.json"},{"CVE":"CVE-2015-8725","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296068","bugzilla_description":"CVE-2015-8725 wireshark: DIAMETER dissector crash (wnpa-sec-2015-43)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8725.json"},{"CVE":"CVE-2015-8726","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296070","bugzilla_description":"CVE-2015-8726 wireshark: VeriWave file parser crashes (wnpa-sec-2015-44)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"(CWE-125|CWE-121)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8726.json"},{"CVE":"CVE-2015-8727","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296072","bugzilla_description":"CVE-2015-8727 wireshark: RSVP dissector crash (wnpa-sec-2015-45)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8727.json"},{"CVE":"CVE-2015-8728","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296075","bugzilla_description":"CVE-2015-8728 wireshark: ANSI A & GSM A dissector crashes (wnpa-sec-2015-46)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8728.json"},{"CVE":"CVE-2015-8729","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296077","bugzilla_description":"CVE-2015-8729 wireshark: Ascend file parser crash (wnpa-sec-2015-47)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8729.json"},{"CVE":"CVE-2015-8730","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296078","bugzilla_description":"CVE-2015-8730 wireshark: NBAP dissector crash (wnpa-sec-2015-48)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8730.json"},{"CVE":"CVE-2015-8731","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296079","bugzilla_description":"CVE-2015-8731 wireshark: RSL dissector crash (wnpa-sec-2015-49)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8731.json"},{"CVE":"CVE-2015-8732","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296081","bugzilla_description":"CVE-2015-8732 wireshark: ZigBee ZCL dissector crash (wnpa-sec-2015-50)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8732.json"},{"CVE":"CVE-2015-8733","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296082","bugzilla_description":"CVE-2015-8733 wireshark: Sniffer file parser crash (wnpa-sec-2015-51)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"(CWE-122|CWE-125)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8733.json"},{"CVE":"CVE-2015-8734","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296083","bugzilla_description":"CVE-2015-8734 wireshark: NWP dissector crash (wnpa-sec-2015-52)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8734.json"},{"CVE":"CVE-2015-8735","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296084","bugzilla_description":"CVE-2015-8735 wireshark: BT ATT dissector crash (wnpa-sec-2015-53)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8735.json"},{"CVE":"CVE-2015-8736","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296085","bugzilla_description":"CVE-2015-8736 wireshark: MP2T file parser crash (wnpa-sec-2015-54)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8736.json"},{"CVE":"CVE-2015-8737","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296086","bugzilla_description":"CVE-2015-8737 wireshark: MP2T file parser crash (wnpa-sec-2015-55)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8737.json"},{"CVE":"CVE-2015-8738","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296087","bugzilla_description":"CVE-2015-8738 wireshark: S7COMM dissector crash (wnpa-sec-2015-56)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8738.json"},{"CVE":"CVE-2015-8739","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296088","bugzilla_description":"CVE-2015-8739 wireshark: IPMI dissector crash (wnpa-sec-2015-57)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8739.json"},{"CVE":"CVE-2015-8740","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296089","bugzilla_description":"CVE-2015-8740 wireshark: TDS dissector crash (wnpa-sec-2015-58)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8740.json"},{"CVE":"CVE-2015-8741","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296090","bugzilla_description":"CVE-2015-8741 wireshark: PPI dissector crash (wnpa-sec-2015-59)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8741.json"},{"CVE":"CVE-2015-8742","severity":"moderate","public_date":"2015-12-29T00:00:00Z","advisories":[],"bugzilla":"1296091","bugzilla_description":"CVE-2015-8742 wireshark: MS-WSP dissector crash (wnpa-sec-2015-60)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8742.json"},{"CVE":"CVE-2015-7830","severity":"moderate","public_date":"2015-10-14T00:00:00Z","advisories":[],"bugzilla":"1272016","bugzilla_description":"CVE-2015-7830 wireshark: Pcapng file parser crash","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-704->CWE-480","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7830.json"},{"CVE":"CVE-2015-6241","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":[],"bugzilla":"1253352","bugzilla_description":"CVE-2015-6241 wireshark: protocol tree crash (wnpa-sec-2015-21)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6241.json"},{"CVE":"CVE-2015-6242","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":[],"bugzilla":"1253353","bugzilla_description":"CVE-2015-6242 wireshark: memory manager crash (wnpa-sec-2015-22)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6242.json"},{"CVE":"CVE-2015-6243","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":["RHSA-2015:2393"],"bugzilla":"1253354","bugzilla_description":"CVE-2015-6243 wireshark: Dissector table crash (wnpa-sec-2015-23)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190","affected_packages":["wireshark-0:1.10.14-7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6243.json"},{"CVE":"CVE-2015-6244","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":["RHSA-2015:2393"],"bugzilla":"1253355","bugzilla_description":"CVE-2015-6244 wireshark: ZigBee dissector crash (wnpa-sec-2015-24)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-130","affected_packages":["wireshark-0:1.10.14-7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6244.json"},{"CVE":"CVE-2015-6245","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":["RHSA-2015:2393"],"bugzilla":"1253356","bugzilla_description":"CVE-2015-6245 wireshark: GSM RLC/MAC dissector infinite loop (wnpa-sec-2015-25)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.10.14-7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6245.json"},{"CVE":"CVE-2015-6246","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":["RHSA-2015:2393"],"bugzilla":"1253357","bugzilla_description":"CVE-2015-6246 wireshark: WaveAgent dissector crash (wnpa-sec-2015-26)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.10.14-7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6246.json"},{"CVE":"CVE-2015-6247","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":[],"bugzilla":"1253359","bugzilla_description":"CVE-2015-6247 wireshark: OpenFlow dissector infinite loop (wnpa-sec-2015-27)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6247.json"},{"CVE":"CVE-2015-6248","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":["RHSA-2015:2393"],"bugzilla":"1253360","bugzilla_description":"CVE-2015-6248 wireshark: Ptvcursor crash (wnpa-sec-2015-28)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.10.14-7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6248.json"},{"CVE":"CVE-2015-6249","severity":"moderate","public_date":"2015-08-11T00:00:00Z","advisories":[],"bugzilla":"1253361","bugzilla_description":"CVE-2015-6249 wireshark: WCCP dissector crash (wnpa-sec-2015-29)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6249.json"},{"CVE":"CVE-2015-4651","severity":"low","public_date":"2015-06-17T00:00:00Z","advisories":[],"bugzilla":"1234415","bugzilla_description":"CVE-2015-4651 wireshark: WCCP dissector crash (wnpa-sec-2015-19)","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4651.json"},{"CVE":"CVE-2015-4652","severity":"low","public_date":"2015-06-17T00:00:00Z","advisories":[],"bugzilla":"1234416","bugzilla_description":"CVE-2015-4652 wireshark: GSM DTAP dissector crash (wnpa-sec-2015-20)","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4652.json"},{"CVE":"CVE-2015-3808","severity":"moderate","public_date":"2015-05-12T00:00:00Z","advisories":[],"bugzilla":"1222433","bugzilla_description":"CVE-2015-3808 CVE-2015-3809 wireshark: LBMR infinite loop (wnpa-sec-2015-12)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3808.json"},{"CVE":"CVE-2015-3809","severity":"moderate","public_date":"2015-05-12T00:00:00Z","advisories":[],"bugzilla":"1222433","bugzilla_description":"CVE-2015-3808 CVE-2015-3809 wireshark: LBMR infinite loop (wnpa-sec-2015-12)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3809.json"},{"CVE":"CVE-2015-3810","severity":"moderate","public_date":"2015-05-12T00:00:00Z","advisories":["RHSA-2015:2393"],"bugzilla":"1222434","bugzilla_description":"CVE-2015-3810 wireshark: WebSocket DoS (wnpa-sec-2015-13)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.10.14-7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3810.json"},{"CVE":"CVE-2015-3811","severity":"moderate","public_date":"2015-05-12T00:00:00Z","advisories":["RHSA-2017:0631","RHSA-2015:2393"],"bugzilla":"1222436","bugzilla_description":"CVE-2015-3811 wireshark: WCP dissector crash (wnpa-sec-2015-14)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-665","affected_packages":["wireshark-0:1.10.14-7.el7","wireshark-0:1.8.10-25.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3811.json"},{"CVE":"CVE-2015-3812","severity":"moderate","public_date":"2015-05-12T00:00:00Z","advisories":["RHSA-2017:0631","RHSA-2015:2393"],"bugzilla":"1222437","bugzilla_description":"CVE-2015-3812 wireshark: X11 memory leak (wnpa-sec-2015-15)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-401","affected_packages":["wireshark-0:1.10.14-7.el7","wireshark-0:1.8.10-25.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3812.json"},{"CVE":"CVE-2015-3813","severity":"moderate","public_date":"2015-05-12T00:00:00Z","advisories":["RHSA-2017:0631","RHSA-2015:2393"],"bugzilla":"1222438","bugzilla_description":"CVE-2015-3813 wireshark: Reassembly memory leak (wnpa-sec-2015-16)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-401","affected_packages":["wireshark-0:1.10.14-7.el7","wireshark-0:1.8.10-25.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3813.json"},{"CVE":"CVE-2015-3814","severity":"moderate","public_date":"2015-05-12T00:00:00Z","advisories":[],"bugzilla":"1222439","bugzilla_description":"CVE-2015-3814 wireshark: IEEE 802.11 infinite loop (wnpa-sec-2015-17)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3814.json"},{"CVE":"CVE-2015-3815","severity":"moderate","public_date":"2015-05-12T00:00:00Z","advisories":[],"bugzilla":"1222440","bugzilla_description":"CVE-2015-3815 wireshark: Android Logcat file parser crash (wnpa-sec-2015-18)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3815.json"},{"CVE":"CVE-2015-3182","severity":"moderate","public_date":"2015-05-07T00:00:00Z","advisories":["RHSA-2015:2393"],"bugzilla":"1219409","bugzilla_description":"CVE-2015-3182 wireshark: crash on sample file genbroad.snoop","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-704","affected_packages":["wireshark-0:1.10.14-7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3182.json"},{"CVE":"CVE-2015-2187","severity":"low","public_date":"2015-03-04T00:00:00Z","advisories":[],"bugzilla":"1199162","bugzilla_description":"CVE-2015-2187 wireshark: ATN-CPDLC dissector could crash (wnpa-sec-2015-06)","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2187.json"},{"CVE":"CVE-2015-2188","severity":"low","public_date":"2015-03-04T00:00:00Z","advisories":["RHSA-2015:2393"],"bugzilla":"1199163","bugzilla_description":"CVE-2015-2188 wireshark: The WCP dissector could crash while decompressing data (wnpa-sec-2015-07)","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":["wireshark-0:1.10.14-7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2188.json"},{"CVE":"CVE-2015-2189","severity":"low","public_date":"2015-03-04T00:00:00Z","advisories":["RHSA-2015:2393","RHSA-2015:1460"],"bugzilla":"1199165","bugzilla_description":"CVE-2015-2189 wireshark: The pcapng file parser could crash (wnpa-sec-2015-08)","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-193","affected_packages":["wireshark-0:1.10.14-7.el7","wireshark-0:1.8.10-17.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2189.json"},{"CVE":"CVE-2015-2190","severity":"low","public_date":"2015-03-04T00:00:00Z","advisories":[],"bugzilla":"1199166","bugzilla_description":"CVE-2015-2190 wireshark: LLDP dissector could crash (wnpa-sec-2015-09)","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2190.json"},{"CVE":"CVE-2015-2191","severity":"low","public_date":"2015-03-04T00:00:00Z","advisories":["RHSA-2015:2393","RHSA-2015:1460"],"bugzilla":"1199167","bugzilla_description":"CVE-2015-2191 wireshark: The TNEF dissector could go into an infinite loop on 32-bit architectures (wnpa-sec-2015-10)","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.10.14-7.el7","wireshark-0:1.8.10-17.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2191.json"},{"CVE":"CVE-2015-2192","severity":"low","public_date":"2015-03-04T00:00:00Z","advisories":[],"bugzilla":"1199168","bugzilla_description":"CVE-2015-2192 wireshark: SCSI OSD dissector could go into an infinite loop (wnpa-sec-2015-11)","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2192.json"},{"CVE":"CVE-2015-0559","severity":"moderate","public_date":"2015-01-07T00:00:00Z","advisories":[],"bugzilla":"1180167","bugzilla_description":"CVE-2015-0559 CVE-2015-0560 wireshark: WCCP dissector crash (wnpa-sec-2015-01)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0559.json"},{"CVE":"CVE-2015-0560","severity":"moderate","public_date":"2015-01-07T00:00:00Z","advisories":[],"bugzilla":"1180167","bugzilla_description":"CVE-2015-0559 CVE-2015-0560 wireshark: WCCP dissector crash (wnpa-sec-2015-01)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0560.json"},{"CVE":"CVE-2015-0561","severity":"moderate","public_date":"2015-01-07T00:00:00Z","advisories":[],"bugzilla":"1180171","bugzilla_description":"CVE-2015-0561 wireshark: LPP dissector crash (wnpa-sec-2015-02)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0561.json"},{"CVE":"CVE-2015-0562","severity":"moderate","public_date":"2015-01-07T00:00:00Z","advisories":["RHSA-2015:2393","RHSA-2015:1460"],"bugzilla":"1180182","bugzilla_description":"CVE-2015-0562 wireshark: DEC DNA Routing Protocol dissector crash (wnpa-sec-2015-03)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-416","affected_packages":["wireshark-0:1.10.14-7.el7","wireshark-0:1.8.10-17.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0562.json"},{"CVE":"CVE-2015-0563","severity":"moderate","public_date":"2015-01-07T00:00:00Z","advisories":["RHSA-2015:2393"],"bugzilla":"1180195","bugzilla_description":"CVE-2015-0563 wireshark: SMTP dissector crash (wnpa-sec-2015-04)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-131","affected_packages":["wireshark-0:1.10.14-7.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0563.json"},{"CVE":"CVE-2015-0564","severity":"moderate","public_date":"2015-01-07T00:00:00Z","advisories":["RHSA-2015:2393","RHSA-2015:1460"],"bugzilla":"1180197","bugzilla_description":"CVE-2015-0564 wireshark: TLS/SSL decryption crash (wnpa-sec-2015-05)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-131","affected_packages":["wireshark-0:1.10.14-7.el7","wireshark-0:1.8.10-17.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0564.json"},{"CVE":"CVE-2014-8710","severity":"moderate","public_date":"2014-11-04T00:00:00Z","advisories":["RHSA-2015:2393","RHSA-2015:1460"],"bugzilla":"1163584","bugzilla_description":"CVE-2014-8710 wireshark: SigComp dissector crash (wnpa-sec-2014-20)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.10.14-7.el7","wireshark-0:1.8.10-17.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8710.json"},{"CVE":"CVE-2014-8714","severity":"moderate","public_date":"2014-10-20T00:00:00Z","advisories":["RHSA-2015:2393","RHSA-2015:1460"],"bugzilla":"1163581","bugzilla_description":"CVE-2014-8714 wireshark: TN5250 infinite loop (wnpa-sec-2014-23)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.10.14-7.el7","wireshark-0:1.8.10-17.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8714.json"},{"CVE":"CVE-2014-8711","severity":"moderate","public_date":"2014-10-17T00:00:00Z","advisories":["RHSA-2015:2393","RHSA-2015:1460"],"bugzilla":"1163583","bugzilla_description":"CVE-2014-8711 wireshark: AMQP dissector crash (wnpa-sec-2014-21)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.10.14-7.el7","wireshark-0:1.8.10-17.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8711.json"},{"CVE":"CVE-2014-8712","severity":"moderate","public_date":"2014-10-09T00:00:00Z","advisories":["RHSA-2015:2393","RHSA-2015:1460"],"bugzilla":"1163582","bugzilla_description":"CVE-2014-8712 CVE-2014-8713 wireshark: NCP dissector crashes (wnpa-sec-2014-22)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.10.14-7.el7","wireshark-0:1.8.10-17.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8712.json"},{"CVE":"CVE-2014-8713","severity":"moderate","public_date":"2014-10-09T00:00:00Z","advisories":["RHSA-2015:2393","RHSA-2015:1460"],"bugzilla":"1163582","bugzilla_description":"CVE-2014-8712 CVE-2014-8713 wireshark: NCP dissector crashes (wnpa-sec-2014-22)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.10.14-7.el7","wireshark-0:1.8.10-17.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8713.json"},{"CVE":"CVE-2014-6429","severity":"moderate","public_date":"2014-09-10T00:00:00Z","advisories":["RHSA-2014:1676","RHSA-2014:1677"],"bugzilla":"1142602","bugzilla_description":"CVE-2014-6429 CVE-2014-6430 CVE-2014-6431 CVE-2014-6432 wireshark: DOS Sniffer file parser flaw (wnpa-sec-2014-19)","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-8.el6_6","wireshark-0:1.0.15-7.el5_11","wireshark-0:1.10.3-12.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6429.json"},{"CVE":"CVE-2014-6430","severity":"moderate","public_date":"2014-09-10T00:00:00Z","advisories":["RHSA-2014:1676","RHSA-2014:1677"],"bugzilla":"1142602","bugzilla_description":"CVE-2014-6429 CVE-2014-6430 CVE-2014-6431 CVE-2014-6432 wireshark: DOS Sniffer file parser flaw (wnpa-sec-2014-19)","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-8.el6_6","wireshark-0:1.0.15-7.el5_11","wireshark-0:1.10.3-12.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6430.json"},{"CVE":"CVE-2014-6431","severity":"moderate","public_date":"2014-09-10T00:00:00Z","advisories":["RHSA-2014:1676","RHSA-2014:1677"],"bugzilla":"1142602","bugzilla_description":"CVE-2014-6429 CVE-2014-6430 CVE-2014-6431 CVE-2014-6432 wireshark: DOS Sniffer file parser flaw (wnpa-sec-2014-19)","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-8.el6_6","wireshark-0:1.0.15-7.el5_11","wireshark-0:1.10.3-12.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6431.json"},{"CVE":"CVE-2014-6432","severity":"moderate","public_date":"2014-09-10T00:00:00Z","advisories":["RHSA-2014:1676","RHSA-2014:1677"],"bugzilla":"1142602","bugzilla_description":"CVE-2014-6429 CVE-2014-6430 CVE-2014-6431 CVE-2014-6432 wireshark: DOS Sniffer file parser flaw (wnpa-sec-2014-19)","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-8.el6_6","wireshark-0:1.0.15-7.el5_11","wireshark-0:1.10.3-12.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6432.json"},{"CVE":"CVE-2014-6428","severity":"moderate","public_date":"2014-09-07T00:00:00Z","advisories":["RHSA-2014:1676","RHSA-2014:1677"],"bugzilla":"1142603","bugzilla_description":"CVE-2014-6428 wireshark: SES dissector crash (wnpa-sec-2014-18)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-456","affected_packages":["wireshark-0:1.8.10-8.el6_6","wireshark-0:1.0.15-7.el5_11","wireshark-0:1.10.3-12.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6428.json"},{"CVE":"CVE-2014-6427","severity":"moderate","public_date":"2014-08-14T00:00:00Z","advisories":["RHSA-2014:1676"],"bugzilla":"1142604","bugzilla_description":"CVE-2014-6427 wireshark: RTSP dissector crash (wnpa-sec-2014-17)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-8.el6_6","wireshark-0:1.10.3-12.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6427.json"},{"CVE":"CVE-2014-6426","severity":"moderate","public_date":"2014-08-14T00:00:00Z","advisories":["RHSA-2014:1676"],"bugzilla":"1142606","bugzilla_description":"CVE-2014-6426 wireshark: HIP dissector infinite loop (wnpa-sec-2014-16)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-8.el6_6","wireshark-0:1.10.3-12.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6426.json"},{"CVE":"CVE-2014-6424","severity":"moderate","public_date":"2014-08-13T00:00:00Z","advisories":["RHSA-2014:1676"],"bugzilla":"1142609","bugzilla_description":"CVE-2014-6424 wireshark: Netflow dissector crash (wnpa-sec-2014-14)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-8.el6_6","wireshark-0:1.10.3-12.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6424.json"},{"CVE":"CVE-2014-6425","severity":"moderate","public_date":"2014-08-07T00:00:00Z","advisories":["RHSA-2014:1676","RHSA-2014:1677"],"bugzilla":"1142608","bugzilla_description":"CVE-2014-6425 wireshark: CUPS dissector crash (wnpa-sec-2014-15)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-228->CWE-125","affected_packages":["wireshark-0:1.8.10-8.el6_6","wireshark-0:1.0.15-7.el5_11","wireshark-0:1.10.3-12.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6425.json"},{"CVE":"CVE-2014-6423","severity":"moderate","public_date":"2014-08-01T00:00:00Z","advisories":["RHSA-2014:1676","RHSA-2014:1677"],"bugzilla":"1142610","bugzilla_description":"CVE-2014-6423 wireshark: MEGACO dissector infinite loop (wnpa-sec-2014-13)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-8.el6_6","wireshark-0:1.0.15-7.el5_11","wireshark-0:1.10.3-12.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6423.json"},{"CVE":"CVE-2014-5161","severity":"moderate","public_date":"2014-07-31T00:00:00Z","advisories":[],"bugzilla":"1125767","bugzilla_description":"CVE-2014-5161 CVE-2014-5162 wireshark: Catapult DCT2000 and IrDA dissectors buffer underrun (wnpa-sec-2014-08)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5161.json"},{"CVE":"CVE-2014-5162","severity":"moderate","public_date":"2014-07-31T00:00:00Z","advisories":[],"bugzilla":"1125767","bugzilla_description":"CVE-2014-5161 CVE-2014-5162 wireshark: Catapult DCT2000 and IrDA dissectors buffer underrun (wnpa-sec-2014-08)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5162.json"},{"CVE":"CVE-2014-5163","severity":"moderate","public_date":"2014-06-21T00:00:00Z","advisories":[],"bugzilla":"1125766","bugzilla_description":"CVE-2014-5163 wireshark: GTP and GSM Management dissectors crash (wnpa-sec-2014-09)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5163.json"},{"CVE":"CVE-2014-5165","severity":"moderate","public_date":"2014-06-17T00:00:00Z","advisories":[],"bugzilla":"1125761","bugzilla_description":"CVE-2014-5165 wireshark: ASN.1 BER dissector crash (wnpa-sec-2014-11)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5165.json"},{"CVE":"CVE-2014-2907","severity":"moderate","public_date":"2014-04-22T00:00:00Z","advisories":[],"bugzilla":"1090177","bugzilla_description":"CVE-2014-2907 wireshark: RTP dissector crash (wnpa-sec-2014-06)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2907.json"},{"CVE":"CVE-2014-4020","severity":"moderate","public_date":"2014-04-17T00:00:00Z","advisories":[],"bugzilla":"1109034","bugzilla_description":"CVE-2014-4020 wireshark: Frame metadissector crash (wnpa-sec-2014-07)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4020.json"},{"CVE":"CVE-2014-4174","severity":"moderate","public_date":"2014-04-09T00:00:00Z","advisories":[],"bugzilla":"1086033","bugzilla_description":"CVE-2014-4174 libpcap: file parser crash (wnpa-sec-2014-05)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4174.json"},{"CVE":"CVE-2014-6421","severity":"moderate","public_date":"2014-03-23T00:00:00Z","advisories":["RHSA-2014:1676","RHSA-2014:1677"],"bugzilla":"1142611","bugzilla_description":"CVE-2014-6421 CVE-2014-6422 wireshark: RTP dissector crash (wnpa-sec-2014-12)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-416","affected_packages":["wireshark-0:1.8.10-8.el6_6","wireshark-0:1.0.15-7.el5_11","wireshark-0:1.10.3-12.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6421.json"},{"CVE":"CVE-2014-6422","severity":"moderate","public_date":"2014-03-23T00:00:00Z","advisories":["RHSA-2014:1676","RHSA-2014:1677"],"bugzilla":"1142611","bugzilla_description":"CVE-2014-6421 CVE-2014-6422 wireshark: RTP dissector crash (wnpa-sec-2014-12)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-416","affected_packages":["wireshark-0:1.8.10-8.el6_6","wireshark-0:1.0.15-7.el5_11","wireshark-0:1.10.3-12.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6422.json"},{"CVE":"CVE-2014-2299","severity":"moderate","public_date":"2014-03-07T00:00:00Z","advisories":["RHSA-2014:0342","RHSA-2014:0341"],"bugzilla":"1074109","bugzilla_description":"CVE-2014-2299 wireshark: buffer overflow in MPEG file parser (wnpa-sec-2014-04)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-119","affected_packages":["wireshark-0:1.8.10-7.el6_5","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2299.json"},{"CVE":"CVE-2014-2283","severity":"moderate","public_date":"2014-03-07T00:00:00Z","advisories":["RHSA-2014:0342"],"bugzilla":"1074111","bugzilla_description":"CVE-2014-2283 wireshark: RLC dissector crash (wnpa-sec-2014-03)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-7.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2283.json"},{"CVE":"CVE-2014-2282","severity":"moderate","public_date":"2014-03-07T00:00:00Z","advisories":[],"bugzilla":"1074112","bugzilla_description":"CVE-2014-2282 wireshark: M3UA dissector crash (wnpa-sec-2014-02)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2282.json"},{"CVE":"CVE-2014-2281","severity":"moderate","public_date":"2014-03-07T00:00:00Z","advisories":["RHSA-2014:0342","RHSA-2014:0341"],"bugzilla":"1074114","bugzilla_description":"CVE-2014-2281 wireshark: NFS dissector crash (wnpa-sec-2014-01)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-119","affected_packages":["wireshark-0:1.8.10-7.el6_5","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2281.json"},{"CVE":"CVE-2014-5164","severity":"moderate","public_date":"2014-02-21T00:00:00Z","advisories":[],"bugzilla":"1125763","bugzilla_description":"CVE-2014-5164 wireshark: RLC dissector crash (wnpa-sec-2014-10)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-5164.json"},{"CVE":"CVE-2013-7112","severity":"low","public_date":"2013-12-17T00:00:00Z","advisories":["RHSA-2014:0342","RHSA-2014:0341"],"bugzilla":"1044508","bugzilla_description":"CVE-2013-7112 wireshark: SIP dissector could go into an infinite loop (wnpa-sec-2013-66)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-7.el6_5","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7112.json"},{"CVE":"CVE-2013-7113","severity":"low","public_date":"2013-12-17T00:00:00Z","advisories":[],"bugzilla":"1044509","bugzilla_description":"CVE-2013-7113 wireshark: BSSGP dissector could crash (wnpa-sec-2013-67)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7113.json"},{"CVE":"CVE-2013-7114","severity":"low","public_date":"2013-12-17T00:00:00Z","advisories":["RHSA-2014:0342"],"bugzilla":"1044510","bugzilla_description":"CVE-2013-7114 wireshark: NTLMSSP v2 dissector could crash (wnpa-sec-2013-68)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-7.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7114.json"},{"CVE":"CVE-2013-6336","severity":"moderate","public_date":"2013-11-01T00:00:00Z","advisories":["RHSA-2014:0342"],"bugzilla":"1026534","bugzilla_description":"CVE-2013-6336 wireshark: IEEE 802.15.4 dissector crash (wnpa-sec-2013-61)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-7.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6336.json"},{"CVE":"CVE-2013-6337","severity":"moderate","public_date":"2013-11-01T00:00:00Z","advisories":["RHSA-2014:0342"],"bugzilla":"1026538","bugzilla_description":"CVE-2013-6337 wireshark: NBAP dissector crash (wnpa-sec-2013-62)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-7.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6337.json"},{"CVE":"CVE-2013-6338","severity":"moderate","public_date":"2013-11-01T00:00:00Z","advisories":["RHSA-2014:0342"],"bugzilla":"1026539","bugzilla_description":"CVE-2013-6338 wireshark: SIP dissector crash (wnpa-sec-2013-63)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-7.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6338.json"},{"CVE":"CVE-2013-6339","severity":"moderate","public_date":"2013-11-01T00:00:00Z","advisories":["RHSA-2014:0342"],"bugzilla":"1026540","bugzilla_description":"CVE-2013-6339 wireshark: ActiveMQ OpenWire dissector large loop (wnpa-sec-2013-64)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-7.