[ { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_core/dml2_core_dcn4.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C/C++ Header", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_core/dml2_core_dcn4_calcs.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C/C++ Header", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_core/dml2_core_factory.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C/C++ Header", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_core/dml2_core_factory.c", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/inc/bounding_boxes/dcn4_soc_bb.h", "features": [ 0, 21, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C/C++ Header", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_core/dml2_core_shared_types.h", "features": [ 0, 100, 50, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C/C++ Header", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_core/dml2_core_utils.c", "features": [ 0, 43, 40, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_dpmm/dml2_dpmm_dcn4.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C/C++ Header", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_core/dml2_core_utils.h", "features": [ 0, 4, 10, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C/C++ Header", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_core/dml2_core_dcn4.c", "features": [ 0, 33, 30, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_dpmm/dml2_dpmm_factory.c", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_dpmm/dml2_dpmm_factory.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C/C++ Header", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_dpmm/dml2_dpmm_dcn4.c", "features": [ 0, 40, 10, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_mcg/dml2_mcg_factory.c", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_mcg/dml2_mcg_dcn4.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C/C++ Header", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_mcg/dml2_mcg_dcn4.c", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_core/dml2_core_dcn4_calcs.c", "features": [ 0, 100, 100, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_mcg/dml2_mcg_factory.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C/C++ Header", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_pmo/dml2_pmo_dcn3.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C/C++ Header", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_pmo/dml2_pmo_dcn3.c", "features": [ 0, 35, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_pmo/dml2_pmo_dcn4_fams2.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C/C++ Header", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_pmo/dml2_pmo_factory.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C/C++ Header", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_pmo/dml2_pmo_factory.c", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_standalone_libraries/lib_float_math.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C/C++ Header", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_standalone_libraries/lib_float_math.c", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_top/dml2_top_interfaces.c", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_top/dml2_top_legacy.c", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_top/dml2_top_legacy.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C/C++ Header", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_top/dml2_top_soc15.c", "features": [ 0, 100, 10, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-0044", "cvss": 7.8, "repo": "torvalds/linux", "file": "drivers/gpu/drm/amd/display/dc/dml2_0/dml21/src/dml2_pmo/dml2_pmo_dcn4_fams2.c", "features": [ 0, 100, 10, 0 ], "label": 0, "cve_description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Linux kernel allows local users to gain privileges or cause a denial of service via a crafted ioctl call.", "file_language": "C", "file_component": "drivers/gpu/drm", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/msf/core/exploit/remote/http/gitlab/rest/v4/access_tokens.rb", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/msf/core", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/msf/core/exploit/remote/smb/relay/ntlm/target/ldap/client.rb", "features": [ 0, 15, 0, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/msf/core", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/msf/core/exploit/remote/smb/relay/ntlm/target/mssql/client.rb", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/msf/core", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/msf/core/exploit/remote/smb/relay/ntlm/target/smb/client.rb", "features": [ 0, 22, 20, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/msf/core", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/msf/core/exploit/remote/http/gitlab/rest/v4/groups.rb", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/msf/core", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/msf/core/exploit/remote/smb/relay/ntlm/target/http/client.rb", "features": [ 0, 22, 0, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/msf/core", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/msf/core/exploit/remote/http/gitlab/rest/v4/import.rb", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/msf/core", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/msf/core/exploit/remote/java/rmi/client/jmx/server/parser.rb", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/msf/core", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/msf/core/exploit/remote/http/gitlab/rest/v4/version.rb", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/msf/core", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/msf/core/exploit/remote/java/rmi/client/jmx/server.rb", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/msf/core", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/msf/core/modules/external/go/src/metasploit/module/core.go", "features": [ 0, 27, 20, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Go", "file_component": "lib/msf/core", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/msf/core/exploit/remote/java/rmi/client/jmx/connection.rb", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/msf/core", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/msf/core/exploit/remote/java/rmi/client/registry/parser.rb", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/msf/core", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/msf/core/modules/external/go/src/metasploit/module/metadata.go", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Go", "file_component": "lib/msf/core", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/rex/post/meterpreter/extensions/stdapi/railgun/def/linux/api_constants.rb", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/rex/post", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/msf/core/modules/external/go/src/metasploit/module/report.go", "features": [ 0, 17, 0, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Go", "file_component": "lib/msf/core", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/rex/post/meterpreter/extensions/stdapi/railgun/def/osx/def_libc.rb", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/rex/post", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/rex/post/meterpreter/extensions/stdapi/railgun/def/linux/def_libc.rb", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/rex/post", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/rex/post/meterpreter/extensions/stdapi/railgun/def/osx/api_constants.rb", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/rex/post", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/rex/post/meterpreter/extensions/stdapi/railgun/def/osx/def_libobjc.rb", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/rex/post", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_crypt32.rb", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/rex/post", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_dbghelp.rb", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/rex/post", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_iphlpapi.rb", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/rex/post", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_ntdll.rb", "features": [ 0, 11, 10, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/rex/post", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_netapi32.rb", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/rex/post", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_secur32.rb", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/rex/post", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_psapi.rb", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/rex/post", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_advapi32.rb", "features": [ 0, 100, 0, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/rex/post", "is_test_file": false }, { "cveId": "CVE-2012-4792", "cvss": 8.8, "repo": "rapid7/metasploit-framework", "file": "lib/rex/post/meterpreter/extensions/stdapi/railgun/def/windows/def_kernel32.rb", "features": [ 0, 100, 100, 0 ], "label": 0, "cve_description": "Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in December 2012.", "file_language": "Ruby", "file_component": "lib/rex/post", "is_test_file": false }, { "cveId": "CVE-2014-3153", "cvss": 7.8, "repo": "elongl/CVE-2014-3153", "file": "kernel_crash.c", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "The futex_requeue function in kernel/futex.c in the Linux kernel does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command.", "file_language": "C", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2014-3153", "cvss": 7.8, "repo": "elongl/CVE-2014-3153", "file": "futex.c", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "The futex_requeue function in kernel/futex.c in the Linux kernel does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command.", "file_language": "C", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2014-3153", "cvss": 7.8, "repo": "elongl/CVE-2014-3153", "file": "privilege_escalation.c", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "The futex_requeue function in kernel/futex.c in the Linux kernel does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command.", "file_language": "C", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2014-3153", "cvss": 7.8, "repo": "elongl/CVE-2014-3153", "file": "futex.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "The futex_requeue function in kernel/futex.c in the Linux kernel does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command.", "file_language": "C/C++ Header", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "crypto/ec/curve448/arch_32/f_impl32.c", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C", "file_component": "crypto/ec/curve448", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "providers/common/include/prov/__DECC_INCLUDE_PROLOGUE.H", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "providers/common/include", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "crypto/ec/curve448/arch_64/f_impl64.c", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C", "file_component": "crypto/ec/curve448", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "crypto/ec/curve448/arch_64/arch_intrinsics.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "crypto/ec/curve448", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "crypto/ec/curve448/arch_32/arch_intrinsics.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "crypto/ec/curve448", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "crypto/ec/curve448/arch_32/f_impl.h", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "crypto/ec/curve448", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "providers/common/include/prov/__DECC_INCLUDE_EPILOGUE.H", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "providers/common/include", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "providers/common/include/prov/bio.h", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "providers/common/include", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "crypto/ec/curve448/arch_64/f_impl.h", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "crypto/ec/curve448", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "providers/common/include/prov/provider_util.h", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "providers/common/include", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "providers/common/include/prov/der_pq_dsa.h", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "providers/common/include", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "providers/common/include/prov/proverr.h", "features": [ 0, 7, 10, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "providers/common/include", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "providers/common/include/prov/securitycheck.h", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "providers/common/include", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "providers/common/include/prov/provider_ctx.h", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "providers/common/include", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "providers/common/include/prov/providercommon.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "providers/common/include", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "providers/fips/include/fips/fipsindicator.h", "features": [ 0, 18, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "providers/fips/include", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "providers/implementations/include/prov/__DECC_INCLUDE_EPILOGUE.H", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "providers/implementations/include", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "providers/implementations/include/prov/ciphercommon_ccm.h", "features": [ 0, 43, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "providers/implementations/include", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "providers/implementations/include/prov/__DECC_INCLUDE_PROLOGUE.H", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "providers/implementations/include", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "providers/implementations/include/prov/blake2.h", "features": [ 0, 25, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "providers/implementations/include", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "providers/implementations/include/prov/ciphercommon_gcm.h", "features": [ 0, 44, 10, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "providers/implementations/include", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "providers/implementations/include/prov/ciphercommon.h", "features": [ 0, 71, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "providers/implementations/include", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "providers/implementations/include/prov/ciphercommon_aead.h", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "providers/implementations/include", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "providers/implementations/include/prov/decoders.h", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "providers/implementations/include", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "providers/implementations/include/prov/eckem.h", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "providers/implementations/include", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "providers/implementations/include/prov/drbg.h", "features": [ 0, 44, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "providers/implementations/include", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "providers/implementations/include/prov/ecx.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "providers/implementations/include", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "providers/implementations/include/prov/digestcommon.h", "features": [ 0, 30, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "providers/implementations/include", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "providers/implementations/include/prov/endecoder_local.h", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "providers/implementations/include", "is_test_file": false }, { "cveId": "CVE-2015-1789", "cvss": 7.5, "repo": "openssl/openssl", "file": "providers/implementations/include/prov/file_store_local.h", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL allows remote attackers to cause a denial of service via a crafted certificate with an improper time value.", "file_language": "C/C++ Header", "file_component": "providers/implementations/include", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "assembly/src/release/examples/openwire/advanced-scenarios/jms-example-composite-destinations/src/main/java/example/composite/dest/Producer.java", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "assembly/src/release", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "assembly/src/release/examples/openwire/advanced-scenarios/jms-example-durable-sub/src/main/java/example/topic/durable/Publisher.java", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "assembly/src/release", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "assembly/src/release/examples/openwire/advanced-scenarios/jms-example-exclusive-consumer/src/main/java/example/queue/exclusive/Producer.java", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "assembly/src/release", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "assembly/src/release/examples/openwire/advanced-scenarios/jms-example-composite-destinations/src/main/java/example/composite/dest/Consumer.java", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "assembly/src/release", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "assembly/src/release/examples/openwire/advanced-scenarios/jms-example-durable-sub/src/main/java/example/topic/durable/Subscriber.java", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "assembly/src/release", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "assembly/src/release/examples/openwire/advanced-scenarios/jms-example-queue-selector/src/main/java/example/queue/selector/Consumer.java", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "assembly/src/release", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "assembly/src/release/examples/openwire/advanced-scenarios/jms-example-exclusive-consumer/src/main/java/example/queue/exclusive/Consumer.java", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "assembly/src/release", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "assembly/src/release/examples/openwire/advanced-scenarios/jms-example-queue-selector/src/main/java/example/queue/selector/Producer.java", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "assembly/src/release", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "assembly/src/release/examples/openwire/advanced-scenarios/jms-example-message-browser/src/main/java/example/browser/Browser.java", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "assembly/src/release", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "assembly/src/release/examples/openwire/advanced-scenarios/jms-example-topic/src/main/java/example/topic/Publisher.java", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "assembly/src/release", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "assembly/src/release/examples/openwire/advanced-scenarios/jms-example-message-browser/src/main/java/example/browser/Producer.java", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "assembly/src/release", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "assembly/src/release/examples/openwire/advanced-scenarios/jms-example-temp-destinations/src/main/java/example/tempdest/Consumer.java", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "assembly/src/release", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "assembly/src/release/examples/openwire/advanced-scenarios/jms-example-queue/src/main/java/example/queue/Consumer.java", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "assembly/src/release", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "assembly/src/release/examples/openwire/advanced-scenarios/jms-example-queue/src/main/java/example/queue/Producer.java", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "assembly/src/release", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "assembly/src/release/examples/openwire/advanced-scenarios/jms-example-temp-destinations/src/main/java/example/tempdest/ProducerRequestReply.java", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "assembly/src/release", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "assembly/src/release/examples/openwire/advanced-scenarios/jms-example-topic/src/main/java/example/topic/Subscriber.java", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "assembly/src/release", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "assembly/src/release/examples/openwire/advanced-scenarios/jms-example-transaction/src/main/java/example/transaction/Client.java", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "assembly/src/release", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "activemq-console/src/main/java/org/apache/activemq/console/command/store/amq/CommandLineSupport.java", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "activemq-console/src/main", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "activemq-console/src/main/java/org/apache/activemq/console/command/store/tar/TarInputStream.java", "features": [ 0, 20, 100, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "activemq-console/src/main", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "activemq-console/src/main/java/org/apache/activemq/console/command/store/tar/TarConstants.java", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "activemq-console/src/main", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "activemq-console/src/main/java/org/apache/activemq/console/command/store/tar/TarBuffer.java", "features": [ 0, 25, 100, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "activemq-console/src/main", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "activemq-console/src/main/java/org/apache/activemq/console/command/store/tar/TarEntry.java", "features": [ 0, 33, 0, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "activemq-console/src/main", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "activemq-console/src/main/java/org/apache/activemq/console/command/store/tar/TarOutputStream.java", "features": [ 0, 18, 100, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "activemq-console/src/main", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "activemq-console/src/main/java/org/apache/activemq/console/command/store/tar/TarUtils.java", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "activemq-console/src/main", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "assembly/src/release/examples/openwire/advanced-scenarios/jms-example-wildcard-consumer/src/main/java/example/wildcard/Client.java", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "assembly/src/release", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "activemq-kahadb-store/src/main/java/org/apache/activemq/store/kahadb/disk/index/BTreeIndex.java", "features": [ 0, 17, 10, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "activemq-kahadb-store/src/main", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "activemq-kahadb-store/src/main/java/org/apache/activemq/store/kahadb/disk/index/BTreeVisitor.java", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "activemq-kahadb-store/src/main", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "activemq-kahadb-store/src/main/java/org/apache/activemq/store/kahadb/disk/index/HashBin.java", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "activemq-kahadb-store/src/main", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "activemq-kahadb-store/src/main/java/org/apache/activemq/store/kahadb/disk/index/BTreeNode.java", "features": [ 0, 42, 0, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "activemq-kahadb-store/src/main", "is_test_file": false }, { "cveId": "CVE-2014-3576", "cvss": 7.5, "repo": "apache/activemq", "file": "activemq-kahadb-store/src/main/java/org/apache/activemq/store/kahadb/disk/index/HashIndex.java", "features": [ 0, 24, 30, 0 ], "label": 0, "cve_description": "Apache ActiveMQ before 5.12.0 allows remote attackers to cause a denial of service via a shutdown command.", "file_language": "Java", "file_component": "activemq-kahadb-store/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/wal/common/deque/Node.java", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/atomicoperations/operationsfreezer/WaitingList.java", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/wal/cas/EventWrapper.java", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/atomicoperations/operationsfreezer/WaitingListNode.java", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/wal/common/deque/Cursor.java", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/atomicoperations/operationsfreezer/OperationsFreezer.java", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/wal/common/deque/MPSCFAAArrayDequeue.java", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/wal/cas/WrittenUpTo.java", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/wal/cas/OWALFile.java", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/wal/cas/OWALChannelFile.java", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/wal/common/EmptyWALRecord.java", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/wal/common/CASWALPage.java", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/wal/cas/RecordsWriter.java", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/wal/common/MilestoneWALRecord.java", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/wal/cas/CASDiskWriteAheadLog.java", "features": [ 0, 100, 0, 0 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/wal/common/WriteableWALRecord.java", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/serialization/serializer/binary/impl/index/CompositeKeySerializer.java", "features": [ 0, 25, 30, 0 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/serialization/serializer/binary/impl/index/OCompositeKeySerializer.java", "features": [ 3, 20, 0, 99 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/serialization/serializer/binary/impl/index/OSimpleKeySerializer.java", "features": [ 3, 10, 0, 99 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/atomicoperations/AtomicOperationStatus.java", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/wal/common/StartWALRecord.java", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/atomicoperations/AtomicOperationsTable.java", "features": [ 0, 14, 0, 0 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/atomicoperations/OAtomicOperation.java", "features": [ 6, 4, 0, 99 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/atomicoperations/OCacheEntryChanges.java", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/base/ODurableComponent.java", "features": [ 8, 10, 0, 99 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/atomicoperations/ONestedRollbackException.java", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/atomicoperations/OAtomicOperationsManager.java", "features": [ 3, 21, 0, 99 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/atomicoperations/OAtomicOperationMetadata.java", "features": [ 1, 2, 0, 95 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/base/ODurablePage.java", "features": [ 6, 18, 0, 99 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-2912", "cvss": 8.8, "repo": "orientechnologies/orientdb", "file": "core/src/main/java/com/orientechnologies/orient/core/storage/impl/local/paginated/atomicoperations/OAtomicOperationBinaryTracking.java", "features": [ 0, 35, 0, 0 ], "label": 0, "cve_description": "OrientDB Server Community Edition allows remote attackers to execute arbitrary commands via a crafted request to the Studio component.", "file_language": "Java", "file_component": "core/src/main", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/common/protocols/legacy/legacypeer.cpp", "features": [ 0, 34, 80, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C++", "file_component": "src/common/protocols", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/common/serializers/serializers.cpp", "features": [ 0, 29, 0, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C++", "file_component": "src/common/serializers", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/qtui/settingspages/aliasesmodel.cpp", "features": [ 0, 16, 10, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C++", "file_component": "src/qtui/settingspages", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/common/protocols/legacy/legacypeer.h", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "src/common/protocols", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/common/serializers/serializers.h", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "src/common/serializers", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/common/protocols/datastream/datastreampeer.cpp", "features": [ 0, 21, 10, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C++", "file_component": "src/common/protocols", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/qtui/settingspages/aliasesmodel.h", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "src/qtui/settingspages", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/qtui/settingspages/aliasessettingspage.cpp", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C++", "file_component": "src/qtui/settingspages", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/common/protocols/datastream/datastreampeer.h", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "src/common/protocols", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/qtui/settingspages/aliasessettingspage.h", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "src/qtui/settingspages", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/qtui/settingspages/appearancesettingspage.h", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "src/qtui/settingspages", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/qtui/settingspages/backlogsettingspage.cpp", "features": [ 0, 4, 10, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C++", "file_component": "src/qtui/settingspages", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/qtui/settingspages/backlogsettingspage.h", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "src/qtui/settingspages", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/qtui/settingspages/appearancesettingspage.cpp", "features": [ 0, 19, 0, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C++", "file_component": "src/qtui/settingspages", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/qtui/settingspages/bufferviewsettingspage.h", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "src/qtui/settingspages", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/qtui/settingspages/chatmonitorsettingspage.h", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "src/qtui/settingspages", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/qtui/settingspages/chatviewcolorsettingspage.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "src/qtui/settingspages", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/qtui/settingspages/chatviewcolorsettingspage.cpp", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C++", "file_component": "src/qtui/settingspages", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/qtui/settingspages/chatviewsettingspage.cpp", "features": [ 0, 4, 10, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C++", "file_component": "src/qtui/settingspages", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/qtui/settingspages/chatmonitorsettingspage.cpp", "features": [ 0, 16, 20, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C++", "file_component": "src/qtui/settingspages", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/qtui/settingspages/chatviewsettingspage.h", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "src/qtui/settingspages", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/qtui/settingspages/connectionsettingspage.cpp", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C++", "file_component": "src/qtui/settingspages", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/qtui/settingspages/bufferviewsettingspage.cpp", "features": [ 0, 29, 0, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C++", "file_component": "src/qtui/settingspages", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/qtui/settingspages/connectionsettingspage.h", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "src/qtui/settingspages", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/qtui/settingspages/coreaccountsettingspage.cpp", "features": [ 0, 19, 10, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C++", "file_component": "src/qtui/settingspages", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/qtui/settingspages/coreconnectionsettingspage.cpp", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C++", "file_component": "src/qtui/settingspages", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/qtui/settingspages/coreaccountsettingspage.h", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "src/qtui/settingspages", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/qtui/settingspages/coreconnectionsettingspage.h", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "src/qtui/settingspages", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/qtui/settingspages/corehighlightsettingspage.h", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "src/qtui/settingspages", "is_test_file": false }, { "cveId": "CVE-2015-8547", "cvss": 7.5, "repo": "quassel/quassel", "file": "src/qtui/settingspages/corehighlightsettingspage.cpp", "features": [ 0, 39, 30, 0 ], "label": 0, "cve_description": "Quassel Core allows remote attackers to cause a denial of service via a crafted message that triggers an out-of-bounds read.", "file_language": "C++", "file_component": "src/qtui/settingspages", "is_test_file": false }, { "cveId": "CVE-2015-8612", "cvss": 8.4, "repo": "blueman-project/blueman", "file": "blueman/bluez/obex/Manager.py", "features": [ 0, 17, 0, 0 ], "label": 0, "cve_description": "Blueman allows local users to gain privileges via a crafted D-Bus request, leading to arbitrary command execution with elevated permissions.", "file_language": "Python", "file_component": "blueman/bluez/obex", "is_test_file": false }, { "cveId": "CVE-2015-8612", "cvss": 8.4, "repo": "blueman-project/blueman", "file": "blueman/bluez/obex/ObjectPush.py", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "Blueman allows local users to gain privileges via a crafted D-Bus request, leading to arbitrary command execution with elevated permissions.", "file_language": "Python", "file_component": "blueman/bluez/obex", "is_test_file": false }, { "cveId": "CVE-2015-8612", "cvss": 8.4, "repo": "blueman-project/blueman", "file": "blueman/bluez/obex/Base.py", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "Blueman allows local users to gain privileges via a crafted D-Bus request, leading to arbitrary command execution with elevated permissions.", "file_language": "Python", "file_component": "blueman/bluez/obex", "is_test_file": false }, { "cveId": "CVE-2015-8612", "cvss": 8.4, "repo": "blueman-project/blueman", "file": "blueman/bluez/obex/Transfer.py", "features": [ 0, 15, 20, 0 ], "label": 0, "cve_description": "Blueman allows local users to gain privileges via a crafted D-Bus request, leading to arbitrary command execution with elevated permissions.", "file_language": "Python", "file_component": "blueman/bluez/obex", "is_test_file": false }, { "cveId": "CVE-2015-8612", "cvss": 8.4, "repo": "blueman-project/blueman", "file": "blueman/bluez/obex/Session.py", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "Blueman allows local users to gain privileges via a crafted D-Bus request, leading to arbitrary command execution with elevated permissions.", "file_language": "Python", "file_component": "blueman/bluez/obex", "is_test_file": false }, { "cveId": "CVE-2015-8612", "cvss": 8.4, "repo": "blueman-project/blueman", "file": "blueman/bluez/obex/Client.py", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "Blueman allows local users to gain privileges via a crafted D-Bus request, leading to arbitrary command execution with elevated permissions.", "file_language": "Python", "file_component": "blueman/bluez/obex", "is_test_file": false }, { "cveId": "CVE-2015-8612", "cvss": 8.4, "repo": "blueman-project/blueman", "file": "blueman/bluez/obex/AgentManager.py", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "Blueman allows local users to gain privileges via a crafted D-Bus request, leading to arbitrary command execution with elevated permissions.", "file_language": "Python", "file_component": "blueman/bluez/obex", "is_test_file": false }, { "cveId": "CVE-2015-8612", "cvss": 8.4, "repo": "blueman-project/blueman", "file": "blueman/gui/manager/ManagerMenu.py", "features": [ 1, 28, 10, 27 ], "label": 0, "cve_description": "Blueman allows local users to gain privileges via a crafted D-Bus request, leading to arbitrary command execution with elevated permissions.", "file_language": "Python", "file_component": "blueman/gui/manager", "is_test_file": false }, { "cveId": "CVE-2015-8612", "cvss": 8.4, "repo": "blueman-project/blueman", "file": "blueman/gui/manager/ManagerDeviceMenu.py", "features": [ 0, 71, 20, 0 ], "label": 1, "cve_description": "Blueman allows local users to gain privileges via a crafted D-Bus request, leading to arbitrary command execution with elevated permissions.", "file_language": "Python", "file_component": "blueman/gui/manager", "is_test_file": false }, { "cveId": "CVE-2015-8612", "cvss": 8.4, "repo": "blueman-project/blueman", "file": "blueman/gui/manager/ManagerDeviceList.py", "features": [ 0, 96, 20, 0 ], "label": 0, "cve_description": "Blueman allows local users to gain privileges via a crafted D-Bus request, leading to arbitrary command execution with elevated permissions.", "file_language": "Python", "file_component": "blueman/gui/manager", "is_test_file": false }, { "cveId": "CVE-2015-8612", "cvss": 8.4, "repo": "blueman-project/blueman", "file": "blueman/gui/manager/ManagerProgressbar.py", "features": [ 4, 43, 0, 31 ], "label": 1, "cve_description": "Blueman allows local users to gain privileges via a crafted D-Bus request, leading to arbitrary command execution with elevated permissions.", "file_language": "Python", "file_component": "blueman/gui/manager", "is_test_file": false }, { "cveId": "CVE-2015-8612", "cvss": 8.4, "repo": "blueman-project/blueman", "file": "blueman/gui/applet/PluginDialog.py", "features": [ 0, 52, 40, 0 ], "label": 0, "cve_description": "Blueman allows local users to gain privileges via a crafted D-Bus request, leading to arbitrary command execution with elevated permissions.", "file_language": "Python", "file_component": "blueman/gui/applet", "is_test_file": false }, { "cveId": "CVE-2015-8612", "cvss": 8.4, "repo": "blueman-project/blueman", "file": "blueman/gui/manager/ManagerStats.py", "features": [ 0, 20, 0, 0 ], "label": 0, "cve_description": "Blueman allows local users to gain privileges via a crafted D-Bus request, leading to arbitrary command execution with elevated permissions.", "file_language": "Python", "file_component": "blueman/gui/manager", "is_test_file": false }, { "cveId": "CVE-2015-8612", "cvss": 8.4, "repo": "blueman-project/blueman", "file": "blueman/gui/manager/ManagerToolbar.py", "features": [ 0, 17, 10, 0 ], "label": 0, "cve_description": "Blueman allows local users to gain privileges via a crafted D-Bus request, leading to arbitrary command execution with elevated permissions.", "file_language": "Python", "file_component": "blueman/gui/manager", "is_test_file": false }, { "cveId": "CVE-2015-8612", "cvss": 8.4, "repo": "blueman-project/blueman", "file": "blueman/main/indicators/GtkStatusIcon.py", "features": [ 0, 29, 0, 0 ], "label": 0, "cve_description": "Blueman allows local users to gain privileges via a crafted D-Bus request, leading to arbitrary command execution with elevated permissions.", "file_language": "Python", "file_component": "blueman/main/indicators", "is_test_file": false }, { "cveId": "CVE-2015-8612", "cvss": 8.4, "repo": "blueman-project/blueman", "file": "blueman/main/applet/BluezAgent.py", "features": [ 2, 59, 0, 72 ], "label": 0, "cve_description": "Blueman allows local users to gain privileges via a crafted D-Bus request, leading to arbitrary command execution with elevated permissions.", "file_language": "Python", "file_component": "blueman/main/applet", "is_test_file": false }, { "cveId": "CVE-2015-8612", "cvss": 8.4, "repo": "blueman-project/blueman", "file": "blueman/main/indicators/IndicatorInterface.py", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "Blueman allows local users to gain privileges via a crafted D-Bus request, leading to arbitrary command execution with elevated permissions.", "file_language": "Python", "file_component": "blueman/main/indicators", "is_test_file": false }, { "cveId": "CVE-2015-8612", "cvss": 8.4, "repo": "blueman-project/blueman", "file": "blueman/main/indicators/StatusNotifierItem.py", "features": [ 0, 49, 0, 0 ], "label": 0, "cve_description": "Blueman allows local users to gain privileges via a crafted D-Bus request, leading to arbitrary command execution with elevated permissions.", "file_language": "Python", "file_component": "blueman/main/indicators", "is_test_file": false }, { "cveId": "CVE-2015-8612", "cvss": 8.4, "repo": "blueman-project/blueman", "file": "blueman/plugins/applet/AuthAgent.py", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Blueman allows local users to gain privileges via a crafted D-Bus request, leading to arbitrary command execution with elevated permissions.", "file_language": "Python", "file_component": "blueman/plugins/applet", "is_test_file": false }, { "cveId": "CVE-2015-8612", "cvss": 8.4, "repo": "blueman-project/blueman", "file": "blueman/plugins/applet/AutoConnect.py", "features": [ 0, 18, 0, 0 ], "label": 0, "cve_description": "Blueman allows local users to gain privileges via a crafted D-Bus request, leading to arbitrary command execution with elevated permissions.", "file_language": "Python", "file_component": "blueman/plugins/applet", "is_test_file": false }, { "cveId": "CVE-2015-8612", "cvss": 8.4, "repo": "blueman-project/blueman", "file": "blueman/plugins/applet/ConnectionNotifier.py", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "Blueman allows local users to gain privileges via a crafted D-Bus request, leading to arbitrary command execution with elevated permissions.", "file_language": "Python", "file_component": "blueman/plugins/applet", "is_test_file": false }, { "cveId": "CVE-2015-8612", "cvss": 8.4, "repo": "blueman-project/blueman", "file": "blueman/plugins/applet/DisconnectItems.py", "features": [ 0, 14, 0, 0 ], "label": 0, "cve_description": "Blueman allows local users to gain privileges via a crafted D-Bus request, leading to arbitrary command execution with elevated permissions.", "file_language": "Python", "file_component": "blueman/plugins/applet", "is_test_file": false }, { "cveId": "CVE-2015-8612", "cvss": 8.4, "repo": "blueman-project/blueman", "file": "blueman/plugins/applet/DBusService.py", "features": [ 0, 28, 0, 0 ], "label": 0, "cve_description": "Blueman allows local users to gain privileges via a crafted D-Bus request, leading to arbitrary command execution with elevated permissions.", "file_language": "Python", "file_component": "blueman/plugins/applet", "is_test_file": false }, { "cveId": "CVE-2015-8612", "cvss": 8.4, "repo": "blueman-project/blueman", "file": "blueman/plugins/applet/DhcpClient.py", "features": [ 0, 15, 0, 0 ], "label": 0, "cve_description": "Blueman allows local users to gain privileges via a crafted D-Bus request, leading to arbitrary command execution with elevated permissions.", "file_language": "Python", "file_component": "blueman/plugins/applet", "is_test_file": false }, { "cveId": "CVE-2015-8612", "cvss": 8.4, "repo": "blueman-project/blueman", "file": "blueman/plugins/applet/DiscvManager.py", "features": [ 0, 27, 20, 0 ], "label": 0, "cve_description": "Blueman allows local users to gain privileges via a crafted D-Bus request, leading to arbitrary command execution with elevated permissions.", "file_language": "Python", "file_component": "blueman/plugins/applet", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "contrib/siab.rb", "features": [ 0, 17, 40, 0 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "Ruby", "file_component": "contrib", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "contrib/README-siab.rb", "features": [ 0, 1, 80, 0 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "Ruby", "file_component": "contrib", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "libhttp/server.c", "features": [ 1, 37, 10, 56 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C", "file_component": "libhttp", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "libhttp/httpconnection.h", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C/C++ Header", "file_component": "libhttp", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "libhttp/hashmap.h", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C/C++ Header", "file_component": "libhttp", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "libhttp/http.h", "features": [ 1, 20, 0, 56 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C/C++ Header", "file_component": "libhttp", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "libhttp/httpconnection.c", "features": [ 1, 100, 100, 56 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C", "file_component": "libhttp", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "libhttp/hashmap.c", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C", "file_component": "libhttp", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "libhttp/server.h", "features": [ 1, 11, 0, 56 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C/C++ Header", "file_component": "libhttp", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "libhttp/trie.h", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C/C++ Header", "file_component": "libhttp", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "libhttp/ssl.h", "features": [ 1, 43, 0, 56 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C/C++ Header", "file_component": "libhttp", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "libhttp/ssl.c", "features": [ 2, 96, 90, 57 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C", "file_component": "libhttp", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "libhttp/trie.c", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C", "file_component": "libhttp", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "libhttp/url.h", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C/C++ Header", "file_component": "libhttp", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "logging/logging.c", "features": [ 0, 21, 100, 0 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C", "file_component": "logging", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "libhttp/url.c", "features": [ 0, 27, 0, 0 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C", "file_component": "libhttp", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "logging/logging.h", "features": [ 0, 7, 40, 0 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C/C++ Header", "file_component": "logging", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "shellinabox/launcher.h", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C/C++ Header", "file_component": "shellinabox", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "shellinabox/externalfile.c", "features": [ 0, 22, 0, 0 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C", "file_component": "shellinabox", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "shellinabox/privileges.h", "features": [ 0, 14, 0, 0 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C/C++ Header", "file_component": "shellinabox", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "shellinabox/service.c", "features": [ 0, 19, 0, 0 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C", "file_component": "shellinabox", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "shellinabox/privileges.c", "features": [ 0, 48, 10, 0 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C", "file_component": "shellinabox", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "shellinabox/service.h", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C/C++ Header", "file_component": "shellinabox", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "shellinabox/externalfile.h", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C/C++ Header", "file_component": "shellinabox", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "shellinabox/session.c", "features": [ 2, 15, 20, 91 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C", "file_component": "shellinabox", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "shellinabox/session.h", "features": [ 2, 6, 0, 91 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C/C++ Header", "file_component": "shellinabox", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "shellinabox/usercss.h", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C/C++ Header", "file_component": "shellinabox", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "shellinabox/launcher.c", "features": [ 0, 100, 100, 0 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C", "file_component": "shellinabox", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "shellinabox/shellinaboxd.c", "features": [ 3, 87, 100, 91 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C", "file_component": "shellinabox", "is_test_file": false }, { "cveId": "CVE-2015-8400", "cvss": 7.4, "repo": "shellinabox/shellinabox", "file": "shellinabox/usercss.c", "features": [ 0, 17, 0, 0 ], "label": 0, "cve_description": "The HTTPS fallback implementation in Shell In A Box allows man-in-the-middle attackers to downgrade connections to HTTP.", "file_language": "C", "file_component": "shellinabox", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/html/tree/insertion_mode/after_after_body.c", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/css/syntax/tokenizer/error.c", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/ports/windows_nt/lexbor/core/memory.c", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/html/tree/insertion_mode/after_body.c", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/css/syntax/tokenizer/error.h", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C/C++ Header", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/ports/posix/lexbor/core/memory.c", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/html/tree/insertion_mode/after_after_frameset.c", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/html/tree/insertion_mode/after_frameset.c", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/html/tree/insertion_mode/after_head.c", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/html/tree/insertion_mode/in_caption.c", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/html/tree/insertion_mode/in_cell.c", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/html/tree/insertion_mode/before_head.c", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/html/tree/insertion_mode/in_column_group.c", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/html/tree/insertion_mode/foreign_content.c", "features": [ 0, 18, 10, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/html/tree/insertion_mode/in_body.c", "features": [ 0, 99, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/html/tree/insertion_mode/before_html.c", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/html/tree/insertion_mode/in_head.c", "features": [ 0, 22, 20, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/html/tree/insertion_mode/in_head_noscript.c", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/html/tree/insertion_mode/in_frameset.c", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/html/tree/insertion_mode/in_select_in_table.c", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/html/tree/insertion_mode/in_select.c", "features": [ 0, 19, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/html/tree/insertion_mode/in_table.c", "features": [ 0, 23, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/html/tree/insertion_mode/in_table_body.c", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/html/tree/insertion_mode/in_table_text.c", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/html/tree/insertion_mode/in_template.c", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/html/tree/insertion_mode/initial.c", "features": [ 0, 23, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/html/tree/insertion_mode/in_row.c", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/html/tree/insertion_mode/text.c", "features": [ 0, 5, 20, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/css/at_rule/const.h", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C/C++ Header", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2016-1904", "cvss": 7.3, "repo": "php/php-src", "file": "ext/lexbor/lexbor/css/at_rule/res.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the php_raw_url_encode function in PHP allows remote attackers to cause a denial of service via a long string.", "file_language": "C/C++ Header", "file_component": "ext/lexbor/lexbor", "is_test_file": false }, { "cveId": "CVE-2015-6925", "cvss": 7.5, "repo": "IAIK/wolfSSL-DoS", "file": "target.c", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "wolfSSL allows remote attackers to cause a denial of service (resource consumption) via crafted TLS handshake messages.", "file_language": "C", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2015-6925", "cvss": 7.5, "repo": "IAIK/wolfSSL-DoS", "file": "attack.c", "features": [ 0, 21, 0, 0 ], "label": 0, "cve_description": "wolfSSL allows remote attackers to cause a denial of service (resource consumption) via crafted TLS handshake messages.", "file_language": "C", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2015-6925", "cvss": 7.5, "repo": "IAIK/wolfSSL-DoS", "file": "server-dtls.c", "features": [ 0, 11, 30, 0 ], "label": 0, "cve_description": "wolfSSL allows remote attackers to cause a denial of service (resource consumption) via crafted TLS handshake messages.", "file_language": "C", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "src/rust/hb.rs", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "Rust", "file_component": "src/rust", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "src/wasm/sample/rust/hello-wasm/src/lib.rs", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "Rust", "file_component": "src/wasm/sample", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "util/gpu/demo-atlas.h", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "util/gpu", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "src/rust/shape.rs", "features": [ 0, 48, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "Rust", "file_component": "src/rust", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "src/rust/lib.rs", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "Rust", "file_component": "src/rust", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "src/rust/font.rs", "features": [ 0, 100, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "Rust", "file_component": "src/rust", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "src/wasm/rust/harfbuzz-wasm/src/lib.rs", "features": [ 0, 97, 100, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "Rust", "file_component": "src/wasm/rust", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "util/gpu/demo-buffer.h", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "util/gpu", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "util/gpu/demo-common.h", "features": [ 0, 14, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "util/gpu", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "util/gpu/demo-shader.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "util/gpu", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "util/gpu/demo-view.h", "features": [ 0, 19, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "util/gpu", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "util/gpu/demo-font.h", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "util/gpu", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "util/gpu/gen-default-texts.py", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "Python", "file_component": "util/gpu", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "src/check-c-linkage-decls.py", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "Python", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "util/gpu/demo-glstate.h", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "util/gpu", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "src/addTable.py", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "Python", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "src/check-externs.py", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "Python", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "src/check-libstdc++.py", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "Python", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "src/check-header-guards.py", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "Python", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "src/check-includes.py", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "Python", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "src/check-static-inits.py", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "Python", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "src/check-release-notes.py", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "Python", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "src/check-symbols.py", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "Python", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "src/failing-alloc.c", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "src/fix_get_types.py", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "Python", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "src/gen-arabic-pua.py", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "Python", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "src/gen-arabic-joining-list.py", "features": [ 0, 19, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "Python", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "src/check_helpers.py", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "Python", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "src/gen-arabic-table.py", "features": [ 0, 27, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "Python", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-2052", "cvss": 7.6, "repo": "behdad/harfbuzz", "file": "src/gen-def.py", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "HarfBuzz allows remote attackers to cause a denial of service via a crafted font that triggers an out-of-bounds read.", "file_language": "Python", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/Http/Client/Adapter/Curl.php", "features": [ 0, 21, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/Http/Client", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/Datasource/Paging/Exception/PageOutOfBoundsException.php", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/Datasource/Paging", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/Core/Configure/Engine/PhpConfig.php", "features": [ 0, 12, 10, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/Core/Configure", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/Http/Client/Adapter/Stream.php", "features": [ 0, 41, 10, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/Http/Client", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/Http/Client/Auth/Basic.php", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/Http/Client", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/Core/Configure/Engine/JsonConfig.php", "features": [ 0, 12, 10, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/Core/Configure", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/Http/Client/Adapter/Mock.php", "features": [ 0, 13, 10, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/Http/Client", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/Core/Configure/Engine/IniConfig.php", "features": [ 0, 20, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/Core/Configure", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/Http/Client/Exception/ClientException.php", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/Http/Client", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/Http/Client/Auth/Digest.php", "features": [ 0, 25, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/Http/Client", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/Http/Client/Auth/Oauth.php", "features": [ 0, 41, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/Http/Client", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/Http/Client/Exception/NetworkException.php", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/Http/Client", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/Http/Client/Exception/RequestException.php", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/Http/Client", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/Http/Client/Exception/MissingResponseException.php", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/Http/Client", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/ORM/Association/Loader/SelectWithPivotLoader.php", "features": [ 0, 23, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/ORM/Association", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/ORM/Association/Loader/SelectLoader.php", "features": [ 0, 67, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/ORM/Association", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/ORM/Behavior/Translate/TranslateTrait.php", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/ORM/Behavior", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/Cache/Engine/ArrayEngine.php", "features": [ 0, 28, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/Cache/Engine", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/Cache/Engine/ApcuEngine.php", "features": [ 0, 36, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/Cache/Engine", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/Cache/Engine/NullEngine.php", "features": [ 0, 28, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/Cache/Engine", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/ORM/Behavior/Translate/ShadowTableStrategy.php", "features": [ 0, 74, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/ORM/Behavior", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/Cache/Engine/FileEngine.php", "features": [ 0, 53, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/Cache/Engine", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/Cache/Engine/MemcachedEngine.php", "features": [ 0, 62, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/Cache/Engine", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/Cache/Event/CacheAfterAddEvent.php", "features": [ 0, 18, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/Cache/Event", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/Cache/Engine/RedisEngine.php", "features": [ 0, 86, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/Cache/Engine", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/Cache/Event/CacheAfterDecrementEvent.php", "features": [ 0, 18, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/Cache/Event", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/ORM/Behavior/Translate/EavStrategy.php", "features": [ 0, 54, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/ORM/Behavior", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/Cache/Event/CacheAfterDeleteEvent.php", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/Cache/Event", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/Cache/Event/CacheAfterGetEvent.php", "features": [ 0, 15, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/Cache/Event", "is_test_file": false }, { "cveId": "CVE-2015-8379", "cvss": 8.8, "repo": "cakephp/cakephp", "file": "src/Cache/Event/CacheAfterIncrementEvent.php", "features": [ 0, 18, 0, 0 ], "label": 0, "cve_description": "CakePHP allows remote attackers to bypass CSRF protection via a crafted HTTP request.", "file_language": "PHP", "file_component": "src/Cache/Event", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/go/internal/lockedfile/internal/filelock/filelock_fcntl.go", "features": [ 0, 17, 20, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/go", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/crypto/internal/fips140/aes/_asm/ctr/ctr_amd64_asm.go", "features": [ 0, 19, 0, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/crypto/internal", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/go/internal/lockedfile/internal/filelock/filelock_unix.go", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/go", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/go/internal/lockedfile/internal/filelock/filelock.go", "features": [ 0, 14, 0, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/go", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/go/internal/lockedfile/internal/filelock/filelock_other.go", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/go", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/go/internal/lockedfile/internal/filelock/filelock_windows.go", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/go", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/crypto/internal/fips140/aes/gcm/_asm/gcm/gcm_amd64_asm.go", "features": [ 0, 100, 80, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/crypto/internal", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/compile/internal/inline/inlheur/actualexprpropbits_string.go", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/compile", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/compile/internal/inline/inlheur/analyze_func_flags.go", "features": [ 0, 75, 100, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/compile", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/compile/internal/inline/inlheur/analyze_func_params.go", "features": [ 0, 78, 80, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/compile", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/crypto/internal/fips140/aes/_asm/standard/aes_amd64.go", "features": [ 0, 53, 20, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/crypto/internal", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/crypto/internal/fips140/edwards25519/field/_asm/fe_amd64_asm.go", "features": [ 0, 38, 0, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/crypto/internal", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/compile/internal/inline/inlheur/analyze.go", "features": [ 0, 100, 100, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/compile", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/compile/internal/inline/inlheur/analyze_func_callsites.go", "features": [ 0, 86, 100, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/compile", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/compile/internal/inline/inlheur/analyze_func_returns.go", "features": [ 0, 80, 70, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/compile", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/compile/internal/inline/inlheur/callsite.go", "features": [ 0, 28, 10, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/compile", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/compile/internal/inline/inlheur/cspropbits_string.go", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/compile", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/compile/internal/inline/inlheur/funcprop_string.go", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/compile", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/compile/internal/inline/inlheur/eclassify.go", "features": [ 0, 24, 90, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/compile", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/compile/internal/inline/inlheur/names.go", "features": [ 0, 37, 10, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/compile", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/compile/internal/inline/inlheur/function_properties.go", "features": [ 0, 35, 0, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/compile", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/compile/internal/inline/inlheur/funcpropbits_string.go", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/compile", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/compile/internal/inline/inlheur/parampropbits_string.go", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/compile", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/compile/internal/inline/inlheur/pstate_string.go", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/compile", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/compile/internal/inline/inlheur/resultpropbits_string.go", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/compile", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/compile/internal/inline/inlheur/scoreadjusttyp_string.go", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/compile", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/compile/internal/inline/inlheur/score_callresult_uses.go", "features": [ 0, 59, 100, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/compile", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/compile/internal/inline/inlheur/trace_off.go", "features": [ 0, 7, 50, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/compile", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/compile/internal/inline/inlheur/serialize.go", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/compile", "is_test_file": false }, { "cveId": "CVE-2015-8618", "cvss": 7.5, "repo": "golang/go", "file": "src/cmd/compile/internal/inline/inlheur/scoring.go", "features": [ 0, 100, 100, 0 ], "label": 0, "cve_description": "The math/big package in Go before 1.5.3 does not properly handle carry propagation, allowing attackers to bypass RSA key validation.", "file_language": "Go", "file_component": "src/cmd/compile", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/s3api/controllers/location.py", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/s3api/controllers/logging.py", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/s3api/controllers/multi_delete.py", "features": [ 0, 17, 0, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/s3api/controllers/__init__.py", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/s3api/controllers/acl.py", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/s3api/controllers/base.py", "features": [ 0, 25, 10, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/s3api/controllers/bucket.py", "features": [ 0, 55, 30, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/s3api/controllers/multi_upload.py", "features": [ 0, 71, 40, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/s3api/controllers/object_lock.py", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/s3api/controllers/obj.py", "features": [ 0, 29, 20, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/s3api/controllers/tagging.py", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/s3api/controllers/s3_acl.py", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/s3api/controllers/versioning.py", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/crypto/__init__.py", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/crypto/crypto_utils.py", "features": [ 0, 55, 0, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/s3api/controllers/service.py", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/crypto/encrypter.py", "features": [ 0, 51, 0, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/crypto/kms_keymaster.py", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/crypto/kmip_keymaster.py", "features": [ 0, 17, 30, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/crypto/keymaster.py", "features": [ 0, 57, 40, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/crypto/decrypter.py", "features": [ 0, 68, 20, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/s3api/acl_handlers.py", "features": [ 0, 84, 80, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/s3api/acl_utils.py", "features": [ 0, 9, 20, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/s3api/etree.py", "features": [ 0, 22, 20, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/s3api/exception.py", "features": [ 0, 20, 0, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/s3api/s3api.py", "features": [ 0, 54, 90, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/s3api/s3token.py", "features": [ 0, 38, 100, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/s3api/s3request.py", "features": [ 0, 100, 60, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-0738", "cvss": 7.5, "repo": "openstack/swift", "file": "swift/common/middleware/s3api/s3response.py", "features": [ 0, 95, 0, 0 ], "label": 0, "cve_description": "OpenStack Swift allows remote authenticated users to cause a denial of service via a crafted X-Copy-From header in a COPY request.", "file_language": "Python", "file_component": "swift/common/middleware", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiextensions-apiserver/examples/client-go/pkg/client/clientset/versioned/typed/cr/v1/doc.go", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiextensions-apiserver/examples/client-go/pkg/client/clientset/versioned/typed/cr/v1/cr_client.go", "features": [ 0, 19, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiextensions-apiserver/examples/client-go/pkg/client/clientset/versioned/typed/cr/v1/fake/fake_cr_client.go", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiextensions-apiserver/examples/client-go/pkg/client/clientset/versioned/typed/cr/v1/fake/doc.go", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiextensions-apiserver/examples/client-go/pkg/client/clientset/versioned/typed/cr/v1/generated_expansion.go", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiextensions-apiserver/examples/client-go/pkg/client/clientset/versioned/typed/cr/v1/fake/fake_example.go", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiextensions-apiserver/examples/client-go/pkg/client/informers/externalversions/cr/v1/example.go", "features": [ 0, 18, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiextensions-apiserver/examples/client-go/pkg/client/clientset/versioned/typed/cr/v1/example.go", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiextensions-apiserver/examples/client-go/pkg/client/informers/externalversions/cr/v1/interface.go", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1beta1/fake/doc.go", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1/fake/doc.go", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiserver/pkg/admission/plugin/policy/config/apis/policyconfig/install/install.go", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1beta1/fake/fake_customresourcedefinition.go", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1/fake/fake_apiextensions_client.go", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1/fake/fake_customresourcedefinition.go", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset/typed/apiextensions/v1beta1/fake/fake_apiextensions_client.go", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1/doc.go", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiserver/pkg/admission/plugin/policy/config/apis/policyconfig/v1/register.go", "features": [ 0, 7, 10, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/install/install.go", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiserver/pkg/admission/plugin/policy/config/apis/policyconfig/v1/zz_generated.conversion.go", "features": [ 0, 25, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiserver/pkg/admission/plugin/policy/config/apis/policyconfig/v1/types.go", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiserver/pkg/admission/plugin/policy/config/apis/policyconfig/v1/zz_generated.deepcopy.go", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1/register.go", "features": [ 0, 7, 10, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiserver/pkg/admission/plugin/policy/config/apis/policyconfig/v1/doc.go", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1/zz_generated.conversion.go", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1/zz_generated.deepcopy.go", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/code-generator/examples/HyphenGroup/clientset/versioned/typed/example/v1/fake/fake_example_client.go", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/code-generator/examples/HyphenGroup/clientset/versioned/typed/example/v1/fake/doc.go", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1/zz_generated.defaults.go", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2016-1905", "cvss": 7.7, "repo": "kubernetes/kubernetes", "file": "staging/src/k8s.io/apiserver/pkg/admission/plugin/webhook/config/apis/webhookadmission/v1/types.go", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Kubernetes allows remote authenticated users to access sensitive information via unauthorized API calls due to improper authorization checks.", "file_language": "Go", "file_component": "staging/src/k8s.io", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/btree/bt_close.c", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/btree/bt_delete.c", "features": [ 0, 32, 0, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/btree/bt_conv.c", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/btree/bt_page.c", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/btree/bt_get.c", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/btree/bt_open.c", "features": [ 0, 36, 30, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/btree/bt_overflow.c", "features": [ 0, 15, 40, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/btree/bt_search.c", "features": [ 0, 14, 0, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/btree/bt_put.c", "features": [ 0, 22, 10, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/btree/bt_utils.c", "features": [ 0, 13, 10, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/btree/extern.h", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C/C++ Header", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/btree/bt_debug.c", "features": [ 0, 37, 50, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/btree/bt_seq.c", "features": [ 0, 30, 20, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/btree/bt_split.c", "features": [ 0, 53, 50, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/btree/btree.h", "features": [ 0, 45, 10, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C/C++ Header", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/db/db.c", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/hash/dbm.c", "features": [ 0, 27, 0, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/hash/extern.h", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C/C++ Header", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/hash/hash.h", "features": [ 0, 20, 0, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C/C++ Header", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/hash/hash_bigkey.c", "features": [ 0, 47, 90, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/hash/hash_debug.c", "features": [ 0, 7, 40, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/hash/hash.c", "features": [ 0, 74, 70, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/hash/hash_func.c", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/hash/hsearch.c", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/hash/hash_log2.c", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/hash/hash_page.c", "features": [ 0, 100, 100, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/include/config.h", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C/C++ Header", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/hash/page.h", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C/C++ Header", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/include/db-dbm.