You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by mj...@apache.org on 2021/03/30 10:13:34 UTC
svn commit: r1888194 [5/13] - /httpd/site/trunk/content/security/json/
Added: httpd/site/trunk/content/security/json/CVE-2007-5000.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2007-5000.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2007-5000.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2007-5000.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,372 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2007-10-23",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2007-12-11",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2008-01-19",
+ "lang": "eng",
+ "value": "2.2.8 released"
+ },
+ {
+ "time": "2008-01-19",
+ "lang": "eng",
+ "value": "2.0.63 released"
+ },
+ {
+ "time": "2008-01-19",
+ "lang": "eng",
+ "value": "1.3.41 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2007-12-11",
+ "ID": "CVE-2007-5000",
+ "TITLE": "mod_imagemap XSS"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "mod_imagemap XSS"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A flaw was found in the mod_imagemap module. On sites where mod_imagemap is enabled and an imagemap file is publicly available, a cross-site scripting attack is possible."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "moderate"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.6"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.5"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.4"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.3"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.2"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.0"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.61"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.59"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.58"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.55"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.54"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.53"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.52"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.51"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.50"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.49"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.48"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.47"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.46"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.39"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.37"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.36"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.35"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.34"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.33"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.32"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.31"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.29"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.28"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.27"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.26"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.24"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.22"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.20"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.19"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.17"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.14"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.12"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.11"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.9"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.6"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.4"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.3"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.2"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.1"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: httpd/site/trunk/content/security/json/CVE-2007-6388.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2007-6388.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2007-6388.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2007-6388.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,362 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2007-12-15",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2008-01-02",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2008-01-19",
+ "lang": "eng",
+ "value": "2.2.8 released"
+ },
+ {
+ "time": "2008-01-19",
+ "lang": "eng",
+ "value": "2.0.63 released"
+ },
+ {
+ "time": "2008-01-19",
+ "lang": "eng",
+ "value": "1.3.41 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2008-01-02",
+ "ID": "CVE-2007-6388",
+ "TITLE": "mod_status XSS"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "mod_status XSS"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A flaw was found in the mod_status module. On sites where mod_status is enabled and the status pages were publicly accessible, a cross-site scripting attack is possible. Note that the server-status page is not enabled by default and it is best practice to not make this publicly available."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "moderate"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.6"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.5"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.4"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.3"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.2"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.0"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.61"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.59"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.58"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.55"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.54"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.53"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.52"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.51"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.50"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.49"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.48"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.47"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.46"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.39"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.37"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.36"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.35"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.34"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.33"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.32"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.31"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.29"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.28"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.27"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.26"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.24"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.22"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.20"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.19"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.17"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.14"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.12"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.11"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.9"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.6"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.4"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.3"
+ },
+ {
+ "version_name": "1.3",
+ "version_affected": "=",
+ "version_value": "1.3.2"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: httpd/site/trunk/content/security/json/CVE-2007-6420.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2007-6420.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2007-6420.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2007-6420.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,122 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2007-10-12",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2008-01-09",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2008-06-14",
+ "lang": "eng",
+ "value": "2.2.9 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2008-01-09",
+ "ID": "CVE-2007-6420",
+ "TITLE": "mod_proxy_balancer CSRF"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "mod_proxy_balancer CSRF"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "The mod_proxy_balancer provided an administrative interface that could be vulnerable to cross-site request forgery (CSRF) attacks."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "low"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.8"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.6"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.5"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.4"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.3"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.2"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: httpd/site/trunk/content/security/json/CVE-2007-6421.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2007-6421.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2007-6421.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2007-6421.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,117 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2007-12-12",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2008-01-02",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2008-01-19",
+ "lang": "eng",
+ "value": "2.2.8 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2008-01-02",
+ "ID": "CVE-2007-6421",