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6339.json"},{"CVE":"CVE-2013-6340","severity":"moderate","public_date":"2013-11-01T00:00:00Z","advisories":["RHSA-2014:0342"],"bugzilla":"1026541","bugzilla_description":"CVE-2013-6340 wireshark: TCP dissector crash (wnpa-sec-2013-65)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-7.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6340.json"},{"CVE":"CVE-2013-5717","severity":"low","public_date":"2013-09-10T00:00:00Z","advisories":[],"bugzilla":"1007177","bugzilla_description":"CVE-2013-5717 wireshark: Bluetooth HCI ACL dissector crash (wnpa-sec-2013-54, upstream bug 8827)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5717.json"},{"CVE":"CVE-2013-5718","severity":"low","public_date":"2013-09-10T00:00:00Z","advisories":[],"bugzilla":"1007182","bugzilla_description":"CVE-2013-5718 wireshark: NBAP dissector crash (wnpa-sec-2013-55, upstream bug 9005)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5718.json"},{"CVE":"CVE-2013-5719","severity":"low","public_date":"2013-09-10T00:00:00Z","advisories":[],"bugzilla":"1007185","bugzilla_description":"CVE-2013-5719 wireshark: ASSA R3 dissector crash (wnpa-sec-2013-56, upstream bug 9020)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5719.json"},{"CVE":"CVE-2013-5720","severity":"low","public_date":"2013-09-10T00:00:00Z","advisories":[],"bugzilla":"1007192","bugzilla_description":"CVE-2013-5720 wireshark: RTPS dissector crash (wnpa-sec-2013-57)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5720.json"},{"CVE":"CVE-2013-5721","severity":"low","public_date":"2013-09-10T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"1007197","bugzilla_description":"CVE-2013-5721 wireshark: MQ dissector crash (wnpa-sec-2013-58, upstream bug 9079)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5721.json"},{"CVE":"CVE-2013-5722","severity":"low","public_date":"2013-09-10T00:00:00Z","advisories":[],"bugzilla":"1007201","bugzilla_description":"CVE-2013-5722 wireshark: LDAP dissector crash (wnpa-sec-2013-59)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5722.json"},{"CVE":"CVE-2013-4920","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":[],"bugzilla":"990155","bugzilla_description":"CVE-2013-4920 wireshark: DoS (application crash) in the P1 dissector (wnpa-sec-2013-42)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4920.json"},{"CVE":"CVE-2013-4921","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":[],"bugzilla":"990156","bugzilla_description":"CVE-2013-4921 wireshark: Off-by-one (application crash) in the Radiotap dissector (wnpa-sec-2013-43)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-193","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4921.json"},{"CVE":"CVE-2013-4922","severity":"moderate","public_date":"2013-07-26T00:00:00Z","advisories":[],"bugzilla":"990157","bugzilla_description":"CVE-2013-4922 wireshark: Double-free in the DCOM ISystemActivator dissector (wnpa-sec-2013-44)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4922.json"},{"CVE":"CVE-2013-4923","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":[],"bugzilla":"990160","bugzilla_description":"CVE-2013-4923 wireshark: Memory leak (DoS, memory consumption) in the DCOM ISystemActivator dissector (wnpa-sec-2013-44)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-401","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4923.json"},{"CVE":"CVE-2013-4924","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":[],"bugzilla":"990163","bugzilla_description":"CVE-2013-4924 wireshark: Assertion failure in the DCOM ISystemActivator dissector (wnpa-sec-2013-44)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4924.json"},{"CVE":"CVE-2013-4925","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":[],"bugzilla":"990164","bugzilla_description":"CVE-2013-4925 wireshark: Integer signedness error in the DCOM ISystemActivator dissector (wnpa-sec-2013-44)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4925.json"},{"CVE":"CVE-2013-4926","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":[],"bugzilla":"990165","bugzilla_description":"CVE-2013-4926 wireshark: DoS in the DCOM ISystemActivator dissector due improper remaining data to process presence check (wnpa-sec-2013-44)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4926.json"},{"CVE":"CVE-2013-4927","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"990166","bugzilla_description":"CVE-2013-4927 wireshark: Integer signedness error in the Bluetooth SDP dissector (wnpa-sec-2013-45)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4927.json"},{"CVE":"CVE-2013-4928","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":[],"bugzilla":"990167","bugzilla_description":"CVE-2013-4928 wireshark: Integer signedness error in the Bluetooth OBEX dissector (wnpa-sec-2013-46)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4928.json"},{"CVE":"CVE-2013-4929","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":[],"bugzilla":"990168","bugzilla_description":"CVE-2013-4929 wireshark: DoS (infinite loop) in the DIS dissector (wnpa-sec-2013-47)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4929.json"},{"CVE":"CVE-2013-4930","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":[],"bugzilla":"990169","bugzilla_description":"CVE-2013-4930 wireshark: Assertion failure in the DVB-CI dissector (wnpa-sec-2013-48)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4930.json"},{"CVE":"CVE-2013-4931","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"990170","bugzilla_description":"CVE-2013-4931 wireshark: DoS (infinite loop) in the GSM RR dissector (wnpa-sec-2013-49)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4931.json"},{"CVE":"CVE-2013-4932","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"990172","bugzilla_description":"CVE-2013-4932 wireshark: Multiple array index errors in the GSM A Common dissector (wnpa-sec-2013-50)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4932.json"},{"CVE":"CVE-2013-4933","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"990175","bugzilla_description":"CVE-2013-4933 wireshark: DoS (application crash) in the Netmon file parser (wnpa-sec-2013-51)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4933.json"},{"CVE":"CVE-2013-4934","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"990178","bugzilla_description":"CVE-2013-4934 wireshark: DoS (application crash) in the Netmon file parser (wnpa-sec-2013-51) (A different flaw than CVE-2013-4933)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4934.json"},{"CVE":"CVE-2013-4935","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"990179","bugzilla_description":"CVE-2013-4935 wireshark: DoS (application crash) in the ASN.1 PER dissector (wnpa-sec-2013-52)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4935.json"},{"CVE":"CVE-2013-4936","severity":"low","public_date":"2013-07-26T00:00:00Z","advisories":["RHSA-2013:1569"],"bugzilla":"990180","bugzilla_description":"CVE-2013-4936 wireshark: DoS (NULL pointer dereference, crash) in the PROFINET Real-Time dissector (wnpa-sec-2013-53)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":["wireshark-0:1.8.10-4.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4936.json"},{"CVE":"CVE-2013-4074","severity":"low","public_date":"2013-06-07T00:00:00Z","advisories":[],"bugzilla":"972679","bugzilla_description":"CVE-2013-4074 wireshark: DoS (crash) in the CAPWAP dissector (wnpa-sec-2013-32)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4074.json"},{"CVE":"CVE-2013-4075","severity":"low","public_date":"2013-06-07T00:00:00Z","advisories":["RHSA-2017:0631"],"bugzilla":"972680","bugzilla_description":"CVE-2013-4075 wireshark: DoS (crash) in the GMR-1 BCCH dissector (wnpa-sec-2013-33)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-25.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4075.json"},{"CVE":"CVE-2013-4076","severity":"moderate","public_date":"2013-06-07T00:00:00Z","advisories":[],"bugzilla":"972681","bugzilla_description":"CVE-2013-4076 wireshark: Invalid free in the PPP dissector (wnpa-sec-2013-34)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4076.json"},{"CVE":"CVE-2013-4077","severity":"moderate","public_date":"2013-06-07T00:00:00Z","advisories":[],"bugzilla":"972682","bugzilla_description":"CVE-2013-4077 wireshark: Array index error in the NBAP dissector (wnpa-sec-2013-35)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4077.json"},{"CVE":"CVE-2013-4078","severity":"low","public_date":"2013-06-07T00:00:00Z","advisories":[],"bugzilla":"972683","bugzilla_description":"CVE-2013-4078 wireshark: DoS (infinite loop) in the RDP dissector (wnpa-sec-2013-36)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4078.json"},{"CVE":"CVE-2013-4079","severity":"low","public_date":"2013-06-07T00:00:00Z","advisories":[],"bugzilla":"972684","bugzilla_description":"CVE-2013-4079 wireshark: DoS (infinite loop, application hang) in the GSM CBCH dissector (wnpa-sec-2013-37)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4079.json"},{"CVE":"CVE-2013-4080","severity":"low","public_date":"2013-06-07T00:00:00Z","advisories":[],"bugzilla":"972685","bugzilla_description":"CVE-2013-4080 wireshark: DoS (infinite loop, CPU & memory consumption) in the Assa Abloy R3 dissector (wnpa-sec-2013-38)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4080.json"},{"CVE":"CVE-2013-4081","severity":"low","public_date":"2013-06-07T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"972686","bugzilla_description":"CVE-2013-4081 wireshark: DoS (infinite loop) in the HTTP dissector (wnpa-sec-2013-39)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4081.json"},{"CVE":"CVE-2013-4082","severity":"moderate","public_date":"2013-06-07T00:00:00Z","advisories":[],"bugzilla":"972687","bugzilla_description":"CVE-2013-4082 wireshark: Heap-based buffer overflow in the Ixia IxVeriWave file parser (wnpa-sec-2013-40)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4082.json"},{"CVE":"CVE-2013-4083","severity":"moderate","public_date":"2013-06-07T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"972688","bugzilla_description":"CVE-2013-4083 wireshark: Invalid free in the DCP ETSI dissector (wnpa-sec-2013-41)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4083.json"},{"CVE":"CVE-2013-3562","severity":"low","public_date":"2013-05-17T00:00:00Z","advisories":[],"bugzilla":"965112","bugzilla_description":"CVE-2013-3562 wireshark: DoS (stack overflow, crash) in the Websocket dissector (wnpa-sec-2013-29, upstream #8448, #8499)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3562.json"},{"CVE":"CVE-2013-3560","severity":"low","public_date":"2013-05-17T00:00:00Z","advisories":[],"bugzilla":"965186","bugzilla_description":"CVE-2013-3560 wireshark: DoS (crash) in the MPEG DSM-CC dissector (wnpa-sec-2013-28, upstream #8481)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3560.json"},{"CVE":"CVE-2013-3559","severity":"moderate","public_date":"2013-05-17T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"965190","bugzilla_description":"CVE-2013-3559 wireshark: DoS (crash) in the DCP ETSI dissector (wnpa-sec-2013-27, upstream #8231, #8540, #8541)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3559.json"},{"CVE":"CVE-2013-3558","severity":"low","public_date":"2013-05-17T00:00:00Z","advisories":[],"bugzilla":"965192","bugzilla_description":"CVE-2013-3558 wireshark: DoS (crash) in the PPP CCP dissector (wnpa-sec-2013-26, upstream #8638)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3558.json"},{"CVE":"CVE-2013-3557","severity":"low","public_date":"2013-05-17T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"965193","bugzilla_description":"CVE-2013-3557 wireshark: DoS (crash) in the ASN.1 BER dissector (wnpa-sec-2013-25, upstream #8599)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3557.json"},{"CVE":"CVE-2013-3555","severity":"low","public_date":"2013-05-17T00:00:00Z","advisories":[],"bugzilla":"965194","bugzilla_description":"CVE-2013-3555 wireshark: DoS (crash) in the GTPv2 dissector (wnpa-sec-2013-24, upstream #8493)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3555.json"},{"CVE":"CVE-2013-3556","severity":"low","public_date":"2013-05-17T00:00:00Z","advisories":[],"bugzilla":"966054","bugzilla_description":"CVE-2013-3556 wireshark: DoS (crash) in the ASN.1 BER dissector (wnpa-sec-2013-25, upstream #8599)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3556.json"},{"CVE":"CVE-2013-3561","severity":"low","public_date":"2013-05-17T00:00:00Z","advisories":["RHSA-2013:1569"],"bugzilla":"966331","bugzilla_description":"CVE-2013-3561 wireshark: Multiple Denial of Service flaws","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3561.json"},{"CVE":"CVE-2013-2475","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919129","bugzilla_description":"CVE-2013-2475 wireshark: TCP dissector crash (wnpa-sec-2013-10, upstream bug 8274)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2475.json"},{"CVE":"CVE-2013-2476","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919130","bugzilla_description":"CVE-2013-2476 wireshark: Infinite loop in the HART/IP dissector (wnpa-sec-2013-11, upstream bug 8360)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2476.json"},{"CVE":"CVE-2013-2477","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919131","bugzilla_description":"CVE-2013-2477 wireshark: Crash in the CSN.1 dissector (wnpa-sec-2013-12, upstream bug 8383)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2477.json"},{"CVE":"CVE-2013-2478","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919133","bugzilla_description":"CVE-2013-2478 wireshark: Crash in the MS-MMS dissector (wnpa-sec-2013-13, upstream bug 8382)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2478.json"},{"CVE":"CVE-2013-2479","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919135","bugzilla_description":"CVE-2013-2479 wireshark: Infinite loop in the MPLS Echo dissector (wnpa-sec-2013-14, upstream bug 8039)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2479.json"},{"CVE":"CVE-2013-2480","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919137","bugzilla_description":"CVE-2013-2480 wireshark: Crash in the RTPS and RTPS2 dissectors (wnpa-sec-2013-15, upstream bug 8332)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2480.json"},{"CVE":"CVE-2013-2481","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919139","bugzilla_description":"CVE-2013-2481 wireshark: Crash in the Mount dissector (wnpa-sec-2013-16, upstream bug 8335)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2481.json"},{"CVE":"CVE-2013-2482","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919141","bugzilla_description":"CVE-2013-2482 wireshark: Infinite loop in the AMPQ dissector (wnpa-sec-2013-17, upstream bug 8337)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2482.json"},{"CVE":"CVE-2013-2483","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919142","bugzilla_description":"CVE-2013-2483 wireshark: Divide by zero in the ACN dissector (wnpa-sec-2013-18, upstream bug 8340)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2483.json"},{"CVE":"CVE-2013-2484","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919143","bugzilla_description":"CVE-2013-2484 wireshark: Crash in the CIMD dissector (wnpa-sec-2013-19, upstream bug 8346)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2484.json"},{"CVE":"CVE-2013-2485","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919144","bugzilla_description":"CVE-2013-2485 wireshark: Infinite loop in the FCSP dissector (wnpa-sec-2013-20, upstream bug 8359)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2485.json"},{"CVE":"CVE-2013-2486","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919146","bugzilla_description":"CVE-2013-2486 wireshark: Infinite loop in the RELOAD dissector (wnpa-sec-2013-21, upstream bug 8364) [A different flaw than CVE-2013-2487]","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2486.json"},{"CVE":"CVE-2013-2487","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919147","bugzilla_description":"CVE-2013-2487 wireshark: Infinite loop in the RELOAD dissector (wnpa-sec-2013-21, upstream bug 8364) [A different flaw than CVE-2013-2486]","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2487.json"},{"CVE":"CVE-2013-2488","severity":"low","public_date":"2013-03-06T00:00:00Z","advisories":[],"bugzilla":"919148","bugzilla_description":"CVE-2013-2488 wireshark: Crash in the DTLS dissector (wnpa-sec-2013-22, upstream bug 8380)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2488.json"},{"CVE":"CVE-2013-1572","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906328","bugzilla_description":"CVE-2013-1572 wireshark: Infinite loop in the Slow Protocols dissector (wnpa-sec-2013-01, bug 8036)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1572.json"},{"CVE":"CVE-2013-1573","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906329","bugzilla_description":"CVE-2013-1573 wireshark: Infinite loop in the CSN.1 dissector (wnpa-sec-2013-01, bug 8037)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1573.json"},{"CVE":"CVE-2013-1574","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906330","bugzilla_description":"CVE-2013-1574 wireshark: Infinite loop in the Bluetooth HCI dissector (wnpa-sec-2013-01, bug 8038)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1574.json"},{"CVE":"CVE-2013-1575","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906331","bugzilla_description":"CVE-2013-1575 wireshark: Infinite loop in the R3 dissector (wnpa-sec-2013-01, bug 8040)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1575.json"},{"CVE":"CVE-2013-1576","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906332","bugzilla_description":"CVE-2013-1576 wireshark: Infinite loop in the SDP dissector (wnpa-sec-2013-01, bug 8041)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1576.json"},{"CVE":"CVE-2013-1577","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906333","bugzilla_description":"CVE-2013-1577 wireshark: Infinite loop in the SIP dissector (wnpa-sec-2013-01, bug 8042)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1577.json"},{"CVE":"CVE-2013-1578","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906335","bugzilla_description":"CVE-2013-1578 wireshark: MPLS payload starting with valid-looking ethernet address dissected twice (wnpa-sec-2013-01, bug 8043)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1578.json"},{"CVE":"CVE-2013-1579","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906337","bugzilla_description":"CVE-2013-1579 wireshark: Nested loop (crash) in the RTPS dissector (wnpa-sec-2013-01, bug 8198)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1579.json"},{"CVE":"CVE-2013-1580","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906339","bugzilla_description":"CVE-2013-1580 wireshark: Infinite loop in the DOCSIS 3.0 CM-STATUS dissector (wnpa-sec-2013-01, bug 8199)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1580.json"},{"CVE":"CVE-2013-1581","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906342","bugzilla_description":"CVE-2013-1581 wireshark: Infinite loop in the DCP-ETSI dissector (wnpa-sec-2013-01, bug 8222)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1581.json"},{"CVE":"CVE-2013-1582","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906343","bugzilla_description":"CVE-2013-1582 wireshark: Infinite loop / crash in the CLNP dissector (wnpa-sec-2013-02, bug 7871)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1582.json"},{"CVE":"CVE-2013-1583","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906344","bugzilla_description":"CVE-2013-1583 wireshark: Invalid read (crash) in the DTN dissector (wnpa-sec-2013-03, bug 7945)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1583.json"},{"CVE":"CVE-2013-1584","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906347","bugzilla_description":"CVE-2013-1584 wireshark: Invalid read (crash) in the DTN dissector (wnpa-sec-2013-03, bug 7945) [A different issue than CVE-2013-1583]","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1584.json"},{"CVE":"CVE-2013-1585","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906348","bugzilla_description":"CVE-2013-1585 wireshark: MS-MMC dissector crash (wnpa-sec-2013-04, bug 8112)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1585.json"},{"CVE":"CVE-2013-1586","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906349","bugzilla_description":"CVE-2013-1586 wireshark: DTLS dissector crash (wnpa-sec-2013-05, bug 8111)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1586.json"},{"CVE":"CVE-2013-1587","severity":"low","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906350","bugzilla_description":"CVE-2013-1587 wireshark: ROHC dissector crash (wnpa-sec-2013-06, bug 7679)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1587.json"},{"CVE":"CVE-2013-1588","severity":"moderate","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906351","bugzilla_description":"CVE-2013-1588 wireshark: DCP-ETSI dissector crash (wnpa-sec-2013-07, bug 8213)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1588.json"},{"CVE":"CVE-2013-1589","severity":"moderate","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906353","bugzilla_description":"CVE-2013-1589 wireshark: Wireshark dissection engine invalid read / crash (wnpa-sec-2013-08, bug 8197)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1589.json"},{"CVE":"CVE-2013-1590","severity":"moderate","public_date":"2013-01-29T00:00:00Z","advisories":[],"bugzilla":"906354","bugzilla_description":"CVE-2013-1590 wireshark: Buffer overflow in the NTLMSSP dissector (wnpa-sec-2013-09)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1590.json"},{"CVE":"CVE-2012-5602","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":[],"bugzilla":"881701","bugzilla_description":"CVE-2012-5602 CVE-2012-6058 wireshark: DoS (infinite loop) in the ICMPv6 dissector (wnpa-sec-2012-40)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5602.json"},{"CVE":"CVE-2012-6058","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":[],"bugzilla":"881701","bugzilla_description":"CVE-2012-5602 CVE-2012-6058 wireshark: DoS (infinite loop) in the ICMPv6 dissector (wnpa-sec-2012-40)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6058.json"},{"CVE":"CVE-2012-5601","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":[],"bugzilla":"881706","bugzilla_description":"CVE-2012-5601 CVE-2012-6055 wireshark: DoS (infinite loop) in the 3GPP2 A11 dissector (wnpa-sec-2012-39)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5601.json"},{"CVE":"CVE-2012-6055","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":[],"bugzilla":"881706","bugzilla_description":"CVE-2012-5601 CVE-2012-6055 wireshark: DoS (infinite loop) in the 3GPP2 A11 dissector (wnpa-sec-2012-39)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6055.json"},{"CVE":"CVE-2012-5600","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"881742","bugzilla_description":"CVE-2012-5600 CVE-2012-6062 wireshark: DoS (infinite loop) in the RTCP dissector (wnpa-sec-2012-38)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5600.json"},{"CVE":"CVE-2012-6062","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"881742","bugzilla_description":"CVE-2012-5600 CVE-2012-6062 wireshark: DoS (infinite loop) in the RTCP dissector (wnpa-sec-2012-38)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6062.json"},{"CVE":"CVE-2012-5599","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"881748","bugzilla_description":"CVE-2012-5599 CVE-2012-6061 wireshark: DoS (infinite loop) in the WTP dissector (wnpa-sec-2012-37)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5599.json"},{"CVE":"CVE-2012-6061","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"881748","bugzilla_description":"CVE-2012-5599 CVE-2012-6061 wireshark: DoS (infinite loop) in the WTP dissector (wnpa-sec-2012-37)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6061.json"},{"CVE":"CVE-2012-5598","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"881771","bugzilla_description":"CVE-2012-5598 CVE-2012-6060 wireshark: DoS (infinite loop) in the iSCSI dissector (wnpa-sec-2012-36)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5598.json"},{"CVE":"CVE-2012-6060","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"881771","bugzilla_description":"CVE-2012-5598 CVE-2012-6060 wireshark: DoS (infinite loop) in the iSCSI dissector (wnpa-sec-2012-36)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6060.json"},{"CVE":"CVE-2012-5597","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":["RHSA-2013:1569"],"bugzilla":"881790","bugzilla_description":"CVE-2012-5597 CVE-2012-6059 wireshark: DoS (crash) in the ISAKMP dissector (wnpa-sec-2012-35)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5597.json"},{"CVE":"CVE-2012-6059","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":["RHSA-2013:1569"],"bugzilla":"881790","bugzilla_description":"CVE-2012-5597 CVE-2012-6059 wireshark: DoS (crash) in the ISAKMP dissector (wnpa-sec-2012-35)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6059.json"},{"CVE":"CVE-2012-5596","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":[],"bugzilla":"881805","bugzilla_description":"CVE-2012-5596 CVE-2012-6057 wireshark: DoS (infinite loop) in the EIGRP dissector (wnpa-sec-2012-34)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5596.json"},{"CVE":"CVE-2012-6057","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":[],"bugzilla":"881805","bugzilla_description":"CVE-2012-5596 CVE-2012-6057 wireshark: DoS (infinite loop) in the EIGRP dissector (wnpa-sec-2012-34)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6057.json"},{"CVE":"CVE-2012-5595","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"881809","bugzilla_description":"CVE-2012-5595 CVE-2012-6056 wireshark: DoS (infinite loop) in the SCTP dissector (wnpa-sec-2012-33)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5595.json"},{"CVE":"CVE-2012-6056","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":["RHSA-2013:1569","RHSA-2014:0341"],"bugzilla":"881809","bugzilla_description":"CVE-2012-5595 CVE-2012-6056 wireshark: DoS (infinite loop) in the SCTP dissector (wnpa-sec-2012-33)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6056.json"},{"CVE":"CVE-2012-5594","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":[],"bugzilla":"881816","bugzilla_description":"CVE-2012-5594 CVE-2012-6054 wireshark: DoS (infinite loop) in the sFlow dissector (wnpa-sec-2012-32)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5594.json"},{"CVE":"CVE-2012-6054","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":[],"bugzilla":"881816","bugzilla_description":"CVE-2012-5594 CVE-2012-6054 wireshark: DoS (infinite loop) in the sFlow dissector (wnpa-sec-2012-32)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6054.json"},{"CVE":"CVE-2012-5593","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":[],"bugzilla":"881822","bugzilla_description":"CVE-2012-5593 CVE-2012-6053 wireshark: DoS (infinite loop) in the USB dissector (wnpa-sec-2012-31)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5593.json"},{"CVE":"CVE-2012-6053","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":[],"bugzilla":"881822","bugzilla_description":"CVE-2012-5593 CVE-2012-6053 wireshark: DoS (infinite loop) in the USB dissector (wnpa-sec-2012-31)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6053.json"},{"CVE":"CVE-2012-5592","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":[],"bugzilla":"881855","bugzilla_description":"CVE-2012-5592 CVE-2012-6052 wireshark: pcap-ng hostname disclosure (wnpa-sec-2012-30)","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5592.json"},{"CVE":"CVE-2012-6052","severity":"low","public_date":"2012-11-28T00:00:00Z","advisories":[],"bugzilla":"881855","bugzilla_description":"CVE-2012-5592 CVE-2012-6052 wireshark: pcap-ng hostname disclosure (wnpa-sec-2012-30)","cvss_score":2.1,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6052.json"},{"CVE":"CVE-2012-5237","severity":"low","public_date":"2012-10-02T00:00:00Z","advisories":[],"bugzilla":"862504","bugzilla_description":"CVE-2012-5237 wireshark: Infinite loop in the HSRP dissector","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5237.json"},{"CVE":"CVE-2012-5238","severity":"low","public_date":"2012-10-02T00:00:00Z","advisories":[],"bugzilla":"862507","bugzilla_description":"CVE-2012-5238 wireshark: Application abort due to wrong variable type in PPP dissector","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5238.json"},{"CVE":"CVE-2012-5239","severity":"low","public_date":"2012-10-02T00:00:00Z","advisories":[],"bugzilla":"862508","bugzilla_description":"CVE-2012-5239 wireshark: Infinite loop in the DRDA dissector","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5239.json"},{"CVE":"CVE-2012-5240","severity":"moderate","public_date":"2012-10-02T00:00:00Z","advisories":[],"bugzilla":"862510","bugzilla_description":"CVE-2012-5240 wireshark: Stack-based buffer overflow in the LDP dissector","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5240.json"},{"CVE":"CVE-2012-3548","severity":"low","public_date":"2012-08-21T00:00:00Z","advisories":[],"bugzilla":"849926","bugzilla_description":"CVE-2012-3548 wireshark (X >= 1.6.8): DoS (excessive CPU use and infinite loop) in DRDA dissector","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3548.json"},{"CVE":"CVE-2012-4285","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":["RHSA-2013:0125","RHSA-2013:1569"],"bugzilla":"848541","bugzilla_description":"CVE-2012-4285 wireshark: crash due to zero division in DCP ETSI dissector (wnpa-sec-2012-13)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-5.