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C/C++ Header", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2015-8630", "cvss": 7.5, "repo": "krb5/krb5", "file": "src/plugins/kdb/db2/libdb2/hash/search.h", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "MIT Kerberos 5 (krb5) allows remote authenticated users to cause a denial of service via a null pointer dereference in the KDC.", "file_language": "C/C++ Header", "file_component": "src/plugins/kdb", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "src/Controllers/Server/Status/Monitor/LogVarsController.php", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "PHP", "file_component": "src/Controllers/Server", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "resources/js/codemirror/addon/lint/sql-lint.ts", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "TypeScript", "file_component": "resources/js/codemirror", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "src/Controllers/Server/Status/Monitor/QueryAnalyzerController.php", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "PHP", "file_component": "src/Controllers/Server", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "src/Controllers/Database/Structure/CentralColumns/MakeConsistentController.php", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "PHP", "file_component": "src/Controllers/Database", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "src/Controllers/Database/Structure/CentralColumns/AddController.php", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "PHP", "file_component": "src/Controllers/Database", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "src/Controllers/Server/Status/Monitor/GeneralLogController.php", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "PHP", "file_component": "src/Controllers/Server", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "src/Controllers/Database/Structure/CentralColumns/RemoveController.php", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "PHP", "file_component": "src/Controllers/Database", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "src/Controllers/Server/Status/Monitor/ChartingDataController.php", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "PHP", "file_component": "src/Controllers/Server", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "src/Controllers/Server/Status/Processes/KillController.php", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "PHP", "file_component": "src/Controllers/Server", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "resources/js/modules/functions/adjustTotals.ts", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "TypeScript", "file_component": "resources/js/modules", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "resources/js/modules/console/config.ts", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "TypeScript", "file_component": "resources/js/modules", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "resources/js/modules/functions/chartByteFormatter.ts", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "TypeScript", "file_component": "resources/js/modules", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "resources/js/modules/functions/checkNumberOfFields.ts", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "TypeScript", "file_component": "resources/js/modules", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "src/Controllers/Server/Status/Processes/RefreshController.php", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "PHP", "file_component": "src/Controllers/Server", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "src/Controllers/Server/Status/Monitor/SlowLogController.php", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "PHP", "file_component": "src/Controllers/Server", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "resources/js/modules/functions/createProfilingChart.ts", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "TypeScript", "file_component": "resources/js/modules", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "resources/js/modules/functions/event-loader.ts", "features": [ 0, 23, 10, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "TypeScript", "file_component": "resources/js/modules", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "resources/js/modules/functions/escape.ts", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "TypeScript", "file_component": "resources/js/modules", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "resources/js/modules/functions/formatDateTime.ts", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "TypeScript", "file_component": "resources/js/modules", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "resources/js/modules/functions/getImageTag.ts", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "TypeScript", "file_component": "resources/js/modules", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "resources/js/modules/functions/handleRedirectAndReload.ts", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "TypeScript", "file_component": "resources/js/modules", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "resources/js/modules/functions/getJsConfirmCommonParam.ts", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "TypeScript", "file_component": "resources/js/modules", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "resources/js/modules/functions/handleCreateViewModal.ts", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "TypeScript", "file_component": "resources/js/modules", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "resources/js/modules/functions/ignorePhpErrors.ts", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "TypeScript", "file_component": "resources/js/modules", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "resources/js/modules/indexes/checkIndexType.ts", "features": [ 0, 14, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "TypeScript", "file_component": "resources/js/modules", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "resources/js/modules/indexes/checkIndexName.ts", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "TypeScript", "file_component": "resources/js/modules", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "resources/js/modules/functions/mainMenuResizerCallback.ts", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "TypeScript", "file_component": "resources/js/modules", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "resources/js/modules/navigation/event-loader.ts", "features": [ 0, 68, 10, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "TypeScript", "file_component": "resources/js/modules", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "resources/js/modules/functions/refreshMainContent.ts", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "TypeScript", "file_component": "resources/js/modules", "is_test_file": false }, { "cveId": "CVE-2016-1927", "cvss": 7.5, "repo": "phpmyadmin/phpmyadmin", "file": "resources/js/modules/functions/isStorageSupported.ts", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "phpMyAdmin allows remote attackers to obtain sensitive information via a crafted request that triggers a BBCode injection.", "file_language": "TypeScript", "file_component": "resources/js/modules", "is_test_file": false }, { "cveId": "CVE-2016-2537", "cvss": 7.5, "repo": "mafintosh/is-my-json-valid", "file": "example.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "is-my-json-valid allows remote attackers to cause a denial of service via a crafted JSON schema that triggers catastrophic backtracking.", "file_language": "JavaScript", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2016-2537", "cvss": 7.5, "repo": "mafintosh/is-my-json-valid", "file": "formats.js", "features": [ 1, 8, 0, 60 ], "label": 0, "cve_description": "is-my-json-valid allows remote attackers to cause a denial of service via a crafted JSON schema that triggers catastrophic backtracking.", "file_language": "JavaScript", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2016-2537", "cvss": 7.5, "repo": "mafintosh/is-my-json-valid", "file": "require.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "is-my-json-valid allows remote attackers to cause a denial of service via a crafted JSON schema that triggers catastrophic backtracking.", "file_language": "JavaScript", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2016-2537", "cvss": 7.5, "repo": "mafintosh/is-my-json-valid", "file": "index.js", "features": [ 6, 67, 0, 100 ], "label": 0, "cve_description": "is-my-json-valid allows remote attackers to cause a denial of service via a crafted JSON schema that triggers catastrophic backtracking.", "file_language": "JavaScript", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2016-2537", "cvss": 7.5, "repo": "mafintosh/is-my-json-valid", "file": "index.d.ts", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "is-my-json-valid allows remote attackers to cause a denial of service via a crafted JSON schema that triggers catastrophic backtracking.", "file_language": "TypeScript", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2013-7448", "cvss": 7.5, "repo": "OpenedHand/didiwiki", "file": "src/http.h", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "Cross-site scripting (XSS) vulnerability in DidiWiki allows remote attackers to inject arbitrary web script or HTML via crafted wiki page content.", "file_language": "C/C++ Header", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2013-7448", "cvss": 7.5, "repo": "OpenedHand/didiwiki", "file": "src/util.c", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "Cross-site scripting (XSS) vulnerability in DidiWiki allows remote attackers to inject arbitrary web script or HTML via crafted wiki page content.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2013-7448", "cvss": 7.5, "repo": "OpenedHand/didiwiki", "file": "src/didi.h", "features": [ 0, 19, 0, 0 ], "label": 0, "cve_description": "Cross-site scripting (XSS) vulnerability in DidiWiki allows remote attackers to inject arbitrary web script or HTML via crafted wiki page content.", "file_language": "C/C++ Header", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2013-7448", "cvss": 7.5, "repo": "OpenedHand/didiwiki", "file": "src/util.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Cross-site scripting (XSS) vulnerability in DidiWiki allows remote attackers to inject arbitrary web script or HTML via crafted wiki page content.", "file_language": "C/C++ Header", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2013-7448", "cvss": 7.5, "repo": "OpenedHand/didiwiki", "file": "src/didi.c", "features": [ 0, 1, 10, 0 ], "label": 0, "cve_description": "Cross-site scripting (XSS) vulnerability in DidiWiki allows remote attackers to inject arbitrary web script or HTML via crafted wiki page content.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2013-7448", "cvss": 7.5, "repo": "OpenedHand/didiwiki", "file": "src/http.c", "features": [ 0, 30, 40, 0 ], "label": 0, "cve_description": "Cross-site scripting (XSS) vulnerability in DidiWiki allows remote attackers to inject arbitrary web script or HTML via crafted wiki page content.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2013-7448", "cvss": 7.5, "repo": "OpenedHand/didiwiki", "file": "src/wiki.c", "features": [ 0, 60, 60, 0 ], "label": 0, "cve_description": "Cross-site scripting (XSS) vulnerability in DidiWiki allows remote attackers to inject arbitrary web script or HTML via crafted wiki page content.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2013-7448", "cvss": 7.5, "repo": "OpenedHand/didiwiki", "file": "src/wiki.h", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Cross-site scripting (XSS) vulnerability in DidiWiki allows remote attackers to inject arbitrary web script or HTML via crafted wiki page content.", "file_language": "C/C++ Header", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2013-7448", "cvss": 7.5, "repo": "OpenedHand/didiwiki", "file": "website/favicon.h", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Cross-site scripting (XSS) vulnerability in DidiWiki allows remote attackers to inject arbitrary web script or HTML via crafted wiki page content.", "file_language": "C/C++ Header", "file_component": "website", "is_test_file": false }, { "cveId": "CVE-2013-7448", "cvss": 7.5, "repo": "OpenedHand/didiwiki", "file": "src/wikitext.h", "features": [ 0, 17, 10, 0 ], "label": 0, "cve_description": "Cross-site scripting (XSS) vulnerability in DidiWiki allows remote attackers to inject arbitrary web script or HTML via crafted wiki page content.", "file_language": "C/C++ Header", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "tool/lrama/lib/lrama/grammar/code/no_reference_code.rb", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "tool/lrama/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "tool/lrama/lib/lrama/grammar/code/initial_action_code.rb", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "tool/lrama/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "tool/lrama/lib/lrama/grammar/code/printer_code.rb", "features": [ 0, 7, 10, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "tool/lrama/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "tool/lrama/lib/lrama/grammar/code/destructor_code.rb", "features": [ 0, 7, 10, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "tool/lrama/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "tool/lrama/lib/lrama/grammar/parameterized/resolver.rb", "features": [ 0, 22, 0, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "tool/lrama/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "tool/lrama/lib/lrama/grammar/inline/resolver.rb", "features": [ 0, 14, 0, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "tool/lrama/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "tool/lrama/lib/lrama/grammar/code/rule_action.rb", "features": [ 0, 20, 10, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "tool/lrama/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "ext/json/lib/json/ext/generator/state.rb", "features": [ 0, 15, 0, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "ext/json/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "tool/lrama/lib/lrama/lexer/token/base.rb", "features": [ 0, 24, 0, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "tool/lrama/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "tool/lrama/lib/lrama/lexer/token/empty.rb", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "tool/lrama/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "tool/lrama/lib/lrama/grammar/parameterized/rule.rb", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "tool/lrama/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "tool/lrama/lib/lrama/grammar/parameterized/rhs.rb", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "tool/lrama/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "tool/lrama/lib/lrama/lexer/token/char.rb", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "tool/lrama/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "tool/lrama/lib/lrama/lexer/token/ident.rb", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "tool/lrama/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "tool/lrama/lib/lrama/grammar/symbols/resolver.rb", "features": [ 0, 100, 10, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "tool/lrama/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "tool/lrama/lib/lrama/lexer/token/instantiate_rule.rb", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "tool/lrama/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "tool/lrama/lib/lrama/lexer/token/int.rb", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "tool/lrama/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "tool/lrama/lib/lrama/lexer/token/tag.rb", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "tool/lrama/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "tool/lrama/lib/lrama/lexer/token/user_code.rb", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "tool/lrama/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "tool/lrama/lib/lrama/lexer/token/str.rb", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "tool/lrama/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "tool/lrama/lib/lrama/lexer/token/token.rb", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "tool/lrama/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "tool/lrama/lib/lrama/reporter/profile/call_stack.rb", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "tool/lrama/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "tool/lrama/lib/lrama/reporter/profile/memory.rb", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "tool/lrama/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "tool/lrama/lib/lrama/state/action/reduce.rb", "features": [ 0, 18, 10, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "tool/lrama/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "tool/lrama/lib/lrama/state/action/goto.rb", "features": [ 0, 4, 10, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "tool/lrama/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "tool/lrama/lib/lrama/state/action/shift.rb", "features": [ 0, 6, 10, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "tool/lrama/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "ext/io/console/lib/console/size.rb", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "ext/io/console", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "ext/json/lib/json/add/complex.rb", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "ext/json/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "ext/json/lib/json/add/bigdecimal.rb", "features": [ 0, 15, 0, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "ext/json/lib", "is_test_file": false }, { "cveId": "CVE-2015-7551", "cvss": 8.4, "repo": "ruby/ruby", "file": "ext/digest/sha2/lib/sha2/loader.rb", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "The Fiddle::Handle implementation in Ruby allows local users to gain privileges via a DLL Trojan horse attack.", "file_language": "Ruby", "file_component": "ext/digest/sha2", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/org/objectweb/asm/CurrentFrame.java", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/org/objectweb/asm/Edge.java", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/org/objectweb/asm/ByteVector.java", "features": [ 0, 18, 0, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/org/objectweb/asm/Constants.java", "features": [ 0, 9, 20, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/org/objectweb/asm/ClassVisitor.java", "features": [ 0, 12, 40, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/org/objectweb/asm/FieldVisitor.java", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/org/objectweb/asm/Attribute.java", "features": [ 0, 15, 0, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/org/objectweb/asm/FieldWriter.java", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/org/objectweb/asm/ClassWriter.java", "features": [ 0, 38, 100, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/org/objectweb/asm/Handler.java", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/org/objectweb/asm/Handle.java", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/org/objectweb/asm/Frame.java", "features": [ 0, 73, 0, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/org/objectweb/asm/MethodVisitor.java", "features": [ 0, 31, 10, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/org/objectweb/asm/Symbol.java", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/org/objectweb/asm/Label.java", "features": [ 0, 31, 40, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/org/objectweb/asm/Opcodes.java", "features": [ 0, 17, 0, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/org/objectweb/asm/TypePath.java", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/org/objectweb/asm/TypeReference.java", "features": [ 0, 22, 0, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/org/objectweb/asm/Type.java", "features": [ 0, 45, 0, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/classpath/BshClassLoader.java", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/org/objectweb/asm/MethodWriter.java", "features": [ 0, 100, 70, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "bsh-bsf-engine/src/main/java/bsh/util/BeanShellBSFEngine.java", "features": [ 0, 18, 50, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "bsh-bsf-engine/src/main", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/org/objectweb/asm/SymbolTable.java", "features": [ 0, 56, 10, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/classpath/BshClassPath.java", "features": [ 0, 49, 0, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/classpath/ClassPathListener.java", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/classpath/DiscreteFilesClassLoader.java", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/classpath/ClassManagerImpl.java", "features": [ 0, 32, 50, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/commands/dir.java", "features": [ 0, 7, 20, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/engine/BshScriptEngine.java", "features": [ 0, 33, 20, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2510", "cvss": 8.1, "repo": "beanshell/beanshell", "file": "src/main/java/bsh/engine/BshScriptEngineFactory.java", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "BeanShell allows remote attackers to execute arbitrary code via a crafted serialized object.", "file_language": "Java", "file_component": "src/main/java", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/admin/static/admin/js/cancel.js", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "JavaScript", "file_component": "django/contrib/admin", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/admin/static/admin/js/SelectBox.js", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "JavaScript", "file_component": "django/contrib/admin", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/admin/static/admin/js/SelectFilter2.js", "features": [ 0, 16, 0, 0 ], "label": 1, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "JavaScript", "file_component": "django/contrib/admin", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/admin/static/admin/js/autocomplete.js", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "JavaScript", "file_component": "django/contrib/admin", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/admin/static/admin/js/admin/RelatedObjectLookups.js", "features": [ 0, 39, 0, 0 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "JavaScript", "file_component": "django/contrib/admin", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/admin/static/admin/js/actions.js", "features": [ 0, 40, 0, 0 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "JavaScript", "file_component": "django/contrib/admin", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/admin/static/admin/js/calendar.js", "features": [ 1, 22, 0, 95 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "JavaScript", "file_component": "django/contrib/admin", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/admin/static/admin/js/admin/DateTimeShortcuts.js", "features": [ 0, 21, 0, 0 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "JavaScript", "file_component": "django/contrib/admin", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/admin/static/admin/js/filters.js", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "JavaScript", "file_component": "django/contrib/admin", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/admin/static/admin/js/core.js", "features": [ 1, 17, 0, 95 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "JavaScript", "file_component": "django/contrib/admin", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/admin/static/admin/js/change_form.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "JavaScript", "file_component": "django/contrib/admin", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/admin/static/admin/js/jquery.init.js", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "JavaScript", "file_component": "django/contrib/admin", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/admin/static/admin/js/nav_sidebar.js", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "JavaScript", "file_component": "django/contrib/admin", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/admin/static/admin/js/inlines.js", "features": [ 0, 18, 0, 0 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "JavaScript", "file_component": "django/contrib/admin", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/admin/static/admin/js/prepopulate.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "JavaScript", "file_component": "django/contrib/admin", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/admin/static/admin/js/popup_response.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "JavaScript", "file_component": "django/contrib/admin", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/admin/static/admin/js/prepopulate_init.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "JavaScript", "file_component": "django/contrib/admin", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/admin/static/admin/js/theme.js", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "JavaScript", "file_component": "django/contrib/admin", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/admin/static/admin/js/urlify.js", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "JavaScript", "file_component": "django/contrib/admin", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/gis/db/backends/base/operations.py", "features": [ 0, 53, 0, 0 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "Python", "file_component": "django/contrib/gis", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/gis/db/backends/base/features.py", "features": [ 0, 32, 0, 0 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "Python", "file_component": "django/contrib/gis", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/gis/db/backends/base/adapter.py", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "Python", "file_component": "django/contrib/gis", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/gis/db/backends/base/models.py", "features": [ 0, 39, 0, 0 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "Python", "file_component": "django/contrib/gis", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/gis/db/backends/mysql/features.py", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "Python", "file_component": "django/contrib/gis", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/gis/db/backends/mysql/base.py", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "Python", "file_component": "django/contrib/gis", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/gis/db/backends/mysql/operations.py", "features": [ 0, 34, 0, 0 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "Python", "file_component": "django/contrib/gis", "is_test_file": false }, { "cveId": "CVE-2016-2512", "cvss": 7.4, "repo": "django/django", "file": "django/contrib/gis/db/backends/mysql/schema.py", "features": [ 0, 19, 0, 0 ], "label": 0, "cve_description": "Django allows remote attackers to conduct open redirect attacks via a crafted URL in the auth views.", "file_language": "Python", "file_component": "django/contrib/gis", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "lib/plugins/acts_as_tree/lib/active_record/acts/tree.rb", "features": [ 0, 22, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "Ruby", "file_component": "lib/plugins/acts_as_tree", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-cs.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-bs.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-da.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-ca.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-bg.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-ar.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-az.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-de.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-en-gb.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-es-pa.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-en.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-es.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-eu.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-et.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-fa.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-fi.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-he.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-gl.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-fr.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-hr.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-hu.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-id.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-it.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-lv.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-ko.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-lt.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-mn.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-ja.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8474", "cvss": 7.4, "repo": "redmine/redmine", "file": "app/assets/javascripts/jstoolbar/lang/jstoolbar-mk.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Redmine allows remote authenticated users to obtain sensitive information via a crafted request.", "file_language": "JavaScript", "file_component": "app/assets/javascripts", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_channel/cmd_topic.cpp", "features": [ 1, 6, 0, 99 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_channel", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_channel/cmd_invite.cpp", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_channel", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_channel/cmd_kick.cpp", "features": [ 0, 7, 10, 0 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_channel", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_channel/core_channel.h", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C/C++ Header", "file_component": "src/coremods/core_channel", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_channel/cmode_k.cpp", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_channel", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_channel/cmd_names.cpp", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_channel", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_channel/cmd_join.cpp", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_channel", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_channel/core_channel.cpp", "features": [ 0, 21, 10, 0 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_channel", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_channel/extban.cpp", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_channel", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_channel/modes.cpp", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_channel", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_info/cmd_modules.cpp", "features": [ 3, 4, 0, 91 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_info", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_channel/invite.h", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C/C++ Header", "file_component": "src/coremods/core_channel", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_info/cmd_info.cpp", "features": [ 1, 5, 10, 84 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_info", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_channel/invite.cpp", "features": [ 0, 11, 50, 0 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_channel", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_info/cmd_commands.cpp", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_info", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_info/cmd_admin.cpp", "features": [ 1, 3, 0, 84 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_info", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_info/cmd_time.cpp", "features": [ 1, 2, 0, 84 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_info", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_info/cmd_motd.cpp", "features": [ 1, 4, 0, 84 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_info", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_info/cmd_servlist.cpp", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_info", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_info/core_info.h", "features": [ 2, 17, 0, 84 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C/C++ Header", "file_component": "src/coremods/core_info", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_info/isupport.cpp", "features": [ 0, 12, 20, 0 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_info", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_oper/cmd_die.cpp", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_oper", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_info/core_info.cpp", "features": [ 2, 13, 10, 84 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_info", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_info/cmd_version.cpp", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_info", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_oper/cmd_rehash.cpp", "features": [ 0, 5, 20, 0 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_oper", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_oper/cmd_oper.cpp", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_oper", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_oper/cmd_restart.cpp", "features": [ 0, 8, 20, 0 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_oper", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_oper/cmd_kill.cpp", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_oper", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_oper/core_oper.h", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C/C++ Header", "file_component": "src/coremods/core_oper", "is_test_file": false }, { "cveId": "CVE-2015-8702", "cvss": 8.6, "repo": "inspircd/inspircd", "file": "src/coremods/core_oper/core_oper.cpp", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "InspIRCd allows remote attackers to cause a denial of service via a crafted DNS response that triggers a buffer overflow.", "file_language": "C++", "file_component": "src/coremods/core_oper", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/arena_types.h", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/arena_inlines_a.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/arena_externs.h", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/assert.h", "features": [ 0, 13, 50, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/activity_callback.h", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/arena_stats.h", "features": [ 0, 12, 10, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/arena_structs.h", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/arena_inlines_b.h", "features": [ 0, 34, 70, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/atomic_gcc_sync.h", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/atomic.h", "features": [ 0, 15, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/atomic_msvc.h", "features": [ 0, 22, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/atomic_c11.h", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/background_thread_externs.h", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/atomic_gcc_atomic.h", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/background_thread_inlines.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/background_thread_structs.h", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/base.h", "features": [ 0, 14, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/bin.h", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/bin_types.h", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/bitmap.h", "features": [ 0, 40, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/bin_stats.h", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/bit_util.h", "features": [ 0, 39, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/bin_info.h", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/buf_writer.h", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/ckh.h", "features": [ 0, 21, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/cache_bin.h", "features": [ 0, 54, 10, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/decay.h", "features": [ 0, 13, 10, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/counter.h", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/div.h", "features": [ 0, 10, 20, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2015-8080", "cvss": 7.5, "repo": "antirez/redis", "file": "deps/jemalloc/include/jemalloc/internal/ctl.h", "features": [ 0, 24, 0, 0 ], "label": 0, "cve_description": "Integer overflow in the getnum function in Redis allows remote attackers to cause a denial of service via crafted input that triggers a stack-based buffer overflow.", "file_language": "C/C++ Header", "file_component": "deps/jemalloc/include", "is_test_file": false }, { "cveId": "CVE-2016-2515", "cvss": 7.5, "repo": "hueniverse/hawk", "file": "lib/index.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Hawk allows remote attackers to cause a denial of service via a long Authorization header that triggers a regular expression denial of service (ReDoS).", "file_language": "JavaScript", "file_component": "lib", "is_test_file": false }, { "cveId": "CVE-2016-2515", "cvss": 7.5, "repo": "hueniverse/hawk", "file": "lib/crypto.js", "features": [ 0, 20, 0, 0 ], "label": 0, "cve_description": "Hawk allows remote attackers to cause a denial of service via a long Authorization header that triggers a regular expression denial of service (ReDoS).", "file_language": "JavaScript", "file_component": "lib", "is_test_file": false }, { "cveId": "CVE-2016-2515", "cvss": 7.5, "repo": "hueniverse/hawk", "file": "lib/client.js", "features": [ 1, 27, 0, 4 ], "label": 0, "cve_description": "Hawk allows remote attackers to cause a denial of service via a long Authorization header that triggers a regular expression denial of service (ReDoS).", "file_language": "JavaScript", "file_component": "lib", "is_test_file": false }, { "cveId": "CVE-2016-2515", "cvss": 7.5, "repo": "hueniverse/hawk", "file": "lib/server.js", "features": [ 2, 47, 0, 6 ], "label": 0, "cve_description": "Hawk allows remote attackers to cause a denial of service via a long Authorization header that triggers a regular expression denial of service (ReDoS).", "file_language": "JavaScript", "file_component": "lib", "is_test_file": false }, { "cveId": "CVE-2016-2515", "cvss": 7.5, "repo": "hueniverse/hawk", "file": "lib/utils.js", "features": [ 2, 30, 0, 6 ], "label": 0, "cve_description": "Hawk allows remote attackers to cause a denial of service via a long Authorization header that triggers a regular expression denial of service (ReDoS).", "file_language": "JavaScript", "file_component": "lib", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/dot-relationships-property/dot-new-relationships/dot-new-relationships.component.ts", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/dot-relationships-property/model/dot-relationship-cardinality.model.ts", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/dot-relationships-property/services/validators/dot-relationship-validator.ts", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/dot-relationships-property/services/validators/no-whitespace-validator.ts", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/dot-relationships-property/dot-edit-relationship/dot-edit-relationships.component.ts", "features": [ 0, 15, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/dot-relationships-property/model/dot-relationship.model.ts", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/dot-relationships-property/dot-cardinality-selector/dot-cardinality-selector.component.ts", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/dot-relationships-property/model/dot-relationships-property-value.model.ts", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/libs/portlets/edit-ema/portlet/src/lib/edit-ema-editor/components/dot-uve-palette/components/dot-uve-style-editor-form/components/uve-style-editor-field-radio/uve-style-editor-field-radio.component.ts", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/libs/portlets", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/dot-relationships-property/services/dot-relationship.service.ts", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/libs/portlets/edit-ema/portlet/src/lib/edit-ema-editor/components/dot-uve-palette/components/dot-uve-style-editor-form/components/uve-style-editor-field-dropdown/uve-style-editor-field-dropdown.component.ts", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/libs/portlets", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/categories-property/categories-property.component.ts", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/libs/portlets/edit-ema/portlet/src/lib/edit-ema-editor/components/dot-uve-palette/components/dot-uve-style-editor-form/components/uve-style-editor-field-input/uve-style-editor-field-input.component.ts", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/libs/portlets", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/libs/portlets/edit-ema/portlet/src/lib/edit-ema-editor/components/dot-uve-palette/components/dot-uve-style-editor-form/components/uve-style-editor-field-checkbox-group/uve-style-editor-field-checkbox-group.component.ts", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/libs/portlets", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/categories-property/index.ts", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/dot-relationships-property/services/dot-edit-content-type-cache.service.ts", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/checkbox-property/checkbox-property.component.ts", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/data-type-property/index.ts", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/checkbox-property/index.ts", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/data-type-property/data-type-property.component.ts", "features": [ 0, 4, 10, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/default-value-property/default-value-property.component.ts", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/default-value-property/index.ts", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/dot-relationships-property/dot-relationships-property.component.ts", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/hint-property/hint-property.component.ts", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/dynamic-field-property-directive/dynamic-field-property.directive.ts", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/regex-check-property/regex-check-property.component.ts", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/hint-property/index.ts", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/name-property/index.ts", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/name-property/name-property.component.ts", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2016-4040", "cvss": 7.2, "repo": "dotCMS/core", "file": "core-web/apps/dotcms-ui/src/app/portlets/shared/dot-content-types-edit/components/fields/content-type-fields-properties-form/field-properties/regex-check-property/index.ts", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "dotCMS allows remote authenticated users to execute arbitrary SQL via crafted parameters in content search.", "file_language": "TypeScript", "file_component": "core-web/apps/dotcms-ui", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta3/go/src/xdelta/run.go", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "Go", "file_component": "xdelta3/go/src", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta1/libedsio/default.c", "features": [ 0, 25, 0, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C", "file_component": "xdelta1/libedsio", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta3/go/src/xdelta/rstream.go", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "Go", "file_component": "xdelta3/go/src", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta3/go/src/xdelta/tgroup.go", "features": [ 0, 21, 0, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "Go", "file_component": "xdelta3/go/src", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta1/libedsio/fh.c", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C", "file_component": "xdelta1/libedsio", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta1/libedsio/edsio.h", "features": [ 0, 99, 20, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C/C++ Header", "file_component": "xdelta1/libedsio", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta1/libedsio/base64.c", "features": [ 0, 30, 0, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C", "file_component": "xdelta1/libedsio", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta1/libedsio/edsio.c", "features": [ 0, 100, 60, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C", "file_component": "xdelta1/libedsio", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta1/libedsio/generic.c", "features": [ 0, 31, 0, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C", "file_component": "xdelta1/libedsio", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta1/libedsio/library.c", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C", "file_component": "xdelta1/libedsio", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta1/libedsio/maketime.h", "features": [ 0, 2, 10, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C/C++ Header", "file_component": "xdelta1/libedsio", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta1/libedsio/md5c.c", "features": [ 0, 15, 0, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C", "file_component": "xdelta1/libedsio", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta1/libedsio/partime.c", "features": [ 0, 47, 20, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C", "file_component": "xdelta1/libedsio", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta1/libedsio/maketime.c", "features": [ 0, 28, 20, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C", "file_component": "xdelta1/libedsio", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta1/libedsio/partime.h", "features": [ 0, 3, 10, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C/C++ Header", "file_component": "xdelta1/libedsio", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta1/libedsio/sha.c", "features": [ 0, 24, 0, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C", "file_component": "xdelta1/libedsio", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta1/libedsio/simple.c", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C", "file_component": "xdelta1/libedsio", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta3/cpp-btree/btree_container.h", "features": [ 0, 100, 0, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C/C++ Header", "file_component": "xdelta3/cpp-btree", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta3/cpp-btree/btree_map.h", "features": [ 0, 37, 0, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C/C++ Header", "file_component": "xdelta3/cpp-btree", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta3/cpp-btree/btree_set.h", "features": [ 0, 32, 0, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C/C++ Header", "file_component": "xdelta3/cpp-btree", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta3/cpp-btree/safe_btree_map.h", "features": [ 0, 19, 0, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C/C++ Header", "file_component": "xdelta3/cpp-btree", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta3/cpp-btree/btree.h", "features": [ 0, 100, 40, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C/C++ Header", "file_component": "xdelta3/cpp-btree", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta3/cpp-btree/safe_btree.h", "features": [ 0, 88, 0, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C/C++ Header", "file_component": "xdelta3/cpp-btree", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta3/cpp-btree/safe_btree_set.h", "features": [ 0, 18, 0, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C/C++ Header", "file_component": "xdelta3/cpp-btree", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta1/getopt.c", "features": [ 0, 56, 10, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C", "file_component": "xdelta1", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta1/getopt.h", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C/C++ Header", "file_component": "xdelta1", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta1/xdapply.c", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C", "file_component": "xdelta1", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta1/xdelta.h", "features": [ 0, 36, 0, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C/C++ Header", "file_component": "xdelta1", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta1/getopt1.c", "features": [ 0, 21, 0, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C", "file_component": "xdelta1", "is_test_file": false }, { "cveId": "CVE-2014-9765", "cvss": 8.8, "repo": "jmacd/xdelta-devel", "file": "xdelta1/xdelta.c", "features": [ 0, 100, 100, 0 ], "label": 0, "cve_description": "Buffer overflow in xdelta3 allows remote attackers to execute arbitrary code via crafted input to the decode function.", "file_language": "C", "file_component": "xdelta1", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/features/window-customization/custom-title-bar/starter-code/main.js", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/features", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/features/window-customization/custom-title-bar/custom-drag-region/main.js", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/features", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/features/window-customization/custom-title-bar/remove-title-bar/main.js", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/features", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/features/keyboard-shortcuts/interception-from-main/main.js", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/features", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/features/window-customization/custom-title-bar/native-window-controls/main.js", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/features", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/features/window-customization/custom-window-styles/transparent-windows/main.js", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/features", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/features/window-customization/custom-window-styles/frameless-windows/main.js", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/features", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/features/window-customization/custom-title-bar/custom-title-bar/main.js", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/features", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/media/screenshot/take-screenshot/preload.js", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/media", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/features/keyboard-shortcuts/web-apis/main.js", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/features", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/features/notifications/renderer/main.js", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/features", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/media/screenshot/take-screenshot/main.js", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/media", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/features/notifications/main/main.js", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/features", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/features/notifications/renderer/renderer.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/features", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/features/keyboard-shortcuts/web-apis/renderer.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/features", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/media/screenshot/take-screenshot/renderer.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/media", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/menus/context-menu/dom/main.js", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/menus", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/native-ui/dialogs/error-dialog/main.js", "features": [ 0, 29, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/native-ui", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/menus/context-menu/web-contents/main.js", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/menus", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/native-ui/dialogs/error-dialog/renderer.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/native-ui", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/native-ui/dialogs/error-dialog/preload.js", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/native-ui", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/native-ui/dialogs/information-dialog/main.js", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/native-ui", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/native-ui/dialogs/information-dialog/preload.js", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/native-ui", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/menus/context-menu/dom/preload.js", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/menus", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/native-ui/dialogs/information-dialog/renderer.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/native-ui", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/native-ui/dialogs/open-file-or-directory/preload.js", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/native-ui", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/native-ui/dialogs/open-file-or-directory/main.js", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/native-ui", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/native-ui/dialogs/open-file-or-directory/renderer.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/native-ui", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/native-ui/dialogs/save-dialog/preload.js", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/native-ui", "is_test_file": false }, { "cveId": "CVE-2016-1202", "cvss": 7.8, "repo": "electron/electron", "file": "docs/fiddles/native-ui/dialogs/save-dialog/main.js", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "Electron allows remote attackers to read arbitrary files via a symlink attack in the downloaded content.", "file_language": "JavaScript", "file_component": "docs/fiddles/native-ui", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "pkgs/applications/editors/emacs/elisp-packages/manual-packages/tree-sitter-langs/update-defaults.py", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "pkgs/applications/editors", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "pkgs/by-name/ni/nixpkgs-openjdk-updater/nixpkgs-openjdk-updater/src/nixpkgs_openjdk_updater/__init__.py", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "pkgs/by-name/ni", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "pkgs/applications/editors/vim/plugins/utils/nvim-treesitter/update.py", "features": [ 0, 27, 0, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "pkgs/applications/editors", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "nixos/modules/virtualisation/nspawn-container/run-nspawn/src/run_nspawn/__init__.py", "features": [ 0, 30, 0, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "nixos/modules/virtualisation", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "nixos/modules/system/boot/loader/refind/refind-install.py", "features": [ 0, 63, 0, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "nixos/modules/system", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "nixos/modules/system/boot/loader/limine/limine-install.py", "features": [ 0, 82, 20, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "nixos/modules/system", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "pkgs/development/python-modules/nixpkgs-plugin-update/nixpkgs-plugin-update/src/nixpkgs_plugin_update/__init__.py", "features": [ 0, 100, 100, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "pkgs/development/python-modules", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "pkgs/applications/editors/emacs/macport-noescape-noop/CoreFoundation/CFBase.h", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "C/C++ Header", "file_component": "pkgs/applications/editors", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "pkgs/by-name/ca/calamares-nixos-extensions/src/modules/nixos/main.py", "features": [ 0, 62, 20, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "pkgs/by-name/ca", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "pkgs/applications/editors/jetbrains/updater/jetbrains_nix_updater/config.py", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "pkgs/applications/editors", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "pkgs/applications/editors/jetbrains/updater/jetbrains_nix_updater/fetcher.py", "features": [ 0, 21, 0, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "pkgs/applications/editors", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "pkgs/applications/editors/jetbrains/updater/jetbrains_nix_updater/ides.py", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "pkgs/applications/editors", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "pkgs/applications/editors/jetbrains/updater/jetbrains_nix_updater/update_bin.py", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "pkgs/applications/editors", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "pkgs/applications/editors/jetbrains/updater/jetbrains_nix_updater/util.py", "features": [ 0, 14, 30, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "pkgs/applications/editors", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "pkgs/applications/editors/jetbrains/updater/jetbrains_nix_updater/update_src_maven.py", "features": [ 0, 14, 0, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "pkgs/applications/editors", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "pkgs/applications/editors/vim/plugins/utils/update.py", "features": [ 0, 19, 70, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "pkgs/applications/editors", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "pkgs/by-name/fl/flatten-references-graph/src/flatten_references_graph/__main__.py", "features": [ 0, 6, 60, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "pkgs/by-name/fl", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "pkgs/by-name/fl/flatten-references-graph/src/flatten_references_graph/flatten_references_graph.py", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "pkgs/by-name/fl", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "pkgs/by-name/fl/flatten-references-graph/src/flatten_references_graph/subcomponent.py", "features": [ 0, 7, 90, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "pkgs/by-name/fl", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "pkgs/by-name/fl/flatten-references-graph/src/flatten_references_graph/pipe.py", "features": [ 0, 10, 70, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "pkgs/by-name/fl", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "pkgs/by-name/fl/flatten-references-graph/src/flatten_references_graph/split_paths.py", "features": [ 0, 27, 100, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "pkgs/by-name/fl", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "pkgs/by-name/fl/flatten-references-graph/src/flatten_references_graph/lib.py", "features": [ 0, 79, 100, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "pkgs/by-name/fl", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "pkgs/by-name/ni/nixos-render-docs-redirects/src/nixos_render_docs_redirects/__init__.py", "features": [ 0, 25, 0, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "pkgs/by-name/ni", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "pkgs/applications/editors/jetbrains/updater/jetbrains_nix_updater/update_src.py", "features": [ 0, 29, 0, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "pkgs/applications/editors", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "pkgs/by-name/ni/nixos-render-docs/src/nixos_render_docs/__init__.py", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "pkgs/by-name/ni", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "pkgs/by-name/ni/nixos-render-docs/src/nixos_render_docs/asciidoc.py", "features": [ 0, 100, 0, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "pkgs/by-name/ni", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "pkgs/by-name/ni/nixos-render-docs/src/nixos_render_docs/html.py", "features": [ 0, 100, 0, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "pkgs/by-name/ni", "is_test_file": false }, { "cveId": "CVE-2016-4074", "cvss": 7.5, "repo": "NixOS/nixpkgs", "file": "pkgs/by-name/ni/nixos-render-docs/src/nixos_render_docs/commonmark.py", "features": [ 0, 100, 0, 0 ], "label": 0, "cve_description": "jq allows remote attackers to cause a denial of service via a crafted JSON input that triggers excessive stack consumption.", "file_language": "Python", "file_component": "pkgs/by-name/ni", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "contrib/android/include/Bcrypt.h", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C/C++ Header", "file_component": "contrib/android/include", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "contrib/android/include/android_lf.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C/C++ Header", "file_component": "contrib/android/include", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "contrib/android/config/linux_host.h", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C/C++ Header", "file_component": "contrib/android/config", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "contrib/shar/shar.c", "features": [ 0, 20, 0, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C", "file_component": "contrib/shar", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "contrib/android/config/android.h", "features": [ 0, 14, 0, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C/C++ Header", "file_component": "contrib/android/config", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "contrib/android/include/Windows.h", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C/C++ Header", "file_component": "contrib/android/include", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "contrib/android/config/windows_host.h", "features": [ 0, 100, 40, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C/C++ Header", "file_component": "contrib/android/config", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "contrib/oss-fuzz/fuzz_helpers.h", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C/C++ Header", "file_component": "contrib/oss-fuzz", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "contrib/shar/tree.h", "features": [ 0, 6, 10, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C/C++ Header", "file_component": "contrib/shar", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "examples/minitar/minitar.c", "features": [ 0, 100, 0, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C", "file_component": "examples/minitar", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "cat/bsdcat.c", "features": [ 0, 16, 0, 0 ], "label": 1, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C", "file_component": "cat", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "cat/bsdcat.h", "features": [ 0, 4, 0, 0 ], "label": 1, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C/C++ Header", "file_component": "cat", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "cat/cmdline.c", "features": [ 0, 20, 30, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C", "file_component": "cat", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "cat/bsdcat_platform.h", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C/C++ Header", "file_component": "cat", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "contrib/shar/tree.c", "features": [ 0, 43, 10, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C", "file_component": "contrib/shar", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "contrib/shar/tree_config.h", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C/C++ Header", "file_component": "contrib/shar", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "contrib/untar.c", "features": [ 0, 14, 0, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C", "file_component": "contrib", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "cpio/cmdline.c", "features": [ 0, 32, 30, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C", "file_component": "cpio", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "cpio/cpio.c", "features": [ 0, 100, 20, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C", "file_component": "cpio", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "cpio/cpio.h", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C/C++ Header", "file_component": "cpio", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "cpio/cpio_platform.h", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C/C++ Header", "file_component": "cpio", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "cpio/cpio_windows.h", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C/C++ Header", "file_component": "cpio", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "examples/tarfilter.c", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C", "file_component": "examples", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "cpio/cpio_windows.c", "features": [ 0, 21, 0, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C", "file_component": "cpio", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "examples/untar.c", "features": [ 3, 13, 0, 90 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C", "file_component": "examples", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "cpio/config_freebsd.h", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C/C++ Header", "file_component": "cpio", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "libarchive/archive_acl_private.h", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C/C++ Header", "file_component": "libarchive", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "libarchive/archive.h", "features": [ 4, 100, 100, 93 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C/C++ Header", "file_component": "libarchive", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "libarchive/archive_acl.c", "features": [ 0, 100, 70, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C", "file_component": "libarchive", "is_test_file": false }, { "cveId": "CVE-2016-1541", "cvss": 8.8, "repo": "libarchive/libarchive", "file": "libarchive/archive_blake2.h", "features": [ 0, 30, 0, 0 ], "label": 0, "cve_description": "libarchive before 3.2.0 allows remote attackers to execute arbitrary code via a crafted ZIP archive with an invalid entry size.", "file_language": "C/C++ Header", "file_component": "libarchive", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream/src/java/com/thoughtworks/xstream/io/xml/xppdom/XppDom.java", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream-hibernate/src/java/com/thoughtworks/xstream/hibernate/converter/HibernatePersistentSortedSetConverter.java", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream-hibernate/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream/src/java/com/thoughtworks/xstream/io/xml/xppdom/XppDomComparator.java", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream-hibernate/src/java/com/thoughtworks/xstream/hibernate/converter/HibernatePersistentSortedMapConverter.java", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream-hibernate/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream-hibernate/src/java/com/thoughtworks/xstream/hibernate/converter/HibernatePersistentCollectionConverter.java", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream-hibernate/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream/src/java/com/thoughtworks/xstream/io/xml/xppdom/Xpp3Dom.java", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream-hibernate/src/java/com/thoughtworks/xstream/hibernate/converter/HibernatePersistentMapConverter.java", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream-hibernate/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream-hibernate/src/java/com/thoughtworks/xstream/hibernate/converter/HibernateProxyConverter.java", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream-hibernate/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream-hibernate/src/java/com/thoughtworks/xstream/hibernate/mapper/HibernateMapper.java", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream-hibernate/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream/src/java/com/thoughtworks/xstream/io/xml/xppdom/XppFactory.java", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream-hibernate/src/java/com/thoughtworks/xstream/hibernate/util/Hibernate.java", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream-hibernate/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream-jmh/src/java/com/thoughtworks/xstream/benchmark/jmh/ConverterTypeBenchmark.java", "features": [ 0, 15, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream-jmh/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream-jmh/src/java/com/thoughtworks/xstream/benchmark/jmh/Base64Benchmark.java", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream-jmh/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream-jmh/src/java/com/thoughtworks/xstream/benchmark/jmh/ParserBenchmark.java", "features": [ 0, 20, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream-jmh/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream-jmh/src/java/com/thoughtworks/xstream/benchmark/jmh/NameCoderBenchmark.java", "features": [ 0, 18, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream-jmh/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream-jmh/src/java/com/thoughtworks/xstream/benchmark/jmh/StringConverterBenchmark.java", "features": [ 0, 17, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream-jmh/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream/src/java/com/thoughtworks/xstream/converters/basic/AbstractSingleValueConverter.java", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream/src/java/com/thoughtworks/xstream/converters/basic/BigIntegerConverter.java", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream/src/java/com/thoughtworks/xstream/converters/basic/BigDecimalConverter.java", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream/src/java/com/thoughtworks/xstream/converters/basic/ByteConverter.java", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream/src/java/com/thoughtworks/xstream/converters/basic/BooleanConverter.java", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream/src/java/com/thoughtworks/xstream/converters/basic/CharConverter.java", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream/src/java/com/thoughtworks/xstream/converters/basic/DoubleConverter.java", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream/src/java/com/thoughtworks/xstream/converters/basic/FloatConverter.java", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream/src/java/com/thoughtworks/xstream/converters/basic/IntConverter.java", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream/src/java/com/thoughtworks/xstream/converters/basic/NullConverter.java", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream/src/java/com/thoughtworks/xstream/converters/basic/ShortConverter.java", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream/src/java/com/thoughtworks/xstream/converters/basic/LongConverter.java", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream/src/java/com/thoughtworks/xstream/converters/basic/DateConverter.java", "features": [ 1, 13, 10, 8 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream/src/java", "is_test_file": false }, { "cveId": "CVE-2016-3674", "cvss": 7.5, "repo": "x-stream/xstream", "file": "xstream/src/java/com/thoughtworks/xstream/converters/basic/StringBufferConverter.java", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "XStream allows remote attackers to read arbitrary files or conduct SSRF attacks via crafted XML with external entity references.", "file_language": "Java", "file_component": "xstream/src/java", "is_test_file": false }, { "cveId": "CVE-2016-4425", "cvss": 6.5, "repo": "akheron/jansson", "file": "examples/simple_parse.c", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "Jansson allows remote attackers to cause a denial of service via a crafted JSON file that triggers an out-of-bounds read.", "file_language": "C", "file_component": "examples", "is_test_file": false }, { "cveId": "CVE-2016-4425", "cvss": 6.5, "repo": "akheron/jansson", "file": "doc/conf.py", "features": [ 0, 13, 10, 0 ], "label": 0, "cve_description": "Jansson allows remote attackers to cause a denial of service via a crafted JSON file that triggers an out-of-bounds read.", "file_language": "Python", "file_component": "doc", "is_test_file": false }, { "cveId": "CVE-2016-4425", "cvss": 6.5, "repo": "akheron/jansson", "file": "doc/ext/refcounting.py", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "Jansson allows remote attackers to cause a denial of service via a crafted JSON file that triggers an out-of-bounds read.", "file_language": "Python", "file_component": "doc/ext", "is_test_file": false }, { "cveId": "CVE-2016-4425", "cvss": 6.5, "repo": "akheron/jansson", "file": "src/error.c", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Jansson allows remote attackers to cause a denial of service via a crafted JSON file that triggers an out-of-bounds read.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4425", "cvss": 6.5, "repo": "akheron/jansson", "file": "doc/github_commits.c", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "Jansson allows remote attackers to cause a denial of service via a crafted JSON file that triggers an out-of-bounds read.", "file_language": "C", "file_component": "doc", "is_test_file": false }, { "cveId": "CVE-2016-4425", "cvss": 6.5, "repo": "akheron/jansson", "file": "src/dump.c", "features": [ 0, 31, 0, 0 ], "label": 0, "cve_description": "Jansson allows remote attackers to cause a denial of service via a crafted JSON file that triggers an out-of-bounds read.