+ "TITLE": "mod_proxy_balancer XSS"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "mod_proxy_balancer XSS"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A flaw was found in the mod_proxy_balancer module. On sites where mod_proxy_balancer is enabled, a cross-site scripting attack against an authorized user is possible."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "low"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.6"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.5"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.4"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.3"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.2"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: httpd/site/trunk/content/security/json/CVE-2007-6422.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2007-6422.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2007-6422.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2007-6422.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,117 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2007-12-12",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2008-01-02",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2008-01-19",
+ "lang": "eng",
+ "value": "2.2.8 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2008-01-02",
+ "ID": "CVE-2007-6422",
+ "TITLE": "mod_proxy_balancer DoS"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "mod_proxy_balancer DoS"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A flaw was found in the mod_proxy_balancer module. On sites where mod_proxy_balancer is enabled, an authorized user could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded Multi-Processing Module."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "low"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.6"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.5"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.4"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.3"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.2"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: httpd/site/trunk/content/security/json/CVE-2008-0005.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2008-0005.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2008-0005.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2008-0005.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,232 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2007-12-15",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2008-01-08",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2008-01-19",
+ "lang": "eng",
+ "value": "2.0.63 released"
+ },
+ {
+ "time": "2008-01-19",
+ "lang": "eng",
+ "value": "2.2.8 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2008-01-08",
+ "ID": "CVE-2008-0005",
+ "TITLE": "mod_proxy_ftp UTF-7 XSS"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "mod_proxy_ftp UTF-7 XSS"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A workaround was added in the mod_proxy_ftp module. On sites where mod_proxy_ftp is enabled and a forward proxy is configured, a cross-site scripting attack is possible against Web browsers which do not correctly derive the response character set following the rules in RFC 2616."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "low"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.61"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.59"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.58"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.55"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.54"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.53"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.52"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.51"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.50"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.49"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.48"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.47"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.46"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.6"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.5"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.4"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.3"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.2"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: httpd/site/trunk/content/security/json/CVE-2008-0456.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2008-0456.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2008-0456.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2008-0456.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,137 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2008-01-15",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2008-01-21",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2009-07-27",
+ "lang": "eng",
+ "value": "2.2.12 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2008-01-21",
+ "ID": "CVE-2008-0456",
+ "TITLE": "CRLF injection in mod_negotiation when untrusted uploads are supported"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CRLF injection in mod_negotiation when untrusted uploads are supported"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_negotiation and allow untrusted uploads to locations which have MultiViews enabled."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "low"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.11"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.10"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.9"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.8"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.6"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.5"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.4"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.3"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.2"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: httpd/site/trunk/content/security/json/CVE-2008-2364.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2008-2364.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2008-2364.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2008-2364.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,242 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2008-05-29",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2008-06-10",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2010-10-19",
+ "lang": "eng",
+ "value": "2.0.64 released"
+ },
+ {
+ "time": "2008-06-14",
+ "lang": "eng",
+ "value": "2.2.9 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2008-06-10",
+ "ID": "CVE-2008-2364",
+ "TITLE": "mod_proxy_http DoS"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "mod_proxy_http DoS"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A flaw was found in the handling of excessive interim responses from an origin server when using mod_proxy_http. A remote attacker could cause a denial of service or high memory usage."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "moderate"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.63"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.61"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.59"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.58"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.55"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.54"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.53"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.52"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.51"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.50"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.49"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.48"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.47"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.46"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.8"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.6"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.5"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.4"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.3"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.2"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: httpd/site/trunk/content/security/json/CVE-2008-2939.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2008-2939.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2008-2939.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2008-2939.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,247 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2008-07-28",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2008-08-05",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2008-10-31",
+ "lang": "eng",
+ "value": "2.2.10 released"
+ },
+ {
+ "time": "2010-10-19",
+ "lang": "eng",
+ "value": "2.0.64 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2008-08-05",
+ "ID": "CVE-2008-2939",
+ "TITLE": "mod_proxy_ftp globbing XSS"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "mod_proxy_ftp globbing XSS"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A flaw was found in the handling of wildcards in the path of a FTP URL with mod_proxy_ftp. If mod_proxy_ftp is enabled to support FTP-over-HTTP, requests containing globbing characters could lead to cross-site scripting (XSS) attacks."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "low"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.9"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.8"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.6"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.5"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.4"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.3"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.2"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.0"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.63"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.61"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.59"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.58"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.55"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.54"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.53"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.52"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.51"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.50"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.49"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.48"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.47"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.46"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: httpd/site/trunk/content/security/json/CVE-2009-0023.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2009-0023.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2009-0023.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2009-0023.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,137 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2008-12-25",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2009-06-01",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2009-07-27",