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4285.json"},{"CVE":"CVE-2012-4287","severity":"moderate","public_date":"2012-08-15T00:00:00Z","advisories":[],"bugzilla":"848544","bugzilla_description":"CVE-2012-4287 wireshark: DoS via excessive CPU consumption in MongoDB dissector (wnpa-sec-2012-14)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4287.json"},{"CVE":"CVE-2012-4288","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":["RHSA-2013:1569"],"bugzilla":"848548","bugzilla_description":"CVE-2012-4288 wireshark: DoS via excessive resource consumption in XTP dissector (wnpa-sec-2012-15)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4288.json"},{"CVE":"CVE-2012-4294","severity":"moderate","public_date":"2012-08-15T00:00:00Z","advisories":[],"bugzilla":"848554","bugzilla_description":"CVE-2012-4294 CVE-2012-4295 wireshark: buffer overflow in ERF dissector (wnpa-sec-2012-16)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4294.json"},{"CVE":"CVE-2012-4295","severity":"moderate","public_date":"2012-08-15T00:00:00Z","advisories":[],"bugzilla":"848554","bugzilla_description":"CVE-2012-4294 CVE-2012-4295 wireshark: buffer overflow in ERF dissector (wnpa-sec-2012-16)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4295.json"},{"CVE":"CVE-2012-4289","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":["RHSA-2013:0125","RHSA-2013:1569"],"bugzilla":"848561","bugzilla_description":"CVE-2012-4289 wireshark: DoS via excessive CPU consumption in AFP dissector (wnpa-sec-2012-17)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-5.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4289.json"},{"CVE":"CVE-2012-4296","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":[],"bugzilla":"848565","bugzilla_description":"CVE-2012-4296 wireshark: DoS via excessive CPU consumption in RTPS2 dissector (wnpa-sec-2012-18)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4296.json"},{"CVE":"CVE-2012-4297","severity":"moderate","public_date":"2012-08-15T00:00:00Z","advisories":[],"bugzilla":"848568","bugzilla_description":"CVE-2012-4297 wireshark: buffer overflow in GSM RLC MAC dissector (wnpa-sec-2012-19)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4297.json"},{"CVE":"CVE-2012-4291","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":["RHSA-2013:0125","RHSA-2013:1569"],"bugzilla":"848572","bugzilla_description":"CVE-2012-4291 wireshark: DoS via excessive system resource consumption in CIP dissector (wnpa-sec-2012-20)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-5.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4291.json"},{"CVE":"CVE-2012-4292","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":["RHSA-2013:1569"],"bugzilla":"848575","bugzilla_description":"CVE-2012-4292 wireshark: crash in STUN dissector (wnpa-sec-2012-21)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4292.json"},{"CVE":"CVE-2012-4293","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":[],"bugzilla":"848577","bugzilla_description":"CVE-2012-4293 wireshark: premature exit in EtherCAT Mailbox dissector (wnpa-sec-2012-22)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4293.json"},{"CVE":"CVE-2012-4290","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":["RHSA-2013:0125","RHSA-2013:1569"],"bugzilla":"848578","bugzilla_description":"CVE-2012-4290 wireshark: DoS via excessive CPU consumption in CTDB dissector (wnpa-sec-2012-23)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6","wireshark-0:1.0.15-5.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4290.json"},{"CVE":"CVE-2012-4286","severity":"low","public_date":"2012-08-15T00:00:00Z","advisories":[],"bugzilla":"848584","bugzilla_description":"CVE-2012-4286 wireshark: crash due to zero division in pcnap-ng file parser (wnpa-sec-2012-24)","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4286.json"},{"CVE":"CVE-2012-4298","severity":"moderate","public_date":"2012-08-15T00:00:00Z","advisories":[],"bugzilla":"848588","bugzilla_description":"CVE-2012-4298 wireshark: buffer overflow in Ixia IxVeriWave file parser (wnpa-sec-2012-25)","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4298.json"},{"CVE":"CVE-2012-4048","severity":"moderate","public_date":"2012-07-22T00:00:00Z","advisories":[],"bugzilla":"842516","bugzilla_description":"CVE-2012-4048 wireshark: Out-of-bounds memory write in PPP dissector","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4048.json"},{"CVE":"CVE-2012-4049","severity":"low","public_date":"2012-07-22T00:00:00Z","advisories":[],"bugzilla":"842518","bugzilla_description":"CVE-2012-4049 wireshark: Excessive CPU usage in NFS dissector","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4049.json"},{"CVE":"CVE-2012-2392","severity":"low","public_date":"2012-05-21T00:00:00Z","advisories":["RHSA-2013:1569"],"bugzilla":"824411","bugzilla_description":"CVE-2012-2392 wireshark: Infinite and large loops in ANSI MAP, ASF, IEEE 802.11, IEEE 802.3, and LTP dissectors (wnpa-sec-2012-08)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.8.10-4.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2392.json"},{"CVE":"CVE-2012-2393","severity":"low","public_date":"2012-05-21T00:00:00Z","advisories":[],"bugzilla":"824413","bugzilla_description":"CVE-2012-2393 wireshark: Memory allocation flaw in the DIAMETER dissector (wnpa-sec-2012-09)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2393.json"},{"CVE":"CVE-2012-2394","severity":"low","public_date":"2012-05-21T00:00:00Z","advisories":[],"bugzilla":"824419","bugzilla_description":"CVE-2012-2394 wireshark: Denial of service (crash) due memory alignment problem on SPARC and Itanium processors (wnpa-sec-2012-10)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2394.json"},{"CVE":"CVE-2012-3825","severity":"low","public_date":"2012-04-16T00:00:00Z","advisories":["RHSA-2013:1569"],"bugzilla":"836960","bugzilla_description":"CVE-2012-3825 wireshark: Integer overflows in BACapp and Bluetooth HCI dissectors, leading to DoS (wnpa-sec-2012-08)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190","affected_packages":["wireshark-0:1.8.10-4.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3825.json"},{"CVE":"CVE-2012-3826","severity":"low","public_date":"2012-04-16T00:00:00Z","advisories":[],"bugzilla":"836961","bugzilla_description":"CVE-2012-3826 wireshark: Integer overflows in the R3 dissector, leading to DoS (wnpa-sec-2012-08)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3826.json"},{"CVE":"CVE-2012-1596","severity":"low","public_date":"2012-02-11T00:00:00Z","advisories":[],"bugzilla":"807661","bugzilla_description":"CVE-2012-1596 wireshark: MP2T dissector memory allocation flaw","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1596.json"},{"CVE":"CVE-2012-1593","severity":"low","public_date":"2012-02-10T00:00:00Z","advisories":[],"bugzilla":"807611","bugzilla_description":"CVE-2012-1593 wireshark: NULL pointer dereference in ANSI A dissector","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1593.json"},{"CVE":"CVE-2012-1594","severity":"low","public_date":"2012-02-08T00:00:00Z","advisories":[],"bugzilla":"807624","bugzilla_description":"CVE-2012-1594 wireshark: Infinite loop in the IEEE 802.11 dissector","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1594.json"},{"CVE":"CVE-2012-1595","severity":"moderate","public_date":"2012-02-07T00:00:00Z","advisories":["RHSA-2012:0509"],"bugzilla":"807644","bugzilla_description":"CVE-2012-1595 wireshark: Heap-based buffer overflow when reading ERF packets from pcap/pcap-ng trace files","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1595.json"},{"CVE":"CVE-2012-0041","severity":"low","public_date":"2012-01-10T00:00:00Z","advisories":["RHSA-2012:0509","RHSA-2013:0125"],"bugzilla":"773726","bugzilla_description":"CVE-2012-0041 wireshark: multiple file parser vulnerabilities (wnpa-sec-2012-01)","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.15-5.el5","wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0041.json"},{"CVE":"CVE-2012-0042","severity":"low","public_date":"2012-01-10T00:00:00Z","advisories":["RHSA-2012:0509","RHSA-2013:0125"],"bugzilla":"773728","bugzilla_description":"CVE-2012-0042 wireshark: NULL pointer vulnerabilities (wnpa-sec-2012-02)","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.15-5.el5","wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0042.json"},{"CVE":"CVE-2012-0043","severity":"moderate","public_date":"2012-01-10T00:00:00Z","advisories":[],"bugzilla":"773729","bugzilla_description":"CVE-2012-0043 wireshark: RLC dissector buffer overflow (wnpa-sec-2012-03)","cvss_score":5.4,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0043.json"},{"CVE":"CVE-2012-0066","severity":"low","public_date":"2012-01-10T00:00:00Z","advisories":["RHSA-2012:0509","RHSA-2013:0125"],"bugzilla":"783360","bugzilla_description":"CVE-2012-0066 Wireshark: Dos via large buffer allocation request","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.15-5.el5","wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0066.json"},{"CVE":"CVE-2012-0067","severity":"low","public_date":"2012-01-10T00:00:00Z","advisories":["RHSA-2012:0509","RHSA-2013:0125"],"bugzilla":"783363","bugzilla_description":"CVE-2012-0067 Wireshark: Dos due to integer overflow in IPTrace capture format parser","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190","affected_packages":["wireshark-0:1.0.15-5.el5","wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0067.json"},{"CVE":"CVE-2012-0068","severity":"moderate","public_date":"2012-01-10T00:00:00Z","advisories":[],"bugzilla":"783370","bugzilla_description":"CVE-2012-0068 Wireshark: Heap-buffer underflow when parsing LANalyzer packet capture files","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0068.json"},{"CVE":"CVE-2011-4102","severity":"moderate","public_date":"2011-10-21T00:00:00Z","advisories":["RHSA-2012:0509","RHSA-2013:0125"],"bugzilla":"750648","bugzilla_description":"CVE-2011-4102 wireshark: buffer overflow in the ERF file reader","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.15-5.el5","wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4102.json"},{"CVE":"CVE-2011-4101","severity":"low","public_date":"2011-10-20T00:00:00Z","advisories":[],"bugzilla":"750645","bugzilla_description":"CVE-2011-4101 wireshark: NULL pointer dereference in Infiniband dissector can cause a crash","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4101.json"},{"CVE":"CVE-2011-4100","severity":"low","public_date":"2011-09-16T00:00:00Z","advisories":[],"bugzilla":"750643","bugzilla_description":"CVE-2011-4100 wireshark: uninitialized variable in the CSN.1 dissector can cause a crash","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4100.json"},{"CVE":"CVE-2011-3266","severity":"low","public_date":"2011-07-28T00:00:00Z","advisories":[],"bugzilla":"732947","bugzilla_description":"CVE-2011-3266 Wireshark proto_tree_add_item DoS","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3266.json"},{"CVE":"CVE-2011-3360","severity":"low","public_date":"2011-07-28T00:00:00Z","advisories":[],"bugzilla":"737784","bugzilla_description":"CVE-2011-3360 Wireshark: Lua script execution vulnerability","cvss_score":4.1,"cvss_scoring_vector":"AV:L/AC:M/Au:S/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3360.json"},{"CVE":"CVE-2011-2698","severity":"low","public_date":"2011-06-20T00:00:00Z","advisories":["RHSA-2012:0509","RHSA-2013:0125"],"bugzilla":"723215","bugzilla_description":"CVE-2011-2698 wireshark: Infinite loop in the ANSI A Interface (IS-634/IOS) dissector","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.0.15-5.el5","wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2698.json"},{"CVE":"CVE-2011-1957","severity":"low","public_date":"2011-05-31T00:00:00Z","advisories":["RHSA-2012:0509"],"bugzilla":"710021","bugzilla_description":"CVE-2011-1957 wireshark: Infinite loop in the DICOM dissector","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1957.json"},{"CVE":"CVE-2011-1959","severity":"low","public_date":"2011-05-31T00:00:00Z","advisories":["RHSA-2012:0509","RHSA-2013:0125"],"bugzilla":"710039","bugzilla_description":"CVE-2011-1959 wireshark: Stack-based buffer over-read from tvbuff buffer when reading snoop capture files","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.15-5.el5","wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1959.json"},{"CVE":"CVE-2011-2174","severity":"low","public_date":"2011-05-31T00:00:00Z","advisories":["RHSA-2012:0509"],"bugzilla":"710097","bugzilla_description":"CVE-2011-2174 wireshark: Double-free flaw by uncompressing of a zlib compressed packet","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2174.json"},{"CVE":"CVE-2011-2175","severity":"low","public_date":"2011-05-31T00:00:00Z","advisories":["RHSA-2012:0509","RHSA-2013:0125"],"bugzilla":"710109","bugzilla_description":"CVE-2011-2175 wireshark: Heap-based buffer over-read in Visual Networks dissector","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.15-5.el5","wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2175.json"},{"CVE":"CVE-2011-1958","severity":"low","public_date":"2011-05-31T00:00:00Z","advisories":["RHSA-2012:0509","RHSA-2013:0125"],"bugzilla":"710184","bugzilla_description":"CVE-2011-1958 wireshark (64bit): NULL pointer dereference by processing of a corrupted Diameter dictionary file","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":["wireshark-0:1.0.15-5.el5","wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1958.json"},{"CVE":"CVE-2011-2597","severity":"low","public_date":"2011-05-31T00:00:00Z","advisories":["RHSA-2012:0509"],"bugzilla":"719753","bugzilla_description":"CVE-2011-2597 wireshark: infinite loop DoS in lucent/ascend file parser","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2597.json"},{"CVE":"CVE-2011-1590","severity":"moderate","public_date":"2011-04-15T00:00:00Z","advisories":["RHSA-2012:0509"],"bugzilla":"697741","bugzilla_description":"CVE-2011-1590 Wireshark: Use-after-free causes heap-based buffer overflow in X.509if dissector","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1590.json"},{"CVE":"CVE-2011-0024","severity":"moderate","public_date":"2011-03-21T00:00:00Z","advisories":["RHSA-2011:0370"],"bugzilla":"671331","bugzilla_description":"CVE-2011-0024 wireshark: heap-based buffer overflow in wireshark < 1.2 when reading malformed capture files","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["wireshark-0:1.0.15-2.el4","wireshark-0:1.0.15-1.el5_6.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0024.json"},{"CVE":"CVE-2011-1139","severity":"low","public_date":"2011-03-01T00:00:00Z","advisories":["RHSA-2011:0370","RHSA-2011:0369"],"bugzilla":"681748","bugzilla_description":"CVE-2011-1139 Wireshark: Denial Of Service (application crash) via a pcap-ng file that contains a large packet-length field","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.2.15-1.el6_0.1","wireshark-0:1.0.15-2.el4","wireshark-0:1.0.15-1.el5_6.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1139.json"},{"CVE":"CVE-2011-1138","severity":"low","public_date":"2011-03-01T00:00:00Z","advisories":[],"bugzilla":"681753","bugzilla_description":"CVE-2011-1138 Wireshark: Off-by-one error in the dissect_6lowpan_iphc function causes application crash (Denial Of Service)","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-193","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1138.json"},{"CVE":"CVE-2011-1140","severity":"low","public_date":"2011-03-01T00:00:00Z","advisories":["RHSA-2011:0370","RHSA-2011:0369"],"bugzilla":"681754","bugzilla_description":"CVE-2011-1140 Wireshark: Multiple stack consumption vulnerabilities caused DoS via crafted SMB or CLDAP packet","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.2.15-1.el6_0.1","wireshark-0:1.0.15-2.el4","wireshark-0:1.0.15-1.el5_6.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1140.json"},{"CVE":"CVE-2011-1141","severity":"low","public_date":"2011-03-01T00:00:00Z","advisories":["RHSA-2011:0370","RHSA-2011:0369"],"bugzilla":"681756","bugzilla_description":"CVE-2011-1141 Wireshark: Malformed LDAP filter string causes Denial of Service via excessive memory consumption","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.2.15-1.el6_0.1","wireshark-0:1.0.15-2.el4","wireshark-0:1.0.15-1.el5_6.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1141.json"},{"CVE":"CVE-2011-1142","severity":"low","public_date":"2011-03-01T00:00:00Z","advisories":[],"bugzilla":"681758","bugzilla_description":"CVE-2011-1142 Wireshark: Stack consumption vulnerability in BER dissector can cause DoS","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1142.json"},{"CVE":"CVE-2011-1143","severity":"low","public_date":"2011-03-01T00:00:00Z","advisories":["RHSA-2012:0509","RHSA-2011:0370"],"bugzilla":"681760","bugzilla_description":"CVE-2011-1143 Wireshark: Null pointer dereference causing application crash when reading malformed pcap file","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":["wireshark-0:1.0.15-2.el4","wireshark-0:1.0.15-1.el5_6.4","wireshark-0:1.2.15-2.el6_2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1143.json"},{"CVE":"CVE-2011-0713","severity":"moderate","public_date":"2011-02-16T00:00:00Z","advisories":["RHSA-2011:0369"],"bugzilla":"678198","bugzilla_description":"CVE-2011-0713 Wireshark: heap-based buffer overflow when reading malformed Nokia DCT3 phone signalling traces","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["wireshark-0:1.2.15-1.el6_0.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0713.json"},{"CVE":"CVE-2011-0538","severity":"low","public_date":"2011-02-03T00:00:00Z","advisories":["RHSA-2011:0370","RHSA-2011:0369"],"bugzilla":"676232","bugzilla_description":"CVE-2011-0538 Wireshark: memory corruption when reading a malformed pcap file (upstream bug #5652)","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.2.15-1.el6_0.1","wireshark-0:1.0.15-2.el4","wireshark-0:1.0.15-1.el5_6.4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0538.json"},{"CVE":"CVE-2011-0444","severity":"moderate","public_date":"2011-01-11T00:00:00Z","advisories":["RHSA-2011:0369"],"bugzilla":"669441","bugzilla_description":"CVE-2011-0444 wireshark: buffer overflow in MAC-LTE disector (upstream bug #5530)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P/","CWE":null,"affected_packages":["wireshark-0:1.2.15-1.el6_0.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0444.json"},{"CVE":"CVE-2011-0445","severity":"moderate","public_date":"2011-01-11T00:00:00Z","advisories":[],"bugzilla":"669443","bugzilla_description":"CVE-2011-0445 wireshark: DoS via crafted packets to ASN.1 BER dissector (upstream bug #5537)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P/","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0445.json"},{"CVE":"CVE-2010-4538","severity":"moderate","public_date":"2010-12-31T00:00:00Z","advisories":["RHSA-2011:0013"],"bugzilla":"666894","bugzilla_description":"CVE-2010-4538 Wireshark: Stack-based array index error in ENTTEC dissector (upstream bug #5539)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.15-1.el4_8.3","wireshark-0:1.0.15-1.el5_5.3","wireshark-0:1.2.13-1.el6_0.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4538.json"},{"CVE":"CVE-2010-4301","severity":"low","public_date":"2010-11-18T00:00:00Z","advisories":[],"bugzilla":"656437","bugzilla_description":"CVE-2010-4301 Wireshark: Infinite loop in Zigbee ZCL dissector","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P/","CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4301.json"},{"CVE":"CVE-2010-4300","severity":"moderate","public_date":"2010-11-18T00:00:00Z","advisories":["RHSA-2010:0924"],"bugzilla":"656456","bugzilla_description":"CVE-2010-4300 Wireshark: Heap-based buffer overflow in LDSS dissector","cvss_score":4.9,"cvss_scoring_vector":"AV:A/AC:M/Au:S/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["wireshark-0:1.2.13-1.el6_0.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4300.json"},{"CVE":"CVE-2010-3445","severity":"low","public_date":"2010-09-13T00:00:00Z","advisories":["RHSA-2010:0924","RHSA-2011:0370"],"bugzilla":"639486","bugzilla_description":"CVE-2010-3445 wireshark: stack overflow in BER dissector","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.15-2.el4","wireshark-0:1.0.15-1.el5_6.4","wireshark-0:1.2.13-1.el6_0.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3445.json"},{"CVE":"CVE-2010-2283","severity":"low","public_date":"2010-06-09T00:00:00Z","advisories":["RHSA-2010:0625"],"bugzilla":"604290","bugzilla_description":"CVE-2010-2283 wireshark: SMB dissector NULL pointer dereference","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":["wireshark-0:1.0.15-1.el4_8.1","wireshark-0:1.0.15-1.el5_5.1","wireshark-0:1.0.15-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2283.json"},{"CVE":"CVE-2010-2284","severity":"low","public_date":"2010-06-09T00:00:00Z","advisories":["RHSA-2010:0625"],"bugzilla":"604292","bugzilla_description":"CVE-2010-2284 wireshark: ASN.1 BER dissector stack overrun","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.15-1.el4_8.1","wireshark-0:1.0.15-1.el5_5.1","wireshark-0:1.0.15-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2284.json"},{"CVE":"CVE-2010-2285","severity":null,"public_date":"2010-06-09T00:00:00Z","advisories":[],"bugzilla":"604299","bugzilla_description":"CVE-2010-2285 wireshark: SMB PIPE dissector NULL pointer dereference","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2285.json"},{"CVE":"CVE-2010-2286","severity":"low","public_date":"2010-06-09T00:00:00Z","advisories":["RHSA-2010:0625"],"bugzilla":"604302","bugzilla_description":"CVE-2010-2286 wireshark: SigComp UDVM dissector infinite loop","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-835","affected_packages":["wireshark-0:1.0.15-1.el4_8.1","wireshark-0:1.0.15-1.el5_5.1","wireshark-0:1.0.15-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2286.json"},{"CVE":"CVE-2010-2287","severity":"moderate","public_date":"2010-06-09T00:00:00Z","advisories":["RHSA-2010:0625"],"bugzilla":"604308","bugzilla_description":"CVE-2010-2995 wireshark: SigComp UDVM dissector buffer overruns","cvss_score":5.4,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.15-1.el4_8.1","wireshark-0:1.0.15-1.el5_5.1","wireshark-0:1.0.15-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2287.json"},{"CVE":"CVE-2010-2995","severity":"moderate","public_date":"2010-06-09T00:00:00Z","advisories":["RHSA-2010:0625"],"bugzilla":"604308","bugzilla_description":"CVE-2010-2995 wireshark: SigComp UDVM dissector buffer overruns","cvss_score":5.4,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.15-1.el4_8.1","wireshark-0:1.0.15-1.el5_5.1","wireshark-0:1.0.15-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2995.json"},{"CVE":"CVE-2010-1455","severity":"low","public_date":"2010-05-05T00:00:00Z","advisories":["RHSA-2010:0625"],"bugzilla":"590613","bugzilla_description":"CVE-2010-1455 wireshark: DOCSIS dissector crash","cvss_score":1.8,"cvss_scoring_vector":"AV:A/AC:H/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.15-1.el4_8.1","wireshark-0:1.0.15-1.el5_5.1","wireshark-0:1.0.15-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1455.json"},{"CVE":"CVE-2010-0304","severity":"moderate","public_date":"2010-01-27T00:00:00Z","advisories":["RHSA-2010:0360"],"bugzilla":"559793","bugzilla_description":"CVE-2010-0304 wireshark: crash in LWRES dissector","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.11-1.el5_5.5","wireshark-0:1.0.11-EL3.6","wireshark-0:1.0.11-1.el4_8.5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0304.json"},{"CVE":"CVE-2009-4377","severity":"moderate","public_date":"2009-12-17T00:00:00Z","advisories":["RHSA-2010:0360"],"bugzilla":"549578","bugzilla_description":"CVE-2009-4377 wireshark: invalid pointer dereference in SMB/SMB2 dissectors","cvss_score":5.4,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.11-1.el5_5.5","wireshark-0:1.0.11-EL3.6","wireshark-0:1.0.11-1.el4_8.5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4377.json"},{"CVE":"CVE-2009-3550","severity":"low","public_date":"2009-10-27T00:00:00Z","advisories":["RHSA-2010:0360"],"bugzilla":"531260","bugzilla_description":"CVE-2009-3550 Wireshark: NULL pointer dereference in the DCERPC over SMB packet disassembly","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-476","affected_packages":["wireshark-0:1.0.11-1.el5_5.5","wireshark-0:1.0.11-EL3.6","wireshark-0:1.0.11-1.el4_8.5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3550.json"},{"CVE":"CVE-2009-3829","severity":"low","public_date":"2009-10-05T00:00:00Z","advisories":["RHSA-2010:0360"],"bugzilla":"532479","bugzilla_description":"CVE-2009-3829 wireshark: unsigned integer wrap vulnerability in ERF reader (VU#676492)","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.11-1.el5_5.5","wireshark-0:1.0.11-EL3.6","wireshark-0:1.0.11-1.el4_8.5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3829.json"},{"CVE":"CVE-2009-2562","severity":"moderate","public_date":"2009-07-20T00:00:00Z","advisories":["RHSA-2010:0360"],"bugzilla":"512987","bugzilla_description":"CVE-2009-2562 Wireshark: Integer overflow in the AFS dissector","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190","affected_packages":["wireshark-0:1.0.11-1.el5_5.5","wireshark-0:1.0.11-EL3.6","wireshark-0:1.0.11-1.el4_8.5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2562.json"},{"CVE":"CVE-2009-2563","severity":"low","public_date":"2009-07-20T00:00:00Z","advisories":["RHSA-2010:0360"],"bugzilla":"512992","bugzilla_description":"CVE-2009-2563 Wireshark: Null-ptr dereference in the InfiniBand dissector","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.11-1.el5_5.5","wireshark-0:1.0.11-EL3.6","wireshark-0:1.0.11-1.el4_8.5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2563.json"},{"CVE":"CVE-2009-2560","severity":"low","public_date":"2009-07-20T00:00:00Z","advisories":["RHSA-2010:0360"],"bugzilla":"513008","bugzilla_description":"CVE-2009-2560 Wireshark: various flaws in a) RADIUS, b) Bluetooth L2CAP, c) MIOP dissectors (DoS)","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.11-1.el5_5.5","wireshark-0:1.0.11-EL3.6","wireshark-0:1.0.11-1.el4_8.5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2560.json"},{"CVE":"CVE-2009-1829","severity":"low","public_date":"2009-05-21T00:00:00Z","advisories":["RHSA-2009:1100"],"bugzilla":"501929","bugzilla_description":"CVE-2009-1829 wireshark: PCNFSD dissector crash","cvss_score":3.3,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.8-1.el4_8.1","wireshark-0:1.0.8-1.el5_3.1","wireshark-0:1.0.8-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1829.json"},{"CVE":"CVE-2009-1268","severity":"low","public_date":"2009-04-08T00:00:00Z","advisories":["RHSA-2009:1100"],"bugzilla":"495119","bugzilla_description":"CVE-2009-1268 Wireshark CHAP dissector crash","cvss_score":3.3,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.8-1.el4_8.1","wireshark-0:1.0.8-1.el5_3.1","wireshark-0:1.0.8-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1268.json"},{"CVE":"CVE-2009-1269","severity":"low","public_date":"2009-04-08T00:00:00Z","advisories":["RHSA-2009:1100"],"bugzilla":"495121","bugzilla_description":"CVE-2009-1269 Wireshark Tektronix .rf5 file crash","cvss_score":3.3,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.8-1.el4_8.1","wireshark-0:1.0.8-1.el5_3.1","wireshark-0:1.0.8-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1269.json"},{"CVE":"CVE-2009-1210","severity":"moderate","public_date":"2009-03-30T00:00:00Z","advisories":["RHSA-2009:1100"],"bugzilla":"493973","bugzilla_description":"CVE-2009-1210 wireshark: format string in PROFINET dissector","cvss_score":5.8,"cvss_scoring_vector":"AV:A/AC:L/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.8-1.el4_8.1","wireshark-0:1.0.8-1.el5_3.1","wireshark-0:1.0.8-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1210.json"},{"CVE":"CVE-2009-0599","severity":"moderate","public_date":"2009-02-06T00:00:00Z","advisories":["RHSA-2009:0313"],"bugzilla":"485888","bugzilla_description":"CVE-2009-0599 wireshark: buffer overflows in NetScreen snoop file