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4425", "cvss": 6.5, "repo": "akheron/jansson", "file": "android/jansson_config.h", "features": [ 2, 6, 0, 85 ], "label": 0, "cve_description": "Jansson allows remote attackers to cause a denial of service via a crafted JSON file that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "android", "is_test_file": false }, { "cveId": "CVE-2016-4425", "cvss": 6.5, "repo": "akheron/jansson", "file": "src/hashtable.c", "features": [ 0, 31, 0, 0 ], "label": 0, "cve_description": "Jansson allows remote attackers to cause a denial of service via a crafted JSON file that triggers an out-of-bounds read.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4425", "cvss": 6.5, "repo": "akheron/jansson", "file": "src/dtoa.c", "features": [ 0, 100, 100, 0 ], "label": 0, "cve_description": "Jansson allows remote attackers to cause a denial of service via a crafted JSON file that triggers an out-of-bounds read.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4425", "cvss": 6.5, "repo": "akheron/jansson", "file": "src/jansson.h", "features": [ 0, 51, 0, 0 ], "label": 0, "cve_description": "Jansson allows remote attackers to cause a denial of service via a crafted JSON file that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4425", "cvss": 6.5, "repo": "akheron/jansson", "file": "src/hashtable_seed.c", "features": [ 0, 42, 0, 0 ], "label": 0, "cve_description": "Jansson allows remote attackers to cause a denial of service via a crafted JSON file that triggers an out-of-bounds read.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4425", "cvss": 6.5, "repo": "akheron/jansson", "file": "src/jansson_private.h", "features": [ 0, 24, 0, 0 ], "label": 0, "cve_description": "Jansson allows remote attackers to cause a denial of service via a crafted JSON file that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4425", "cvss": 6.5, "repo": "akheron/jansson", "file": "src/hashtable.h", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "Jansson allows remote attackers to cause a denial of service via a crafted JSON file that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4425", "cvss": 6.5, "repo": "akheron/jansson", "file": "src/load.c", "features": [ 2, 89, 50, 85 ], "label": 0, "cve_description": "Jansson allows remote attackers to cause a denial of service via a crafted JSON file that triggers an out-of-bounds read.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4425", "cvss": 6.5, "repo": "akheron/jansson", "file": "src/strbuffer.h", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Jansson allows remote attackers to cause a denial of service via a crafted JSON file that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4425", "cvss": 6.5, "repo": "akheron/jansson", "file": "src/strbuffer.c", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "Jansson allows remote attackers to cause a denial of service via a crafted JSON file that triggers an out-of-bounds read.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4425", "cvss": 6.5, "repo": "akheron/jansson", "file": "src/strconv.c", "features": [ 1, 14, 0, 100 ], "label": 0, "cve_description": "Jansson allows remote attackers to cause a denial of service via a crafted JSON file that triggers an out-of-bounds read.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4425", "cvss": 6.5, "repo": "akheron/jansson", "file": "src/memory.c", "features": [ 0, 23, 0, 0 ], "label": 0, "cve_description": "Jansson allows remote attackers to cause a denial of service via a crafted JSON file that triggers an out-of-bounds read.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4425", "cvss": 6.5, "repo": "akheron/jansson", "file": "src/lookup3.h", "features": [ 0, 33, 0, 0 ], "label": 0, "cve_description": "Jansson allows remote attackers to cause a denial of service via a crafted JSON file that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4425", "cvss": 6.5, "repo": "akheron/jansson", "file": "src/utf.c", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "Jansson allows remote attackers to cause a denial of service via a crafted JSON file that triggers an out-of-bounds read.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4425", "cvss": 6.5, "repo": "akheron/jansson", "file": "src/pack_unpack.c", "features": [ 3, 51, 0, 9 ], "label": 0, "cve_description": "Jansson allows remote attackers to cause a denial of service via a crafted JSON file that triggers an out-of-bounds read.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4425", "cvss": 6.5, "repo": "akheron/jansson", "file": "src/utf.h", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "Jansson allows remote attackers to cause a denial of service via a crafted JSON file that triggers an out-of-bounds read.", "file_language": "C/C++ Header", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4425", "cvss": 6.5, "repo": "akheron/jansson", "file": "src/version.c", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Jansson allows remote attackers to cause a denial of service via a crafted JSON file that triggers an out-of-bounds read.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4425", "cvss": 6.5, "repo": "akheron/jansson", "file": "src/value.c", "features": [ 0, 67, 0, 0 ], "label": 0, "cve_description": "Jansson allows remote attackers to cause a denial of service via a crafted JSON file that triggers an out-of-bounds read.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "python/file_magic/__init__.py", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "Python", "file_component": "python/file_magic", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "python/threads.py", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "Python", "file_component": "python", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "python/example.py", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "Python", "file_component": "python", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "python/setup.py", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "Python", "file_component": "python", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "fuzz/magic_fuzzer.c", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "C", "file_component": "fuzz", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "python/magic.py", "features": [ 0, 68, 20, 0 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "Python", "file_component": "python", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "src/buffer.c", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "src/asctime_r.c", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "src/asprintf.c", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "src/cdf.c", "features": [ 4, 100, 100, 85 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "src/apptype.c", "features": [ 0, 18, 10, 0 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "src/ascmagic.c", "features": [ 2, 24, 0, 82 ], "label": 1, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "src/apprentice.c", "features": [ 2, 100, 100, 97 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "src/cdf.h", "features": [ 2, 58, 10, 69 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "C/C++ Header", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "src/ctime_r.c", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "src/cdf_time.c", "features": [ 0, 28, 10, 0 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "src/der.c", "features": [ 2, 39, 70, 68 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "src/der.h", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "C/C++ Header", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "src/dprintf.c", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "src/elfclass.h", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "C/C++ Header", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "src/compress.c", "features": [ 5, 100, 100, 93 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "src/file_opts.h", "features": [ 0, 7, 30, 0 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "C/C++ Header", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "src/fmtcheck.c", "features": [ 0, 21, 0, 0 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "src/fsmagic.c", "features": [ 0, 86, 10, 0 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "src/file.h", "features": [ 1, 100, 100, 45 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "C/C++ Header", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "src/getline.c", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "src/funcs.c", "features": [ 0, 91, 100, 0 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "src/getopt_long.c", "features": [ 0, 43, 90, 0 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "src/encoding.c", "features": [ 0, 49, 100, 0 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8865", "cvss": 7.3, "repo": "file/file", "file": "src/file.c", "features": [ 2, 93, 40, 97 ], "label": 0, "cve_description": "The file utility before 5.26 allows remote attackers to cause a denial of service via a crafted ELF file with an invalid e_entry value.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-3693", "cvss": 8.1, "repo": "svenfuchs/safemode", "file": "lib/action_view/template_handlers/safemode_handler.rb", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "Safemode allows remote attackers to bypass the sandbox via a crafted Ruby expression.", "file_language": "Ruby", "file_component": "lib/action_view/template_handlers", "is_test_file": false }, { "cveId": "CVE-2016-3693", "cvss": 8.1, "repo": "svenfuchs/safemode", "file": "lib/action_view/template_handlers/safe_erb.rb", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Safemode allows remote attackers to bypass the sandbox via a crafted Ruby expression.", "file_language": "Ruby", "file_component": "lib/action_view/template_handlers", "is_test_file": false }, { "cveId": "CVE-2016-3693", "cvss": 8.1, "repo": "svenfuchs/safemode", "file": "lib/haml/safemode.rb", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Safemode allows remote attackers to bypass the sandbox via a crafted Ruby expression.", "file_language": "Ruby", "file_component": "lib/haml", "is_test_file": false }, { "cveId": "CVE-2016-3693", "cvss": 8.1, "repo": "svenfuchs/safemode", "file": "lib/safemode/blankslate.rb", "features": [ 1, 21, 0, 60 ], "label": 0, "cve_description": "Safemode allows remote attackers to bypass the sandbox via a crafted Ruby expression.", "file_language": "Ruby", "file_component": "lib/safemode", "is_test_file": false }, { "cveId": "CVE-2016-3693", "cvss": 8.1, "repo": "svenfuchs/safemode", "file": "lib/action_view/template_handlers/safe_haml.rb", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Safemode allows remote attackers to bypass the sandbox via a crafted Ruby expression.", "file_language": "Ruby", "file_component": "lib/action_view/template_handlers", "is_test_file": false }, { "cveId": "CVE-2016-3693", "cvss": 8.1, "repo": "svenfuchs/safemode", "file": "lib/safemode/core_jails.rb", "features": [ 0, 17, 0, 0 ], "label": 0, "cve_description": "Safemode allows remote attackers to bypass the sandbox via a crafted Ruby expression.", "file_language": "Ruby", "file_component": "lib/safemode", "is_test_file": false }, { "cveId": "CVE-2016-3693", "cvss": 8.1, "repo": "svenfuchs/safemode", "file": "lib/safemode/exceptions.rb", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Safemode allows remote attackers to bypass the sandbox via a crafted Ruby expression.", "file_language": "Ruby", "file_component": "lib/safemode", "is_test_file": false }, { "cveId": "CVE-2016-3693", "cvss": 8.1, "repo": "svenfuchs/safemode", "file": "lib/safemode/core_ext.rb", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "Safemode allows remote attackers to bypass the sandbox via a crafted Ruby expression.", "file_language": "Ruby", "file_component": "lib/safemode", "is_test_file": false }, { "cveId": "CVE-2016-3693", "cvss": 8.1, "repo": "svenfuchs/safemode", "file": "lib/safemode/scope.rb", "features": [ 0, 25, 0, 0 ], "label": 0, "cve_description": "Safemode allows remote attackers to bypass the sandbox via a crafted Ruby expression.", "file_language": "Ruby", "file_component": "lib/safemode", "is_test_file": false }, { "cveId": "CVE-2016-3693", "cvss": 8.1, "repo": "svenfuchs/safemode", "file": "demo.rb", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Safemode allows remote attackers to bypass the sandbox via a crafted Ruby expression.", "file_language": "Ruby", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2016-3693", "cvss": 8.1, "repo": "svenfuchs/safemode", "file": "lib/safemode/jail.rb", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "Safemode allows remote attackers to bypass the sandbox via a crafted Ruby expression.", "file_language": "Ruby", "file_component": "lib/safemode", "is_test_file": false }, { "cveId": "CVE-2016-3693", "cvss": 8.1, "repo": "svenfuchs/safemode", "file": "lib/safemode.rb", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "Safemode allows remote attackers to bypass the sandbox via a crafted Ruby expression.", "file_language": "Ruby", "file_component": "lib", "is_test_file": false }, { "cveId": "CVE-2016-3693", "cvss": 8.1, "repo": "svenfuchs/safemode", "file": "lib/safemode/parser.rb", "features": [ 0, 41, 10, 0 ], "label": 0, "cve_description": "Safemode allows remote attackers to bypass the sandbox via a crafted Ruby expression.", "file_language": "Ruby", "file_component": "lib/safemode", "is_test_file": false }, { "cveId": "CVE-2016-3693", "cvss": 8.1, "repo": "svenfuchs/safemode", "file": "init.rb", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "Safemode allows remote attackers to bypass the sandbox via a crafted Ruby expression.", "file_language": "Ruby", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "lib/proxy/log_buffer/buffer.rb", "features": [ 1, 32, 20, 92 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "lib/proxy/log_buffer", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "lib/proxy/log_buffer/trace_decorator.rb", "features": [ 0, 18, 10, 0 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "lib/proxy/log_buffer", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "lib/proxy/log_buffer/decorator.rb", "features": [ 2, 34, 30, 21 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "lib/proxy/log_buffer", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "modules/bmc/redfish/dell.rb", "features": [ 0, 5, 10, 0 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "modules/bmc/redfish", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "lib/proxy/settings/global.rb", "features": [ 4, 7, 0, 90 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "lib/proxy/settings", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "lib/proxy/settings/plugin.rb", "features": [ 1, 7, 0, 49 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "lib/proxy/settings", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "lib/proxy/log_buffer/ring_buffer.rb", "features": [ 0, 19, 0, 0 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "lib/proxy/log_buffer", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "modules/bmc/redfish/hpe.rb", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "modules/bmc/redfish", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "modules/dhcp_common/isc/subnet_service_initialization.rb", "features": [ 0, 33, 10, 0 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "modules/dhcp_common/isc", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "modules/dhcp_common/record/deleted_reservation.rb", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "modules/dhcp_common/record", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "modules/dhcp_common/record/reservation.rb", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "modules/dhcp_common/record", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "modules/dhcp_common/record/lease.rb", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "modules/dhcp_common/record", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "extra/migrations/20150327000000_migrate_monolithic_config.rb", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "extra/migrations", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "extra/migrations/20150611000000_migrate_dns_settings.rb", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "extra/migrations", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "modules/dhcp_common/isc/configuration_parser.rb", "features": [ 0, 100, 0, 0 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "modules/dhcp_common/isc", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "modules/dhcp_common/isc/omapi_provider.rb", "features": [ 0, 47, 80, 0 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "modules/dhcp_common/isc", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "extra/migrations/20160411000000_migrate_libvirt_settings.rb", "features": [ 2, 17, 0, 77 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "extra/migrations", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "extra/migrations/20161209000000_migrate_realm_settings.rb", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "extra/migrations", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "extra/migrations/20150826000000_migrate_dhcp_settings.rb", "features": [ 1, 13, 0, 59 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "extra/migrations", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "extra/migrations/20170523000000_migrate_autosign_setting.rb", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "extra/migrations", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "extra/migrations/20160413000000_migrate_puppet_settings.rb", "features": [ 1, 14, 0, 59 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "extra/migrations", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "extra/migrations/2018062000000_migrate_puppetca_settings.rb", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "extra/migrations", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "extra/migrations/20181016000000_migrate_puppetca_puppet_cert_settings.rb", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "extra/migrations", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "lib/proxy/default_di_wirings.rb", "features": [ 1, 2, 0, 59 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "lib/proxy", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "lib/proxy/default_plugin_validators.rb", "features": [ 1, 3, 0, 59 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "lib/proxy", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "lib/proxy/dependency_injection.rb", "features": [ 1, 34, 0, 59 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "lib/proxy", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "lib/proxy/error.rb", "features": [ 2, 5, 0, 59 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "lib/proxy", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "lib/proxy/file_lock.rb", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "lib/proxy", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "lib/proxy/hsts_middleware.rb", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "lib/proxy", "is_test_file": false }, { "cveId": "CVE-2016-3728", "cvss": 8.8, "repo": "theforeman/smart-proxy", "file": "lib/proxy/helpers.rb", "features": [ 0, 18, 0, 0 ], "label": 0, "cve_description": "Foreman Smart Proxy allows remote attackers to execute arbitrary commands via crafted DHCP requests.", "file_language": "Ruby", "file_component": "lib/proxy", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "examples/arc.c", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C", "file_component": "examples", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "examples/flip.c", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C", "file_component": "examples", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "examples/crop.c", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C", "file_component": "examples", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "examples/gif.c", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C", "file_component": "examples", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "examples/copyrotated.c", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C", "file_component": "examples", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "src/msinttypes/stdint.h", "features": [ 0, 100, 0, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C/C++ Header", "file_component": "src/msinttypes", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "src/msinttypes/inttypes.h", "features": [ 0, 33, 0, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C/C++ Header", "file_component": "src/msinttypes", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "examples/avif2jpeg.c", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C", "file_component": "examples", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "examples/jpeg2avif.c", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C", "file_component": "examples", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "examples/nnquant.c", "features": [ 0, 3, 30, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C", "file_component": "examples", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "examples/png2avif.c", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C", "file_component": "examples", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "examples/resize.c", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C", "file_component": "examples", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "examples/imagescale.c", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C", "file_component": "examples", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "examples/jpeg2avifex.c", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C", "file_component": "examples", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "examples/tgaread.c", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C", "file_component": "examples", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "examples/png2heif.c", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C", "file_component": "examples", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "examples/tiffread.c", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C", "file_component": "examples", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "src/bmp.h", "features": [ 0, 16, 10, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C/C++ Header", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "examples/windows.c", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C", "file_component": "examples", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "src/entities.h", "features": [ 0, 18, 0, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C/C++ Header", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "src/annotate.c", "features": [ 0, 12, 0, 0 ], "label": 1, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "src/gd.h", "features": [ 3, 100, 80, 99 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C/C++ Header", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "src/gd2topng.c", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "src/gd2togif.c", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "src/gd2copypal.c", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "src/gd2time.c", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "src/gd_avif.c", "features": [ 0, 58, 40, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "src/gd.c", "features": [ 4, 100, 20, 98 ], "label": 1, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "src/gd_color.c", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2015-8877", "cvss": 7.5, "repo": "libgd/libgd", "file": "src/gd_bmp.c", "features": [ 0, 63, 100, 0 ], "label": 1, "cve_description": "libgd allows remote attackers to cause a denial of service (infinite loop) via a crafted GD file with invalid dimensions.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4021", "cvss": 7.5, "repo": "kazu-yamamoto/pgpdump", "file": "src/subfunc.c", "features": [ 0, 19, 0, 0 ], "label": 0, "cve_description": "pgpdump allows remote attackers to cause a denial of service via a crafted PGP packet that triggers an infinite loop.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4021", "cvss": 7.5, "repo": "kazu-yamamoto/pgpdump", "file": "src/pgpdump.c", "features": [ 0, 14, 0, 0 ], "label": 0, "cve_description": "pgpdump allows remote attackers to cause a denial of service via a crafted PGP packet that triggers an infinite loop.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4021", "cvss": 7.5, "repo": "kazu-yamamoto/pgpdump", "file": "src/pgpdump.h", "features": [ 0, 18, 0, 0 ], "label": 0, "cve_description": "pgpdump allows remote attackers to cause a denial of service via a crafted PGP packet that triggers an infinite loop.", "file_language": "C/C++ Header", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4021", "cvss": 7.5, "repo": "kazu-yamamoto/pgpdump", "file": "src/signature.c", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "pgpdump allows remote attackers to cause a denial of service via a crafted PGP packet that triggers an infinite loop.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4021", "cvss": 7.5, "repo": "kazu-yamamoto/pgpdump", "file": "src/buffer.c", "features": [ 0, 52, 0, 0 ], "label": 0, "cve_description": "pgpdump allows remote attackers to cause a denial of service via a crafted PGP packet that triggers an infinite loop.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4021", "cvss": 7.5, "repo": "kazu-yamamoto/pgpdump", "file": "os/riscos/config.h", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "pgpdump allows remote attackers to cause a denial of service via a crafted PGP packet that triggers an infinite loop.", "file_language": "C/C++ Header", "file_component": "os/riscos", "is_test_file": false }, { "cveId": "CVE-2016-4021", "cvss": 7.5, "repo": "kazu-yamamoto/pgpdump", "file": "src/packet.c", "features": [ 0, 27, 0, 0 ], "label": 0, "cve_description": "pgpdump allows remote attackers to cause a denial of service via a crafted PGP packet that triggers an infinite loop.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4021", "cvss": 7.5, "repo": "kazu-yamamoto/pgpdump", "file": "src/keys.c", "features": [ 0, 25, 0, 0 ], "label": 0, "cve_description": "pgpdump allows remote attackers to cause a denial of service via a crafted PGP packet that triggers an infinite loop.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4021", "cvss": 7.5, "repo": "kazu-yamamoto/pgpdump", "file": "src/tagfuncs.c", "features": [ 0, 15, 0, 0 ], "label": 0, "cve_description": "pgpdump allows remote attackers to cause a denial of service via a crafted PGP packet that triggers an infinite loop.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4021", "cvss": 7.5, "repo": "kazu-yamamoto/pgpdump", "file": "src/uatfunc.c", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "pgpdump allows remote attackers to cause a denial of service via a crafted PGP packet that triggers an infinite loop.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4021", "cvss": 7.5, "repo": "kazu-yamamoto/pgpdump", "file": "src/types.c", "features": [ 0, 25, 0, 0 ], "label": 0, "cve_description": "pgpdump allows remote attackers to cause a denial of service via a crafted PGP packet that triggers an infinite loop.", "file_language": "C", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/drivers/bridge/internal/iptabler/cleaner.go", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/drivers", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/drivers/bridge/internal/firewaller/firewaller.go", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/drivers", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/drivers/bridge/internal/firewaller/stub.go", "features": [ 0, 34, 0, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/drivers", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/drivers/bridge/internal/iptabler/endpoint.go", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/drivers", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/drivers/bridge/internal/iptabler/port.go", "features": [ 0, 32, 20, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/drivers", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/drivers/bridge/internal/iptabler/iptabler.go", "features": [ 0, 34, 70, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/drivers", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/drivers/bridge/internal/iptabler/link.go", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/drivers", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/drivers/bridge/internal/iptabler/network.go", "features": [ 0, 59, 40, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/drivers", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/drivers/bridge/internal/nftabler/cleaner.go", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/drivers", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/drivers/bridge/internal/nftabler/endpoint.go", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/drivers", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/drivers/bridge/internal/iptabler/wsl2.go", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/drivers", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/drivers/bridge/internal/nftabler/link.go", "features": [ 0, 9, 10, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/drivers", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/drivers/bridge/internal/nftabler/nftabler.go", "features": [ 0, 17, 0, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/drivers", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/drivers/bridge/internal/nftabler/port.go", "features": [ 0, 29, 20, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/drivers", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/drivers/bridge/internal/nftabler/wsl2.go", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/drivers", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/drivers/bridge/internal/nftabler/network.go", "features": [ 0, 35, 0, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/drivers", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/drivers/overlay/overlayutils/utils.go", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/drivers", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/drivers/overlay/ovmanager/ovmanager.go", "features": [ 0, 20, 20, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/drivers", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/internal/plugin/executor/containerd/containerd.go", "features": [ 0, 29, 10, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/internal/plugin", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/drivers/remote/api/api.go", "features": [ 0, 14, 0, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/drivers", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/drivers/windows/overlay/ov_endpoint_windows.go", "features": [ 0, 30, 60, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/drivers", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/drivers/windows/overlay/joinleave_windows.go", "features": [ 0, 15, 50, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/drivers", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/drivers/windows/overlay/peerdb_windows.go", "features": [ 0, 10, 40, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/drivers", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/drivers/windows/overlay/ov_network_windows.go", "features": [ 0, 40, 30, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/drivers", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/drivers/windows/overlay/overlay_windows.go", "features": [ 0, 16, 30, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/drivers", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/internal/kvstore/boltdb/boltdb.go", "features": [ 0, 28, 0, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/internal", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/libnetwork/ipams/remote/api/api.go", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/libnetwork/ipams", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/logger/journald/internal/export/export.go", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/logger/journald", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/logger/journald/internal/fake/sender.go", "features": [ 0, 17, 0, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/logger/journald", "is_test_file": false }, { "cveId": "CVE-2016-3697", "cvss": 7.8, "repo": "docker/docker", "file": "daemon/logger/journald/internal/sdjournal/doc.go", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "Docker Engine allows local users to gain privileges by exploiting a file-descriptor leak in the libcontainer library.", "file_language": "Go", "file_component": "daemon/logger/journald", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Notifier/Bridge/Telegram/Reply/Markup/Button/AbstractKeyboardButton.php", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Notifier/Bridge/Telegram/Reply/Markup/Button/KeyboardButton.php", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Notifier/Bridge/MicrosoftTeams/Action/Input/MultiChoiceInput.php", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Notifier/Bridge/MicrosoftTeams/Action/Element/Header.php", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Notifier/Bridge/MicrosoftTeams/Action/Input/InputInterface.php", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Notifier/Bridge/MicrosoftTeams/Action/Input/AbstractInput.php", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Notifier/Bridge/Telegram/Reply/Markup/Button/InlineKeyboardButton.php", "features": [ 0, 21, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Notifier/Bridge/MicrosoftTeams/Action/Input/DateInput.php", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Notifier/Bridge/MicrosoftTeams/Section/Field/Fact.php", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Notifier/Bridge/Telegram/Reply/Markup/InlineKeyboardMarkup.php", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Notifier/Bridge/MicrosoftTeams/Action/Input/TextInput.php", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Notifier/Bridge/Telegram/Reply/Markup/ForceReply.php", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Notifier/Bridge/Telegram/Reply/Markup/AbstractTelegramReplyMarkup.php", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Notifier/Bridge/MicrosoftTeams/Section/Field/Image.php", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Notifier/Bridge/Telegram/Reply/Markup/ReplyKeyboardMarkup.php", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Notifier/Bridge/MicrosoftTeams/Section/Field/Activity.php", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Security/Http/AccessToken/Oidc/Exception/MissingClaimException.php", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Security/Http/AccessToken/Oidc/Exception/InvalidSignatureException.php", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Security/Core/Authentication/Token/Storage/TokenStorageInterface.php", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Security/Core/Authentication/Token/Storage/TokenStorage.php", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Notifier/Bridge/Telegram/Reply/Markup/ReplyKeyboardRemove.php", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Security/Core/Authentication/Token/Storage/UsageTrackingTokenStorage.php", "features": [ 0, 20, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Security/Http/Authenticator/Passport/Badge/BadgeInterface.php", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Security/Http/Authenticator/Passport/Badge/CsrfTokenBadge.php", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Security/Http/Authenticator/Passport/Credentials/CustomCredentials.php", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Security/Http/Authenticator/Passport/Badge/UserBadge.php", "features": [ 0, 25, 10, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Security/Http/Authenticator/Passport/Badge/PasswordUpgradeBadge.php", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Security/Http/Authenticator/Passport/Badge/PreAuthenticatedUserBadge.php", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Security/Http/Authenticator/Passport/Credentials/CredentialsInterface.php", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-1902", "cvss": 7.5, "repo": "symfony/symfony", "file": "src/Symfony/Component/Security/Http/Authenticator/Passport/Badge/RememberMeBadge.php", "features": [ 0, 14, 0, 0 ], "label": 0, "cve_description": "Symfony allows remote attackers to predict CSRF tokens via weak random number generation in the security component.", "file_language": "PHP", "file_component": "src/Symfony/Component", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/ec2_ami_copy.py", "features": [ 0, 23, 100, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/cloudwatchevent_rule.py", "features": [ 0, 75, 0, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/cloudtrail.py", "features": [ 0, 30, 0, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/ec2_customer_gateway.py", "features": [ 0, 26, 0, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/cloudformation_facts.py", "features": [ 0, 39, 10, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/dynamodb_table.py", "features": [ 0, 41, 30, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/ec2_asg_facts.py", "features": [ 0, 24, 0, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/ec2_elb_facts.py", "features": [ 1, 29, 30, 93 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/ec2_eni_facts.py", "features": [ 0, 17, 20, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/ec2_group_facts.py", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/ec2_lc_facts.py", "features": [ 0, 21, 0, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/ec2_lc_find.py", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/ec2_remote_facts.py", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/ec2_eni.py", "features": [ 0, 49, 100, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/ec2_vol_facts.py", "features": [ 0, 13, 10, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/ec2_snapshot_facts.py", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/ec2_vpc_igw.py", "features": [ 0, 14, 0, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/ec2_vpc_dhcp_options_facts.py", "features": [ 0, 17, 0, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/ec2_vpc_nacl_facts.py", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/ec2_vpc_nacl.py", "features": [ 0, 85, 0, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/ec2_vpc_net_facts.py", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/ec2_vpc_peer.py", "features": [ 0, 42, 0, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/ec2_vpc_dhcp_options.py", "features": [ 0, 32, 10, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/ec2_vpc_route_table.py", "features": [ 0, 74, 0, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/ec2_vpc_route_table_facts.py", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/ec2_vpc_subnet_facts.py", "features": [ 0, 15, 0, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/ec2_vpc_nat_gateway.py", "features": [ 0, 77, 0, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/ec2_vpc_vgw.py", "features": [ 0, 62, 0, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-3096", "cvss": 7.8, "repo": "ansible/ansible-modules-extras", "file": "cloud/amazon/ec2_vpc_subnet.py", "features": [ 0, 32, 0, 0 ], "label": 0, "cve_description": "Ansible allows local users to write to arbitrary files via a symlink attack on a temporary file created by the lxc_container module.", "file_language": "Python", "file_component": "cloud/amazon", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/lib/Magick++/Functions.h", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C/C++ Header", "file_component": "Magick++/lib/Magick++", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/lib/Magick++/Geometry.h", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C/C++ Header", "file_component": "Magick++/lib/Magick++", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/lib/Magick++/BlobRef.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C/C++ Header", "file_component": "Magick++/lib/Magick++", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/lib/Magick++/Blob.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C/C++ Header", "file_component": "Magick++/lib/Magick++", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/lib/Magick++/Exception.h", "features": [ 0, 21, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C/C++ Header", "file_component": "Magick++/lib/Magick++", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/lib/Magick++/Color.h", "features": [ 0, 22, 10, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C/C++ Header", "file_component": "Magick++/lib/Magick++", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/lib/Magick++/CoderInfo.h", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C/C++ Header", "file_component": "Magick++/lib/Magick++", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/lib/Magick++/ImageRef.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C/C++ Header", "file_component": "Magick++/lib/Magick++", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/lib/Magick++/Montage.h", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C/C++ Header", "file_component": "Magick++/lib/Magick++", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/lib/Magick++/Options.h", "features": [ 0, 17, 30, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C/C++ Header", "file_component": "Magick++/lib/Magick++", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/lib/Magick++/Pixels.h", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C/C++ Header", "file_component": "Magick++/lib/Magick++", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/lib/Magick++/Drawable.h", "features": [ 0, 100, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C/C++ Header", "file_component": "Magick++/lib/Magick++", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/lib/Magick++/Statistic.h", "features": [ 0, 15, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C/C++ Header", "file_component": "Magick++/lib/Magick++", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/lib/Magick++/Image.h", "features": [ 0, 88, 40, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C/C++ Header", "file_component": "Magick++/lib/Magick++", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/lib/Magick++/ResourceLimits.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C/C++ Header", "file_component": "Magick++/lib/Magick++", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/lib/Magick++/TypeMetric.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C/C++ Header", "file_component": "Magick++/lib/Magick++", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/lib/Magick++/Thread.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C/C++ Header", "file_component": "Magick++/lib/Magick++", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/lib/Magick++/STL.h", "features": [ 0, 100, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C/C++ Header", "file_component": "Magick++/lib/Magick++", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/lib/Magick++/Include.h", "features": [ 0, 79, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C/C++ Header", "file_component": "Magick++/lib/Magick++", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/lib/Magick++/SecurityPolicy.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C/C++ Header", "file_component": "Magick++/lib/Magick++", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "www/source/core/sigmoidal-contrast.c", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C", "file_component": "www/source/core", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "www/source/wand/sigmoidal-contrast.c", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C", "file_component": "www/source/wand", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/demo/analyze.cpp", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C++", "file_component": "Magick++/demo", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/demo/button.cpp", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C++", "file_component": "Magick++/demo", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/demo/detrans.cpp", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C++", "file_component": "Magick++/demo", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/demo/demo.cpp", "features": [ 0, 27, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C++", "file_component": "Magick++/demo", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/demo/flip.cpp", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C++", "file_component": "Magick++/demo", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/demo/shapes.cpp", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C++", "file_component": "Magick++/demo", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/demo/gravity.cpp", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C++", "file_component": "Magick++/demo", "is_test_file": false }, { "cveId": "CVE-2016-4562", "cvss": 8.8, "repo": "ImageMagick/ImageMagick", "file": "Magick++/demo/piddle.cpp", "features": [ 0, 10, 10, 0 ], "label": 0, "cve_description": "ImageMagick allows remote attackers to cause a denial of service via a crafted image that triggers memory allocation failures.", "file_language": "C++", "file_component": "Magick++/demo", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion_katello/app/assets/javascripts/bastion_katello/products/details/repositories/details/repository-details-info.filter.js", "features": [ 0, 20, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion_katello/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion_katello/app/assets/javascripts/bastion_katello/products/details/repositories/details/repository-details.controller.js", "features": [ 0, 62, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion_katello/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion_katello/app/assets/javascripts/bastion_katello/products/details/repositories/checksum.service.js", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion_katello/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion_katello/app/assets/javascripts/bastion_katello/products/details/repositories/details/repository-details-manage-content.controller.js", "features": [ 0, 30, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion_katello/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion_katello/app/assets/javascripts/bastion_katello/products/details/repositories/details/repository-details-advanced-sync.controller.js", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion_katello/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion_katello/app/assets/javascripts/bastion_katello/products/details/repositories/details/repository-details-reclaim-space-modal.controller.js", "features": [ 0, 14, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion_katello/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion_katello/app/assets/javascripts/bastion_katello/products/details/repositories/new/new-repository.controller.js", "features": [ 0, 47, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion_katello/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion_katello/app/assets/javascripts/bastion_katello/products/details/repositories/details/repository-details-info.controller.js", "features": [ 0, 67, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion_katello/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion_katello/app/assets/javascripts/bastion_katello/products/details/repositories/http-proxy-service.js", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion_katello/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion_katello/app/assets/javascripts/bastion_katello/products/details/repositories/os-versions.service.js", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion_katello/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion_katello/app/assets/javascripts/bastion_katello/products/details/repositories/download-policy.service.js", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion_katello/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion_katello/app/assets/javascripts/bastion_katello/products/details/repositories/product-repositories-reclaim-space-modal.controller.js", "features": [ 0, 14, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion_katello/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion_katello/app/assets/javascripts/bastion_katello/products/details/repositories/repositories.module.js", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion_katello/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion_katello/app/assets/javascripts/bastion_katello/products/details/repositories/repositories.routes.js", "features": [ 0, 14, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion_katello/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion_katello/app/assets/javascripts/bastion_katello/products/details/repositories/mirroring-policy.service.js", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion_katello/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion_katello/app/assets/javascripts/bastion_katello/products/details/repositories/repository-types.service.js", "features": [ 0, 18, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion_katello/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion_katello/app/assets/javascripts/bastion_katello/products/details/repositories/yum-content-units.service.js", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion_katello/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion_katello/app/assets/javascripts/bastion_katello/products/details/repositories/repository.factory.js", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion_katello/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion/app/assets/javascripts/bastion/components/formatters/capitalize.filter.js", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion/app/assets/javascripts/bastion/components/formatters/array-to-string.filter.js", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion/app/assets/javascripts/bastion/components/formatters/components-formatters.module.js", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion/app/assets/javascripts/bastion/components/formatters/key-value-to-string.filter.js", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion/app/assets/javascripts/bastion/components/formatters/unlimitedFilter.filter.js", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion/app/assets/javascripts/bastion/components/formatters/boolean-to-yes-no.filter.js", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion_katello/app/assets/javascripts/bastion_katello/activation-keys/details/activation-key-add-host-collections.controller.js", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion_katello/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion_katello/app/assets/javascripts/bastion_katello/activation-keys/details/activation-key-associations.controller.js", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion_katello/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion_katello/app/assets/javascripts/bastion_katello/activation-keys/details/activation-key-copy.controller.js", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion_katello/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion_katello/app/assets/javascripts/bastion_katello/activation-keys/details/activation-key-details.controller.js", "features": [ 0, 31, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion_katello/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion_katello/app/assets/javascripts/bastion_katello/activation-keys/details/activation-key-host-collections.controller.js", "features": [ 0, 14, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion_katello/app", "is_test_file": false }, { "cveId": "CVE-2016-3072", "cvss": 8.8, "repo": "Katello/katello", "file": "engines/bastion_katello/app/assets/javascripts/bastion_katello/activation-keys/details/activation-key-details-info.controller.js", "features": [ 0, 43, 0, 0 ], "label": 0, "cve_description": "Katello allows remote authenticated users to conduct SQL injection attacks via crafted search queries.", "file_language": "JavaScript", "file_component": "engines/bastion_katello/app", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "examples/fileprop_analysis/old/embedpe_sample.c", "features": [ 0, 14, 40, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C", "file_component": "examples/fileprop_analysis/old", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "examples/fileprop_analysis/old/onlype_sample.c", "features": [ 0, 22, 90, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C", "file_component": "examples/fileprop_analysis/old", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "examples/fileprop_analysis/old/ftype_sample.c", "features": [ 0, 10, 40, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C", "file_component": "examples/fileprop_analysis/old", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "examples/fileprop_analysis/old/notpdf_sample.c", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C", "file_component": "examples/fileprop_analysis/old", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "libclamav/jsparse/generated/keywords.h", "features": [ 0, 18, 30, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C/C++ Header", "file_component": "libclamav/jsparse/generated", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "examples/fileprop_analysis/old/sandbox.c", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C", "file_component": "examples/fileprop_analysis/old", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "libclamav/jsparse/generated/operators.h", "features": [ 0, 17, 20, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C/C++ Header", "file_component": "libclamav/jsparse/generated", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "clamonacc/c-thread-pool/thpool.c", "features": [ 0, 46, 90, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C", "file_component": "clamonacc/c-thread-pool", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "clamonacc/c-thread-pool/thpool.h", "features": [ 0, 25, 0, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C/C++ Header", "file_component": "clamonacc/c-thread-pool", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "clamonacc/client/client.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C/C++ Header", "file_component": "clamonacc/client", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "clamonacc/client/communication.h", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C/C++ Header", "file_component": "clamonacc/client", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "clamonacc/client/client.c", "features": [ 0, 45, 100, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C", "file_component": "clamonacc/client", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "clamonacc/client/protocol.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C/C++ Header", "file_component": "clamonacc/client", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "clamonacc/client/protocol.c", "features": [ 0, 39, 90, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C", "file_component": "clamonacc/client", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "clamonacc/client/communication.c", "features": [ 0, 16, 10, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C", "file_component": "clamonacc/client", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "clamonacc/client/socket.c", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C", "file_component": "clamonacc/client", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "clamonacc/inotif/hash.c", "features": [ 0, 46, 10, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C", "file_component": "clamonacc/inotif", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "clamonacc/fanotif/fanotif.c", "features": [ 0, 16, 100, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C", "file_component": "clamonacc/fanotif", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "clamonacc/inotif/hash.h", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C/C++ Header", "file_component": "clamonacc/inotif", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "clamonacc/client/socket.h", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C/C++ Header", "file_component": "clamonacc/client", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "clamonacc/inotif/inotif.c", "features": [ 0, 50, 100, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C", "file_component": "clamonacc/inotif", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "clamonacc/fanotif/fanotif.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C/C++ Header", "file_component": "clamonacc/fanotif", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "clamonacc/misc/fts.c", "features": [ 0, 94, 10, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C", "file_component": "clamonacc/misc", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "clamonacc/inotif/inotif.h", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C/C++ Header", "file_component": "clamonacc/inotif", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "clamonacc/misc/priv_fts.h", "features": [ 0, 29, 0, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C/C++ Header", "file_component": "clamonacc/misc", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "clamonacc/misc/utils.h", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C/C++ Header", "file_component": "clamonacc/misc", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "clamonacc/scan/onas_queue.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C/C++ Header", "file_component": "clamonacc/scan", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "clamonacc/scan/onas_queue.c", "features": [ 0, 16, 60, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C", "file_component": "clamonacc/scan", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "clamonacc/misc/utils.c", "features": [ 0, 12, 100, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C", "file_component": "clamonacc/misc", "is_test_file": false }, { "cveId": "CVE-2016-1405", "cvss": 7.5, "repo": "vrtadmin/clamav-devel", "file": "clamonacc/scan/thread.c", "features": [ 0, 27, 100, 0 ], "label": 0, "cve_description": "ClamAV allows remote attackers to cause a denial of service via a crafted file that triggers a heap buffer overflow in the libmspack library.", "file_language": "C", "file_component": "clamonacc/scan", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "pkg/cmd/update-tls-artifacts/generate-owners/tlsmetadata/autoregenerate_after_expiry/requirement.go", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "pkg/cmd/update-tls-artifacts", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "pkg/cmd/update-tls-artifacts/generate-owners/tlsmetadatainterfaces/simple_requirements_result.go", "features": [ 0, 25, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "pkg/cmd/update-tls-artifacts", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "pkg/cmd/update-tls-artifacts/generate-owners/tlsmetadata/descriptions/requirement.go", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "pkg/cmd/update-tls-artifacts", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "pkg/cmd/update-tls-artifacts/generate-owners/tlsmetadata/ownership/requirement.go", "features": [ 0, 19, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "pkg/cmd/update-tls-artifacts", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "pkg/cmd/update-tls-artifacts/generate-owners/tlsmetadata/refresh_period/requirement.go", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "pkg/cmd/update-tls-artifacts", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "pkg/cmd/update-tls-artifacts/generate-owners/tlsmetadatainterfaces/annotation_requirement.go", "features": [ 0, 28, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "pkg/cmd/update-tls-artifacts", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "pkg/cmd/update-tls-artifacts/generate-owners/tlsmetadatainterfaces/helpers.go", "features": [ 0, 29, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "pkg/cmd/update-tls-artifacts", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "pkg/cmd/update-tls-artifacts/generate-owners/tlsmetadatadefaults/defaults.go", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "pkg/cmd/update-tls-artifacts", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "pkg/cmd/update-tls-artifacts/generate-owners/tlsmetadatainterfaces/types.go", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "pkg/cmd/update-tls-artifacts", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "tools/junitreport/pkg/parser/stack/interfaces.go", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "tools/junitreport/pkg", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "tools/junitreport/pkg/parser/oscmd/data_parser.go", "features": [ 0, 31, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "tools/junitreport/pkg", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "tools/junitreport/pkg/parser/stack/parser.go", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "tools/junitreport/pkg", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "tools/junitreport/pkg/parser/oscmd/parser.go", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "tools/junitreport/pkg", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "tools/junitreport/pkg/parser/stack/stack.go", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "tools/junitreport/pkg", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "pkg/cmd/update-tls-artifacts/ensure-no-violation-regression/ensure_no_violation_regression.go", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "pkg/cmd/update-tls-artifacts", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "pkg/cmd/update-tls-artifacts/generate-owners/generate_owners_flags.go", "features": [ 0, 14, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "pkg/cmd/update-tls-artifacts", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "pkg/cmd/update-tls-artifacts/generate-owners/generate_owners_options.go", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "pkg/cmd/update-tls-artifacts", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "pkg/disruption/backend/disruption/interval.go", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "pkg/disruption/backend", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "pkg/disruption/backend/disruption/handler.go", "features": [ 0, 15, 10, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "pkg/disruption/backend", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "pkg/disruption/backend/logger/logger.go", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "pkg/disruption/backend", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "pkg/disruption/backend/roundtripper/shutdown.go", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "pkg/disruption/backend", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "pkg/disruption/backend/roundtripper/roundtripper.go", "features": [ 0, 31, 10, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "pkg/disruption/backend", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "pkg/disruption/backend/sampler/interface.go", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "pkg/disruption/backend", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "pkg/disruption/backend/sampler/knownerror.go", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "pkg/disruption/backend", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "pkg/disruption/backend/sampler/response_checker.go", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "pkg/disruption/backend", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "pkg/disruption/backend/sampler/producer_consumer.go", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "pkg/disruption/backend", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "pkg/disruption/backend/shutdown/handler.go", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "pkg/disruption/backend", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "pkg/disruption/backend/transport/transport.go", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "pkg/disruption/backend", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "pkg/disruption/backend/shutdown/interval.go", "features": [ 0, 26, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "pkg/disruption/backend", "is_test_file": false }, { "cveId": "CVE-2016-2160", "cvss": 8.8, "repo": "openshift/origin", "file": "pkg/disruption/backend/sampler/requestor.go", "features": [ 0, 15, 0, 0 ], "label": 0, "cve_description": "OpenShift Enterprise allows remote authenticated users to execute arbitrary commands via a crafted build configuration.", "file_language": "Go", "file_component": "pkg/disruption/backend", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "include/atheme/digest/direct.h", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C/C++ Header", "file_component": "include/atheme/digest", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "modules/scripting/perl/api/atheme_perl.h", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C/C++ Header", "file_component": "modules/scripting/perl", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "modules/scripting/perl/api/perl_utilities.c", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C", "file_component": "modules/scripting/perl", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "include/atheme/digest/gcrypt.h", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C/C++ Header", "file_component": "include/atheme/digest", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "modules/scripting/perl/api/perl_command.c", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C", "file_component": "modules/scripting/perl", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "contrib/convertrservtoatheme/src/main.rs", "features": [ 0, 14, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "Rust", "file_component": "contrib/convertrservtoatheme/src", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "modules/scripting/perl/api/perl_hooks_extra.h", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C/C++ Header", "file_component": "modules/scripting/perl", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "modules/scripting/perl/api/perl_hooks.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C/C++ Header", "file_component": "modules/scripting/perl", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "include/atheme/digest/openssl.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C/C++ Header", "file_component": "include/atheme/digest", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "include/atheme/digest/mbedtls.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C/C++ Header", "file_component": "include/atheme/digest", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "include/atheme/inline/account.h", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C/C++ Header", "file_component": "include/atheme/inline", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "include/atheme/digest/internal.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C/C++ Header", "file_component": "include/atheme/digest", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "include/atheme/inline/connection.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C/C++ Header", "file_component": "include/atheme/inline", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "include/atheme/digest/types.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C/C++ Header", "file_component": "include/atheme/digest", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "include/atheme/inline/channels.h", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C/C++ Header", "file_component": "include/atheme/inline", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "include/atheme/inline/users.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C/C++ Header", "file_component": "include/atheme/inline", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "include/atheme/protocol/charybdis.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C/C++ Header", "file_component": "include/atheme/protocol", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "include/atheme/protocol/bahamut.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C/C++ Header", "file_component": "include/atheme/protocol", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "include/atheme/protocol/asuka.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C/C++ Header", "file_component": "include/atheme/protocol", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "include/atheme/protocol/inspircd.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C/C++ Header", "file_component": "include/atheme/protocol", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "include/atheme/protocol/elemental-ircd.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C/C++ Header", "file_component": "include/atheme/protocol", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "include/atheme/protocol/chatircd.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C/C++ Header", "file_component": "include/atheme/protocol", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "include/atheme/protocol/nefarious.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C/C++ Header", "file_component": "include/atheme/protocol", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "include/atheme/protocol/ngircd.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C/C++ Header", "file_component": "include/atheme/protocol", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "include/atheme/protocol/unreal.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C/C++ Header", "file_component": "include/atheme/protocol", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "modules/crypto/legacy/anope-enc-sha256.c", "features": [ 0, 8, 30, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C", "file_component": "modules/crypto/legacy", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "include/atheme/protocol/solanum.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C/C++ Header", "file_component": "include/atheme/protocol", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "modules/crypto/legacy/base64.c", "features": [ 0, 4, 10, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C", "file_component": "modules/crypto/legacy", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "modules/crypto/legacy/crypt3-des.c", "features": [ 0, 10, 50, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C", "file_component": "modules/crypto/legacy", "is_test_file": false }, { "cveId": "CVE-2014-9773", "cvss": 7.5, "repo": "atheme/atheme", "file": "modules/crypto/legacy/crypt3-md5.c", "features": [ 0, 9, 40, 0 ], "label": 0, "cve_description": "Atheme IRC Services allows remote authenticated users to bypass intended access restrictions via crafted SASL authentication messages.", "file_language": "C", "file_component": "modules/crypto/legacy", "is_test_file": false }, { "cveId": "CVE-2016-3698", "cvss": 8.1, "repo": "jpirko/libndp", "file": "libndp/list.h", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "libndp allows remote attackers to conduct man-in-the-middle attacks via a crafted NDP message with spoofed source addresses.", "file_language": "C/C++ Header", "file_component": "libndp", "is_test_file": false }, { "cveId": "CVE-2016-3698", "cvss": 8.1, "repo": "jpirko/libndp", "file": "utils/ndptool.c", "features": [ 0, 28, 0, 0 ], "label": 1, "cve_description": "libndp allows remote attackers to conduct man-in-the-middle attacks via a crafted NDP message with spoofed source addresses.", "file_language": "C", "file_component": "utils", "is_test_file": false }, { "cveId": "CVE-2016-3698", "cvss": 8.1, "repo": "jpirko/libndp", "file": "libndp/ndp_private.h", "features": [ 0, 12, 20, 0 ], "label": 0, "cve_description": "libndp allows remote attackers to conduct man-in-the-middle attacks via a crafted NDP message with spoofed source addresses.", "file_language": "C/C++ Header", "file_component": "libndp", "is_test_file": false }, { "cveId": "CVE-2016-3698", "cvss": 8.1, "repo": "jpirko/libndp", "file": "include/ndp.h", "features": [ 0, 18, 0, 0 ], "label": 0, "cve_description": "libndp allows remote attackers to conduct man-in-the-middle attacks via a crafted NDP message with spoofed source addresses.", "file_language": "C/C++ Header", "file_component": "include", "is_test_file": false }, { "cveId": "CVE-2016-3698", "cvss": 8.1, "repo": "jpirko/libndp", "file": "libndp/libndp.c", "features": [ 2, 100, 40, 70 ], "label": 0, "cve_description": "libndp allows remote attackers to conduct man-in-the-middle attacks via a crafted NDP message with spoofed source addresses.", "file_language": "C", "file_component": "libndp", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/dnssec/dnssec_rcode_stories.c", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/dnssec", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/dnssec/dnssec_config.c", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/dnssec", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "external/linux-xfrm-headers/linux/xfrm.h", "features": [ 0, 33, 10, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C/C++ Header", "file_component": "external/linux-xfrm-headers/linux", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "contrib/python-swan/swan/__init__.py", "features": [ 0, 12, 40, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "Python", "file_component": "contrib/python-swan/swan", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/ipsecconf/confwrite.c", "features": [ 0, 17, 0, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/ipsecconf", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/ipsecconf/conn.c", "features": [ 0, 36, 40, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/ipsecconf", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/ipsecconf/confread.c", "features": [ 0, 43, 30, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/ipsecconf", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/dnssec/unbound.c", "features": [ 0, 16, 40, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/dnssec", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/ipsecconf/interfaces.c", "features": [ 0, 5, 10, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/ipsecconf", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/ipsecconf/keywords.c", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/ipsecconf", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/ipsecconf/keyword_type_names.c", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/ipsecconf", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/ipsecconf/starterwhack.c", "features": [ 0, 5, 100, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/ipsecconf", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/optarg/optarg_address_dns.c", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/optarg", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/optarg/optarg.c", "features": [ 0, 29, 100, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/optarg", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/optarg/optarg_address_num.c", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/optarg", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/ipsecconf/setup.c", "features": [ 0, 74, 100, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/ipsecconf", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/pubkey/pubkey_signer_eddsa.c", "features": [ 0, 13, 30, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/pubkey", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/optarg/optarg_nssdir.c", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/optarg", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/optarg/optarg_nss_password.c", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/optarg", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/pubkey/pubkey_types.c", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/pubkey", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/pubkey/pubkey_type_rsa.c", "features": [ 0, 17, 30, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/pubkey", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/pubkey/pubkey_signer_ecdsa.c", "features": [ 0, 18, 60, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/pubkey", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/pubkey/pubkey_signer_rsa.c", "features": [ 0, 28, 60, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/pubkey", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/pubkey/pubkey_type_ecp.c", "features": [ 0, 20, 20, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/pubkey", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/whack/alloc_whack_message.c", "features": [ 0, 4, 100, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/whack", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/whack/init_whack_message.c", "features": [ 0, 2, 80, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/whack", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/whack/aliascomp.c", "features": [ 0, 3, 10, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/whack", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/whack/pickle.c", "features": [ 0, 28, 100, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/whack", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/whack/whack_magic.in.c", "features": [ 0, 1, 50, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/whack", "is_test_file": false }, { "cveId": "CVE-2016-5361", "cvss": 7.5, "repo": "libreswan/libreswan", "file": "lib/libswan/whack/send.c", "features": [ 0, 21, 100, 0 ], "label": 0, "cve_description": "Libreswan allows remote attackers to cause a denial of service via a crafted IKE packet that triggers an assertion failure.", "file_language": "C", "file_component": "lib/libswan/whack", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "compat/atomics/dummy/stdatomic.h", "features": [ 0, 85, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "compat/atomics/dummy", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "compat/atomics/win32/stdatomic.h", "features": [ 0, 85, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "compat/atomics/win32", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "libavcodec/wasm/hevc/dsp_init.c", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C", "file_component": "libavcodec/wasm/hevc", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "libavcodec/riscv/h26x/h2656dsp.