+ "lang": "eng",
+ "value": "2.2.12 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2009-06-01",
+ "ID": "CVE-2009-0023",
+ "TITLE": "APR-util heap underwrite"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "APR-util heap underwrite"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A heap-based underwrite flaw was found in the way the bundled copy of the APR-util library created compiled forms of particular search patterns. An attacker could formulate a specially-crafted search keyword, that would overwrite arbitrary heap memory locations when processed by the pattern preparation engine."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "moderate"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.11"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.10"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.9"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.8"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.6"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.5"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.4"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.3"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.2"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: httpd/site/trunk/content/security/json/CVE-2009-1191.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2009-1191.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2009-1191.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2009-1191.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,92 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2009-03-05",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2009-04-21",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2009-07-27",
+ "lang": "eng",
+ "value": "2.2.12 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2009-04-21",
+ "ID": "CVE-2009-1191",
+ "TITLE": "mod_proxy_ajp information disclosure"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "mod_proxy_ajp information disclosure"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "An information disclosure flaw was found in mod_proxy_ajp in version 2.2.11 only. In certain situations, if a user sent a carefully crafted HTTP request, the server could return a response intended for another user."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "important"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.11"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: httpd/site/trunk/content/security/json/CVE-2009-1195.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2009-1195.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2009-1195.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2009-1195.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,137 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2009-03-09",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2009-04-22",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2009-07-27",
+ "lang": "eng",
+ "value": "2.2.12 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2009-04-22",
+ "ID": "CVE-2009-1195",
+ "TITLE": "AllowOverride Options handling bypass"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "AllowOverride Options handling bypass"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A flaw was found in the handling of the \"Options\" and \"AllowOverride\" directives. In configurations using the \"AllowOverride\" directive with certain \"Options=\" arguments, local users were not restricted from executing commands from a Server-Side-Include script as intended."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "low"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.11"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.10"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.9"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.8"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.6"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.5"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.4"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.3"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.2"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: httpd/site/trunk/content/security/json/CVE-2009-1890.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2009-1890.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2009-1890.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2009-1890.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,137 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2009-06-30",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2009-07-02",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2009-07-27",
+ "lang": "eng",
+ "value": "2.2.12 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2009-07-02",
+ "ID": "CVE-2009-1890",
+ "TITLE": "mod_proxy reverse proxy DoS"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "mod_proxy reverse proxy DoS"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A denial of service flaw was found in the mod_proxy module when it was used as a reverse proxy. A remote attacker could use this flaw to force a proxy process to consume large amounts of CPU time."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "important"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.11"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.10"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.9"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.8"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.6"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.5"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.4"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.3"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.2"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file
Added: httpd/site/trunk/content/security/json/CVE-2009-1891.json
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/json/CVE-2009-1891.json?rev=1888194&view=auto
==============================================================================
--- httpd/site/trunk/content/security/json/CVE-2009-1891.json (added)
+++ httpd/site/trunk/content/security/json/CVE-2009-1891.json Tue Mar 30 10:13:32 2021
@@ -0,0 +1,257 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "generator": {
+ "engine": "xmltojsonmjc 1.0"
+ },
+ "references": {},
+ "timeline": [
+ {
+ "time": "2009-06-26",
+ "lang": "eng",
+ "value": "reported"
+ },
+ {
+ "time": "2009-06-26",
+ "lang": "eng",
+ "value": "public"
+ },
+ {
+ "time": "2009-07-27",
+ "lang": "eng",
+ "value": "2.2.12 released"
+ },
+ {
+ "time": "2010-10-19",
+ "lang": "eng",
+ "value": "2.0.64 released"
+ }
+ ],
+ "CNA_private": {
+ "owner": "httpd"
+ },
+ "CVE_data_meta": {
+ "ASSIGNER": "security@apache.org",
+ "AKA": "",
+ "STATE": "PUBLIC",
+ "DATE_PUBLIC": "2009-06-26",
+ "ID": "CVE-2009-1891",
+ "TITLE": "mod_deflate DoS"
+ },
+ "source": {
+ "defect": [],
+ "advisory": "",
+ "discovery": "UNKNOWN"
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "mod_deflate DoS"
+ }
+ ]
+ }
+ ]
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "A denial of service flaw was found in the mod_deflate module. This module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause mod_deflate to consume large amounts of CPU if mod_deflate was enabled for a large file."
+ }
+ ]
+ },
+ "impact": [
+ {
+ "other": "low"
+ }
+ ],
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "Apache Software Foundation",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Apache HTTP Server",
+ "version": {
+ "version_data": [
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.11"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.10"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.9"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.8"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.6"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.5"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.4"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.3"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.2"
+ },
+ {
+ "version_name": "2.2",
+ "version_affected": "=",
+ "version_value": "2.2.0"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.63"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.61"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.59"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.58"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.55"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.54"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.53"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.52"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.51"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.50"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.49"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.48"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.47"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.46"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.45"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.44"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.43"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.42"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.40"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.39"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.37"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.36"
+ },
+ {
+ "version_name": "2.0",
+ "version_affected": "=",
+ "version_value": "2.0.35"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+}
\ No newline at end of file