reader","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.6-EL3.3","wireshark-0:1.0.6-2.el4_7","wireshark-0:1.0.6-2.el5_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0599.json"},{"CVE":"CVE-2009-0600","severity":"low","public_date":"2009-02-06T00:00:00Z","advisories":["RHSA-2009:0313"],"bugzilla":"485889","bugzilla_description":"CVE-2009-0600 wireshark: denial of service (application crash) via a crafted Tektronix K12 text capture file","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["wireshark-0:1.0.6-EL3.3","wireshark-0:1.0.6-2.el4_7","wireshark-0:1.0.6-2.el5_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0600.json"},{"CVE":"CVE-2008-6472","severity":"low","public_date":"2008-12-08T00:00:00Z","advisories":["RHSA-2009:0313"],"bugzilla":"490370","bugzilla_description":"CVE-2008-6472 wireshark: DoS vulnerability in WLCCP dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.6-EL3.3","wireshark-0:1.0.6-2.el4_7","wireshark-0:1.0.6-2.el5_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-6472.json"},{"CVE":"CVE-2008-5285","severity":"low","public_date":"2008-11-22T00:00:00Z","advisories":["RHSA-2009:0313"],"bugzilla":"472737","bugzilla_description":"CVE-2008-5285 wireshark: DoS (infinite loop) in SMTP dissector via large SMTP request","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["wireshark-0:1.0.6-EL3.3","wireshark-0:1.0.6-2.el4_7","wireshark-0:1.0.6-2.el5_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5285.json"},{"CVE":"CVE-2008-4681","severity":"low","public_date":"2008-10-20T00:00:00Z","advisories":["RHSA-2009:0313"],"bugzilla":"468167","bugzilla_description":"CVE-2008-4681 wireshark: DoS (app crash or abort) in Bluetooth RFCOMM dissector via unknown packets","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.6-EL3.3","wireshark-0:1.0.6-2.el4_7","wireshark-0:1.0.6-2.el5_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4681.json"},{"CVE":"CVE-2008-4680","severity":"low","public_date":"2008-10-01T00:00:00Z","advisories":["RHSA-2009:0313"],"bugzilla":"468166","bugzilla_description":"CVE-2008-4680 wireshark: DoS (app crash or abort) via malformed USB Request Block (URB).","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.6-EL3.3","wireshark-0:1.0.6-2.el4_7","wireshark-0:1.0.6-2.el5_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4680.json"},{"CVE":"CVE-2008-4682","severity":"low","public_date":"2008-10-01T00:00:00Z","advisories":["RHSA-2009:0313"],"bugzilla":"468169","bugzilla_description":"CVE-2008-4682 wireshark: DoS (app abort) via a malformed .ncf file with an unknown/unexpected packet type","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.6-EL3.3","wireshark-0:1.0.6-2.el4_7","wireshark-0:1.0.6-2.el5_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4682.json"},{"CVE":"CVE-2008-4685","severity":"low","public_date":"2008-09-13T00:00:00Z","advisories":["RHSA-2009:0313"],"bugzilla":"468175","bugzilla_description":"CVE-2008-4685 wireshark: DoS (app crash or abort) in Q.931 dissector via certain packets","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.6-EL3.3","wireshark-0:1.0.6-2.el4_7","wireshark-0:1.0.6-2.el5_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4685.json"},{"CVE":"CVE-2008-3146","severity":"moderate","public_date":"2008-09-03T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"461242","bugzilla_description":"CVE-2008-3146 wireshark: multiple buffer overflows in NCP dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3146.json"},{"CVE":"CVE-2008-3932","severity":"low","public_date":"2008-09-03T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"461243","bugzilla_description":"CVE-2008-3932 wireshark: infinite loop in the NCP dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3932.json"},{"CVE":"CVE-2008-3933","severity":"low","public_date":"2008-09-03T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"461244","bugzilla_description":"CVE-2008-3933 wireshark: crash triggered by zlib-compressed packet data","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3933.json"},{"CVE":"CVE-2008-3934","severity":"low","public_date":"2008-09-03T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"461245","bugzilla_description":"CVE-2008-3934 wireshark: crash via crafted Tektronix .rf5 file","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3934.json"},{"CVE":"CVE-2008-3145","severity":"low","public_date":"2008-07-10T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"454984","bugzilla_description":"CVE-2008-3145 wireshark: crash in the packet reassembling","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3145.json"},{"CVE":"CVE-2008-3137","severity":"low","public_date":"2008-06-30T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"454970","bugzilla_description":"CVE-2008-3137 wireshark: crash in the GSM SMS dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3137.json"},{"CVE":"CVE-2008-3138","severity":"low","public_date":"2008-06-30T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"454971","bugzilla_description":"CVE-2008-3138 wireshark: unexpected exit in the PANA and KISMET dissectors","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3138.json"},{"CVE":"CVE-2008-3141","severity":"low","public_date":"2008-06-30T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"454975","bugzilla_description":"CVE-2008-3141 wireshark: memory disclosure in the RMI dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3141.json"},{"CVE":"CVE-2008-4684","severity":"low","public_date":"2008-05-16T00:00:00Z","advisories":["RHSA-2009:0313"],"bugzilla":"468174","bugzilla_description":"CVE-2008-4684 wireshark: DoS (app crash) via certain series of packets by enabling the (1) PRP or (2) MATE post dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.6-EL3.3","wireshark-0:1.0.6-2.el4_7","wireshark-0:1.0.6-2.el5_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4684.json"},{"CVE":"CVE-2008-1563","severity":"low","public_date":"2008-03-28T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"439943","bugzilla_description":"CVE-2008-1563 wireshark: crash in SCCP dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1563.json"},{"CVE":"CVE-2008-1561","severity":"low","public_date":"2008-03-28T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"440014","bugzilla_description":"CVE-2008-1561 wireshark: crash in X.509sat and Roofnet dissectors","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1561.json"},{"CVE":"CVE-2008-1562","severity":"low","public_date":"2008-03-28T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"440015","bugzilla_description":"CVE-2008-1562 wireshark: crash in LDAP dissector","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1562.json"},{"CVE":"CVE-2007-3393","severity":"low","public_date":"2007-05-26T00:00:00Z","advisories":["RHSA-2007:0709","RHSA-2008:0059","RHSA-2007:0710"],"bugzilla":"246221","bugzilla_description":"CVE-2007-3393 Wireshark corrupts the stack when inspecting BOOTP traffic","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.6-1.el5","wireshark-0:0.99.6-EL4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3393.json"},{"CVE":"CVE-2008-4683","severity":"moderate","public_date":"2007-04-04T00:00:00Z","advisories":["RHSA-2009:0313"],"bugzilla":"468171","bugzilla_description":"CVE-2008-4683 wireshark: DoS (app crash or abort) in Bluetooth ACL dissector via a packet with an invalid length","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.6-EL3.3","wireshark-0:1.0.6-2.el4_7","wireshark-0:1.0.6-2.el5_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4683.json"},{"CVE":"CVE-2007-3391","severity":"low","public_date":"2007-03-10T00:00:00Z","advisories":["RHSA-2007:0709","RHSA-2008:0059","RHSA-2007:0710"],"bugzilla":"245797","bugzilla_description":"CVE-2007-3391 Wireshark loops infinitely when inspecting DCP ETSI traffic","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.6-1.el5","wireshark-0:0.99.6-EL4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3391.json"},{"CVE":"CVE-2007-3390","severity":"low","public_date":"2007-03-05T00:00:00Z","advisories":["RHSA-2007:0709","RHSA-2008:0059","RHSA-2007:0710"],"bugzilla":"246225","bugzilla_description":"CVE-2007-3390 Wireshark crashes when inspecting iSeries traffic","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.6-1.el5","wireshark-0:0.99.6-EL4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3390.json"},{"CVE":"CVE-2008-1070","severity":"low","public_date":"2007-02-27T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"435481","bugzilla_description":"CVE-2008-1070 wireshark: SCTP dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1070.json"},{"CVE":"CVE-2008-1071","severity":"low","public_date":"2007-02-27T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"435482","bugzilla_description":"CVE-2008-1071 wireshark: SNMP dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1071.json"},{"CVE":"CVE-2008-1072","severity":"low","public_date":"2007-02-27T00:00:00Z","advisories":["RHSA-2008:0890"],"bugzilla":"435483","bugzilla_description":"CVE-2008-1072 wireshark: TFTP dissector crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:1.0.3-3.el4_7","wireshark-0:1.0.3-4.el5_2","wireshark-0:1.0.3-EL3.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1072.json"},{"CVE":"CVE-2007-3389","severity":"low","public_date":"2007-02-22T00:00:00Z","advisories":["RHSA-2007:0709","RHSA-2008:0059","RHSA-2007:0710"],"bugzilla":"245796","bugzilla_description":"CVE-2007-3389 Wireshark crashes when inspecting HTTP traffic","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.6-1.el5","wireshark-0:0.99.6-EL4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3389.json"},{"CVE":"CVE-2007-3392","severity":"low","public_date":"2007-02-17T00:00:00Z","advisories":["RHSA-2007:0709","RHSA-2008:0059","RHSA-2007:0710"],"bugzilla":"246229","bugzilla_description":"CVE-2007-3392 Wireshark crashes when inspecting MMS traffic","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.6-1.el5","wireshark-0:0.99.6-EL4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3392.json"},{"CVE":"CVE-2007-0456","severity":"low","public_date":"2007-02-01T00:00:00Z","advisories":["RHSA-2007:0066"],"bugzilla":"227140","bugzilla_description":"CVE-2007-0456 Multiple Wireshark issues (CVE-2007-0457, CVE-2007-0458, CVE-2007-0459)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.5-1.el5","wireshark-0:0.99.5-EL3.1","wireshark-0:0.99.5-AS21.3","wireshark-0:0.99.5-EL4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0456.json"},{"CVE":"CVE-2007-0457","severity":"low","public_date":"2007-02-01T00:00:00Z","advisories":["RHSA-2007:0066"],"bugzilla":"227140","bugzilla_description":"CVE-2007-0456 Multiple Wireshark issues (CVE-2007-0457, CVE-2007-0458, CVE-2007-0459)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.5-1.el5","wireshark-0:0.99.5-EL3.1","wireshark-0:0.99.5-AS21.3","wireshark-0:0.99.5-EL4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0457.json"},{"CVE":"CVE-2007-0458","severity":"low","public_date":"2007-02-01T00:00:00Z","advisories":["RHSA-2007:0066"],"bugzilla":"227140","bugzilla_description":"CVE-2007-0456 Multiple Wireshark issues (CVE-2007-0457, CVE-2007-0458, CVE-2007-0459)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.5-1.el5","wireshark-0:0.99.5-EL3.1","wireshark-0:0.99.5-AS21.3","wireshark-0:0.99.5-EL4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0458.json"},{"CVE":"CVE-2007-0459","severity":"low","public_date":"2007-02-01T00:00:00Z","advisories":["RHSA-2007:0066"],"bugzilla":"227140","bugzilla_description":"CVE-2007-0456 Multiple Wireshark issues (CVE-2007-0457, CVE-2007-0458, CVE-2007-0459)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.5-1.el5","wireshark-0:0.99.5-EL3.1","wireshark-0:0.99.5-AS21.3","wireshark-0:0.99.5-EL4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0459.json"},{"CVE":"CVE-2006-4574","severity":"moderate","public_date":"2006-10-30T00:00:00Z","advisories":["RHSA-2006:0726"],"bugzilla":"1618197","bugzilla_description":"CVE-2006-4574 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.4-EL3.1","wireshark-0:0.99.4-EL4.1","wireshark-0:0.99.4-AS21.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4574.json"},{"CVE":"CVE-2006-4805","severity":"moderate","public_date":"2006-10-30T00:00:00Z","advisories":["RHSA-2006:0726"],"bugzilla":"1618202","bugzilla_description":"CVE-2006-4805 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.4-EL3.1","wireshark-0:0.99.4-EL4.1","wireshark-0:0.99.4-AS21.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4805.json"},{"CVE":"CVE-2006-5468","severity":"moderate","public_date":"2006-10-30T00:00:00Z","advisories":["RHSA-2006:0726"],"bugzilla":"1618215","bugzilla_description":"CVE-2006-5468 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.4-EL3.1","wireshark-0:0.99.4-EL4.1","wireshark-0:0.99.4-AS21.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5468.json"},{"CVE":"CVE-2006-5469","severity":"moderate","public_date":"2006-10-30T00:00:00Z","advisories":["RHSA-2006:0726"],"bugzilla":"1618216","bugzilla_description":"CVE-2006-5469 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.4-EL3.1","wireshark-0:0.99.4-EL4.1","wireshark-0:0.99.4-AS21.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5469.json"},{"CVE":"CVE-2006-5740","severity":"moderate","public_date":"2006-10-30T00:00:00Z","advisories":["RHSA-2006:0726"],"bugzilla":"1618222","bugzilla_description":"CVE-2006-5740 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.4-EL3.1","wireshark-0:0.99.4-EL4.1","wireshark-0:0.99.4-AS21.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5740.json"},{"CVE":"CVE-2006-4330","severity":"low","public_date":"2006-08-23T00:00:00Z","advisories":["RHSA-2006:0658"],"bugzilla":"1618178","bugzilla_description":"CVE-2006-4330 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.3-EL3.2","wireshark-0:0.99.3-EL4.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4330.json"},{"CVE":"CVE-2006-4331","severity":"low","public_date":"2006-08-23T00:00:00Z","advisories":["RHSA-2006:0658"],"bugzilla":"1618179","bugzilla_description":"CVE-2006-4331 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.3-EL3.2","wireshark-0:0.99.3-EL4.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4331.json"},{"CVE":"CVE-2006-4333","severity":"low","public_date":"2006-08-23T00:00:00Z","advisories":["RHSA-2006:0658"],"bugzilla":"1618180","bugzilla_description":"CVE-2006-4333 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.3-EL3.2","wireshark-0:0.99.3-EL4.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4333.json"},{"CVE":"CVE-2006-3627","severity":"low","public_date":"2006-07-17T00:00:00Z","advisories":["RHSA-2006:0602"],"bugzilla":"1618146","bugzilla_description":"CVE-2006-3627 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.2-EL4.1","wireshark-0:0.99.2-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3627.json"},{"CVE":"CVE-2006-3628","severity":"moderate","public_date":"2006-07-17T00:00:00Z","advisories":["RHSA-2006:0602"],"bugzilla":"1618147","bugzilla_description":"CVE-2006-3628 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.2-EL4.1","wireshark-0:0.99.2-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3628.json"},{"CVE":"CVE-2006-3629","severity":"low","public_date":"2006-07-17T00:00:00Z","advisories":["RHSA-2006:0602"],"bugzilla":"1618148","bugzilla_description":"CVE-2006-3629 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.2-EL4.1","wireshark-0:0.99.2-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3629.json"},{"CVE":"CVE-2006-3630","severity":"moderate","public_date":"2006-07-17T00:00:00Z","advisories":["RHSA-2006:0602"],"bugzilla":"1618149","bugzilla_description":"CVE-2006-3630 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.2-EL4.1","wireshark-0:0.99.2-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3630.json"},{"CVE":"CVE-2006-3631","severity":"low","public_date":"2006-07-17T00:00:00Z","advisories":["RHSA-2006:0602"],"bugzilla":"1618150","bugzilla_description":"CVE-2006-3631 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.2-EL4.1","wireshark-0:0.99.2-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3631.json"},{"CVE":"CVE-2006-3632","severity":"moderate","public_date":"2006-07-17T00:00:00Z","advisories":["RHSA-2006:0602"],"bugzilla":"1618151","bugzilla_description":"CVE-2006-3632 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["wireshark-0:0.99.2-EL4.1","wireshark-0:0.99.2-EL3.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3632.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wodim_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wodim_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wodim_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/words_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/words_security_api_results.json new file mode 100644 index 0000000..cd314ee --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/words_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2019-12855","severity":"moderate","public_date":"2019-07-09T00:00:00Z","advisories":[],"bugzilla":"1728206","bugzilla_description":"CVE-2019-12855 python-twisted: XMPP support in words.protocols.jabber.xmlstream in Twisted does not verify certificates allowing for a MITM connections","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-295","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12855.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"7.4"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wpa_supplicant_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wpa_supplicant_security_api_results.json new file mode 100644 index 0000000..b36d2b9 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wpa_supplicant_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2020-12695","severity":"moderate","public_date":"2020-06-08T00:00:00Z","advisories":[],"bugzilla":"1846006","bugzilla_description":"CVE-2020-12695 hostapd: UPnP SUBSCRIBE misbehavior in WPS AP","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->(CWE-400|CWE-918)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12695.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-10064","severity":"moderate","public_date":"2020-02-27T00:00:00Z","advisories":[],"bugzilla":"1811069","bugzilla_description":"CVE-2019-10064 hostapd: Not preventig the use of low quality PRNG in EAP mode leads to insufficient entropy","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-331","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10064.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-16275","severity":"moderate","public_date":"2019-09-11T00:00:00Z","advisories":[],"bugzilla":"1767023","bugzilla_description":"CVE-2019-16275 wpa_supplicant: AP mode PMF disconnection protection bypass","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16275.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-13377","severity":"moderate","public_date":"2019-08-03T00:00:00Z","advisories":[],"bugzilla":"1737665","bugzilla_description":"CVE-2019-13377 wpa_supplicant: Timing-based side-channel attack against WPA3's Dragonfly handshake when using Brainpool curves","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13377.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","cvss3_score":"5.3"},{"CVE":"CVE-2019-11555","severity":"moderate","public_date":"2019-04-18T00:00:00Z","advisories":[],"bugzilla":"1703417","bugzilla_description":"CVE-2019-11555 wpa_supplicant: NULL pointer dereference due to improper fragmentation reassembly state validation in EAP-pwd implementation","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11555.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"5.3"},{"CVE":"CVE-2019-9494","severity":"important","public_date":"2019-04-10T00:00:00Z","advisories":[],"bugzilla":"1699141","bugzilla_description":"CVE-2019-9494 wpa_supplicant: SAE Timing-based and Cache-based side-channel attack against WPA3's Dragonfly handshake","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-385","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9494.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-9495","severity":"important","public_date":"2019-04-10T00:00:00Z","advisories":[],"bugzilla":"1699149","bugzilla_description":"CVE-2019-9495 wpa_supplicant: EAP-pwd cache side-channel attack","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-203","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9495.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2019-9496","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":[],"bugzilla":"1699153","bugzilla_description":"CVE-2019-9496 hostapd: SAE confirm missing state validation in hostapd/AP","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-642","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9496.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2019-9497","severity":"moderate","public_date":"2019-04-10T00:00:00Z","advisories":[],"bugzilla":"1699164","bugzilla_description":"CVE-2019-9497 wpa_supplicant: EAP-pwd server not checking for reflection attack","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9497.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","cvss3_score":"4.3"},{"CVE":"CVE-2019-9498","severity":"important","public_date":"2019-04-10T00:00:00Z","advisories":[],"bugzilla":"1699168","bugzilla_description":"CVE-2019-9498 wpa_supplicant: EAP-pwd server missing commit validation for scalar/element","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-345","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9498.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"6.8"},{"CVE":"CVE-2019-9499","severity":"important","public_date":"2019-04-10T00:00:00Z","advisories":[],"bugzilla":"1699170","bugzilla_description":"CVE-2019-9499 wpa_supplicant: EAP-pwd peer missing commit validation for scalar/element","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-345","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9499.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"6.8"},{"CVE":"CVE-2018-14526","severity":"moderate","public_date":"2018-08-08T00:00:00Z","advisories":["RHSA-2018:3107"],"bugzilla":"1614520","bugzilla_description":"CVE-2018-14526 wpa_supplicant: Unauthenticated EAPOL-Key decryption in wpa_supplicant","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-200","affected_packages":["wpa_supplicant-1:2.6-12.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14526.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","cvss3_score":"8.3"},{"CVE":"CVE-2017-13077","severity":"important","public_date":"2017-10-16T00:00:00Z","advisories":["RHSA-2017:2911","RHSA-2017:2907"],"bugzilla":"1491692","bugzilla_description":"CVE-2017-13077 wpa_supplicant: Reinstallation of the pairwise key in the 4-way handshake","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-323","affected_packages":["wpa_supplicant-1:2.6-5.el7_4.1","wpa_supplicant-1:0.7.3-9.el6_9.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13077.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2017-13078","severity":"important","public_date":"2017-10-16T00:00:00Z","advisories":["RHSA-2017:2911","RHSA-2017:2907"],"bugzilla":"1491693","bugzilla_description":"CVE-2017-13078 wpa_supplicant: Reinstallation of the group key in the 4-way handshake","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-323","affected_packages":["wpa_supplicant-1:2.6-5.el7_4.1","wpa_supplicant-1:0.7.3-9.el6_9.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13078.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2017-13079","severity":"important","public_date":"2017-10-16T00:00:00Z","advisories":[],"bugzilla":"1491694","bugzilla_description":"CVE-2017-13079 wpa_supplicant: Reinstallation of the integrity group key in the 4-way handshake","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-323","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13079.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2017-13080","severity":"important","public_date":"2017-10-16T00:00:00Z","advisories":["RHSA-2017:2911","RHSA-2017:2907"],"bugzilla":"1491696","bugzilla_description":"CVE-2017-13080 wpa_supplicant: Reinstallation of the group key in the group key handshake","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-323","affected_packages":["wpa_supplicant-1:2.6-5.el7_4.1","wpa_supplicant-1:0.7.3-9.el6_9.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13080.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2017-13081","severity":"important","public_date":"2017-10-16T00:00:00Z","advisories":[],"bugzilla":"1491697","bugzilla_description":"CVE-2017-13081 wpa_supplicant: Reinstallation of the integrity group key in the group key handshake","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-323","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13081.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2017-13082","severity":"important","public_date":"2017-10-16T00:00:00Z","advisories":["RHSA-2017:2907"],"bugzilla":"1491698","bugzilla_description":"CVE-2017-13082 wpa_supplicant: Accepting a retransmitted FT Reassociation Request and reinstalling the pairwise key while processing it","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-323","affected_packages":["wpa_supplicant-1:2.6-5.el7_4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13082.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2017-13084","severity":"low","public_date":"2017-10-16T00:00:00Z","advisories":[],"bugzilla":"1500301","bugzilla_description":"CVE-2017-13084 wpa_supplicant: reinstallation of the STK key in the PeerKey handshake","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-323","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13084.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2017-13086","severity":"low","public_date":"2017-10-16T00:00:00Z","advisories":["RHSA-2017:2907"],"bugzilla":"1500302","bugzilla_description":"CVE-2017-13086 wpa_supplicant: reinstallation of the Tunneled Direct-Link Setup (TDLS) PeerKey (TPK) key in the TDLS handshake","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-323","affected_packages":["wpa_supplicant-1:2.6-5.el7_4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13086.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2017-13087","severity":"important","public_date":"2017-10-16T00:00:00Z","advisories":["RHSA-2017:2911","RHSA-2017:2907"],"bugzilla":"1500303","bugzilla_description":"CVE-2017-13087 wpa_supplicant: reinstallation of the group key (GTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-323","affected_packages":["wpa_supplicant-1:2.6-5.el7_4.1","wpa_supplicant-1:0.7.3-9.el6_9.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13087.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2017-13088","severity":"important","public_date":"2017-10-16T00:00:00Z","advisories":["RHSA-2017:2907"],"bugzilla":"1500304","bugzilla_description":"CVE-2017-13088 wpa_supplicant: reinstallation of the integrity group key (IGTK) when processing a Wireless Network Management (WNM) Sleep Mode Response frame","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-323","affected_packages":["wpa_supplicant-1:2.6-5.el7_4.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13088.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","cvss3_score":"8.1"},{"CVE":"CVE-2016-4476","severity":"low","public_date":"2016-05-02T00:00:00Z","advisories":[],"bugzilla":"1332422","bugzilla_description":"CVE-2016-4476 wpa_supplicant, hostapd: denial of service via crafted WPA/WPA2 passphrase parameter","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-88","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4476.json","cvss3_scoring_vector":"CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H","cvss3_score":"5.9"},{"CVE":"CVE-2016-4477","severity":"moderate","public_date":"2016-05-02T00:00:00Z","advisories":[],"bugzilla":"1332423","bugzilla_description":"CVE-2016-4477 wpa_supplicant: local configuration update allows privilege escalation","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-88","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4477.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-10743","severity":"moderate","public_date":"2016-02-19T00:00:00Z","advisories":[],"bugzilla":"1811037","bugzilla_description":"CVE-2016-10743 hostapd: Not preventig the use of low quality PRNG leads to insufficient entropy","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-331","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10743.