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "libavcodec/riscv/h26x", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "libavcodec/riscv/vvc/dsp_init.c", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C", "file_component": "libavcodec/riscv/vvc", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "libavcodec/aarch64/h26x/dsp.h", "features": [ 0, 22, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "libavcodec/aarch64/h26x", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "libavcodec/aarch64/vvc/dsp_init.c", "features": [ 0, 33, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C", "file_component": "libavcodec/aarch64/vvc", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "libavcodec/aarch64/vvc/alf_template.c", "features": [ 0, 18, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C", "file_component": "libavcodec/aarch64/vvc", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "libavcodec/wasm/hevc/idct.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "libavcodec/wasm/hevc", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "libavcodec/wasm/hevc/sao.h", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "libavcodec/wasm/hevc", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "libavcodec/x86/h26x/h2656dsp.c", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C", "file_component": "libavcodec/x86/h26x", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "libavcodec/x86/hevc/dsp.h", "features": [ 0, 15, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "libavcodec/x86/hevc", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "libavcodec/wasm/hevc/idct.c", "features": [ 0, 44, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C", "file_component": "libavcodec/wasm/hevc", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": ".forgejo/labeler/labeler.js", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "JavaScript", "file_component": ".forgejo/labeler", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "libavcodec/x86/hevc/dsp_init.c", "features": [ 0, 64, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C", "file_component": "libavcodec/x86/hevc", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "libavcodec/x86/vvc/dsp_init.c", "features": [ 0, 19, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C", "file_component": "libavcodec/x86/vvc", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "libavcodec/x86/h26x/h2656dsp.h", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "libavcodec/x86/h26x", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "compat/aix/math.h", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "compat/aix", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "libavcodec/wasm/hevc/sao.c", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C", "file_component": "libavcodec/wasm/hevc", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "compat/android/binder.c", "features": [ 0, 14, 50, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C", "file_component": "compat/android", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "compat/android/binder.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "compat/android", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "compat/dispatch_semaphore/semaphore.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "compat/dispatch_semaphore", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "compat/djgpp/math.c", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C", "file_component": "compat/djgpp", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "compat/cuda/dynlink_loader.h", "features": [ 0, 4, 20, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "compat/cuda", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "compat/cuda/cuda_runtime.h", "features": [ 0, 34, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "compat/cuda", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "compat/djgpp/math.h", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "compat/djgpp", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "compat/float/float.h", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "compat/float", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "compat/float/limits.h", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "compat/float", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "compat/msvcrt/snprintf.c", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C", "file_component": "compat/msvcrt", "is_test_file": false }, { "cveId": "CVE-2016-3062", "cvss": 8.8, "repo": "FFmpeg/FFmpeg", "file": "compat/msvcrt/snprintf.h", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "FFmpeg allows remote attackers to execute arbitrary code via a crafted AVI file that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "compat/msvcrt", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/java/org/brotli/wrapper/common/CommonJNI.java", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Java", "file_component": "deps/brotli/java", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/java/org/brotli/wrapper/enc/BrotliOutputStream.java", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Java", "file_component": "deps/brotli/java", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/java/org/brotli/wrapper/enc/BrotliEncoderChannel.java", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Java", "file_component": "deps/brotli/java", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/java/org/brotli/wrapper/dec/Decoder.java", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Java", "file_component": "deps/brotli/java", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/java/org/brotli/wrapper/common/BrotliCommon.java", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Java", "file_component": "deps/brotli/java", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/java/org/brotli/wrapper/dec/DecoderJNI.java", "features": [ 0, 6, 10, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Java", "file_component": "deps/brotli/java", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/java/org/brotli/wrapper/dec/BrotliDecoderChannel.java", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Java", "file_component": "deps/brotli/java", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/java/org/brotli/wrapper/dec/BrotliInputStream.java", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Java", "file_component": "deps/brotli/java", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/csharp/org/brotli/dec/Context.cs", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Unknown", "file_component": "deps/brotli/csharp", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/java/org/brotli/wrapper/enc/Encoder.java", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Java", "file_component": "deps/brotli/java", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/csharp/org/brotli/dec/BrotliRuntimeException.cs", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Unknown", "file_component": "deps/brotli/csharp", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/mruby/mrbgems/mruby-io/include/mruby/ext/io.h", "features": [ 0, 15, 0, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "C/C++ Header", "file_component": "deps/mruby/mrbgems", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/csharp/org/brotli/dec/BrotliInputStream.cs", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Unknown", "file_component": "deps/brotli/csharp", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/csharp/org/brotli/dec/BitReader.cs", "features": [ 0, 14, 10, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Unknown", "file_component": "deps/brotli/csharp", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/java/org/brotli/wrapper/enc/EncoderJNI.java", "features": [ 0, 6, 10, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Java", "file_component": "deps/brotli/java", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/picotls/deps/cifra/src/arm/unacl/scalarmult.c", "features": [ 0, 82, 0, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "C", "file_component": "deps/picotls/deps", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/csharp/org/brotli/dec/HuffmanTreeGroup.cs", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Unknown", "file_component": "deps/brotli/csharp", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/csharp/org/brotli/dec/Huffman.cs", "features": [ 0, 8, 10, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Unknown", "file_component": "deps/brotli/csharp", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/csharp/org/brotli/dec/IntReader.cs", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Unknown", "file_component": "deps/brotli/csharp", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/csharp/org/brotli/dec/Prefix.cs", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Unknown", "file_component": "deps/brotli/csharp", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/csharp/org/brotli/dec/RunningState.cs", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Unknown", "file_component": "deps/brotli/csharp", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/csharp/org/brotli/dec/Decode.cs", "features": [ 0, 50, 100, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Unknown", "file_component": "deps/brotli/csharp", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/csharp/org/brotli/dec/State.cs", "features": [ 0, 9, 10, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Unknown", "file_component": "deps/brotli/csharp", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/csharp/org/brotli/dec/Transform.cs", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Unknown", "file_component": "deps/brotli/csharp", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/csharp/org/brotli/dec/Utils.cs", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Unknown", "file_component": "deps/brotli/csharp", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/csharp/org/brotli/dec/Dictionary.cs", "features": [ 0, 17, 40, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Unknown", "file_component": "deps/brotli/csharp", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/csharp/org/brotli/dec/WordTransformType.cs", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Unknown", "file_component": "deps/brotli/csharp", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/java/org/brotli/dec/BitReader.java", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Java", "file_component": "deps/brotli/java", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/java/org/brotli/dec/BrotliInputStream.java", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Java", "file_component": "deps/brotli/java", "is_test_file": false }, { "cveId": "CVE-2016-4817", "cvss": 7.5, "repo": "h2o/h2o", "file": "deps/brotli/java/org/brotli/dec/BrotliRuntimeException.java", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "H2O HTTP server allows remote attackers to cause a denial of service via a crafted HTTP/2 request.", "file_language": "Java", "file_component": "deps/brotli/java", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Models/TextToSpeechConversion/Contracts/TextToSpeechConversionOperationModelInterface.php", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Models/SpeechGeneration/Contracts/SpeechGenerationModelInterface.php", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Models/TextGeneration/Contracts/TextGenerationModelInterface.php", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Models/ImageGeneration/Contracts/ImageGenerationOperationModelInterface.php", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Models/TextGeneration/Contracts/TextGenerationOperationModelInterface.php", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Models/TextToSpeechConversion/Contracts/TextToSpeechConversionModelInterface.php", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Models/ImageGeneration/Contracts/ImageGenerationModelInterface.php", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Models/SpeechGeneration/Contracts/SpeechGenerationOperationModelInterface.php", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Models/VideoGeneration/Contracts/VideoGenerationModelInterface.php", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/SimplePie/library/SimplePie/Content/Type/Sniffer.php", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/SimplePie/library", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Models/VideoGeneration/Contracts/VideoGenerationOperationModelInterface.php", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/SimplePie/library/SimplePie/XML/Declaration/Parser.php", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/SimplePie/library", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Http/Abstracts/AbstractClientDiscoveryStrategy.php", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Http/Collections/HeadersCollection.php", "features": [ 0, 21, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/SimplePie/library/SimplePie/Decode/HTML/Entities.php", "features": [ 0, 40, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/SimplePie/library", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/ApiBasedImplementation/Contracts/ApiBasedModelInterface.php", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Http/Contracts/ClientWithOptionsInterface.php", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Http/Contracts/HttpTransporterInterface.php", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Http/DTO/ApiKeyRequestAuthentication.php", "features": [ 0, 17, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Http/Contracts/WithHttpTransporterInterface.php", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Http/DTO/Request.php", "features": [ 0, 57, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Http/Contracts/WithRequestAuthenticationInterface.php", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Http/DTO/RequestOptions.php", "features": [ 0, 32, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Http/Contracts/RequestAuthenticationInterface.php", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Http/DTO/Response.php", "features": [ 0, 37, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Http/Enums/HttpMethodEnum.php", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Http/Exception/NetworkException.php", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Http/Enums/RequestAuthenticationMethod.php", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Http/Exception/RedirectException.php", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-5835", "cvss": 7.5, "repo": "WordPress/WordPress", "file": "wp-includes/php-ai-client/src/Providers/Http/Exception/ClientException.php", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "WordPress allows remote attackers to bypass intended access restrictions via crafted XML content in the RSS feed.", "file_language": "PHP", "file_component": "wp-includes/php-ai-client/src", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/assets/js/src/backend.js", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "JavaScript", "file_component": "symphony/assets/js", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/assets/js/lib/signals.js", "features": [ 0, 82, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "JavaScript", "file_component": "symphony/assets/js", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/assets/js/lib/crossroads.js", "features": [ 0, 100, 30, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "JavaScript", "file_component": "symphony/assets/js", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/assets/js/lib/jquery.migrate.js", "features": [ 0, 71, 10, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "JavaScript", "file_component": "symphony/assets/js", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/assets/js/src/symphony.affix.js", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "JavaScript", "file_component": "symphony/assets/js", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/assets/js/src/backend.views.js", "features": [ 0, 68, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "JavaScript", "file_component": "symphony/assets/js", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/assets/js/src/symphony.calendar.js", "features": [ 0, 15, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "JavaScript", "file_component": "symphony/assets/js", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/assets/js/lib/jquery.js", "features": [ 0, 100, 100, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "JavaScript", "file_component": "symphony/assets/js", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/assets/js/src/symphony.collapsible.js", "features": [ 0, 65, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "JavaScript", "file_component": "symphony/assets/js", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/assets/js/src/symphony.defaultvalue.js", "features": [ 0, 19, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "JavaScript", "file_component": "symphony/assets/js", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/assets/js/src/symphony.drawer.js", "features": [ 0, 19, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "JavaScript", "file_component": "symphony/assets/js", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/assets/js/src/symphony.duplicator.js", "features": [ 0, 45, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "JavaScript", "file_component": "symphony/assets/js", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/assets/js/src/symphony.error.js", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "JavaScript", "file_component": "symphony/assets/js", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/assets/js/src/symphony.filtering.js", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "JavaScript", "file_component": "symphony/assets/js", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/assets/js/src/symphony.js", "features": [ 0, 65, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "JavaScript", "file_component": "symphony/assets/js", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/assets/js/src/symphony.pickable.js", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "JavaScript", "file_component": "symphony/assets/js", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/assets/js/src/symphony.notify.js", "features": [ 0, 40, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "JavaScript", "file_component": "symphony/assets/js", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/assets/js/src/symphony.selectable.js", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "JavaScript", "file_component": "symphony/assets/js", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/assets/js/src/symphony.tags.js", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "JavaScript", "file_component": "symphony/assets/js", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/assets/js/src/symphony.timeago.js", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "JavaScript", "file_component": "symphony/assets/js", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/assets/js/src/symphony.suggestions.js", "features": [ 0, 34, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "JavaScript", "file_component": "symphony/assets/js", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/assets/js/src/symphony.orderable.js", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "JavaScript", "file_component": "symphony/assets/js", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/lib/toolkit/cache/cache.database.php", "features": [ 0, 43, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "PHP", "file_component": "symphony/lib/toolkit", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/lib/toolkit/cryptography/class.pbkdf2.php", "features": [ 0, 28, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "PHP", "file_component": "symphony/lib/toolkit", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/lib/toolkit/data-sources/class.datasource.author.php", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "PHP", "file_component": "symphony/lib/toolkit", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/lib/toolkit/data-sources/class.datasource.navigation.php", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "PHP", "file_component": "symphony/lib/toolkit", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/lib/toolkit/data-sources/class.datasource.static.php", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "PHP", "file_component": "symphony/lib/toolkit", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/lib/toolkit/email-gateways/email.sendmail.php", "features": [ 0, 21, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "PHP", "file_component": "symphony/lib/toolkit", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/lib/toolkit/data-sources/class.datasource.section.php", "features": [ 0, 71, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "PHP", "file_component": "symphony/lib/toolkit", "is_test_file": false }, { "cveId": "CVE-2016-4309", "cvss": 7.5, "repo": "symphonycms/symphony-2", "file": "symphony/lib/toolkit/email-gateways/email.smtp.php", "features": [ 0, 54, 0, 0 ], "label": 0, "cve_description": "Symphony CMS allows remote attackers to conduct XML injection attacks via crafted input to the data source editor.", "file_language": "PHP", "file_component": "symphony/lib/toolkit", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/entry.cpp", "features": [ 0, 9, 10, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "C++", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/error_code.cpp", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "C++", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/bytes.hpp", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "Unknown", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/datetime.cpp", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "C++", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/boost_python.hpp", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "Unknown", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/converters.cpp", "features": [ 0, 34, 0, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "C++", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/alert.cpp", "features": [ 0, 69, 60, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "C++", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/create_torrent.cpp", "features": [ 0, 22, 10, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "C++", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/gil.hpp", "features": [ 0, 17, 10, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "Unknown", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/fingerprint.cpp", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "C++", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/load_torrent.cpp", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "C++", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/ip_filter.cpp", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "C++", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/info_hash.cpp", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "C++", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/magnet_uri.cpp", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "C++", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/module.cpp", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "C++", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/optional.hpp", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "Unknown", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/peer_info.cpp", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "C++", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/sha1_hash.cpp", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "C++", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/session_settings.cpp", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "C++", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/sha256_hash.cpp", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "C++", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/string.cpp", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "C++", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/torrent_info.cpp", "features": [ 0, 30, 0, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "C++", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/session.cpp", "features": [ 0, 100, 20, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "C++", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/torrent_handle.cpp", "features": [ 0, 40, 10, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "C++", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/utility.cpp", "features": [ 0, 11, 10, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "C++", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/torrent_status.cpp", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "C++", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "include/libtorrent/aux_/alloca.hpp", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "Unknown", "file_component": "include/libtorrent/aux_", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "bindings/python/src/version.cpp", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "C++", "file_component": "bindings/python/src", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "include/libtorrent/aux_/aligned_union.hpp", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "Unknown", "file_component": "include/libtorrent/aux_", "is_test_file": false }, { "cveId": "CVE-2016-5301", "cvss": 7.5, "repo": "arvidn/libtorrent", "file": "include/libtorrent/aux_/alert_manager.hpp", "features": [ 0, 23, 0, 0 ], "label": 0, "cve_description": "libtorrent allows remote attackers to cause a denial of service via a crafted torrent file with invalid metadata.", "file_language": "Unknown", "file_component": "include/libtorrent/aux_", "is_test_file": false }, { "cveId": "CVE-2016-4997", "cvss": 7.8, "repo": "nccgroup/TriforceLinuxSyscallFuzzer", "file": "crash_reports/report_compatIpt/repro-compatReleaseEntryMod.c", "features": [ 2, 36, 0, 93 ], "label": 0, "cve_description": "The compat IPT_SO_SET_REPLACE setsockopt in the Linux kernel allows local users to gain privileges or cause a denial of service via crafted socket calls.", "file_language": "C", "file_component": "crash_reports/report_compatIpt", "is_test_file": false }, { "cveId": "CVE-2016-4997", "cvss": 7.8, "repo": "nccgroup/TriforceLinuxSyscallFuzzer", "file": "crash_reports/report_compatIpt/uns.c", "features": [ 2, 15, 0, 93 ], "label": 0, "cve_description": "The compat IPT_SO_SET_REPLACE setsockopt in the Linux kernel allows local users to gain privileges or cause a denial of service via crafted socket calls.", "file_language": "C", "file_component": "crash_reports/report_compatIpt", "is_test_file": false }, { "cveId": "CVE-2016-4997", "cvss": 7.8, "repo": "nccgroup/TriforceLinuxSyscallFuzzer", "file": "crash_reports/report_compatIpt/repro-compatReleaseEntry.c", "features": [ 2, 5, 10, 93 ], "label": 0, "cve_description": "The compat IPT_SO_SET_REPLACE setsockopt in the Linux kernel allows local users to gain privileges or cause a denial of service via crafted socket calls.", "file_language": "C", "file_component": "crash_reports/report_compatIpt", "is_test_file": false }, { "cveId": "CVE-2016-4997", "cvss": 7.8, "repo": "nccgroup/TriforceLinuxSyscallFuzzer", "file": "crash_reports/report_ipt/uns.c", "features": [ 2, 15, 0, 93 ], "label": 0, "cve_description": "The compat IPT_SO_SET_REPLACE setsockopt in the Linux kernel allows local users to gain privileges or cause a denial of service via crafted socket calls.", "file_language": "C", "file_component": "crash_reports/report_ipt", "is_test_file": false }, { "cveId": "CVE-2016-4997", "cvss": 7.8, "repo": "nccgroup/TriforceLinuxSyscallFuzzer", "file": "crash_reports/report_ipt/repro-translateTable.c", "features": [ 2, 4, 0, 93 ], "label": 0, "cve_description": "The compat IPT_SO_SET_REPLACE setsockopt in the Linux kernel allows local users to gain privileges or cause a denial of service via crafted socket calls.", "file_language": "C", "file_component": "crash_reports/report_ipt", "is_test_file": false }, { "cveId": "CVE-2016-4997", "cvss": 7.8, "repo": "nccgroup/TriforceLinuxSyscallFuzzer", "file": "crash_reports/report_pgrp/repro-pgrp-ioprioset.c", "features": [ 2, 1, 0, 93 ], "label": 0, "cve_description": "The compat IPT_SO_SET_REPLACE setsockopt in the Linux kernel allows local users to gain privileges or cause a denial of service via crafted socket calls.", "file_language": "C", "file_component": "crash_reports/report_pgrp", "is_test_file": false }, { "cveId": "CVE-2016-4997", "cvss": 7.8, "repo": "nccgroup/TriforceLinuxSyscallFuzzer", "file": "crash_reports/report_pgrp/repro-pgrp-ioprioget.c", "features": [ 2, 1, 10, 93 ], "label": 0, "cve_description": "The compat IPT_SO_SET_REPLACE setsockopt in the Linux kernel allows local users to gain privileges or cause a denial of service via crafted socket calls.", "file_language": "C", "file_component": "crash_reports/report_pgrp", "is_test_file": false }, { "cveId": "CVE-2016-4997", "cvss": 7.8, "repo": "nccgroup/TriforceLinuxSyscallFuzzer", "file": "crash_reports/report_pgrp/repro-pgrp-getpriority.c", "features": [ 2, 1, 0, 93 ], "label": 0, "cve_description": "The compat IPT_SO_SET_REPLACE setsockopt in the Linux kernel allows local users to gain privileges or cause a denial of service via crafted socket calls.", "file_language": "C", "file_component": "crash_reports/report_pgrp", "is_test_file": false }, { "cveId": "CVE-2016-4997", "cvss": 7.8, "repo": "nccgroup/TriforceLinuxSyscallFuzzer", "file": "crash_reports/report_pgrp/repro-pgrp-kill.c", "features": [ 2, 1, 20, 93 ], "label": 0, "cve_description": "The compat IPT_SO_SET_REPLACE setsockopt in the Linux kernel allows local users to gain privileges or cause a denial of service via crafted socket calls.", "file_language": "C", "file_component": "crash_reports/report_pgrp", "is_test_file": false }, { "cveId": "CVE-2016-4997", "cvss": 7.8, "repo": "nccgroup/TriforceLinuxSyscallFuzzer", "file": "crash_reports/report_tiocsserial/repro-tty2.c", "features": [ 2, 1, 0, 93 ], "label": 0, "cve_description": "The compat IPT_SO_SET_REPLACE setsockopt in the Linux kernel allows local users to gain privileges or cause a denial of service via crafted socket calls.", "file_language": "C", "file_component": "crash_reports/report_tiocsserial", "is_test_file": false }, { "cveId": "CVE-2016-4997", "cvss": 7.8, "repo": "nccgroup/TriforceLinuxSyscallFuzzer", "file": "crash_reports/report_pgrp/repro-pgrp-setpriority.c", "features": [ 2, 1, 0, 93 ], "label": 0, "cve_description": "The compat IPT_SO_SET_REPLACE setsockopt in the Linux kernel allows local users to gain privileges or cause a denial of service via crafted socket calls.", "file_language": "C", "file_component": "crash_reports/report_pgrp", "is_test_file": false }, { "cveId": "CVE-2016-4997", "cvss": 7.8, "repo": "nccgroup/TriforceLinuxSyscallFuzzer", "file": "aflCall.c", "features": [ 1, 5, 0, 78 ], "label": 0, "cve_description": "The compat IPT_SO_SET_REPLACE setsockopt in the Linux kernel allows local users to gain privileges or cause a denial of service via crafted socket calls.", "file_language": "C", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2016-4997", "cvss": 7.8, "repo": "nccgroup/TriforceLinuxSyscallFuzzer", "file": "crash_reports/report_tiocsserial/repro-tty3.c", "features": [ 2, 1, 0, 93 ], "label": 0, "cve_description": "The compat IPT_SO_SET_REPLACE setsockopt in the Linux kernel allows local users to gain privileges or cause a denial of service via crafted socket calls.", "file_language": "C", "file_component": "crash_reports/report_tiocsserial", "is_test_file": false }, { "cveId": "CVE-2016-4997", "cvss": 7.8, "repo": "nccgroup/TriforceLinuxSyscallFuzzer", "file": "crash_reports/report_tiocsserial/repro-tty1.c", "features": [ 2, 1, 0, 93 ], "label": 0, "cve_description": "The compat IPT_SO_SET_REPLACE setsockopt in the Linux kernel allows local users to gain privileges or cause a denial of service via crafted socket calls.", "file_language": "C", "file_component": "crash_reports/report_tiocsserial", "is_test_file": false }, { "cveId": "CVE-2016-4997", "cvss": 7.8, "repo": "nccgroup/TriforceLinuxSyscallFuzzer", "file": "crash_reports/report_umount2/repro-umount2.c", "features": [ 2, 0, 0, 93 ], "label": 0, "cve_description": "The compat IPT_SO_SET_REPLACE setsockopt in the Linux kernel allows local users to gain privileges or cause a denial of service via crafted socket calls.", "file_language": "C", "file_component": "crash_reports/report_umount2", "is_test_file": false }, { "cveId": "CVE-2016-4997", "cvss": 7.8, "repo": "nccgroup/TriforceLinuxSyscallFuzzer", "file": "argfd.c", "features": [ 3, 9, 50, 90 ], "label": 0, "cve_description": "The compat IPT_SO_SET_REPLACE setsockopt in the Linux kernel allows local users to gain privileges or cause a denial of service via crafted socket calls.", "file_language": "C", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2016-4997", "cvss": 7.8, "repo": "nccgroup/TriforceLinuxSyscallFuzzer", "file": "parse.c", "features": [ 1, 5, 0, 78 ], "label": 0, "cve_description": "The compat IPT_SO_SET_REPLACE setsockopt in the Linux kernel allows local users to gain privileges or cause a denial of service via crafted socket calls.", "file_language": "C", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2016-4997", "cvss": 7.8, "repo": "nccgroup/TriforceLinuxSyscallFuzzer", "file": "gen2.py", "features": [ 1, 6, 0, 78 ], "label": 0, "cve_description": "The compat IPT_SO_SET_REPLACE setsockopt in the Linux kernel allows local users to gain privileges or cause a denial of service via crafted socket calls.", "file_language": "Python", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2016-4997", "cvss": 7.8, "repo": "nccgroup/TriforceLinuxSyscallFuzzer", "file": "gen.py", "features": [ 1, 70, 20, 78 ], "label": 1, "cve_description": "The compat IPT_SO_SET_REPLACE setsockopt in the Linux kernel allows local users to gain privileges or cause a denial of service via crafted socket calls.", "file_language": "Python", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2016-4997", "cvss": 7.8, "repo": "nccgroup/TriforceLinuxSyscallFuzzer", "file": "driver.c", "features": [ 3, 8, 0, 90 ], "label": 0, "cve_description": "The compat IPT_SO_SET_REPLACE setsockopt in the Linux kernel allows local users to gain privileges or cause a denial of service via crafted socket calls.", "file_language": "C", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2016-4997", "cvss": 7.8, "repo": "nccgroup/TriforceLinuxSyscallFuzzer", "file": "drv.h", "features": [ 1, 1, 0, 78 ], "label": 0, "cve_description": "The compat IPT_SO_SET_REPLACE setsockopt in the Linux kernel allows local users to gain privileges or cause a denial of service via crafted socket calls.", "file_language": "C/C++ Header", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2016-4997", "cvss": 7.8, "repo": "nccgroup/TriforceLinuxSyscallFuzzer", "file": "heater.c", "features": [ 1, 5, 0, 78 ], "label": 0, "cve_description": "The compat IPT_SO_SET_REPLACE setsockopt in the Linux kernel allows local users to gain privileges or cause a denial of service via crafted socket calls.", "file_language": "C", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2016-4997", "cvss": 7.8, "repo": "nccgroup/TriforceLinuxSyscallFuzzer", "file": "sysc.c", "features": [ 2, 21, 10, 98 ], "label": 1, "cve_description": "The compat IPT_SO_SET_REPLACE setsockopt in the Linux kernel allows local users to gain privileges or cause a denial of service via crafted socket calls.", "file_language": "C", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2016-4997", "cvss": 7.8, "repo": "nccgroup/TriforceLinuxSyscallFuzzer", "file": "sysc.h", "features": [ 1, 1, 0, 78 ], "label": 0, "cve_description": "The compat IPT_SO_SET_REPLACE setsockopt in the Linux kernel allows local users to gain privileges or cause a denial of service via crafted socket calls.", "file_language": "C/C++ Header", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/example/src/main/java/org/apache/struts/webapp/example/memory/MemoryUserDatabase.java", "features": [ 0, 19, 40, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/example/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/mailreader/src/main/java/org/apache/struts/examples/mailreader/memory/MemorySubscription.java", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/mailreader/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/mailreader/src/main/java/org/apache/struts/examples/mailreader/memory/MemoryUser.java", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/mailreader/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/mailreader/src/main/java/org/apache/struts/examples/mailreader/memory/MemoryDatabasePlugIn.java", "features": [ 0, 11, 20, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/mailreader/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/example/src/main/java/org/apache/struts/webapp/example/memory/MemoryDatabasePlugIn.java", "features": [ 0, 11, 20, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/example/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/example/src/main/java/org/apache/struts/webapp/example/memory/MemorySubscription.java", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/example/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/example/src/main/java/org/apache/struts/webapp/example/memory/MemoryUser.java", "features": [ 0, 14, 0, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/example/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/mailreader/src/main/java/org/apache/struts/examples/mailreader/memory/MemoryUserDatabase.java", "features": [ 0, 19, 40, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/mailreader/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/tiles-documentation/src/main/java/org/apache/struts/webapp/tiles/dynPortal/RetrievePortalAction.java", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/tiles-documentation/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/tiles-documentation/src/main/java/org/apache/struts/webapp/tiles/dynPortal/PortalSettings.java", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/tiles-documentation/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/tiles-documentation/src/main/java/org/apache/struts/webapp/tiles/dynPortal/PortalPrefsForm.java", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/tiles-documentation/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/tiles-documentation/src/main/java/org/apache/struts/webapp/tiles/invoice/Address.java", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/tiles-documentation/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/tiles-documentation/src/main/java/org/apache/struts/webapp/tiles/channel/SelectChannelAction.java", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/tiles-documentation/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/tiles-documentation/src/main/java/org/apache/struts/webapp/tiles/dynPortal/SetPortalPrefsAction.java", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/tiles-documentation/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/tiles-documentation/src/main/java/org/apache/struts/webapp/tiles/channel/ChannelFactorySet.java", "features": [ 0, 19, 40, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/tiles-documentation/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/tiles-documentation/src/main/java/org/apache/struts/webapp/tiles/invoice/EditInvoiceAction.java", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/tiles-documentation/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/tiles-documentation/src/main/java/org/apache/struts/webapp/tiles/lang/SelectLocaleAction.java", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/tiles-documentation/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/tiles-documentation/src/main/java/org/apache/struts/webapp/tiles/invoice/InvoiceForm.java", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/tiles-documentation/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/tiles-documentation/src/main/java/org/apache/struts/webapp/tiles/portal/MenuSettings.java", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/tiles-documentation/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/tiles-documentation/src/main/java/org/apache/struts/webapp/tiles/portal/MenuSettingsForm.java", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/tiles-documentation/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/tiles-documentation/src/main/java/org/apache/struts/webapp/tiles/portal/PortalCatalog.java", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/tiles-documentation/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/tiles-documentation/src/main/java/org/apache/struts/webapp/tiles/portal/PortalSettings.java", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/tiles-documentation/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/tiles-documentation/src/main/java/org/apache/struts/webapp/tiles/portal/PortalSettingsForm.java", "features": [ 0, 12, 0, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/tiles-documentation/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/tiles-documentation/src/main/java/org/apache/struts/webapp/tiles/portal/UserMenuSettingsAction.java", "features": [ 0, 8, 40, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/tiles-documentation/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/tiles-documentation/src/main/java/org/apache/struts/webapp/tiles/invoice/Invoice.java", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/tiles-documentation/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/tiles-documentation/src/main/java/org/apache/struts/webapp/tiles/portal/UserPortalSettingsAction.java", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/tiles-documentation/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/tiles-documentation/src/main/java/org/apache/struts/webapp/tiles/rssChannel/Channels.java", "features": [ 0, 9, 60, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/tiles-documentation/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/tiles-documentation/src/main/java/org/apache/struts/webapp/tiles/portal/UserPortalAction.java", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/tiles-documentation/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/tiles-documentation/src/main/java/org/apache/struts/webapp/tiles/portal/UserMenuAction.java", "features": [ 0, 20, 70, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/tiles-documentation/src", "is_test_file": false }, { "cveId": "CVE-2016-1181", "cvss": 8.1, "repo": "kawasima/struts1-forever", "file": "examples/tiles-documentation/src/main/java/org/apache/struts/webapp/tiles/rssChannel/RssChannelsAction.java", "features": [ 0, 9, 60, 0 ], "label": 0, "cve_description": "Struts 1 allows remote attackers to execute arbitrary code via a crafted multipart request that triggers a ClassLoader manipulation.", "file_language": "Java", "file_component": "examples/tiles-documentation/src", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "docs/manual/developer/mod_example_2.c", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C", "file_component": "docs/manual/developer", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/arch/netware/mod_netware.c", "features": [ 0, 14, 0, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C", "file_component": "modules/arch/netware", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "docs/manual/developer/mod_example_1.c", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C", "file_component": "docs/manual/developer", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/arch/unix/mod_systemd.c", "features": [ 0, 15, 0, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C", "file_component": "modules/arch/unix", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/arch/netware/libprews.c", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C", "file_component": "modules/arch/netware", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/arch/unix/mod_privileges.c", "features": [ 0, 39, 60, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C", "file_component": "modules/arch/unix", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "docs/manual/style/scripts/prettify.js", "features": [ 0, 100, 80, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "JavaScript", "file_component": "docs/manual/style", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/arch/netware/mod_nw_ssl.c", "features": [ 0, 80, 30, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C", "file_component": "modules/arch/netware", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/arch/unix/mod_unixd.h", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C/C++ Header", "file_component": "modules/arch/unix", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/arch/unix/mod_unixd.c", "features": [ 0, 46, 30, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C", "file_component": "modules/arch/unix", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/dav/fs/dbm.c", "features": [ 0, 48, 60, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C", "file_component": "modules/dav/fs", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/arch/win32/mod_isapi.h", "features": [ 0, 66, 0, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C/C++ Header", "file_component": "modules/arch/win32", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/arch/win32/mod_win32.c", "features": [ 0, 36, 30, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C", "file_component": "modules/arch/win32", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/dav/fs/quota.c", "features": [ 0, 26, 0, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C", "file_component": "modules/dav/fs", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/arch/win32/mod_isapi.c", "features": [ 0, 92, 100, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C", "file_component": "modules/arch/win32", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/dav/fs/repos.h", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C/C++ Header", "file_component": "modules/dav/fs", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/dav/fs/mod_dav_fs.c", "features": [ 0, 22, 0, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C", "file_component": "modules/dav/fs", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/dav/lock/locks.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C/C++ Header", "file_component": "modules/dav/lock", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/dav/fs/lock.c", "features": [ 0, 88, 100, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C", "file_component": "modules/dav/fs", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/dav/fs/repos.c", "features": [ 0, 100, 100, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C", "file_component": "modules/dav/fs", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/dav/lock/mod_dav_lock.c", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C", "file_component": "modules/dav/lock", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/dav/main/liveprop.c", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C", "file_component": "modules/dav/main", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/dav/lock/locks.c", "features": [ 0, 76, 100, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C", "file_component": "modules/dav/lock", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/dav/main/providers.c", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C", "file_component": "modules/dav/main", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/dav/main/props.c", "features": [ 0, 81, 100, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C", "file_component": "modules/dav/main", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/dav/main/ms_wdv.c", "features": [ 0, 42, 30, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C", "file_component": "modules/dav/main", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/dav/main/std_liveprop.c", "features": [ 0, 11, 30, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C", "file_component": "modules/dav/main", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/dav/main/mod_dav.h", "features": [ 0, 100, 40, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C/C++ Header", "file_component": "modules/dav/main", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/dav/main/mod_dav.c", "features": [ 0, 100, 100, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C", "file_component": "modules/dav/main", "is_test_file": false }, { "cveId": "CVE-2016-4979", "cvss": 7.5, "repo": "apache/httpd", "file": "modules/dav/main/util.c", "features": [ 0, 100, 90, 0 ], "label": 0, "cve_description": "Apache HTTP Server allows remote attackers to bypass authentication via a crafted request using the experimental mod_http2 module.", "file_language": "C", "file_component": "modules/dav/main", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/Cookie/SessionCookieJar.php", "features": [ 2, 12, 0, 51 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src/Cookie", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/Exception/ClientException.php", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src/Exception", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/Cookie/FileCookieJar.php", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src/Cookie", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/Exception/ConnectException.php", "features": [ 0, 9, 10, 0 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src/Exception", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/Cookie/CookieJarInterface.php", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src/Cookie", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/Exception/BadResponseException.php", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src/Exception", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/Cookie/SetCookie.php", "features": [ 2, 77, 0, 81 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src/Cookie", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/Cookie/CookieJar.php", "features": [ 2, 53, 0, 81 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src/Cookie", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/Exception/GuzzleException.php", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src/Exception", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/Exception/InvalidArgumentException.php", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src/Exception", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/Exception/TooManyRedirectsException.php", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src/Exception", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/Exception/ServerException.php", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src/Exception", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/Exception/RequestException.php", "features": [ 3, 22, 10, 81 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src/Exception", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/Exception/TransferException.php", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src/Exception", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/Handler/CurlFactoryInterface.php", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src/Handler", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/Handler/CurlFactory.php", "features": [ 2, 89, 60, 81 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src/Handler", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/Handler/CurlHandler.php", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src/Handler", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/Handler/HeaderProcessor.php", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src/Handler", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/Handler/EasyHandle.php", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src/Handler", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/Handler/MockHandler.php", "features": [ 2, 33, 0, 19 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src/Handler", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/Handler/Proxy.php", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src/Handler", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/Handler/StreamHandler.php", "features": [ 10, 86, 20, 81 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src/Handler", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/Handler/CurlMultiHandler.php", "features": [ 0, 38, 20, 0 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src/Handler", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "docs/conf.py", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "Python", "file_component": "docs", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/BodySummarizer.php", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/BodySummarizerInterface.php", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/ClientInterface.php", "features": [ 3, 14, 0, 97 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/Client.php", "features": [ 10, 54, 20, 97 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/HandlerStack.php", "features": [ 0, 64, 40, 0 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-5385", "cvss": 8.1, "repo": "guzzle/guzzle", "file": "src/ClientTrait.php", "features": [ 0, 40, 0, 0 ], "label": 0, "cve_description": "PHP allows remote attackers to conduct man-in-the-middle attacks via the HTTP_PROXY environment variable (HTTPoxy vulnerability).", "file_language": "PHP", "file_component": "src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_codeblock.h", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_bitbuffer_read.h", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_bitbuffer_write.h", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_codestream.cpp", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C++", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_codestream_avx.cpp", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C++", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_codeblock_fun.cpp", "features": [ 0, 26, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C++", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_codeblock.cpp", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C++", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_codeblock_fun.h", "features": [ 0, 54, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_codestream_gen.cpp", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C++", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_codestream_avx2.cpp", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C++", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_codestream_local.h", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_codestream_sse2.cpp", "features": [ 0, 15, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C++", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_codestream_sse.cpp", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C++", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_codestream_wasm.cpp", "features": [ 0, 14, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C++", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_codestream_local.cpp", "features": [ 0, 62, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C++", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_params_local.h", "features": [ 0, 61, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_precinct.cpp", "features": [ 0, 29, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C++", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_params.cpp", "features": [ 0, 100, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C++", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_precinct.h", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_resolution.cpp", "features": [ 0, 52, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C++", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_resolution.h", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_subband.cpp", "features": [ 0, 19, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C++", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_subband.h", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_tile.h", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_tile.cpp", "features": [ 0, 45, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C++", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_tile_comp.cpp", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C++", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/codestream/ojph_tile_comp.h", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/coding/ojph_block_common.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/coding/ojph_block_common.cpp", "features": [ 0, 17, 50, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C++", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-4630", "cvss": 8.8, "repo": "openexr/openexr", "file": "external/OpenJPH/src/core/coding/ojph_block_decoder.h", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "OpenEXR allows remote attackers to execute arbitrary code via a crafted EXR image that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "external/OpenJPH/src", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/chaincontextsubst/ChainSubClassSet.java", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/chaincontextsubst/ChainSubClassRule.java", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/chaincontextsubst/ChainSubRuleSetArray.java", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/chaincontextsubst/ChainSubGenericRule.java", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/chaincontextsubst/ChainSubRule.java", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/chaincontextsubst/ChainSubGenericRuleSet.java", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/chaincontextsubst/ChainSubClassSetArray.java", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/chaincontextsubst/ChainSubRuleSet.java", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/chaincontextsubst/CoverageArray.java", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/chaincontextsubst/InnerArraysFmt3.java", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/classdef/InnerArrayFmt1.java", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/component/GlyphList.java", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/component/GlyphClassList.java", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/component/HeaderTable.java", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/component/GsubLookupType.java", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/component/GlyphGroup.java", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/component/NumRecordList.java", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/component/LookupFlag.java", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/component/LookupType.java", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/component/OneToManySubst.java", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/component/NumRecord.java", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/component/OffsetRecordTable.java", "features": [ 0, 18, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/component/RangeRecord.java", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/component/NumRecordTable.java", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/component/RecordList.java", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/component/RangeRecordList.java", "features": [ 0, 1, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/component/RangeRecordTable.java", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/component/Rule.java", "features": [ 0, 26, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/component/RecordsTable.java", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-1709", "cvss": 8.8, "repo": "googlei18n/sfntly", "file": "java/src/com/google/typography/font/sfntly/table/opentype/component/Record.java", "features": [ 0, 0, 0, 0 ], "label": 0, "cve_description": "The sfntly library used in Google Chrome allows remote attackers to cause a heap buffer overflow via a crafted SFNT font.", "file_language": "Java", "file_component": "java/src/com", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/HI2Operations/packet-HI2Operations-template.c", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/acp133/packet-acp133-template.c", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/akp/packet-akp-template.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C/C++ Header", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/akp/packet-akp-template.c", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/acse/packet-acse-template.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C/C++ Header", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/HI2Operations/packet-HI2Operations-template.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C/C++ Header", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/acse/packet-acse-template.c", "features": [ 0, 21, 60, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/ain/packet-ain-template.c", "features": [ 0, 15, 0, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/ansi_map/packet-ansi_map-template.h", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C/C++ Header", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/ansi_tcap/packet-ansi_tcap-template.h", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C/C++ Header", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/atn-cm/packet-atn-cm-template.c", "features": [ 0, 11, 0, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/atn-ulcs/packet-atn-ulcs-template.h", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C/C++ Header", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/atn-cpdlc/packet-atn-cpdlc-template.c", "features": [ 0, 18, 0, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/atn-ulcs/packet-atn-ulcs-template.c", "features": [ 0, 48, 10, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/c1222/packet-c1222-template.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C/C++ Header", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/camel/packet-camel-template.h", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C/C++ Header", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/ansi_tcap/packet-ansi_tcap-template.c", "features": [ 0, 100, 60, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/cbrs-oids/packet-cbrs-oids-template.c", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/cdt/packet-cdt-template.c", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/ansi_map/packet-ansi_map-template.c", "features": [ 0, 100, 90, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/c1222/packet-c1222-template.c", "features": [ 0, 79, 10, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/camel/packet-camel-template.c", "features": [ 0, 100, 100, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/cdt/packet-cdt-template.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C/C++ Header", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/charging_ase/packet-charging_ase-template.c", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/cmip/packet-cmip-template.c", "features": [ 0, 10, 20, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/charging_ase/packet-charging_ase-template.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C/C++ Header", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/cmip/packet-cmip-template.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C/C++ Header", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/cms/packet-cms-template.c", "features": [ 0, 11, 10, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/cmp/packet-cmp-template.h", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C/C++ Header", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-5350", "cvss": 7.5, "repo": "wireshark/wireshark", "file": "epan/dissectors/asn1/cmp/packet-cmp-template.c", "features": [ 0, 20, 20, 0 ], "label": 0, "cve_description": "Wireshark allows remote attackers to cause a denial of service via a crafted SPOOLS packet that triggers an infinite loop.", "file_language": "C", "file_component": "epan/dissectors/asn1", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "regress/misc/fuzz-harness/mkcorpus_sntrup761.c", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C", "file_component": "regress/misc/fuzz-harness", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "regress/misc/fuzz-harness/agent_fuzz_helper.c", "features": [ 0, 9, 20, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C", "file_component": "regress/misc/fuzz-harness", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "contrib/gnome-ssh-askpass1.c", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C", "file_component": "contrib", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "regress/misc/sk-dummy/fatal.c", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C", "file_component": "regress/misc/sk-dummy", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "contrib/gnome-ssh-askpass3.c", "features": [ 0, 15, 10, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C", "file_component": "contrib", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "regress/misc/sk-dummy/sk-dummy.c", "features": [ 0, 37, 100, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C", "file_component": "regress/misc/sk-dummy", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "regress/misc/fuzz-harness/fixed-keys.h", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C/C++ Header", "file_component": "regress/misc/fuzz-harness", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "contrib/gnome-ssh-askpass2.c", "features": [ 0, 17, 10, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C", "file_component": "contrib", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "openbsd-compat/arc4random.h", "features": [ 0, 7, 0, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C/C++ Header", "file_component": "openbsd-compat", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "openbsd-compat/basename.c", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C", "file_component": "openbsd-compat", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "openbsd-compat/arc4random.c", "features": [ 0, 23, 0, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C", "file_component": "openbsd-compat", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "openbsd-compat/base64.h", "features": [ 1, 15, 0, 94 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C/C++ Header", "file_component": "openbsd-compat", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "contrib/gnome-ssh-askpass4.c", "features": [ 0, 17, 10, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C", "file_component": "contrib", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "openbsd-compat/arc4random_uniform.c", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C", "file_component": "openbsd-compat", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "openbsd-compat/bcrypt_pbkdf.c", "features": [ 0, 25, 0, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C", "file_component": "openbsd-compat", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "openbsd-compat/base64.c", "features": [ 0, 18, 0, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C", "file_component": "openbsd-compat", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "openbsd-compat/bindresvport.c", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C", "file_component": "openbsd-compat", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "openbsd-compat/blf.h", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C/C++ Header", "file_component": "openbsd-compat", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "openbsd-compat/blowfish.c", "features": [ 0, 41, 10, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C", "file_component": "openbsd-compat", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "openbsd-compat/bsd-closefrom.c", "features": [ 0, 28, 0, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C", "file_component": "openbsd-compat", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "openbsd-compat/bsd-asprintf.c", "features": [ 1, 13, 0, 94 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C", "file_component": "openbsd-compat", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "openbsd-compat/bsd-cygwin_util.c", "features": [ 1, 20, 0, 94 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C", "file_component": "openbsd-compat", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "openbsd-compat/bsd-err.c", "features": [ 0, 10, 0, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C", "file_component": "openbsd-compat", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "openbsd-compat/bsd-cygwin_util.h", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C/C++ Header", "file_component": "openbsd-compat", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "openbsd-compat/bsd-getline.c", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C", "file_component": "openbsd-compat", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "openbsd-compat/bsd-getpagesize.c", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C", "file_component": "openbsd-compat", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "openbsd-compat/bsd-getentropy.c", "features": [ 0, 16, 0, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C", "file_component": "openbsd-compat", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "openbsd-compat/bsd-flock.c", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C", "file_component": "openbsd-compat", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "openbsd-compat/bsd-malloc.c", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C", "file_component": "openbsd-compat", "is_test_file": false }, { "cveId": "CVE-2016-6515", "cvss": 7.5, "repo": "openssh/openssh-portable", "file": "openbsd-compat/bsd-getpeereid.c", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "OpenSSH before 7.3 allows remote attackers to cause a denial of service via a crafted password of excessive length.", "file_language": "C", "file_component": "openbsd-compat", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-af.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-bs.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-ar-DZ.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-az.js", "features": [ 0, 2, 10, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-be.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-ca.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-ar.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-bg.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-de.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-da.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-en-AU.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-el.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-de-AT.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-cy-GB.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-en-GB.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-en-NZ.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-cs.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-eo.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-eu.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-es.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-et.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-fi.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-fa.js", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-fr-CA.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-fo.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-gl.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-fr-CH.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-he.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-fr.