Distributed Weakness Filing (DWF) CVE Request form for PUBLIC issues in OpenSource software v5.0 (Responses)
 Share
The version of the browser you are using is no longer supported. Please upgrade to a supported browser.Dismiss

Comment only
 
 
ABCDEFGHIJKLMNOPQRSTUVWXYZAAABACADAEAFAGAHAIAJAKALAMANAOAPAQARASATAUAVAWAXAYAZBABB
1
Timestamp
Requestors emails address:
I confirm that this CVE is for an Open Source software component/library/etc.
I confirm that I have read the CVE Terms of Use and agree to them
Vendor/Project of the product
Affected product name Product URLAffected version
Fixed version (optional information)
Vulnerability type
Vulnerability type if other or unknown
Affected componentImpact of exploitationAttack vector
Reference URL 1
Reference URL 2
Reference URL 3
Reference URL 4
Reference URL5
Notes
URL_PROD_URL
URL_1_200CODE
URL_2_200CODE
URL_3_200CODE
URL_4_200CODE
URL_5_200CODE
CVE ToU Email
Analyst
Description
StatusErrors
2
2/4/2019 5:57:30eleetas@gmail.comYesYeslibpnglibpnghttp://www.libpng.org/1.6.36 and earlierUse after freeUse after freepng_image_free()?image
https://github.com/glennrp/libpng/issues/275
200200SENT
3
2/13/2019 8:58:32hahn@univention.deYesYes
Univention Corporate Server
univention-nagios
https://github.com/univention/univention-corporate-server/tree/4.3-3/nagios/univention-nagios
11.0.1-7 and earlier11.0.1-8 or laterOther/Unknown
CWE-426: Untrusted Search Path
check_univention_ldap_suidwrapper.c
Complete loss of Confidentiality and Integrity and Availability
local root exploit
https://github.com/univention/univention-corporate-server/commit/7beb74af8fc0aa32910129b89f32a03e0d28acad
https://forge.univention.org/bugzilla/show_bug.cgi?id=48603
https://forge.univention.org/bugzilla/show_bug.cgi?id=48616
I work for Univention GmbH and I'm the person who discovered and fixed the issue.
200200200200SENT
4
2/13/2019 9:47:52hahn@univention.deYesYes
Univention Corporate Server
univention-directory-notifier
https://github.com/univention/univention-corporate-server/tree/4.3-3/management/univention-directory-notifier
12.0.1-3 and earlier12.0.1-4 and laterOther/Unknown
CWE-213: Intentional Information Exposure
function data_on_connection() in src/callback.c
Loss of Confidentialitynetwork connectivity
https://github.com/univention/univention-corporate-server/commit/a28053045bd2e778c50ed1acaf4e52e1e34f6e34
https://forge.univention.org/bugzilla/show_bug.cgi?id=48427
I work for Univention GmbH and I'm the person, who implemented the fix.
200200200SENT
5
2/19/2019 20:06:25
msacchetin@grubhub.com
YesYes
Jenkins Credentials Binding Plugin
Jenkinshttps://jenkins.io1.17Other/Unknown
CWE-257: Storing Passwords in a Recoverable Format
config-variables.jelly line #30 (passwordVariable)
Authenticated users can recover credentials
Attacker creates and executes a Jenkins job
https://docs.google.com/document/d/1MBEoJSMvkjp5Kua0bRD_kiDBisL0fOCwTL9uMWj4lGA/edit?usp=sharing
The public Googledoc document shared through the Reference URL 1 contains the complete description of the vulnerability. It also includes exploit details and a proof of concept.
6
2/20/2019 13:47:01esben@semmle.comYesYesMolochMoloch
https://github.com/aol/moloch
prior to version 1.7.01.7.0 and later
Cross Site Scripting (XSS)
Three web pages with vulnerable error reports, implemented at: https://github.com/aol/moloch/blob/16802832a61d330d9d89565ab4579da00ee99025/viewer/viewer.js#L4660, https://github.com/aol/moloch/blob/16802832a61d330d9d89565ab4579da00ee99025/viewer/viewer.js#L675, https://github.com/aol/moloch/blob/16802832a61d330d9d89565ab4579da00ee99025/viewer/viewer.js#L703
Execution of arbitrary JavaScript code
The victim must visit a malicious link in a browser.
https://github.com/aol/moloch/commit/22abc16d7f834a6daeffeaf841a79ba3f09addbb
https://github.com/aol/moloch/commit/f7063958cfdb9202405a0f6b657c032ced12f09f
7
2/20/2019 19:41:12
jan.kopriva@untrustednetwork.cz
YesYesBabel: Multilingual siteBabel
http://dev.cmsmadesimple.org/projects/babel
All-Other/UnknownOpen Redirectionredirect.php
Redirection to any URL, which is supplied to redirect.php in a "newurl" parameter.
The victim must open a link created by an attacker. Attacker may use any legitimate site using Babel to redirect user to a URL of his/her choosing.
https://untrustednetwork.net/en/2019/02/20/open-redirection-vulnerability-in-babel/
http://dev.cmsmadesimple.org/project/files/729
8
2/20/2019 23:42:40
setenforce1@gmail.com
YesYesOpenIDOpenID library for Ruby
https://github.com/openid/ruby-openid
2.8.0 and earlierOther/Unknown
Server Side Request Forgery (SSRF)
Claimed Identifier Verification
can be exploited to map/fingerprint/attack private network resources
Remotely exploitable using malicious HTTP requestsWh
https://github.com/openid/ruby-openid
This issue is being privately reported so the OpenID community can remediate the issue, and give developers a reasonable amount of time to patch. Will provide link to public notice once the community is ready to notify.
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
Loading...