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"7.5"},{"CVE":"CVE-2015-5310","severity":"low","public_date":"2015-11-10T00:00:00Z","advisories":[],"bugzilla":"1277857","bugzilla_description":"CVE-2015-5310 wpa_supplicant: unauthorized WNM Sleep Mode GTK control","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5310.json"},{"CVE":"CVE-2015-5316","severity":"low","public_date":"2015-11-10T00:00:00Z","advisories":[],"bugzilla":"1277865","bugzilla_description":"CVE-2015-5316 wpa_supplicant: EAP-pwd peer error path failure on unexpected Confirm message","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5316.json"},{"CVE":"CVE-2015-5315","severity":"low","public_date":"2015-11-10T00:00:00Z","advisories":[],"bugzilla":"1278377","bugzilla_description":"CVE-2015-5315 wpa_supplicant: EAP-pwd missing last fragment length validation","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5315.json"},{"CVE":"CVE-2015-8041","severity":"low","public_date":"2015-07-08T00:00:00Z","advisories":[],"bugzilla":"1241905","bugzilla_description":"CVE-2015-8041 hostapd and wpa_supplicant: Incomplete WPS and P2P NFC NDEF record payload length validation","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":"CWE-190->(CWE-125|CWE-835)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8041.json"},{"CVE":"CVE-2015-4143","severity":"low","public_date":"2015-05-04T00:00:00Z","advisories":[],"bugzilla":"1219449","bugzilla_description":"CVE-2015-4143 CVE-2015-4144 CVE-2015-4145 CVE-2015-4146 wpa_supplicant and hostapd: EAP-pwd missing payload length validation","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20->CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4143.json"},{"CVE":"CVE-2015-4144","severity":"low","public_date":"2015-05-04T00:00:00Z","advisories":[],"bugzilla":"1219449","bugzilla_description":"CVE-2015-4143 CVE-2015-4144 CVE-2015-4145 CVE-2015-4146 wpa_supplicant and hostapd: EAP-pwd missing payload length validation","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20->CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4144.json"},{"CVE":"CVE-2015-4145","severity":"low","public_date":"2015-05-04T00:00:00Z","advisories":[],"bugzilla":"1219449","bugzilla_description":"CVE-2015-4143 CVE-2015-4144 CVE-2015-4145 CVE-2015-4146 wpa_supplicant and hostapd: EAP-pwd missing payload length validation","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20->CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4145.json"},{"CVE":"CVE-2015-4146","severity":"low","public_date":"2015-05-04T00:00:00Z","advisories":[],"bugzilla":"1219449","bugzilla_description":"CVE-2015-4143 CVE-2015-4144 CVE-2015-4145 CVE-2015-4146 wpa_supplicant and hostapd: EAP-pwd missing payload length validation","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20->CWE-125","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4146.json"},{"CVE":"CVE-2015-4141","severity":"low","public_date":"2015-05-04T00:00:00Z","advisories":[],"bugzilla":"1221172","bugzilla_description":"CVE-2015-4141 wpa_supplicant and hostapd: WPS UPnP vulnerability with HTTP chunked transfer encoding","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190->(CWE-121|CWE-122)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4141.json"},{"CVE":"CVE-2015-4142","severity":"low","public_date":"2015-05-04T00:00:00Z","advisories":["RHSA-2015:1439","RHSA-2015:1090"],"bugzilla":"1221178","bugzilla_description":"CVE-2015-4142 wpa_supplicant and hostapd: integer underflow in AP mode WMM Action frame processing","cvss_score":2.9,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190->CWE-125","affected_packages":["wpa_supplicant-1:0.7.3-6.el6","wpa_supplicant-1:2.0-17.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4142.json"},{"CVE":"CVE-2015-1863","severity":"important","public_date":"2015-04-22T00:00:00Z","advisories":["RHSA-2015:1090"],"bugzilla":"1211191","bugzilla_description":"CVE-2015-1863 wpa_supplicant: P2P SSID processing vulnerability","cvss_score":6.8,"cvss_scoring_vector":"AV:A/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-20->CWE-122","affected_packages":["wpa_supplicant-1:2.0-17.ael7b_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1863.json"},{"CVE":"CVE-2015-0210","severity":null,"public_date":"2015-01-28T00:00:00Z","advisories":[],"bugzilla":"1178921","bugzilla_description":"CVE-2015-0210 wpa_supplicant: broken certificate subject check","cvss_score":5.4,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:C/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0210.json"},{"CVE":"CVE-2014-3686","severity":"moderate","public_date":"2014-10-10T00:00:00Z","advisories":["RHSA-2014:1956"],"bugzilla":"1151259","bugzilla_description":"CVE-2014-3686 wpa_supplicant and hostapd: wpa_cli and hostapd_cli remote command execution issue","cvss_score":5.4,"cvss_scoring_vector":"AV:A/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-78","affected_packages":["wpa_supplicant-1:2.0-13.el7_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3686.json"},{"CVE":"CVE-2012-4445","severity":"moderate","public_date":"2012-10-08T00:00:00Z","advisories":[],"bugzilla":"859918","bugzilla_description":"CVE-2012-4445 hostapd, wpa_supplicant: DoS (abort) by processing certain fragmented EAP-TLS messages","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4445.json"},{"CVE":"CVE-2012-1096","severity":"low","public_date":"2012-02-29T00:00:00Z","advisories":[],"bugzilla":"769807","bugzilla_description":"CVE-2012-1096 NetworkManager, wpa_supplicant: Improper x509v3 certificate and key file paths sanitization","cvss_score":4.7,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:N/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1096.json"},{"CVE":"CVE-2006-7246","severity":"moderate","public_date":"2006-05-10T00:00:00Z","advisories":[],"bugzilla":"756418","bugzilla_description":"CVE-2006-7246 NetworkManager, wpa_supplicant (WPA-Enterprise): Verify that the certificate is from trusted CA and matches the specified subject","cvss_score":4.0,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-7246.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wqy-microhei-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wqy-microhei-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wqy-microhei-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wqy-unibit-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wqy-unibit-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wqy-unibit-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wqy-zenhei-fonts_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wqy-zenhei-fonts_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wqy-zenhei-fonts_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ws-jaxme_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ws-jaxme_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ws-jaxme_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wsmancli_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wsmancli_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wsmancli_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wvdial_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wvdial_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/wvdial_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/x3270-text_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/x3270-text_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/x3270-text_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/x3270-x11_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/x3270-x11_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/x3270-x11_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/x3270_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/x3270_security_api_results.json new file mode 100644 index 0000000..086c49f --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/x3270_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2012-5662","severity":"moderate","public_date":"2013-03-20T00:00:00Z","advisories":[],"bugzilla":"889373","bugzilla_description":"CVE-2012-5662 x3270: does not properly validate SSL certificates","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:N","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5662.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/x86info_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/x86info_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/x86info_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xalan-j2_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xalan-j2_security_api_results.json new file mode 100644 index 0000000..b608a6b --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xalan-j2_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2014-0107","severity":"important","public_date":"2014-03-24T00:00:00Z","advisories":["RHSA-2015:1009","RHSA-2014:1290","RHSA-2014:0590","RHSA-2014:1291","RHSA-2015:1888","RHSA-2014:1351","RHSA-2014:0591","RHSA-2014:0454","RHSA-2014:1995","RHSA-2014:1059","RHSA-2014:0453","RHSA-2014:0348","RHSA-2014:1007","RHSA-2014:1369","RHSA-2014:0818","RHSA-2014:0819"],"bugzilla":"1080248","bugzilla_description":"CVE-2014-0107 Xalan-Java: insufficient constraints in secure processing feature","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-358","affected_packages":["xalan-j2-eap6-0:2.7.1-9.redhat_7.1.ep6.el5","xalan-j2-0:2.7.0-6jpp.2","xalan-j2-eap6-0:2.7.1-9.redhat_7.1.ep6.el6","xalan-j2-0:2.7.1-12_patch_08.ep5.el6","xalan-j2-0:2.7.1-12_patch_08.ep5.el4","xalan-j2-0:2.7.1-12_patch_08.ep5.el5","xalan-j2-0:2.7.0-9.9.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0107.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xcb-util-image_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xcb-util-image_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xcb-util-image_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xcb-util-keysyms_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xcb-util-keysyms_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xcb-util-keysyms_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xcb-util-renderutil_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xcb-util-renderutil_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xcb-util-renderutil_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xcb-util-wm_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xcb-util-wm_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xcb-util-wm_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xcb-util_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xcb-util_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xcb-util_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xchat_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xchat_security_api_results.json new file mode 100644 index 0000000..3663a58 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xchat_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2013-7449","severity":"moderate","public_date":"2014-11-19T00:00:00Z","advisories":[],"bugzilla":"1081839","bugzilla_description":"CVE-2013-7449 xchat/hexchat: does not verify the server hostname matches the domain name in the subject's Common Name (CN) or subjectAltName field in X.509 certificates","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-297","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7449.json"},{"CVE":"CVE-2011-5129","severity":null,"public_date":"2012-08-31T00:00:00Z","advisories":[],"bugzilla":"853321","bugzilla_description":"CVE-2011-5129 xchat: Heap-based buffer overflow (crash, ACE) via long response string","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-5129.json"},{"CVE":"CVE-2012-0828","severity":"moderate","public_date":"2012-01-17T00:00:00Z","advisories":[],"bugzilla":"786391","bugzilla_description":"CVE-2012-0828 xchat: Heap-based buffer overflow by processing UTF-8 line from server containing characters outside BMP","cvss_score":7.5,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:P/A:P","CWE":"CWE-172->CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0828.json"},{"CVE":"CVE-2009-0315","severity":"low","public_date":"2008-08-06T00:00:00Z","advisories":[],"bugzilla":"481560","bugzilla_description":"CVE-2009-0315 xchat: untrusted python modules search path","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0315.json"},{"CVE":"CVE-2004-0409","severity":null,"public_date":"2004-04-05T00:00:00Z","advisories":["RHSA-2004:177","RHSA-2004:585"],"bugzilla":"1617195","bugzilla_description":"CVE-2004-0409 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["xchat-1:2.0.4-4.EL"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0409.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xdelta_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xdelta_security_api_results.json new file mode 100644 index 0000000..44d91db --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xdelta_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2014-9765","severity":"moderate","public_date":"2014-10-12T00:00:00Z","advisories":[],"bugzilla":"1305463","bugzilla_description":"CVE-2014-9765 xdelta: buffer overflow in main_get_appheader","cvss_score":4.6,"cvss_scoring_vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9765.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xdg-desktop-portal-gtk_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xdg-desktop-portal-gtk_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xdg-desktop-portal-gtk_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xdg-desktop-portal_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xdg-desktop-portal_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xdg-desktop-portal_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xdg-user-dirs-gtk_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xdg-user-dirs-gtk_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xdg-user-dirs-gtk_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xdg-user-dirs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xdg-user-dirs_security_api_results.json new file mode 100644 index 0000000..3c848c5 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xdg-user-dirs_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2017-15131","severity":"low","public_date":"2017-01-12T00:00:00Z","advisories":["RHSA-2018:0842"],"bugzilla":"1455094","bugzilla_description":"CVE-2017-15131 xdg-user-dirs, gnome-session: Xsession creation of XDG user directories does not honor system umask policy","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-266","affected_packages":["xdg-user-dirs-0:0.15-5.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15131.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","cvss3_score":"3.3"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xdg-utils_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xdg-utils_security_api_results.json new file mode 100644 index 0000000..6461b07 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xdg-utils_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2017-18266","severity":"low","public_date":"2017-11-18T00:00:00Z","advisories":[],"bugzilla":"1578767","bugzilla_description":"CVE-2017-18266 xdg-utils: Argument injection vulnerability in open_envvar() function","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-88","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18266.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","cvss3_score":"4.4"},{"CVE":"CVE-2015-1877","severity":"moderate","public_date":"2015-02-11T00:00:00Z","advisories":[],"bugzilla":"1194205","bugzilla_description":"CVE-2015-1877 xdg-utils: command injection vulnerability due to local variables collision in xdg-open","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1877.json"},{"CVE":"CVE-2014-9622","severity":"moderate","public_date":"2013-06-10T00:00:00Z","advisories":[],"bugzilla":"1183629","bugzilla_description":"CVE-2014-9622 xdg-utils: Eval injection in xdg-open allows arbitrary command execution on crafted URL","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-95","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9622.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.8"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xerces-c_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xerces-c_security_api_results.json new file mode 100644 index 0000000..71c9881 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xerces-c_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2018-1311","severity":"important","public_date":"2019-12-16T00:00:00Z","advisories":["RHSA-2020:0702","RHSA-2020:0704"],"bugzilla":"1788472","bugzilla_description":"CVE-2018-1311 xerces-c: XML parser contains a use-after-free error triggered during the scanning of external DTDs","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-416","affected_packages":["xerces-c-0:3.1.1-10.el7_7","xerces-c-0:3.0.1-21.el6_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1311.json","cvss3_scoring_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2017-12627","severity":"moderate","public_date":"2018-03-01T00:00:00Z","advisories":[],"bugzilla":"1551525","bugzilla_description":"CVE-2017-12627 xerces-c: Null pointer dereference while processing the path to DTD allows denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12627.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2016-4463","severity":"moderate","public_date":"2016-06-29T00:00:00Z","advisories":["RHSA-2018:3506","RHSA-2018:3514","RHSA-2018:3335"],"bugzilla":"1348845","bugzilla_description":"CVE-2016-4463 xerces-c: Stack overflow when parsing deeply nested DTD","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-121","affected_packages":["xerces-c-0:3.1.1-8.el7_4.1","xerces-c-0:3.1.1-8.el7_5.1","xerces-c-0:3.1.1-9.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4463.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"4.7"},{"CVE":"CVE-2016-2099","severity":"moderate","public_date":"2016-05-09T00:00:00Z","advisories":[],"bugzilla":"1310699","bugzilla_description":"CVE-2016-2099 xerces-c: Use-after-free in heap on specially crafted XML input","cvss_score":5.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2099.json"},{"CVE":"CVE-2016-0729","severity":"important","public_date":"2016-02-25T00:00:00Z","advisories":["RHSA-2016:0430"],"bugzilla":"1312231","bugzilla_description":"CVE-2016-0729 xerces-c: parser crashes on malformed input","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-120","affected_packages":["xerces-c-0:3.1.1-8.el7_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0729.json"},{"CVE":"CVE-2015-0252","severity":"moderate","public_date":"2015-03-20T00:00:00Z","advisories":["RHSA-2015:1193"],"bugzilla":"1199103","bugzilla_description":"CVE-2015-0252 xerces-c: crashes on malformed input","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-119","affected_packages":["xerces-c-0:3.1.1-7.el7_1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0252.json"},{"CVE":"CVE-2012-0880","severity":"moderate","public_date":"2014-07-08T00:00:00Z","advisories":[],"bugzilla":"787103","bugzilla_description":"CVE-2012-0880 xml: xerces-c hash table collisions CPU usage DoS (oCERT-2011-003)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-407","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0880.json"},{"CVE":"CVE-2009-1885","severity":"low","public_date":"2009-08-05T00:00:00Z","advisories":[],"bugzilla":"515515","bugzilla_description":"CVE-2009-1885 xerces-c, xerces-c27: Stack overflow when parsing recursive XML structures","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-674","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1885.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xerces-j2_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xerces-j2_security_api_results.json new file mode 100644 index 0000000..2fbd2a5 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xerces-j2_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2012-0881","severity":"moderate","public_date":"2014-07-08T00:00:00Z","advisories":[],"bugzilla":"787104","bugzilla_description":"CVE-2012-0881 xml: xerces-j2 hash table collisions CPU usage DoS (oCERT-2011-003)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-407","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0881.json"},{"CVE":"CVE-2013-4002","severity":"moderate","public_date":"2013-10-15T00:00:00Z","advisories":["RHSA-2013:1451","RHSA-2013:1440","RHSA-2015:0765","RHSA-2015:0720","RHSA-2015:0269","RHSA-2015:0235","RHSA-2015:0675","RHSA-2015:0234","RHSA-2015:0773","RHSA-2013:1081","RHSA-2013:1060","RHSA-2014:0414","RHSA-2014:1823","RHSA-2014:1822","RHSA-2014:1821","RHSA-2013:1505","RHSA-2013:1447","RHSA-2014:1319","RHSA-2013:1059","RHSA-2014:1818"],"bugzilla":"1019176","bugzilla_description":"CVE-2013-4002 Xerces-J2 OpenJDK: XML parsing Denial of Service (JAXP, 8017298)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-20","affected_packages":["java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10","java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4","xerces-j2-0:2.7.1-12.7.el6_5","xerces-j2-0:2.11.0-17.el7_0","java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el5_9","java-1.5.0-ibm-1:1.5.0.16.3-1jpp.1.el5_9","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el5_9","java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10","java-1.7.0-ibm-1:1.7.0.5.0-1jpp.2.el6_4","java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4","java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10","java-1.6.0-sun-1:1.6.0.75-1jpp.1.el6_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4002.json"},{"CVE":"CVE-2009-2625","severity":"moderate","public_date":"2009-08-05T00:00:00Z","advisories":["RHSA-2012:1537","RHSA-2009:1582","RHSA-2012:0725","RHSA-2009:1236","RHSA-2012:1232","RHSA-2009:1199","RHSA-2009:1650","RHSA-2009:1551","RHSA-2009:1201","RHSA-2009:1200","RHSA-2009:1662","RHSA-2009:1636","RHSA-2009:1649","RHSA-2009:1505","RHSA-2009:1637","RHSA-2009:1615","RHSA-2011:0858","RHSA-2013:0763","RHSA-2010:0043"],"bugzilla":"512921","bugzilla_description":"CVE-2009-2625 xerces-j2, JDK: XML parsing Denial-Of-Service (6845701)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["jasperreports-server-pro-0:4.7.1-2.el6ev","java-1.5.0-ibm-1:1.5.0.10-1jpp.4.el5","java-1.4.2-ibm-0:1.4.2.13.1-1jpp.1.el3","java-1.4.2-ibm-0:1.4.2.13.2.sap-1jpp.4.el5_3","java-1.5.0-sun-0:1.5.0.20-1jpp.1.el4","xerces-j2-0:2.7.1-12.6.el6_0","java-1.5.0-sun-0:1.5.0.22-1jpp.1.el4","java-1.5.0-ibm-1:1.5.0.10-1jpp.4.el4","java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5","xerces-j2-0:2.7.1-7jpp.2.el5_4.2","java-1.6.0-sun-1:1.6.0.15-1jpp.1.el5","java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4","java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el4","java-1.6.0-ibm-1:1.6.0.6-1jpp.3.el5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2625.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xferstats_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xferstats_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xferstats_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xfsdump_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xfsdump_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xfsdump_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xfsprogs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xfsprogs_security_api_results.json new file mode 100644 index 0000000..e1d002b --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xfsprogs_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2012-2150","severity":"low","public_date":"2015-07-23T00:00:00Z","advisories":["RHSA-2015:2151"],"bugzilla":"817696","bugzilla_description":"CVE-2012-2150 xfsprogs: xfs_metadump information disclosure flaw","cvss_score":1.2,"cvss_scoring_vector":"AV:L/AC:H/Au:N/C:P/I:N/A:N","CWE":"CWE-200","affected_packages":["xfsprogs-0:3.2.2-2.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2150.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xguest_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xguest_security_api_results.json new file mode 100644 index 0000000..b47096d --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xguest_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2016-4980","severity":"low","public_date":"2016-06-13T00:00:00Z","advisories":[],"bugzilla":"1346016","bugzilla_description":"CVE-2016-4980 xguest insecure password creation","cvss_score":1.0,"cvss_scoring_vector":"AV:L/AC:H/Au:S/C:N/I:P/A:N","CWE":"CWE-331","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4980.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N","cvss3_score":"2.8"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xinetd_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xinetd_security_api_results.json new file mode 100644 index 0000000..91d74cf --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xinetd_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2012-0862","severity":"low","public_date":"2012-05-09T00:00:00Z","advisories":["RHSA-2013:0499","RHSA-2013:1302"],"bugzilla":"790940","bugzilla_description":"CVE-2012-0862 xinetd: enables unintentional services over tcpmux port","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:N/A:N","CWE":null,"affected_packages":["xinetd-2:2.3.14-19.el5","xinetd-2:2.3.14-38.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0862.json"},{"CVE":"CVE-2013-4342","severity":"moderate","public_date":"2005-08-23T00:00:00Z","advisories":["RHSA-2013:1409"],"bugzilla":"1006100","bugzilla_description":"CVE-2013-4342 xinetd: ignores user and group directives for tcpmux services","cvss_score":7.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-266->CWE-863","affected_packages":["xinetd-2:2.3.14-20.el5_10","xinetd-2:2.3.14-39.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4342.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xkeyboard-config_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xkeyboard-config_security_api_results.json new file mode 100644 index 0000000..784e107 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xkeyboard-config_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2012-0064","severity":"low","public_date":"2012-01-19T00:00:00Z","advisories":[],"bugzilla":"783039","bugzilla_description":"CVE-2012-0064 xkeyboard-config: screen-saver unlock via xkb debug key actions","cvss_score":1.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0064.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xml-common_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xml-common_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xml-common_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xml-commons-apis_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xml-commons-apis_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xml-commons-apis_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xml-commons-resolver_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xml-commons-resolver_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xml-commons-resolver_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmlrpc-c-client_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmlrpc-c-client_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmlrpc-c-client_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmlrpc-c_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmlrpc-c_security_api_results.json new file mode 100644 index 0000000..8c6c912 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmlrpc-c_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2019-17570","severity":"important","public_date":"2020-01-16T00:00:00Z","advisories":["RHSA-2020:0310","RHSA-2020:0983"],"bugzilla":"1775193","bugzilla_description":"CVE-2019-17570 xmlrpc: Deserialization of server-side exception from faultCause in XMLRPC error response","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-502","affected_packages":["rh-java-common-xmlrpc-1:3.1.3-8.17.el7","rh-java-common-xmlrpc-1:3.1.3-8.17.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17570.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2019-15903","severity":"low","public_date":"2019-09-04T00:00:00Z","advisories":["RHSA-2020:3952","RHSA-2019:3237","RHSA-2019:3756","RHSA-2019:3210","RHSA-2019:3196","RHSA-2020:2646","RHSA-2020:2644","RHSA-2019:3193"],"bugzilla":"1752592","bugzilla_description":"CVE-2019-15903 expat: heap-based buffer over-read via crafted XML input","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-122|CWE-125)","affected_packages":["thunderbird-0:68.2.0-2.el6_10","thunderbird-0:68.2.0-1.el8_0","firefox-0:68.2.0-2.el8_0","thunderbird-0:68.2.0-1.el7_7","expat-0:2.1.0-12.el7","firefox-0:68.2.0-1.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15903.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2018-20843","severity":"moderate","public_date":"2019-06-24T00:00:00Z","advisories":["RHSA-2020:3952","RHSA-2020:2646","RHSA-2020:2644"],"bugzilla":"1723723","bugzilla_description":"CVE-2018-20843 expat: large number of colons in input makes parser consume high amount of resources, leading to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["expat-0:2.1.0-12.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20843.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2017-9233","severity":"moderate","public_date":"2017-06-14T00:00:00Z","advisories":[],"bugzilla":"1462729","bugzilla_description":"CVE-2017-9233 expat: Inifinite loop due to invalid XML in external entity","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9233.