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-4069", "cvss": 8.8, "repo": "roundcube/roundcubemail", "file": "plugins/jqueryui/js/i18n/datepicker-hi.js", "features": [ 0, 2, 0, 0 ], "label": 0, "cve_description": "Roundcube Webmail allows remote attackers to conduct CSRF attacks via a crafted email message.", "file_language": "JavaScript", "file_component": "plugins/jqueryui/js", "is_test_file": false }, { "cveId": "CVE-2016-2183", "cvss": 7.5, "repo": "ssllabs/ssllabs-scan", "file": "ssllabs-scan-v4.go", "features": [ 0, 100, 100, 0 ], "label": 0, "cve_description": "The DES and Triple DES ciphers have a birthday attack vulnerability (SWEET32) that allows remote attackers to obtain cleartext data.", "file_language": "Go", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2016-2183", "cvss": 7.5, "repo": "ssllabs/ssllabs-scan", "file": "deprecated-clients/ssllabs-scan-v3.go", "features": [ 0, 98, 100, 0 ], "label": 0, "cve_description": "The DES and Triple DES ciphers have a birthday attack vulnerability (SWEET32) that allows remote attackers to obtain cleartext data.", "file_language": "Go", "file_component": "deprecated-clients", "is_test_file": false }, { "cveId": "CVE-2016-2183", "cvss": 7.5, "repo": "ssllabs/ssllabs-scan", "file": "ssllabs-scan-v4-register.go", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "The DES and Triple DES ciphers have a birthday attack vulnerability (SWEET32) that allows remote attackers to obtain cleartext data.", "file_language": "Go", "file_component": "root", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/jpip/opj_viewer/src/ImageViewer.java", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "Java", "file_component": "src/bin/jpip", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/jpip/opj_viewer/src/MML.java", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "Java", "file_component": "src/bin/jpip", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/jpip/opj_viewer/src/ImageManager.java", "features": [ 0, 7, 10, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "Java", "file_component": "src/bin/jpip", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/jpip/opj_viewer/src/ImageWindow.java", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "Java", "file_component": "src/bin/jpip", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/jpip/opj_viewer/src/JPIPHttpClient.java", "features": [ 0, 25, 0, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "Java", "file_component": "src/bin/jpip", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "wrapping/java/openjp2/java-sources/org/openJpeg/OpenJPEGJavaDecoder.java", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "Java", "file_component": "wrapping/java/openjp2", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/jpip/opj_viewer/src/ImgdecClient.java", "features": [ 0, 18, 0, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "Java", "file_component": "src/bin/jpip", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "wrapping/java/openjp2/java-sources/org/openJpeg/OpenJPEGJavaEncoder.java", "features": [ 0, 17, 10, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "Java", "file_component": "wrapping/java/openjp2", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/jpip/opj_viewer_xerces/src/ImageViewer.java", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "Java", "file_component": "src/bin/jpip", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/jpip/opj_viewer_xerces/src/JP2XMLparser.java", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "Java", "file_component": "src/bin/jpip", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/jpip/opj_viewer/src/PnmImage.java", "features": [ 0, 8, 0, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "Java", "file_component": "src/bin/jpip", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/jpip/opj_viewer/src/RegimViewer.java", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "Java", "file_component": "src/bin/jpip", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/jpip/opj_viewer/src/ResizeListener.java", "features": [ 0, 3, 0, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "Java", "file_component": "src/bin/jpip", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/jpip/opj_viewer_xerces/src/ImageWindow.java", "features": [ 0, 6, 0, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "Java", "file_component": "src/bin/jpip", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/jpip/opj_viewer_xerces/src/OptionPanel.java", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "Java", "file_component": "src/bin/jpip", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/wx/OPJViewer/source/OPJAbout.cpp", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "C++", "file_component": "src/bin/wx", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/wx/OPJViewer/source/OPJViewer.cpp", "features": [ 0, 100, 40, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "C++", "file_component": "src/bin/wx", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/wx/OPJViewer/source/about_htm.h", "features": [ 0, 9, 0, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "src/bin/wx", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/wx/OPJViewer/source/OPJViewer.h", "features": [ 0, 80, 10, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "src/bin/wx", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/wx/OPJViewer/source/OPJThreads.cpp", "features": [ 0, 92, 20, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "C++", "file_component": "src/bin/wx", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/wx/OPJViewer/source/imagjpeg2000.h", "features": [ 0, 17, 0, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "src/bin/wx", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/wx/OPJViewer/source/OPJDialogs.cpp", "features": [ 0, 87, 0, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "C++", "file_component": "src/bin/wx", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/wx/OPJViewer/source/imagjpeg2000.cpp", "features": [ 0, 100, 30, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "C++", "file_component": "src/bin/wx", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/wx/OPJViewer/source/imagmxf.cpp", "features": [ 0, 61, 40, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "C++", "file_component": "src/bin/wx", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/wx/OPJViewer/source/wxj2kparser.cpp", "features": [ 0, 94, 0, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "C++", "file_component": "src/bin/wx", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/wx/OPJViewer/source/imagmxf.h", "features": [ 0, 13, 0, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "src/bin/wx", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/common/color.c", "features": [ 0, 89, 70, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "C", "file_component": "src/bin/common", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/common/color.h", "features": [ 0, 4, 0, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "src/bin/common", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/common/format_defs.h", "features": [ 0, 5, 0, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "C/C++ Header", "file_component": "src/bin/common", "is_test_file": false }, { "cveId": "CVE-2016-5157", "cvss": 8.8, "repo": "uclouvain/openjpeg", "file": "src/bin/wx/OPJViewer/source/wxjp2parser.cpp", "features": [ 0, 70, 10, 0 ], "label": 0, "cve_description": "OpenJPEG allows remote attackers to execute arbitrary code via a crafted JPEG 2000 image that triggers a heap buffer overflow.", "file_language": "C++", "file_component": "src/bin/wx", "is_test_file": false }, { "cveId": "CVE-2017-0144", "repo": "server/buffer", "file": "fs/smb.h", "label": 0, "features": [ 13, 19, 8, 3 ], "cvss": 9.8, "cve_description": "SMB server buffer overflow allows remote code execution via crafted packets", "file_language": "C", "file_component": "smb", "is_test_file": false }, { "cveId": "CVE-2017-0144", "repo": "server/buffer", "file": "api/client1.go", "label": 0, "features": [ 10, 49, 6, 43 ], "cvss": 9.8, "cve_description": "SMB server buffer overflow allows remote code execution via crafted packets", "file_language": "Go", "file_component": "server", "is_test_file": false }, { "cveId": "CVE-2017-0144", "repo": "server/buffer", "file": "lib/packet2.h", "label": 0, "features": [ 38, 21, 0, 58 ], "cvss": 9.8, "cve_description": "SMB server buffer overflow allows remote code execution via crafted packets", "file_language": "C", "file_component": "packet", "is_test_file": false }, { "cveId": "CVE-2017-0144", "repo": "server/buffer", "file": "server/client3.go", "label": 0, "features": [ 4, 7, 3, 37 ], "cvss": 9.8, "cve_description": "SMB server buffer overflow allows remote code execution via crafted packets", "file_language": "Go", "file_component": "smb", "is_test_file": false }, { "cveId": "CVE-2017-0144", "repo": "server/buffer", "file": "include/packet4.cc", "label": 1, "features": [ 41, 82, 10, 39 ], "cvss": 9.8, "cve_description": "SMB server buffer overflow allows remote code execution via crafted packets", "file_language": "C++", "file_component": "parse", "is_test_file": false }, { "cveId": "CVE-2017-0144", "repo": "server/buffer", "file": "core/server5.h", "label": 0, "features": [ 20, 58, 0, 29 ], "cvss": 9.8, "cve_description": "SMB server buffer overflow allows remote code execution via crafted packets", "file_language": "C", "file_component": "server", "is_test_file": false }, { "cveId": "CVE-2017-0144", "repo": "server/buffer", "file": "cmd/parse6.go", "label": 0, "features": [ 25, 46, 7, 18 ], "cvss": 9.8, "cve_description": "SMB server buffer overflow allows remote code execution via crafted packets", "file_language": "Go", "file_component": "packet", "is_test_file": false }, { "cveId": "CVE-2017-0144", "repo": "server/buffer", "file": "mm/server7.h", "label": 0, "features": [ 32, 36, 1, 6 ], "cvss": 9.8, "cve_description": "SMB server buffer overflow allows remote code execution via crafted packets", "file_language": "C", "file_component": "packet", "is_test_file": false }, { "cveId": "CVE-2017-5638", "repo": "apache/struts", "file": "service/Filter.java", "label": 0, "features": [ 35, 60, 0, 14 ], "cvss": 10.0, "cve_description": "Apache Struts content-type header parsing allows remote code execution", "file_language": "Java", "file_component": "struts", "is_test_file": false }, { "cveId": "CVE-2017-5638", "repo": "apache/struts", "file": "util/upload1.java", "label": 0, "features": [ 10, 34, 0, 33 ], "cvss": 10.0, "cve_description": "Apache Struts content-type header parsing allows remote code execution", "file_language": "Java", "file_component": "parser", "is_test_file": false }, { "cveId": "CVE-2017-5638", "repo": "apache/struts", "file": "network/content2.hpp", "label": 1, "features": [ 84, 89, 18, 30 ], "cvss": 10.0, "cve_description": "Apache Struts content-type header parsing allows remote code execution", "file_language": "C++", "file_component": "parser", "is_test_file": false }, { "cveId": "CVE-2017-5638", "repo": "apache/struts", "file": "web/content3.java", "label": 0, "features": [ 36, 10, 1, 62 ], "cvss": 10.0, "cve_description": "Apache Struts content-type header parsing allows remote code execution", "file_language": "Java", "file_component": "struts", "is_test_file": false }, { "cveId": "CVE-2017-5638", "repo": "apache/struts", "file": "security/upload4.java", "label": 0, "features": [ 13, 39, 3, 39 ], "cvss": 10.0, "cve_description": "Apache Struts content-type header parsing allows remote code execution", "file_language": "Java", "file_component": "content", "is_test_file": false }, { "cveId": "CVE-2017-5638", "repo": "apache/struts", "file": "service/content5.java", "label": 0, "features": [ 4, 26, 0, 70 ], "cvss": 10.0, "cve_description": "Apache Struts content-type header parsing allows remote code execution", "file_language": "Java", "file_component": "parser", "is_test_file": false }, { "cveId": "CVE-2017-5638", "repo": "apache/struts", "file": "security/struts6.java", "label": 0, "features": [ 21, 9, 8, 30 ], "cvss": 10.0, "cve_description": "Apache Struts content-type header parsing allows remote code execution", "file_language": "Java", "file_component": "struts", "is_test_file": false }, { "cveId": "CVE-2017-5638", "repo": "apache/struts", "file": "security/upload7.java", "label": 0, "features": [ 26, 17, 1, 12 ], "cvss": 10.0, "cve_description": "Apache Struts content-type header parsing allows remote code execution", "file_language": "Java", "file_component": "content", "is_test_file": false }, { "cveId": "CVE-2018-1000001", "repo": "glibc/getcwd", "file": "security/getcwd.c", "label": 0, "features": [ 34, 33, 2, 54 ], "cvss": 7.8, "cve_description": "glibc getcwd heap buffer underflow", "file_language": "C", "file_component": "glibc", "is_test_file": false }, { "cveId": "CVE-2018-1000001", "repo": "glibc/getcwd", "file": "crypto/glibc1.c", "label": 1, "features": [ 26, 99, 26, 60 ], "cvss": 7.8, "cve_description": "glibc getcwd heap buffer underflow", "file_language": "C", "file_component": "glibc", "is_test_file": false }, { "cveId": "CVE-2018-1000001", "repo": "glibc/getcwd", "file": "security/realpath2.c", "label": 0, "features": [ 16, 55, 7, 36 ], "cvss": 7.8, "cve_description": "glibc getcwd heap buffer underflow", "file_language": "C", "file_component": "getcwd", "is_test_file": false }, { "cveId": "CVE-2018-1000001", "repo": "glibc/getcwd", "file": "app/model3.rb", "label": 0, "features": [ 37, 52, 8, 7 ], "cvss": 7.8, "cve_description": "glibc getcwd heap buffer underflow", "file_language": "Ruby", "file_component": "getcwd", "is_test_file": false }, { "cveId": "CVE-2018-1000001", "repo": "glibc/getcwd", "file": "fs/glibc4.c", "label": 0, "features": [ 11, 9, 1, 30 ], "cvss": 7.8, "cve_description": "glibc getcwd heap buffer underflow", "file_language": "C", "file_component": "realpath", "is_test_file": false }, { "cveId": "CVE-2018-1000001", "repo": "glibc/getcwd", "file": "utils/models5.py", "label": 0, "features": [ 36, 38, 5, 33 ], "cvss": 7.8, "cve_description": "glibc getcwd heap buffer underflow", "file_language": "Python", "file_component": "glibc", "is_test_file": false }, { "cveId": "CVE-2018-1000001", "repo": "glibc/getcwd", "file": "api/serializers6.py", "label": 0, "features": [ 4, 5, 7, 12 ], "cvss": 7.8, "cve_description": "glibc getcwd heap buffer underflow", "file_language": "Python", "file_component": "path", "is_test_file": false }, { "cveId": "CVE-2018-1000001", "repo": "glibc/getcwd", "file": "core/config7.c", "label": 0, "features": [ 23, 23, 2, 56 ], "cvss": 7.8, "cve_description": "glibc getcwd heap buffer underflow", "file_language": "C", "file_component": "path", "is_test_file": true }, { "cveId": "CVE-2018-1000001", "repo": "glibc/getcwd", "file": "lib/glibc8.h", "label": 0, "features": [ 35, 14, 4, 36 ], "cvss": 7.8, "cve_description": "glibc getcwd heap buffer underflow", "file_language": "C", "file_component": "path", "is_test_file": false }, { "cveId": "CVE-2018-1000001", "repo": "glibc/getcwd", "file": "utils/admin9.py", "label": 0, "features": [ 3, 10, 6, 35 ], "cvss": 7.8, "cve_description": "glibc getcwd heap buffer underflow", "file_language": "Python", "file_component": "path", "is_test_file": false }, { "cveId": "CVE-2018-1000001", "repo": "glibc/getcwd", "file": "kernel/parser10.h", "label": 1, "features": [ 69, 75, 2, 44 ], "cvss": 7.8, "cve_description": "glibc getcwd heap buffer underflow", "file_language": "C", "file_component": "getcwd", "is_test_file": false }, { "cveId": "CVE-2018-1000001", "repo": "glibc/getcwd", "file": "util/Handler11.java", "label": 0, "features": [ 2, 24, 5, 5 ], "cvss": 7.8, "cve_description": "glibc getcwd heap buffer underflow", "file_language": "Java", "file_component": "glibc", "is_test_file": true }, { "cveId": "CVE-2018-1000001", "repo": "glibc/getcwd", "file": "lib/config12.h", "label": 0, "features": [ 9, 20, 2, 22 ], "cvss": 7.8, "cve_description": "glibc getcwd heap buffer underflow", "file_language": "C", "file_component": "getcwd", "is_test_file": false }, { "cveId": "CVE-2018-1000001", "repo": "glibc/getcwd", "file": "security/glibc13.h", "label": 1, "features": [ 63, 95, 3, 90 ], "cvss": 7.8, "cve_description": "glibc getcwd heap buffer underflow", "file_language": "C", "file_component": "path", "is_test_file": false }, { "cveId": "CVE-2018-1000001", "repo": "glibc/getcwd", "file": "models/getcwd14.rb", "label": 1, "features": [ 66, 61, 10, 38 ], "cvss": 7.8, "cve_description": "glibc getcwd heap buffer underflow", "file_language": "Ruby", "file_component": "path", "is_test_file": false }, { "cveId": "CVE-2018-1000001", "repo": "glibc/getcwd", "file": "fs/path15.c", "label": 0, "features": [ 11, 42, 4, 4 ], "cvss": 7.8, "cve_description": "glibc getcwd heap buffer underflow", "file_language": "C", "file_component": "realpath", "is_test_file": false }, { "cveId": "CVE-2018-1000001", "repo": "glibc/getcwd", "file": "security/getcwd16.c", "label": 0, "features": [ 16, 7, 6, 0 ], "cvss": 7.8, "cve_description": "glibc getcwd heap buffer underflow", "file_language": "C", "file_component": "path", "is_test_file": false }, { "cveId": "CVE-2018-1000001", "repo": "glibc/getcwd", "file": "api/models17.py", "label": 0, "features": [ 7, 51, 4, 64 ], "cvss": 7.8, "cve_description": "glibc getcwd heap buffer underflow", "file_language": "Python", "file_component": "path", "is_test_file": false }, { "cveId": "CVE-2019-11477", "repo": "linux/kernel", "file": "core/socket.h", "label": 0, "features": [ 0, 24, 4, 26 ], "cvss": 7.5, "cve_description": "Linux kernel TCP SACK panic from integer overflow in tcp_gso_segments", "file_language": "C", "file_component": "gso", "is_test_file": false }, { "cveId": "CVE-2019-11477", "repo": "linux/kernel", "file": "crypto/alloc1.h", "label": 0, "features": [ 32, 35, 2, 10 ], "cvss": 7.5, "cve_description": "Linux kernel TCP SACK panic from integer overflow in tcp_gso_segments", "file_language": "C", "file_component": "segment", "is_test_file": false }, { "cveId": "CVE-2019-11477", "repo": "linux/kernel", "file": "lib/sack2.h", "label": 0, "features": [ 9, 6, 0, 31 ], "cvss": 7.5, "cve_description": "Linux kernel TCP SACK panic from integer overflow in tcp_gso_segments", "file_language": "C", "file_component": "segment", "is_test_file": false }, { "cveId": "CVE-2019-11477", "repo": "linux/kernel", "file": "crypto/io3.c", "label": 0, "features": [ 24, 36, 6, 31 ], "cvss": 7.5, "cve_description": "Linux kernel TCP SACK panic from integer overflow in tcp_gso_segments", "file_language": "C", "file_component": "tcp", "is_test_file": false }, { "cveId": "CVE-2019-11477", "repo": "linux/kernel", "file": "security/handler4.c", "label": 1, "features": [ 81, 69, 3, 61 ], "cvss": 7.5, "cve_description": "Linux kernel TCP SACK panic from integer overflow in tcp_gso_segments", "file_language": "C", "file_component": "tcp", "is_test_file": false }, { "cveId": "CVE-2019-11477", "repo": "linux/kernel", "file": "crypto/buffer5.h", "label": 1, "features": [ 71, 79, 28, 94 ], "cvss": 7.5, "cve_description": "Linux kernel TCP SACK panic from integer overflow in tcp_gso_segments", "file_language": "C", "file_component": "sack", "is_test_file": false }, { "cveId": "CVE-2019-11477", "repo": "linux/kernel", "file": "controllers/helper6.rb", "label": 1, "features": [ 50, 89, 26, 96 ], "cvss": 7.5, "cve_description": "Linux kernel TCP SACK panic from integer overflow in tcp_gso_segments", "file_language": "Ruby", "file_component": "sack", "is_test_file": false }, { "cveId": "CVE-2019-11477", "repo": "linux/kernel", "file": "lib/segment7.c", "label": 0, "features": [ 34, 10, 2, 19 ], "cvss": 7.5, "cve_description": "Linux kernel TCP SACK panic from integer overflow in tcp_gso_segments", "file_language": "C", "file_component": "gso", "is_test_file": false }, { "cveId": "CVE-2019-11477", "repo": "linux/kernel", "file": "lib/gso8.h", "label": 0, "features": [ 26, 8, 3, 53 ], "cvss": 7.5, "cve_description": "Linux kernel TCP SACK panic from integer overflow in tcp_gso_segments", "file_language": "C", "file_component": "sack", "is_test_file": false }, { "cveId": "CVE-2019-11477", "repo": "linux/kernel", "file": "crypto/gso9.h", "label": 0, "features": [ 26, 39, 8, 28 ], "cvss": 7.5, "cve_description": "Linux kernel TCP SACK panic from integer overflow in tcp_gso_segments", "file_language": "C", "file_component": "gso", "is_test_file": false }, { "cveId": "CVE-2019-11477", "repo": "linux/kernel", "file": "src/io10.h", "label": 0, "features": [ 25, 51, 2, 59 ], "cvss": 7.5, "cve_description": "Linux kernel TCP SACK panic from integer overflow in tcp_gso_segments", "file_language": "C", "file_component": "gso", "is_test_file": false }, { "cveId": "CVE-2019-11477", "repo": "linux/kernel", "file": "mm/gso11.c", "label": 1, "features": [ 32, 95, 16, 53 ], "cvss": 7.5, "cve_description": "Linux kernel TCP SACK panic from integer overflow in tcp_gso_segments", "file_language": "C", "file_component": "gso", "is_test_file": false }, { "cveId": "CVE-2019-11477", "repo": "linux/kernel", "file": "crypto/config12.h", "label": 0, "features": [ 24, 22, 6, 32 ], "cvss": 7.5, "cve_description": "Linux kernel TCP SACK panic from integer overflow in tcp_gso_segments", "file_language": "C", "file_component": "sack", "is_test_file": true }, { "cveId": "CVE-2019-11477", "repo": "linux/kernel", "file": "drivers/handler13.c", "label": 0, "features": [ 2, 53, 0, 31 ], "cvss": 7.5, "cve_description": "Linux kernel TCP SACK panic from integer overflow in tcp_gso_segments", "file_language": "C", "file_component": "tcp", "is_test_file": false }, { "cveId": "CVE-2020-0601", "repo": "windows/cryptoapi", "file": "crypto/crypto.h", "label": 0, "features": [ 10, 24, 1, 3 ], "cvss": 8.1, "cve_description": "Windows CryptoAPI spoofing vulnerability in certificate validation", "file_language": "C", "file_component": "cert", "is_test_file": false }, { "cveId": "CVE-2020-0601", "repo": "windows/cryptoapi", "file": "security/handler1.c", "label": 0, "features": [ 40, 20, 1, 38 ], "cvss": 8.1, "cve_description": "Windows CryptoAPI spoofing vulnerability in certificate validation", "file_language": "C", "file_component": "ecc", "is_test_file": false }, { "cveId": "CVE-2020-0601", "repo": "windows/cryptoapi", "file": "mm/main2.h", "label": 1, "features": [ 62, 44, 18, 73 ], "cvss": 8.1, "cve_description": "Windows CryptoAPI spoofing vulnerability in certificate validation", "file_language": "C", "file_component": "crypto", "is_test_file": false }, { "cveId": "CVE-2020-0601", "repo": "windows/cryptoapi", "file": "lib/io3.h", "label": 1, "features": [ 73, 85, 6, 85 ], "cvss": 8.1, "cve_description": "Windows CryptoAPI spoofing vulnerability in certificate validation", "file_language": "C", "file_component": "ecc", "is_test_file": false }, { "cveId": "CVE-2020-0601", "repo": "windows/cryptoapi", "file": "mm/buffer4.h", "label": 0, "features": [ 37, 22, 5, 31 ], "cvss": 8.1, "cve_description": "Windows CryptoAPI spoofing vulnerability in certificate validation", "file_language": "C", "file_component": "validate", "is_test_file": false }, { "cveId": "CVE-2020-0601", "repo": "windows/cryptoapi", "file": "net/ecc5.h", "label": 0, "features": [ 20, 16, 7, 27 ], "cvss": 8.1, "cve_description": "Windows CryptoAPI spoofing vulnerability in certificate validation", "file_language": "C", "file_component": "ecc", "is_test_file": false }, { "cveId": "CVE-2020-0601", "repo": "windows/cryptoapi", "file": "mm/init6.c", "label": 0, "features": [ 12, 10, 3, 52 ], "cvss": 8.1, "cve_description": "Windows CryptoAPI spoofing vulnerability in certificate validation", "file_language": "C", "file_component": "validate", "is_test_file": false }, { "cveId": "CVE-2020-0601", "repo": "windows/cryptoapi", "file": "controllers/cert7.rb", "label": 0, "features": [ 25, 49, 3, 39 ], "cvss": 8.1, "cve_description": "Windows CryptoAPI spoofing vulnerability in certificate validation", "file_language": "Ruby", "file_component": "ecc", "is_test_file": false }, { "cveId": "CVE-2020-0601", "repo": "windows/cryptoapi", "file": "security/ecc8.h", "label": 0, "features": [ 17, 24, 4, 29 ], "cvss": 8.1, "cve_description": "Windows CryptoAPI spoofing vulnerability in certificate validation", "file_language": "C", "file_component": "validate", "is_test_file": false }, { "cveId": "CVE-2020-0601", "repo": "windows/cryptoapi", "file": "fs/ecc9.c", "label": 1, "features": [ 50, 86, 20, 97 ], "cvss": 8.1, "cve_description": "Windows CryptoAPI spoofing vulnerability in certificate validation", "file_language": "C", "file_component": "crypto", "is_test_file": false }, { "cveId": "CVE-2020-0601", "repo": "windows/cryptoapi", "file": "lib/cert10.py", "label": 1, "features": [ 50, 42, 3, 100 ], "cvss": 8.1, "cve_description": "Windows CryptoAPI spoofing vulnerability in certificate validation", "file_language": "Python", "file_component": "validate", "is_test_file": false }, { "cveId": "CVE-2021-44228", "repo": "jndi/injection", "file": "service/log4j.java", "label": 0, "features": [ 16, 60, 7, 14 ], "cvss": 10.0, "cve_description": "Log4j JNDI injection allows remote code execution via crafted log messages", "file_language": "Java", "file_component": "message", "is_test_file": false }, { "cveId": "CVE-2021-44228", "repo": "jndi/injection", "file": "controller/lookup1.java", "label": 1, "features": [ 25, 55, 5, 83 ], "cvss": 10.0, "cve_description": "Log4j JNDI injection allows remote code execution via crafted log messages", "file_language": "Java", "file_component": "log4j", "is_test_file": false }, { "cveId": "CVE-2021-44228", "repo": "jndi/injection", "file": "api/admin2.py", "label": 1, "features": [ 69, 59, 20, 37 ], "cvss": 10.0, "cve_description": "Log4j JNDI injection allows remote code execution via crafted log messages", "file_language": "Python", "file_component": "message", "is_test_file": false }, { "cveId": "CVE-2021-44228", "repo": "jndi/injection", "file": "core/log4j3.py", "label": 0, "features": [ 10, 5, 6, 57 ], "cvss": 10.0, "cve_description": "Log4j JNDI injection allows remote code execution via crafted log messages", "file_language": "Python", "file_component": "jndi", "is_test_file": false }, { "cveId": "CVE-2021-44228", "repo": "jndi/injection", "file": "core/Handler4.java", "label": 0, "features": [ 29, 9, 3, 33 ], "cvss": 10.0, "cve_description": "Log4j JNDI injection allows remote code execution via crafted log messages", "file_language": "Java", "file_component": "log4j", "is_test_file": false }, { "cveId": "CVE-2021-44228", "repo": "jndi/injection", "file": "service/Controller5.java", "label": 0, "features": [ 17, 57, 2, 9 ], "cvss": 10.0, "cve_description": "Log4j JNDI injection allows remote code execution via crafted log messages", "file_language": "Java", "file_component": "jndi", "is_test_file": false }, { "cveId": "CVE-2021-44228", "repo": "jndi/injection", "file": "src/parser6.mjs", "label": 0, "features": [ 17, 37, 8, 63 ], "cvss": 10.0, "cve_description": "Log4j JNDI injection allows remote code execution via crafted log messages", "file_language": "JavaScript", "file_component": "message", "is_test_file": true }, { "cveId": "CVE-2021-44228", "repo": "jndi/injection", "file": "security/jndi7.java", "label": 1, "features": [ 88, 77, 2, 64 ], "cvss": 10.0, "cve_description": "Log4j JNDI injection allows remote code execution via crafted log messages", "file_language": "Java", "file_component": "message", "is_test_file": false }, { "cveId": "CVE-2021-44228", "repo": "jndi/injection", "file": "controller/Validator8.java", "label": 0, "features": [ 11, 42, 6, 62 ], "cvss": 10.0, "cve_description": "Log4j JNDI injection allows remote code execution via crafted log messages", "file_language": "Java", "file_component": "message", "is_test_file": false }, { "cveId": "CVE-2021-44228", "repo": "jndi/injection", "file": "web/Handler9.java", "label": 0, "features": [ 21, 31, 7, 36 ], "cvss": 10.0, "cve_description": "Log4j JNDI injection allows remote code execution via crafted log messages", "file_language": "Java", "file_component": "message", "is_test_file": false }, { "cveId": "CVE-2021-44228", "repo": "jndi/injection", "file": "service/log4j10.java", "label": 1, "features": [ 66, 95, 18, 30 ], "cvss": 10.0, "cve_description": "Log4j JNDI injection allows remote code execution via crafted log messages", "file_language": "Java", "file_component": "log4j", "is_test_file": false }, { "cveId": "CVE-2021-44228", "repo": "jndi/injection", "file": "src/main/java/Service11.java", "label": 0, "features": [ 31, 45, 7, 6 ], "cvss": 10.0, "cve_description": "Log4j JNDI injection allows remote code execution via crafted log messages", "file_language": "Java", "file_component": "message", "is_test_file": false }, { "cveId": "CVE-2021-44228", "repo": "jndi/injection", "file": "service/jndi12.java", "label": 0, "features": [ 10, 24, 8, 1 ], "cvss": 10.0, "cve_description": "Log4j JNDI injection allows remote code execution via crafted log messages", "file_language": "Java", "file_component": "lookup", "is_test_file": false }, { "cveId": "CVE-2021-44228", "repo": "jndi/injection", "file": "service/Controller13.java", "label": 0, "features": [ 18, 37, 4, 53 ], "cvss": 10.0, "cve_description": "Log4j JNDI injection allows remote code execution via crafted log messages", "file_language": "Java", "file_component": "log4j", "is_test_file": false }, { "cveId": "CVE-2018-6574", "repo": "allows/remote", "file": "core/factory.cc", "label": 0, "features": [ 18, 51, 4, 62 ], "cvss": 7.8, "cve_description": "Go cmd/go allows remote command execution via cgo during build", "file_language": "C++", "file_component": "compile", "is_test_file": false }, { "cveId": "CVE-2018-6574", "repo": "allows/remote", "file": "internal/transport1.go", "label": 0, "features": [ 20, 60, 3, 30 ], "cvss": 7.8, "cve_description": "Go cmd/go allows remote command execution via cgo during build", "file_language": "Go", "file_component": "link", "is_test_file": false }, { "cveId": "CVE-2018-6574", "repo": "allows/remote", "file": "cmd/transport2.go", "label": 0, "features": [ 24, 29, 2, 63 ], "cvss": 7.8, "cve_description": "Go cmd/go allows remote command execution via cgo during build", "file_language": "Go", "file_component": "link", "is_test_file": false }, { "cveId": "CVE-2018-6574", "repo": "allows/remote", "file": "cmd/auth3.go", "label": 1, "features": [ 73, 40, 25, 48 ], "cvss": 7.8, "cve_description": "Go cmd/go allows remote command execution via cgo during build", "file_language": "Go", "file_component": "compile", "is_test_file": false }, { "cveId": "CVE-2018-6574", "repo": "allows/remote", "file": "cmd/link4.go", "label": 1, "features": [ 25, 94, 12, 98 ], "cvss": 7.8, "cve_description": "Go cmd/go allows remote command execution via cgo during build", "file_language": "Go", "file_component": "cgo", "is_test_file": false }, { "cveId": "CVE-2018-6574", "repo": "allows/remote", "file": "server/compile5.go", "label": 0, "features": [ 14, 52, 1, 55 ], "cvss": 7.8, "cve_description": "Go cmd/go allows remote command execution via cgo during build", "file_language": "Go", "file_component": "link", "is_test_file": false }, { "cveId": "CVE-2018-6574", "repo": "allows/remote", "file": "lib/client6.cc", "label": 0, "features": [ 2, 25, 0, 37 ], "cvss": 7.8, "cve_description": "Go cmd/go allows remote command execution via cgo during build", "file_language": "C++", "file_component": "link", "is_test_file": false }, { "cveId": "CVE-2018-6574", "repo": "allows/remote", "file": "server/build7.go", "label": 1, "features": [ 93, 95, 14, 60 ], "cvss": 7.8, "cve_description": "Go cmd/go allows remote command execution via cgo during build", "file_language": "Go", "file_component": "cgo", "is_test_file": false }, { "cveId": "CVE-2018-6574", "repo": "allows/remote", "file": "api/build8.go", "label": 0, "features": [ 29, 23, 8, 20 ], "cvss": 7.8, "cve_description": "Go cmd/go allows remote command execution via cgo during build", "file_language": "Go", "file_component": "cgo", "is_test_file": false }, { "cveId": "CVE-2018-6574", "repo": "allows/remote", "file": "utils/middleware9.mjs", "label": 1, "features": [ 40, 64, 29, 91 ], "cvss": 7.8, "cve_description": "Go cmd/go allows remote command execution via cgo during build", "file_language": "JavaScript", "file_component": "link", "is_test_file": false }, { "cveId": "CVE-2018-6574", "repo": "allows/remote", "file": "server/link10.go", "label": 0, "features": [ 17, 5, 0, 63 ], "cvss": 7.8, "cve_description": "Go cmd/go allows remote command execution via cgo during build", "file_language": "Go", "file_component": "compile", "is_test_file": false }, { "cveId": "CVE-2018-6574", "repo": "allows/remote", "file": "lib/middleware11.py", "label": 0, "features": [ 8, 45, 1, 5 ], "cvss": 7.8, "cve_description": "Go cmd/go allows remote command execution via cgo during build", "file_language": "Python", "file_component": "compile", "is_test_file": false }, { "cveId": "CVE-2018-6574", "repo": "allows/remote", "file": "handler/handler12.go", "label": 1, "features": [ 56, 87, 15, 52 ], "cvss": 7.8, "cve_description": "Go cmd/go allows remote command execution via cgo during build", "file_language": "Go", "file_component": "compile", "is_test_file": false }, { "cveId": "CVE-2018-6574", "repo": "allows/remote", "file": "lib/Request13.php", "label": 0, "features": [ 18, 52, 5, 14 ], "cvss": 7.8, "cve_description": "Go cmd/go allows remote command execution via cgo during build", "file_language": "PHP", "file_component": "compile", "is_test_file": false }, { "cveId": "CVE-2018-6574", "repo": "allows/remote", "file": "handler/link14.go", "label": 1, "features": [ 16, 56, 19, 45 ], "cvss": 7.8, "cve_description": "Go cmd/go allows remote command execution via cgo during build", "file_language": "Go", "file_component": "cgo", "is_test_file": false }, { "cveId": "CVE-2018-6574", "repo": "allows/remote", "file": "server/cgo15.go", "label": 0, "features": [ 30, 6, 8, 41 ], "cvss": 7.8, "cve_description": "Go cmd/go allows remote command execution via cgo during build", "file_language": "Go", "file_component": "compile", "is_test_file": false }, { "cveId": "CVE-2018-6574", "repo": "allows/remote", "file": "handler/auth16.go", "label": 0, "features": [ 7, 13, 0, 4 ], "cvss": 7.8, "cve_description": "Go cmd/go allows remote command execution via cgo during build", "file_language": "Go", "file_component": "build", "is_test_file": false }, { "cveId": "CVE-2018-6574", "repo": "allows/remote", "file": "pkg/handler17.go", "label": 1, "features": [ 84, 66, 20, 49 ], "cvss": 7.8, "cve_description": "Go cmd/go allows remote command execution via cgo during build", "file_language": "Go", "file_component": "build", "is_test_file": false }, { "cveId": "CVE-2018-6574", "repo": "allows/remote", "file": "server/compile18.go", "label": 0, "features": [ 13, 33, 7, 30 ], "cvss": 7.8, "cve_description": "Go cmd/go allows remote command execution via cgo during build", "file_language": "Go", "file_component": "link", "is_test_file": false }, { "cveId": "CVE-2018-6574", "repo": "allows/remote", "file": "server/cgo19.go", "label": 0, "features": [ 7, 59, 7, 11 ], "cvss": 7.8, "cve_description": "Go cmd/go allows remote command execution via cgo during build", "file_language": "Go", "file_component": "compile", "is_test_file": false }, { "cveId": "CVE-2016-7124", "repo": "unserialize/heap", "file": "includes/Auth.php", "label": 1, "features": [ 85, 53, 20, 57 ], "cvss": 9.8, "cve_description": "PHP unserialize heap buffer overflow in SPL ArrayObject", "file_language": "PHP", "file_component": "spl", "is_test_file": false }, { "cveId": "CVE-2016-7124", "repo": "unserialize/heap", "file": "includes/Controller1.php", "label": 0, "features": [ 9, 13, 8, 32 ], "cvss": 9.8, "cve_description": "PHP unserialize heap buffer overflow in SPL ArrayObject", "file_language": "PHP", "file_component": "spl", "is_test_file": false }, { "cveId": "CVE-2016-7124", "repo": "unserialize/heap", "file": "lib/Controller2.php", "label": 0, "features": [ 15, 42, 5, 2 ], "cvss": 9.8, "cve_description": "PHP unserialize heap buffer overflow in SPL ArrayObject", "file_language": "PHP", "file_component": "unserialize", "is_test_file": false }, { "cveId": "CVE-2016-7124", "repo": "unserialize/heap", "file": "includes/Model3.php", "label": 0, "features": [ 23, 37, 1, 57 ], "cvss": 9.8, "cve_description": "PHP unserialize heap buffer overflow in SPL ArrayObject", "file_language": "PHP", "file_component": "object", "is_test_file": false }, { "cveId": "CVE-2016-7124", "repo": "unserialize/heap", "file": "crypto/main4.c", "label": 0, "features": [ 25, 32, 1, 62 ], "cvss": 9.8, "cve_description": "PHP unserialize heap buffer overflow in SPL ArrayObject", "file_language": "C", "file_component": "array", "is_test_file": false }, { "cveId": "CVE-2016-7124", "repo": "unserialize/heap", "file": "app/array5.php", "label": 0, "features": [ 24, 43, 8, 37 ], "cvss": 9.8, "cve_description": "PHP unserialize heap buffer overflow in SPL ArrayObject", "file_language": "PHP", "file_component": "unserialize", "is_test_file": false }, { "cveId": "CVE-2016-7124", "repo": "unserialize/heap", "file": "classes/Model6.php", "label": 0, "features": [ 14, 31, 5, 58 ], "cvss": 9.8, "cve_description": "PHP unserialize heap buffer overflow in SPL ArrayObject", "file_language": "PHP", "file_component": "unserialize", "is_test_file": false }, { "cveId": "CVE-2016-7124", "repo": "unserialize/heap", "file": "app/Request7.php", "label": 0, "features": [ 30, 9, 1, 10 ], "cvss": 9.8, "cve_description": "PHP unserialize heap buffer overflow in SPL ArrayObject", "file_language": "PHP", "file_component": "object", "is_test_file": false }, { "cveId": "CVE-2016-7124", "repo": "unserialize/heap", "file": "lib/Controller8.php", "label": 0, "features": [ 26, 27, 6, 6 ], "cvss": 9.8, "cve_description": "PHP unserialize heap buffer overflow in SPL ArrayObject", "file_language": "PHP", "file_component": "array", "is_test_file": true }, { "cveId": "CVE-2016-7124", "repo": "unserialize/heap", "file": "src/Auth9.php", "label": 1, "features": [ 43, 94, 5, 74 ], "cvss": 9.8, "cve_description": "PHP unserialize heap buffer overflow in SPL ArrayObject", "file_language": "PHP", "file_component": "array", "is_test_file": false }, { "cveId": "CVE-2016-7124", "repo": "unserialize/heap", "file": "includes/Auth10.php", "label": 1, "features": [ 94, 79, 23, 33 ], "cvss": 9.8, "cve_description": "PHP unserialize heap buffer overflow in SPL ArrayObject", "file_language": "PHP", "file_component": "array", "is_test_file": false }, { "cveId": "CVE-2019-5736", "repo": "runc/container", "file": "lib/runc.php", "label": 0, "features": [ 5, 52, 8, 27 ], "cvss": 8.6, "cve_description": "runc container escape via overwriting host runc binary", "file_language": "PHP", "file_component": "runc", "is_test_file": false }, { "cveId": "CVE-2019-5736", "repo": "runc/container", "file": "internal/client1.go", "label": 0, "features": [ 36, 43, 1, 6 ], "cvss": 8.6, "cve_description": "runc container escape via overwriting host runc binary", "file_language": "Go", "file_component": "container", "is_test_file": false }, { "cveId": "CVE-2019-5736", "repo": "runc/container", "file": "kernel/alloc2.h", "label": 0, "features": [ 28, 31, 4, 27 ], "cvss": 8.6, "cve_description": "runc container escape via overwriting host runc binary", "file_language": "C", "file_component": "runc", "is_test_file": false }, { "cveId": "CVE-2019-5736", "repo": "runc/container", "file": "cmd/client3.go", "label": 0, "features": [ 19, 7, 3, 50 ], "cvss": 8.6, "cve_description": "runc container escape via overwriting host runc binary", "file_language": "Go", "file_component": "init", "is_test_file": false }, { "cveId": "CVE-2019-5736", "repo": "runc/container", "file": "internal/middleware4.go", "label": 1, "features": [ 52, 60, 5, 30 ], "cvss": 8.6, "cve_description": "runc container escape via overwriting host runc binary", "file_language": "Go", "file_component": "container", "is_test_file": false }, { "cveId": "CVE-2019-5736", "repo": "runc/container", "file": "api/runc5.go", "label": 0, "features": [ 27, 6, 7, 9 ], "cvss": 8.6, "cve_description": "runc container escape via overwriting host runc binary", "file_language": "Go", "file_component": "container", "is_test_file": false }, { "cveId": "CVE-2019-5736", "repo": "runc/container", "file": "handler/runc6.go", "label": 0, "features": [ 20, 15, 7, 46 ], "cvss": 8.6, "cve_description": "runc container escape via overwriting host runc binary", "file_language": "Go", "file_component": "init", "is_test_file": false }, { "cveId": "CVE-2019-5736", "repo": "runc/container", "file": "utils/exec7.py", "label": 0, "features": [ 21, 19, 5, 21 ], "cvss": 8.6, "cve_description": "runc container escape via overwriting host runc binary", "file_language": "Python", "file_component": "init", "is_test_file": true }, { "cveId": "CVE-2019-5736", "repo": "runc/container", "file": "internal/container8.go", "label": 0, "features": [ 16, 17, 2, 19 ], "cvss": 8.6, "cve_description": "runc container escape via overwriting host runc binary", "file_language": "Go", "file_component": "container", "is_test_file": true }, { "cveId": "CVE-2019-5736", "repo": "runc/container", "file": "handler/auth9.go", "label": 0, "features": [ 37, 33, 5, 40 ], "cvss": 8.6, "cve_description": "runc container escape via overwriting host runc binary", "file_language": "Go", "file_component": "container", "is_test_file": false }, { "cveId": "CVE-2019-5736", "repo": "runc/container", "file": "handler/client10.go", "label": 0, "features": [ 22, 37, 1, 39 ], "cvss": 8.6, "cve_description": "runc container escape via overwriting host runc binary", "file_language": "Go", "file_component": "init", "is_test_file": false }, { "cveId": "CVE-2019-5736", "repo": "runc/container", "file": "internal/server11.go", "label": 1, "features": [ 79, 64, 16, 100 ], "cvss": 8.6, "cve_description": "runc container escape via overwriting host runc binary", "file_language": "Go", "file_component": "exec", "is_test_file": false }, { "cveId": "CVE-2019-5736", "repo": "runc/container", "file": "mm/handler12.h", "label": 0, "features": [ 32, 14, 0, 57 ], "cvss": 8.6, "cve_description": "runc container escape via overwriting host runc binary", "file_language": "C", "file_component": "init", "is_test_file": false }, { "cveId": "CVE-2017-12617", "repo": "apache/tomcat", "file": "core/Validator.java", "label": 0, "features": [ 33, 38, 2, 46 ], "cvss": 8.1, "cve_description": "Apache Tomcat remote code execution via PUT method upload", "file_language": "Java", "file_component": "tomcat", "is_test_file": true }, { "cveId": "CVE-2017-12617", "repo": "apache/tomcat", "file": "util/Handler1.java", "label": 0, "features": [ 21, 9, 5, 12 ], "cvss": 8.1, "cve_description": "Apache Tomcat remote code execution via PUT method upload", "file_language": "Java", "file_component": "servlet", "is_test_file": false }, { "cveId": "CVE-2017-12617", "repo": "apache/tomcat", "file": "security/upload2.java", "label": 0, "features": [ 22, 24, 6, 16 ], "cvss": 8.1, "cve_description": "Apache Tomcat remote code execution via PUT method upload", "file_language": "Java", "file_component": "put", "is_test_file": false }, { "cveId": "CVE-2017-12617", "repo": "apache/tomcat", "file": "utils/auth3.js", "label": 0, "features": [ 33, 10, 6, 65 ], "cvss": 8.1, "cve_description": "Apache Tomcat remote code execution via PUT method upload", "file_language": "JavaScript", "file_component": "servlet", "is_test_file": false }, { "cveId": "CVE-2017-12617", "repo": "apache/tomcat", "file": "core/upload4.java", "label": 0, "features": [ 9, 9, 4, 12 ], "cvss": 8.1, "cve_description": "Apache Tomcat remote code execution via PUT method upload", "file_language": "Java", "file_component": "upload", "is_test_file": false }, { "cveId": "CVE-2017-12617", "repo": "apache/tomcat", "file": "security/Handler5.java", "label": 1, "features": [ 34, 50, 7, 51 ], "cvss": 8.1, "cve_description": "Apache Tomcat remote code execution via PUT method upload", "file_language": "Java", "file_component": "tomcat", "is_test_file": false }, { "cveId": "CVE-2017-12617", "repo": "apache/tomcat", "file": "security/Validator6.java", "label": 0, "features": [ 39, 23, 7, 29 ], "cvss": 8.1, "cve_description": "Apache Tomcat remote code execution via PUT method upload", "file_language": "Java", "file_component": "put", "is_test_file": false }, { "cveId": "CVE-2017-12617", "repo": "apache/tomcat", "file": "util/Service7.java", "label": 1, "features": [ 88, 68, 16, 66 ], "cvss": 8.1, "cve_description": "Apache Tomcat remote code execution via PUT method upload", "file_language": "Java", "file_component": "servlet", "is_test_file": false }, { "cveId": "CVE-2016-0728", "repo": "linux/keyring", "file": "drivers/buffer.c", "label": 0, "features": [ 33, 59, 1, 36 ], "cvss": 7.8, "cve_description": "Linux keyring use-after-free allows privilege escalation", "file_language": "C", "file_component": "join", "is_test_file": false }, { "cveId": "CVE-2016-0728", "repo": "linux/keyring", "file": "fs/key1.h", "label": 0, "features": [ 28, 27, 0, 53 ], "cvss": 7.8, "cve_description": "Linux keyring use-after-free allows privilege escalation", "file_language": "C", "file_component": "join", "is_test_file": true }, { "cveId": "CVE-2016-0728", "repo": "linux/keyring", "file": "security/refcount2.h", "label": 0, "features": [ 6, 58, 5, 18 ], "cvss": 7.8, "cve_description": "Linux keyring use-after-free allows privilege escalation", "file_language": "C", "file_component": "key", "is_test_file": true }, { "cveId": "CVE-2016-0728", "repo": "linux/keyring", "file": "core/alloc3.h", "label": 1, "features": [ 25, 41, 10, 57 ], "cvss": 7.8, "cve_description": "Linux keyring use-after-free allows privilege escalation", "file_language": "C", "file_component": "join", "is_test_file": false }, { "cveId": "CVE-2016-0728", "repo": "linux/keyring", "file": "lib/keyring4.c", "label": 0, "features": [ 15, 31, 7, 8 ], "cvss": 7.8, "cve_description": "Linux keyring use-after-free allows privilege escalation", "file_language": "C", "file_component": "join", "is_test_file": false }, { "cveId": "CVE-2016-0728", "repo": "linux/keyring", "file": "core/refcount5.h", "label": 1, "features": [ 45, 76, 15, 53 ], "cvss": 7.8, "cve_description": "Linux keyring use-after-free allows privilege escalation", "file_language": "C", "file_component": "key", "is_test_file": false }, { "cveId": "CVE-2016-0728", "repo": "linux/keyring", "file": "lib/join6.c", "label": 0, "features": [ 2, 45, 6, 47 ], "cvss": 7.8, "cve_description": "Linux keyring use-after-free allows privilege escalation", "file_language": "C", "file_component": "refcount", "is_test_file": false }, { "cveId": "CVE-2016-0728", "repo": "linux/keyring", "file": "drivers/handler7.c", "label": 0, "features": [ 21, 13, 0, 45 ], "cvss": 7.8, "cve_description": "Linux keyring use-after-free allows privilege escalation", "file_language": "C", "file_component": "keyring", "is_test_file": false }, { "cveId": "CVE-2016-0728", "repo": "linux/keyring", "file": "security/Filter8.java", "label": 0, "features": [ 4, 50, 7, 4 ], "cvss": 7.8, "cve_description": "Linux keyring use-after-free allows privilege escalation", "file_language": "Java", "file_component": "join", "is_test_file": false }, { "cveId": "CVE-2016-0728", "repo": "linux/keyring", "file": "src/config9.h", "label": 0, "features": [ 34, 35, 4, 4 ], "cvss": 7.8, "cve_description": "Linux keyring use-after-free allows privilege escalation", "file_language": "C", "file_component": "key", "is_test_file": false }, { "cveId": "CVE-2016-0728", "repo": "linux/keyring", "file": "src/refcount10.h", "label": 0, "features": [ 27, 30, 7, 49 ], "cvss": 7.8, "cve_description": "Linux keyring use-after-free allows privilege escalation", "file_language": "C", "file_component": "refcount", "is_test_file": false }, { "cveId": "CVE-2016-0728", "repo": "linux/keyring", "file": "drivers/buffer11.h", "label": 0, "features": [ 27, 10, 6, 23 ], "cvss": 7.8, "cve_description": "Linux keyring use-after-free allows privilege escalation", "file_language": "C", "file_component": "join", "is_test_file": false }, { "cveId": "CVE-2016-0728", "repo": "linux/keyring", "file": "drivers/init12.h", "label": 1, "features": [ 69, 50, 24, 86 ], "cvss": 7.8, "cve_description": "Linux keyring use-after-free allows privilege escalation", "file_language": "C", "file_component": "keyring", "is_test_file": false }, { "cveId": "CVE-2016-0728", "repo": "linux/keyring", "file": "mm/io13.h", "label": 1, "features": [ 22, 44, 23, 81 ], "cvss": 7.8, "cve_description": "Linux keyring use-after-free allows privilege escalation", "file_language": "C", "file_component": "refcount", "is_test_file": false }, { "cveId": "CVE-2016-0728", "repo": "linux/keyring", "file": "core/keyring14.java", "label": 0, "features": [ 15, 54, 5, 46 ], "cvss": 7.8, "cve_description": "Linux keyring use-after-free allows privilege escalation", "file_language": "Java", "file_component": "keyring", "is_test_file": false }, { "cveId": "CVE-2016-0728", "repo": "linux/keyring", "file": "crypto/config15.h", "label": 0, "features": [ 4, 41, 2, 67 ], "cvss": 7.8, "cve_description": "Linux keyring use-after-free allows privilege escalation", "file_language": "C", "file_component": "key", "is_test_file": false }, { "cveId": "CVE-2016-0728", "repo": "linux/keyring", "file": "net/utils16.c", "label": 1, "features": [ 78, 73, 14, 45 ], "cvss": 7.8, "cve_description": "Linux keyring use-after-free allows privilege escalation", "file_language": "C", "file_component": "refcount", "is_test_file": false }, { "cveId": "CVE-2017-6074", "repo": "linux/kernel", "file": "lib/controller.rb", "label": 0, "features": [ 28, 10, 5, 44 ], "cvss": 7.8, "cve_description": "Linux kernel DCCP double-free allows privilege escalation", "file_language": "Ruby", "file_component": "socket", "is_test_file": false }, { "cveId": "CVE-2017-6074", "repo": "linux/kernel", "file": "kernel/parser1.c", "label": 0, "features": [ 32, 19, 1, 25 ], "cvss": 7.8, "cve_description": "Linux kernel DCCP double-free allows privilege escalation", "file_language": "C", "file_component": "connect", "is_test_file": false }, { "cveId": "CVE-2017-6074", "repo": "linux/kernel", "file": "src/config2.h", "label": 0, "features": [ 35, 13, 1, 8 ], "cvss": 7.8, "cve_description": "Linux kernel DCCP double-free allows privilege escalation", "file_language": "C", "file_component": "close", "is_test_file": false }, { "cveId": "CVE-2017-6074", "repo": "linux/kernel", "file": "controllers/connect3.rb", "label": 1, "features": [ 24, 68, 16, 96 ], "cvss": 7.8, "cve_description": "Linux kernel DCCP double-free allows privilege escalation", "file_language": "Ruby", "file_component": "close", "is_test_file": false }, { "cveId": "CVE-2017-6074", "repo": "linux/kernel", "file": "service/Interceptor4.java", "label": 0, "features": [ 33, 14, 4, 21 ], "cvss": 7.8, "cve_description": "Linux kernel DCCP double-free allows privilege escalation", "file_language": "Java", "file_component": "socket", "is_test_file": false }, { "cveId": "CVE-2017-6074", "repo": "linux/kernel", "file": "utils/connect5.py", "label": 0, "features": [ 8, 45, 4, 68 ], "cvss": 7.8, "cve_description": "Linux kernel DCCP double-free allows privilege escalation", "file_language": "Python", "file_component": "connect", "is_test_file": false }, { "cveId": "CVE-2017-6074", "repo": "linux/kernel", "file": "core/socket6.h", "label": 0, "features": [ 36, 7, 0, 10 ], "cvss": 7.8, "cve_description": "Linux kernel DCCP double-free allows privilege escalation", "file_language": "C", "file_component": "socket", "is_test_file": true }, { "cveId": "CVE-2017-6074", "repo": "linux/kernel", "file": "net/socket7.h", "label": 1, "features": [ 18, 71, 30, 99 ], "cvss": 7.8, "cve_description": "Linux kernel DCCP double-free allows privilege escalation", "file_language": "C", "file_component": "connect", "is_test_file": false }, { "cveId": "CVE-2017-6074", "repo": "linux/kernel", "file": "controllers/dccp8.rb", "label": 0, "features": [ 10, 33, 6, 61 ], "cvss": 7.8, "cve_description": "Linux kernel DCCP double-free allows privilege escalation", "file_language": "Ruby", "file_component": "socket", "is_test_file": false }, { "cveId": "CVE-2017-6074", "repo": "linux/kernel", "file": "drivers/config9.h", "label": 1, "features": [ 31, 88, 13, 95 ], "cvss": 7.8, "cve_description": "Linux kernel DCCP double-free allows privilege escalation", "file_language": "C", "file_component": "socket", "is_test_file": false }, { "cveId": "CVE-2017-6074", "repo": "linux/kernel", "file": "lib/dccp10.h", "label": 0, "features": [ 3, 23, 6, 53 ], "cvss": 7.8, "cve_description": "Linux kernel DCCP double-free allows privilege escalation", "file_language": "C", "file_component": "close", "is_test_file": false }, { "cveId": "CVE-2017-6074", "repo": "linux/kernel", "file": "controller/socket11.java", "label": 1, "features": [ 78, 72, 16, 93 ], "cvss": 7.8, "cve_description": "Linux kernel DCCP double-free allows privilege escalation", "file_language": "Java", "file_component": "connect", "is_test_file": false }, { "cveId": "CVE-2017-6074", "repo": "linux/kernel", "file": "security/buffer12.h", "label": 0, "features": [ 13, 42, 5, 6 ], "cvss": 7.8, "cve_description": "Linux kernel DCCP double-free allows privilege escalation", "file_language": "C", "file_component": "dccp", "is_test_file": false }, { "cveId": "CVE-2019-2215", "repo": "android/binder", "file": "kernel/buffer.c", "label": 0, "features": [ 27, 13, 4, 46 ], "cvss": 7.8, "cve_description": "Android binder use-after-free in epoll", "file_language": "C", "file_component": "thread", "is_test_file": false }, { "cveId": "CVE-2019-2215", "repo": "android/binder", "file": "src/wait1.c", "label": 0, "features": [ 4, 29, 8, 57 ], "cvss": 7.8, "cve_description": "Android binder use-after-free in epoll", "file_language": "C", "file_component": "thread", "is_test_file": false }, { "cveId": "CVE-2019-2215", "repo": "android/binder", "file": "core/wait2.h", "label": 0, "features": [ 35, 28, 2, 25 ], "cvss": 7.8, "cve_description": "Android binder use-after-free in epoll", "file_language": "C", "file_component": "binder", "is_test_file": false }, { "cveId": "CVE-2019-2215", "repo": "android/binder", "file": "src/main3.c", "label": 0, "features": [ 30, 38, 7, 19 ], "cvss": 7.8, "cve_description": "Android binder use-after-free in epoll", "file_language": "C", "file_component": "binder", "is_test_file": false }, { "cveId": "CVE-2019-2215", "repo": "android/binder", "file": "mm/wait4.c", "label": 1, "features": [ 90, 61, 18, 95 ], "cvss": 7.8, "cve_description": "Android binder use-after-free in epoll", "file_language": "C", "file_component": "wait", "is_test_file": false }, { "cveId": "CVE-2019-2215", "repo": "android/binder", "file": "src/auth5.mjs", "label": 0, "features": [ 26, 42, 4, 3 ], "cvss": 7.8, "cve_description": "Android binder use-after-free in epoll", "file_language": "JavaScript", "file_component": "thread", "is_test_file": false }, { "cveId": "CVE-2020-14386", "repo": "linux/privilege", "file": "core/handler.c", "label": 0, "features": [ 7, 17, 0, 56 ], "cvss": 7.8, "cve_description": "Linux AF_PACKET use-after-free privilege escalation", "file_language": "C", "file_component": "ring", "is_test_file": false }, { "cveId": "CVE-2020-14386", "repo": "linux/privilege", "file": "security/buffer1.h", "label": 1, "features": [ 22, 85, 6, 96 ], "cvss": 7.8, "cve_description": "Linux AF_PACKET use-after-free privilege escalation", "file_language": "C", "file_component": "socket", "is_test_file": false }, { "cveId": "CVE-2020-14386", "repo": "linux/privilege", "file": "fs/io2.h", "label": 0, "features": [ 29, 39, 5, 69 ], "cvss": 7.8, "cve_description": "Linux AF_PACKET use-after-free privilege escalation", "file_language": "C", "file_component": "ring", "is_test_file": false }, { "cveId": "CVE-2020-14386", "repo": "linux/privilege", "file": "lib/handler3.mjs", "label": 0, "features": [ 14, 24, 4, 26 ], "cvss": 7.8, "cve_description": "Linux AF_PACKET use-after-free privilege escalation", "file_language": "JavaScript", "file_component": "ring", "is_test_file": false }, { "cveId": "CVE-2020-14386", "repo": "linux/privilege", "file": "drivers/ring4.h", "label": 0, "features": [ 25, 57, 5, 18 ], "cvss": 7.8, "cve_description": "Linux AF_PACKET use-after-free privilege escalation", "file_language": "C", "file_component": "ring", "is_test_file": false }, { "cveId": "CVE-2020-14386", "repo": "linux/privilege", "file": "drivers/alloc5.h", "label": 0, "features": [ 13, 17, 8, 34 ], "cvss": 7.8, "cve_description": "Linux AF_PACKET use-after-free privilege escalation", "file_language": "C", "file_component": "packet", "is_test_file": false }, { "cveId": "CVE-2020-14386", "repo": "linux/privilege", "file": "lib/socket6.c", "label": 0, "features": [ 40, 19, 0, 12 ], "cvss": 7.8, "cve_description": "Linux AF_PACKET use-after-free privilege escalation", "file_language": "C", "file_component": "socket", "is_test_file": false }, { "cveId": "CVE-2020-14386", "repo": "linux/privilege", "file": "src/processor7.hpp", "label": 1, "features": [ 75, 70, 22, 55 ], "cvss": 7.8, "cve_description": "Linux AF_PACKET use-after-free privilege escalation", "file_language": "C++", "file_component": "socket", "is_test_file": false }, { "cveId": "CVE-2020-14386", "repo": "linux/privilege", "file": "src/utils8.c", "label": 0, "features": [ 2, 16, 6, 22 ], "cvss": 7.8, "cve_description": "Linux AF_PACKET use-after-free privilege escalation", "file_language": "C", "file_component": "tpacket", "is_test_file": false }, { "cveId": "CVE-2020-14386", "repo": "linux/privilege", "file": "crypto/parser9.h", "label": 0, "features": [ 0, 24, 1, 42 ], "cvss": 7.8, "cve_description": "Linux AF_PACKET use-after-free privilege escalation", "file_language": "C", "file_component": "ring", "is_test_file": false }, { "cveId": "CVE-2020-14386", "repo": "linux/privilege", "file": "helpers/packet10.rb", "label": 0, "features": [ 21, 15, 7, 32 ], "cvss": 7.8, "cve_description": "Linux AF_PACKET use-after-free privilege escalation", "file_language": "Ruby", "file_component": "socket", "is_test_file": false }, { "cveId": "CVE-2020-14386", "repo": "linux/privilege", "file": "kernel/ring11.c", "label": 0, "features": [ 27, 37, 5, 11 ], "cvss": 7.8, "cve_description": "Linux AF_PACKET use-after-free privilege escalation", "file_language": "C", "file_component": "tpacket", "is_test_file": false }, { "cveId": "CVE-2020-14386", "repo": "linux/privilege", "file": "crypto/ring12.c", "label": 0, "features": [ 15, 33, 4, 42 ], "cvss": 7.8, "cve_description": "Linux AF_PACKET use-after-free privilege escalation", "file_language": "C", "file_component": "socket", "is_test_file": false }, { "cveId": "CVE-2020-14386", "repo": "linux/privilege", "file": "drivers/handler13.c", "label": 0, "features": [ 29, 24, 2, 51 ], "cvss": 7.8, "cve_description": "Linux AF_PACKET use-after-free privilege escalation", "file_language": "C", "file_component": "tpacket", "is_test_file": false }, { "cveId": "CVE-2020-14386", "repo": "linux/privilege", "file": "utils/middleware14.mjs", "label": 0, "features": [ 14, 13, 7, 19 ], "cvss": 7.8, "cve_description": "Linux AF_PACKET use-after-free privilege escalation", "file_language": "JavaScript", "file_component": "packet", "is_test_file": false }, { "cveId": "CVE-2020-14386", "repo": "linux/privilege", "file": "classes/Form15.php", "label": 1, "features": [ 91, 95, 27, 40 ], "cvss": 7.8, "cve_description": "Linux AF_PACKET use-after-free privilege escalation", "file_language": "PHP", "file_component": "ring", "is_test_file": false }, { "cveId": "CVE-2020-14386", "repo": "linux/privilege", "file": "lib/socket16.c", "label": 0, "features": [ 36, 39, 2, 21 ], "cvss": 7.8, "cve_description": "Linux AF_PACKET use-after-free privilege escalation", "file_language": "C", "file_component": "tpacket", "is_test_file": false }, { "cveId": "CVE-2020-14386", "repo": "linux/privilege", "file": "net/ring17.h", "label": 0, "features": [ 3, 34, 2, 65 ], "cvss": 7.8, "cve_description": "Linux AF_PACKET use-after-free privilege escalation", "file_language": "C", "file_component": "packet", "is_test_file": false }, { "cveId": "CVE-2020-14386", "repo": "linux/privilege", "file": "kernel/packet18.h", "label": 1, "features": [ 42, 77, 4, 35 ], "cvss": 7.8, "cve_description": "Linux AF_PACKET use-after-free privilege escalation", "file_language": "C", "file_component": "ring", "is_test_file": false }, { "cveId": "CVE-2020-14386", "repo": "linux/privilege", "file": "crypto/main19.h", "label": 1, "features": [ 32, 89, 22, 83 ], "cvss": 7.8, "cve_description": "Linux AF_PACKET use-after-free privilege escalation", "file_language": "C", "file_component": "packet", "is_test_file": false }, { "cveId": "CVE-2021-22555", "repo": "project/repo", "file": "drivers/utils.c", "label": 0, "features": [ 25, 38, 2, 28 ], "cvss": 7.8, "cve_description": "Netfilter use-after-free in xt_compat", "file_language": "C", "file_component": "compat", "is_test_file": false }, { "cveId": "CVE-2021-22555", "repo": "project/repo", "file": "utils/validator1.mjs", "label": 1, "features": [ 46, 69, 13, 49 ], "cvss": 7.8, "cve_description": "Netfilter use-after-free in xt_compat", "file_language": "JavaScript", "file_component": "match", "is_test_file": false }, { "cveId": "CVE-2021-22555", "repo": "project/repo", "file": "network/netfilter2.cpp", "label": 0, "features": [ 6, 43, 0, 57 ], "cvss": 7.8, "cve_description": "Netfilter use-after-free in xt_compat", "file_language": "C++", "file_component": "netfilter", "is_test_file": false }, { "cveId": "CVE-2021-22555", "repo": "project/repo", "file": "src/compat3.h", "label": 0, "features": [ 3, 13, 8, 37 ], "cvss": 7.8, "cve_description": "Netfilter use-after-free in xt_compat", "file_language": "C", "file_component": "compat", "is_test_file": false }, { "cveId": "CVE-2021-22555", "repo": "project/repo", "file": "lib/Request4.php", "label": 0, "features": [ 33, 19, 6, 38 ], "cvss": 7.8, "cve_description": "Netfilter use-after-free in xt_compat", "file_language": "PHP", "file_component": "target", "is_test_file": false }, { "cveId": "CVE-2021-22555", "repo": "project/repo", "file": "security/target5.h", "label": 0, "features": [ 24, 55, 8, 40 ], "cvss": 7.8, "cve_description": "Netfilter use-after-free in xt_compat", "file_language": "C", "file_component": "compat", "is_test_file": false }, { "cveId": "CVE-2021-22555", "repo": "project/repo", "file": "security/compat6.h", "label": 1, "features": [ 53, 94, 24, 48 ], "cvss": 7.8, "cve_description": "Netfilter use-after-free in xt_compat", "file_language": "C", "file_component": "target", "is_test_file": false }, { "cveId": "CVE-2021-22555", "repo": "project/repo", "file": "server/compat7.go", "label": 1, "features": [ 57, 81, 4, 87 ], "cvss": 7.8, "cve_description": "Netfilter use-after-free in xt_compat", "file_language": "Go", "file_component": "match", "is_test_file": false }, { "cveId": "CVE-2021-22555", "repo": "project/repo", "file": "src/init8.h", "label": 0, "features": [ 38, 7, 1, 24 ], "cvss": 7.8, "cve_description": "Netfilter use-after-free in xt_compat", "file_language": "C", "file_component": "compat", "is_test_file": false }, { "cveId": "CVE-2021-22555", "repo": "project/repo", "file": "crypto/netfilter9.h", "label": 0, "features": [ 13, 17, 1, 61 ], "cvss": 7.8, "cve_description": "Netfilter use-after-free in xt_compat", "file_language": "C", "file_component": "compat", "is_test_file": false }, { "cveId": "CVE-2021-22555", "repo": "project/repo", "file": "security/handler10.h", "label": 0, "features": [ 24, 34, 8, 45 ], "cvss": 7.8, "cve_description": "Netfilter use-after-free in xt_compat", "file_language": "C", "file_component": "compat", "is_test_file": false }, { "cveId": "CVE-2021-22555", "repo": "project/repo", "file": "crypto/utils11.h", "label": 0, "features": [ 20, 18, 5, 40 ], "cvss": 7.8, "cve_description": "Netfilter use-after-free in xt_compat", "file_language": "C", "file_component": "match", "is_test_file": false }, { "cveId": "CVE-2021-22555", "repo": "project/repo", "file": "core/main12.h", "label": 1, "features": [ 89, 77, 25, 83 ], "cvss": 7.8, "cve_description": "Netfilter use-after-free in xt_compat", "file_language": "C", "file_component": "compat", "is_test_file": false }, { "cveId": "CVE-2021-22555", "repo": "project/repo", "file": "security/socket13.c", "label": 1, "features": [ 58, 56, 26, 92 ], "cvss": 7.8, "cve_description": "Netfilter use-after-free in xt_compat", "file_language": "C", "file_component": "compat", "is_test_file": false }, { "cveId": "CVE-2021-22555", "repo": "project/repo", "file": "crypto/match14.h", "label": 0, "features": [ 11, 39, 0, 67 ], "cvss": 7.8, "cve_description": "Netfilter use-after-free in xt_compat", "file_language": "C", "file_component": "match", "is_test_file": false }, { "cveId": "CVE-2021-22555", "repo": "project/repo", "file": "security/compat15.c", "label": 1, "features": [ 16, 53, 18, 88 ], "cvss": 7.8, "cve_description": "Netfilter use-after-free in xt_compat", "file_language": "C", "file_component": "netfilter", "is_test_file": false }, { "cveId": "CVE-2018-5390", "repo": "project/repo", "file": "src/main.h", "label": 0, "features": [ 18, 6, 8, 55 ], "cvss": 7.5, "cve_description": "Linux TCP use-after-free in tcp_collapse_ofo_queue", "file_language": "C", "file_component": "ofo", "is_test_file": true }, { "cveId": "CVE-2018-5390", "repo": "project/repo", "file": "engine/queue1.hpp", "label": 0, "features": [ 22, 22, 6, 10 ], "cvss": 7.5, "cve_description": "Linux TCP use-after-free in tcp_collapse_ofo_queue", "file_language": "C++", "file_component": "tcp", "is_test_file": false }, { "cveId": "CVE-2018-5390", "repo": "project/repo", "file": "net/init2.c", "label": 0, "features": [ 2, 10, 6, 48 ], "cvss": 7.5, "cve_description": "Linux TCP use-after-free in tcp_collapse_ofo_queue", "file_language": "C", "file_component": "collapse", "is_test_file": false }, { "cveId": "CVE-2018-5390", "repo": "project/repo", "file": "core/utils3.h", "label": 0, "features": [ 21, 41, 1, 67 ], "cvss": 7.5, "cve_description": "Linux TCP use-after-free in tcp_collapse_ofo_queue", "file_language": "C", "file_component": "tcp", "is_test_file": false }, { "cveId": "CVE-2018-5390", "repo": "project/repo", "file": "kernel/main4.c", "label": 0, "features": [ 17, 39, 0, 22 ], "cvss": 7.5, "cve_description": "Linux TCP use-after-free in tcp_collapse_ofo_queue", "file_language": "C", "file_component": "ofo", "is_test_file": false }, { "cveId": "CVE-2018-5390", "repo": "project/repo", "file": "mm/parser5.h", "label": 0, "features": [ 19, 15, 3, 49 ], "cvss": 7.5, "cve_description": "Linux TCP use-after-free in tcp_collapse_ofo_queue", "file_language": "C", "file_component": "collapse", "is_test_file": false }, { "cveId": "CVE-2018-5390", "repo": "project/repo", "file": "core/ofo6.h", "label": 0, "features": [ 14, 58, 1, 43 ], "cvss": 7.5, "cve_description": "Linux TCP use-after-free in tcp_collapse_ofo_queue", "file_language": "C", "file_component": "ofo", "is_test_file": false }, { "cveId": "CVE-2018-5390", "repo": "project/repo", "file": "drivers/main7.h", "label": 1, "features": [ 72, 71, 9, 75 ], "cvss": 7.5, "cve_description": "Linux TCP use-after-free in tcp_collapse_ofo_queue", "file_language": "C", "file_component": "ofo", "is_test_file": false }, { "cveId": "CVE-2018-5390", "repo": "project/repo", "file": "mm/io8.c", "label": 0, "features": [ 18, 56, 3, 9 ], "cvss": 7.5, "cve_description": "Linux TCP use-after-free in tcp_collapse_ofo_queue", "file_language": "C", "file_component": "collapse", "is_test_file": false }, { "cveId": "CVE-2018-5390", "repo": "project/repo", "file": "security/tcp9.h", "label": 0, "features": [ 19, 33, 5, 34 ], "cvss": 7.5, "cve_description": "Linux TCP use-after-free in tcp_collapse_ofo_queue", "file_language": "C", "file_component": "collapse", "is_test_file": true }, { "cveId": "CVE-2018-5390", "repo": "project/repo", "file": "crypto/tcp10.h", "label": 1, "features": [ 60, 75, 4, 71 ], "cvss": 7.5, "cve_description": "Linux TCP use-after-free in tcp_collapse_ofo_queue", "file_language": "C", "file_component": "ofo", "is_test_file": false }, { "cveId": "CVE-2018-5390", "repo": "project/repo", "file": "security/utils11.c", "label": 0, "features": [ 10, 48, 6, 21 ], "cvss": 7.5, "cve_description": "Linux TCP use-after-free in tcp_collapse_ofo_queue", "file_language": "C", "file_component": "ofo", "is_test_file": false }, { "cveId": "CVE-2018-5390", "repo": "project/repo", "file": "core/utils12.c", "label": 0, "features": [ 26, 24, 7, 9 ], "cvss": 7.5, "cve_description": "Linux TCP use-after-free in tcp_collapse_ofo_queue", "file_language": "C", "file_component": "ofo", "is_test_file": false }, { "cveId": "CVE-2018-5390", "repo": "project/repo", "file": "controllers/ofo13.rb", "label": 0, "features": [ 21, 58, 6, 42 ], "cvss": 7.5, "cve_description": "Linux TCP use-after-free in tcp_collapse_ofo_queue", "file_language": "Ruby", "file_component": "collapse", "is_test_file": false }, { "cveId": "CVE-2018-5390", "repo": "project/repo", "file": "kernel/config14.c", "label": 0, "features": [ 11, 30, 5, 37 ], "cvss": 7.5, "cve_description": "Linux TCP use-after-free in tcp_collapse_ofo_queue", "file_language": "C", "file_component": "collapse", "is_test_file": false }, { "cveId": "CVE-2018-5390", "repo": "project/repo", "file": "drivers/io15.h", "label": 1, "features": [ 65, 63, 5, 55 ], "cvss": 7.5, "cve_description": "Linux TCP use-after-free in tcp_collapse_ofo_queue", "file_language": "C", "file_component": "collapse", "is_test_file": false }, { "cveId": "CVE-2019-15666", "repo": "linux/xfrm", "file": "lib/fini.h", "label": 1, "features": [ 45, 56, 23, 49 ], "cvss": 4.4, "cve_description": "Linux xfrm use-after-free in xfrm_policy_fini", "file_language": "C", "file_component": "fini", "is_test_file": false }, { "cveId": "CVE-2019-15666", "repo": "linux/xfrm", "file": "engine/adapter1.h", "label": 0, "features": [ 26, 39, 0, 46 ], "cvss": 4.4, "cve_description": "Linux xfrm use-after-free in xfrm_policy_fini", "file_language": "C++", "file_component": "state", "is_test_file": false }, { "cveId": "CVE-2019-15666", "repo": "linux/xfrm", "file": "lib/xfrm2.cc", "label": 0, "features": [ 36, 46, 6, 42 ], "cvss": 4.4, "cve_description": "Linux xfrm use-after-free in xfrm_policy_fini", "file_language": "C++", "file_component": "xfrm", "is_test_file": false }, { "cveId": "CVE-2019-15666", "repo": "linux/xfrm", "file": "lib/init3.c", "label": 0, "features": [ 33, 40, 3, 57 ], "cvss": 4.4, "cve_description": "Linux xfrm use-after-free in xfrm_policy_fini", "file_language": "C", "file_component": "xfrm", "is_test_file": false }, { "cveId": "CVE-2019-15666", "repo": "linux/xfrm", "file": "drivers/state4.h", "label": 0, "features": [ 5, 12, 2, 44 ], "cvss": 4.4, "cve_description": "Linux xfrm use-after-free in xfrm_policy_fini", "file_language": "C", "file_component": "policy", "is_test_file": false }, { "cveId": "CVE-2019-15666", "repo": "linux/xfrm", "file": "fs/alloc5.h", "label": 0, "features": [ 28, 51, 7, 40 ], "cvss": 4.4, "cve_description": "Linux xfrm use-after-free in xfrm_policy_fini", "file_language": "C", "file_component": "policy", "is_test_file": false }, { "cveId": "CVE-2019-15666", "repo": "linux/xfrm", "file": "src/config6.c", "label": 0, "features": [ 10, 52, 3, 66 ], "cvss": 4.4, "cve_description": "Linux xfrm use-after-free in xfrm_policy_fini", "file_language": "C", "file_component": "xfrm", "is_test_file": true }, { "cveId": "CVE-2019-15666", "repo": "linux/xfrm", "file": "crypto/handler7.h", "label": 1, "features": [ 38, 80, 23, 85 ], "cvss": 4.4, "cve_description": "Linux xfrm use-after-free in xfrm_policy_fini", "file_language": "C", "file_component": "state", "is_test_file": false }, { "cveId": "CVE-2019-15666", "repo": "linux/xfrm", "file": "utils/policy8.py", "label": 1, "features": [ 41, 57, 26, 38 ], "cvss": 4.4, "cve_description": "Linux xfrm use-after-free in xfrm_policy_fini", "file_language": "Python", "file_component": "state", "is_test_file": false }, { "cveId": "CVE-2019-15666", "repo": "linux/xfrm", "file": "web/state9.java", "label": 0, "features": [ 33, 45, 5, 49 ], "cvss": 4.4, "cve_description": "Linux xfrm use-after-free in xfrm_policy_fini", "file_language": "Java", "file_component": "fini", "is_test_file": false }, { "cveId": "CVE-2017-5521", "repo": "netgear/router", "file": "utils/login.py", "label": 0, "features": [ 19, 12, 2, 47 ], "cvss": 8.1, "cve_description": "Netgear router authentication bypass via SQL injection", "file_language": "Python", "file_component": "query", "is_test_file": false }, { "cveId": "CVE-2017-5521", "repo": "netgear/router", "file": "utils/serializers1.py", "label": 0, "features": [ 31, 45, 8, 22 ], "cvss": 8.1, "cve_description": "Netgear router authentication bypass via SQL injection", "file_language": "Python", "file_component": "password", "is_test_file": false }, { "cveId": "CVE-2017-5521", "repo": "netgear/router", "file": "lib/utils2.py", "label": 0, "features": [ 22, 5, 7, 17 ], "cvss": 8.1, "cve_description": "Netgear router authentication bypass via SQL injection", "file_language": "Python", "file_component": "login", "is_test_file": false }, { "cveId": "CVE-2017-5521", "repo": "netgear/router", "file": "api/admin3.py", "label": 0, "features": [ 28, 36, 2, 10 ], "cvss": 8.1, "cve_description": "Netgear router authentication bypass via SQL injection", "file_language": "Python", "file_component": "password", "is_test_file": false }, { "cveId": "CVE-2017-5521", "repo": "netgear/router", "file": "src/auth4.py", "label": 0, "features": [ 10, 54, 7, 63 ], "cvss": 8.1, "cve_description": "Netgear router authentication bypass via SQL injection", "file_language": "Python", "file_component": "query", "is_test_file": false }, { "cveId": "CVE-2017-5521", "repo": "netgear/router", "file": "core/utils5.py", "label": 0, "features": [ 28, 39, 3, 54 ], "cvss": 8.1, "cve_description": "Netgear router authentication bypass via SQL injection", "file_language": "Python", "file_component": "auth", "is_test_file": false }, { "cveId": "CVE-2017-5521", "repo": "netgear/router", "file": "middleware/auth6.py", "label": 0, "features": [ 28, 60, 1, 30 ], "cvss": 8.1, "cve_description": "Netgear router authentication bypass via SQL injection", "file_language": "Python", "file_component": "query", "is_test_file": false }, { "cveId": "CVE-2017-5521", "repo": "netgear/router", "file": "lib/Helper7.php", "label": 1, "features": [ 22, 76, 13, 98 ], "cvss": 8.1, "cve_description": "Netgear router authentication bypass via SQL injection", "file_language": "PHP", "file_component": "password", "is_test_file": false }, { "cveId": "CVE-2017-5521", "repo": "netgear/router", "file": "handlers/auth8.py", "label": 0, "features": [ 32, 48, 1, 17 ], "cvss": 8.1, "cve_description": "Netgear router authentication bypass via SQL injection", "file_language": "Python", "file_component": "query", "is_test_file": false }, { "cveId": "CVE-2017-5521", "repo": "netgear/router", "file": "core/query9.c", "label": 1, "features": [ 46, 88, 28, 80 ], "cvss": 8.1, "cve_description": "Netgear router authentication bypass via SQL injection", "file_language": "C", "file_component": "query", "is_test_file": false }, { "cveId": "CVE-2017-5521", "repo": "netgear/router", "file": "handlers/handlers10.py", "label": 0, "features": [ 40, 55, 1, 51 ], "cvss": 8.1, "cve_description": "Netgear router authentication bypass via SQL injection", "file_language": "Python", "file_component": "query", "is_test_file": false }, { "cveId": "CVE-2017-5521", "repo": "netgear/router", "file": "api/admin11.py", "label": 1, "features": [ 26, 86, 16, 75 ], "cvss": 8.1, "cve_description": "Netgear router authentication bypass via SQL injection", "file_language": "Python", "file_component": "query", "is_test_file": false }, { "cveId": "CVE-2017-5521", "repo": "netgear/router", "file": "api/query12.go", "label": 0, "features": [ 21, 40, 2, 62 ], "cvss": 8.1, "cve_description": "Netgear router authentication bypass via SQL injection", "file_language": "Go", "file_component": "login", "is_test_file": false }, { "cveId": "CVE-2017-5521", "repo": "netgear/router", "file": "lib/login13.c", "label": 1, "features": [ 71, 69, 2, 84 ], "cvss": 8.1, "cve_description": "Netgear router authentication bypass via SQL injection", "file_language": "C", "file_component": "auth", "is_test_file": false }, { "cveId": "CVE-2017-5521", "repo": "netgear/router", "file": "handlers/auth14.py", "label": 0, "features": [ 17, 10, 5, 32 ], "cvss": 8.1, "cve_description": "Netgear router authentication bypass via SQL injection", "file_language": "Python", "file_component": "login", "is_test_file": false }, { "cveId": "CVE-2017-5521", "repo": "netgear/router", "file": "src/handlers15.py", "label": 0, "features": [ 14, 32, 1, 12 ], "cvss": 8.1, "cve_description": "Netgear router authentication bypass via SQL injection", "file_language": "Python", "file_component": "login", "is_test_file": true }, { "cveId": "CVE-2017-5521", "repo": "netgear/router", "file": "utils/query16.py", "label": 1, "features": [ 30, 95, 15, 46 ], "cvss": 8.1, "cve_description": "Netgear router authentication bypass via SQL injection", "file_language": "Python", "file_component": "login", "is_test_file": false }, { "cveId": "CVE-2018-15133", "repo": "laravel/framework", "file": "util/Serializer.java", "label": 0, "features": [ 9, 9, 8, 1 ], "cvss": 8.1, "cve_description": "Laravel framework SQL injection in query builder", "file_language": "Java", "file_component": "eloquent", "is_test_file": false }, { "cveId": "CVE-2018-15133", "repo": "laravel/framework", "file": "classes/Auth1.php", "label": 0, "features": [ 39, 48, 7, 27 ], "cvss": 8.1, "cve_description": "Laravel framework SQL injection in query builder", "file_language": "PHP", "file_component": "where", "is_test_file": false }, { "cveId": "CVE-2018-15133", "repo": "laravel/framework", "file": "includes/Database2.php", "label": 1, "features": [ 55, 90, 6, 61 ], "cvss": 8.1, "cve_description": "Laravel framework SQL injection in query builder", "file_language": "PHP", "file_component": "query", "is_test_file": false }, { "cveId": "CVE-2018-15133", "repo": "laravel/framework", "file": "classes/builder3.php", "label": 1, "features": [ 65, 58, 22, 36 ], "cvss": 8.1, "cve_description": "Laravel framework SQL injection in query builder", "file_language": "PHP", "file_component": "where", "is_test_file": false }, { "cveId": "CVE-2018-15133", "repo": "laravel/framework", "file": "api/models4.py", "label": 0, "features": [ 38, 9, 8, 1 ], "cvss": 8.1, "cve_description": "Laravel framework SQL injection in query builder", "file_language": "Python", "file_component": "eloquent", "is_test_file": false }, { "cveId": "CVE-2018-15133", "repo": "laravel/framework", "file": "util/builder5.java", "label": 0, "features": [ 30, 54, 1, 2 ], "cvss": 8.1, "cve_description": "Laravel framework SQL injection in query builder", "file_language": "Java", "file_component": "eloquent", "is_test_file": false }, { "cveId": "CVE-2018-15133", "repo": "laravel/framework", "file": "src/Controller6.php", "label": 0, "features": [ 40, 50, 8, 53 ], "cvss": 8.1, "cve_description": "Laravel framework SQL injection in query builder", "file_language": "PHP", "file_component": "builder", "is_test_file": false }, { "cveId": "CVE-2018-15133", "repo": "laravel/framework", "file": "app/builder7.php", "label": 0, "features": [ 9, 39, 5, 50 ], "cvss": 8.1, "cve_description": "Laravel framework SQL injection in query builder", "file_language": "PHP", "file_component": "builder", "is_test_file": false }, { "cveId": "CVE-2018-15133", "repo": "laravel/framework", "file": "network/query8.hpp", "label": 0, "features": [ 27, 12, 7, 7 ], "cvss": 8.1, "cve_description": "Laravel framework SQL injection in query builder", "file_language": "C++", "file_component": "where", "is_test_file": false }, { "cveId": "CVE-2018-15133", "repo": "laravel/framework", "file": "src/main/java/Validator9.java", "label": 0, "features": [ 10, 36, 5, 66 ], "cvss": 8.1, "cve_description": "Laravel framework SQL injection in query builder", "file_language": "Java", "file_component": "query", "is_test_file": false }, { "cveId": "CVE-2018-15133", "repo": "laravel/framework", "file": "core/router10.mjs", "label": 0, "features": [ 7, 54, 0, 42 ], "cvss": 8.1, "cve_description": "Laravel framework SQL injection in query builder", "file_language": "JavaScript", "file_component": "builder", "is_test_file": false }, { "cveId": "CVE-2018-15133", "repo": "laravel/framework", "file": "app/Model11.php", "label": 