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-5300","severity":"moderate","public_date":"2016-06-04T00:00:00Z","advisories":[],"bugzilla":"1343085","bugzilla_description":"CVE-2016-5300 expat: Little entropy used for hash initialization","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-331","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5300.json"},{"CVE":"CVE-2016-5002","severity":"moderate","public_date":"2016-05-24T00:00:00Z","advisories":["RHSA-2018:3768"],"bugzilla":"1508110","bugzilla_description":"CVE-2016-5002 xmlrpc: XML external entity vulnerability SSRF via a crafted DTD","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-611->CWE-918","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5002.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","cvss3_score":"6.4"},{"CVE":"CVE-2016-5003","severity":"important","public_date":"2016-05-24T00:00:00Z","advisories":["RHSA-2018:2317","RHSA-2018:1779","RHSA-2018:3768","RHSA-2018:1784","RHSA-2018:1780"],"bugzilla":"1508123","bugzilla_description":"CVE-2016-5003 xmlrpc: Deserialization of untrusted Java object through tag","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-502","affected_packages":["rh-java-common-xmlrpc-1:3.1.3-8.16.el6","xmlrpc-1:3.1.3-9.el7_5","xmlrpc3-0:3.0-4.17.el6_9","rh-java-common-xmlrpc-1:3.1.3-8.16.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5003.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2016-5004","severity":"low","public_date":"2016-05-24T00:00:00Z","advisories":[],"bugzilla":"1508129","bugzilla_description":"CVE-2016-5004 xmlrpc: DoS through decompression-bomb attack when Content-Encoding=gzip","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-409","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5004.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L","cvss3_score":"5.0"},{"CVE":"CVE-2016-0718","severity":"moderate","public_date":"2016-05-17T00:00:00Z","advisories":["RHSA-2016:2824","RHSA-2018:2486"],"bugzilla":"1296102","bugzilla_description":"CVE-2016-0718 expat: Out-of-bounds heap read on crafted input causing crash","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":["expat-0:2.0.1-13.el6_8","expat-0:2.1.0-10.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0718.json"},{"CVE":"CVE-2016-4472","severity":"moderate","public_date":"2016-05-15T00:00:00Z","advisories":[],"bugzilla":"1344251","bugzilla_description":"CVE-2016-4472 expat: Undefined behavior and pointer overflows","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4472.json"},{"CVE":"CVE-2012-6702","severity":"moderate","public_date":"2015-02-27T00:00:00Z","advisories":[],"bugzilla":"1319731","bugzilla_description":"CVE-2012-6702 expat: Using XML_Parse before rand() results into non-random output","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-330","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6702.json"},{"CVE":"CVE-2012-0876","severity":"moderate","public_date":"2012-03-03T00:00:00Z","advisories":["RHSA-2017:3239","RHSA-2016:0062","RHSA-2016:2957","RHSA-2012:0731"],"bugzilla":"786617","bugzilla_description":"CVE-2012-0876 expat: hash table collisions CPU usage DoS","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-407","affected_packages":["expat-0:1.95.8-11.el5_8","expat-0:2.0.1-11.el6_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0876.json"},{"CVE":"CVE-2012-1148","severity":"moderate","public_date":"2012-03-03T00:00:00Z","advisories":["RHSA-2016:2957","RHSA-2012:0731"],"bugzilla":"801648","bugzilla_description":"CVE-2012-1148 expat: Memory leak in poolGrow","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-401","affected_packages":["expat-0:1.95.8-11.el5_8","expat-0:2.0.1-11.el6_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1148.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2009-3560","severity":"moderate","public_date":"2009-12-02T00:00:00Z","advisories":["RHSA-2017:3239","RHSA-2011:0896","RHSA-2009:1625"],"bugzilla":"533174","bugzilla_description":"CVE-2009-3560 expat: buffer over-read and crash in big2_toUtf8() on XML with malformed UTF-8 sequences","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["expat-0:1.95.7-4.el4_8.2","expat-0:1.95.5-6.2","expat-0:1.95.8-8.3.el5_4.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3560.json"},{"CVE":"CVE-2009-3720","severity":"moderate","public_date":"2009-01-17T00:00:00Z","advisories":["RHSA-2017:3239","RHSA-2011:0896","RHSA-2009:1625","RHSA-2010:0002","RHSA-2011:0491","RHSA-2011:0492","RHSA-2009:1572"],"bugzilla":"531697","bugzilla_description":"CVE-2009-3720 expat: buffer over-read and crash on XML with malformed UTF-8 sequences","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["expat-0:1.95.7-4.el4_8.2","expat-0:1.95.5-6.2","python-0:2.3.4-14.10.el4","expat-0:1.95.8-8.3.el5_4.2","python-0:2.4.3-44.el5","4Suite-0:0.11.1-15","PyXML-0:0.8.3-6.el4_8.2","4Suite-0:1.0-3.el4_8.1","PyXML-0:0.8.4-4.el5_4.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3720.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmlsec1-openssl_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmlsec1-openssl_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmlsec1-openssl_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmlsec1_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmlsec1_security_api_results.json new file mode 100644 index 0000000..a3454ce --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmlsec1_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2017-1000061","severity":"moderate","public_date":"2017-03-30T00:00:00Z","advisories":["RHSA-2017:2492"],"bugzilla":"1437311","bugzilla_description":"CVE-2017-1000061 xmlsec1: xmlsec vulnerable to external entity expansion","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-611","affected_packages":["xmlsec1-0:1.2.20-7.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000061.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","cvss3_score":"6.5"},{"CVE":"CVE-2011-1425","severity":"moderate","public_date":"2011-03-31T00:00:00Z","advisories":["RHSA-2011:0486"],"bugzilla":"692133","bugzilla_description":"CVE-2011-1425 xmlsec1: arbitrary file creation when verifying signatures","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["xmlsec1-0:1.2.9-8.1.2","xmlsec1-0:1.2.6-3.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1425.json"},{"CVE":"CVE-2009-0217","severity":"moderate","public_date":"2009-07-14T00:00:00Z","advisories":["RHSA-2009:1636","RHSA-2009:1649","RHSA-2009:1637","RHSA-2009:1428","RHSA-2009:1694","RHSA-2009:1650","RHSA-2010:0043","RHSA-2009:1201","RHSA-2009:1200"],"bugzilla":"511915","bugzilla_description":"CVE-2009-0217 xmlsec1, mono, xml-security-c, xml-security-1.3.0-1jpp.ep1.*: XMLDsig HMAC-based signatures spoofing and authentication bypass","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["xmlsec1-0:1.2.9-8.1.1","java-1.6.0-openjdk-1:1.6.0.0-1.2.b09.el5","java-1.6.0-sun-1:1.6.0.15-1jpp.1.el4","xmlsec1-0:1.2.6-3.1","java-1.6.0-ibm-1:1.6.0.7-1jpp.3.el4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0217.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmlto-tex_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmlto-tex_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmlto-tex_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmlto_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmlto_security_api_results.json new file mode 100644 index 0000000..5f9c86c --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmlto_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2019-9628","severity":"moderate","public_date":"2019-03-11T00:00:00Z","advisories":[],"bugzilla":"1695997","bugzilla_description":"CVE-2019-9628 xmltooling: XML parser class fails to trap exceptions on malformed XML declaration","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9628.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-0486","severity":"important","public_date":"2018-01-12T00:00:00Z","advisories":[],"bugzilla":"1534647","bugzilla_description":"CVE-2018-0486 xmltooling: impersonation attack and sensitive information disclosure in the Service Provider via crafted DTD","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-287","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0486.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N","cvss3_score":"8.7"},{"CVE":"CVE-2015-0851","severity":"moderate","public_date":"2015-07-21T00:00:00Z","advisories":[],"bugzilla":"1248504","bugzilla_description":"CVE-2015-0851 xmltooling: incorrect processing of well-formed but invalid XML","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0851.json"},{"CVE":"CVE-2013-6440","severity":"moderate","public_date":"2013-12-11T00:00:00Z","advisories":["RHSA-2014:1995","RHSA-2014:0452","RHSA-2014:1290","RHSA-2014:0171","RHSA-2014:0172","RHSA-2014:1291","RHSA-2014:0170","RHSA-2014:0195"],"bugzilla":"1043332","bugzilla_description":"CVE-2013-6440 XMLTooling-J/OpenSAML Java: XML eXternal Entity (XXE) flaw in ParserPool and Decrypter","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:P/I:N/A:N","CWE":"CWE-611","affected_packages":["jbossas-javadocs-0:7.3.1-3.Final_redhat_3.ep6.el5","jbossas-javadocs-0:7.3.1-3.Final_redhat_3.ep6.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6440.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmltoman_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmltoman_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xmltoman_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-apps_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-apps_security_api_results.json new file mode 100644 index 0000000..b655d37 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-apps_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2011-2504","severity":"low","public_date":"2011-06-29T00:00:00Z","advisories":["RHSA-2013:0502"],"bugzilla":"717672","bugzilla_description":"CVE-2011-2504 x11perfcomp has dot in its path","cvss_score":3.5,"cvss_scoring_vector":"AV:L/AC:H/Au:S/C:P/I:P/A:P","CWE":"CWE-829","affected_packages":["xorg-x11-apps-0:7.6-6.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2504.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-docs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-docs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-docs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drivers_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drivers_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drivers_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-ati_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-ati_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-ati_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-dummy_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-dummy_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-dummy_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-evdev_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-evdev_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-evdev_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-fbdev_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-fbdev_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-fbdev_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-intel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-intel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-intel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-keyboard_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-keyboard_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-keyboard_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-libinput_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-libinput_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-libinput_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-mouse_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-mouse_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-mouse_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-nouveau_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-nouveau_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-nouveau_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-openchrome_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-openchrome_security_api_results.json new file mode 100644 index 0000000..ad37e83 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-openchrome_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2013-1994","severity":"moderate","public_date":"2013-05-23T00:00:00Z","advisories":["RHBA-2014:1376"],"bugzilla":"959079","bugzilla_description":"CVE-2013-1994 openchrome: Multiple integer overflows leading to heap-based bufer overflows","cvss_score":4.3,"cvss_scoring_vector":"AV:A/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-190->CWE-122","affected_packages":["xorg-x11-drv-openchrome-0:0.3.3-6.el6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1994.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-qxl_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-qxl_security_api_results.json new file mode 100644 index 0000000..4bbb749 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-qxl_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2013-0241","severity":"moderate","public_date":"2011-08-03T00:00:00Z","advisories":["RHSA-2013:0218"],"bugzilla":"906032","bugzilla_description":"CVE-2013-0241 qxl: synchronous io guest DoS","cvss_score":4.6,"cvss_scoring_vector":"AV:A/AC:H/Au:N/C:N/I:N/A:C","CWE":null,"affected_packages":["xorg-x11-drv-qxl-0:0.0.14-14.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0241.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-synaptics_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-synaptics_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-synaptics_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-v4l_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-v4l_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-v4l_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-vesa_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-vesa_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-vesa_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-vmmouse_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-vmmouse_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-vmmouse_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-vmware_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-vmware_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-vmware_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-void_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-void_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-void_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-wacom_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-wacom_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-drv-wacom_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-font-utils_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-font-utils_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-font-utils_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-100dpi_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-100dpi_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-100dpi_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-75dpi_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-75dpi_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-75dpi_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-1-100dpi_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-1-100dpi_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-1-100dpi_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-1-75dpi_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-1-75dpi_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-1-75dpi_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-14-100dpi_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-14-100dpi_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-14-100dpi_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-14-75dpi_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-14-75dpi_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-14-75dpi_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-15-75dpi_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-15-75dpi_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-15-75dpi_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-2-100dpi_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-2-100dpi_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-2-100dpi_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-2-75dpi_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-2-75dpi_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-2-75dpi_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-9-100dpi_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-9-100dpi_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-9-100dpi_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-9-75dpi_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-9-75dpi_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ISO8859-9-75dpi_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-Type1_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-Type1_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-Type1_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-cyrillic_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-cyrillic_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-cyrillic_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ethiopic_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ethiopic_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-ethiopic_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-misc_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-misc_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-fonts-misc_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-proto-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-proto-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-proto-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-server-Xephyr_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-server-Xephyr_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-server-Xephyr_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-server-Xorg_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-server-Xorg_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-server-Xorg_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-server-common_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-server-common_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-server-common_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-server-utils_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-server-utils_security_api_results.json new file mode 100644 index 0000000..a9ece77 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-server-utils_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2011-0465","severity":"moderate","public_date":"2011-04-05T00:00:00Z","advisories":["RHSA-2011:0432","RHSA-2011:0433"],"bugzilla":"680196","bugzilla_description":"CVE-2011-0465 xorg: xrdb code execution via crafted X client hostname","cvss_score":6.8,"cvss_scoring_vector":"AV:A/AC:H/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["xorg-x11-server-utils-0:7.4-15.el6_0.1","xorg-x11-0:6.8.2-1.EL.67","xorg-x11-server-utils-0:7.1-5.el5_6.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0465.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-utils_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-utils_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-utils_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-xauth_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-xauth_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-xauth_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-xbitmaps_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-xbitmaps_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-xbitmaps_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-xinit_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-xinit_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-xinit_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-xkb-utils_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-xkb-utils_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorg-x11-xkb-utils_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorriso_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorriso_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xorriso_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xpp3_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xpp3_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xpp3_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xrestop_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xrestop_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xrestop_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xsane-common_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xsane-common_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xsane-common_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xsane-gimp_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xsane-gimp_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xsane-gimp_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xsettings-kde_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xsettings-kde_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xsettings-kde_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xsom_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xsom_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xsom_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xterm_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xterm_security_api_results.json new file mode 100644 index 0000000..f28e623 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xterm_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2008-2383","severity":"important","public_date":"2008-12-29T00:00:00Z","advisories":["RHSA-2009:0018","RHSA-2009:0019"],"bugzilla":"478888","bugzilla_description":"CVE-2008-2383 xterm: arbitrary command injection","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["hanterm-xf-1:2.0.5-5.AS21.2","xterm-0:215-5.el5_2.2","xterm-0:179-11.EL3","xterm-0:192-8.el4_7.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2383.json"},{"CVE":"CVE-2007-2797","severity":"low","public_date":"2006-12-19T00:00:00Z","advisories":["RHSA-2007:0701"],"bugzilla":"239070","bugzilla_description":"CVE-2007-2797 Wrong settings for the tty (mesg: error: tty device is not owned by group `tty')","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["xterm-0:192-8.el4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2797.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xulrunner_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xulrunner_security_api_results.json new file mode 100644 index 0000000..04aff5b --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xulrunner_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2019-15903","severity":"low","public_date":"2019-09-04T00:00:00Z","advisories":["RHSA-2020:3952","RHSA-2019:3237","RHSA-2019:3756","RHSA-2019:3210","RHSA-2019:3196","RHSA-2020:2646","RHSA-2020:2644","RHSA-2019:3193"],"bugzilla":"1752592","bugzilla_description":"CVE-2019-15903 expat: heap-based buffer over-read via crafted XML input","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-122|CWE-125)","affected_packages":["thunderbird-0:68.2.0-2.el6_10","thunderbird-0:68.2.0-1.el8_0","firefox-0:68.2.0-2.el8_0","thunderbird-0:68.2.0-1.el7_7","expat-0:2.1.0-12.el7","firefox-0:68.2.0-1.el7_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15903.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"5.5"},{"CVE":"CVE-2018-20843","severity":"moderate","public_date":"2019-06-24T00:00:00Z","advisories":["RHSA-2020:3952","RHSA-2020:2646","RHSA-2020:2644"],"bugzilla":"1723723","bugzilla_description":"CVE-2018-20843 expat: large number of colons in input makes parser consume high amount of resources, leading to DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["expat-0:2.1.0-12.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20843.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-5146","severity":"critical","public_date":"2018-03-16T00:00:00Z","advisories":["RHSA-2018:0649","RHSA-2018:0647","RHSA-2018:0549","RHSA-2018:0648","RHSA-2018:1058"],"bugzilla":"1557221","bugzilla_description":"CVE-2018-5146 Mozilla: Vorbis audio processing out of bounds write (MFSA 2018-08)","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":["libvorbis-1:1.2.3-5.el6_9.1","libvorbis-1:1.3.3-8.el7.1","thunderbird-0:52.7.0-1.el7_4","thunderbird-0:52.7.0-1.el6_9","firefox-0:52.7.2-1.el6_9","firefox-0:52.7.2-1.el7_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5146.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2017-9233","severity":"moderate","public_date":"2017-06-14T00:00:00Z","advisories":[],"bugzilla":"1462729","bugzilla_description":"CVE-2017-9233 expat: Inifinite loop due to invalid XML in external entity","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-835","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9233.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","cvss3_score":"6.5"},{"CVE":"CVE-2016-5300","severity":"moderate","public_date":"2016-06-04T00:00:00Z","advisories":[],"bugzilla":"1343085","bugzilla_description":"CVE-2016-5300 expat: Little entropy used for hash initialization","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-331","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5300.json"},{"CVE":"CVE-2016-0718","severity":"moderate","public_date":"2016-05-17T00:00:00Z","advisories":["RHSA-2016:2824","RHSA-2018:2486"],"bugzilla":"1296102","bugzilla_description":"CVE-2016-0718 expat: Out-of-bounds heap read on crafted input causing crash","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-125","affected_packages":["expat-0:2.0.1-13.el6_8","expat-0:2.1.0-10.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0718.json"},{"CVE":"CVE-2016-4472","severity":"moderate","public_date":"2016-05-15T00:00:00Z","advisories":[],"bugzilla":"1344251","bugzilla_description":"CVE-2016-4472 expat: Undefined behavior and pointer overflows","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4472.json"},{"CVE":"CVE-2012-6702","severity":"moderate","public_date":"2015-02-27T00:00:00Z","advisories":[],"bugzilla":"1319731","bugzilla_description":"CVE-2012-6702 expat: Using XML_Parse before rand() results into non-random output","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:N/A:N","CWE":"CWE-330","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6702.json"},{"CVE":"CVE-2014-9766","severity":"moderate","public_date":"2014-10-14T00:00:00Z","advisories":[],"bugzilla":"1311882","bugzilla_description":"CVE-2014-9766 pixman: integer overflow in create_bits function","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-190->CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9766.json"},{"CVE":"CVE-2013-0787","severity":"critical","public_date":"2013-03-08T00:00:00Z","advisories":["RHSA-2013:0614","RHSA-2013:0627"],"bugzilla":"918876","bugzilla_description":"CVE-2013-0787 Mozilla: Use-after-free in HTML Editor (MFSA 2013-29)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-416","affected_packages":["thunderbird-0:17.0.3-2.el6_4","xulrunner-0:17.0.3-2.el5_9","thunderbird-0:17.0.3-2.el5_9","xulrunner-0:17.0.3-2.el6_4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0787.json"},{"CVE":"CVE-2012-6051","severity":"moderate","public_date":"2012-11-23T00:00:00Z","advisories":[],"bugzilla":"882910","bugzilla_description":"CVE-2012-6051 firefox, thunderbird, xulrunner: Google CityHash hash function collisions (oCERT-2012-001)","cvss_score":5.0,"cvss_scoring_vector":"AV:N/AC:L/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6051.json"},{"CVE":"CVE-2012-4193","severity":"critical","public_date":"2012-10-11T00:00:00Z","advisories":["RHSA-2012:1362","RHSA-2012:1361"],"bugzilla":"865215","bugzilla_description":"CVE-2012-4193 Mozilla: defaultValue security checks not applied (MFSA 2012-89)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["xulrunner-0:10.0.8-2.el5_8","thunderbird-0:10.0.8-2.el5_8","xulrunner-0:10.0.8-2.el6_3","thunderbird-0:10.0.8-2.el6_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4193.json"},{"CVE":"CVE-2011-3026","severity":"important","public_date":"2012-02-16T00:00:00Z","advisories":["RHSA-2012:0317","RHSA-2012:0140","RHSA-2012:0141","RHSA-2012:0142","RHSA-2012:0143"],"bugzilla":"790737","bugzilla_description":"CVE-2011-3026 libpng: Heap buffer overflow in png_decompress_chunk (MFSA 2012-11)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-122","affected_packages":["thunderbird-0:3.1.18-2.el6_2","firefox-0:3.6.26-3.el4","libpng-2:1.2.7-9.el4","seamonkey-0:1.0.9-79.el4","xulrunner-0:1.9.2.26-2.el5_7","libpng10-0:1.0.16-10.el4","libpng-2:1.2.10-15.el5_7","xulrunner-0:1.9.2.26-2.el6_2","libpng-2:1.2.46-2.el6_2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3026.json"},{"CVE":"CVE-2010-3765","severity":"critical","public_date":"2010-10-28T00:00:00Z","advisories":["RHSA-2010:0812","RHSA-2010:0810","RHSA-2010:0896","RHSA-2010:0861","RHSA-2010:0809","RHSA-2010:0808"],"bugzilla":"646997","bugzilla_description":"CVE-2010-3765 Firefox race condition flaw (MFSA 2010-73)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["firefox-0:3.6.12-1.el6_0","thunderbird-0:1.5.0.12-33.el4","xulrunner-0:1.9.2.11-4.el5_5","seamonkey-0:1.0.9-0.62.el3","firefox-0:3.6.11-4.el4_8","seamonkey-0:1.0.9-65.el4_8","thunderbird-0:2.0.0.24-10.el5_5","thunderbird-0:3.1.6-1.el6_0"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3765.json"},{"CVE":"CVE-2009-1044","severity":"critical","public_date":"2009-03-27T00:00:00Z","advisories":["RHSA-2009:0397","RHSA-2009:0398"],"bugzilla":"492212","bugzilla_description":"CVE-2009-1044 Firefox XUL garbage collection issue (cansecwest pwn2own)","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["xulrunner-0:1.9.0.7-3.el5","firefox-0:3.0.7-3.el4","seamonkey-0:1.0.9-0.36.el3","seamonkey-0:1.0.9-40.el4","seamonkey-0:1.0.9-0.32.el2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1044.json"},{"CVE":"CVE-2009-1169","severity":"critical","public_date":"2009-03-25T00:00:00Z","advisories":["RHSA-2009:0397","RHSA-2009:0398"],"bugzilla":"492211","bugzilla_description":"CVE-2009-1169 Firefox XSLT memory corruption issue","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":["xulrunner-0:1.9.0.7-3.el5","firefox-0:3.0.7-3.el4","seamonkey-0:1.0.9-0.36.el3","seamonkey-0:1.0.9-40.el4","seamonkey-0:1.0.9-0.32.el2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1169.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xvattr_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xvattr_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xvattr_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xz-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xz-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xz-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xz-libs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xz-libs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xz-libs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xz_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xz_security_api_results.json new file mode 100644 index 0000000..88d2760 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/xz_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2015-4035","severity":"moderate","public_date":"2015-05-18T00:00:00Z","advisories":[],"bugzilla":"1223341","bugzilla_description":"CVE-2015-4035 xzgrep: incorrect parsing of filenames containing a semicolon","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-20->CWE-77","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4035.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yaboot_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yaboot_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yaboot_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yajl_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yajl_security_api_results.json new file mode 100644 index 0000000..d2ca008 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yajl_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2017-16516","severity":"moderate","public_date":"2017-11-02T00:00:00Z","advisories":[],"bugzilla":"1524439","bugzilla_description":"CVE-2017-16516 rubygem-yajl-ruby: Yajl::Parser.new.parse incorrect parsing","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16516.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","cvss3_score":"7.5"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yelp-libs_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yelp-libs_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yelp-libs_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yelp-tools_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yelp-tools_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yelp-tools_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yelp-xsl_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yelp-xsl_security_api_results.json new file mode 100644 index 0000000..57fa01a --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yelp-xsl_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2012-6662","severity":"moderate","public_date":"2012-11-27T00:00:00Z","advisories":["RHSA-2015:0442","RHSA-2015:1462"],"bugzilla":"1166064","bugzilla_description":"CVE-2012-6662 jquery-ui: XSS vulnerability in default content in Tooltip widget","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-79","affected_packages":["ipa-0:3.0.0-47.el6","ipa-0:4.1.0-18.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6662.json"},{"CVE":"CVE-2010-5312","severity":"moderate","public_date":"2010-09-03T00:00:00Z","advisories":["RHSA-2015:0442","RHSA-2015:1462"],"bugzilla":"1166041","bugzilla_description":"CVE-2010-5312 jquery-ui: XSS vulnerability in jQuery.ui.dialog title option","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-79","affected_packages":["ipa-0:3.0.0-47.el6","ipa-0:4.1.0-18.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-5312.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yelp_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yelp_security_api_results.json new file mode 100644 index 0000000..57fa01a --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yelp_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2012-6662","severity":"moderate","public_date":"2012-11-27T00:00:00Z","advisories":["RHSA-2015:0442","RHSA-2015:1462"],"bugzilla":"1166064","bugzilla_description":"CVE-2012-6662 jquery-ui: XSS vulnerability in default content in Tooltip widget","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-79","affected_packages":["ipa-0:3.0.0-47.el6","ipa-0:4.1.0-18.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6662.json"},{"CVE":"CVE-2010-5312","severity":"moderate","public_date":"2010-09-03T00:00:00Z","advisories":["RHSA-2015:0442","RHSA-2015:1462"],"bugzilla":"1166041","bugzilla_description":"CVE-2010-5312 jquery-ui: XSS vulnerability in jQuery.ui.dialog title option","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","CWE":"CWE-79","affected_packages":["ipa-0:3.0.0-47.el6","ipa-0:4.1.0-18.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-5312.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yp-tools_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yp-tools_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yp-tools_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ypbind_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ypbind_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ypbind_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ypserv_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ypserv_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/ypserv_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-cron_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-cron_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-cron_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-langpacks_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-langpacks_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-langpacks_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-metadata-parser_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-metadata-parser_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-metadata-parser_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-plugin-aliases_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-plugin-aliases_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-plugin-aliases_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-plugin-changelog_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-plugin-changelog_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-plugin-changelog_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-plugin-ovl_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-plugin-ovl_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-plugin-ovl_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-plugin-tmprepo_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-plugin-tmprepo_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-plugin-tmprepo_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-plugin-verify_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-plugin-verify_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-plugin-verify_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-plugin-versionlock_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-plugin-versionlock_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-plugin-versionlock_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-rhn-plugin_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-rhn-plugin_security_api_results.json new file mode 100644 index 0000000..8ca3010 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-rhn-plugin_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2008-3270","severity":"moderate","public_date":"2008-08-14T00:00:00Z","advisories":["RHSA-2008:0815"],"bugzilla":"457113","bugzilla_description":"CVE-2008-3270 yum-rhn-plugin: does not verify SSL certificate for all communication with RHN server","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["yum-rhn-plugin-0:0.5.3-12.el5_2.9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3270.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-utils_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-utils_security_api_results.json new file mode 100644 index 0000000..1a72d33 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum-utils_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2018-10897","severity":"important","public_date":"2018-07-11T00:00:00Z","advisories":["RHSA-2018:2284","RHSA-2018:2626","RHSA-2018:2285"],"bugzilla":"1600221","bugzilla_description":"CVE-2018-10897 yum-utils: reposync: improper path validation may lead to directory traversal","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-59","affected_packages":["yum-utils-0:1.1.30-42.el6_10","yum-utils-0:1.1.31-46.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10897.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum_security_api_results.json new file mode 100644 index 0000000..274aea8 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/yum_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2018-10897","severity":"important","public_date":"2018-07-11T00:00:00Z","advisories":["RHSA-2018:2284","RHSA-2018:2626","RHSA-2018:2285"],"bugzilla":"1600221","bugzilla_description":"CVE-2018-10897 yum-utils: reposync: improper path validation may lead to directory traversal","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-59","affected_packages":["yum-utils-0:1.1.30-42.el6_10","yum-utils-0:1.1.31-46.el7_5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10897.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"8.8"},{"CVE":"CVE-2014-0022","severity":"important","public_date":"2014-01-13T00:00:00Z","advisories":["RHSA-2014:1004"],"bugzilla":"1057377","bugzilla_description":"CVE-2014-0022 yum: yum-cron installs unsigned packages","cvss_score":7.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-252->CWE-347","affected_packages":["yum-updatesd-1:0.9-6.el5_10"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0022.json"},{"CVE":"CVE-2013-1910","severity":"moderate","public_date":"2013-03-27T00:00:00Z","advisories":[],"bugzilla":"910446","bugzilla_description":"yum: Not removing bad metadata and using it in next run","cvss_score":7.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:C/I:C/A:C","CWE":"CWE-347","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1910.json"},{"CVE":"CVE-2008-3270","severity":"moderate","public_date":"2008-08-14T00:00:00Z","advisories":["RHSA-2008:0815"],"bugzilla":"457113","bugzilla_description":"CVE-2008-3270 yum-rhn-plugin: does not verify SSL certificate for all communication with RHN server","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:P/A:N","CWE":null,"affected_packages":["yum-rhn-plugin-0:0.5.3-12.el5_2.9"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3270.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/zenity_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/zenity_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/zenity_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/zip_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/zip_security_api_results.json new file mode 100644 index 0000000..772c578 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/zip_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2019-13232","severity":"low","public_date":"2019-07-02T00:00:00Z","advisories":["RHSA-2020:2486","RHSA-2020:1181","RHSA-2020:1787"],"bugzilla":"1727761","bugzilla_description":"CVE-2019-13232 unzip: overlapping of files in ZIP container leads to denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["unzip-0:6.0-43.el8","unzip-0:6.0-21.el7","unzip-0:6.0-20.el7_7.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13232.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2019-12900","severity":"low","public_date":"2019-06-19T00:00:00Z","advisories":[],"bugzilla":"1724459","bugzilla_description":"CVE-2019-12900 bzip2: out-of-bounds write in function BZ2_decompress","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-787","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12900.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2018-18384","severity":"low","public_date":"2018-09-28T00:00:00Z","advisories":["RHSA-2019:2159"],"bugzilla":"1642931","bugzilla_description":"CVE-2018-18384 unzip: Buffer overflow in list.c resulting in a denial of service","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":["unzip-0:6.0-20.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18384.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-17828","severity":"moderate","public_date":"2018-09-25T00:00:00Z","advisories":["RHSA-2020:1178","RHSA-2020:1653"],"bugzilla":"1635888","bugzilla_description":"CVE-2018-17828 zziplib: directory traversal in unzzip_cat in the bins/unzzipcat-mem.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22","affected_packages":["zziplib-0:0.13.62-12.el7","zziplib-0:0.13.68-8.el8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17828.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2018-16548","severity":"low","public_date":"2018-09-05T00:00:00Z","advisories":["RHSA-2019:2196"],"bugzilla":"1626200","bugzilla_description":"CVE-2018-16548 zziplib: Memory leak triggered in the function __zzip_parse_root_directory in zip.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["zziplib-0:0.13.62-11.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16548.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2018-10860","severity":"moderate","public_date":"2018-06-28T00:00:00Z","advisories":[],"bugzilla":"1591449","bugzilla_description":"CVE-2018-10860 perl-Archive-Zip: Directory traversal in Archive::Zip","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10860.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","cvss3_score":"5.4"},{"CVE":"CVE-2018-1002201","severity":"important","public_date":"2018-06-05T00:00:00Z","advisories":[],"bugzilla":"1584395","bugzilla_description":"CVE-2018-1002201 zt-zip: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1002201.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2018-1002202","severity":"important","public_date":"2018-06-05T00:00:00Z","advisories":[],"bugzilla":"1584409","bugzilla_description":"CVE-2018-1002202 zip4j: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1002202.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"6.3"},{"CVE":"CVE-2018-1000544","severity":"moderate","public_date":"2018-06-05T00:00:00Z","advisories":["RHSA-2018:3466"],"bugzilla":"1593001","bugzilla_description":"CVE-2018-1000544 rubyzip: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20->(CWE-22|CWE-59)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000544.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"4.8"},{"CVE":"CVE-2018-10115","severity":"important","public_date":"2018-05-01T00:00:00Z","advisories":[],"bugzilla":"1574414","bugzilla_description":"CVE-2018-10115 p7zip: unitialized memory due to incorrect logic of RAR decoder might lead to arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10115.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2018-7726","severity":"low","public_date":"2018-03-07T00:00:00Z","advisories":["RHSA-2018:3229"],"bugzilla":"1554672","bugzilla_description":"CVE-2018-7726 zziplib: Bus error in zip.c:__zzip_parse_root_directory() cause crash via crafted zip file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["zziplib-0:0.13.62-9.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7726.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2018-7727","severity":"low","public_date":"2018-03-06T00:00:00Z","advisories":["RHSA-2018:3229"],"bugzilla":"1554676","bugzilla_description":"CVE-2018-7727 zziplib: Memory leak in memdisk.c:zzip_mem_disk_new() can lead to denial of service via crafted zip","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-772","affected_packages":["zziplib-0:0.13.62-9.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7727.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-6869","severity":"low","public_date":"2018-02-08T00:00:00Z","advisories":[],"bugzilla":"1543941","bugzilla_description":"CVE-2018-6869 zziplib: uncontrolled memory allocation in __zzip_parse_root_directory in zzip/zip.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6869.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2018-1000035","severity":"low","public_date":"2018-02-07T00:00:00Z","advisories":[],"bugzilla":"1537043","bugzilla_description":"CVE-2018-1000035 unzip: Heap-based buffer overflow in fileio.c:UzpPassword function allows code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000035.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2018-1000032","severity":"moderate","public_date":"2018-02-07T00:00:00Z","advisories":[],"bugzilla":"1537055","bugzilla_description":"CVE-2018-1000032 unzip: Heap-based buffer overflow in charset_to_intern()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000032.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2018-1000031","severity":"low","public_date":"2018-02-07T00:00:00Z","advisories":[],"bugzilla":"1537059","bugzilla_description":"CVE-2018-1000031 unzip: Heap-based out-of-bounds write in fileio.c:set_zipfn_sgmnt_name() possibly causing crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000031.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-1000033","severity":"low","public_date":"2018-02-07T00:00:00Z","advisories":[],"bugzilla":"1537062","bugzilla_description":"CVE-2018-1000033 unzip: Heap-based out-of-bounds access in extract.c:ef_scan_for_stream() possibly causing crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000033.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-1000034","severity":"low","public_date":"2018-02-07T00:00:00Z","advisories":[],"bugzilla":"1543333","bugzilla_description":"CVE-2018-1000034 unzip: Invalid access in the LZMA compression algorithm","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000034.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-7725","severity":"low","public_date":"2018-02-07T00:00:00Z","advisories":["RHSA-2018:3229"],"bugzilla":"1554662","bugzilla_description":"CVE-2018-7725 zziplib: out of bound read in mmapped.c:zzip_disk_fread() causes crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["zziplib-0:0.13.62-9.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7725.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3_score":"5.4"},{"CVE":"CVE-2018-6484","severity":"low","public_date":"2018-02-02T00:00:00Z","advisories":[],"bugzilla":"1541256","bugzilla_description":"CVE-2018-6484 zziplib: Loading of misaligned memory address in zip.c:__zzip_fetch_disk_trailer can lead to a denial of service via crafted zip file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6484.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-6542","severity":"low","public_date":"2018-02-02T00:00:00Z","advisories":[],"bugzilla":"1542257","bugzilla_description":"CVE-2018-6542 zziplib: bus error in zzip_disk_findfirst function in zzip/mmapped.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-393","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6542.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-6540","severity":"low","public_date":"2018-02-02T00:00:00Z","advisories":[],"bugzilla":"1542261","bugzilla_description":"CVE-2018-6540 zziplib: bus error in zzip_disk_findfirst function in zzip/mmapped.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-131","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6540.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-6541","severity":"low","public_date":"2018-02-01T00:00:00Z","advisories":["RHSA-2019:2196"],"bugzilla":"1598244","bugzilla_description":"CVE-2018-6541 zziplib: Bus error caused by loading of a misaligned address inzzip/zip.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["zziplib-0:0.13.62-11.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6541.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-6381","severity":"low","public_date":"2018-01-29T00:00:00Z","advisories":[],"bugzilla":"1540183","bugzilla_description":"CVE-2018-6381 zziplib: Invalid memory access in the zzip_disk_fread function in zzip/mmapped.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6381.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-17969","severity":"important","public_date":"2018-01-25T00:00:00Z","advisories":[],"bugzilla":"1538457","bugzilla_description":"CVE-2017-17969 p7zip: heap-based buffer overflow in 7zip/Compress/ShrinkDecoder.cpp can allow an attacker to write arbitrary data and cause a crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-122","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17969.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","cvss3_score":"9.1"},{"CVE":"CVE-2018-5996","severity":"important","public_date":"2018-01-23T00:00:00Z","advisories":[],"bugzilla":"1538470","bugzilla_description":"CVE-2018-5996 p7zip: memory corruption in RAR decompression","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-121|CWE-122)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5996.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"9.8"},{"CVE":"CVE-2017-14107","severity":"low","public_date":"2017-08-29T00:00:00Z","advisories":[],"bugzilla":"1489000","bugzilla_description":"CVE-2017-14107 libzip: Memory allocation failure in _zip_cdir_grow function","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14107.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-12858","severity":"low","public_date":"2017-08-23T00:00:00Z","advisories":[],"bugzilla":"1484514","bugzilla_description":"CVE-2017-12858 libzip: Double free in _zip_dirent_read function in zip_dirent.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12858.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-5974","severity":"low","public_date":"2017-02-09T00:00:00Z","advisories":[],"bugzilla":"1422507","bugzilla_description":"CVE-2017-5974 zziplib: heap-based buffer overflow in __zzip_get32 (fetch.c)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5974.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2017-5975","severity":"low","public_date":"2017-02-09T00:00:00Z","advisories":[],"bugzilla":"1422509","bugzilla_description":"CVE-2017-5975 zziplib: heap-based buffer overflow in __zzip_get64 (fetch.c)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5975.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2017-5976","severity":"low","public_date":"2017-02-09T00:00:00Z","advisories":[],"bugzilla":"1422510","bugzilla_description":"CVE-2017-5976 zziplib: heap-based buffer overflow in zzip_mem_entry_extra_block (memdisk.c)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5976.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2017-5977","severity":"low","public_date":"2017-02-09T00:00:00Z","advisories":[],"bugzilla":"1422512","bugzilla_description":"CVE-2017-5977 zziplib: invalid memory read in zzip_mem_entry_extra_block (memdisk.c)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5977.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2017-5978","severity":"low","public_date":"2017-02-09T00:00:00Z","advisories":[],"bugzilla":"1422513","bugzilla_description":"CVE-2017-5978 zziplib: out of bounds read in zzip_mem_entry_new (memdisk.c)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5978.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2017-5979","severity":"low","public_date":"2017-02-09T00:00:00Z","advisories":[],"bugzilla":"1422514","bugzilla_description":"CVE-2017-5979 zziplib: NULL pointer dereference in prescan_entry (fseeko.c)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5979.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2017-5980","severity":"low","public_date":"2017-02-09T00:00:00Z","advisories":[],"bugzilla":"1422515","bugzilla_description":"CVE-2017-5980 zziplib: NULL pointer dereference in zzip_mem_entry_new (memdisk.c)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5980.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2017-5981","severity":"low","public_date":"2017-02-09T00:00:00Z","advisories":[],"bugzilla":"1422516","bugzilla_description":"CVE-2017-5981 zziplib: assertion failure in seeko.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5981.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2017-5946","severity":"moderate","public_date":"2017-02-04T00:00:00Z","advisories":[],"bugzilla":"1427937","bugzilla_description":"CVE-2017-5946 rubygem-rubyzip: Directory traversal in the Zip::File component","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5946.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","cvss3_score":"7.0"},{"CVE":"CVE-2016-9844","severity":"low","public_date":"2016-12-05T00:00:00Z","advisories":[],"bugzilla":"1401864","bugzilla_description":"CVE-2016-9844 unzip: methbuf[] buffer overflow in zipinfo's zi_short()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9844.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-5399","severity":"moderate","public_date":"2016-07-18T00:00:00Z","advisories":["RHSA-2016:2750","RHSA-2016:2598"],"bugzilla":"1358395","bugzilla_description":"CVE-2016-5399 php: Improper error handling in bzread()","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-390","affected_packages":["rh-php56-php-0:5.6.25-1.el6","rh-php56-php-0:5.6.25-1.el7","php-0:5.4.16-42.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5399.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"8.1"},{"CVE":"CVE-2016-3189","severity":"low","public_date":"2016-06-20T00:00:00Z","advisories":[],"bugzilla":"1319648","bugzilla_description":"CVE-2016-3189 bzip2: heap use after free in bzip2recover","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-416","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3189.json"},{"CVE":"CVE-2015-7696","severity":"moderate","public_date":"2015-09-07T00:00:00Z","advisories":[],"bugzilla":"1260944","bugzilla_description":"CVE-2015-7696 CVE-2015-7697 unzip: Heap overflow and DoS in 6.0","cvss_score":6.0,"cvss_scoring_vector":"AV:N/AC:M/Au:S/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7696.json"},{"CVE":"CVE-2015-7697","severity":"moderate","public_date":"2015-09-07T00:00:00Z","advisories":[],"bugzilla":"1260944","bugzilla_description":"CVE-2015-7696 CVE-2015-7697 unzip: Heap overflow and DoS in 6.0","cvss_score":6.0,"cvss_scoring_vector":"AV:N/AC:M/Au:S/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7697.json"},{"CVE":"CVE-2015-2331","severity":"important","public_date":"2015-03-18T00:00:00Z","advisories":[],"bugzilla":"1204676","bugzilla_description":"CVE-2015-2331 libzip: integer overflow when processing ZIP archives","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-2331.json"},{"CVE":"CVE-2015-1315","severity":"moderate","public_date":"2015-02-17T00:00:00Z","advisories":[],"bugzilla":"1192603","bugzilla_description":"CVE-2015-1315 unzip: charset_to_intern() buffer overflow","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-120","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1315.json"},{"CVE":"CVE-2018-1002204","severity":"moderate","public_date":"2015-01-08T00:00:00Z","advisories":[],"bugzilla":"1584400","bugzilla_description":"CVE-2018-1002204 nodejs-adm-zip: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1002204.