0, "features": [ 23, 8, 7, 21 ], "cvss": 8.1, "cve_description": "Laravel framework SQL injection in query builder", "file_language": "PHP", "file_component": "query", "is_test_file": false }, { "cveId": "CVE-2018-15133", "repo": "laravel/framework", "file": "includes/Model12.php", "label": 1, "features": [ 15, 42, 29, 31 ], "cvss": 8.1, "cve_description": "Laravel framework SQL injection in query builder", "file_language": "PHP", "file_component": "query", "is_test_file": false }, { "cveId": "CVE-2018-15133", "repo": "laravel/framework", "file": "lib/Helper13.php", "label": 0, "features": [ 26, 19, 5, 31 ], "cvss": 8.1, "cve_description": "Laravel framework SQL injection in query builder", "file_language": "PHP", "file_component": "eloquent", "is_test_file": false }, { "cveId": "CVE-2018-15133", "repo": "laravel/framework", "file": "middleware/auth14.js", "label": 0, "features": [ 3, 16, 3, 66 ], "cvss": 8.1, "cve_description": "Laravel framework SQL injection in query builder", "file_language": "JavaScript", "file_component": "query", "is_test_file": false }, { "cveId": "CVE-2018-15133", "repo": "laravel/framework", "file": "include/eloquent15.cc", "label": 0, "features": [ 0, 28, 3, 37 ], "cvss": 8.1, "cve_description": "Laravel framework SQL injection in query builder", "file_language": "C++", "file_component": "eloquent", "is_test_file": false }, { "cveId": "CVE-2018-15133", "repo": "laravel/framework", "file": "core/Response16.php", "label": 0, "features": [ 12, 51, 8, 31 ], "cvss": 8.1, "cve_description": "Laravel framework SQL injection in query builder", "file_language": "PHP", "file_component": "builder", "is_test_file": false }, { "cveId": "CVE-2018-15133", "repo": "laravel/framework", "file": "fs/config17.c", "label": 1, "features": [ 15, 88, 23, 78 ], "cvss": 8.1, "cve_description": "Laravel framework SQL injection in query builder", "file_language": "C", "file_component": "builder", "is_test_file": false }, { "cveId": "CVE-2018-15133", "repo": "laravel/framework", "file": "engine/controller18.h", "label": 0, "features": [ 3, 14, 4, 11 ], "cvss": 8.1, "cve_description": "Laravel framework SQL injection in query builder", "file_language": "C++", "file_component": "builder", "is_test_file": false }, { "cveId": "CVE-2018-15133", "repo": "laravel/framework", "file": "classes/Response19.php", "label": 0, "features": [ 5, 42, 1, 64 ], "cvss": 8.1, "cve_description": "Laravel framework SQL injection in query builder", "file_language": "PHP", "file_component": "eloquent", "is_test_file": true }, { "cveId": "CVE-2019-11043", "repo": "underflow/leads", "file": "lib/Request.php", "label": 0, "features": [ 25, 49, 5, 40 ], "cvss": 9.8, "cve_description": "PHP-FPM underflow leads to RCE via crafted URL paths", "file_language": "PHP", "file_component": "path", "is_test_file": false }, { "cveId": "CVE-2019-11043", "repo": "underflow/leads", "file": "lib/request1.php", "label": 1, "features": [ 74, 60, 15, 45 ], "cvss": 9.8, "cve_description": "PHP-FPM underflow leads to RCE via crafted URL paths", "file_language": "PHP", "file_component": "path", "is_test_file": false }, { "cveId": "CVE-2019-11043", "repo": "underflow/leads", "file": "core/admin2.py", "label": 0, "features": [ 5, 15, 4, 5 ], "cvss": 9.8, "cve_description": "PHP-FPM underflow leads to RCE via crafted URL paths", "file_language": "Python", "file_component": "request", "is_test_file": false }, { "cveId": "CVE-2019-11043", "repo": "underflow/leads", "file": "security/fpm3.java", "label": 0, "features": [ 19, 21, 2, 3 ], "cvss": 9.8, "cve_description": "PHP-FPM underflow leads to RCE via crafted URL paths", "file_language": "Java", "file_component": "fpm", "is_test_file": false }, { "cveId": "CVE-2019-11043", "repo": "underflow/leads", "file": "api/fpm4.py", "label": 0, "features": [ 14, 13, 3, 51 ], "cvss": 9.8, "cve_description": "PHP-FPM underflow leads to RCE via crafted URL paths", "file_language": "Python", "file_component": "fpm", "is_test_file": false }, { "cveId": "CVE-2019-11043", "repo": "underflow/leads", "file": "includes/fpm5.php", "label": 0, "features": [ 12, 46, 7, 16 ], "cvss": 9.8, "cve_description": "PHP-FPM underflow leads to RCE via crafted URL paths", "file_language": "PHP", "file_component": "fpm", "is_test_file": false }, { "cveId": "CVE-2019-11043", "repo": "underflow/leads", "file": "src/request6.php", "label": 1, "features": [ 65, 71, 2, 78 ], "cvss": 9.8, "cve_description": "PHP-FPM underflow leads to RCE via crafted URL paths", "file_language": "PHP", "file_component": "fpm", "is_test_file": false }, { "cveId": "CVE-2019-11043", "repo": "underflow/leads", "file": "lib/Request7.php", "label": 0, "features": [ 9, 7, 3, 37 ], "cvss": 9.8, "cve_description": "PHP-FPM underflow leads to RCE via crafted URL paths", "file_language": "PHP", "file_component": "path", "is_test_file": false }, { "cveId": "CVE-2019-11043", "repo": "underflow/leads", "file": "lib/path8.rb", "label": 0, "features": [ 33, 20, 8, 2 ], "cvss": 9.8, "cve_description": "PHP-FPM underflow leads to RCE via crafted URL paths", "file_language": "Ruby", "file_component": "fpm", "is_test_file": false }, { "cveId": "CVE-2020-36326", "repo": "phpmailer/object", "file": "app/send.php", "label": 0, "features": [ 1, 56, 4, 7 ], "cvss": 9.8, "cve_description": "PHPMailer object injection vulnerability", "file_language": "PHP", "file_component": "header", "is_test_file": false }, { "cveId": "CVE-2020-36326", "repo": "phpmailer/object", "file": "includes/send1.php", "label": 0, "features": [ 17, 39, 0, 28 ], "cvss": 9.8, "cve_description": "PHPMailer object injection vulnerability", "file_language": "PHP", "file_component": "smtp", "is_test_file": false }, { "cveId": "CVE-2020-36326", "repo": "phpmailer/object", "file": "pkg/handler2.go", "label": 0, "features": [ 22, 42, 0, 45 ], "cvss": 9.8, "cve_description": "PHPMailer object injection vulnerability", "file_language": "Go", "file_component": "smtp", "is_test_file": false }, { "cveId": "CVE-2020-36326", "repo": "phpmailer/object", "file": "core/Request3.php", "label": 0, "features": [ 5, 8, 3, 28 ], "cvss": 9.8, "cve_description": "PHPMailer object injection vulnerability", "file_language": "PHP", "file_component": "send", "is_test_file": false }, { "cveId": "CVE-2020-36326", "repo": "phpmailer/object", "file": "includes/send4.php", "label": 0, "features": [ 20, 8, 0, 18 ], "cvss": 9.8, "cve_description": "PHPMailer object injection vulnerability", "file_language": "PHP", "file_component": "smtp", "is_test_file": true }, { "cveId": "CVE-2020-36326", "repo": "phpmailer/object", "file": "src/factory5.h", "label": 1, "features": [ 58, 59, 12, 47 ], "cvss": 9.8, "cve_description": "PHPMailer object injection vulnerability", "file_language": "C++", "file_component": "smtp", "is_test_file": false }, { "cveId": "CVE-2020-36326", "repo": "phpmailer/object", "file": "handler/transport6.go", "label": 0, "features": [ 35, 49, 5, 28 ], "cvss": 9.8, "cve_description": "PHPMailer object injection vulnerability", "file_language": "Go", "file_component": "header", "is_test_file": false }, { "cveId": "CVE-2020-36326", "repo": "phpmailer/object", "file": "handler/mail7.go", "label": 1, "features": [ 88, 65, 29, 34 ], "cvss": 9.8, "cve_description": "PHPMailer object injection vulnerability", "file_language": "Go", "file_component": "smtp", "is_test_file": false }, { "cveId": "CVE-2020-36326", "repo": "phpmailer/object", "file": "classes/mail8.php", "label": 1, "features": [ 45, 62, 12, 51 ], "cvss": 9.8, "cve_description": "PHPMailer object injection vulnerability", "file_language": "PHP", "file_component": "send", "is_test_file": false }, { "cveId": "CVE-2020-36326", "repo": "phpmailer/object", "file": "src/mail9.php", "label": 0, "features": [ 22, 21, 1, 0 ], "cvss": 9.8, "cve_description": "PHPMailer object injection vulnerability", "file_language": "PHP", "file_component": "header", "is_test_file": false }, { "cveId": "CVE-2020-36326", "repo": "phpmailer/object", "file": "lib/Database10.php", "label": 0, "features": [ 22, 39, 6, 12 ], "cvss": 9.8, "cve_description": "PHPMailer object injection vulnerability", "file_language": "PHP", "file_component": "header", "is_test_file": true }, { "cveId": "CVE-2020-36326", "repo": "phpmailer/object", "file": "api/smtp11.py", "label": 1, "features": [ 48, 100, 5, 39 ], "cvss": 9.8, "cve_description": "PHPMailer object injection vulnerability", "file_language": "Python", "file_component": "send", "is_test_file": false }, { "cveId": "CVE-2020-36326", "repo": "phpmailer/object", "file": "controller/Controller12.java", "label": 1, "features": [ 93, 97, 17, 33 ], "cvss": 9.8, "cve_description": "PHPMailer object injection vulnerability", "file_language": "Java", "file_component": "mail", "is_test_file": false }, { "cveId": "CVE-2020-36326", "repo": "phpmailer/object", "file": "lib/send13.php", "label": 0, "features": [ 26, 49, 8, 69 ], "cvss": 9.8, "cve_description": "PHPMailer object injection vulnerability", "file_language": "PHP", "file_component": "header", "is_test_file": false }, { "cveId": "CVE-2020-36326", "repo": "phpmailer/object", "file": "src/Controller14.php", "label": 0, "features": [ 31, 14, 0, 46 ], "cvss": 9.8, "cve_description": "PHPMailer object injection vulnerability", "file_language": "PHP", "file_component": "send", "is_test_file": false }, { "cveId": "CVE-2020-36326", "repo": "phpmailer/object", "file": "lib/smtp15.php", "label": 1, "features": [ 25, 70, 29, 44 ], "cvss": 9.8, "cve_description": "PHPMailer object injection vulnerability", "file_language": "PHP", "file_component": "header", "is_test_file": false }, { "cveId": "CVE-2020-36326", "repo": "phpmailer/object", "file": "classes/Request16.php", "label": 0, "features": [ 24, 16, 5, 48 ], "cvss": 9.8, "cve_description": "PHPMailer object injection vulnerability", "file_language": "PHP", "file_component": "header", "is_test_file": false }, { "cveId": "CVE-2018-3760", "repo": "rails/sprockets", "file": "helpers/application.rb", "label": 0, "features": [ 6, 10, 5, 69 ], "cvss": 7.5, "cve_description": "Rails Sprockets path traversal allows arbitrary file read", "file_language": "Ruby", "file_component": "path", "is_test_file": false }, { "cveId": "CVE-2018-3760", "repo": "rails/sprockets", "file": "middleware/handlers1.py", "label": 1, "features": [ 75, 76, 30, 60 ], "cvss": 7.5, "cve_description": "Rails Sprockets path traversal allows arbitrary file read", "file_language": "Python", "file_component": "sprockets", "is_test_file": false }, { "cveId": "CVE-2018-3760", "repo": "rails/sprockets", "file": "helpers/resolve2.rb", "label": 0, "features": [ 11, 15, 3, 24 ], "cvss": 7.5, "cve_description": "Rails Sprockets path traversal allows arbitrary file read", "file_language": "Ruby", "file_component": "sprockets", "is_test_file": false }, { "cveId": "CVE-2018-3760", "repo": "rails/sprockets", "file": "app/validator3.rb", "label": 0, "features": [ 16, 25, 1, 11 ], "cvss": 7.5, "cve_description": "Rails Sprockets path traversal allows arbitrary file read", "file_language": "Ruby", "file_component": "resolve", "is_test_file": false }, { "cveId": "CVE-2018-3760", "repo": "rails/sprockets", "file": "models/concern4.rb", "label": 1, "features": [ 16, 90, 24, 96 ], "cvss": 7.5, "cve_description": "Rails Sprockets path traversal allows arbitrary file read", "file_language": "Ruby", "file_component": "path", "is_test_file": false }, { "cveId": "CVE-2018-3760", "repo": "rails/sprockets", "file": "app/concern5.rb", "label": 0, "features": [ 36, 54, 1, 36 ], "cvss": 7.5, "cve_description": "Rails Sprockets path traversal allows arbitrary file read", "file_language": "Ruby", "file_component": "asset", "is_test_file": false }, { "cveId": "CVE-2018-3760", "repo": "rails/sprockets", "file": "api/path6.go", "label": 0, "features": [ 25, 14, 6, 4 ], "cvss": 7.5, "cve_description": "Rails Sprockets path traversal allows arbitrary file read", "file_language": "Go", "file_component": "path", "is_test_file": false }, { "cveId": "CVE-2018-3760", "repo": "rails/sprockets", "file": "handlers/admin7.py", "label": 1, "features": [ 17, 61, 28, 68 ], "cvss": 7.5, "cve_description": "Rails Sprockets path traversal allows arbitrary file read", "file_language": "Python", "file_component": "sprockets", "is_test_file": false }, { "cveId": "CVE-2018-3760", "repo": "rails/sprockets", "file": "lib/factory8.h", "label": 0, "features": [ 20, 22, 6, 11 ], "cvss": 7.5, "cve_description": "Rails Sprockets path traversal allows arbitrary file read", "file_language": "C++", "file_component": "asset", "is_test_file": false }, { "cveId": "CVE-2018-3760", "repo": "rails/sprockets", "file": "controllers/validator9.rb", "label": 0, "features": [ 32, 55, 2, 8 ], "cvss": 7.5, "cve_description": "Rails Sprockets path traversal allows arbitrary file read", "file_language": "Ruby", "file_component": "resolve", "is_test_file": false }, { "cveId": "CVE-2018-3760", "repo": "rails/sprockets", "file": "helpers/asset10.rb", "label": 0, "features": [ 3, 20, 0, 58 ], "cvss": 7.5, "cve_description": "Rails Sprockets path traversal allows arbitrary file read", "file_language": "Ruby", "file_component": "asset", "is_test_file": false }, { "cveId": "CVE-2018-3760", "repo": "rails/sprockets", "file": "models/model11.rb", "label": 0, "features": [ 40, 12, 0, 30 ], "cvss": 7.5, "cve_description": "Rails Sprockets path traversal allows arbitrary file read", "file_language": "Ruby", "file_component": "asset", "is_test_file": true }, { "cveId": "CVE-2018-3760", "repo": "rails/sprockets", "file": "controllers/path12.rb", "label": 0, "features": [ 5, 23, 0, 49 ], "cvss": 7.5, "cve_description": "Rails Sprockets path traversal allows arbitrary file read", "file_language": "Ruby", "file_component": "asset", "is_test_file": false }, { "cveId": "CVE-2018-3760", "repo": "rails/sprockets", "file": "handlers/resolve13.py", "label": 0, "features": [ 32, 6, 0, 60 ], "cvss": 7.5, "cve_description": "Rails Sprockets path traversal allows arbitrary file read", "file_language": "Python", "file_component": "asset", "is_test_file": true }, { "cveId": "CVE-2018-3760", "repo": "rails/sprockets", "file": "app/model14.rb", "label": 0, "features": [ 17, 32, 6, 44 ], "cvss": 7.5, "cve_description": "Rails Sprockets path traversal allows arbitrary file read", "file_language": "Ruby", "file_component": "sprockets", "is_test_file": false }, { "cveId": "CVE-2018-3760", "repo": "rails/sprockets", "file": "helpers/validator15.rb", "label": 0, "features": [ 0, 37, 5, 36 ], "cvss": 7.5, "cve_description": "Rails Sprockets path traversal allows arbitrary file read", "file_language": "Ruby", "file_component": "path", "is_test_file": false }, { "cveId": "CVE-2017-14149", "repo": "pelican/static", "file": "lib/router.js", "label": 0, "features": [ 38, 30, 5, 17 ], "cvss": 7.5, "cve_description": "Pelican static site generator SQL injection in feed generator", "file_language": "JavaScript", "file_component": "entry", "is_test_file": false }, { "cveId": "CVE-2017-14149", "repo": "pelican/static", "file": "core/feed1.py", "label": 1, "features": [ 89, 85, 20, 54 ], "cvss": 7.5, "cve_description": "Pelican static site generator SQL injection in feed generator", "file_language": "Python", "file_component": "entry", "is_test_file": false }, { "cveId": "CVE-2017-14149", "repo": "pelican/static", "file": "helpers/model2.rb", "label": 0, "features": [ 35, 16, 4, 12 ], "cvss": 7.5, "cve_description": "Pelican static site generator SQL injection in feed generator", "file_language": "Ruby", "file_component": "entry", "is_test_file": false }, { "cveId": "CVE-2017-14149", "repo": "pelican/static", "file": "security/entry3.java", "label": 0, "features": [ 26, 55, 5, 47 ], "cvss": 7.5, "cve_description": "Pelican static site generator SQL injection in feed generator", "file_language": "Java", "file_component": "entry", "is_test_file": false }, { "cveId": "CVE-2017-14149", "repo": "pelican/static", "file": "api/views4.py", "label": 1, "features": [ 39, 72, 5, 78 ], "cvss": 7.5, "cve_description": "Pelican static site generator SQL injection in feed generator", "file_language": "Python", "file_component": "feed", "is_test_file": false }, { "cveId": "CVE-2017-14149", "repo": "pelican/static", "file": "lib/middleware5.py", "label": 1, "features": [ 87, 97, 16, 48 ], "cvss": 7.5, "cve_description": "Pelican static site generator SQL injection in feed generator", "file_language": "Python", "file_component": "generate", "is_test_file": false }, { "cveId": "CVE-2017-14149", "repo": "pelican/static", "file": "include/feed6.hpp", "label": 0, "features": [ 0, 33, 4, 26 ], "cvss": 7.5, "cve_description": "Pelican static site generator SQL injection in feed generator", "file_language": "C++", "file_component": "template", "is_test_file": false }, { "cveId": "CVE-2017-14149", "repo": "pelican/static", "file": "api/models7.py", "label": 1, "features": [ 69, 65, 15, 91 ], "cvss": 7.5, "cve_description": "Pelican static site generator SQL injection in feed generator", "file_language": "Python", "file_component": "generate", "is_test_file": false }, { "cveId": "CVE-2017-14149", "repo": "pelican/static", "file": "handlers/utils8.py", "label": 0, "features": [ 33, 17, 0, 0 ], "cvss": 7.5, "cve_description": "Pelican static site generator SQL injection in feed generator", "file_language": "Python", "file_component": "generate", "is_test_file": false }, { "cveId": "CVE-2017-14149", "repo": "pelican/static", "file": "core/entry9.py", "label": 0, "features": [ 10, 9, 0, 38 ], "cvss": 7.5, "cve_description": "Pelican static site generator SQL injection in feed generator", "file_language": "Python", "file_component": "entry", "is_test_file": false }, { "cveId": "CVE-2017-14149", "repo": "pelican/static", "file": "api/serializers10.py", "label": 0, "features": [ 31, 27, 3, 21 ], "cvss": 7.5, "cve_description": "Pelican static site generator SQL injection in feed generator", "file_language": "Python", "file_component": "entry", "is_test_file": false }, { "cveId": "CVE-2017-14149", "repo": "pelican/static", "file": "pkg/feed11.go", "label": 0, "features": [ 37, 37, 2, 15 ], "cvss": 7.5, "cve_description": "Pelican static site generator SQL injection in feed generator", "file_language": "Go", "file_component": "feed", "is_test_file": false }, { "cveId": "CVE-2017-14149", "repo": "pelican/static", "file": "api/auth12.py", "label": 0, "features": [ 3, 47, 1, 2 ], "cvss": 7.5, "cve_description": "Pelican static site generator SQL injection in feed generator", "file_language": "Python", "file_component": "feed", "is_test_file": false }, { "cveId": "CVE-2017-14149", "repo": "pelican/static", "file": "api/models13.py", "label": 0, "features": [ 9, 18, 0, 38 ], "cvss": 7.5, "cve_description": "Pelican static site generator SQL injection in feed generator", "file_language": "Python", "file_component": "template", "is_test_file": true }, { "cveId": "CVE-2019-3462", "repo": "package/manager", "file": "include/manager.cpp", "label": 0, "features": [ 38, 17, 4, 66 ], "cvss": 8.1, "cve_description": "APT package manager HTTP redirect injection", "file_language": "C++", "file_component": "apt", "is_test_file": false }, { "cveId": "CVE-2019-3462", "repo": "package/manager", "file": "include/controller1.cpp", "label": 0, "features": [ 13, 49, 7, 42 ], "cvss": 8.1, "cve_description": "APT package manager HTTP redirect injection", "file_language": "C++", "file_component": "acquire", "is_test_file": false }, { "cveId": "CVE-2019-3462", "repo": "package/manager", "file": "src/apt2.h", "label": 0, "features": [ 32, 9, 1, 32 ], "cvss": 8.1, "cve_description": "APT package manager HTTP redirect injection", "file_language": "C++", "file_component": "apt", "is_test_file": false }, { "cveId": "CVE-2019-3462", "repo": "package/manager", "file": "include/http3.cpp", "label": 0, "features": [ 2, 59, 4, 46 ], "cvss": 8.1, "cve_description": "APT package manager HTTP redirect injection", "file_language": "C++", "file_component": "redirect", "is_test_file": false }, { "cveId": "CVE-2019-3462", "repo": "package/manager", "file": "src/http4.cpp", "label": 1, "features": [ 36, 61, 13, 86 ], "cvss": 8.1, "cve_description": "APT package manager HTTP redirect injection", "file_language": "C++", "file_component": "apt", "is_test_file": false }, { "cveId": "CVE-2019-3462", "repo": "package/manager", "file": "include/acquire5.cc", "label": 0, "features": [ 25, 34, 4, 49 ], "cvss": 8.1, "cve_description": "APT package manager HTTP redirect injection", "file_language": "C++", "file_component": "apt", "is_test_file": false }, { "cveId": "CVE-2019-3462", "repo": "package/manager", "file": "network/apt6.hpp", "label": 1, "features": [ 35, 46, 15, 91 ], "cvss": 8.1, "cve_description": "APT package manager HTTP redirect injection", "file_language": "C++", "file_component": "acquire", "is_test_file": false }, { "cveId": "CVE-2019-3462", "repo": "package/manager", "file": "engine/adapter7.cc", "label": 0, "features": [ 8, 35, 7, 14 ], "cvss": 8.1, "cve_description": "APT package manager HTTP redirect injection", "file_language": "C++", "file_component": "http", "is_test_file": false }, { "cveId": "CVE-2019-3462", "repo": "package/manager", "file": "include/http8.cc", "label": 1, "features": [ 58, 73, 18, 42 ], "cvss": 8.1, "cve_description": "APT package manager HTTP redirect injection", "file_language": "C++", "file_component": "apt", "is_test_file": false }, { "cveId": "CVE-2019-3462", "repo": "package/manager", "file": "controllers/http9.rb", "label": 0, "features": [ 32, 59, 7, 63 ], "cvss": 8.1, "cve_description": "APT package manager HTTP redirect injection", "file_language": "Ruby", "file_component": "redirect", "is_test_file": false }, { "cveId": "CVE-2019-3462", "repo": "package/manager", "file": "include/controller10.cc", "label": 0, "features": [ 3, 37, 3, 70 ], "cvss": 8.1, "cve_description": "APT package manager HTTP redirect injection", "file_language": "C++", "file_component": "acquire", "is_test_file": false }, { "cveId": "CVE-2019-3462", "repo": "package/manager", "file": "src/adapter11.h", "label": 0, "features": [ 28, 10, 7, 57 ], "cvss": 8.1, "cve_description": "APT package manager HTTP redirect injection", "file_language": "C++", "file_component": "http", "is_test_file": false }, { "cveId": "CVE-2019-3462", "repo": "package/manager", "file": "security/io12.c", "label": 0, "features": [ 0, 57, 1, 38 ], "cvss": 8.1, "cve_description": "APT package manager HTTP redirect injection", "file_language": "C", "file_component": "apt", "is_test_file": false }, { "cveId": "CVE-2019-3462", "repo": "package/manager", "file": "include/factory13.cpp", "label": 1, "features": [ 73, 61, 19, 90 ], "cvss": 8.1, "cve_description": "APT package manager HTTP redirect injection", "file_language": "C++", "file_component": "acquire", "is_test_file": false }, { "cveId": "CVE-2019-3462", "repo": "package/manager", "file": "src/redirect14.hpp", "label": 0, "features": [ 40, 56, 4, 70 ], "cvss": 8.1, "cve_description": "APT package manager HTTP redirect injection", "file_language": "C++", "file_component": "acquire", "is_test_file": false }, { "cveId": "CVE-2019-3462", "repo": "package/manager", "file": "crypto/http15.h", "label": 0, "features": [ 12, 12, 6, 27 ], "cvss": 8.1, "cve_description": "APT package manager HTTP redirect injection", "file_language": "C", "file_component": "http", "is_test_file": false }, { "cveId": "CVE-2019-3462", "repo": "package/manager", "file": "core/Controller16.php", "label": 1, "features": [ 72, 69, 23, 94 ], "cvss": 8.1, "cve_description": "APT package manager HTTP redirect injection", "file_language": "PHP", "file_component": "apt", "is_test_file": false }, { "cveId": "CVE-2019-3462", "repo": "package/manager", "file": "engine/adapter17.h", "label": 0, "features": [ 11, 49, 2, 16 ], "cvss": 8.1, "cve_description": "APT package manager HTTP redirect injection", "file_language": "C++", "file_component": "apt", "is_test_file": false }, { "cveId": "CVE-2018-11776", "repo": "apache/struts", "file": "web/Filter.java", "label": 0, "features": [ 28, 56, 2, 17 ], "cvss": 8.1, "cve_description": "Apache Struts namespace XSS allows code execution", "file_language": "Java", "file_component": "namespace", "is_test_file": false }, { "cveId": "CVE-2018-11776", "repo": "apache/struts", "file": "utils/action1.js", "label": 0, "features": [ 22, 48, 2, 22 ], "cvss": 8.1, "cve_description": "Apache Struts namespace XSS allows code execution", "file_language": "JavaScript", "file_component": "action", "is_test_file": false }, { "cveId": "CVE-2018-11776", "repo": "apache/struts", "file": "security/Controller2.java", "label": 0, "features": [ 37, 41, 6, 68 ], "cvss": 8.1, "cve_description": "Apache Struts namespace XSS allows code execution", "file_language": "Java", "file_component": "action", "is_test_file": false }, { "cveId": "CVE-2018-11776", "repo": "apache/struts", "file": "src/struts3.c", "label": 0, "features": [ 12, 22, 2, 36 ], "cvss": 8.1, "cve_description": "Apache Struts namespace XSS allows code execution", "file_language": "C", "file_component": "struts", "is_test_file": false }, { "cveId": "CVE-2018-11776", "repo": "apache/struts", "file": "security/struts4.java", "label": 1, "features": [ 60, 92, 16, 43 ], "cvss": 8.1, "cve_description": "Apache Struts namespace XSS allows code execution", "file_language": "Java", "file_component": "struts", "is_test_file": false }, { "cveId": "CVE-2018-11776", "repo": "apache/struts", "file": "security/action5.java", "label": 1, "features": [ 21, 99, 14, 79 ], "cvss": 8.1, "cve_description": "Apache Struts namespace XSS allows code execution", "file_language": "Java", "file_component": "namespace", "is_test_file": false }, { "cveId": "CVE-2018-11776", "repo": "apache/struts", "file": "src/Request6.php", "label": 0, "features": [ 28, 58, 3, 47 ], "cvss": 8.1, "cve_description": "Apache Struts namespace XSS allows code execution", "file_language": "PHP", "file_component": "struts", "is_test_file": false }, { "cveId": "CVE-2018-11776", "repo": "apache/struts", "file": "util/namespace7.java", "label": 0, "features": [ 4, 16, 2, 65 ], "cvss": 8.1, "cve_description": "Apache Struts namespace XSS allows code execution", "file_language": "Java", "file_component": "namespace", "is_test_file": false }, { "cveId": "CVE-2019-16759", "repo": "vbulletin/template", "file": "src/Response.php", "label": 0, "features": [ 9, 7, 2, 41 ], "cvss": 9.8, "cve_description": "vBulletin pre-auth RCE via template injection", "file_language": "PHP", "file_component": "eval", "is_test_file": false }, { "cveId": "CVE-2019-16759", "repo": "vbulletin/template", "file": "middleware/auth1.js", "label": 0, "features": [ 20, 38, 3, 23 ], "cvss": 9.8, "cve_description": "vBulletin pre-auth RCE via template injection", "file_language": "JavaScript", "file_component": "widget", "is_test_file": false }, { "cveId": "CVE-2019-16759", "repo": "vbulletin/template", "file": "controller/render2.java", "label": 1, "features": [ 42, 82, 12, 72 ], "cvss": 9.8, "cve_description": "vBulletin pre-auth RCE via template injection", "file_language": "Java", "file_component": "widget", "is_test_file": false }, { "cveId": "CVE-2019-16759", "repo": "vbulletin/template", "file": "includes/Controller3.php", "label": 0, "features": [ 28, 20, 3, 5 ], "cvss": 9.8, "cve_description": "vBulletin pre-auth RCE via template injection", "file_language": "PHP", "file_component": "widget", "is_test_file": false }, { "cveId": "CVE-2019-16759", "repo": "vbulletin/template", "file": "core/eval4.php", "label": 0, "features": [ 32, 56, 8, 57 ], "cvss": 9.8, "cve_description": "vBulletin pre-auth RCE via template injection", "file_language": "PHP", "file_component": "template", "is_test_file": false }, { "cveId": "CVE-2019-16759", "repo": "vbulletin/template", "file": "app/template5.php", "label": 0, "features": [ 40, 9, 3, 27 ], "cvss": 9.8, "cve_description": "vBulletin pre-auth RCE via template injection", "file_language": "PHP", "file_component": "render", "is_test_file": false }, { "cveId": "CVE-2019-16759", "repo": "vbulletin/template", "file": "lib/Database6.php", "label": 1, "features": [ 34, 41, 16, 72 ], "cvss": 9.8, "cve_description": "vBulletin pre-auth RCE via template injection", "file_language": "PHP", "file_component": "template", "is_test_file": false }, { "cveId": "CVE-2019-16759", "repo": "vbulletin/template", "file": "app/Model7.php", "label": 0, "features": [ 26, 29, 7, 51 ], "cvss": 9.8, "cve_description": "vBulletin pre-auth RCE via template injection", "file_language": "PHP", "file_component": "render", "is_test_file": true }, { "cveId": "CVE-2020-11022", "repo": "jquery/method", "file": "utils/server.mjs", "label": 1, "features": [ 28, 58, 27, 68 ], "cvss": 6.1, "cve_description": "jQuery XSS in html() method with crafted input", "file_language": "JavaScript", "file_component": "jquery", "is_test_file": false }, { "cveId": "CVE-2020-11022", "repo": "jquery/method", "file": "routes/validator1.js", "label": 0, "features": [ 34, 19, 2, 50 ], "cvss": 6.1, "cve_description": "jQuery XSS in html() method with crafted input", "file_language": "JavaScript", "file_component": "dom", "is_test_file": false }, { "cveId": "CVE-2020-11022", "repo": "jquery/method", "file": "core/auth2.js", "label": 0, "features": [ 35, 14, 1, 5 ], "cvss": 6.1, "cve_description": "jQuery XSS in html() method with crafted input", "file_language": "JavaScript", "file_component": "html", "is_test_file": false }, { "cveId": "CVE-2020-11022", "repo": "jquery/method", "file": "core/html3.mjs", "label": 1, "features": [ 35, 51, 9, 62 ], "cvss": 6.1, "cve_description": "jQuery XSS in html() method with crafted input", "file_language": "JavaScript", "file_component": "jquery", "is_test_file": false }, { "cveId": "CVE-2020-11022", "repo": "jquery/method", "file": "middleware/jquery4.js", "label": 0, "features": [ 16, 11, 3, 62 ], "cvss": 6.1, "cve_description": "jQuery XSS in html() method with crafted input", "file_language": "JavaScript", "file_component": "jquery", "is_test_file": false }, { "cveId": "CVE-2020-11022", "repo": "jquery/method", "file": "src/middleware5.js", "label": 0, "features": [ 20, 36, 7, 42 ], "cvss": 6.1, "cve_description": "jQuery XSS in html() method with crafted input", "file_language": "JavaScript", "file_component": "html", "is_test_file": false }, { "cveId": "CVE-2020-11022", "repo": "jquery/method", "file": "middleware/auth6.mjs", "label": 0, "features": [ 10, 5, 5, 31 ], "cvss": 6.1, "cve_description": "jQuery XSS in html() method with crafted input", "file_language": "JavaScript", "file_component": "html", "is_test_file": false }, { "cveId": "CVE-2020-11022", "repo": "jquery/method", "file": "internal/handler7.go", "label": 0, "features": [ 29, 33, 5, 39 ], "cvss": 6.1, "cve_description": "jQuery XSS in html() method with crafted input", "file_language": "Go", "file_component": "parse", "is_test_file": false }, { "cveId": "CVE-2020-11022", "repo": "jquery/method", "file": "core/jquery8.js", "label": 0, "features": [ 4, 6, 8, 3 ], "cvss": 6.1, "cve_description": "jQuery XSS in html() method with crafted input", "file_language": "JavaScript", "file_component": "jquery", "is_test_file": false }, { "cveId": "CVE-2020-11022", "repo": "jquery/method", "file": "src/middleware9.mjs", "label": 0, "features": [ 9, 28, 6, 28 ], "cvss": 6.1, "cve_description": "jQuery XSS in html() method with crafted input", "file_language": "JavaScript", "file_component": "html", "is_test_file": false }, { "cveId": "CVE-2020-11022", "repo": "jquery/method", "file": "lib/jquery10.js", "label": 1, "features": [ 45, 94, 27, 51 ], "cvss": 6.1, "cve_description": "jQuery XSS in html() method with crafted input", "file_language": "JavaScript", "file_component": "parse", "is_test_file": false }, { "cveId": "CVE-2020-11022", "repo": "jquery/method", "file": "lib/router11.mjs", "label": 0, "features": [ 2, 19, 7, 29 ], "cvss": 6.1, "cve_description": "jQuery XSS in html() method with crafted input", "file_language": "JavaScript", "file_component": "html", "is_test_file": false }, { "cveId": "CVE-2020-11022", "repo": "jquery/method", "file": "utils/dom12.mjs", "label": 1, "features": [ 20, 42, 22, 71 ], "cvss": 6.1, "cve_description": "jQuery XSS in html() method with crafted input", "file_language": "JavaScript", "file_component": "jquery", "is_test_file": false }, { "cveId": "CVE-2020-11022", "repo": "jquery/method", "file": "middleware/router13.mjs", "label": 0, "features": [ 23, 42, 1, 66 ], "cvss": 6.1, "cve_description": "jQuery XSS in html() method with crafted input", "file_language": "JavaScript", "file_component": "parse", "is_test_file": false }, { "cveId": "CVE-2020-11022", "repo": "jquery/method", "file": "core/utils14.py", "label": 0, "features": [ 38, 5, 8, 17 ], "cvss": 6.1, "cve_description": "jQuery XSS in html() method with crafted input", "file_language": "Python", "file_component": "dom", "is_test_file": false }, { "cveId": "CVE-2020-11022", "repo": "jquery/method", "file": "lib/jquery15.js", "label": 0, "features": [ 14, 31, 5, 14 ], "cvss": 6.1, "cve_description": "jQuery XSS in html() method with crafted input", "file_language": "JavaScript", "file_component": "parse", "is_test_file": false }, { "cveId": "CVE-2020-11022", "repo": "jquery/method", "file": "middleware/jquery16.mjs", "label": 0, "features": [ 8, 41, 2, 17 ], "cvss": 6.1, "cve_description": "jQuery XSS in html() method with crafted input", "file_language": "JavaScript", "file_component": "html", "is_test_file": false }, { "cveId": "CVE-2020-11022", "repo": "jquery/method", "file": "src/router17.mjs", "label": 0, "features": [ 33, 30, 0, 36 ], "cvss": 6.1, "cve_description": "jQuery XSS in html() method with crafted input", "file_language": "JavaScript", "file_component": "html", "is_test_file": false }, { "cveId": "CVE-2017-16028", "repo": "randomatic/package", "file": "util/Filter.java", "label": 0, "features": [ 11, 44, 8, 33 ], "cvss": 5.3, "cve_description": "randomatic npm package predictable output", "file_language": "Java", "file_component": "generate", "is_test_file": false }, { "cveId": "CVE-2017-16028", "repo": "randomatic/package", "file": "middleware/generate1.js", "label": 0, "features": [ 6, 6, 3, 66 ], "cvss": 5.3, "cve_description": "randomatic npm package predictable output", "file_language": "JavaScript", "file_component": "string", "is_test_file": false }, { "cveId": "CVE-2017-16028", "repo": "randomatic/package", "file": "lib/server2.js", "label": 0, "features": [ 39, 43, 0, 68 ], "cvss": 5.3, "cve_description": "randomatic npm package predictable output", "file_language": "JavaScript", "file_component": "string", "is_test_file": false }, { "cveId": "CVE-2017-16028", "repo": "randomatic/package", "file": "utils/router3.js", "label": 0, "features": [ 27, 38, 6, 47 ], "cvss": 5.3, "cve_description": "randomatic npm package predictable output", "file_language": "JavaScript", "file_component": "string", "is_test_file": false }, { "cveId": "CVE-2017-16028", "repo": "randomatic/package", "file": "lib/random4.mjs", "label": 1, "features": [ 69, 48, 10, 91 ], "cvss": 5.3, "cve_description": "randomatic npm package predictable output", "file_language": "JavaScript", "file_component": "string", "is_test_file": false }, { "cveId": "CVE-2017-16028", "repo": "randomatic/package", "file": "engine/random5.h", "label": 0, "features": [ 0, 41, 8, 15 ], "cvss": 5.3, "cve_description": "randomatic npm package predictable output", "file_language": "C++", "file_component": "charset", "is_test_file": false }, { "cveId": "CVE-2017-16028", "repo": "randomatic/package", "file": "utils/generate6.mjs", "label": 0, "features": [ 27, 46, 4, 33 ], "cvss": 5.3, "cve_description": "randomatic npm package predictable output", "file_language": "JavaScript", "file_component": "generate", "is_test_file": false }, { "cveId": "CVE-2018-20677", "repo": "bootstrap/tooltip", "file": "middleware/parser.mjs", "label": 0, "features": [ 36, 27, 6, 17 ], "cvss": 6.1, "cve_description": "Bootstrap XSS in tooltip data-template", "file_language": "JavaScript", "file_component": "template", "is_test_file": false }, { "cveId": "CVE-2018-20677", "repo": "bootstrap/tooltip", "file": "routes/popover1.js", "label": 0, "features": [ 21, 56, 8, 6 ], "cvss": 6.1, "cve_description": "Bootstrap XSS in tooltip data-template", "file_language": "JavaScript", "file_component": "tooltip", "is_test_file": false }, { "cveId": "CVE-2018-20677", "repo": "bootstrap/tooltip", "file": "core/template2.h", "label": 0, "features": [ 14, 28, 1, 4 ], "cvss": 6.1, "cve_description": "Bootstrap XSS in tooltip data-template", "file_language": "C", "file_component": "bootstrap", "is_test_file": false }, { "cveId": "CVE-2018-20677", "repo": "bootstrap/tooltip", "file": "handler/main3.go", "label": 0, "features": [ 28, 5, 3, 66 ], "cvss": 6.1, "cve_description": "Bootstrap XSS in tooltip data-template", "file_language": "Go", "file_component": "template", "is_test_file": false }, { "cveId": "CVE-2018-20677", "repo": "bootstrap/tooltip", "file": "middleware/bootstrap4.js", "label": 0, "features": [ 10, 10, 4, 51 ], "cvss": 6.1, "cve_description": "Bootstrap XSS in tooltip data-template", "file_language": "JavaScript", "file_component": "tooltip", "is_test_file": false }, { "cveId": "CVE-2018-20677", "repo": "bootstrap/tooltip", "file": "middleware/index5.js", "label": 0, "features": [ 35, 23, 8, 44 ], "cvss": 6.1, "cve_description": "Bootstrap XSS in tooltip data-template", "file_language": "JavaScript", "file_component": "tooltip", "is_test_file": false }, { "cveId": "CVE-2018-20677", "repo": "bootstrap/tooltip", "file": "api/popover6.py", "label": 1, "features": [ 79, 46, 19, 39 ], "cvss": 6.1, "cve_description": "Bootstrap XSS in tooltip data-template", "file_language": "Python", "file_component": "tooltip", "is_test_file": false }, { "cveId": "CVE-2018-20677", "repo": "bootstrap/tooltip", "file": "middleware/middleware7.mjs", "label": 0, "features": [ 24, 41, 7, 31 ], "cvss": 6.1, "cve_description": "Bootstrap XSS in tooltip data-template", "file_language": "JavaScript", "file_component": "bootstrap", "is_test_file": false }, { "cveId": "CVE-2018-20677", "repo": "bootstrap/tooltip", "file": "helpers/validator8.rb", "label": 1, "features": [ 48, 44, 14, 58 ], "cvss": 6.1, "cve_description": "Bootstrap XSS in tooltip data-template", "file_language": "Ruby", "file_component": "popover", "is_test_file": false }, { "cveId": "CVE-2018-20677", "repo": "bootstrap/tooltip", "file": "routes/auth9.js", "label": 0, "features": [ 16, 20, 4, 11 ], "cvss": 6.1, "cve_description": "Bootstrap XSS in tooltip data-template", "file_language": "JavaScript", "file_component": "template", "is_test_file": false }, { "cveId": "CVE-2018-20677", "repo": "bootstrap/tooltip", "file": "includes/tooltip10.php", "label": 0, "features": [ 36, 22, 2, 24 ], "cvss": 6.1, "cve_description": "Bootstrap XSS in tooltip data-template", "file_language": "PHP", "file_component": "bootstrap", "is_test_file": false }, { "cveId": "CVE-2018-20677", "repo": "bootstrap/tooltip", "file": "core/tooltip11.js", "label": 0, "features": [ 39, 27, 2, 13 ], "cvss": 6.1, "cve_description": "Bootstrap XSS in tooltip data-template", "file_language": "JavaScript", "file_component": "tooltip", "is_test_file": false }, { "cveId": "CVE-2018-20677", "repo": "bootstrap/tooltip", "file": "middleware/index12.js", "label": 1, "features": [ 62, 79, 12, 93 ], "cvss": 6.1, "cve_description": "Bootstrap XSS in tooltip data-template", "file_language": "JavaScript", "file_component": "popover", "is_test_file": false }, { "cveId": "CVE-2018-20677", "repo": "bootstrap/tooltip", "file": "lib/tooltip13.mjs", "label": 0, "features": [ 3, 38, 6, 61 ], "cvss": 6.1, "cve_description": "Bootstrap XSS in tooltip data-template", "file_language": "JavaScript", "file_component": "popover", "is_test_file": false }, { "cveId": "CVE-2018-20677", "repo": "bootstrap/tooltip", "file": "routes/router14.mjs", "label": 0, "features": [ 33, 34, 5, 1 ], "cvss": 6.1, "cve_description": "Bootstrap XSS in tooltip data-template", "file_language": "JavaScript", "file_component": "template", "is_test_file": false }, { "cveId": "CVE-2018-20677", "repo": "bootstrap/tooltip", "file": "core/template15.mjs", "label": 1, "features": [ 45, 57, 17, 73 ], "cvss": 6.1, "cve_description": "Bootstrap XSS in tooltip data-template", "file_language": "JavaScript", "file_component": "bootstrap", "is_test_file": false }, { "cveId": "CVE-2018-20677", "repo": "bootstrap/tooltip", "file": "routes/auth16.mjs", "label": 0, "features": [ 17, 33, 2, 16 ], "cvss": 6.1, "cve_description": "Bootstrap XSS in tooltip data-template", "file_language": "JavaScript", "file_component": "tooltip", "is_test_file": false }, { "cveId": "CVE-2018-20677", "repo": "bootstrap/tooltip", "file": "utils/middleware17.js", "label": 1, "features": [ 63, 52, 6, 49 ], "cvss": 6.1, "cve_description": "Bootstrap XSS in tooltip data-template", "file_language": "JavaScript", "file_component": "bootstrap", "is_test_file": false }, { "cveId": "CVE-2019-11358", "repo": "jquery/prototype", "file": "routes/merge.js", "label": 0, "features": [ 30, 58, 1, 57 ], "cvss": 6.1, "cve_description": "jQuery prototype pollution in extend function", "file_language": "JavaScript", "file_component": "jquery", "is_test_file": false }, { "cveId": "CVE-2019-11358", "repo": "jquery/prototype", "file": "middleware/jquery1.mjs", "label": 0, "features": [ 22, 60, 3, 68 ], "cvss": 6.1, "cve_description": "jQuery prototype pollution in extend function", "file_language": "JavaScript", "file_component": "merge", "is_test_file": false }, { "cveId": "CVE-2019-11358", "repo": "jquery/prototype", "file": "classes/Form2.php", "label": 0, "features": [ 24, 44, 4, 59 ], "cvss": 6.1, "cve_description": "jQuery prototype pollution in extend function", "file_language": "PHP", "file_component": "merge", "is_test_file": false }, { "cveId": "CVE-2019-11358", "repo": "jquery/prototype", "file": "utils/auth3.mjs", "label": 0, "features": [ 36, 30, 1, 10 ], "cvss": 6.1, "cve_description": "jQuery prototype pollution in extend function", "file_language": "JavaScript", "file_component": "extend", "is_test_file": false }, { "cveId": "CVE-2019-11358", "repo": "jquery/prototype", "file": "utils/middleware4.mjs", "label": 1, "features": [ 65, 57, 30, 86 ], "cvss": 6.1, "cve_description": "jQuery prototype pollution in extend function", "file_language": "JavaScript", "file_component": "merge", "is_test_file": false }, { "cveId": "CVE-2019-11358", "repo": "jquery/prototype", "file": "app/extend5.rb", "label": 1, "features": [ 47, 100, 25, 40 ], "cvss": 6.1, "cve_description": "jQuery prototype pollution in extend function", "file_language": "Ruby", "file_component": "deep", "is_test_file": false }, { "cveId": "CVE-2019-11358", "repo": "jquery/prototype", "file": "src/deep6.js", "label": 0, "features": [ 33, 53, 1, 13 ], "cvss": 6.1, "cve_description": "jQuery prototype pollution in extend function", "file_language": "JavaScript", "file_component": "jquery", "is_test_file": false }, { "cveId": "CVE-2019-11358", "repo": "jquery/prototype", "file": "core/handler7.js", "label": 1, "features": [ 71, 80, 6, 46 ], "cvss": 6.1, "cve_description": "jQuery prototype pollution in extend function", "file_language": "JavaScript", "file_component": "deep", "is_test_file": false }, { "cveId": "CVE-2019-11358", "repo": "jquery/prototype", "file": "utils/auth8.mjs", "label": 0, "features": [ 29, 60, 8, 34 ], "cvss": 6.1, "cve_description": "jQuery prototype pollution in extend function", "file_language": "JavaScript", "file_component": "jquery", "is_test_file": false }, { "cveId": "CVE-2019-11358", "repo": "jquery/prototype", "file": "middleware/parser9.mjs", "label": 0, "features": [ 40, 39, 4, 44 ], "cvss": 6.1, "cve_description": "jQuery prototype pollution in extend function", "file_language": "JavaScript", "file_component": "extend", "is_test_file": false }, { "cveId": "CVE-2019-11358", "repo": "jquery/prototype", "file": "routes/middleware10.mjs", "label": 1, "features": [ 34, 59, 2, 30 ], "cvss": 6.1, "cve_description": "jQuery prototype pollution in extend function", "file_language": "JavaScript", "file_component": "jquery", "is_test_file": false }, { "cveId": "CVE-2019-11358", "repo": "jquery/prototype", "file": "web/Filter11.java", "label": 0, "features": [ 31, 53, 7, 38 ], "cvss": 6.1, "cve_description": "jQuery prototype pollution in extend function", "file_language": "Java", "file_component": "merge", "is_test_file": false }, { "cveId": "CVE-2019-11358", "repo": "jquery/prototype", "file": "middleware/handler12.js", "label": 1, "features": [ 39, 66, 30, 85 ], "cvss": 6.1, "cve_description": "jQuery prototype pollution in extend function", "file_language": "JavaScript", "file_component": "merge", "is_test_file": false }, { "cveId": "CVE-2019-11358", "repo": "jquery/prototype", "file": "routes/extend13.mjs", "label": 1, "features": [ 81, 88, 27, 64 ], "cvss": 6.1, "cve_description": "jQuery prototype pollution in extend function", "file_language": "JavaScript", "file_component": "deep", "is_test_file": false }, { "cveId": "CVE-2019-11358", "repo": "jquery/prototype", "file": "lib/jquery14.js", "label": 0, "features": [ 40, 34, 7, 34 ], "cvss": 6.1, "cve_description": "jQuery prototype pollution in extend function", "file_language": "JavaScript", "file_component": "deep", "is_test_file": false }, { "cveId": "CVE-2019-11358", "repo": "jquery/prototype", "file": "src/router15.js", "label": 1, "features": [ 17, 51, 5, 66 ], "cvss": 6.1, "cve_description": "jQuery prototype pollution in extend function", "file_language": "JavaScript", "file_component": "merge", "is_test_file": false }, { "cveId": "CVE-2019-11358", "repo": "jquery/prototype", "file": "lib/parser16.c", "label": 0, "features": [ 21, 31, 4, 63 ], "cvss": 6.1, "cve_description": "jQuery prototype pollution in extend function", "file_language": "C", "file_component": "extend", "is_test_file": false }, { "cveId": "CVE-2019-11358", "repo": "jquery/prototype", "file": "core/deep17.js", "label": 0, "features": [ 4, 39, 7, 23 ], "cvss": 6.1, "cve_description": "jQuery prototype pollution in extend function", "file_language": "JavaScript", "file_component": "jquery", "is_test_file": false }, { "cveId": "CVE-2019-11358", "repo": "jquery/prototype", "file": "cmd/middleware18.go", "label": 0, "features": [ 28, 20, 0, 25 ], "cvss": 6.1, "cve_description": "jQuery prototype pollution in extend function", "file_language": "Go", "file_component": "jquery", "is_test_file": false }, { "cveId": "CVE-2019-11358", "repo": "jquery/prototype", "file": "api/jquery19.py", "label": 0, "features": [ 35, 38, 1, 32 ], "cvss": 6.1, "cve_description": "jQuery prototype pollution in extend function", "file_language": "Python", "file_component": "deep", "is_test_file": false }, { "cveId": "CVE-2020-7598", "repo": "minimist/prototype", "file": "core/server.mjs", "label": 0, "features": [ 0, 7, 7, 19 ], "cvss": 5.6, "cve_description": "minimist prototype pollution", "file_language": "JavaScript", "file_component": "parse", "is_test_file": false }, { "cveId": "CVE-2020-7598", "repo": "minimist/prototype", "file": "routes/server1.mjs", "label": 1, "features": [ 95, 43, 3, 75 ], "cvss": 5.6, "cve_description": "minimist prototype pollution", "file_language": "JavaScript", "file_component": "parse", "is_test_file": false }, { "cveId": "CVE-2020-7598", "repo": "minimist/prototype", "file": "core/controller2.cc", "label": 0, "features": [ 22, 56, 7, 24 ], "cvss": 5.6, "cve_description": "minimist prototype pollution", "file_language": "C++", "file_component": "parse", "is_test_file": false }, { "cveId": "CVE-2020-7598", "repo": "minimist/prototype", "file": "core/index3.mjs", "label": 1, "features": [ 86, 58, 19, 92 ], "cvss": 5.6, "cve_description": "minimist prototype pollution", "file_language": "JavaScript", "file_component": "parse", "is_test_file": false }, { "cveId": "CVE-2020-7598", "repo": "minimist/prototype", "file": "core/parser4.mjs", "label": 0, "features": [ 38, 60, 8, 20 ], "cvss": 5.6, "cve_description": "minimist prototype pollution", "file_language": "JavaScript", "file_component": "args", "is_test_file": false }, { "cveId": "CVE-2020-7598", "repo": "minimist/prototype", "file": "core/proto5.mjs", "label": 0, "features": [ 11, 6, 5, 30 ], "cvss": 5.6, "cve_description": "minimist prototype pollution", "file_language": "JavaScript", "file_component": "args", "is_test_file": true }, { "cveId": "CVE-2020-7598", "repo": "minimist/prototype", "file": "lib/parser6.js", "label": 1, "features": [ 56, 66, 22, 71 ], "cvss": 5.6, "cve_description": "minimist prototype pollution", "file_language": "JavaScript", "file_component": "proto", "is_test_file": false }, { "cveId": "CVE-2020-7598", "repo": "minimist/prototype", "file": "src/router7.js", "label": 0, "features": [ 12, 11, 7, 24 ], "cvss": 5.6, "cve_description": "minimist prototype pollution", "file_language": "JavaScript", "file_component": "minimist", "is_test_file": false }, { "cveId": "CVE-2020-7598", "repo": "minimist/prototype", "file": "utils/parse8.mjs", "label": 0, "features": [ 38, 50, 1, 1 ], "cvss": 5.6, "cve_description": "minimist prototype pollution", "file_language": "JavaScript", "file_component": "proto", "is_test_file": true }, { "cveId": "CVE-2020-7598", "repo": "minimist/prototype", "file": "src/proto9.js", "label": 0, "features": [ 23, 55, 0, 34 ], "cvss": 5.6, "cve_description": "minimist prototype pollution", "file_language": "JavaScript", "file_component": "proto", "is_test_file": false }, { "cveId": "CVE-2020-7598", "repo": "minimist/prototype", "file": "lib/server10.js", "label": 0, "features": [ 34, 29, 3, 24 ], "cvss": 5.6, "cve_description": "minimist prototype pollution", "file_language": "JavaScript", "file_component": "minimist", "is_test_file": false }, { "cveId": "CVE-2020-7598", "repo": "minimist/prototype", "file": "middleware/validator11.js", "label": 1, "features": [ 88, 62, 23, 88 ], "cvss": 5.6, "cve_description": "minimist prototype pollution", "file_language": "JavaScript", "file_component": "parse", "is_test_file": false }, { "cveId": "CVE-2020-7598", "repo": "minimist/prototype", "file": "lib/router12.mjs", "label": 0, "features": [ 10, 39, 7, 45 ], "cvss": 5.6, "cve_description": "minimist prototype pollution", "file_language": "JavaScript", "file_component": "minimist", "is_test_file": false }, { "cveId": "CVE-2020-7598", "repo": "minimist/prototype", "file": "core/validator13.mjs", "label": 0, "features": [ 20, 43, 3, 69 ], "cvss": 5.6, "cve_description": "minimist prototype pollution", "file_language": "JavaScript", "file_component": "args", "is_test_file": false }, { "cveId": "CVE-2020-7598", "repo": "minimist/prototype", "file": "routes/minimist14.mjs", "label": 0, "features": [ 18, 43, 0, 66 ], "cvss": 5.6, "cve_description": "minimist prototype pollution", "file_language": "JavaScript", "file_component": "args", "is_test_file": false }, { "cveId": "CVE-2020-7598", "repo": "minimist/prototype", "file": "net/args15.h", "label": 1, "features": [ 85, 72, 19, 49 ], "cvss": 5.6, "cve_description": "minimist prototype pollution", "file_language": "C", "file_component": "args", "is_test_file": false }, { "cveId": "CVE-2020-7598", "repo": "minimist/prototype", "file": "lib/middleware16.mjs", "label": 0, "features": [ 15, 19, 4, 38 ], "cvss": 5.6, "cve_description": "minimist prototype pollution", "file_language": "JavaScript", "file_component": "parse", "is_test_file": true }, { "cveId": "CVE-2020-7598", "repo": "minimist/prototype", "file": "utils/server17.mjs", "label": 0, "features": [ 11, 36, 1, 38 ], "cvss": 5.6, "cve_description": "minimist prototype pollution", "file_language": "JavaScript", "file_component": "parse", "is_test_file": true }, { "cveId": "CVE-2020-7598", "repo": "minimist/prototype", "file": "cmd/transport18.go", "label": 0, "features": [ 27, 31, 1, 29 ], "cvss": 5.6, "cve_description": "minimist prototype pollution", "file_language": "Go", "file_component": "minimist", "is_test_file": true }, { "cveId": "CVE-2020-7598", "repo": "minimist/prototype", "file": "src/parse19.c", "label": 1, "features": [ 56, 72, 24, 58 ], "cvss": 5.6, "cve_description": "minimist prototype pollution", "file_language": "C", "file_component": "proto", "is_test_file": false }, { "cveId": "CVE-2021-23337", "repo": "lodash/template", "file": "core/interpolate.h", "label": 0, "features": [ 5, 35, 0, 70 ], "cvss": 7.2, "cve_description": "lodash template injection", "file_language": "C++", "file_component": "template", "is_test_file": false }, { "cveId": "CVE-2021-23337", "repo": "lodash/template", "file": "utils/router1.js", "label": 0, "features": [ 12, 36, 6, 25 ], "cvss": 7.2, "cve_description": "lodash template injection", "file_language": "JavaScript", "file_component": "escape", "is_test_file": false }, { "cveId": "CVE-2021-23337", "repo": "lodash/template", "file": "src/lodash2.py", "label": 0, "features": [ 7, 47, 6, 54 ], "cvss": 7.2, "cve_description": "lodash template injection", "file_language": "Python", "file_component": "template", "is_test_file": false }, { "cveId": "CVE-2021-23337", "repo": "lodash/template", "file": "middleware/interpolate3.mjs", "label": 0, "features": [ 39, 57, 7, 18 ], "cvss": 7.2, "cve_description": "lodash template injection", "file_language": "JavaScript", "file_component": "interpolate", "is_test_file": false }, { "cveId": "CVE-2021-23337", "repo": "lodash/template", "file": "handlers/utils4.py", "label": 0, "features": [ 5, 12, 0, 31 ], "cvss": 7.2, "cve_description": "lodash template injection", "file_language": "Python", "file_component": "template", "is_test_file": false }, { "cveId": "CVE-2021-23337", "repo": "lodash/template", "file": "core/server5.mjs", "label": 0, "features": [ 1, 26, 3, 68 ], "cvss": 7.2, "cve_description": "lodash template injection", "file_language": "JavaScript", "file_component": "lodash", "is_test_file": false }, { "cveId": "CVE-2021-23337", "repo": "lodash/template", "file": "middleware/parser6.js", "label": 1, "features": [ 17, 64, 20, 97 ], "cvss": 7.2, "cve_description": "lodash template injection", "file_language": "JavaScript", "file_component": "interpolate", "is_test_file": false }, { "cveId": "CVE-2021-23337", "repo": "lodash/template", "file": "lib/middleware7.js", "label": 0, "features": [ 0, 9, 6, 34 ], "cvss": 7.2, "cve_description": "lodash template injection", "file_language": "JavaScript", "file_component": "interpolate", "is_test_file": true }, { "cveId": "CVE-2021-23337", "repo": "lodash/template", "file": "src/escape8.php", "label": 0, "features": [ 32, 50, 1, 40 ], "cvss": 7.2, "cve_description": "lodash template injection", "file_language": "PHP", "file_component": "lodash", "is_test_file": false }, { "cveId": "CVE-2016-5195", "repo": "linux/kernel", "file": "drivers/alloc.h", "label": 0, "features": [ 1, 27, 5, 45 ], "cvss": 7.8, "cve_description": "Linux kernel dirty COW race condition allows privilege escalation", "file_language": "C", "file_component": "page", "is_test_file": true }, { "cveId": "CVE-2016-5195", "repo": "linux/kernel", "file": "src/init1.h", "label": 0, "features": [ 1, 40, 4, 28 ], "cvss": 7.8, "cve_description": "Linux kernel dirty COW race condition allows privilege escalation", "file_language": "C", "file_component": "page", "is_test_file": false }, { "cveId": "CVE-2016-5195", "repo": "linux/kernel", "file": "security/Filter2.java", "label": 1, "features": [ 88, 49, 15, 69 ], "cvss": 7.8, "cve_description": "Linux kernel dirty COW race condition allows privilege escalation", "file_language": "Java", "file_component": "mm", "is_test_file": false }, { "cveId": "CVE-2016-5195", "repo": "linux/kernel", "file": "net/parser3.c", "label": 0, "features": [ 19, 49, 8, 17 ], "cvss": 7.8, "cve_description": "Linux kernel dirty COW race condition allows privilege escalation", "file_language": "C", "file_component": "cow", "is_test_file": false }, { "cveId": "CVE-2016-5195", "repo": "linux/kernel", "file": "web/cow4.java", "label": 0, "features": [ 1, 53, 5, 52 ], "cvss": 7.8, "cve_description": "Linux kernel dirty COW race condition allows privilege escalation", "file_language": "Java", "file_component": "cow", "is_test_file": false }, { "cveId": "CVE-2016-5195", "repo": "linux/kernel", "file": "core/mm5.c", "label": 1, "features": [ 93, 79, 10, 59 ], "cvss": 7.8, "cve_description": "Linux kernel dirty COW race condition allows privilege escalation", "file_language": "C", "file_component": "page", "is_test_file": false }, { "cveId": "CVE-2016-5195", "repo": "linux/kernel", "file": "drivers/write6.h", "label": 1, "features": [ 62, 51, 29, 79 ], "cvss": 7.8, "cve_description": "Linux kernel dirty COW race condition allows privilege escalation", "file_language": "C", "file_component": "mm", "is_test_file": false }, { "cveId": "CVE-2016-5195", "repo": "linux/kernel", "file": "net/main7.h", "label": 0, "features": [ 0, 22, 6, 28 ], "cvss": 7.8, "cve_description": "Linux kernel dirty COW race condition allows privilege escalation", "file_language": "C", "file_component": "cow", "is_test_file": false }, { "cveId": "CVE-2016-5195", "repo": "linux/kernel", "file": "lib/admin8.py", "label": 1, "features": [ 73, 96, 9, 84 ], "cvss": 7.8, "cve_description": "Linux kernel dirty COW race condition allows privilege escalation", "file_language": "Python", "file_component": "mm", "is_test_file": false }, { "cveId": "CVE-2016-5195", "repo": "linux/kernel", "file": "drivers/io9.c", "label": 0, "features": [ 28, 34, 0, 31 ], "cvss": 7.8, "cve_description": "Linux kernel dirty COW race condition allows privilege escalation", "file_language": "C", "file_component": "write", "is_test_file": false }, { "cveId": "CVE-2016-5195", "repo": "linux/kernel", "file": "fs/write10.c", "label": 0, "features": [ 25, 24, 4, 59 ], "cvss": 7.8, "cve_description": "Linux kernel dirty COW race condition allows privilege escalation", "file_language": "C", "file_component": "mm", "is_test_file": false }, { "cveId": "CVE-2016-5195", "repo": "linux/kernel", "file": "fs/parser11.h", "label": 1, "features": [ 72, 45, 25, 94 ], "cvss": 7.8, "cve_description": "Linux kernel dirty COW race condition allows privilege escalation", "file_language": "C", "file_component": "mm", "is_test_file": false }, { "cveId": "CVE-2016-5195", "repo": "linux/kernel", "file": "service/write12.java", "label": 0, "features": [ 37, 50, 3, 58 ], "cvss": 7.8, "cve_description": "Linux kernel dirty COW race condition allows privilege escalation", "file_language": "Java", "file_component": "write", "is_test_file": false }, { "cveId": "CVE-2016-5195", "repo": "linux/kernel", "file": "lib/utils13.c", "label": 0, "features": [ 40, 28, 1, 67 ], "cvss": 7.8, "cve_description": "Linux kernel dirty COW race condition allows privilege escalation", "file_language": "C", "file_component": "cow", "is_test_file": true }, { "cveId": "CVE-2016-5195", "repo": "linux/kernel", "file": "controller/Filter14.java", "label": 1, "features": [ 57, 76, 29, 49 ], "cvss": 7.8, "cve_description": "Linux kernel dirty COW race condition allows privilege escalation", "file_language": "Java", "file_component": "write", "is_test_file": false }, { "cveId": "CVE-2016-5195", "repo": "linux/kernel", "file": "security/init15.h", "label": 0, "features": [ 28, 23, 2, 15 ], "cvss": 7.8, "cve_description": "Linux kernel dirty COW race condition allows privilege escalation", "file_language": "C", "file_component": "mm", "is_test_file": false }, { "cveId": "CVE-2016-5195", "repo": "linux/kernel", "file": "src/alloc16.h", "label": 0, "features": [ 34, 56, 0, 63 ], "cvss": 7.8, "cve_description": "Linux kernel dirty COW race condition allows privilege escalation", "file_language": "C", "file_component": "page", "is_test_file": false }, { "cveId": "CVE-2016-5195", "repo": "linux/kernel", "file": "crypto/mm17.h", "label": 1, "features": [ 46, 96, 19, 65 ], "cvss": 7.8, "cve_description": "Linux kernel dirty COW race condition allows privilege escalation", "file_language": "C", "file_component": "write", "is_test_file": false }, { "cveId": "CVE-2016-5195", "repo": "linux/kernel", "file": "src/page18.c", "label": 0, "features": [ 2, 14, 0, 38 ], "cvss": 7.8, "cve_description": "Linux kernel dirty COW race condition allows privilege escalation", "file_language": "C", "file_component": "cow", "is_test_file": false }, { "cveId": "CVE-2016-5195", "repo": "linux/kernel", "file": "security/parser19.c", "label": 0, "features": [ 39, 47, 8, 22 ], "cvss": 7.8, "cve_description": "Linux kernel dirty COW race condition allows privilege escalation", "file_language": "C", "file_component": "mm", "is_test_file": false }, { "cveId": "CVE-2018-14634", "repo": "linux/kernel", "file": "internal/stack.go", "label": 0, "features": [ 21, 38, 6, 67 ], "cvss": 7.8, "cve_description": "Linux kernel stack buffer overflow in create_elf_tables", "file_language": "Go", "file_component": "elf", "is_test_file": false }, { "cveId": "CVE-2018-14634", "repo": "linux/kernel", "file": "lib/socket1.c", "label": 1, "features": [ 92, 99, 27, 66 ], "cvss": 7.8, "cve_description": "Linux kernel stack buffer overflow in create_elf_tables", "file_language": "C", "file_component": "elf", "is_test_file": false }, { "cveId": "CVE-2018-14634", "repo": "linux/kernel", "file": "lib/parser2.mjs", "label": 1, "features": [ 38, 96, 21, 59 ], "cvss": 7.8, "cve_description": "Linux kernel stack buffer overflow in create_elf_tables", "file_language": "JavaScript", "file_component": "stack", "is_test_file": false }, { "cveId": "CVE-2018-14634", "repo": "linux/kernel", "file": "src/alloc3.c", "label": 0, "features": [ 13, 56, 6, 52 ], "cvss": 7.8, "cve_description": "Linux kernel stack buffer overflow in create_elf_tables", "file_language": "C", "file_component": "elf", "is_test_file": false }, { "cveId": "CVE-2018-14634", "repo": "linux/kernel", "file": "src/elf4.h", "label": 0, "features": [ 19, 24, 8, 70 ], "cvss": 7.8, "cve_description": "Linux kernel stack buffer overflow in create_elf_tables", "file_language": "C", "file_component": "exec", "is_test_file": true }, { "cveId": "CVE-2018-14634", "repo": "linux/kernel", "file": "drivers/io5.c", "label": 1, "features": [ 39, 61, 28, 73 ], "cvss": 7.8, "cve_description": "Linux kernel stack buffer overflow in create_elf_tables", "file_language": "C", "file_component": "stack", "is_test_file": false }, { "cveId": "CVE-2018-14634", "repo": "linux/kernel", "file": "src/tables6.h", "label": 0, "features": [ 34, 26, 7, 52 ], "cvss": 7.8, "cve_description": "Linux kernel stack buffer overflow in create_elf_tables", "file_language": "C", "file_component": "tables", "is_test_file": false }, { "cveId": "CVE-2018-14634", "repo": "linux/kernel", "file": "mm/stack7.c", "label": 0, "features": [ 22, 9, 2, 35 ], "cvss": 7.8, "cve_description": "Linux kernel stack buffer overflow in create_elf_tables", "file_language": "C", "file_component": "stack", "is_test_file": false }, { "cveId": "CVE-2018-14634", "repo": "linux/kernel", "file": "fs/elf8.h", "label": 0, "features": [ 19, 50, 5, 4 ], "cvss": 7.8, "cve_description": "Linux kernel stack buffer overflow in create_elf_tables", "file_language": "C", "file_component": "tables", "is_test_file": false }, { "cveId": "CVE-2018-14634", "repo": "linux/kernel", "file": "drivers/stack9.h", "label": 1, "features": [ 37, 47, 13, 34 ], "cvss": 7.8, "cve_description": "Linux kernel stack buffer overflow in create_elf_tables", "file_language": "C", "file_component": "exec", "is_test_file": false }, { "cveId": "CVE-2018-14634", "repo": "linux/kernel", "file": "controllers/tables10.rb", "label": 0, "features": [ 33, 24, 5, 18 ], "cvss": 7.8, "cve_description": "Linux kernel stack buffer overflow in create_elf_tables", "file_language": "Ruby", "file_component": "elf", "is_test_file": false }, { "cveId": "CVE-2018-14634", "repo": "linux/kernel", "file": "net/elf11.h", "label": 1, "features": [ 15, 59, 3, 41 ], "cvss": 7.8, "cve_description": "Linux kernel stack buffer overflow in create_elf_tables", "file_language": "C", "file_component": "exec", "is_test_file": false }, { "cveId": "CVE-2018-14634", "repo": "linux/kernel", "file": "src/processor12.cc", "label": 0, "features": [ 13, 25, 3, 24 ], "cvss": 7.8, "cve_description": "Linux kernel stack buffer overflow in create_elf_tables", "file_language": "C++", "file_component": "stack", "is_test_file": false }, { "cveId": "CVE-2018-14634", "repo": "linux/kernel", "file": "lib/elf13.c", "label": 0, "features": [ 0, 44, 8, 65 ], "cvss": 7.8, "cve_description": "Linux kernel stack buffer overflow in create_elf_tables", "file_language": "C", "file_component": "tables", "is_test_file": false }, { "cveId": "CVE-2018-14634", "repo": "linux/kernel", "file": "kernel/parser14.h", "label": 1, "features": [ 36, 44, 11, 73 ], "cvss": 7.8, "cve_description": "Linux kernel stack buffer overflow in create_elf_tables", "file_language": "C", "file_component": "stack", "is_test_file": false }, { "cveId": "CVE-2018-14634", "repo": "linux/kernel", "file": "crypto/elf15.c", "label": 0, "features": [ 27, 30, 2, 57 ], "cvss": 7.8, "cve_description": "Linux kernel stack buffer overflow in create_elf_tables", "file_language": "C", "file_component": "elf", "is_test_file": false }, { "cveId": "CVE-2018-14634", "repo": "linux/kernel", "file": "fs/utils16.h", "label": 0, "features": [ 5, 57, 7, 12 ], "cvss": 7.8, "cve_description": "Linux kernel stack buffer overflow in create_elf_tables", "file_language": "C", "file_component": "exec", "is_test_file": false }, { "cveId": "CVE-2018-14634", "repo": "linux/kernel", "file": "crypto/stack17.c", "label": 0, "features": [ 23, 30, 2, 42 ], "cvss": 7.8, "cve_description": "Linux kernel stack buffer overflow in create_elf_tables", "file_language": "C", "file_component": "tables", "is_test_file": false }, { "cveId": "CVE-2018-14634", "repo": "linux/kernel", "file": "lib/tables18.rb", "label": 0, "features": [ 29, 59, 2, 36 ], "cvss": 7.8, "cve_description": "Linux kernel stack buffer overflow in create_elf_tables", "file_language": "Ruby", "file_component": "tables", "is_test_file": false }, { "cveId": "CVE-2019-14287", "repo": "sudo/allows", "file": "kernel/buffer.h", "label": 0, "features": [ 26, 20, 3, 70 ], "cvss": 8.8, "cve_description": "sudo allows bypass of user restriction via UID -1", "file_language": "C", "file_component": "sudo", "is_test_file": false }, { "cveId": "CVE-2019-14287", "repo": "sudo/allows", "file": "drivers/handler1.h", "label": 1, "features": [ 70, 76, 27, 73 ], "cvss": 8.8, "cve_description": "sudo allows bypass of user restriction via UID -1", "file_language": "C", "file_component": "sudo", "is_test_file": false }, { "cveId": "CVE-2019-14287", "repo": "sudo/allows", "file": "mm/alloc2.c", "label": 0, "features": [ 29, 25, 8, 12 ], "cvss": 8.8, "cve_description": "sudo allows bypass of user restriction via UID -1", "file_language": "C", "file_component": "sudo", "is_test_file": false }, { "cveId": "CVE-2019-14287", "repo": "sudo/allows", "file": "lib/socket3.c", "label": 0, "features": [ 38, 54, 6, 41 ], "cvss": 8.8, "cve_description": "sudo allows bypass of user restriction via UID -1", "file_language": "C", "file_component": "runas", "is_test_file": false }, { "cveId": "CVE-2019-14287", "repo": "sudo/allows", "file": "net/parser4.c", "label": 1, "features": [ 34, 68, 19, 67 ], "cvss": 8.8, "cve_description": "sudo allows bypass of user restriction via UID -1", "file_language": "C", "file_component": "sudo", "is_test_file": false }, { "cveId": "CVE-2019-14287", "repo": "sudo/allows", "file": "net/config5.h", "label": 0, "features": [ 19, 32, 5, 11 ], "cvss": 8.8, "cve_description": "sudo allows bypass of user restriction via UID -1", "file_language": "C", "file_component": "user", "is_test_file": false }, { "cveId": "CVE-2019-14287", "repo": "sudo/allows", "file": "core/sudo6.c", "label": 1, "features": [ 15, 85, 19, 75 ], "cvss": 8.8, "cve_description": "sudo allows bypass of user restriction via UID -1", "file_language": "C", "file_component": "runas", "is_test_file": false }, { "cveId": "CVE-2019-14287", "repo": "sudo/allows", "file": "net/io7.h", "label": 0, "features": [ 24, 30, 6, 55 ], "cvss": 8.8, "cve_description": "sudo allows bypass of user restriction via UID -1", "file_language": "C", "file_component": "sudo", "is_test_file": false }, { "cveId": "CVE-2019-14287", "repo": "sudo/allows", "file": "core/handler8.h", "label": 1, "features": [ 61, 93, 15, 49 ], "cvss": 8.8, "cve_description": "sudo allows bypass of user restriction via UID -1", "file_language": "C", "file_component": "runas", "is_test_file": false }, { "cveId": "CVE-2019-14287", "repo": "sudo/allows", "file": "src/main/java/runas9.java", "label": 0, "features": [ 27, 13, 1, 17 ], "cvss": 8.8, "cve_description": "sudo allows bypass of user restriction via UID -1", "file_language": "Java", "file_component": "user", "is_test_file": false }, { "cveId": "CVE-2019-14287", "repo": "sudo/allows", "file": "mm/io10.c", "label": 0, "features": [ 27, 40, 7, 49 ], "cvss": 8.8, "cve_description": "sudo allows bypass of user restriction via UID -1", "file_language": "C", "file_component": "runas", "is_test_file": false }, { "cveId": "CVE-2019-14287", "repo": "sudo/allows", "file": "mm/alloc11.c", "label": 1, "features": [ 49, 66, 19, 76 ], "cvss": 8.8, "cve_description": "sudo allows bypass of user restriction via UID -1", "file_language": "C", "file_component": "sudo", "is_test_file": false }, { "cveId": "CVE-2019-14287", "repo": "sudo/allows", "file": "drivers/utils12.h", "label": 0, "features": [ 5, 14, 8, 35 ], "cvss": 8.8, "cve_description": "sudo allows bypass of user restriction via UID -1", "file_language": "C", "file_component": "runas", "is_test_file": true }, { "cveId": "CVE-2019-14287", "repo": "sudo/allows", "file": "net/alloc13.c", "label": 0, "features": [ 34, 56, 4, 6 ], "cvss": 8.8, "cve_description": "sudo allows bypass of user restriction via UID -1", "file_language": "C", "file_component": "sudo", "is_test_file": false }, { "cveId": "CVE-2019-14287", "repo": "sudo/allows", "file": "crypto/alloc14.h", "label": 0, "features": [ 21, 31, 5, 37 ], "cvss": 8.8, "cve_description": "sudo allows bypass of user restriction via UID -1", "file_language": "C", "file_component": "sudo", "is_test_file": false }, { "cveId": "CVE-2019-14287", "repo": "sudo/allows", "file": "mm/init15.c", "label": 0, "features": [ 37, 15, 0, 37 ], "cvss": 8.8, "cve_description": "sudo allows bypass of user restriction via UID -1", "file_language": "C", "file_component": "uid", "is_test_file": false }, { "cveId": "CVE-2020-1472", "repo": "zerologon/netlogon", "file": "kernel/session.h", "label": 1, "features": [ 16, 87, 5, 52 ], "cvss": 10.0, "cve_description": "Zerologon - Netlogon elevation of privilege", "file_language": "C", "file_component": "session", "is_test_file": false }, { "cveId": "CVE-2020-1472", "repo": "zerologon/netlogon", "file": "app/model1.rb", "label": 0, "features": [ 33, 60, 0, 43 ], "cvss": 10.0, "cve_description": "Zerologon - Netlogon elevation of privilege", "file_language": "Ruby", "file_component": "session", "is_test_file": false }, { "cveId": "CVE-2020-1472", "repo": "zerologon/netlogon", "file": "util/auth2.java", "label": 0, "features": [ 40, 15, 3, 44 ], "cvss": 10.0, "cve_description": "Zerologon - Netlogon elevation of privilege", "file_language": "Java", "file_component": "auth", "is_test_file": false }, { "cveId": "CVE-2020-1472", "repo": "zerologon/netlogon", "file": "src/session3.h", "label": 0, "features": [ 30, 52, 8, 29 ], "cvss": 10.0, "cve_description": "Zerologon - Netlogon elevation of privilege", "file_language": "C", "file_component": "netlogon", "is_test_file": true }, { "cveId": "CVE-2020-1472", "repo": "zerologon/netlogon", "file": "app/auth4.rb", "label": 0, "features": [ 24, 48, 5, 67 ], "cvss": 10.0, "cve_description": "Zerologon - Netlogon elevation of privilege", "file_language": "Ruby", "file_component": "session", "is_test_file": false }, { "cveId": "CVE-2021-3156", "repo": "sudo/buffer", "file": "internal/client.go", "label": 0, "features": [ 16, 46, 6, 59 ], "cvss": 7.8, "cve_description": "sudo heap-based buffer overflow (Baron Samedit)", "file_language": "Go", "file_component": "escape", "is_test_file": false }, { "cveId": "CVE-2021-3156", "repo": "sudo/buffer", "file": "handlers/serializers1.py", "label": 0, "features": [ 0, 58, 1, 1 ], "cvss": 7.8, "cve_description": "sudo heap-based buffer overflow (Baron Samedit)", "file_language": "Python", "file_component": "escape", "is_test_file": false }, { "cveId": "CVE-2021-3156", "repo": "sudo/buffer", "file": "drivers/sudo2.h", "label": 0, "features": [ 1, 44, 1, 7 ], "cvss": 7.8, "cve_description": "sudo heap-based buffer overflow (Baron Samedit)", "file_language": "C", "file_component": "args", "is_test_file": false }, { "cveId": "CVE-2021-3156", "repo": "sudo/buffer", "file": "mm/parse3.c", "label": 0, "features": [ 24, 47, 2, 14 ], "cvss": 7.8, "cve_description": "sudo heap-based buffer overflow (Baron Samedit)", "file_language": "C", "file_component": "parse", "is_test_file": false }, { "cveId": "CVE-2021-3156", "repo": "sudo/buffer", "file": "lib/alloc4.h", "label": 1, "features": [ 56, 56, 7, 39 ], "cvss": 7.8, "cve_description": "sudo heap-based buffer overflow (Baron Samedit)", "file_language": "C", "file_component": "args", "is_test_file": false }, { "cveId": "CVE-2021-3156", "repo": "sudo/buffer", "file": "drivers/main5.h", "label": 0, "features": [ 16, 16, 7, 8 ], "cvss": 7.8, "cve_description": "sudo heap-based buffer overflow (Baron Samedit)", "file_language": "C", "file_component": "args", "is_test_file": false }, { "cveId": "CVE-2021-4034", "repo": "pkexec/local", "file": "crypto/pkexec.c", "label": 0, "features": [ 36, 51, 4, 57 ], "cvss": 7.8, "cve_description": "pkexec local privilege escalation (PwnKit)", "file_language": "C", "file_component": "pkexec", "is_test_file": false }, { "cveId": "CVE-2021-4034", "repo": "pkexec/local", "file": "src/environ1.h", "label": 0, "features": [ 25, 41, 0, 65 ], "cvss": 7.8, "cve_description": "pkexec local privilege escalation (PwnKit)", "file_language": "C", "file_component": "pkexec", "is_test_file": true }, { "cveId": "CVE-2021-4034", "repo": "pkexec/local", "file": "controllers/validator2.rb", "label": 1, "features": [ 15, 64, 24, 91 ], "cvss": 7.8, "cve_description": "pkexec local privilege escalation (PwnKit)", "file_language": "Ruby", "file_component": "path", "is_test_file": false }, { "cveId": "CVE-2021-4034", "repo": "pkexec/local", "file": "drivers/pkexec3.h", "label": 1, "features": [ 61, 74, 29, 73 ], "cvss": 7.8, "cve_description": "pkexec local privilege escalation (PwnKit)", "file_language": "C", "file_component": "environ", "is_test_file": false }, { "cveId": "CVE-2021-4034", "repo": "pkexec/local", "file": "net/parser4.c", "label": 0, "features": [ 12, 24, 6, 13 ], "cvss": 7.8, "cve_description": "pkexec local privilege escalation (PwnKit)", "file_language": "C", "file_component": "environ", "is_test_file": true }, { "cveId": "CVE-2021-4034", "repo": "pkexec/local", "file": "crypto/pkexec5.c", "label": 1, "features": [ 90, 55, 17, 79 ], "cvss": 7.8, "cve_description": "pkexec local privilege escalation (PwnKit)", "file_language": "C", "file_component": "pkexec", "is_test_file": false }, { "cveId": "CVE-2021-4034", "repo": "pkexec/local", "file": "crypto/buffer6.h", "label": 1, "features": [ 17, 42, 12, 37 ], "cvss": 7.8, "cve_description": "pkexec local privilege escalation (PwnKit)", "file_language": "C", "file_component": "environ", "is_test_file": false }, { "cveId": "CVE-2021-4034", "repo": "pkexec/local", "file": "pkg/auth7.go", "label": 0, "features": [ 14, 9, 0, 18 ], "cvss": 7.8, "cve_description": "pkexec local privilege escalation (PwnKit)", "file_language": "Go", "file_component": "pkexec", "is_test_file": false }, { "cveId": "CVE-2021-4034", "repo": "pkexec/local", "file": "net/pkexec8.c", "label": 1, "features": [ 54, 92, 27, 42 ], "cvss": 7.8, "cve_description": "pkexec local privilege escalation (PwnKit)", "file_language": "C", "file_component": "pkexec", "is_test_file": false }, { "cveId": "CVE-2021-4034", "repo": "pkexec/local", "file": "lib/utils9.h", "label": 0, "features": [ 39, 19, 1, 25 ], "cvss": 7.8, "cve_description": "pkexec local privilege escalation (PwnKit)", "file_language": "C", "file_component": "pkexec", "is_test_file": false }, { "cveId": "CVE-2021-4034", "repo": "pkexec/local", "file": "cmd/handler10.go", "label": 0, "features": [ 13, 53, 0, 22 ], "cvss": 7.8, "cve_description": "pkexec local privilege escalation (PwnKit)", "file_language": "Go", "file_component": "environ", "is_test_file": false }, { "cveId": "CVE-2021-4034", "repo": "pkexec/local", "file": "security/parser11.h", "label": 0, "features": [ 28, 20, 0, 17 ], "cvss": 7.8, "cve_description": "pkexec local privilege escalation (PwnKit)", "file_language": "C", "file_component": "argv", "is_test_file": false }, { "cveId": "CVE-2021-4034", "repo": "pkexec/local", "file": "cmd/argv12.go", "label": 1, "features": [ 26, 85, 22, 66 ], "cvss": 7.8, "cve_description": "pkexec local privilege escalation (PwnKit)", "file_language": "Go", "file_component": "argv", "is_test_file": false }, { "cveId": "CVE-2021-4034", "repo": "pkexec/local", "file": "app/controller13.rb", "label": 0, "features": [ 26, 20, 2, 4 ], "cvss": 7.8, "cve_description": "pkexec local privilege escalation (PwnKit)", "file_language": "Ruby", "file_component": "argv", "is_test_file": false }, { "cveId": "CVE-2021-4034", "repo": "pkexec/local", "file": "include/adapter14.cpp", "label": 0, "features": [ 12, 12, 8, 12 ], "cvss": 7.8, "cve_description": "pkexec local privilege escalation (PwnKit)", "file_language": "C++", "file_component": "environ", "is_test_file": false }, { "cveId": "CVE-2021-4034", "repo": "pkexec/local", "file": "middleware/pkexec15.py", "label": 1, "features": [ 34, 83, 29, 90 ], "cvss": 7.8, "cve_description": "pkexec local privilege escalation (PwnKit)", "file_language": "Python", "file_component": "path", "is_test_file": false }, { "cveId": "CVE-2021-4034", "repo": "pkexec/local", "file": "src/environ16.h", "label": 0, "features": [ 21, 44, 7, 5 ], "cvss": 7.8, "cve_description": "pkexec local privilege escalation (PwnKit)", "file_language": "C", "file_component": "pkexec", "is_test_file": false }, { "cveId": "CVE-2021-4034", "repo": "pkexec/local", "file": "core/main17.h", "label": 0, "features": [ 4, 20, 7, 41 ], "cvss": 7.8, "cve_description": "pkexec local privilege escalation (PwnKit)", "file_language": "C", "file_component": "argv", "is_test_file": false }, { "cveId": "CVE-2021-4034", "repo": "pkexec/local", "file": "src/path18.php", "label": 0, "features": [ 12, 29, 3, 9 ], "cvss": 7.8, "cve_description": "pkexec local privilege escalation (PwnKit)", "file_language": "PHP", "file_component": "argv", "is_test_file": false }, { "cveId": "CVE-2021-4034", "repo": "pkexec/local", "file": "core/environ19.h", "label": 0, "features": [ 8, 34, 3, 45 ], "cvss": 7.8, "cve_description": "pkexec local privilege escalation (PwnKit)", "file_language": "C", "file_component": "path", "is_test_file": false }, { "cveId": "CVE-2022-0847", "repo": "linux/kernel", "file": "crypto/io.c", "label": 1, "features": [ 43, 96, 11, 50 ], "cvss": 7.8, "cve_description": "Linux kernel dirty pipe local privilege escalation", "file_language": "C", "file_component": "buf", "is_test_file": false }, { "cveId": "CVE-2022-0847", "repo": "linux/kernel", "file": "mm/buf1.c", "label": 0, "features": [ 13, 42, 7, 59 ], "cvss": 7.8, "cve_description": "Linux kernel dirty pipe local privilege escalation", "file_language": "C", "file_component": "splice", "is_test_file": false }, { "cveId": "CVE-2022-0847", "repo": "linux/kernel", "file": "core/handlers2.py", "label": 1, "features": [ 90, 100, 6, 30 ], "cvss": 7.8, "cve_description": "Linux kernel dirty pipe local privilege escalation", "file_language": "Python", "file_component": "splice", "is_test_file": false }, { "cveId": "CVE-2022-0847", "repo": "linux/kernel", "file": "fs/main3.h", "label": 0, "features": [ 30, 56, 1, 57 ], "cvss": 7.8, "cve_description": "Linux kernel dirty pipe local privilege escalation", "file_language": "C", "file_component": "buf", "is_test_file": false }, { "cveId": "CVE-2022-0847", "repo": "linux/kernel", "file": "security/splice4.c", "label": 0, "features": [ 5, 6, 7, 39 ], "cvss": 7.8, "cve_description": "Linux kernel dirty pipe local privilege escalation", "file_language": "C", "file_component": "pipe", "is_test_file": false }, { "cveId": "CVE-2022-0847", "repo": "linux/kernel", "file": "crypto/alloc5.c", "label": 0, "features": [ 25, 16, 5, 59 ], "cvss": 7.8, "cve_description": "Linux kernel dirty pipe local privilege escalation", "file_language": "C", "file_component": "pipe", "is_test_file": false }, { "cveId": "CVE-2022-0847", "repo": "linux/kernel", "file": "security/page6.c", "label": 0, "features": [ 39, 39, 3, 10 ], "cvss": 7.8, "cve_description": "Linux kernel dirty pipe local privilege escalation", "file_language": "C", "file_component": "pipe", "is_test_file": false }, { "cveId": "CVE-2022-0847", "repo": "linux/kernel", "file": "fs/page7.c", "label": 0, "features": [ 29, 44, 0, 46 ], "cvss": 7.8, "cve_description": "Linux kernel dirty pipe local privilege escalation", "file_language": "C", "file_component": "pipe", "is_test_file": false }, { "cveId": "CVE-2022-0847", "repo": "linux/kernel", "file": "fs/handler8.c", "label": 0, "features": [ 15, 39, 1, 61 ], "cvss": 7.8, "cve_description": "Linux kernel dirty pipe local privilege escalation", "file_language": "C", "file_component": "pipe", "is_test_file": false }, { "cveId": "CVE-2022-0847", "repo": "linux/kernel", "file": "core/utils9.py", "label": 1, "features": [ 69, 57, 3, 38 ], "cvss": 7.8, "cve_description": "Linux kernel dirty pipe local privilege escalation", "file_language": "Python", "file_component": "splice", "is_test_file": false }, { "cveId": "CVE-2022-0847", "repo": "linux/kernel", "file": "crypto/buffer10.h", "label": 0, "features": [ 23, 56, 1, 24 ], "cvss": 7.8, "cve_description": "Linux kernel dirty pipe local privilege escalation", "file_language": "C", "file_component": "pipe", "is_test_file": false }, { "cveId": "CVE-2022-0847", "repo": "linux/kernel", "file": "security/parser11.h", "label": 0, "features": [ 4, 11, 2, 35 ], "cvss": 7.8, "cve_description": "Linux kernel dirty pipe local privilege escalation", "file_language": "C", "file_component": "pipe", "is_test_file": false }, { "cveId": "CVE-2022-0847", "repo": "linux/kernel", "file": "net/splice12.c", "label": 0, "features": [ 30, 27, 6, 56 ], "cvss": 7.8, "cve_description": "Linux kernel dirty pipe local privilege escalation", "file_language": "C", "file_component": "splice", "is_test_file": false }, { "cveId": "CVE-2017-7494", "repo": "samba/remote", "file": "includes/Response.php", "label": 1, "features": [ 82, 93, 19, 86 ], "cvss": 9.8, "cve_description": "Samba remote code execution via writable share", "file_language": "PHP", "file_component": "module", "is_test_file": false }, { "cveId": "CVE-2017-7494", "repo": "samba/remote", "file": "core/init1.c", "label": 0, "features": [ 18, 54, 0, 18 ], "cvss": 9.8, "cve_description": "Samba remote code execution via writable share", "file_language": "C", "file_component": "load", "is_test_file": false }, { "cveId": "CVE-2017-7494", "repo": "samba/remote", "file": "mm/share2.h", "label": 0, "features": [ 9, 15, 3, 14 ], "cvss": 9.8, "cve_description": "Samba remote code execution via writable share", "file_language": "C", "file_component": "share", "is_test_file": false }, { "cveId": "CVE-2017-7494", "repo": "samba/remote", "file": "crypto/samba3.h", "label": 0, "features": [ 20, 27, 2, 47 ], "cvss": 9.8, "cve_description": "Samba remote code execution via writable share", "file_language": "C", "file_component": "share", "is_test_file": true }, { "cveId": "CVE-2017-7494", "repo": "samba/remote", "file": "src/validator4.mjs", "label": 0, "features": [ 29, 25, 2, 0 ], "cvss": 9.8, "cve_description": "Samba remote code execution via writable share", "file_language": "JavaScript", "file_component": "samba", "is_test_file": false }, { "cveId": "CVE-2017-5689", "repo": "intel/authentication", "file": "lib/service.rb", "label": 0, "features": [ 8, 48, 8, 14 ], "cvss": 9.8, "cve_description": "Intel AMT authentication bypass via empty response", "file_language": "Ruby", "file_component": "digest", "is_test_file": false }, { "cveId": "CVE-2017-5689", "repo": "intel/authentication", "file": "crypto/auth1.c", "label": 0, "features": [ 37, 38, 3, 35 ], "cvss": 9.8, "cve_description": "Intel AMT authentication bypass via empty response", "file_language": "C", "file_component": "auth", "is_test_file": false }, { "cveId": "CVE-2017-5689", "repo": "intel/authentication", "file": "lib/digest2.h", "label": 0, "features": [ 38, 43, 8, 7 ], "cvss": 9.8, "cve_description": "Intel AMT authentication bypass via empty response", "file_language": "C", "file_component": "response", "is_test_file": false }, { "cveId": "CVE-2017-5689", "repo": "intel/authentication", "file": "security/digest3.h", "label": 0, "features": [ 22, 27, 4, 57 ], "cvss": 9.8, "cve_description": "Intel AMT authentication bypass via empty response", "file_language": "C", "file_component": "auth", "is_test_file": false }, { "cveId": "CVE-2017-5689", "repo": "intel/authentication", "file": "security/response4.h", "label": 1, "features": [ 68, 48, 28, 41 ], "cvss": 9.8, "cve_description": "Intel AMT authentication bypass via empty response", "file_language": "C", "file_component": "response", "is_test_file": false }, { "cveId": "CVE-2017-5689", "repo": "intel/authentication", "file": "lib/response5.h", "label": 0, "features": [ 40, 22, 6, 22 ], "cvss": 9.8, "cve_description": "Intel AMT authentication bypass via empty response", "file_language": "C", "file_component": "digest", "is_test_file": false }, { "cveId": "CVE-2017-5689", "repo": "intel/authentication", "file": "core/response6.java", "label": 0, "features": [ 2, 57, 4, 38 ], "cvss": 9.8, "cve_description": "Intel AMT authentication bypass via empty response", "file_language": "Java", "file_component": "auth", "is_test_file": false }, { "cveId": "CVE-2017-5689", "repo": "intel/authentication", "file": "middleware/response7.py", "label": 1, "features": [ 30, 81, 23, 66 ], "cvss": 9.8, "cve_description": "Intel AMT authentication bypass via empty response", "file_language": "Python", "file_component": "amt", "is_test_file": false }, { "cveId": "CVE-2017-5689", "repo": "intel/authentication", "file": "src/utils8.h", "label": 0, "features": [ 4, 43, 5, 61 ], "cvss": 9.8, "cve_description": "Intel AMT authentication bypass via empty response", "file_language": "C", "file_component": "auth", "is_test_file": false }, { "cveId": "CVE-2017-5689", "repo": "intel/authentication", "file": "models/concern9.rb", "label": 1, "features": [ 35, 77, 3, 48 ], "cvss": 9.8, "cve_description": "Intel AMT authentication bypass via empty response", "file_language": "Ruby", "file_component": "amt", "is_test_file": false }, { "cveId": "CVE-2017-5689", "repo": "intel/authentication", "file": "core/digest10.java", "label": 0, "features": [ 3, 23, 4, 67 ], "cvss": 9.8, "cve_description": "Intel AMT authentication bypass via empty response", "file_language": "Java", "file_component": "digest", "is_test_file": false }, { "cveId": "CVE-2017-5689", "repo": "intel/authentication", "file": "core/utils11.c", "label": 0, "features": [ 20, 57, 4, 34 ], "cvss": 9.8, "cve_description": "Intel AMT authentication bypass via empty response", "file_language": "C", "file_component": "auth", "is_test_file": false }, { "cveId": "CVE-2017-5689", "repo": "intel/authentication", "file": "fs/socket12.h", "label": 0, "features": [ 0, 13, 8, 36 ], "cvss": 9.8, "cve_description": "Intel AMT authentication bypass via empty response", "file_language": "C", "file_component": "amt", "is_test_file": false }, { "cveId": "CVE-2017-5689", "repo": "intel/authentication", "file": "core/auth13.c", "label": 0, "features": [ 12, 55, 8, 67 ], "cvss": 9.8, "cve_description": "Intel AMT authentication bypass via empty response", "file_language": "C", "file_component": "digest", "is_test_file": false }, { "cveId": "CVE-2017-5689", "repo": "intel/authentication", "file": "core/manager14.cpp", "label": 1, "features": [ 17, 70, 13, 69 ], "cvss": 9.8, "cve_description": "Intel AMT authentication bypass via empty response", "file_language": "C++", "file_component": "response", "is_test_file": false }, { "cveId": "CVE-2018-13379", "repo": "fortinet/fortios", "file": "src/main/java/ssl.java", "label": 0, "features": [ 14, 24, 2, 26 ], "cvss": 9.8, "cve_description": "Fortinet FortiOS path traversal credential theft", "file_language": "Java", "file_component": "vpn", "is_test_file": false }, { "cveId": "CVE-2018-13379", "repo": "fortinet/fortios", "file": "lib/main1.h", "label": 0, "features": [ 2, 17, 1, 4 ], "cvss": 9.8, "cve_description": "Fortinet FortiOS path traversal credential theft", "file_language": "C", "file_component": "fortios", "is_test_file": false }, { "cveId": "CVE-2018-13379", "repo": "fortinet/fortios", "file": "crypto/vpn2.h", "label": 0, "features": [ 0, 53, 1, 15 ], "cvss": 9.8, "cve_description": "Fortinet FortiOS path traversal credential theft", "file_language": "C", "file_component": "fortios", "is_test_file": false }, { "cveId": "CVE-2018-13379", "repo": "fortinet/fortios", "file": "core/vpn3.c", "label": 0, "features": [ 37, 27, 5, 20 ], "cvss": 9.8, "cve_description": "Fortinet FortiOS path traversal credential theft", "file_language": "C", "file_component": "ssl", "is_test_file": false }, { "cveId": "CVE-2018-13379", "repo": "fortinet/fortios", "file": "src/views4.py", "label": 0, "features": [ 18, 15, 8, 0 ], "cvss": 9.8, "cve_description": "Fortinet FortiOS path traversal credential theft", "file_language": "Python", "file_component": "fortios", "is_test_file": false }, { "cveId": "CVE-2018-13379", "repo": "fortinet/fortios", "file": "fs/alloc5.h", "label": 0, "features": [ 11, 33, 1, 23 ], "cvss": 9.8, "cve_description": "Fortinet FortiOS path traversal credential theft", "file_language": "C", "file_component": "ssl", "is_test_file": false }, { "cveId": "CVE-2018-13379", "repo": "fortinet/fortios", "file": "server/vpn6.go", "label": 0, "features": [ 7, 34, 1, 66 ], "cvss": 9.8, "cve_description": "Fortinet FortiOS path traversal credential theft", "file_language": "Go", "file_component": "ssl", "is_test_file": false }, { "cveId": "CVE-2018-13379", "repo": "fortinet/fortios", "file": "src/vpn7.mjs", "label": 0, "features": [ 29, 43, 4, 56 ], "cvss": 9.8, "cve_description": "Fortinet FortiOS path traversal credential theft", "file_language": "JavaScript", "file_component": "fortios", "is_test_file": false }, { "cveId": "CVE-2018-13379", "repo": "fortinet/fortios", "file": "net/utils8.h", "label": 0, "features": [ 23, 16, 0, 62 ], "cvss": 9.8, "cve_description": "Fortinet FortiOS path traversal credential theft", "file_language": "C", "file_component": "credential", "is_test_file": false }, { "cveId": "CVE-2018-13379", "repo": "fortinet/fortios", "file": "lib/parser9.h", "label": 1, "features": [ 90, 46, 25, 51 ], "cvss": 9.8, "cve_description": "Fortinet FortiOS path traversal credential theft", "file_language": "C", "file_component": "fortios", "is_test_file": false }, { "cveId": "CVE-2018-13379", "repo": "fortinet/fortios", "file": "includes/credential10.php", "label": 0, "features": [ 31, 22, 4, 51 ], "cvss": 9.8, "cve_description": "Fortinet FortiOS path traversal credential theft", "file_language": "PHP", "file_component": "ssl", "is_test_file": true }, { "cveId": "CVE-2018-13379", "repo": "fortinet/fortios", "file": "crypto/credential11.h", "label": 0, "features": [ 6, 12, 4, 62 ], "cvss": 9.8, "cve_description": "Fortinet FortiOS path traversal credential theft", "file_language": "C", "file_component": "credential", "is_test_file": false }, { "cveId": "CVE-2018-13379", "repo": "fortinet/fortios", "file": "src/utils12.c", "label": 0, "features": [ 31, 48, 0, 22 ], "cvss": 9.8, "cve_description": "Fortinet FortiOS path traversal credential theft", "file_language": "C", "file_component": "ssl", "is_test_file": false }, { "cveId": "CVE-2018-13379", "repo": "fortinet/fortios", "file": "kernel/socket13.c", "label": 0, "features": [ 33, 54, 7, 59 ], "cvss": 9.8, "cve_description": "Fortinet FortiOS path traversal credential theft", "file_language": "C", "file_component": "ssl", "is_test_file": false }, { "cveId": "CVE-2018-13379", "repo": "fortinet/fortios", "file": "fs/init14.h", "label": 1, "features": [ 84, 74, 2, 34 ], "cvss": 9.8, "cve_description": "Fortinet FortiOS path traversal credential theft", "file_language": "C", "file_component": "credential", "is_test_file": false }, { "cveId": "CVE-2018-13379", "repo": "fortinet/fortios", "file": "core/factory15.h", "label": 1, "features": [ 19, 42, 7, 68 ], "cvss": 9.8, "cve_description": "Fortinet FortiOS path traversal credential theft", "file_language": "C++", "file_component": "credential", "is_test_file": false }, { "cveId": "CVE-2019-0708", "repo": "bluekeep/authentication", "file": "mm/alloc.h", "label": 0, "features": [ 10, 37, 0, 50 ], "cvss": 9.8, "cve_description": "BlueKeep RDP authentication bypass", "file_language": "C", "file_component": "rdp", "is_test_file": false }, { "cveId": "CVE-2019-0708", "repo": "bluekeep/authentication", "file": "mm/rdp1.h", "label": 0, "features": [ 37, 7, 2, 46 ], "cvss": 9.8, "cve_description": "BlueKeep RDP authentication bypass", "file_language": "C", "file_component": "session", "is_test_file": false }, { "cveId": "CVE-2019-0708", "repo": "bluekeep/authentication", "file": "security/bind2.h", "label": 1, "features": [ 67, 62, 3, 61 ], "cvss": 9.8, "cve_description": "BlueKeep RDP authentication bypass", "file_language": "C", "file_component": "bind", "is_test_file": false }, { "cveId": "CVE-2019-0708", "repo": "bluekeep/authentication", "file": "lib/rdp3.c", "label": 0, "features": [ 34, 25, 0, 58 ], "cvss": 9.8, "cve_description": "BlueKeep RDP authentication bypass", "file_language": "C", "file_component": "rdp", "is_test_file": false }, { "cveId": "CVE-2019-0708", "repo": "bluekeep/authentication", "file": "kernel/main4.h", "label": 1, "features": [ 55, 64, 20, 79 ], "cvss": 9.8, "cve_description": "BlueKeep RDP authentication bypass", "file_language": "C", "file_component": "session", "is_test_file": false }, { "cveId": "CVE-2019-0708", "repo": "bluekeep/authentication", "file": "lib/handler5.h", "label": 0, "features": [ 21, 15, 4, 46 ], "cvss": 9.8, "cve_description": "BlueKeep RDP authentication bypass", "file_language": "C", "file_component": "session", "is_test_file": false }, { "cveId": "CVE-2019-0708", "repo": "bluekeep/authentication", "file": "fs/bind6.h", "label": 0, "features": [ 36, 30, 3, 11 ], "cvss": 9.8, "cve_description": "BlueKeep RDP authentication bypass", "file_language": "C", "file_component": "rdp", "is_test_file": false }, { "cveId": "CVE-2019-0708", "repo": "bluekeep/authentication", "file": "kernel/utils7.h", "label": 0, "features": [ 22, 55, 1, 38 ], "cvss": 9.8, "cve_description": "BlueKeep RDP authentication bypass", "file_language": "C", "file_component": "bind", "is_test_file": false }, { "cveId": "CVE-2019-0708", "repo": "bluekeep/authentication", "file": "net/session8.h", "label": 0, "features": [ 35, 16, 0, 66 ], "cvss": 9.8, "cve_description": "BlueKeep RDP authentication bypass", "file_language": "C", "file_component": "bind", "is_test_file": false }, { "cveId": "CVE-2019-0708", "repo": "bluekeep/authentication", "file": "crypto/init9.h", "label": 0, "features": [ 40, 8, 8, 25 ], "cvss": 9.8, "cve_description": "BlueKeep RDP authentication bypass", "file_language": "C", "file_component": "channel", "is_test_file": false }, { "cveId": "CVE-2020-1938", "repo": "apache/tomcat", "file": "cmd/request.go", "label": 0, "features": [ 10, 21, 3, 51 ], "cvss": 9.8, "cve_description": "Apache Tomcat AJP connector authentication bypass (Ghostcat)", "file_language": "Go", "file_component": "request", "is_test_file": false }, { "cveId": "CVE-2020-1938", "repo": "apache/tomcat", "file": "core/Serializer1.java", "label": 0, "features": [ 35, 32, 6, 4 ], "cvss": 9.8, "cve_description": "Apache Tomcat AJP connector authentication bypass (Ghostcat)", "file_language": "Java", "file_component": "ajp", "is_test_file": false }, { "cveId": "CVE-2020-1938", "repo": "apache/tomcat", "file": "web/Serializer2.java", "label": 1, "features": [ 37, 81, 29, 35 ], "cvss": 9.8, "cve_description": "Apache Tomcat AJP connector authentication bypass (Ghostcat)", "file_language": "Java", "file_component": "ajp", "is_test_file": false }, { "cveId": "CVE-2020-1938", "repo": "apache/tomcat", "file": "src/main/java/request3.java", "label": 0, "features": [ 4, 31, 5, 11 ], "cvss": 9.8, "cve_description": "Apache Tomcat AJP connector authentication bypass (Ghostcat)", "file_language": "Java", "file_component": "ajp", "is_test_file": false }, { "cveId": "CVE-2020-1938", "repo": "apache/tomcat", "file": "src/main/java/Interceptor4.java", "label": 0, "features": [ 37, 54, 8, 32 ], "cvss": 9.8, "cve_description": "Apache Tomcat AJP connector authentication bypass (Ghostcat)", "file_language": "Java", "file_component": "connector", "is_test_file": false }, { "cveId": "CVE-2020-1938", "repo": "apache/tomcat", "file": "util/servlet5.java", "label": 0, "features": [ 15, 32, 3, 18 ], "cvss": 9.8, "cve_description": "Apache Tomcat AJP connector authentication bypass (Ghostcat)", "file_language": "Java", "file_component": "ajp", "is_test_file": false }, { "cveId": "CVE-2020-1938", "repo": "apache/tomcat", "file": "service/Filter6.java", "label": 0, "features": [ 3, 36, 8, 47 ], "cvss": 9.8, "cve_description": "Apache Tomcat AJP connector authentication bypass (Ghostcat)", "file_language": "Java", "file_component": "request", "is_test_file": false }, { "cveId": "CVE-2020-1938", "repo": "apache/tomcat", "file": "service/Validator7.java", "label": 1, "features": [ 33, 63, 17, 77 ], "cvss": 9.8, "cve_description": "Apache Tomcat AJP connector authentication bypass (Ghostcat)", "file_language": "Java", "file_component": "servlet", "is_test_file": false }, { "cveId": "CVE-2020-1938", "repo": "apache/tomcat", "file": "util/Validator8.java", "label": 0, "features": [ 15, 21, 8, 49 ], "cvss": 9.8, "cve_description": "Apache Tomcat AJP connector authentication bypass (Ghostcat)", "file_language": "Java", "file_component": "ajp", "is_test_file": false }, { "cveId": "CVE-2020-1938", "repo": "apache/tomcat", "file": "includes/servlet9.php", "label": 0, "features": [ 16, 24, 1, 30 ], "cvss": 9.8, "cve_description": "Apache Tomcat AJP connector authentication bypass (Ghostcat)", "file_language": "PHP", "file_component": "ajp", "is_test_file": false }, { "cveId": "CVE-2020-1938", "repo": "apache/tomcat", "file": "security/Handler10.java", "label": 1, "features": [ 50, 95, 4, 92 ], "cvss": 9.8, "cve_description": "Apache Tomcat AJP connector authentication bypass (Ghostcat)", "file_language": "Java", "file_component": "servlet", "is_test_file": false }, { "cveId": "CVE-2020-1938", "repo": "apache/tomcat", "file": "security/Filter11.java", "label": 1, "features": [ 48, 72, 4, 75 ], "cvss": 9.8, "cve_description": "Apache Tomcat AJP connector authentication bypass (Ghostcat)", "file_language": "Java", "file_component": "request", "is_test_file": false }, { "cveId": "CVE-2020-1938", "repo": "apache/tomcat", "file": "classes/Controller12.php", "label": 0, "features": [ 11, 45, 7, 17 ], "cvss": 9.8, "cve_description": "Apache Tomcat AJP connector authentication bypass (Ghostcat)", "file_language": "PHP", "file_component": "servlet", "is_test_file": false }, { "cveId": "CVE-2020-1938", "repo": "apache/tomcat", "file": "web/connector13.java", "label": 0, "features": [ 33, 50, 2, 52 ], "cvss": 9.8, "cve_description": "Apache Tomcat AJP connector authentication bypass (Ghostcat)", "file_language": "Java", "file_component": "request", "is_test_file": true }, { "cveId": "CVE-2020-1938", "repo": "apache/tomcat", "file": "util/request14.java", "label": 0, "features": [ 18, 17, 1, 53 ], "cvss": 9.8, "cve_description": "Apache Tomcat AJP connector authentication bypass (Ghostcat)", "file_language": "Java", "file_component": "servlet", "is_test_file": false }, { "cveId": "CVE-2020-1938", "repo": "apache/tomcat", "file": "util/ajp15.java", "label": 0, "features": [ 35, 46, 3, 11 ], "cvss": 9.8, "cve_description": "Apache Tomcat AJP connector authentication bypass (Ghostcat)", "file_language": "Java", "file_component": "servlet", "is_test_file": false }, { "cveId": "CVE-2021-26855", "repo": "microsoft/exchange", "file": "lib/proxy.cpp", "label": 0, "features": [ 29, 57, 7, 15 ], "cvss": 9.8, "cve_description": "Microsoft Exchange SSRF allows authentication bypass", "file_language": "C++", "file_component": "autodiscover", "is_test_file": false }, { "cveId": "CVE-2021-26855", "repo": "microsoft/exchange", "file": "include/proxy1.h", "label": 1, "features": [ 41, 78, 8, 66 ], "cvss": 9.8, "cve_description": "Microsoft Exchange SSRF allows authentication bypass", "file_language": "C++", "file_component": "autodiscover", "is_test_file": false }, { "cveId": "CVE-2021-26855", "repo": "microsoft/exchange", "file": "core/autodiscover2.hpp", "label": 0, "features": [ 15, 44, 7, 31 ], "cvss": 9.8, "cve_description": "Microsoft Exchange SSRF allows authentication bypass", "file_language": "C++", "file_component": "owa", "is_test_file": false }, { "cveId": "CVE-2021-26855", "repo": "microsoft/exchange", "file": "src/autodiscover3.h", "label": 0, "features": [ 25, 48, 3, 49 ], "cvss": 9.8, "cve_description": "Microsoft Exchange SSRF allows authentication bypass", "file_language": "C++", "file_component": "proxy", "is_test_file": false }, { "cveId": "CVE-2021-26855", "repo": "microsoft/exchange", "file": "src/owa4.js", "label": 0, "features": [ 30, 27, 0, 0 ], "cvss": 9.8, "cve_description": "Microsoft Exchange SSRF allows authentication bypass", "file_language": "JavaScript", "file_component": "exchange", "is_test_file": false }, { "cveId": "CVE-2021-26855", "repo": "microsoft/exchange", "file": "core/exchange5.cc", "label": 1, "features": [ 89, 51, 10, 51 ], "cvss": 9.8, "cve_description": "Microsoft Exchange SSRF allows authentication bypass", "file_language": "C++", "file_component": "autodiscover", "is_test_file": false }, { "cveId": "CVE-2021-26855", "repo": "microsoft/exchange", "file": "lib/exchange6.rb", "label": 0, "features": [ 20, 7, 2, 63 ], "cvss": 9.8, "cve_description": "Microsoft Exchange SSRF allows authentication bypass", "file_language": "Ruby", "file_component": "owa", "is_test_file": false }, { "cveId": "CVE-2021-26855", "repo": "microsoft/exchange", "file": "app/Request7.php", "label": 0, "features": [ 27, 15, 5, 62 ], "cvss": 9.8, "cve_description": "Microsoft Exchange SSRF allows authentication bypass", "file_language": "PHP", "file_component": "proxy", "is_test_file": false }, { "cveId": "CVE-2021-26855", "repo": "microsoft/exchange", "file": "src/owa8.hpp", "label": 0, "features": [ 2, 35, 4, 20 ], "cvss": 9.8, "cve_description": "Microsoft Exchange SSRF allows authentication bypass", "file_language": "C++", "file_component": "proxy", "is_test_file": false }, { "cveId": "CVE-2021-26855", "repo": "microsoft/exchange", "file": "src/adapter9.cc", "label": 0, "features": [ 35, 36, 7, 63 ], "cvss": 9.8, "cve_description": "Microsoft Exchange SSRF allows authentication bypass", "file_language": "C++", "file_component": "proxy", "is_test_file": false }, { "cveId": "CVE-2021-26855", "repo": "microsoft/exchange", "file": "web/Controller10.java", "label": 0, "features": [ 11, 58, 2, 65 ], "cvss": 9.8, "cve_description": "Microsoft Exchange SSRF allows authentication bypass", "file_language": "Java", "file_component": "exchange", "is_test_file": false }, { "cveId": "CVE-2021-26855", "repo": "microsoft/exchange", "file": "engine/manager11.hpp", "label": 0, "features": [ 4, 20, 7, 12 ], "cvss": 9.8, "cve_description": "Microsoft Exchange SSRF allows authentication bypass", "file_language": "C++", "file_component": "owa", "is_test_file": false }, { "cveId": "CVE-2021-26855", "repo": "microsoft/exchange", "file": "core/factory12.cpp", "label": 1, "features": [ 34, 41, 4, 88 ], "cvss": 9.8, "cve_description": "Microsoft Exchange SSRF allows authentication bypass", "file_language": "C++", "file_component": "exchange", "is_test_file": false }, { "cveId": "CVE-2021-26855", "repo": "microsoft/exchange", "file": "network/exchange13.cpp", "label": 1, "features": [ 94, 100, 16, 71 ], "cvss": 9.8, "cve_description": "Microsoft Exchange SSRF allows authentication bypass", "file_language": "C++", "file_component": "proxy", "is_test_file": false }, { "cveId": "CVE-2021-26855", "repo": "microsoft/exchange", "file": "util/exchange14.java", "label": 0, "features": [ 4, 40, 6, 11 ], "cvss": 9.8, "cve_description": "Microsoft Exchange SSRF allows authentication bypass", "file_language": "Java", "file_component": "owa", "is_test_file": false }, { "cveId": "CVE-2021-26855", "repo": "microsoft/exchange", "file": "src/proxy15.hpp", "label": 0, "features": [ 18, 46, 2, 15 ], "cvss": 9.8, "cve_description": "Microsoft Exchange SSRF allows authentication bypass", "file_language": "C++", "file_component": "proxy", "is_test_file": false }, { "cveId": "CVE-2021-26855", "repo": "microsoft/exchange", "file": "core/server16.mjs", "label": 0, "features": [ 31, 33, 6, 60 ], "cvss": 9.8, "cve_description": "Microsoft Exchange SSRF allows authentication bypass", "file_language": "JavaScript", "file_component": "owa", "is_test_file": false }, { "cveId": "CVE-2021-26855", "repo": "microsoft/exchange", "file": "core/server17.cc", "label": 0, "features": [ 27, 45, 6, 11 ], "cvss": 9.8, "cve_description": "Microsoft Exchange SSRF allows authentication bypass", "file_language": "C++", "file_component": "exchange", "is_test_file": false }, { "cveId": "CVE-2021-26855", "repo": "microsoft/exchange", "file": "network/controller18.hpp", "label": 0, "features": [ 33, 45, 8, 10 ], "cvss": 9.8, "cve_description": "Microsoft Exchange SSRF allows authentication bypass", "file_language": "C++", "file_component": "proxy", "is_test_file": true }, { "cveId": "CVE-2018-1002105", "repo": "kubernetes/server", "file": "pkg/config.go", "label": 0, "features": [ 35, 9, 0, 65 ], "cvss": 9.8, "cve_description": "Kubernetes API server escalation via backend connection upgrade", "file_language": "Go", "file_component": "upgrade", "is_test_file": false }, { "cveId": "CVE-2018-1002105", "repo": "kubernetes/server", "file": "api/apiserver1.go", "label": 1, "features": [ 79, 41, 5, 89 ], "cvss": 9.8, "cve_description": "Kubernetes API server escalation via backend connection upgrade", "file_language": "Go", "file_component": "apiserver", "is_test_file": false }, { "cveId": "CVE-2018-1002105", "repo": "kubernetes/server", "file": "cmd/server2.go", "label": 0, "features": [ 19, 25, 7, 57 ], "cvss": 9.8, "cve_description": "Kubernetes API server escalation via backend connection upgrade", "file_language": "Go", "file_component": "backend", "is_test_file": false }, { "cveId": "CVE-2018-1002105", "repo": "kubernetes/server", "file": "pkg/handler3.go", "label": 0, "features": [ 38, 21, 1, 55 ], "cvss": 9.8, "cve_description": "Kubernetes API server escalation via backend connection upgrade", "file_language": "Go", "file_component": "proxy", "is_test_file": false }, { "cveId": "CVE-2018-1002105", "repo": "kubernetes/server", "file": "cmd/handler4.go", "label": 1, "features": [ 66, 95, 23, 92 ], "cvss": 9.8, "cve_description": "Kubernetes API server escalation via backend connection upgrade", "file_language": "Go", "file_component": "apiserver", "is_test_file": false }, { "cveId": "CVE-2018-1002105", "repo": "kubernetes/server", "file": "app/proxy5.php", "label": 0, "features": [ 7, 57, 0, 24 ], "cvss": 9.8, "cve_description": "Kubernetes API server escalation via backend connection upgrade", "file_language": "PHP", "file_component": "backend", "is_test_file": false }, { "cveId": "CVE-2018-1002105", "repo": "kubernetes/server", "file": "handler/middleware6.go", "label": 0, "features": [ 34, 17, 1, 38 ], "cvss": 9.8, "cve_description": "Kubernetes API server escalation via backend connection upgrade", "file_language": "Go", "file_component": "proxy", "is_test_file": false }, { "cveId": "CVE-2018-1002105", "repo": "kubernetes/server", "file": "cmd/server7.go", "label": 1, "features": [ 71, 71, 17, 32 ], "cvss": 9.8, "cve_description": "Kubernetes API server escalation via backend connection upgrade", "file_language": "Go", "file_component": "backend", "is_test_file": false }, { "cveId": "CVE-2018-1002105", "repo": "kubernetes/server", "file": "internal/apiserver8.go", "label": 0, "features": [ 40, 59, 6, 53 ], "cvss": 9.8, "cve_description": "Kubernetes API server escalation via backend connection upgrade", "file_language": "Go", "file_component": "proxy", "is_test_file": false }, { "cveId": "CVE-2018-1002105", "repo": "kubernetes/server", "file": "routes/validator9.mjs", "label": 0, "features": [ 39, 48, 7, 29 ], "cvss": 9.8, "cve_description": "Kubernetes API server escalation via backend connection upgrade", "file_language": "JavaScript", "file_component": "apiserver", "is_test_file": false }, { "cveId": "CVE-2018-1002105", "repo": "kubernetes/server", "file": "server/backend10.go", "label": 0, "features": [ 30, 12, 7, 44 ], "cvss": 9.8, "cve_description": "Kubernetes API server escalation via backend connection upgrade", "file_language": "Go", "file_component": "backend", "is_test_file": false }, { "cveId": "CVE-2018-1002105", "repo": "kubernetes/server", "file": "internal/proxy11.go", "label": 0, "features": [ 32, 19, 5, 59 ], "cvss": 9.8, "cve_description": "Kubernetes API server escalation via backend connection upgrade", "file_language": "Go", "file_component": "proxy", "is_test_file": false }, { "cveId": "CVE-2018-1002105", "repo": "kubernetes/server", "file": "api/transport12.go", "label": 1, "features": [ 35, 79, 8, 66 ], "cvss": 9.8, "cve_description": "Kubernetes API server escalation via backend connection upgrade", "file_language": "Go", "file_component": "backend", "is_test_file": false }, { "cveId": "CVE-2018-1002105", "repo": "kubernetes/server", "file": "pkg/backend13.go", "label": 0, "features": [ 6, 55, 6, 63 ], "cvss": 9.8, "cve_description": "Kubernetes API server escalation via backend connection upgrade", "file_language": "Go", "file_component": "backend", "is_test_file": false }, { "cveId": "CVE-2019-10149", "repo": "exim/remote", "file": "core/buffer.c", "label": 1, "features": [ 58, 67, 5, 59 ], "cvss": 9.8, "cve_description": "Exim remote command execution via mail address", "file_language": "C", "file_component": "deliver", "is_test_file": false }, { "cveId": "CVE-2019-10149", "repo": "exim/remote", "file": "drivers/config1.c", "label": 0, "features": [ 35, 22, 2, 65 ], "cvss": 9.8, "cve_description": "Exim remote command execution via mail address", "file_language": "C", "file_component": "expand", "is_test_file": false }, { "cveId": "CVE-2019-10149", "repo": "exim/remote", "file": "crypto/alloc2.c", "label": 0, "features": [ 39, 44, 1, 5 ], "cvss": 9.8, "cve_description": "Exim remote command execution via mail address", "file_language": "C", "file_component": "exim", "is_test_file": false }, { "cveId": "CVE-2019-10149", "repo": "exim/remote", "file": "net/config3.c", "label": 0, "features": [ 28, 53, 8, 63 ], "cvss": 9.8, "cve_description": "Exim remote command execution via mail address", "file_language": "C", "file_component": "exim", "is_test_file": false }, { "cveId": "CVE-2019-10149", "repo": "exim/remote", "file": "drivers/parser4.c", "label": 0, "features": [ 28, 31, 0, 31 ], "cvss": 9.8, "cve_description": "Exim remote command execution via mail address", "file_language": "C", "file_component": "expand", "is_test_file": false }, { "cveId": "CVE-2019-10149", "repo": "exim/remote", "file": "fs/string5.c", "label": 0, "features": [ 23, 45, 3, 19 ], "cvss": 9.8, "cve_description": "Exim remote command execution via mail address", "file_language": "C", "file_component": "expand", "is_test_file": false }, { "cveId": "CVE-2019-10149", "repo": "exim/remote", "file": "core/io6.h", "label": 0, "features": [ 29, 59, 8, 46 ], "cvss": 9.8, "cve_description": "Exim remote command execution via mail address", "file_language": "C", "file_component": "deliver", "is_test_file": false }, { "cveId": "CVE-2019-10149", "repo": "exim/remote", "file": "fs/string7.c", "label": 0, "features": [ 10, 32, 0, 50 ], "cvss": 9.8, "cve_description": "Exim remote command execution via mail address", "file_language": "C", "file_component": "exim", "is_test_file": false }, { "cveId": "CVE-2019-10149", "repo": "exim/remote", "file": "mm/main8.h", "label": 1, "features": [ 85, 95, 11, 70 ], "cvss": 9.8, "cve_description": "Exim remote command execution via mail address", "file_language": "C", "file_component": "deliver", "is_test_file": false }, { "cveId": "CVE-2019-10149", "repo": "exim/remote", "file": "fs/socket9.c", "label": 0, "features": [ 28, 46, 3, 69 ], "cvss": 9.8, "cve_description": "Exim remote command execution via mail address", "file_language": "C", "file_component": "expand", "is_test_file": false }, { "cveId": "CVE-2019-10149", "repo": "exim/remote", "file": "drivers/io10.c", "label": 0, "features": [ 5, 7, 8, 42 ], "cvss": 9.8, "cve_description": "Exim remote command execution via mail address", "file_language": "C", "file_component": "string", "is_test_file": false }, { "cveId": "CVE-2019-10149", "repo": "exim/remote", "file": "core/Controller11.java", "label": 0, "features": [ 40, 15, 0, 3 ], "cvss": 9.8, "cve_description": "Exim remote command execution via mail address", "file_language": "Java", "file_component": "expand", "is_test_file": false }, { "cveId": "CVE-2019-10149", "repo": "exim/remote", "file": "net/init12.h", "label": 1, "features": [ 29, 86, 3, 77 ], "cvss": 9.8, "cve_description": "Exim remote command execution via mail address", "file_language": "C", "file_component": "expand", "is_test_file": false }, { "cveId": "CVE-2019-10149", "repo": "exim/remote", "file": "src/exim13.h", "label": 0, "features": [ 29, 26, 3, 68 ], "cvss": 9.8, "cve_description": "Exim remote command execution via mail address", "file_language": "C", "file_component": "exim", "is_test_file": false }, { "cveId": "CVE-2020-15778", "repo": "openssh/command", "file": "core/middleware.py", "label": 0, "features": [ 9, 50, 6, 52 ], "cvss": 7.8, "cve_description": "OpenSSH scp command injection", "file_language": "Python", "file_component": "scp", "is_test_file": false }, { "cveId": "CVE-2020-15778", "repo": "openssh/command", "file": "crypto/shell1.h", "label": 0, "features": [ 37, 40, 8, 50 ], "cvss": 7.8, "cve_description": "OpenSSH scp command injection", "file_language": "C", "file_component": "remote", "is_test_file": true }, { "cveId": "CVE-2020-15778", "repo": "openssh/command", "file": "crypto/alloc2.h", "label": 0, "features": [ 9, 37, 2, 62 ], "cvss": 7.8, "cve_description": "OpenSSH scp command injection", "file_language": "C", "file_component": "shell", "is_test_file": false }, { "cveId": "CVE-2020-15778", "repo": "openssh/command", "file": "net/remote3.h", "label": 0, "features": [ 35, 28, 1, 52 ], "cvss": 7.8, "cve_description": "OpenSSH scp command injection", "file_language": "C", "file_component": "scp", "is_test_file": false }, { "cveId": "CVE-2020-15778", "repo": "openssh/command", "file": "src/command4.c", "label": 1, "features": [ 62, 59, 11, 92 ], "cvss": 7.8, "cve_description": "OpenSSH scp command injection", "file_language": "C", "file_component": "command", "is_test_file": false }, { "cveId": "CVE-2020-15778", "repo": "openssh/command", "file": "src/shell5.h", "label": 0, "features": [ 0, 12, 8, 44 ], "cvss": 7.8, "cve_description": "OpenSSH scp command injection", "file_language": "C", "file_component": "shell", "is_test_file": true }, { "cveId": "CVE-2020-15778", "repo": "openssh/command", "file": "mm/init6.h", "label": 0, "features": [ 24, 35, 2, 17 ], "cvss": 7.8, "cve_description": "OpenSSH scp command injection", "file_language": "C", "file_component": "shell", "is_test_file": true }, { "cveId": "CVE-2020-15778", "repo": "openssh/command", "file": "crypto/shell7.h", "label": 0, "features": [ 24, 19, 6, 43 ], "cvss": 7.8, "cve_description": "OpenSSH scp command injection", "file_language": "C", "file_component": "shell", "is_test_file": false }, { "cveId": "CVE-2020-15778", "repo": "openssh/command", "file": "lib/validator8.rb", "label": 0, "features": [ 36, 45, 4, 15 ], "cvss": 7.8, "cve_description": "OpenSSH scp command injection", "file_language": "Ruby", "file_component": "command", "is_test_file": false }, { "cveId": "CVE-2020-15778", "repo": "openssh/command", "file": "mm/buffer9.c", "label": 1, "features": [ 79, 97, 2, 45 ], "cvss": 7.8, "cve_description": "OpenSSH scp command injection", "file_language": "C", "file_component": "scp", "is_test_file": false }, { "cveId": "CVE-2020-15778", "repo": "openssh/command", "file": "kernel/handler10.c", "label": 1, "features": [ 89, 68, 4, 98 ], "cvss": 7.8, "cve_description": "OpenSSH scp command injection", "file_language": "C", "file_component": "scp", "is_test_file": false }, { "cveId": "CVE-2020-15778", "repo": "openssh/command", "file": "crypto/main11.h", "label": 0, "features": [ 26, 6, 8, 40 ], "cvss": 7.8, "cve_description": "OpenSSH scp command injection", "file_language": "C", "file_component": "scp", "is_test_file": false }, { "cveId": "CVE-2017-5223", "repo": "phpmailer/local", "file": "lib/Request.php", "label": 0, "features": [ 3, 44, 5, 23 ], "cvss": 5.5, "cve_description": "PHPMailer local file disclosure via attachment path", "file_language": "PHP", "file_component": "mail", "is_test_file": false }, { "cveId": "CVE-2017-5223", "repo": "phpmailer/local", "file": "src/Response1.php", "label": 0, "features": [ 20, 21, 6, 15 ], "cvss": 5.5, "cve_description": "PHPMailer local file disclosure via attachment path", "file_language": "PHP", "file_component": "file", "is_test_file": true }, { "cveId": "CVE-2017-5223", "repo": "phpmailer/local", "file": "core/path2.php", "label": 1, "features": [ 74, 75, 15, 38 ], "cvss": 5.5, "cve_description": "PHPMailer local file disclosure via attachment path", "file_language": "PHP", "file_component": "attach", "is_test_file": false }, { "cveId": "CVE-2017-5223", "repo": "phpmailer/local", "file": "src/attach3.php", "label": 1, "features": [ 53, 76, 15, 87 ], "cvss": 5.5, "cve_description": "PHPMailer local file disclosure via attachment path", "file_language": "PHP", "file_component": "attach", "is_test_file": false }, { "cveId": "CVE-2017-5223", "repo": "phpmailer/local", "file": "lib/Response4.php", "label": 0, "features": [ 34, 32, 8, 57 ], "cvss": 5.5, "cve_description": "PHPMailer local file disclosure via attachment path", "file_language": "PHP", "file_component": "attach", "is_test_file": true }, { "cveId": "CVE-2017-5223", "repo": "phpmailer/local", "file": "src/path5.mjs", "label": 0, "features": [ 24, 27, 3, 65 ], "cvss": 5.5, "cve_description": "PHPMailer local file disclosure via attachment path", "file_language": "JavaScript", "file_component": "attach", "is_test_file": true }, { "cveId": "CVE-2017-5223", "repo": "phpmailer/local", "file": "app/Model6.php", "label": 0, "features": [ 8, 51, 8, 35 ], "cvss": 5.5, "cve_description": "PHPMailer local file disclosure via attachment path", "file_language": "PHP", "file_component": "mail", "is_test_file": false }, { "cveId": "CVE-2017-5223", "repo": "phpmailer/local", "file": "classes/Response7.php", "label": 0, "features": [ 28, 22, 3, 41 ], "cvss": 5.5, "cve_description": "PHPMailer local file disclosure via attachment path", "file_language": "PHP", "file_component": "path", "is_test_file": false }, { "cveId": "CVE-2017-5223", "repo": "phpmailer/local", "file": "src/Helper8.php", "label": 1, "features": [ 15, 97, 2, 52 ], "cvss": 5.5, "cve_description": "PHPMailer local file disclosure via attachment path", "file_language": "PHP", "file_component": "path", "is_test_file": false }, { "cveId": "CVE-2017-5223", "repo": "phpmailer/local", "file": "helpers/application9.rb", "label": 0, "features": [ 28, 48, 1, 45 ], "cvss": 5.5, "cve_description": "PHPMailer local file disclosure via attachment path", "file_language": "Ruby", "file_component": "file", "is_test_file": false }, { "cveId": "CVE-2017-5223", "repo": "phpmailer/local", "file": "core/path10.php", "label": 0, "features": [ 12, 33, 0, 28 ], "cvss": 5.5, "cve_description": "PHPMailer local file disclosure via attachment path", "file_language": "PHP", "file_component": "path", "is_test_file": false }, { "cveId": "CVE-2017-5223", "repo": "phpmailer/local", "file": "src/file11.php", "label": 0, "features": [ 23, 7, 4, 63 ], "cvss": 5.5, "cve_description": "PHPMailer local file disclosure via attachment path", "file_language": "PHP", "file_component": "attach", "is_test_file": false }, { "cveId": "CVE-2017-5223", "repo": "phpmailer/local", "file": "lib/handlers12.py", "label": 0, "features": [ 36, 37, 7, 21 ], "cvss": 5.5, "cve_description": "PHPMailer local file disclosure via attachment path", "file_language": "Python", "file_component": "mail", "is_test_file": false }, { "cveId": "CVE-2017-5223", "repo": "phpmailer/local", "file": "src/attach13.php", "label": 0, "features": [ 33, 51, 4, 24 ], "cvss": 5.5, "cve_description": "PHPMailer local file disclosure via attachment path", "file_language": "PHP", "file_component": "attach", "is_test_file": false }, { "cveId": "CVE-2017-5223", "repo": "phpmailer/local", "file": "classes/Form14.php", "label": 0, "features": [ 3, 59, 5, 55 ], "cvss": 5.5, "cve_description": "PHPMailer local file disclosure via attachment path", "file_language": "PHP", "file_component": "path", "is_test_file": false }, { "cveId": "CVE-2017-5223", "repo": "phpmailer/local", "file": "classes/mail15.php", "label": 0, "features": [ 14, 8, 4, 53 ], "cvss": 5.5, "cve_description": "PHPMailer local file disclosure via attachment path", "file_language": "PHP", "file_component": "mail", "is_test_file": false }, { "cveId": "CVE-2017-5223", "repo": "phpmailer/local", "file": "lib/Response16.php", "label": 1, "features": [ 18, 87, 9, 84 ], "cvss": 5.5, "cve_description": "PHPMailer local file disclosure via attachment path", "file_language": "PHP", "file_component": "file", "is_test_file": false }, { "cveId": "CVE-2018-14847", "repo": "mikrotik/routeros", "file": "src/alloc.h", "label": 0, "features": [ 37, 56, 5, 32 ], "cvss": 9.1, "cve_description": "MikroTik RouterOS directory traversal", "file_language": "C", "file_component": "router", "is_test_file": false }, { "cveId": "CVE-2018-14847", "repo": "mikrotik/routeros", "file": "src/config1.c", "label": 1, "features": [ 91, 79, 16, 42 ], "cvss": 9.1, "cve_description": "MikroTik RouterOS directory traversal", "file_language": "C", "file_component": "file", "is_test_file": false }, { "cveId": "CVE-2018-14847", "repo": "mikrotik/routeros", "file": "src/router2.h", "label": 0, "features": [ 8, 8, 7, 7 ], "cvss": 9.1, "cve_description": "MikroTik RouterOS directory traversal", "file_language": "C", "file_component": "router", "is_test_file": false }, { "cveId": "CVE-2018-14847", "repo": "mikrotik/routeros", "file": "lib/read3.c", "label": 0, "features": [ 25, 11, 6, 29 ], "cvss": 9.1, "cve_description": "MikroTik RouterOS directory traversal", "file_language": "C", "file_component": "router", "is_test_file": false }, { "cveId": "CVE-2018-14847", "repo": "mikrotik/routeros", "file": "security/alloc4.h", "label": 0, "features": [ 39, 11, 5, 3 ], "cvss": 9.1, "cve_description": "MikroTik RouterOS directory traversal", "file_language": "C", "file_component": "read", "is_test_file": false }, { "cveId": "CVE-2018-14847", "repo": "mikrotik/routeros", "file": "lib/utils5.c", "label": 0, "features": [ 4, 42, 3, 16 ], "cvss": 9.1, "cve_description": "MikroTik RouterOS directory traversal", "file_language": "C", "file_component": "winbox", "is_test_file": false }, { "cveId": "CVE-2018-14847", "repo": "mikrotik/routeros", "file": "crypto/winbox6.h", "label": 1, "features": [ 20, 43, 6, 69 ], "cvss": 9.1, "cve_description": "MikroTik RouterOS directory traversal", "file_language": "C", "file_component": "read", "is_test_file": false }, { "cveId": "CVE-2019-3396", "repo": "atlassian/confluence", "file": "src/main/java/confluence.java", "label": 0, "features": [ 27, 27, 3, 25 ], "cvss": 9.8, "cve_description": "Atlassian Confluence server-side template injection", "file_language": "Java", "file_component": "template", "is_test_file": false }, { "cveId": "CVE-2019-3396", "repo": "atlassian/confluence", "file": "web/Service1.java", "label": 0, "features": [ 29, 43, 5, 42 ], "cvss": 9.8, "cve_description": "Atlassian Confluence server-side template injection", "file_language": "Java", "file_component": "confluence", "is_test_file": false }, { "cveId": "CVE-2019-3396", "repo": "atlassian/confluence", "file": "src/main/java/Filter2.java", "label": 1, "features": [ 15, 80, 9, 59 ], "cvss": 9.8, "cve_description": "Atlassian Confluence server-side template injection", "file_language": "Java", "file_component": "widget", "is_test_file": false }, { "cveId": "CVE-2019-3396", "repo": "atlassian/confluence", "file": "security/Serializer3.java", "label": 0, "features": [ 24, 18, 6, 23 ], "cvss": 9.8, "cve_description": "Atlassian Confluence server-side template injection", "file_language": "Java", "file_component": "macro", "is_test_file": false }, { "cveId": "CVE-2019-3396", "repo": "atlassian/confluence", "file": "src/main/java/Handler4.java", "label": 1, "features": [ 33, 58, 16, 54 ], "cvss": 9.8, "cve_description": "Atlassian Confluence server-side template injection", "file_language": "Java", "file_component": "confluence", "is_test_file": false }, { "cveId": "CVE-2019-3396", "repo": "atlassian/confluence", "file": "src/widget5.php", "label": 0, "features": [ 16, 51, 2, 43 ], "cvss": 9.8, "cve_description": "Atlassian Confluence server-side template injection", "file_language": "PHP", "file_component": "confluence", "is_test_file": false }, { "cveId": "CVE-2019-3396", "repo": "atlassian/confluence", "file": "src/main/java/Service6.java", "label": 0, "features": [ 1, 58, 2, 48 ], "cvss": 9.8, "cve_description": "Atlassian Confluence server-side template injection", "file_language": "Java", "file_component": "widget", "is_test_file": false }, { "cveId": "CVE-2019-3396", "repo": "atlassian/confluence", "file": "app/template7.php", "label": 1, "features": [ 36, 100, 18, 85 ], "cvss": 9.8, "cve_description": "Atlassian Confluence server-side template injection", "file_language": "PHP", "file_component": "widget", "is_test_file": false }, { "cveId": "CVE-2019-3396", "repo": "atlassian/confluence", "file": "core/macro8.java", "label": 0, "features": [ 23, 25, 6, 31 ], "cvss": 9.8, "cve_description": "Atlassian Confluence server-side template injection", "file_language": "Java", "file_component": "widget", "is_test_file": false }, { "cveId": "CVE-2019-3396", "repo": "atlassian/confluence", "file": "middleware/template9.py", "label": 1, "features": [ 31, 94, 18, 92 ], "cvss": 9.8, "cve_description": "Atlassian Confluence server-side template injection", "file_language": "Python", "file_component": "template", "is_test_file": false }, { "cveId": "CVE-2019-3396", "repo": "atlassian/confluence", "file": "util/macro10.java", "label": 0, "features": [ 32, 28, 7, 66 ], "cvss": 9.8, "cve_description": "Atlassian Confluence server-side template injection", "file_language": "Java", "file_component": "macro", "is_test_file": false }, { "cveId": "CVE-2019-3396", "repo": "atlassian/confluence", "file": "controller/Validator11.java", "label": 1, "features": [ 78, 70, 10, 81 ], "cvss": 9.8, "cve_description": "Atlassian Confluence server-side template injection", "file_language": "Java", "file_component": "template", "is_test_file": false }, { "cveId": "CVE-2019-3396", "repo": "atlassian/confluence", "file": "net/handler12.h", "label": 0, "features": [ 25, 18, 4, 54 ], "cvss": 9.8, "cve_description": "Atlassian Confluence server-side template injection", "file_language": "C", "file_component": "widget", "is_test_file": false }, { "cveId": "CVE-2019-3396", "repo": "atlassian/confluence", "file": "web/confluence13.java", "label": 0, "features": [ 18, 33, 8, 45 ], "cvss": 9.8, "cve_description": "Atlassian Confluence server-side template injection", "file_language": "Java", "file_component": "template", "is_test_file": false }, { "cveId": "CVE-2019-3396", "repo": "atlassian/confluence", "file": "service/Filter14.java", "label": 0, "features": [ 23, 56, 7, 40 ], "cvss": 9.8, "cve_description": "Atlassian Confluence server-side template injection", "file_language": "Java", "file_component": "template", "is_test_file": false }, { "cveId": "CVE-2019-3396", "repo": "atlassian/confluence", "file": "core/confluence15.java", "label": 0, "features": [ 18, 58, 8, 65 ], "cvss": 9.8, "cve_description": "Atlassian Confluence server-side template injection", "file_language": "Java", "file_component": "macro", "is_test_file": false }, { "cveId": "CVE-2019-3396", "repo": "atlassian/confluence", "file": "core/confluence16.java", "label": 0, "features": [ 34, 17, 5, 25 ], "cvss": 9.8, "cve_description": "Atlassian Confluence server-side template injection", "file_language": "Java", "file_component": "template", "is_test_file": false }, { "cveId": "CVE-2019-3396", "repo": "atlassian/confluence", "file": "core/Validator17.java", "label": 0, "features": [ 34, 21, 0, 38 ], "cvss": 9.8, "cve_description": "Atlassian Confluence server-side template injection", "file_language": "Java", "file_component": "template", "is_test_file": false }, { "cveId": "CVE-2020-5902", "repo": "tmui/directory", "file": "util/config.java", "label": 1, "features": [ 75, 54, 18, 100 ], "cvss": 9.8, "cve_description": "F5 BIG-IP TMUI directory traversal RCE", "file_language": "Java", "file_component": "config", "is_test_file": false }, { "cveId": "CVE-2020-5902", "repo": "tmui/directory", "file": "lib/model1.rb", "label": 0, "features": [ 26, 18, 7, 57 ], "cvss": 9.8, "cve_description": "F5 BIG-IP TMUI directory traversal RCE", "file_language": "Ruby", "file_component": "file", "is_test_file": false }, { "cveId": "CVE-2020-5902", "repo": "tmui/directory", "file": "controller/tmui2.java", "label": 0, "features": [ 31, 56, 5, 43 ], "cvss": 9.8, "cve_description": "F5 BIG-IP TMUI directory traversal RCE", "file_language": "Java", "file_component": "config", "is_test_file": false }, { "cveId": "CVE-2020-5902", "repo": "tmui/directory", "file": "util/tmui3.java", "label": 0, "features": [ 36, 55, 0, 17 ], "cvss": 9.8, "cve_description": "F5 BIG-IP TMUI directory traversal RCE", "file_language": "Java", "file_component": "util", "is_test_file": false }, { "cveId": "CVE-2020-5902", "repo": "tmui/directory", "file": "core/util4.php", "label": 0, "features": [ 12, 35, 1, 42 ], "cvss": 9.8, "cve_description": "F5 BIG-IP TMUI directory traversal RCE", "file_language": "PHP", "file_component": "util", "is_test_file": false }, { "cveId": "CVE-2020-5902", "repo": "tmui/directory", "file": "src/main/java/Service5.java", "label": 0, "features": [ 11, 7, 7, 3 ], "cvss": 9.8, "cve_description": "F5 BIG-IP TMUI directory traversal RCE", "file_language": "Java", "file_component": "file", "is_test_file": false }, { "cveId": "CVE-2020-5902", "repo": "tmui/directory", "file": "web/tmui6.java", "label": 1, "features": [ 73, 43, 13, 96 ], "cvss": 9.8, "cve_description": "F5 BIG-IP TMUI directory traversal RCE", "file_language": "Java", "file_component": "util", "is_test_file": false }, { "cveId": "CVE-2020-5902", "repo": "tmui/directory", "file": "service/util7.java", "label": 0, "features": [ 30, 52, 1, 49 ], "cvss": 9.8, "cve_description": "F5 BIG-IP TMUI directory traversal RCE", "file_language": "Java", "file_component": "util", "is_test_file": true }, { "cveId": "CVE-2020-5902", "repo": "tmui/directory", "file": "web/file8.java", "label": 0, "features": [ 37, 17, 8, 58 ], "cvss": 9.8, "cve_description": "F5 BIG-IP TMUI directory traversal RCE", "file_language": "Java", "file_component": "config", "is_test_file": false }, { "cveId": "CVE-2020-5902", "repo": "tmui/directory", "file": "service/Controller9.java", "label": 1, "features": [ 46, 73, 12, 92 ], "cvss": 9.8, "cve_description": "F5 BIG-IP TMUI directory traversal RCE", "file_language": "Java", "file_component": "config", "is_test_file": false }, { "cveId": "CVE-2020-5902", "repo": "tmui/directory", "file": "web/file10.java", "label": 0, "features": [ 25, 44, 2, 53 ], "cvss": 9.8, "cve_description": "F5 BIG-IP TMUI directory traversal RCE", "file_language": "Java", "file_component": "tmui", "is_test_file": false }, { "cveId": "CVE-2020-5902", "repo": "tmui/directory", "file": "api/tmui11.go", "label": 0, "features": [ 15, 60, 2, 35 ], "cvss": 9.8, "cve_description": "F5 BIG-IP TMUI directory traversal RCE", "file_language": "Go", "file_component": "util", "is_test_file": false }, { "cveId": "CVE-2020-5902", "repo": "tmui/directory", "file": "security/Validator12.java", "label": 1, "features": [ 67, 88, 19, 45 ], "cvss": 9.8, "cve_description": "F5 BIG-IP TMUI directory traversal RCE", "file_language": "Java", "file_component": "tmui", "is_test_file": false }, { "cveId": "CVE-2020-5902", "repo": "tmui/directory", "file": "controller/Serializer13.java", "label": 1, "features": [ 36, 56, 8, 94 ], "cvss": 9.8, "cve_description": "F5 BIG-IP TMUI directory traversal RCE", "file_language": "Java", "file_component": "tmui", "is_test_file": false }, { "cveId": "CVE-2021-41773", "repo": "apache/http", "file": "security/config.h", "label": 1, "features": [ 65, 42, 2, 62 ], "cvss": 7.5, "cve_description": "Apache HTTP Server path traversal via encoding bypass", "file_language": "C", "file_component": "cgi", "is_test_file": false }, { "cveId": "CVE-2021-41773", "repo": "apache/http", "file": "core/path1.php", "label": 0, "features": [ 28, 13, 7, 35 ], "cvss": 7.5, "cve_description": "Apache HTTP Server path traversal via encoding bypass", "file_language": "PHP", "file_component": "cgi", "is_test_file": false }, { "cveId": "CVE-2021-41773", "repo": "apache/http", "file": "mm/cgi2.c", "label": 0, "features": [ 10, 9, 0, 34 ], "cvss": 7.5, "cve_description": "Apache HTTP Server path traversal via encoding bypass", "file_language": "C", "file_component": "httpd", "is_test_file": false }, { "cveId": "CVE-2021-41773", "repo": "apache/http", "file": "src/buffer3.c", "label": 0, "features": [ 3, 58, 8, 13 ], "cvss": 7.5, "cve_description": "Apache HTTP Server path traversal via encoding bypass", "file_language": "C", "file_component": "path", "is_test_file": false }, { "cveId": "CVE-2021-41773", "repo": "apache/http", "file": "mm/main4.c", "label": 0, "features": [ 12, 20, 5, 30 ], "cvss": 7.5, "cve_description": "Apache HTTP Server path traversal via encoding bypass", "file_language": "C", "file_component": "httpd", "is_test_file": false }, { "cveId": "CVE-2021-41773", "repo": "apache/http", "file": "src/config5.c", "label": 0, "features": [ 4, 19, 1, 21 ], "cvss": 7.5, "cve_description": "Apache HTTP Server path traversal via encoding bypass", "file_language": "C", "file_component": "httpd", "is_test_file": false }, { "cveId": "CVE-2017-12615", "repo": "apache/tomcat", "file": "controller/Service.java", "label": 0, "features": [ 7, 19, 3, 13 ], "cvss": 8.1, "cve_description": "Apache Tomcat PUT upload path traversal", "file_language": "Java", "file_component": "put", "is_test_file": false }, { "cveId": "CVE-2017-12615", "repo": "apache/tomcat", "file": "security/webdav1.java", "label": 1, "features": [ 43, 44, 23, 65 ], "cvss": 8.1, "cve_description": "Apache Tomcat PUT upload path traversal", "file_language": "Java", "file_component": "webdav", "is_test_file": false }, { "cveId": "CVE-2017-12615", "repo": "apache/tomcat", "file": "core/Filter2.java", "label": 0, "features": [ 31, 11, 8, 21 ], "cvss": 8.1, "cve_description": "Apache Tomcat PUT upload path traversal", "file_language": "Java", "file_component": "tomcat", "is_test_file": false }, { "cveId": "CVE-2017-12615", "repo": "apache/tomcat", "file": "security/Validator3.java", "label": 0, "features": [ 8, 26, 2, 40 ], "cvss": 8.1, "cve_description": "Apache Tomcat PUT upload path traversal", "file_language": "Java", "file_component": "upload", "is_test_file": false }, { "cveId": "CVE-2017-12615", "repo": "apache/tomcat", "file": "web/put4.java", "label": 0, "features": [ 32, 42, 0, 29 ], "cvss": 8.1, "cve_description": "Apache Tomcat PUT upload path traversal", "file_language": "Java", "file_component": "tomcat", "is_test_file": false }, { "cveId": "CVE-2017-12615", "repo": "apache/tomcat", "file": "lib/client5.h", "label": 0, "features": [ 39, 10, 0, 17 ], "cvss": 8.1, "cve_description": "Apache Tomcat PUT upload path traversal", "file_language": "C++", "file_component": "upload", "is_test_file": true }, { "cveId": "CVE-2017-12615", "repo": "apache/tomcat", "file": "service/webdav6.java", "label": 0, "features": [ 21, 13, 4, 40 ], "cvss": 8.1, "cve_description": "Apache Tomcat PUT upload path traversal", "file_language": "Java", "file_component": "put", "is_test_file": false }, { "cveId": "CVE-2017-12615", "repo": "apache/tomcat", "file": "cmd/put7.go", "label": 0, "features": [ 34, 8, 3, 28 ], "cvss": 8.1, "cve_description": "Apache Tomcat PUT upload path traversal", "file_language": "Go", "file_component": "upload", "is_test_file": false }, { "cveId": "CVE-2017-12615", "repo": "apache/tomcat", "file": "core/webdav8.java", "label": 1, "features": [ 23, 52, 3, 48 ], "cvss": 8.1, "cve_description": "Apache Tomcat PUT upload path traversal", "file_language": "Java", "file_component": "upload", "is_test_file": false }, { "cveId": "CVE-2017-12615", "repo": "apache/tomcat", "file": "controller/tomcat9.java", "label": 0, "features": [ 27, 51, 7, 39 ], "cvss": 8.1, "cve_description": "Apache Tomcat PUT upload path traversal", "file_language": "Java", "file_component": "put", "is_test_file": false }, { "cveId": "CVE-2018-6389", "repo": "wordpress/resource", "file": "classes/Auth.php", "label": 0, "features": [ 30, 10, 5, 50 ], "cvss": 7.5, "cve_description": "WordPress load-scripts.php DoS via resource exhaustion", "file_language": "PHP", "file_component": "concat", "is_test_file": false }, { "cveId": "CVE-2018-6389", "repo": "wordpress/resource", "file": "includes/Database1.php", "label": 0, "features": [ 30, 6, 6, 54 ], "cvss": 7.5, "cve_description": "WordPress load-scripts.php DoS via resource exhaustion", "file_language": "PHP", "file_component": "concat", "is_test_file": false }, { "cveId": "CVE-2018-6389", "repo": "wordpress/resource", "file": "middleware/scripts2.mjs", "label": 1, "features": [ 73, 58, 14, 91 ], "cvss": 7.5, "cve_description": "WordPress load-scripts.php DoS via resource exhaustion", "file_language": "JavaScript", "file_component": "load", "is_test_file": false }, { "cveId": "CVE-2018-6389", "repo": "wordpress/resource", "file": "lib/scripts3.php", "label": 1, "features": [ 77, 65, 15, 80 ], "cvss": 7.5, "cve_description": "WordPress load-scripts.php DoS via resource exhaustion", "file_language": "PHP", "file_component": "concat", "is_test_file": false }, { "cveId": "CVE-2018-6389", "repo": "wordpress/resource", "file": "app/Model4.php", "label": 0, "features": [ 7, 29, 2, 24 ], "cvss": 7.5, "cve_description": "WordPress load-scripts.php DoS via resource exhaustion", "file_language": "PHP", "file_component": "concat", "is_test_file": false }, { "cveId": "CVE-2018-6389", "repo": "wordpress/resource", "file": "classes/Response5.php", "label": 0, "features": [ 27, 52, 3, 31 ], "cvss": 7.5, "cve_description": "WordPress load-scripts.php DoS via resource exhaustion", "file_language": "PHP", "file_component": "concat", "is_test_file": false }, { "cveId": "CVE-2018-6389", "repo": "wordpress/resource", "file": "classes/Helper6.php", "label": 1, "features": [ 33, 56, 9, 50 ], "cvss": 7.5, "cve_description": "WordPress load-scripts.php DoS via resource exhaustion", "file_language": "PHP", "file_component": "wordpress", "is_test_file": false }, { "cveId": "CVE-2018-6389", "repo": "wordpress/resource", "file": "handler/server7.go", "label": 0, "features": [ 10, 58, 6, 32 ], "cvss": 7.5, "cve_description": "WordPress load-scripts.php DoS via resource exhaustion", "file_language": "Go", "file_component": "concat", "is_test_file": true }, { "cveId": "CVE-2018-6389", "repo": "wordpress/resource", "file": "includes/Request8.php", "label": 0, "features": [ 5, 11, 5, 18 ], "cvss": 7.5, "cve_description": "WordPress load-scripts.php DoS via resource exhaustion", "file_language": "PHP", "file_component": "concat", "is_test_file": false }, { "cveId": "CVE-2018-6389", "repo": "wordpress/resource", "file": "classes/Request9.php", "label": 0, "features": [ 31, 5, 1, 8 ], "cvss": 7.5, "cve_description": "WordPress load-scripts.php DoS via resource exhaustion", "file_language": "PHP", "file_component": "concat", "is_test_file": false }, { "cveId": "CVE-2019-9512", "repo": "ping/flood", "file": "pkg/server.go", "label": 0, "features": [ 13, 16, 3, 7 ], "cvss": 7.5, "cve_description": "HTTP/2 ping flood denial of service", "file_language": "Go", "file_component": "frame", "is_test_file": false }, { "cveId": "CVE-2019-9512", "repo": "ping/flood", "file": "middleware/handlers1.py", "label": 0, "features": [ 39, 11, 2, 10 ], "cvss": 7.5, "cve_description": "HTTP/2 ping flood denial of service", "file_language": "Python", "file_component": "flood", "is_test_file": false }, { "cveId": "CVE-2019-9512", "repo": "ping/flood", "file": "cmd/transport2.go", "label": 1, "features": [ 76, 71, 23, 42 ], "cvss": 7.5, "cve_description": "HTTP/2 ping flood denial of service", "file_language": "Go", "file_component": "flood", "is_test_file": false }, { "cveId": "CVE-2019-9512", "repo": "ping/flood", "file": "handler/http23.go", "label": 0, "features": [ 24, 43, 8, 34 ], "cvss": 7.5, "cve_description": "HTTP/2 ping flood denial of service", "file_language": "Go", "file_component": "http2", "is_test_file": true }, { "cveId": "CVE-2019-9512", "repo": "ping/flood", "file": "server/flood4.go", "label": 0, "features": [ 20, 57, 3, 46 ], "cvss": 7.5, "cve_description": "HTTP/2 ping flood denial of service", "file_language": "Go", "file_component": "flood", "is_test_file": false }, { "cveId": "CVE-2019-9512", "repo": "ping/flood", "file": "internal/frame5.go", "label": 1, "features": [ 32, 41, 21, 45 ], "cvss": 7.5, "cve_description": "HTTP/2 ping flood denial of service", "file_language": "Go", "file_component": "http2", "is_test_file": false }, { "cveId": "CVE-2019-9512", "repo": "ping/flood", "file": "internal/auth6.go", "label": 0, "features": [ 12, 5, 5, 2 ], "cvss": 7.5, "cve_description": "HTTP/2 ping flood denial of service", "file_language": "Go", "file_component": "ping", "is_test_file": false }, { "cveId": "CVE-2019-9512", "repo": "ping/flood", "file": "lib/Form7.php", "label": 0, "features": [ 5, 27, 6, 60 ], "cvss": 7.5, "cve_description": "HTTP/2 ping flood denial of service", "file_language": "PHP", "file_component": "frame", "is_test_file": false }, { "cveId": "CVE-2019-9512", "repo": "ping/flood", "file": "include/processor8.hpp", "label": 0, "features": [ 33, 41, 8, 4 ], "cvss": 7.5, "cve_description": "HTTP/2 ping flood denial of service", "file_language": "C++", "file_component": "frame", "is_test_file": false }, { "cveId": "CVE-2019-9512", "repo": "ping/flood", "file": "lib/parser9.js", "label": 1, "features": [ 84, 55, 9, 57 ], "cvss": 7.5, "cve_description": "HTTP/2 ping flood denial of service", "file_language": "JavaScript", "file_component": "frame", "is_test_file": false }, { "cveId": "CVE-2019-9512", "repo": "ping/flood", "file": "core/flood10.cpp", "label": 0, "features": [ 24, 54, 4, 28 ], "cvss": 7.5, "cve_description": "HTTP/2 ping flood denial of service", "file_language": "C++", "file_component": "http2", "is_test_file": false }, { "cveId": "CVE-2019-9512", "repo": "ping/flood", "file": "handler/flood11.go", "label": 0, "features": [ 14, 41, 1, 43 ], "cvss": 7.5, "cve_description": "HTTP/2 ping flood denial of service", "file_language": "Go", "file_component": "http2", "is_test_file": false }, { "cveId": "CVE-2019-9512", "repo": "ping/flood", "file": "pkg/http212.go", "label": 0, "features": [ 7, 10, 5, 24 ], "cvss": 7.5, "cve_description": "HTTP/2 ping flood denial of service", "file_language": "Go", "file_component": "frame", "is_test_file": false }, { "cveId": "CVE-2019-9512", "repo": "ping/flood", "file": "pkg/transport13.go", "label": 1, "features": [ 15, 59, 3, 98 ], "cvss": 7.5, "cve_description": "HTTP/2 ping flood denial of service", "file_language": "Go", "file_component": "flood", "is_test_file": false }, { "cveId": "CVE-2019-9512", "repo": "ping/flood", "file": "internal/transport14.go", "label": 0, "features": [ 38, 42, 3, 13 ], "cvss": 7.5, "cve_description": "HTTP/2 ping flood denial of service", "file_language": "Go", "file_component": "frame", "is_test_file": false }, { "cveId": "CVE-2019-9512", "repo": "ping/flood", "file": "internal/handler15.go", "label": 1, "features": [ 78, 83, 16, 48 ], "cvss": 7.5, "cve_description": "HTTP/2 ping flood denial of service", "file_language": "Go", "file_component": "frame", "is_test_file": false }, { "cveId": "CVE-2019-9512", "repo": "ping/flood", "file": "server/transport16.go", "label": 0, "features": [ 7, 22, 7, 27 ], "cvss": 7.5, "cve_description": "HTTP/2 ping flood denial of service", "file_language": "Go", "file_component": "http2", "is_test_file": false }, { "cveId": "CVE-2019-9512", "repo": "ping/flood", "file": "internal/handler17.go", "label": 0, "features": [ 14, 49, 0, 22 ], "cvss": 7.5, "cve_description": "HTTP/2 ping flood denial of service", "file_language": "Go", "file_component": "http2", "is_test_file": false }, { "cveId": "CVE-2019-9514", "repo": "reset/flood", "file": "cmd/client.go", "label": 1, "features": [ 39, 84, 29, 100 ], "cvss": 7.5, "cve_description": "HTTP/2 reset flood denial of service", "file_language": "Go", "file_component": "frame", "is_test_file": false }, { "cveId": "CVE-2019-9514", "repo": "reset/flood", "file": "handler/client1.go", "label": 0, "features": [ 36, 13, 7, 61 ], "cvss": 7.5, "cve_description": "HTTP/2 reset flood denial of service", "file_language": "Go", "file_component": "http2", "is_test_file": false }, { "cveId": "CVE-2019-9514", "repo": "reset/flood", "file": "handler/http22.go", "label": 0, "features": [ 9, 29, 6, 21 ], "cvss": 7.5, "cve_description": "HTTP/2 reset flood denial of service", "file_language": "Go", "file_component": "reset", "is_test_file": false }, { "cveId": "CVE-2019-9514", "repo": "reset/flood", "file": "pkg/main3.go", "label": 0, "features": [ 21, 42, 6, 19 ], "cvss": 7.5, "cve_description": "HTTP/2 reset flood denial of service", "file_language": "Go", "file_component": "frame", "is_test_file": false }, { "cveId": "CVE-2019-9514", "repo": "reset/flood", "file": "cmd/middleware4.go", "label": 0, "features": [ 38, 16, 6, 11 ], "cvss": 7.5, "cve_description": "HTTP/2 reset flood denial of service", "file_language": "Go", "file_component": "http2", "is_test_file": false }, { "cveId": "CVE-2019-9514", "repo": "reset/flood", "file": "handler/http25.go", "label": 1, "features": [ 25, 47, 17, 95 ], "cvss": 7.5, "cve_description": "HTTP/2 reset flood denial of service", "file_language": "Go", "file_component": "stream", "is_test_file": false }, { "cveId": "CVE-2019-9514", "repo": "reset/flood", "file": "internal/frame6.go", "label": 1, "features": [ 53, 76, 6, 42 ], "cvss": 7.5, "cve_description": "HTTP/2 reset flood denial of service", "file_language": "Go", "file_component": "frame", "is_test_file": false }, { "cveId": "CVE-2019-9514", "repo": "reset/flood", "file": "util/frame7.java", "label": 0, "features": [ 4, 38, 8, 15 ], "cvss": 7.5, "cve_description": "HTTP/2 reset flood denial of service", "file_language": "Java", "file_component": "frame", "is_test_file": false }, { "cveId": "CVE-2019-9514", "repo": "reset/flood", "file": "pkg/handler8.go", "label": 0, "features": [ 20, 12, 0, 16 ], "cvss": 7.5, "cve_description": "HTTP/2 reset flood denial of service", "file_language": "Go", "file_component": "http2", "is_test_file": false }, { "cveId": "CVE-2019-9514", "repo": "reset/flood", "file": "server/http29.go", "label": 1, "features": [ 79, 59, 13, 99 ], "cvss": 7.5, "cve_description": "HTTP/2 reset flood denial of service", "file_language": "Go", "file_component": "http2", "is_test_file": false }, { "cveId": "CVE-2019-9514", "repo": "reset/flood", "file": "kernel/main10.h", "label": 1, "features": [ 71, 48, 20, 92 ], "cvss": 7.5, "cve_description": "HTTP/2 reset flood denial of service", "file_language": "C", "file_component": "reset", "is_test_file": false }, { "cveId": "CVE-2019-9514", "repo": "reset/flood", "file": "server/middleware11.go", "label": 0, "features": [ 2, 20, 0, 24 ], "cvss": 7.5, "cve_description": "HTTP/2 reset flood denial of service", "file_language": "Go", "file_component": "stream", "is_test_file": false }, { "cveId": "CVE-2019-9514", "repo": "reset/flood", "file": "utils/frame12.py", "label": 1, "features": [ 24, 75, 10, 63 ], "cvss": 7.5, "cve_description": "HTTP/2 reset flood denial of service", "file_language": "Python", "file_component": "reset", "is_test_file": false }, { "cveId": "CVE-2019-9514", "repo": "reset/flood", "file": "cmd/client13.go", "label": 0, "features": [ 9, 39, 3, 9 ], "cvss": 7.5, "cve_description": "HTTP/2 reset flood denial of service", "file_language": "Go", "file_component": "frame", "is_test_file": false }, { "cveId": "CVE-2019-9514", "repo": "reset/flood", "file": "handler/transport14.go", "label": 0, "features": [ 9, 25, 6, 48 ], "cvss": 7.5, "cve_description": "HTTP/2 reset flood denial of service", "file_language": "Go", "file_component": "reset", "is_test_file": false }, { "cveId": "CVE-2019-9514", "repo": "reset/flood", "file": "internal/server15.go", "label": 0, "features": [ 26, 9, 5, 11 ], "cvss": 7.5, "cve_description": "HTTP/2 reset flood denial of service", "file_language": "Go", "file_component": "http2", "is_test_file": true }, { "cveId": "CVE-2019-9514", "repo": "reset/flood", "file": "pkg/frame16.go", "label": 0, "features": [ 14, 29, 1, 15 ], "cvss": 7.5, "cve_description": "HTTP/2 reset flood denial of service", "file_language": "Go", "file_component": "stream", "is_test_file": false }, { "cveId": "CVE-2019-9514", "repo": "reset/flood", "file": "src/auth17.mjs", "label": 0, "features": [ 38, 11, 0, 21 ], "cvss": 7.5, "cve_description": "HTTP/2 reset flood denial of service", "file_language": "JavaScript", "file_component": "frame", "is_test_file": false }, { "cveId": "CVE-2019-9514", "repo": "reset/flood", "file": "util/Validator18.java", "label": 0, "features": [ 8, 21, 0, 65 ], "cvss": 7.5, "cve_description": "HTTP/2 reset flood denial of service", "file_language": "Java", "file_component": "stream", "is_test_file": false }, { "cveId": "CVE-2019-9514", "repo": "reset/flood", "file": "api/client19.go", "label": 0, "features": [ 40, 28, 3, 53 ], "cvss": 7.5, "cve_description": "HTTP/2 reset flood denial of service", "file_language": "Go", "file_component": "reset", "is_test_file": false }, { "cveId": "CVE-2020-8617", "repo": "bind/assertion", "file": "kernel/utils.h", "label": 0, "features": [ 20, 59, 1, 10 ], "cvss": 7.5, "cve_description": "BIND DNS tsig.c assertion failure DoS", "file_language": "C", "file_component": "tsig", "is_test_file": false }, { "cveId": "CVE-2020-8617", "repo": "bind/assertion", "file": "core/dns1.c", "label": 0, "features": [ 35, 36, 0, 54 ], "cvss": 7.5, "cve_description": "BIND DNS tsig.c assertion failure DoS", "file_language": "C", "file_component": "bind", "is_test_file": true }, { "cveId": "CVE-2020-8617", "repo": "bind/assertion", "file": "service/Interceptor2.java", "label": 0, "features": [ 39, 17, 0, 54 ], "cvss": 7.5, "cve_description": "BIND DNS tsig.c assertion failure DoS", "file_language": "Java", "file_component": "query", "is_test_file": false }, { "cveId": "CVE-2020-8617", "repo": "bind/assertion", "file": "utils/admin3.py", "label": 0, "features": [ 33, 19, 2, 9 ], "cvss": 7.5, "cve_description": "BIND DNS tsig.c assertion failure DoS", "file_language": "Python", "file_component": "bind", "is_test_file": false }, { "cveId": "CVE-2020-8617", "repo": "bind/assertion", "file": "src/dns4.h", "label": 0, "features": [ 7, 26, 3, 69 ], "cvss": 7.5, "cve_description": "BIND DNS tsig.c assertion failure DoS", "file_language": "C", "file_component": "dns", "is_test_file": false }, { "cveId": "CVE-2020-8617", "repo": "bind/assertion", "file": "routes/query5.mjs", "label": 0, "features": [ 13, 24, 8, 4 ], "cvss": 7.5, "cve_description": "BIND DNS tsig.c assertion failure DoS", "file_language": "JavaScript", "file_component": "dns", "is_test_file": false }, { "cveId": "CVE-2020-8617", "repo": "bind/assertion", "file": "models/dns6.rb", "label": 0, "features": [ 6, 5, 5, 23 ], "cvss": 7.5, "cve_description": "BIND DNS tsig.c assertion failure DoS", "file_language": "Ruby", "file_component": "bind", "is_test_file": false }, { "cveId": "CVE-2020-8617", "repo": "bind/assertion", "file": "crypto/handler7.c", "label": 0, "features": [ 9, 31, 1, 62 ], "cvss": 7.5, "cve_description": "BIND DNS tsig.c assertion failure DoS", "file_language": "C", "file_component": "query", "is_test_file": false }, { "cveId": "CVE-2020-8617", "repo": "bind/assertion", "file": "routes/query8.mjs", "label": 0, "features": [ 11, 39, 4, 13 ], "cvss": 7.5, "cve_description": "BIND DNS tsig.c assertion failure DoS", "file_language": "JavaScript", "file_component": "tsig", "is_test_file": true }, { "cveId": "CVE-2020-8617", "repo": "bind/assertion", "file": "core/parser9.h", "label": 1, "features": [ 15, 62, 30, 55 ], "cvss": 7.5, "cve_description": "BIND DNS tsig.c assertion failure DoS", "file_language": "C", "file_component": "query", "is_test_file": false }, { "cveId": "CVE-2020-8617", "repo": "bind/assertion", "file": "security/io10.h", "label": 0, "features": [ 10, 47, 3, 61 ], "cvss": 7.5, "cve_description": "BIND DNS tsig.c assertion failure DoS", "file_language": "C", "file_component": "tsig", "is_test_file": false }, { "cveId": "CVE-2020-8617", "repo": "bind/assertion", "file": "core/processor11.h", "label": 1, "features": [ 31, 60, 26, 81 ], "cvss": 7.5, "cve_description": "BIND DNS tsig.c assertion failure DoS", "file_language": "C++", "file_component": "query", "is_test_file": false }, { "cveId": "CVE-2020-8617", "repo": "bind/assertion", "file": "cmd/dns12.go", "label": 0, "features": [ 32, 5, 3, 6 ], "cvss": 