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2014-8139","severity":"low","public_date":"2014-12-22T00:00:00Z","advisories":["RHSA-2015:0700"],"bugzilla":"1174844","bugzilla_description":"CVE-2014-8139 unzip: CRC32 verification heap-based buffer overread (oCERT-2014-011)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-190->CWE-125","affected_packages":["unzip-0:6.0-15.ael7b","unzip-0:6.0-2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8139.json"},{"CVE":"CVE-2014-8140","severity":"low","public_date":"2014-12-22T00:00:00Z","advisories":["RHSA-2015:0700"],"bugzilla":"1174851","bugzilla_description":"CVE-2014-8140 unzip: out-of-bounds write issue in test_compr_eb() (oCERT-2014-011)","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-20->CWE-190->CWE-120","affected_packages":["unzip-0:6.0-15.ael7b","unzip-0:6.0-2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8140.json"},{"CVE":"CVE-2014-8141","severity":"low","public_date":"2014-12-22T00:00:00Z","advisories":["RHSA-2015:0700"],"bugzilla":"1174856","bugzilla_description":"CVE-2014-8141 unzip: getZip64Data() out-of-bounds read issues (oCERT-2014-011)","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":"CWE-125","affected_packages":["unzip-0:6.0-15.ael7b","unzip-0:6.0-2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8141.json"},{"CVE":"CVE-2014-9913","severity":"low","public_date":"2014-11-03T00:00:00Z","advisories":[],"bugzilla":"1401865","bugzilla_description":"CVE-2014-9913 unzip: methbuf[] buffer overflow in unzip's list_files()","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":"CWE-121","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9913.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2014-9636","severity":"moderate","public_date":"2014-11-02T00:00:00Z","advisories":["RHSA-2015:0700"],"bugzilla":"1184985","bugzilla_description":"CVE-2014-9636 unzip: out-of-bounds read/write in test_compr_eb() in extract.c","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-20->CWE-122","affected_packages":["unzip-0:6.0-15.ael7b","unzip-0:6.0-2.el6_6"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9636.json"},{"CVE":"CVE-2012-1162","severity":"moderate","public_date":"2012-03-20T00:00:00Z","advisories":[],"bugzilla":"802564","bugzilla_description":"CVE-2012-1162 libzip: heap overflow flaw when processing malformed zip file","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1162.json"},{"CVE":"CVE-2012-1163","severity":"moderate","public_date":"2012-03-20T00:00:00Z","advisories":[],"bugzilla":"803028","bugzilla_description":"CVE-2012-1163 libzip: integer overflow when processing malformed zip file","cvss_score":4.4,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-190","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1163.json"},{"CVE":"CVE-2011-2895","severity":"important","public_date":"2011-08-10T00:00:00Z","advisories":["RHSA-2011:1154","RHSA-2011:1155","RHSA-2011:1161","RHSA-2011:1834"],"bugzilla":"727624","bugzilla_description":"CVE-2011-2895 BSD compress LZW decoder buffer overflow","cvss_score":6.9,"cvss_scoring_vector":"AV:L/AC:M/Au:N/C:C/I:C/A:C","CWE":null,"affected_packages":["libXfont-0:1.2.2-1.0.3.el5_6","libXfont-0:1.4.1-2.el6_1","freetype-0:2.1.9-19.el4","xorg-x11-0:6.8.2-1.EL.69","libXfont-0:1.2.2-1.0.4.el5_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2895.json"},{"CVE":"CVE-2011-0421","severity":"low","public_date":"2011-01-30T00:00:00Z","advisories":[],"bugzilla":"688735","bugzilla_description":"CVE-2011-0421 php/libzip: segfault with FL_UNCHANGED on empty archive in zip_name_locate()","cvss_score":2.6,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0421.json"},{"CVE":"CVE-2010-0405","severity":"important","public_date":"2010-09-20T00:00:00Z","advisories":["RHSA-2010:0858","RHSA-2010:0703"],"bugzilla":"627882","bugzilla_description":"CVE-2010-0405 bzip2: integer overflow flaw in BZ2_decompress","cvss_score":5.1,"cvss_scoring_vector":"AV:N/AC:H/Au:N/C:P/I:P/A:P","CWE":"CWE-190","affected_packages":["bzip2-0:1.0.3-6.el5_5","bzip2-0:1.0.5-7.el6_0","bzip2-0:1.0.2-14.EL3","bzip2-0:1.0.2-16.el4_8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0405.json"},{"CVE":"CVE-2010-0001","severity":"moderate","public_date":"2010-01-20T00:00:00Z","advisories":["RHSA-2010:0061"],"bugzilla":"554418","bugzilla_description":"CVE-2010-0001 gzip: (64 bit) Integer underflow by decompressing LZW format files","cvss_score":6.8,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","CWE":"CWE-190","affected_packages":["gzip-0:1.3.3-15.rhel3","gzip-0:1.3.5-11.el5_4.1","gzip-0:1.3.3-18.el4_8.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0001.json"},{"CVE":"CVE-2008-1372","severity":"moderate","public_date":"2008-03-18T00:00:00Z","advisories":["RHSA-2008:0893"],"bugzilla":"438118","bugzilla_description":"CVE-2008-1372 bzip2: crash on malformed archive file","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["bzip2-0:1.0.2-12.EL3","bzip2-0:1.0.3-4.el5_2","bzip2-0:1.0.1-5.EL2.1","bzip2-0:1.0.2-14.el4_7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1372.json"},{"CVE":"CVE-2008-0888","severity":"moderate","public_date":"2008-03-17T00:00:00Z","advisories":["RHSA-2008:0196"],"bugzilla":"431438","bugzilla_description":"CVE-2008-0888 unzip: free() called for uninitialized or already freed pointer","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["unzip-0:5.50-36.EL3","unzip-0:5.50-31.EL2.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0888.json"},{"CVE":"CVE-2006-4335","severity":"low","public_date":"2006-12-02T00:00:00Z","advisories":["RHSA-2006:0667"],"bugzilla":"220595","bugzilla_description":"CVE-2006-4335 CVE-2006-4336 CVE-2006-4337 multiple vulnerabilities in lha","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["gzip-0:1.3.3-16.rhel4","gzip-0:1.3.3-13.rhel3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4335.json"},{"CVE":"CVE-2006-4336","severity":"low","public_date":"2006-12-02T00:00:00Z","advisories":["RHSA-2006:0667"],"bugzilla":"220595","bugzilla_description":"CVE-2006-4335 CVE-2006-4336 CVE-2006-4337 multiple vulnerabilities in lha","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["gzip-0:1.3.3-16.rhel4","gzip-0:1.3.3-13.rhel3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4336.json"},{"CVE":"CVE-2006-4337","severity":"low","public_date":"2006-12-02T00:00:00Z","advisories":["RHSA-2006:0667"],"bugzilla":"220595","bugzilla_description":"CVE-2006-4335 CVE-2006-4336 CVE-2006-4337 multiple vulnerabilities in lha","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["gzip-0:1.3.3-16.rhel4","gzip-0:1.3.3-13.rhel3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4337.json"},{"CVE":"CVE-2006-4334","severity":"low","public_date":"2006-09-19T00:00:00Z","advisories":["RHSA-2006:0667"],"bugzilla":"1618181","bugzilla_description":"CVE-2006-4334 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["gzip-0:1.3.3-16.rhel4","gzip-0:1.3.3-13.rhel3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4334.json"},{"CVE":"CVE-2006-4338","severity":"low","public_date":"2006-09-19T00:00:00Z","advisories":["RHSA-2006:0667"],"bugzilla":"1618182","bugzilla_description":"CVE-2006-4338 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["gzip-0:1.3.3-16.rhel4","gzip-0:1.3.3-13.rhel3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4338.json"},{"CVE":"CVE-2005-4667","severity":"low","public_date":"2005-12-19T00:00:00Z","advisories":["RHBA-2007:0418","RHSA-2007:0203"],"bugzilla":"1617861","bugzilla_description":"CVE-2005-4667 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["unzip-0:5.50-35.EL3","unzip-0:5.51-9.EL4.5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-4667.json"},{"CVE":"CVE-2005-2475","severity":"low","public_date":"2005-08-02T00:00:00Z","advisories":["RHBA-2007:0418","RHSA-2007:0203"],"bugzilla":"1617723","bugzilla_description":"CVE-2005-2475 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["unzip-0:5.50-35.EL3","unzip-0:5.51-9.EL4.5"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2475.json"},{"CVE":"CVE-2005-0758","severity":"low","public_date":"2005-04-22T00:00:00Z","advisories":["RHSA-2005:357","RHSA-2005:474"],"bugzilla":"1617573","bugzilla_description":"CVE-2005-0758 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["gzip-0:1.3.3-12.rhel3","gzip-0:1.3.3-15.rhel4","bzip2-0:1.0.2-11.EL3.4","bzip2-0:1.0.2-13.EL4.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0758.json"},{"CVE":"CVE-2005-1228","severity":"low","public_date":"2005-04-18T00:00:00Z","advisories":["RHSA-2005:357"],"bugzilla":"1617616","bugzilla_description":"CVE-2005-1228 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["gzip-0:1.3.3-12.rhel3","gzip-0:1.3.3-15.rhel4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1228.json"},{"CVE":"CVE-2005-0988","severity":"low","public_date":"2005-04-04T00:00:00Z","advisories":["RHSA-2005:357"],"bugzilla":"1617595","bugzilla_description":"CVE-2005-0988 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["gzip-0:1.3.3-12.rhel3","gzip-0:1.3.3-15.rhel4"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0988.json"},{"CVE":"CVE-2005-0953","severity":"low","public_date":"2005-03-30T00:00:00Z","advisories":["RHSA-2005:474"],"bugzilla":"1617590","bugzilla_description":"CVE-2005-0953 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["bzip2-0:1.0.2-11.EL3.4","bzip2-0:1.0.2-13.EL4.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0953.json"},{"CVE":"CVE-2005-1260","severity":"low","public_date":"2005-02-15T00:00:00Z","advisories":["RHSA-2005:474"],"bugzilla":"1617617","bugzilla_description":"CVE-2005-1260 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["bzip2-0:1.0.2-11.EL3.4","bzip2-0:1.0.2-13.EL4.3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1260.json"},{"CVE":"CVE-2004-1010","severity":"low","public_date":"2004-11-03T00:00:00Z","advisories":["RHSA-2004:634"],"bugzilla":"1617348","bugzilla_description":"CVE-2004-1010 security flaw","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["zip-0:2.3-16.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1010.json"},{"CVE":"CVE-2003-0367","severity":"moderate","public_date":"2003-07-02T00:00:00Z","advisories":[],"bugzilla":"1850889","bugzilla_description":"CVE-2003-0367 gzip: symlink attack on temporary files leads to arbitrary file overwrite","cvss_score":null,"cvss_scoring_vector":null,"CWE":"(CWE-20|CWE-377)","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0367.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","cvss3_score":"6.2"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/zlib-devel_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/zlib-devel_security_api_results.json new file mode 100644 index 0000000..0637a08 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/zlib-devel_security_api_results.json @@ -0,0 +1 @@ +[] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/zlib_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/zlib_security_api_results.json new file mode 100644 index 0000000..400c00d --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/zlib_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2016-9843","severity":"low","public_date":"2016-09-29T00:00:00Z","advisories":["RHSA-2017:2999","RHSA-2017:3046","RHSA-2017:3453","RHSA-2017:1220","RHSA-2017:1222","RHSA-2017:1221","RHSA-2017:3047"],"bugzilla":"1402351","bugzilla_description":"CVE-2016-9843 zlib: Big-endian out-of-bounds pointer","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6","java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7","java-1.6.0-ibm-1:1.6.0.16.45-1jpp.1.el6_9","java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.2.el6_9","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6","java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9843.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-9840","severity":"low","public_date":"2016-09-22T00:00:00Z","advisories":["RHSA-2017:2999","RHSA-2017:3046","RHSA-2017:3453","RHSA-2017:1220","RHSA-2017:1222","RHSA-2017:1221","RHSA-2017:3047"],"bugzilla":"1402345","bugzilla_description":"CVE-2016-9840 zlib: Out-of-bounds pointer arithmetic in inftrees.c","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6","java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7","java-1.6.0-ibm-1:1.6.0.16.45-1jpp.1.el6_9","java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.2.el6_9","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6","java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9840.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-9841","severity":"low","public_date":"2016-09-22T00:00:00Z","advisories":["RHSA-2017:2999","RHSA-2017:3046","RHSA-2017:3453","RHSA-2017:1220","RHSA-2017:1222","RHSA-2017:1221","RHSA-2017:3047"],"bugzilla":"1402346","bugzilla_description":"CVE-2016-9841 zlib: Out-of-bounds pointer arithmetic in inffast.c","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6","java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7","java-1.6.0-ibm-1:1.6.0.16.45-1jpp.1.el6_9","java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.2.el6_9","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6","java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9841.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2016-9842","severity":"low","public_date":"2016-09-06T00:00:00Z","advisories":["RHSA-2017:2999","RHSA-2017:3046","RHSA-2017:3453","RHSA-2017:1220","RHSA-2017:1222","RHSA-2017:1221","RHSA-2017:3047"],"bugzilla":"1402348","bugzilla_description":"CVE-2016-9842 zlib: Undefined left shift of negative number","cvss_score":4.3,"cvss_scoring_vector":"AV:N/AC:M/Au:N/C:N/I:N/A:P","CWE":null,"affected_packages":["java-1.6.0-sun-1:1.6.0.171-1jpp.4.el6","java-1.7.0-oracle-1:1.7.0.161-1jpp.4.el7","java-1.6.0-ibm-1:1.6.0.16.45-1jpp.1.el6_9","java-1.8.0-oracle-1:1.8.0.151-1jpp.1.el6","java-1.6.0-sun-1:1.6.0.171-1jpp.4.el7","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.2.el6_9","java-1.7.1-ibm-1:1.7.1.4.5-1jpp.1.el7_3","java-1.8.0-ibm-1:1.8.0.5.5-1jpp.1.el6_9","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el6_9","java-1.7.0-oracle-1:1.7.0.161-1jpp.3.el6","java-1.8.0-oracle-1:1.8.0.151-1jpp.5.el7","java-1.8.0-ibm-1:1.8.0.4.5-1jpp.1.el7_3"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9842.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2005-1849","severity":"important","public_date":"2005-08-20T00:00:00Z","advisories":["RHSA-2005:584","RHSA-2008:0264","RHSA-2008:0629","RHSA-2008:0525"],"bugzilla":"430649","bugzilla_description":"CVE-2005-1849 zlib DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["zlib-0:1.2.1.2-1.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1849.json"},{"CVE":"CVE-2005-2096","severity":"important","public_date":"2005-07-06T00:00:00Z","advisories":["RHSA-2008:0264","RHSA-2008:0629","RHSA-2008:0525","RHSA-2005:569"],"bugzilla":"430650","bugzilla_description":"CVE-2005-2096 zlib DoS","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":["zlib-0:1.2.1.2-1.1"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2096.json"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/zsh_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/zsh_security_api_results.json new file mode 100644 index 0000000..a5922e3 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/zsh_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2019-20044","severity":"important","public_date":"2020-02-16T00:00:00Z","advisories":["RHSA-2020:0892","RHSA-2020:0903","RHSA-2020:0978","RHSA-2020:0853"],"bugzilla":"1804859","bugzilla_description":"CVE-2019-20044 zsh: insecure dropping of privileges when unsetting PRIVILEGED option","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-271","affected_packages":["zsh-0:5.5.1-6.el8_0.2","zsh-0:4.3.11-11.el6_10","zsh-0:5.0.2-34.el7_7.2","zsh-0:5.5.1-6.el8_1.2"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20044.json","cvss3_scoring_vector":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","cvss3_score":"7.8"},{"CVE":"CVE-2018-13259","severity":"moderate","public_date":"2018-09-04T00:00:00Z","advisories":["RHSA-2019:2017"],"bugzilla":"1626184","bugzilla_description":"CVE-2018-13259 zsh: Improper handling of shebang line longer than 64","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["zsh-0:5.0.2-33.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13259.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-0502","severity":null,"public_date":"2018-09-04T00:00:00Z","advisories":[],"bugzilla":"1626187","bugzilla_description":"CVE-2018-0502 zsh: Improper parsing of the shebang line with special chars","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-0502.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","cvss3_score":"5.3"},{"CVE":"CVE-2018-1100","severity":"low","public_date":"2018-04-07T00:00:00Z","advisories":["RHSA-2018:3073","RHSA-2018:1932"],"bugzilla":"1563395","bugzilla_description":"CVE-2018-1100 zsh: buffer overflow in utils.c:checkmailpath() can lead to local arbitrary code execution","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120->CWE-121","affected_packages":["zsh-0:4.3.11-8.el6","zsh-0:5.0.2-31.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1100.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-1083","severity":"moderate","public_date":"2018-03-26T00:00:00Z","advisories":["RHSA-2018:3073","RHSA-2018:1932"],"bugzilla":"1557382","bugzilla_description":"CVE-2018-1083 zsh: Stack-based buffer overflow in gen_matches_files() at compctl.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120->CWE-121","affected_packages":["zsh-0:4.3.11-8.el6","zsh-0:5.0.2-31.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1083.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-1071","severity":"low","public_date":"2018-03-09T00:00:00Z","advisories":["RHSA-2018:3073"],"bugzilla":"1553531","bugzilla_description":"CVE-2018-1071 zsh: Stack-based buffer overflow in exec.c:hashcmd()","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-121","affected_packages":["zsh-0:5.0.2-31.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1071.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2014-10070","severity":"low","public_date":"2018-02-26T00:00:00Z","advisories":[],"bugzilla":"1549287","bugzilla_description":"CVE-2014-10070 zsh: privilege escalation via environment variables","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-95","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-10070.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:N"},{"CVE":"CVE-2018-7549","severity":"low","public_date":"2017-12-22T00:00:00Z","advisories":["RHSA-2018:3073"],"bugzilla":"1549858","bugzilla_description":"CVE-2018-7549 zsh: crash on copying empty hash table","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-665","affected_packages":["zsh-0:5.0.2-31.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7549.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-18205","severity":"low","public_date":"2017-06-13T00:00:00Z","advisories":["RHSA-2018:3073"],"bugzilla":"1549862","bugzilla_description":"CVE-2017-18205 zsh: NULL dereference in cd in sh compatibility mode under given circumstances","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-665","affected_packages":["zsh-0:5.0.2-31.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18205.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"2.0"},{"CVE":"CVE-2017-18206","severity":"low","public_date":"2017-05-09T00:00:00Z","advisories":["RHSA-2018:3073","RHSA-2018:1932"],"bugzilla":"1549861","bugzilla_description":"CVE-2017-18206 zsh: buffer overrun in symlinks","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120->CWE-121","affected_packages":["zsh-0:4.3.11-8.el6","zsh-0:5.0.2-31.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18206.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H","cvss3_score":"7.5"},{"CVE":"CVE-2018-7548","severity":"low","public_date":"2017-03-24T00:00:00Z","advisories":[],"bugzilla":"1549841","bugzilla_description":"CVE-2018-7548 zsh: null-pointer deref when using ${(PA)...} on an empty array result","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-476","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7548.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"2.8"},{"CVE":"CVE-2016-10714","severity":"low","public_date":"2016-11-17T00:00:00Z","advisories":[],"bugzilla":"1551765","bugzilla_description":"CVE-2016-10714 zsh: Off-by-one error results in undersized buffers","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-131","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10714.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2014-10071","severity":"low","public_date":"2014-10-06T00:00:00Z","advisories":["RHSA-2018:3073"],"bugzilla":"1549855","bugzilla_description":"CVE-2014-10071 zsh: buffer overflow for very long fds in >& fd syntax","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120->CWE-121","affected_packages":["zsh-0:5.0.2-31.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-10071.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"2.8"},{"CVE":"CVE-2014-10072","severity":"low","public_date":"2014-01-20T00:00:00Z","advisories":["RHSA-2018:3073","RHSA-2018:1932"],"bugzilla":"1549836","bugzilla_description":"CVE-2014-10072 zsh: buffer overflow when scanning very long directory paths for symbolic links","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-120","affected_packages":["zsh-0:4.3.11-8.el6","zsh-0:5.0.2-31.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-10072.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L","cvss3_score":"5.0"}] \ No newline at end of file diff --git a/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/zziplib_security_api_results.json b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/zziplib_security_api_results.json new file mode 100644 index 0000000..6489df0 --- /dev/null +++ b/tools/redhat_package_manifest_scraper/data/redhat7/security_api_results/zziplib_security_api_results.json @@ -0,0 +1 @@ +[{"CVE":"CVE-2018-17828","severity":"moderate","public_date":"2018-09-25T00:00:00Z","advisories":["RHSA-2020:1178","RHSA-2020:1653"],"bugzilla":"1635888","bugzilla_description":"CVE-2018-17828 zziplib: directory traversal in unzzip_cat in the bins/unzzipcat-mem.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-22","affected_packages":["zziplib-0:0.13.62-12.el7","zziplib-0:0.13.68-8.el8"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17828.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","cvss3_score":"5.5"},{"CVE":"CVE-2018-16548","severity":"low","public_date":"2018-09-05T00:00:00Z","advisories":["RHSA-2019:2196"],"bugzilla":"1626200","bugzilla_description":"CVE-2018-16548 zziplib: Memory leak triggered in the function __zzip_parse_root_directory in zip.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":["zziplib-0:0.13.62-11.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16548.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"4.0"},{"CVE":"CVE-2018-7726","severity":"low","public_date":"2018-03-07T00:00:00Z","advisories":["RHSA-2018:3229"],"bugzilla":"1554672","bugzilla_description":"CVE-2018-7726 zziplib: Bus error in zip.c:__zzip_parse_root_directory() cause crash via crafted zip file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["zziplib-0:0.13.62-9.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7726.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2018-7727","severity":"low","public_date":"2018-03-06T00:00:00Z","advisories":["RHSA-2018:3229"],"bugzilla":"1554676","bugzilla_description":"CVE-2018-7727 zziplib: Memory leak in memdisk.c:zzip_mem_disk_new() can lead to denial of service via crafted zip","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-772","affected_packages":["zziplib-0:0.13.62-9.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7727.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-6869","severity":"low","public_date":"2018-02-08T00:00:00Z","advisories":[],"bugzilla":"1543941","bugzilla_description":"CVE-2018-6869 zziplib: uncontrolled memory allocation in __zzip_parse_root_directory in zzip/zip.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-400","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6869.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"4.3"},{"CVE":"CVE-2018-7725","severity":"low","public_date":"2018-02-07T00:00:00Z","advisories":["RHSA-2018:3229"],"bugzilla":"1554662","bugzilla_description":"CVE-2018-7725 zziplib: out of bound read in mmapped.c:zzip_disk_fread() causes crash","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-125","affected_packages":["zziplib-0:0.13.62-9.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7725.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","cvss3_score":"5.4"},{"CVE":"CVE-2018-6484","severity":"low","public_date":"2018-02-02T00:00:00Z","advisories":[],"bugzilla":"1541256","bugzilla_description":"CVE-2018-6484 zziplib: Loading of misaligned memory address in zip.c:__zzip_fetch_disk_trailer can lead to a denial of service via crafted zip file","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6484.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-6542","severity":"low","public_date":"2018-02-02T00:00:00Z","advisories":[],"bugzilla":"1542257","bugzilla_description":"CVE-2018-6542 zziplib: bus error in zzip_disk_findfirst function in zzip/mmapped.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-393","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6542.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-6540","severity":"low","public_date":"2018-02-02T00:00:00Z","advisories":[],"bugzilla":"1542261","bugzilla_description":"CVE-2018-6540 zziplib: bus error in zzip_disk_findfirst function in zzip/mmapped.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-131","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6540.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-6541","severity":"low","public_date":"2018-02-01T00:00:00Z","advisories":["RHSA-2019:2196"],"bugzilla":"1598244","bugzilla_description":"CVE-2018-6541 zziplib: Bus error caused by loading of a misaligned address inzzip/zip.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-20","affected_packages":["zziplib-0:0.13.62-11.el7"],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6541.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2018-6381","severity":"low","public_date":"2018-01-29T00:00:00Z","advisories":[],"bugzilla":"1540183","bugzilla_description":"CVE-2018-6381 zziplib: Invalid memory access in the zzip_disk_fread function in zzip/mmapped.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":"CWE-119","affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6381.json","cvss3_scoring_vector":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","cvss3_score":"3.3"},{"CVE":"CVE-2017-5974","severity":"low","public_date":"2017-02-09T00:00:00Z","advisories":[],"bugzilla":"1422507","bugzilla_description":"CVE-2017-5974 zziplib: heap-based buffer overflow in __zzip_get32 (fetch.c)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5974.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2017-5975","severity":"low","public_date":"2017-02-09T00:00:00Z","advisories":[],"bugzilla":"1422509","bugzilla_description":"CVE-2017-5975 zziplib: heap-based buffer overflow in __zzip_get64 (fetch.c)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5975.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2017-5976","severity":"low","public_date":"2017-02-09T00:00:00Z","advisories":[],"bugzilla":"1422510","bugzilla_description":"CVE-2017-5976 zziplib: heap-based buffer overflow in zzip_mem_entry_extra_block (memdisk.c)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5976.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2017-5977","severity":"low","public_date":"2017-02-09T00:00:00Z","advisories":[],"bugzilla":"1422512","bugzilla_description":"CVE-2017-5977 zziplib: invalid memory read in zzip_mem_entry_extra_block (memdisk.c)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5977.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2017-5978","severity":"low","public_date":"2017-02-09T00:00:00Z","advisories":[],"bugzilla":"1422513","bugzilla_description":"CVE-2017-5978 zziplib: out of bounds read in zzip_mem_entry_new (memdisk.c)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5978.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2017-5979","severity":"low","public_date":"2017-02-09T00:00:00Z","advisories":[],"bugzilla":"1422514","bugzilla_description":"CVE-2017-5979 zziplib: NULL pointer dereference in prescan_entry (fseeko.c)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5979.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2017-5980","severity":"low","public_date":"2017-02-09T00:00:00Z","advisories":[],"bugzilla":"1422515","bugzilla_description":"CVE-2017-5980 zziplib: NULL pointer dereference in zzip_mem_entry_new (memdisk.c)","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5980.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"},{"CVE":"CVE-2017-5981","severity":"low","public_date":"2017-02-09T00:00:00Z","advisories":[],"bugzilla":"1422516","bugzilla_description":"CVE-2017-5981 zziplib: assertion failure in seeko.c","cvss_score":null,"cvss_scoring_vector":null,"CWE":null,"affected_packages":[],"resource_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5981.json","cvss3_scoring_vector":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss3_score":"3.7"}] \ No newline at end of file