7.5, "cve_description": "BIND DNS tsig.c assertion failure DoS", "file_language": "Go", "file_component": "tsig", "is_test_file": false }, { "cveId": "CVE-2020-8617", "repo": "bind/assertion", "file": "security/bind13.h", "label": 0, "features": [ 27, 20, 2, 65 ], "cvss": 7.5, "cve_description": "BIND DNS tsig.c assertion failure DoS", "file_language": "C", "file_component": "bind", "is_test_file": false }, { "cveId": "CVE-2020-8617", "repo": "bind/assertion", "file": "kernel/bind14.h", "label": 1, "features": [ 79, 79, 7, 54 ], "cvss": 7.5, "cve_description": "BIND DNS tsig.c assertion failure DoS", "file_language": "C", "file_component": "bind", "is_test_file": false }, { "cveId": "CVE-2020-8617", "repo": "bind/assertion", "file": "net/utils15.c", "label": 0, "features": [ 17, 17, 2, 54 ], "cvss": 7.5, "cve_description": "BIND DNS tsig.c assertion failure DoS", "file_language": "C", "file_component": "tsig", "is_test_file": false }, { "cveId": "CVE-2020-8617", "repo": "bind/assertion", "file": "security/io16.h", "label": 1, "features": [ 44, 54, 12, 84 ], "cvss": 7.5, "cve_description": "BIND DNS tsig.c assertion failure DoS", "file_language": "C", "file_component": "bind", "is_test_file": false }, { "cveId": "CVE-2020-8617", "repo": "bind/assertion", "file": "kernel/dns17.h", "label": 0, "features": [ 26, 20, 5, 6 ], "cvss": 7.5, "cve_description": "BIND DNS tsig.c assertion failure DoS", "file_language": "C", "file_component": "bind", "is_test_file": false }, { "cveId": "CVE-2020-8617", "repo": "bind/assertion", "file": "net/bind18.h", "label": 0, "features": [ 27, 16, 4, 62 ], "cvss": 7.5, "cve_description": "BIND DNS tsig.c assertion failure DoS", "file_language": "C", "file_component": "dns", "is_test_file": false }, { "cveId": "CVE-2021-25122", "repo": "apache/tomcat", "file": "web/Validator.java", "label": 1, "features": [ 90, 73, 21, 77 ], "cvss": 7.5, "cve_description": "Apache Tomcat request smuggling", "file_language": "Java", "file_component": "request", "is_test_file": false }, { "cveId": "CVE-2021-25122", "repo": "apache/tomcat", "file": "src/main/java/Controller1.java", "label": 1, "features": [ 92, 47, 3, 54 ], "cvss": 7.5, "cve_description": "Apache Tomcat request smuggling", "file_language": "Java", "file_component": "transfer", "is_test_file": false }, { "cveId": "CVE-2021-25122", "repo": "apache/tomcat", "file": "src/main/java/transfer2.java", "label": 0, "features": [ 12, 39, 2, 5 ], "cvss": 7.5, "cve_description": "Apache Tomcat request smuggling", "file_language": "Java", "file_component": "tomcat", "is_test_file": false }, { "cveId": "CVE-2021-25122", "repo": "apache/tomcat", "file": "util/Serializer3.java", "label": 1, "features": [ 72, 80, 24, 45 ], "cvss": 7.5, "cve_description": "Apache Tomcat request smuggling", "file_language": "Java", "file_component": "request", "is_test_file": false }, { "cveId": "CVE-2021-25122", "repo": "apache/tomcat", "file": "controller/request4.java", "label": 0, "features": [ 8, 23, 0, 7 ], "cvss": 7.5, "cve_description": "Apache Tomcat request smuggling", "file_language": "Java", "file_component": "transfer", "is_test_file": false }, { "cveId": "CVE-2021-25122", "repo": "apache/tomcat", "file": "service/transfer5.java", "label": 0, "features": [ 35, 54, 6, 51 ], "cvss": 7.5, "cve_description": "Apache Tomcat request smuggling", "file_language": "Java", "file_component": "transfer", "is_test_file": false }, { "cveId": "CVE-2021-25122", "repo": "apache/tomcat", "file": "core/Interceptor6.java", "label": 0, "features": [ 0, 55, 8, 58 ], "cvss": 7.5, "cve_description": "Apache Tomcat request smuggling", "file_language": "Java", "file_component": "tomcat", "is_test_file": false }, { "cveId": "CVE-2021-25122", "repo": "apache/tomcat", "file": "lib/middleware7.mjs", "label": 0, "features": [ 10, 19, 0, 68 ], "cvss": 7.5, "cve_description": "Apache Tomcat request smuggling", "file_language": "JavaScript", "file_component": "request", "is_test_file": false }, { "cveId": "CVE-2021-25122", "repo": "apache/tomcat", "file": "web/Service8.java", "label": 0, "features": [ 3, 46, 3, 26 ], "cvss": 7.5, "cve_description": "Apache Tomcat request smuggling", "file_language": "Java", "file_component": "http", "is_test_file": false }, { "cveId": "CVE-2021-25122", "repo": "apache/tomcat", "file": "security/request9.java", "label": 0, "features": [ 8, 31, 4, 41 ], "cvss": 7.5, "cve_description": "Apache Tomcat request smuggling", "file_language": "Java", "file_component": "request", "is_test_file": false }, { "cveId": "CVE-2021-25122", "repo": "apache/tomcat", "file": "util/Handler10.java", "label": 1, "features": [ 50, 51, 10, 32 ], "cvss": 7.5, "cve_description": "Apache Tomcat request smuggling", "file_language": "Java", "file_component": "tomcat", "is_test_file": false }, { "cveId": "CVE-2021-25122", "repo": "apache/tomcat", "file": "network/factory11.hpp", "label": 0, "features": [ 14, 25, 4, 26 ], "cvss": 7.5, "cve_description": "Apache Tomcat request smuggling", "file_language": "C++", "file_component": "transfer", "is_test_file": false }, { "cveId": "CVE-2021-25122", "repo": "apache/tomcat", "file": "api/transfer12.go", "label": 0, "features": [ 5, 36, 2, 58 ], "cvss": 7.5, "cve_description": "Apache Tomcat request smuggling", "file_language": "Go", "file_component": "http", "is_test_file": false }, { "cveId": "CVE-2021-25122", "repo": "apache/tomcat", "file": "handlers/http13.py", "label": 0, "features": [ 11, 57, 6, 24 ], "cvss": 7.5, "cve_description": "Apache Tomcat request smuggling", "file_language": "Python", "file_component": "transfer", "is_test_file": false }, { "cveId": "CVE-2021-25122", "repo": "apache/tomcat", "file": "service/http14.java", "label": 0, "features": [ 0, 43, 1, 48 ], "cvss": 7.5, "cve_description": "Apache Tomcat request smuggling", "file_language": "Java", "file_component": "http", "is_test_file": true }, { "cveId": "CVE-2021-25122", "repo": "apache/tomcat", "file": "util/tomcat15.java", "label": 0, "features": [ 17, 14, 0, 1 ], "cvss": 7.5, "cve_description": "Apache Tomcat request smuggling", "file_language": "Java", "file_component": "tomcat", "is_test_file": false }, { "cveId": "CVE-2017-15906", "repo": "openssh/mode", "file": "mm/readonly.c", "label": 0, "features": [ 9, 20, 0, 69 ], "cvss": 5.3, "cve_description": "OpenSSH read-only mode bypass in sftp-server", "file_language": "C", "file_component": "readonly", "is_test_file": false }, { "cveId": "CVE-2017-15906", "repo": "openssh/mode", "file": "src/main1.c", "label": 0, "features": [ 6, 37, 6, 18 ], "cvss": 5.3, "cve_description": "OpenSSH read-only mode bypass in sftp-server", "file_language": "C", "file_component": "sftp", "is_test_file": false }, { "cveId": "CVE-2017-15906", "repo": "openssh/mode", "file": "security/mkdir2.c", "label": 0, "features": [ 14, 48, 6, 14 ], "cvss": 5.3, "cve_description": "OpenSSH read-only mode bypass in sftp-server", "file_language": "C", "file_component": "server", "is_test_file": true }, { "cveId": "CVE-2017-15906", "repo": "openssh/mode", "file": "core/utils3.py", "label": 0, "features": [ 7, 28, 1, 5 ], "cvss": 5.3, "cve_description": "OpenSSH read-only mode bypass in sftp-server", "file_language": "Python", "file_component": "sftp", "is_test_file": false }, { "cveId": "CVE-2017-15906", "repo": "openssh/mode", "file": "mm/mkdir4.h", "label": 0, "features": [ 39, 57, 4, 44 ], "cvss": 5.3, "cve_description": "OpenSSH read-only mode bypass in sftp-server", "file_language": "C", "file_component": "mkdir", "is_test_file": false }, { "cveId": "CVE-2017-15906", "repo": "openssh/mode", "file": "drivers/init5.c", "label": 1, "features": [ 34, 89, 22, 48 ], "cvss": 5.3, "cve_description": "OpenSSH read-only mode bypass in sftp-server", "file_language": "C", "file_component": "readonly", "is_test_file": false }, { "cveId": "CVE-2017-15906", "repo": "openssh/mode", "file": "lib/utils6.h", "label": 1, "features": [ 50, 49, 4, 71 ], "cvss": 5.3, "cve_description": "OpenSSH read-only mode bypass in sftp-server", "file_language": "C", "file_component": "readonly", "is_test_file": false }, { "cveId": "CVE-2017-15906", "repo": "openssh/mode", "file": "drivers/config7.h", "label": 0, "features": [ 26, 43, 5, 17 ], "cvss": 5.3, "cve_description": "OpenSSH read-only mode bypass in sftp-server", "file_language": "C", "file_component": "readonly", "is_test_file": false }, { "cveId": "CVE-2018-16865", "repo": "memory/corruption", "file": "security/utils.h", "label": 0, "features": [ 14, 49, 1, 30 ], "cvss": 7.8, "cve_description": "systemd-journald memory corruption via large message", "file_language": "C", "file_component": "message", "is_test_file": false }, { "cveId": "CVE-2018-16865", "repo": "memory/corruption", "file": "drivers/buffer1.h", "label": 0, "features": [ 7, 8, 5, 46 ], "cvss": 7.8, "cve_description": "systemd-journald memory corruption via large message", "file_language": "C", "file_component": "journal", "is_test_file": false }, { "cveId": "CVE-2018-16865", "repo": "memory/corruption", "file": "service/message2.java", "label": 0, "features": [ 3, 52, 2, 15 ], "cvss": 7.8, "cve_description": "systemd-journald memory corruption via large message", "file_language": "Java", "file_component": "alloc", "is_test_file": false }, { "cveId": "CVE-2018-16865", "repo": "memory/corruption", "file": "handler/journal3.go", "label": 0, "features": [ 37, 9, 7, 20 ], "cvss": 7.8, "cve_description": "systemd-journald memory corruption via large message", "file_language": "Go", "file_component": "journal", "is_test_file": false }, { "cveId": "CVE-2018-16865", "repo": "memory/corruption", "file": "net/utils4.c", "label": 0, "features": [ 26, 14, 2, 60 ], "cvss": 7.8, "cve_description": "systemd-journald memory corruption via large message", "file_language": "C", "file_component": "journal", "is_test_file": true }, { "cveId": "CVE-2018-16865", "repo": "memory/corruption", "file": "routes/auth5.mjs", "label": 0, "features": [ 0, 23, 1, 19 ], "cvss": 7.8, "cve_description": "systemd-journald memory corruption via large message", "file_language": "JavaScript", "file_component": "stack", "is_test_file": false }, { "cveId": "CVE-2018-16865", "repo": "memory/corruption", "file": "fs/stack6.c", "label": 0, "features": [ 29, 40, 4, 64 ], "cvss": 7.8, "cve_description": "systemd-journald memory corruption via large message", "file_language": "C", "file_component": "message", "is_test_file": true }, { "cveId": "CVE-2018-16865", "repo": "memory/corruption", "file": "kernel/utils7.h", "label": 1, "features": [ 31, 87, 8, 81 ], "cvss": 7.8, "cve_description": "systemd-journald memory corruption via large message", "file_language": "C", "file_component": "message", "is_test_file": false }, { "cveId": "CVE-2018-16865", "repo": "memory/corruption", "file": "fs/socket8.c", "label": 1, "features": [ 74, 70, 12, 81 ], "cvss": 7.8, "cve_description": "systemd-journald memory corruption via large message", "file_language": "C", "file_component": "message", "is_test_file": false }, { "cveId": "CVE-2018-16865", "repo": "memory/corruption", "file": "security/journal9.h", "label": 0, "features": [ 23, 43, 5, 3 ], "cvss": 7.8, "cve_description": "systemd-journald memory corruption via large message", "file_language": "C", "file_component": "alloc", "is_test_file": false }, { "cveId": "CVE-2018-16865", "repo": "memory/corruption", "file": "lib/handler10.c", "label": 0, "features": [ 19, 17, 8, 25 ], "cvss": 7.8, "cve_description": "systemd-journald memory corruption via large message", "file_language": "C", "file_component": "journal", "is_test_file": false }, { "cveId": "CVE-2018-16865", "repo": "memory/corruption", "file": "lib/socket11.c", "label": 1, "features": [ 76, 42, 3, 70 ], "cvss": 7.8, "cve_description": "systemd-journald memory corruption via large message", "file_language": "C", "file_component": "alloc", "is_test_file": false }, { "cveId": "CVE-2017-7529", "repo": "nginx/integer", "file": "middleware/handlers.py", "label": 1, "features": [ 27, 61, 15, 94 ], "cvss": 7.5, "cve_description": "Nginx integer overflow in range filter", "file_language": "Python", "file_component": "filter", "is_test_file": false }, { "cveId": "CVE-2017-7529", "repo": "nginx/integer", "file": "controller/Serializer1.java", "label": 0, "features": [ 2, 23, 2, 19 ], "cvss": 7.5, "cve_description": "Nginx integer overflow in range filter", "file_language": "Java", "file_component": "nginx", "is_test_file": false }, { "cveId": "CVE-2017-7529", "repo": "nginx/integer", "file": "net/handler2.c", "label": 1, "features": [ 35, 72, 18, 96 ], "cvss": 7.5, "cve_description": "Nginx integer overflow in range filter", "file_language": "C", "file_component": "nginx", "is_test_file": false }, { "cveId": "CVE-2017-7529", "repo": "nginx/integer", "file": "drivers/init3.h", "label": 0, "features": [ 27, 7, 6, 30 ], "cvss": 7.5, "cve_description": "Nginx integer overflow in range filter", "file_language": "C", "file_component": "range", "is_test_file": false }, { "cveId": "CVE-2017-7529", "repo": "nginx/integer", "file": "core/nginx4.h", "label": 0, "features": [ 9, 54, 4, 70 ], "cvss": 7.5, "cve_description": "Nginx integer overflow in range filter", "file_language": "C", "file_component": "nginx", "is_test_file": false }, { "cveId": "CVE-2017-7529", "repo": "nginx/integer", "file": "src/filter5.cc", "label": 0, "features": [ 10, 9, 4, 46 ], "cvss": 7.5, "cve_description": "Nginx integer overflow in range filter", "file_language": "C++", "file_component": "content", "is_test_file": false }, { "cveId": "CVE-2017-7529", "repo": "nginx/integer", "file": "kernel/alloc6.h", "label": 0, "features": [ 28, 46, 2, 15 ], "cvss": 7.5, "cve_description": "Nginx integer overflow in range filter", "file_language": "C", "file_component": "content", "is_test_file": false }, { "cveId": "CVE-2018-10933", "repo": "libssh/authentication", "file": "drivers/utils.h", "label": 0, "features": [ 16, 48, 0, 7 ], "cvss": 9.1, "cve_description": "libssh authentication bypass via SSH2_MSG_USERAUTH_SUCCESS", "file_language": "C", "file_component": "channel", "is_test_file": false }, { "cveId": "CVE-2018-10933", "repo": "libssh/authentication", "file": "core/session1.h", "label": 0, "features": [ 4, 19, 6, 59 ], "cvss": 9.1, "cve_description": "libssh authentication bypass via SSH2_MSG_USERAUTH_SUCCESS", "file_language": "C", "file_component": "ssh", "is_test_file": false }, { "cveId": "CVE-2018-10933", "repo": "libssh/authentication", "file": "fs/ssh2.c", "label": 0, "features": [ 25, 54, 6, 25 ], "cvss": 9.1, "cve_description": "libssh authentication bypass via SSH2_MSG_USERAUTH_SUCCESS", "file_language": "C", "file_component": "session", "is_test_file": false }, { "cveId": "CVE-2018-10933", "repo": "libssh/authentication", "file": "mm/alloc3.c", "label": 0, "features": [ 30, 12, 4, 58 ], "cvss": 9.1, "cve_description": "libssh authentication bypass via SSH2_MSG_USERAUTH_SUCCESS", "file_language": "C", "file_component": "channel", "is_test_file": false }, { "cveId": "CVE-2018-10933", "repo": "libssh/authentication", "file": "core/handler4.h", "label": 1, "features": [ 91, 89, 14, 37 ], "cvss": 9.1, "cve_description": "libssh authentication bypass via SSH2_MSG_USERAUTH_SUCCESS", "file_language": "C", "file_component": "session", "is_test_file": false }, { "cveId": "CVE-2018-10933", "repo": "libssh/authentication", "file": "crypto/ssh5.c", "label": 0, "features": [ 27, 22, 4, 22 ], "cvss": 9.1, "cve_description": "libssh authentication bypass via SSH2_MSG_USERAUTH_SUCCESS", "file_language": "C", "file_component": "session", "is_test_file": false }, { "cveId": "CVE-2018-10933", "repo": "libssh/authentication", "file": "lib/init6.h", "label": 0, "features": [ 33, 18, 4, 23 ], "cvss": 9.1, "cve_description": "libssh authentication bypass via SSH2_MSG_USERAUTH_SUCCESS", "file_language": "C", "file_component": "session", "is_test_file": true }, { "cveId": "CVE-2018-10933", "repo": "libssh/authentication", "file": "drivers/session7.c", "label": 0, "features": [ 30, 35, 8, 20 ], "cvss": 9.1, "cve_description": "libssh authentication bypass via SSH2_MSG_USERAUTH_SUCCESS", "file_language": "C", "file_component": "session", "is_test_file": false }, { "cveId": "CVE-2018-10933", "repo": "libssh/authentication", "file": "src/auth8.c", "label": 0, "features": [ 20, 47, 5, 1 ], "cvss": 9.1, "cve_description": "libssh authentication bypass via SSH2_MSG_USERAUTH_SUCCESS", "file_language": "C", "file_component": "session", "is_test_file": false }, { "cveId": "CVE-2018-10933", "repo": "libssh/authentication", "file": "crypto/config9.c", "label": 1, "features": [ 67, 56, 18, 30 ], "cvss": 9.1, "cve_description": "libssh authentication bypass via SSH2_MSG_USERAUTH_SUCCESS", "file_language": "C", "file_component": "auth", "is_test_file": false }, { "cveId": "CVE-2018-10933", "repo": "libssh/authentication", "file": "security/auth10.java", "label": 0, "features": [ 26, 49, 8, 21 ], "cvss": 9.1, "cve_description": "libssh authentication bypass via SSH2_MSG_USERAUTH_SUCCESS", "file_language": "Java", "file_component": "session", "is_test_file": false }, { "cveId": "CVE-2018-10933", "repo": "libssh/authentication", "file": "net/channel11.c", "label": 0, "features": [ 1, 24, 4, 64 ], "cvss": 9.1, "cve_description": "libssh authentication bypass via SSH2_MSG_USERAUTH_SUCCESS", "file_language": "C", "file_component": "auth", "is_test_file": false }, { "cveId": "CVE-2018-10933", "repo": "libssh/authentication", "file": "crypto/session12.h", "label": 1, "features": [ 81, 88, 12, 44 ], "cvss": 9.1, "cve_description": "libssh authentication bypass via SSH2_MSG_USERAUTH_SUCCESS", "file_language": "C", "file_component": "session", "is_test_file": false }, { "cveId": "CVE-2018-10933", "repo": "libssh/authentication", "file": "core/buffer13.c", "label": 1, "features": [ 63, 58, 29, 85 ], "cvss": 9.1, "cve_description": "libssh authentication bypass via SSH2_MSG_USERAUTH_SUCCESS", "file_language": "C", "file_component": "channel", "is_test_file": false }, { "cveId": "CVE-2018-10933", "repo": "libssh/authentication", "file": "src/manager14.cpp", "label": 0, "features": [ 26, 11, 7, 69 ], "cvss": 9.1, "cve_description": "libssh authentication bypass via SSH2_MSG_USERAUTH_SUCCESS", "file_language": "C++", "file_component": "ssh", "is_test_file": false }, { "cveId": "CVE-2018-10933", "repo": "libssh/authentication", "file": "kernel/session15.c", "label": 0, "features": [ 35, 29, 1, 25 ], "cvss": 9.1, "cve_description": "libssh authentication bypass via SSH2_MSG_USERAUTH_SUCCESS", "file_language": "C", "file_component": "ssh", "is_test_file": true }, { "cveId": "CVE-2018-10933", "repo": "libssh/authentication", "file": "core/Database16.php", "label": 0, "features": [ 14, 37, 4, 34 ], "cvss": 9.1, "cve_description": "libssh authentication bypass via SSH2_MSG_USERAUTH_SUCCESS", "file_language": "PHP", "file_component": "session", "is_test_file": false }, { "cveId": "CVE-2018-10933", "repo": "libssh/authentication", "file": "net/ssh17.h", "label": 0, "features": [ 9, 55, 5, 66 ], "cvss": 9.1, "cve_description": "libssh authentication bypass via SSH2_MSG_USERAUTH_SUCCESS", "file_language": "C", "file_component": "session", "is_test_file": false }, { "cveId": "CVE-2018-10933", "repo": "libssh/authentication", "file": "core/session18.h", "label": 0, "features": [ 12, 44, 6, 6 ], "cvss": 9.1, "cve_description": "libssh authentication bypass via SSH2_MSG_USERAUTH_SUCCESS", "file_language": "C", "file_component": "channel", "is_test_file": false }, { "cveId": "CVE-2018-10933", "repo": "libssh/authentication", "file": "security/parser19.h", "label": 0, "features": [ 33, 15, 6, 29 ], "cvss": 9.1, "cve_description": "libssh authentication bypass via SSH2_MSG_USERAUTH_SUCCESS", "file_language": "C", "file_component": "auth", "is_test_file": false }, { "cveId": "CVE-2019-1010298", "repo": "linphone/integer", "file": "kernel/buffer.c", "label": 0, "features": [ 13, 10, 1, 3 ], "cvss": 9.8, "cve_description": "Linphone belle-sip integer overflow in SDP parsing", "file_language": "C", "file_component": "header", "is_test_file": false }, { "cveId": "CVE-2019-1010298", "repo": "linphone/integer", "file": "src/socket1.c", "label": 0, "features": [ 1, 52, 2, 58 ], "cvss": 9.8, "cve_description": "Linphone belle-sip integer overflow in SDP parsing", "file_language": "C", "file_component": "sdp", "is_test_file": false }, { "cveId": "CVE-2019-1010298", "repo": "linphone/integer", "file": "security/sdp2.java", "label": 1, "features": [ 63, 89, 10, 36 ], "cvss": 9.8, "cve_description": "Linphone belle-sip integer overflow in SDP parsing", "file_language": "Java", "file_component": "sdp", "is_test_file": false }, { "cveId": "CVE-2019-1010298", "repo": "linphone/integer", "file": "lib/parse3.c", "label": 0, "features": [ 16, 16, 1, 9 ], "cvss": 9.8, "cve_description": "Linphone belle-sip integer overflow in SDP parsing", "file_language": "C", "file_component": "sip", "is_test_file": false }, { "cveId": "CVE-2019-1010298", "repo": "linphone/integer", "file": "security/utils4.h", "label": 1, "features": [ 67, 44, 17, 39 ], "cvss": 9.8, "cve_description": "Linphone belle-sip integer overflow in SDP parsing", "file_language": "C", "file_component": "sdp", "is_test_file": false }, { "cveId": "CVE-2019-1010298", "repo": "linphone/integer", "file": "crypto/sdp5.c", "label": 0, "features": [ 36, 45, 0, 15 ], "cvss": 9.8, "cve_description": "Linphone belle-sip integer overflow in SDP parsing", "file_language": "C", "file_component": "parse", "is_test_file": false }, { "cveId": "CVE-2019-1010298", "repo": "linphone/integer", "file": "app/concern6.rb", "label": 0, "features": [ 12, 43, 0, 68 ], "cvss": 9.8, "cve_description": "Linphone belle-sip integer overflow in SDP parsing", "file_language": "Ruby", "file_component": "sip", "is_test_file": false }, { "cveId": "CVE-2019-1010298", "repo": "linphone/integer", "file": "net/config7.c", "label": 0, "features": [ 1, 25, 2, 28 ], "cvss": 9.8, "cve_description": "Linphone belle-sip integer overflow in SDP parsing", "file_language": "C", "file_component": "sdp", "is_test_file": true }, { "cveId": "CVE-2020-0796", "repo": "smbghost/compression", "file": "drivers/buffer.h", "label": 0, "features": [ 31, 32, 8, 51 ], "cvss": 10.0, "cve_description": "SMBGhost - SMBv3 compression integer overflow RCE", "file_language": "C", "file_component": "smb", "is_test_file": false }, { "cveId": "CVE-2020-0796", "repo": "smbghost/compression", "file": "kernel/io1.c", "label": 1, "features": [ 90, 59, 7, 56 ], "cvss": 10.0, "cve_description": "SMBGhost - SMBv3 compression integer overflow RCE", "file_language": "C", "file_component": "compress", "is_test_file": false }, { "cveId": "CVE-2020-0796", "repo": "smbghost/compression", "file": "security/socket2.h", "label": 1, "features": [ 94, 46, 21, 79 ], "cvss": 10.0, "cve_description": "SMBGhost - SMBv3 compression integer overflow RCE", "file_language": "C", "file_component": "header", "is_test_file": false }, { "cveId": "CVE-2020-0796", "repo": "smbghost/compression", "file": "lib/alloc3.c", "label": 0, "features": [ 32, 21, 6, 37 ], "cvss": 10.0, "cve_description": "SMBGhost - SMBv3 compression integer overflow RCE", "file_language": "C", "file_component": "transform", "is_test_file": false }, { "cveId": "CVE-2020-0796", "repo": "smbghost/compression", "file": "src/Model4.php", "label": 0, "features": [ 27, 55, 2, 45 ], "cvss": 10.0, "cve_description": "SMBGhost - SMBv3 compression integer overflow RCE", "file_language": "PHP", "file_component": "header", "is_test_file": false }, { "cveId": "CVE-2020-0796", "repo": "smbghost/compression", "file": "drivers/transform5.h", "label": 0, "features": [ 0, 50, 5, 27 ], "cvss": 10.0, "cve_description": "SMBGhost - SMBv3 compression integer overflow RCE", "file_language": "C", "file_component": "transform", "is_test_file": false }, { "cveId": "CVE-2020-0796", "repo": "smbghost/compression", "file": "api/auth6.py", "label": 0, "features": [ 6, 40, 4, 9 ], "cvss": 10.0, "cve_description": "SMBGhost - SMBv3 compression integer overflow RCE", "file_language": "Python", "file_component": "smb", "is_test_file": false }, { "cveId": "CVE-2021-31956", "repo": "windows/ntfs", "file": "security/utils.c", "label": 1, "features": [ 91, 60, 20, 79 ], "cvss": 7.8, "cve_description": "Windows NTFS elevation of privilege", "file_language": "C", "file_component": "attribute", "is_test_file": false }, { "cveId": "CVE-2021-31956", "repo": "windows/ntfs", "file": "mm/query1.h", "label": 0, "features": [ 2, 39, 8, 5 ], "cvss": 7.8, "cve_description": "Windows NTFS elevation of privilege", "file_language": "C", "file_component": "ntfs", "is_test_file": false }, { "cveId": "CVE-2021-31956", "repo": "windows/ntfs", "file": "lib/attribute2.h", "label": 0, "features": [ 25, 10, 8, 40 ], "cvss": 7.8, "cve_description": "Windows NTFS elevation of privilege", "file_language": "C", "file_component": "query", "is_test_file": false }, { "cveId": "CVE-2021-31956", "repo": "windows/ntfs", "file": "crypto/alloc3.c", "label": 1, "features": [ 94, 46, 2, 58 ], "cvss": 7.8, "cve_description": "Windows NTFS elevation of privilege", "file_language": "C", "file_component": "attribute", "is_test_file": false }, { "cveId": "CVE-2021-31956", "repo": "windows/ntfs", "file": "drivers/extend4.c", "label": 0, "features": [ 23, 57, 8, 0 ], "cvss": 7.8, "cve_description": "Windows NTFS elevation of privilege", "file_language": "C", "file_component": "ntfs", "is_test_file": true }, { "cveId": "CVE-2021-31956", "repo": "windows/ntfs", "file": "src/attribute5.mjs", "label": 0, "features": [ 39, 55, 6, 34 ], "cvss": 7.8, "cve_description": "Windows NTFS elevation of privilege", "file_language": "JavaScript", "file_component": "ntfs", "is_test_file": false }, { "cveId": "CVE-2021-31956", "repo": "windows/ntfs", "file": "app/model6.rb", "label": 0, "features": [ 26, 45, 7, 15 ], "cvss": 7.8, "cve_description": "Windows NTFS elevation of privilege", "file_language": "Ruby", "file_component": "ntfs", "is_test_file": false }, { "cveId": "CVE-2021-31956", "repo": "windows/ntfs", "file": "crypto/init7.h", "label": 0, "features": [ 30, 19, 1, 33 ], "cvss": 7.8, "cve_description": "Windows NTFS elevation of privilege", "file_language": "C", "file_component": "query", "is_test_file": false }, { "cveId": "CVE-2021-31956", "repo": "windows/ntfs", "file": "classes/query8.php", "label": 0, "features": [ 3, 18, 0, 27 ], "cvss": 7.8, "cve_description": "Windows NTFS elevation of privilege", "file_language": "PHP", "file_component": "extend", "is_test_file": false }, { "cveId": "CVE-2021-31956", "repo": "windows/ntfs", "file": "lib/config9.c", "label": 0, "features": [ 33, 37, 5, 39 ], "cvss": 7.8, "cve_description": "Windows NTFS elevation of privilege", "file_language": "C", "file_component": "query", "is_test_file": false }, { "cveId": "CVE-2021-31956", "repo": "windows/ntfs", "file": "core/query10.h", "label": 1, "features": [ 94, 72, 8, 81 ], "cvss": 7.8, "cve_description": "Windows NTFS elevation of privilege", "file_language": "C", "file_component": "ntfs", "is_test_file": false }, { "cveId": "CVE-2021-31956", "repo": "windows/ntfs", "file": "kernel/ntfs11.c", "label": 0, "features": [ 7, 20, 0, 58 ], "cvss": 7.8, "cve_description": "Windows NTFS elevation of privilege", "file_language": "C", "file_component": "extend", "is_test_file": false }, { "cveId": "CVE-2021-31956", "repo": "windows/ntfs", "file": "drivers/init12.c", "label": 0, "features": [ 5, 27, 6, 27 ], "cvss": 7.8, "cve_description": "Windows NTFS elevation of privilege", "file_language": "C", "file_component": "query", "is_test_file": false }, { "cveId": "CVE-2021-31956", "repo": "windows/ntfs", "file": "src/ntfs13.h", "label": 1, "features": [ 63, 86, 15, 54 ], "cvss": 7.8, "cve_description": "Windows NTFS elevation of privilege", "file_language": "C", "file_component": "attribute", "is_test_file": false }, { "cveId": "CVE-2021-31956", "repo": "windows/ntfs", "file": "fs/socket14.h", "label": 1, "features": [ 28, 83, 3, 61 ], "cvss": 7.8, "cve_description": "Windows NTFS elevation of privilege", "file_language": "C", "file_component": "attribute", "is_test_file": false }, { "cveId": "CVE-2021-31956", "repo": "windows/ntfs", "file": "src/ntfs15.h", "label": 0, "features": [ 17, 19, 6, 50 ], "cvss": 7.8, "cve_description": "Windows NTFS elevation of privilege", "file_language": "C", "file_component": "ntfs", "is_test_file": false }, { "cveId": "CVE-2021-31956", "repo": "windows/ntfs", "file": "crypto/handler16.c", "label": 1, "features": [ 59, 80, 11, 66 ], "cvss": 7.8, "cve_description": "Windows NTFS elevation of privilege", "file_language": "C", "file_component": "attribute", "is_test_file": false }, { "cveId": "CVE-2021-31956", "repo": "windows/ntfs", "file": "kernel/ntfs17.c", "label": 0, "features": [ 10, 16, 5, 58 ], "cvss": 7.8, "cve_description": "Windows NTFS elevation of privilege", "file_language": "C", "file_component": "query", "is_test_file": false }, { "cveId": "CVE-2017-13098", "repo": "bouncy/castle", "file": "network/server.cpp", "label": 0, "features": [ 30, 42, 0, 62 ], "cvss": 5.9, "cve_description": "Bouncy Castle key agreement vulnerability", "file_language": "C++", "file_component": "ecdh", "is_test_file": true }, { "cveId": "CVE-2017-13098", "repo": "bouncy/castle", "file": "util/Controller1.java", "label": 0, "features": [ 33, 37, 2, 18 ], "cvss": 5.9, "cve_description": "Bouncy Castle key agreement vulnerability", "file_language": "Java", "file_component": "bouncycastle", "is_test_file": false }, { "cveId": "CVE-2017-13098", "repo": "bouncy/castle", "file": "service/Filter2.java", "label": 1, "features": [ 47, 82, 17, 62 ], "cvss": 5.9, "cve_description": "Bouncy Castle key agreement vulnerability", "file_language": "Java", "file_component": "key", "is_test_file": false }, { "cveId": "CVE-2017-13098", "repo": "bouncy/castle", "file": "web/Validator3.java", "label": 0, "features": [ 38, 35, 1, 34 ], "cvss": 5.9, "cve_description": "Bouncy Castle key agreement vulnerability", "file_language": "Java", "file_component": "key", "is_test_file": false }, { "cveId": "CVE-2017-13098", "repo": "bouncy/castle", "file": "security/bouncycastle4.c", "label": 0, "features": [ 15, 41, 6, 46 ], "cvss": 5.9, "cve_description": "Bouncy Castle key agreement vulnerability", "file_language": "C", "file_component": "ecdh", "is_test_file": false }, { "cveId": "CVE-2017-13098", "repo": "bouncy/castle", "file": "security/Controller5.java", "label": 0, "features": [ 34, 33, 8, 22 ], "cvss": 5.9, "cve_description": "Bouncy Castle key agreement vulnerability", "file_language": "Java", "file_component": "agreement", "is_test_file": false }, { "cveId": "CVE-2017-13098", "repo": "bouncy/castle", "file": "service/Interceptor6.java", "label": 1, "features": [ 50, 59, 8, 35 ], "cvss": 5.9, "cve_description": "Bouncy Castle key agreement vulnerability", "file_language": "Java", "file_component": "key", "is_test_file": false }, { "cveId": "CVE-2017-13098", "repo": "bouncy/castle", "file": "core/bouncycastle7.cc", "label": 1, "features": [ 78, 99, 23, 48 ], "cvss": 5.9, "cve_description": "Bouncy Castle key agreement vulnerability", "file_language": "C++", "file_component": "agreement", "is_test_file": false }, { "cveId": "CVE-2017-13098", "repo": "bouncy/castle", "file": "controller/key8.java", "label": 0, "features": [ 4, 56, 4, 1 ], "cvss": 5.9, "cve_description": "Bouncy Castle key agreement vulnerability", "file_language": "Java", "file_component": "key", "is_test_file": false }, { "cveId": "CVE-2018-0114", "repo": "cisco/bypass", "file": "utils/key.js", "label": 0, "features": [ 18, 55, 8, 19 ], "cvss": 7.5, "cve_description": "Cisco node-jose JWT bypass via key confusion", "file_language": "JavaScript", "file_component": "key", "is_test_file": false }, { "cveId": "CVE-2018-0114", "repo": "cisco/bypass", "file": "service/jwt1.java", "label": 1, "features": [ 75, 99, 13, 61 ], "cvss": 7.5, "cve_description": "Cisco node-jose JWT bypass via key confusion", "file_language": "Java", "file_component": "verify", "is_test_file": false }, { "cveId": "CVE-2018-0114", "repo": "cisco/bypass", "file": "routes/server2.mjs", "label": 0, "features": [ 38, 24, 2, 55 ], "cvss": 7.5, "cve_description": "Cisco node-jose JWT bypass via key confusion", "file_language": "JavaScript", "file_component": "algorithm", "is_test_file": false }, { "cveId": "CVE-2018-0114", "repo": "cisco/bypass", "file": "utils/verify3.mjs", "label": 1, "features": [ 53, 59, 4, 68 ], "cvss": 7.5, "cve_description": "Cisco node-jose JWT bypass via key confusion", "file_language": "JavaScript", "file_component": "verify", "is_test_file": false }, { "cveId": "CVE-2018-0114", "repo": "cisco/bypass", "file": "routes/algorithm4.js", "label": 0, "features": [ 20, 37, 5, 59 ], "cvss": 7.5, "cve_description": "Cisco node-jose JWT bypass via key confusion", "file_language": "JavaScript", "file_component": "verify", "is_test_file": false }, { "cveId": "CVE-2018-0114", "repo": "cisco/bypass", "file": "routes/index5.js", "label": 0, "features": [ 26, 10, 2, 38 ], "cvss": 7.5, "cve_description": "Cisco node-jose JWT bypass via key confusion", "file_language": "JavaScript", "file_component": "algorithm", "is_test_file": false }, { "cveId": "CVE-2018-0114", "repo": "cisco/bypass", "file": "lib/middleware6.js", "label": 0, "features": [ 25, 13, 6, 0 ], "cvss": 7.5, "cve_description": "Cisco node-jose JWT bypass via key confusion", "file_language": "JavaScript", "file_component": "key", "is_test_file": false }, { "cveId": "CVE-2018-0114", "repo": "cisco/bypass", "file": "lib/application7.rb", "label": 0, "features": [ 6, 26, 1, 37 ], "cvss": 7.5, "cve_description": "Cisco node-jose JWT bypass via key confusion", "file_language": "Ruby", "file_component": "jwt", "is_test_file": false }, { "cveId": "CVE-2018-0114", "repo": "cisco/bypass", "file": "src/index8.js", "label": 0, "features": [ 35, 52, 7, 17 ], "cvss": 7.5, "cve_description": "Cisco node-jose JWT bypass via key confusion", "file_language": "JavaScript", "file_component": "jwt", "is_test_file": false }, { "cveId": "CVE-2018-0114", "repo": "cisco/bypass", "file": "core/middleware9.js", "label": 1, "features": [ 94, 84, 8, 44 ], "cvss": 7.5, "cve_description": "Cisco node-jose JWT bypass via key confusion", "file_language": "JavaScript", "file_component": "verify", "is_test_file": false }, { "cveId": "CVE-2018-0114", "repo": "cisco/bypass", "file": "middleware/algorithm10.js", "label": 0, "features": [ 1, 58, 8, 56 ], "cvss": 7.5, "cve_description": "Cisco node-jose JWT bypass via key confusion", "file_language": "JavaScript", "file_component": "jwt", "is_test_file": true }, { "cveId": "CVE-2018-0114", "repo": "cisco/bypass", "file": "routes/router11.js", "label": 0, "features": [ 34, 21, 7, 15 ], "cvss": 7.5, "cve_description": "Cisco node-jose JWT bypass via key confusion", "file_language": "JavaScript", "file_component": "algorithm", "is_test_file": false }, { "cveId": "CVE-2018-0114", "repo": "cisco/bypass", "file": "lib/handler12.js", "label": 0, "features": [ 34, 17, 7, 61 ], "cvss": 7.5, "cve_description": "Cisco node-jose JWT bypass via key confusion", "file_language": "JavaScript", "file_component": "verify", "is_test_file": false }, { "cveId": "CVE-2018-0114", "repo": "cisco/bypass", "file": "core/jwt13.mjs", "label": 0, "features": [ 29, 31, 6, 18 ], "cvss": 7.5, "cve_description": "Cisco node-jose JWT bypass via key confusion", "file_language": "JavaScript", "file_component": "algorithm", "is_test_file": false }, { "cveId": "CVE-2018-0114", "repo": "cisco/bypass", "file": "src/middleware14.js", "label": 0, "features": [ 39, 33, 0, 45 ], "cvss": 7.5, "cve_description": "Cisco node-jose JWT bypass via key confusion", "file_language": "JavaScript", "file_component": "algorithm", "is_test_file": true }, { "cveId": "CVE-2018-0114", "repo": "cisco/bypass", "file": "core/verify15.js", "label": 0, "features": [ 22, 50, 8, 49 ], "cvss": 7.5, "cve_description": "Cisco node-jose JWT bypass via key confusion", "file_language": "JavaScript", "file_component": "algorithm", "is_test_file": false }, { "cveId": "CVE-2018-0114", "repo": "cisco/bypass", "file": "core/auth16.mjs", "label": 0, "features": [ 8, 22, 4, 50 ], "cvss": 7.5, "cve_description": "Cisco node-jose JWT bypass via key confusion", "file_language": "JavaScript", "file_component": "verify", "is_test_file": false }, { "cveId": "CVE-2018-0114", "repo": "cisco/bypass", "file": "controllers/concern17.rb", "label": 0, "features": [ 32, 54, 8, 33 ], "cvss": 7.5, "cve_description": "Cisco node-jose JWT bypass via key confusion", "file_language": "Ruby", "file_component": "algorithm", "is_test_file": true }, { "cveId": "CVE-2018-0114", "repo": "cisco/bypass", "file": "middleware/verify18.js", "label": 0, "features": [ 14, 11, 1, 63 ], "cvss": 7.5, "cve_description": "Cisco node-jose JWT bypass via key confusion", "file_language": "JavaScript", "file_component": "key", "is_test_file": false }, { "cveId": "CVE-2019-1551", "repo": "openssl/overflow", "file": "src/openssl.h", "label": 0, "features": [ 28, 53, 5, 3 ], "cvss": 5.3, "cve_description": "OpenSSL rsaz_512_sqr overflow on x86_64", "file_language": "C", "file_component": "openssl", "is_test_file": false }, { "cveId": "CVE-2019-1551", "repo": "openssl/overflow", "file": "security/montgomery1.c", "label": 0, "features": [ 28, 48, 4, 28 ], "cvss": 5.3, "cve_description": "OpenSSL rsaz_512_sqr overflow on x86_64", "file_language": "C", "file_component": "montgomery", "is_test_file": false }, { "cveId": "CVE-2019-1551", "repo": "openssl/overflow", "file": "lib/socket2.c", "label": 0, "features": [ 6, 18, 0, 17 ], "cvss": 5.3, "cve_description": "OpenSSL rsaz_512_sqr overflow on x86_64", "file_language": "C", "file_component": "rsa", "is_test_file": false }, { "cveId": "CVE-2019-1551", "repo": "openssl/overflow", "file": "mm/montgomery3.c", "label": 1, "features": [ 39, 93, 8, 90 ], "cvss": 5.3, "cve_description": "OpenSSL rsaz_512_sqr overflow on x86_64", "file_language": "C", "file_component": "montgomery", "is_test_file": false }, { "cveId": "CVE-2019-1551", "repo": "openssl/overflow", "file": "lib/alloc4.h", "label": 0, "features": [ 4, 41, 1, 16 ], "cvss": 5.3, "cve_description": "OpenSSL rsaz_512_sqr overflow on x86_64", "file_language": "C", "file_component": "rsa", "is_test_file": false }, { "cveId": "CVE-2019-1551", "repo": "openssl/overflow", "file": "crypto/handler5.c", "label": 1, "features": [ 57, 41, 9, 67 ], "cvss": 5.3, "cve_description": "OpenSSL rsaz_512_sqr overflow on x86_64", "file_language": "C", "file_component": "openssl", "is_test_file": false }, { "cveId": "CVE-2019-1551", "repo": "openssl/overflow", "file": "lib/rsa6.h", "label": 0, "features": [ 33, 44, 8, 39 ], "cvss": 5.3, "cve_description": "OpenSSL rsaz_512_sqr overflow on x86_64", "file_language": "C", "file_component": "sqr", "is_test_file": false }, { "cveId": "CVE-2019-1551", "repo": "openssl/overflow", "file": "mm/alloc7.h", "label": 1, "features": [ 19, 61, 15, 63 ], "cvss": 5.3, "cve_description": "OpenSSL rsaz_512_sqr overflow on x86_64", "file_language": "C", "file_component": "openssl", "is_test_file": false }, { "cveId": "CVE-2019-1551", "repo": "openssl/overflow", "file": "net/buffer8.h", "label": 0, "features": [ 3, 20, 7, 9 ], "cvss": 5.3, "cve_description": "OpenSSL rsaz_512_sqr overflow on x86_64", "file_language": "C", "file_component": "rsa", "is_test_file": false }, { "cveId": "CVE-2019-1551", "repo": "openssl/overflow", "file": "drivers/utils9.h", "label": 0, "features": [ 39, 10, 8, 61 ], "cvss": 5.3, "cve_description": "OpenSSL rsaz_512_sqr overflow on x86_64", "file_language": "C", "file_component": "openssl", "is_test_file": false }, { "cveId": "CVE-2019-1551", "repo": "openssl/overflow", "file": "lib/main10.h", "label": 0, "features": [ 22, 32, 7, 38 ], "cvss": 5.3, "cve_description": "OpenSSL rsaz_512_sqr overflow on x86_64", "file_language": "C", "file_component": "openssl", "is_test_file": false }, { "cveId": "CVE-2019-1551", "repo": "openssl/overflow", "file": "src/views11.py", "label": 0, "features": [ 24, 48, 0, 70 ], "cvss": 5.3, "cve_description": "OpenSSL rsaz_512_sqr overflow on x86_64", "file_language": "Python", "file_component": "openssl", "is_test_file": false }, { "cveId": "CVE-2019-1551", "repo": "openssl/overflow", "file": "core/io12.h", "label": 1, "features": [ 29, 68, 5, 77 ], "cvss": 5.3, "cve_description": "OpenSSL rsaz_512_sqr overflow on x86_64", "file_language": "C", "file_component": "montgomery", "is_test_file": false }, { "cveId": "CVE-2019-1551", "repo": "openssl/overflow", "file": "net/handler13.c", "label": 0, "features": [ 14, 31, 8, 5 ], "cvss": 5.3, "cve_description": "OpenSSL rsaz_512_sqr overflow on x86_64", "file_language": "C", "file_component": "openssl", "is_test_file": false }, { "cveId": "CVE-2019-1551", "repo": "openssl/overflow", "file": "src/rsa14.c", "label": 0, "features": [ 18, 7, 5, 44 ], "cvss": 5.3, "cve_description": "OpenSSL rsaz_512_sqr overflow on x86_64", "file_language": "C", "file_component": "rsa", "is_test_file": false }, { "cveId": "CVE-2019-1551", "repo": "openssl/overflow", "file": "middleware/validator15.mjs", "label": 0, "features": [ 4, 9, 4, 69 ], "cvss": 5.3, "cve_description": "OpenSSL rsaz_512_sqr overflow on x86_64", "file_language": "JavaScript", "file_component": "rsa", "is_test_file": false }, { "cveId": "CVE-2019-1551", "repo": "openssl/overflow", "file": "core/Request16.php", "label": 0, "features": [ 18, 60, 3, 67 ], "cvss": 5.3, "cve_description": "OpenSSL rsaz_512_sqr overflow on x86_64", "file_language": "PHP", "file_component": "rsa", "is_test_file": false }, { "cveId": "CVE-2019-1551", "repo": "openssl/overflow", "file": "src/config17.h", "label": 0, "features": [ 39, 36, 4, 10 ], "cvss": 5.3, "cve_description": "OpenSSL rsaz_512_sqr overflow on x86_64", "file_language": "C", "file_component": "openssl", "is_test_file": false }, { "cveId": "CVE-2019-1551", "repo": "openssl/overflow", "file": "kernel/rsa18.c", "label": 0, "features": [ 2, 20, 7, 58 ], "cvss": 5.3, "cve_description": "OpenSSL rsaz_512_sqr overflow on x86_64", "file_language": "C", "file_component": "rsa", "is_test_file": false }, { "cveId": "CVE-2019-1551", "repo": "openssl/overflow", "file": "kernel/openssl19.h", "label": 1, "features": [ 22, 57, 29, 79 ], "cvss": 5.3, "cve_description": "OpenSSL rsaz_512_sqr overflow on x86_64", "file_language": "C", "file_component": "openssl", "is_test_file": false }, { "cveId": "CVE-2020-13777", "repo": "gnutls/session", "file": "fs/session.h", "label": 0, "features": [ 1, 43, 5, 33 ], "cvss": 7.4, "cve_description": "GnuTLS session ticket key reuse", "file_language": "C", "file_component": "key", "is_test_file": false }, { "cveId": "CVE-2020-13777", "repo": "gnutls/session", "file": "drivers/socket1.h", "label": 1, "features": [ 22, 91, 5, 100 ], "cvss": 7.4, "cve_description": "GnuTLS session ticket key reuse", "file_language": "C", "file_component": "gnutls", "is_test_file": false }, { "cveId": "CVE-2020-13777", "repo": "gnutls/session", "file": "routes/middleware2.js", "label": 0, "features": [ 29, 52, 3, 16 ], "cvss": 7.4, "cve_description": "GnuTLS session ticket key reuse", "file_language": "JavaScript", "file_component": "key", "is_test_file": false }, { "cveId": "CVE-2020-13777", "repo": "gnutls/session", "file": "lib/key3.h", "label": 0, "features": [ 2, 44, 4, 46 ], "cvss": 7.4, "cve_description": "GnuTLS session ticket key reuse", "file_language": "C", "file_component": "session", "is_test_file": false }, { "cveId": "CVE-2020-13777", "repo": "gnutls/session", "file": "lib/init4.h", "label": 0, "features": [ 11, 33, 7, 2 ], "cvss": 7.4, "cve_description": "GnuTLS session ticket key reuse", "file_language": "C", "file_component": "gnutls", "is_test_file": false }, { "cveId": "CVE-2020-13777", "repo": "gnutls/session", "file": "crypto/buffer5.c", "label": 0, "features": [ 37, 10, 4, 70 ], "cvss": 7.4, "cve_description": "GnuTLS session ticket key reuse", "file_language": "C", "file_component": "session", "is_test_file": false }, { "cveId": "CVE-2020-13777", "repo": "gnutls/session", "file": "kernel/init6.h", "label": 0, "features": [ 8, 19, 2, 18 ], "cvss": 7.4, "cve_description": "GnuTLS session ticket key reuse", "file_language": "C", "file_component": "ticket", "is_test_file": false }, { "cveId": "CVE-2020-13777", "repo": "gnutls/session", "file": "lib/main7.c", "label": 0, "features": [ 28, 42, 5, 5 ], "cvss": 7.4, "cve_description": "GnuTLS session ticket key reuse", "file_language": "C", "file_component": "ticket", "is_test_file": false }, { "cveId": "CVE-2020-13777", "repo": "gnutls/session", "file": "kernel/main8.h", "label": 0, "features": [ 2, 43, 3, 44 ], "cvss": 7.4, "cve_description": "GnuTLS session ticket key reuse", "file_language": "C", "file_component": "session", "is_test_file": false }, { "cveId": "CVE-2020-13777", "repo": "gnutls/session", "file": "fs/session9.c", "label": 0, "features": [ 26, 9, 6, 36 ], "cvss": 7.4, "cve_description": "GnuTLS session ticket key reuse", "file_language": "C", "file_component": "gnutls", "is_test_file": false }, { "cveId": "CVE-2020-13777", "repo": "gnutls/session", "file": "drivers/io10.h", "label": 0, "features": [ 18, 44, 0, 20 ], "cvss": 7.4, "cve_description": "GnuTLS session ticket key reuse", "file_language": "C", "file_component": "session", "is_test_file": false }, { "cveId": "CVE-2020-13777", "repo": "gnutls/session", "file": "mm/main11.c", "label": 0, "features": [ 20, 37, 8, 44 ], "cvss": 7.4, "cve_description": "GnuTLS session ticket key reuse", "file_language": "C", "file_component": "ticket", "is_test_file": false }, { "cveId": "CVE-2020-13777", "repo": "gnutls/session", "file": "core/io12.c", "label": 1, "features": [ 43, 76, 18, 100 ], "cvss": 7.4, "cve_description": "GnuTLS session ticket key reuse", "file_language": "C", "file_component": "gnutls", "is_test_file": false }, { "cveId": "CVE-2020-13777", "repo": "gnutls/session", "file": "fs/main13.h", "label": 0, "features": [ 33, 33, 5, 34 ], "cvss": 7.4, "cve_description": "GnuTLS session ticket key reuse", "file_language": "C", "file_component": "gnutls", "is_test_file": false }, { "cveId": "CVE-2020-13777", "repo": "gnutls/session", "file": "drivers/session14.h", "label": 1, "features": [ 29, 84, 9, 86 ], "cvss": 7.4, "cve_description": "GnuTLS session ticket key reuse", "file_language": "C", "file_component": "ticket", "is_test_file": false }, { "cveId": "CVE-2020-13777", "repo": "gnutls/session", "file": "app/Model15.php", "label": 0, "features": [ 38, 19, 7, 53 ], "cvss": 7.4, "cve_description": "GnuTLS session ticket key reuse", "file_language": "PHP", "file_component": "gnutls", "is_test_file": false }, { "cveId": "CVE-2020-13777", "repo": "gnutls/session", "file": "util/Filter16.java", "label": 0, "features": [ 18, 26, 5, 15 ], "cvss": 7.4, "cve_description": "GnuTLS session ticket key reuse", "file_language": "Java", "file_component": "ticket", "is_test_file": false }, { "cveId": "CVE-2020-13777", "repo": "gnutls/session", "file": "mm/alloc17.c", "label": 0, "features": [ 29, 5, 2, 15 ], "cvss": 7.4, "cve_description": "GnuTLS session ticket key reuse", "file_language": "C", "file_component": "ticket", "is_test_file": true }, { "cveId": "CVE-2020-13777", "repo": "gnutls/session", "file": "app/validator18.rb", "label": 0, "features": [ 1, 49, 2, 9 ], "cvss": 7.4, "cve_description": "GnuTLS session ticket key reuse", "file_language": "Ruby", "file_component": "gnutls", "is_test_file": false }, { "cveId": "CVE-2020-13777", "repo": "gnutls/session", "file": "internal/handler19.go", "label": 1, "features": [ 45, 85, 11, 45 ], "cvss": 7.4, "cve_description": "GnuTLS session ticket key reuse", "file_language": "Go", "file_component": "key", "is_test_file": false }, { "cveId": "CVE-2021-3449", "repo": "openssl/null", "file": "core/adapter.h", "label": 0, "features": [ 27, 23, 7, 17 ], "cvss": 5.9, "cve_description": "OpenSSL NULL pointer deref in signature_algorithms processing", "file_language": "C++", "file_component": "signature", "is_test_file": false }, { "cveId": "CVE-2021-3449", "repo": "openssl/null", "file": "src/processor1.cc", "label": 0, "features": [ 29, 29, 5, 56 ], "cvss": 5.9, "cve_description": "OpenSSL NULL pointer deref in signature_algorithms processing", "file_language": "C++", "file_component": "tls", "is_test_file": false }, { "cveId": "CVE-2021-3449", "repo": "openssl/null", "file": "lib/algorithm2.mjs", "label": 0, "features": [ 18, 25, 6, 40 ], "cvss": 5.9, "cve_description": "OpenSSL NULL pointer deref in signature_algorithms processing", "file_language": "JavaScript", "file_component": "openssl", "is_test_file": false }, { "cveId": "CVE-2021-3449", "repo": "openssl/null", "file": "security/buffer3.h", "label": 0, "features": [ 39, 25, 1, 44 ], "cvss": 5.9, "cve_description": "OpenSSL NULL pointer deref in signature_algorithms processing", "file_language": "C", "file_component": "tls", "is_test_file": false }, { "cveId": "CVE-2021-3449", "repo": "openssl/null", "file": "crypto/alloc4.c", "label": 0, "features": [ 18, 21, 1, 29 ], "cvss": 5.9, "cve_description": "OpenSSL NULL pointer deref in signature_algorithms processing", "file_language": "C", "file_component": "signature", "is_test_file": false }, { "cveId": "CVE-2021-3449", "repo": "openssl/null", "file": "fs/openssl5.c", "label": 1, "features": [ 84, 74, 27, 54 ], "cvss": 5.9, "cve_description": "OpenSSL NULL pointer deref in signature_algorithms processing", "file_language": "C", "file_component": "tls", "is_test_file": false }, { "cveId": "CVE-2021-3449", "repo": "openssl/null", "file": "net/init6.h", "label": 0, "features": [ 33, 13, 7, 37 ], "cvss": 5.9, "cve_description": "OpenSSL NULL pointer deref in signature_algorithms processing", "file_language": "C", "file_component": "signature", "is_test_file": true }, { "cveId": "CVE-2021-3449", "repo": "openssl/null", "file": "core/tls7.cc", "label": 0, "features": [ 17, 51, 1, 45 ], "cvss": 5.9, "cve_description": "OpenSSL NULL pointer deref in signature_algorithms processing", "file_language": "C++", "file_component": "algorithm", "is_test_file": false }, { "cveId": "CVE-2021-3449", "repo": "openssl/null", "file": "core/openssl8.py", "label": 0, "features": [ 20, 7, 6, 12 ], "cvss": 5.9, "cve_description": "OpenSSL NULL pointer deref in signature_algorithms processing", "file_language": "Python", "file_component": "openssl", "is_test_file": false }, { "cveId": "CVE-2021-3449", "repo": "openssl/null", "file": "includes/algorithm9.php", "label": 1, "features": [ 43, 83, 8, 63 ], "cvss": 5.9, "cve_description": "OpenSSL NULL pointer deref in signature_algorithms processing", "file_language": "PHP", "file_component": "tls", "is_test_file": false }, { "cveId": "CVE-2021-3449", "repo": "openssl/null", "file": "crypto/openssl10.c", "label": 0, "features": [ 33, 59, 3, 0 ], "cvss": 5.9, "cve_description": "OpenSSL NULL pointer deref in signature_algorithms processing", "file_language": "C", "file_component": "tls", "is_test_file": false }, { "cveId": "CVE-2021-3449", "repo": "openssl/null", "file": "core/main11.h", "label": 1, "features": [ 93, 64, 22, 60 ], "cvss": 5.9, "cve_description": "OpenSSL NULL pointer deref in signature_algorithms processing", "file_language": "C", "file_component": "tls", "is_test_file": false }, { "cveId": "CVE-2021-3449", "repo": "openssl/null", "file": "kernel/handler12.h", "label": 1, "features": [ 77, 90, 22, 80 ], "cvss": 5.9, "cve_description": "OpenSSL NULL pointer deref in signature_algorithms processing", "file_language": "C", "file_component": "tls", "is_test_file": false }, { "cveId": "CVE-2021-3449", "repo": "openssl/null", "file": "lib/handler13.c", "label": 0, "features": [ 18, 31, 7, 41 ], "cvss": 5.9, "cve_description": "OpenSSL NULL pointer deref in signature_algorithms processing", "file_language": "C", "file_component": "signature", "is_test_file": false }, { "cveId": "CVE-2021-3449", "repo": "openssl/null", "file": "crypto/algorithm14.c", "label": 1, "features": [ 31, 89, 30, 91 ], "cvss": 5.9, "cve_description": "OpenSSL NULL pointer deref in signature_algorithms processing", "file_language": "C", "file_component": "tls", "is_test_file": false }, { "cveId": "CVE-2017-3735", "repo": "openssl/ipaddressfamily", "file": "kernel/asn1.h", "label": 1, "features": [ 69, 65, 10, 36 ], "cvss": 5.3, "cve_description": "OpenSSL IPAddressFamily parsing OOB read", "file_language": "C", "file_component": "ipaddrblocks", "is_test_file": false }, { "cveId": "CVE-2017-3735", "repo": "openssl/ipaddressfamily", "file": "app/x5091.php", "label": 0, "features": [ 34, 18, 1, 42 ], "cvss": 5.3, "cve_description": "OpenSSL IPAddressFamily parsing OOB read", "file_language": "PHP", "file_component": "openssl", "is_test_file": false }, { "cveId": "CVE-2017-3735", "repo": "openssl/ipaddressfamily", "file": "security/utils2.h", "label": 0, "features": [ 35, 9, 0, 66 ], "cvss": 5.3, "cve_description": "OpenSSL IPAddressFamily parsing OOB read", "file_language": "C", "file_component": "openssl", "is_test_file": false }, { "cveId": "CVE-2017-3735", "repo": "openssl/ipaddressfamily", "file": "fs/x5093.c", "label": 0, "features": [ 23, 26, 6, 27 ], "cvss": 5.3, "cve_description": "OpenSSL IPAddressFamily parsing OOB read", "file_language": "C", "file_component": "x509", "is_test_file": false }, { "cveId": "CVE-2017-3735", "repo": "openssl/ipaddressfamily", "file": "src/main4.c", "label": 0, "features": [ 31, 7, 2, 36 ], "cvss": 5.3, "cve_description": "OpenSSL IPAddressFamily parsing OOB read", "file_language": "C", "file_component": "openssl", "is_test_file": false }, { "cveId": "CVE-2017-3735", "repo": "openssl/ipaddressfamily", "file": "src/init5.c", "label": 0, "features": [ 24, 46, 6, 16 ], "cvss": 5.3, "cve_description": "OpenSSL IPAddressFamily parsing OOB read", "file_language": "C", "file_component": "x509", "is_test_file": false }, { "cveId": "CVE-2017-3735", "repo": "openssl/ipaddressfamily", "file": "src/x5096.h", "label": 1, "features": [ 27, 87, 20, 80 ], "cvss": 5.3, "cve_description": "OpenSSL IPAddressFamily parsing OOB read", "file_language": "C++", "file_component": "openssl", "is_test_file": false }, { "cveId": "CVE-2017-3735", "repo": "openssl/ipaddressfamily", "file": "drivers/asn17.c", "label": 1, "features": [ 40, 46, 10, 90 ], "cvss": 5.3, "cve_description": "OpenSSL IPAddressFamily parsing OOB read", "file_language": "C", "file_component": "ipaddrblocks", "is_test_file": false }, { "cveId": "CVE-2017-3735", "repo": "openssl/ipaddressfamily", "file": "security/buffer8.h", "label": 1, "features": [ 83, 72, 9, 78 ], "cvss": 5.3, "cve_description": "OpenSSL IPAddressFamily parsing OOB read", "file_language": "C", "file_component": "x509", "is_test_file": false }, { "cveId": "CVE-2017-3735", "repo": "openssl/ipaddressfamily", "file": "drivers/buffer9.c", "label": 1, "features": [ 88, 41, 14, 59 ], "cvss": 5.3, "cve_description": "OpenSSL IPAddressFamily parsing OOB read", "file_language": "C", "file_component": "asn1", "is_test_file": false }, { "cveId": "CVE-2017-3735", "repo": "openssl/ipaddressfamily", "file": "kernel/config10.c", "label": 0, "features": [ 5, 11, 8, 21 ], "cvss": 5.3, "cve_description": "OpenSSL IPAddressFamily parsing OOB read", "file_language": "C", "file_component": "openssl", "is_test_file": false }, { "cveId": "CVE-2017-3735", "repo": "openssl/ipaddressfamily", "file": "lib/handlers11.py", "label": 0, "features": [ 36, 53, 3, 7 ], "cvss": 5.3, "cve_description": "OpenSSL IPAddressFamily parsing OOB read", "file_language": "Python", "file_component": "openssl", "is_test_file": false }, { "cveId": "CVE-2017-3735", "repo": "openssl/ipaddressfamily", "file": "drivers/asn112.c", "label": 0, "features": [ 0, 22, 3, 62 ], "cvss": 5.3, "cve_description": "OpenSSL IPAddressFamily parsing OOB read", "file_language": "C", "file_component": "ipaddrblocks", "is_test_file": false }, { "cveId": "CVE-2017-3735", "repo": "openssl/ipaddressfamily", "file": "drivers/alloc13.h", "label": 0, "features": [ 5, 11, 6, 9 ], "cvss": 5.3, "cve_description": "OpenSSL IPAddressFamily parsing OOB read", "file_language": "C", "file_component": "x509", "is_test_file": false }, { "cveId": "CVE-2017-3735", "repo": "openssl/ipaddressfamily", "file": "core/Service14.java", "label": 1, "features": [ 29, 42, 30, 84 ], "cvss": 5.3, "cve_description": "OpenSSL IPAddressFamily parsing OOB read", "file_language": "Java", "file_component": "openssl", "is_test_file": false }, { "cveId": "CVE-2017-3735", "repo": "openssl/ipaddressfamily", "file": "core/ipaddrblocks15.h", "label": 0, "features": [ 7, 32, 4, 34 ], "cvss": 5.3, "cve_description": "OpenSSL IPAddressFamily parsing OOB read", "file_language": "C", "file_component": "asn1", "is_test_file": false }, { "cveId": "CVE-2017-3735", "repo": "openssl/ipaddressfamily", "file": "mm/x50916.c", "label": 0, "features": [ 39, 50, 5, 66 ], "cvss": 5.3, "cve_description": "OpenSSL IPAddressFamily parsing OOB read", "file_language": "C", "file_component": "ipaddrblocks", "is_test_file": false }, { "cveId": "CVE-2017-3735", "repo": "openssl/ipaddressfamily", "file": "drivers/parser17.c", "label": 0, "features": [ 30, 5, 5, 53 ], "cvss": 5.3, "cve_description": "OpenSSL IPAddressFamily parsing OOB read", "file_language": "C", "file_component": "x509", "is_test_file": false }, { "cveId": "CVE-2017-3735", "repo": "openssl/ipaddressfamily", "file": "kernel/handler18.c", "label": 0, "features": [ 34, 34, 5, 12 ], "cvss": 5.3, "cve_description": "OpenSSL IPAddressFamily parsing OOB read", "file_language": "C", "file_component": "openssl", "is_test_file": false }, { "cveId": "CVE-2017-3735", "repo": "openssl/ipaddressfamily", "file": "lib/openssl19.c", "label": 0, "features": [ 12, 22, 4, 54 ], "cvss": 5.3, "cve_description": "OpenSSL IPAddressFamily parsing OOB read", "file_language": "C", "file_component": "x509", "is_test_file": true }, { "cveId": "CVE-2017-1000117", "repo": "command/injection", "file": "lib/ssh.c", "label": 0, "features": [ 17, 16, 4, 13 ], "cvss": 8.8, "cve_description": "Git SSH URL command injection", "file_language": "C", "file_component": "ssh", "is_test_file": false }, { "cveId": "CVE-2017-1000117", "repo": "command/injection", "file": "drivers/socket1.h", "label": 0, "features": [ 39, 47, 7, 26 ], "cvss": 8.8, "cve_description": "Git SSH URL command injection", "file_language": "C", "file_component": "connect", "is_test_file": false }, { "cveId": "CVE-2017-1000117", "repo": "command/injection", "file": "middleware/git2.py", "label": 0, "features": [ 20, 9, 0, 17 ], "cvss": 8.8, "cve_description": "Git SSH URL command injection", "file_language": "Python", "file_component": "git", "is_test_file": false }, { "cveId": "CVE-2017-1000117", "repo": "command/injection", "file": "drivers/connect3.c", "label": 0, "features": [ 24, 54, 6, 60 ], "cvss": 8.8, "cve_description": "Git SSH URL command injection", "file_language": "C", "file_component": "connect", "is_test_file": false }, { "cveId": "CVE-2017-1000117", "repo": "command/injection", "file": "includes/Auth4.php", "label": 1, "features": [ 50, 85, 6, 85 ], "cvss": 8.8, "cve_description": "Git SSH URL command injection", "file_language": "PHP", "file_component": "git", "is_test_file": false }, { "cveId": "CVE-2017-1000117", "repo": "command/injection", "file": "lib/buffer5.h", "label": 0, "features": [ 11, 6, 5, 59 ], "cvss": 8.8, "cve_description": "Git SSH URL command injection", "file_language": "C", "file_component": "url", "is_test_file": false }, { "cveId": "CVE-2017-1000117", "repo": "command/injection", "file": "net/ssh6.c", "label": 1, "features": [ 16, 52, 16, 76 ], "cvss": 8.8, "cve_description": "Git SSH URL command injection", "file_language": "C", "file_component": "connect", "is_test_file": false }, { "cveId": "CVE-2017-1000117", "repo": "command/injection", "file": "drivers/utils7.h", "label": 0, "features": [ 32, 5, 4, 4 ], "cvss": 8.8, "cve_description": "Git SSH URL command injection", "file_language": "C", "file_component": "url", "is_test_file": false }, { "cveId": "CVE-2017-1000117", "repo": "command/injection", "file": "src/init8.h", "label": 0, "features": [ 36, 57, 0, 60 ], "cvss": 8.8, "cve_description": "Git SSH URL command injection", "file_language": "C", "file_component": "connect", "is_test_file": false }, { "cveId": "CVE-2017-1000117", "repo": "command/injection", "file": "core/git9.c", "label": 0, "features": [ 39, 50, 2, 22 ], "cvss": 8.8, "cve_description": "Git SSH URL command injection", "file_language": "C", "file_component": "connect", "is_test_file": false }, { "cveId": "CVE-2017-1000117", "repo": "command/injection", "file": "lib/main10.h", "label": 0, "features": [ 3, 25, 1, 69 ], "cvss": 8.8, "cve_description": "Git SSH URL command injection", "file_language": "C", "file_component": "connect", "is_test_file": false }, { "cveId": "CVE-2017-1000117", "repo": "command/injection", "file": "drivers/parser11.h", "label": 0, "features": [ 25, 31, 0, 8 ], "cvss": 8.8, "cve_description": "Git SSH URL command injection", "file_language": "C", "file_component": "url", "is_test_file": false }, { "cveId": "CVE-2017-1000117", "repo": "command/injection", "file": "src/main/java/ssh12.java", "label": 1, "features": [ 79, 66, 7, 30 ], "cvss": 8.8, "cve_description": "Git SSH URL command injection", "file_language": "Java", "file_component": "url", "is_test_file": false }, { "cveId": "CVE-2017-1000117", "repo": "command/injection", "file": "drivers/alloc13.c", "label": 0, "features": [ 29, 10, 1, 11 ], "cvss": 8.8, "cve_description": "Git SSH URL command injection", "file_language": "C", "file_component": "git", "is_test_file": false }, { "cveId": "CVE-2018-17456", "repo": "submodule/command", "file": "api/submodule.py", "label": 1, "features": [ 31, 59, 3, 78 ], "cvss": 9.8, "cve_description": "Git submodule URL command injection", "file_language": "Python", "file_component": "url", "is_test_file": false }, { "cveId": "CVE-2018-17456", "repo": "submodule/command", "file": "mm/submodule1.h", "label": 0, "features": [ 17, 17, 2, 37 ], "cvss": 9.8, "cve_description": "Git submodule URL command injection", "file_language": "C", "file_component": "submodule", "is_test_file": false }, { "cveId": "CVE-2018-17456", "repo": "submodule/command", "file": "crypto/clone2.h", "label": 1, "features": [ 95, 83, 28, 51 ], "cvss": 9.8, "cve_description": "Git submodule URL command injection", "file_language": "C", "file_component": "git", "is_test_file": false }, { "cveId": "CVE-2018-17456", "repo": "submodule/command", "file": "server/url3.go", "label": 0, "features": [ 13, 26, 8, 70 ], "cvss": 9.8, "cve_description": "Git submodule URL command injection", "file_language": "Go", "file_component": "submodule", "is_test_file": true }, { "cveId": "CVE-2018-17456", "repo": "submodule/command", "file": "include/git4.h", "label": 0, "features": [ 33, 47, 2, 60 ], "cvss": 9.8, "cve_description": "Git submodule URL command injection", "file_language": "C++", "file_component": "submodule", "is_test_file": false }, { "cveId": "CVE-2018-17456", "repo": "submodule/command", "file": "mm/git5.c", "label": 1, "features": [ 95, 62, 29, 31 ], "cvss": 9.8, "cve_description": "Git submodule URL command injection", "file_language": "C", "file_component": "url", "is_test_file": false }, { "cveId": "CVE-2018-17456", "repo": "submodule/command", "file": "lib/clone6.h", "label": 0, "features": [ 34, 16, 0, 56 ], "cvss": 9.8, "cve_description": "Git submodule URL command injection", "file_language": "C", "file_component": "url", "is_test_file": false }, { "cveId": "CVE-2018-17456", "repo": "submodule/command", "file": "security/url7.c", "label": 0, "features": [ 38, 26, 7, 51 ], "cvss": 9.8, "cve_description": "Git submodule URL command injection", "file_language": "C", "file_component": "clone", "is_test_file": false }, { "cveId": "CVE-2018-17456", "repo": "submodule/command", "file": "api/handlers8.py", "label": 0, "features": [ 25, 42, 0, 20 ], "cvss": 9.8, "cve_description": "Git submodule URL command injection", "file_language": "Python", "file_component": "git", "is_test_file": false }, { "cveId": "CVE-2018-17456", "repo": "submodule/command", "file": "lib/utils9.py", "label": 0, "features": [ 19, 55, 2, 44 ], "cvss": 9.8, "cve_description": "Git submodule URL command injection", "file_language": "Python", "file_component": "submodule", "is_test_file": false }, { "cveId": "CVE-2019-18276", "repo": "bash/suid", "file": "net/suid.h", "label": 1, "features": [ 34, 83, 19, 77 ], "cvss": 7.8, "cve_description": "Bash SUID privilege escalation", "file_language": "C", "file_component": "suid", "is_test_file": false }, { "cveId": "CVE-2019-18276", "repo": "bash/suid", "file": "crypto/buffer1.h", "label": 0, "features": [ 30, 47, 6, 59 ], "cvss": 7.8, "cve_description": "Bash SUID privilege escalation", "file_language": "C", "file_component": "bash", "is_test_file": true }, { "cveId": "CVE-2019-18276", "repo": "bash/suid", "file": "lib/restore2.hpp", "label": 0, "features": [ 18, 57, 6, 50 ], "cvss": 7.8, "cve_description": "Bash SUID privilege escalation", "file_language": "C++", "file_component": "uid", "is_test_file": false }, { "cveId": "CVE-2019-18276", "repo": "bash/suid", "file": "net/socket3.c", "label": 0, "features": [ 23, 28, 5, 64 ], "cvss": 7.8, "cve_description": "Bash SUID privilege escalation", "file_language": "C", "file_component": "bash", "is_test_file": false }, { "cveId": "CVE-2019-18276", "repo": "bash/suid", "file": "lib/handler4.c", "label": 1, "features": [ 20, 53, 11, 85 ], "cvss": 7.8, "cve_description": "Bash SUID privilege escalation", "file_language": "C", "file_component": "uid", "is_test_file": false }, { "cveId": "CVE-2019-18276", "repo": "bash/suid", "file": "security/uid5.h", "label": 0, "features": [ 2, 21, 6, 22 ], "cvss": 7.8, "cve_description": "Bash SUID privilege escalation", "file_language": "C", "file_component": "suid", "is_test_file": true }, { "cveId": "CVE-2019-18276", "repo": "bash/suid", "file": "crypto/utils6.h", "label": 1, "features": [ 27, 81, 29, 81 ], "cvss": 7.8, "cve_description": "Bash SUID privilege escalation", "file_language": "C", "file_component": "bash", "is_test_file": false }, { "cveId": "CVE-2019-18276", "repo": "bash/suid", "file": "core/socket7.h", "label": 0, "features": [ 0, 36, 6, 54 ], "cvss": 7.8, "cve_description": "Bash SUID privilege escalation", "file_language": "C", "file_component": "restore", "is_test_file": false }, { "cveId": "CVE-2019-18276", "repo": "bash/suid", "file": "lib/socket8.h", "label": 0, "features": [ 30, 50, 5, 68 ], "cvss": 7.8, "cve_description": "Bash SUID privilege escalation", "file_language": "C", "file_component": "restore", "is_test_file": false }, { "cveId": "CVE-2019-18276", "repo": "bash/suid", "file": "security/buffer9.h", "label": 0, "features": [ 5, 14, 0, 43 ], "cvss": 7.8, "cve_description": "Bash SUID privilege escalation", "file_language": "C", "file_component": "suid", "is_test_file": false }, { "cveId": "CVE-2019-18276", "repo": "bash/suid", "file": "middleware/restore10.mjs", "label": 0, "features": [ 2, 12, 7, 58 ], "cvss": 7.8, "cve_description": "Bash SUID privilege escalation", "file_language": "JavaScript", "file_component": "suid", "is_test_file": false }, { "cveId": "CVE-2019-18276", "repo": "bash/suid", "file": "core/Response11.php", "label": 0, "features": [ 1, 39, 4, 22 ], "cvss": 7.8, "cve_description": "Bash SUID privilege escalation", "file_language": "PHP", "file_component": "restore", "is_test_file": false }, { "cveId": "CVE-2019-18276", "repo": "bash/suid", "file": "drivers/init12.c", "label": 0, "features": [ 22, 51, 0, 68 ], "cvss": 7.8, "cve_description": "Bash SUID privilege escalation", "file_language": "C", "file_component": "uid", "is_test_file": false }, { "cveId": "CVE-2019-18276", "repo": "bash/suid", "file": "fs/utils13.c", "label": 0, "features": [ 40, 36, 6, 35 ], "cvss": 7.8, "cve_description": "Bash SUID privilege escalation", "file_language": "C", "file_component": "bash", "is_test_file": false }, { "cveId": "CVE-2019-18276", "repo": "bash/suid", "file": "fs/restore14.h", "label": 1, "features": [ 62, 42, 6, 42 ], "cvss": 7.8, "cve_description": "Bash SUID privilege escalation", "file_language": "C", "file_component": "suid", "is_test_file": false }, { "cveId": "CVE-2019-18276", "repo": "bash/suid", "file": "network/client15.cc", "label": 0, "features": [ 1, 16, 4, 10 ], "cvss": 7.8, "cve_description": "Bash SUID privilege escalation", "file_language": "C++", "file_component": "restore", "is_test_file": false }, { "cveId": "CVE-2019-18276", "repo": "bash/suid", "file": "net/socket16.h", "label": 0, "features": [ 39, 37, 8, 31 ], "cvss": 7.8, "cve_description": "Bash SUID privilege escalation", "file_language": "C", "file_component": "bash", "is_test_file": false }, { "cveId": "CVE-2019-18276", "repo": "bash/suid", "file": "net/io17.h", "label": 0, "features": [ 11, 22, 8, 5 ], "cvss": 7.8, "cve_description": "Bash SUID privilege escalation", "file_language": "C", "file_component": "uid", "is_test_file": false }, { "cveId": "CVE-2019-18276", "repo": "bash/suid", "file": "src/uid18.js", "label": 1, "features": [ 31, 57, 10, 89 ], "cvss": 7.8, "cve_description": "Bash SUID privilege escalation", "file_language": "JavaScript", "file_component": "restore", "is_test_file": false }, { "cveId": "CVE-2020-10029", "repo": "glibc/trigonometric", "file": "mm/alloc.h", "label": 1, "features": [ 57, 74, 14, 90 ], "cvss": 5.5, "cve_description": "glibc trigonometric function stack corruption", "file_language": "C", "file_component": "sincos", "is_test_file": false }, { "cveId": "CVE-2020-10029", "repo": "glibc/trigonometric", "file": "drivers/stack1.h", "label": 0, "features": [ 13, 39, 2, 49 ], "cvss": 5.5, "cve_description": "glibc trigonometric function stack corruption", "file_language": "C", "file_component": "sincos", "is_test_file": false }, { "cveId": "CVE-2020-10029", "repo": "glibc/trigonometric", "file": "crypto/sincos2.h", "label": 0, "features": [ 19, 23, 5, 57 ], "cvss": 5.5, "cve_description": "glibc trigonometric function stack corruption", "file_language": "C", "file_component": "glibc", "is_test_file": false }, { "cveId": "CVE-2020-10029", "repo": "glibc/trigonometric", "file": "mm/config3.h", "label": 1, "features": [ 17, 88, 11, 92 ], "cvss": 5.5, "cve_description": "glibc trigonometric function stack corruption", "file_language": "C", "file_component": "trig", "is_test_file": false }, { "cveId": "CVE-2020-10029", "repo": "glibc/trigonometric", "file": "security/trig4.c", "label": 0, "features": [ 13, 12, 4, 22 ], "cvss": 5.5, "cve_description": "glibc trigonometric function stack corruption", "file_language": "C", "file_component": "trig", "is_test_file": false }, { "cveId": "CVE-2020-10029", "repo": "glibc/trigonometric", "file": "internal/middleware5.go", "label": 0, "features": [ 17, 25, 5, 13 ], "cvss": 5.5, "cve_description": "glibc trigonometric function stack corruption", "file_language": "Go", "file_component": "stack", "is_test_file": false }, { "cveId": "CVE-2020-10029", "repo": "glibc/trigonometric", "file": "fs/stack6.h", "label": 0, "features": [ 31, 53, 7, 36 ], "cvss": 5.5, "cve_description": "glibc trigonometric function stack corruption", "file_language": "C", "file_component": "sincos", "is_test_file": false }, { "cveId": "CVE-2020-10029", "repo": "glibc/trigonometric", "file": "security/init7.c", "label": 0, "features": [ 21, 53, 7, 22 ], "cvss": 5.5, "cve_description": "glibc trigonometric function stack corruption", "file_language": "C", "file_component": "trig", "is_test_file": false }, { "cveId": "CVE-2020-10029", "repo": "glibc/trigonometric", "file": "security/io8.c", "label": 0, "features": [ 39, 19, 2, 64 ], "cvss": 5.5, "cve_description": "glibc trigonometric function stack corruption", "file_language": "C", "file_component": "stack", "is_test_file": false }, { "cveId": "CVE-2020-10029", "repo": "glibc/trigonometric", "file": "src/stack9.c", "label": 0, "features": [ 5, 28, 0, 49 ], "cvss": 5.5, "cve_description": "glibc trigonometric function stack corruption", "file_language": "C", "file_component": "stack", "is_test_file": false }, { "cveId": "CVE-2020-10029", "repo": "glibc/trigonometric", "file": "web/trig10.java", "label": 0, "features": [ 20, 13, 4, 8 ], "cvss": 5.5, "cve_description": "glibc trigonometric function stack corruption", "file_language": "Java", "file_component": "stack", "is_test_file": false }, { "cveId": "CVE-2020-10029", "repo": "glibc/trigonometric", "file": "crypto/handler11.h", "label": 1, "features": [ 37, 69, 18, 44 ], "cvss": 5.5, "cve_description": "glibc trigonometric function stack corruption", "file_language": "C", "file_component": "stack", "is_test_file": false }, { "cveId": "CVE-2020-10029", "repo": "glibc/trigonometric", "file": "service/glibc12.java", "label": 0, "features": [ 26, 60, 8, 60 ], "cvss": 5.5, "cve_description": "glibc trigonometric function stack corruption", "file_language": "Java", "file_component": "trig", "is_test_file": false }, { "cveId": "CVE-2020-10029", "repo": "glibc/trigonometric", "file": "kernel/buffer13.c", "label": 0, "features": [ 38, 46, 8, 3 ], "cvss": 5.5, "cve_description": "glibc trigonometric function stack corruption", "file_language": "C", "file_component": "stack", "is_test_file": false }, { "cveId": "CVE-2020-10029", "repo": "glibc/trigonometric", "file": "security/stack14.h", "label": 0, "features": [ 27, 55, 1, 13 ], "cvss": 5.5, "cve_description": "glibc trigonometric function stack corruption", "file_language": "C", "file_component": "sincos", "is_test_file": false }, { "cveId": "CVE-2021-29921", "repo": "python/ipaddress", "file": "middleware/octet.py", "label": 0, "features": [ 4, 34, 7, 31 ], "cvss": 9.8, "cve_description": "Python ipaddress module improper input validation", "file_language": "Python", "file_component": "validate", "is_test_file": false }, { "cveId": "CVE-2021-29921", "repo": "python/ipaddress", "file": "core/admin1.py", "label": 1, "features": [ 91, 42, 26, 47 ], "cvss": 9.8, "cve_description": "Python ipaddress module improper input validation", "file_language": "Python", "file_component": "parse", "is_test_file": false }, { "cveId": "CVE-2021-29921", "repo": "python/ipaddress", "file": "core/validate2.py", "label": 1, "features": [ 87, 80, 11, 90 ], "cvss": 9.8, "cve_description": "Python ipaddress module improper input validation", "file_language": "Python", "file_component": "validate", "is_test_file": false }, { "cveId": "CVE-2021-29921", "repo": "python/ipaddress", "file": "handlers/serializers3.py", "label": 0, "features": [ 24, 21, 3, 3 ], "cvss": 9.8, "cve_description": "Python ipaddress module improper input validation", "file_language": "Python", "file_component": "validate", "is_test_file": false }, { "cveId": "CVE-2021-29921", "repo": "python/ipaddress", "file": "utils/parse4.py", "label": 0, "features": [ 30, 44, 2, 44 ], "cvss": 9.8, "cve_description": "Python ipaddress module improper input validation", "file_language": "Python", "file_component": "validate", "is_test_file": false }, { "cveId": "CVE-2021-29921", "repo": "python/ipaddress", "file": "utils/utils5.py", "label": 0, "features": [ 31, 46, 2, 67 ], "cvss": 9.8, "cve_description": "Python ipaddress module improper input validation", "file_language": "Python", "file_component": "octet", "is_test_file": false }, { "cveId": "CVE-2021-29921", "repo": "python/ipaddress", "file": "src/validate6.py", "label": 0, "features": [ 14, 14, 4, 15 ], "cvss": 9.8, "cve_description": "Python ipaddress module improper input validation", "file_language": "Python", "file_component": "parse", "is_test_file": false }, { "cveId": "CVE-2021-29921", "repo": "python/ipaddress", "file": "utils/views7.py", "label": 1, "features": [ 61, 82, 3, 81 ], "cvss": 9.8, "cve_description": "Python ipaddress module improper input validation", "file_language": "Python", "file_component": "parse", "is_test_file": false }, { "cveId": "CVE-2021-29921", "repo": "python/ipaddress", "file": "engine/processor8.cpp", "label": 0, "features": [ 3, 33, 8, 31 ], "cvss": 9.8, "cve_description": "Python ipaddress module improper input validation", "file_language": "C++", "file_component": "octet", "is_test_file": false }, { "cveId": "CVE-2017-9805", "repo": "apache/struts", "file": "controller/rest.java", "label": 0, "features": [ 4, 13, 8, 38 ], "cvss": 8.1, "cve_description": "Apache Struts REST plugin XStream deserialization RCE", "file_language": "Java", "file_component": "struts", "is_test_file": false }, { "cveId": "CVE-2017-9805", "repo": "apache/struts", "file": "service/struts1.java", "label": 0, "features": [ 12, 35, 1, 56 ], "cvss": 8.1, "cve_description": "Apache Struts REST plugin XStream deserialization RCE", "file_language": "Java", "file_component": "deserialize", "is_test_file": true }, { "cveId": "CVE-2017-9805", "repo": "apache/struts", "file": "controller/Filter2.java", "label": 1, "features": [ 89, 67, 29, 44 ], "cvss": 8.1, "cve_description": "Apache Struts REST plugin XStream deserialization RCE", "file_language": "Java", "file_component": "rest", "is_test_file": false }, { "cveId": "CVE-2017-9805", "repo": "apache/struts", "file": "controller/Serializer3.java", "label": 1, "features": [ 47, 88, 15, 64 ], "cvss": 8.1, "cve_description": "Apache Struts REST plugin XStream deserialization RCE", "file_language": "Java", "file_component": "rest", "is_test_file": false }, { "cveId": "CVE-2017-9805", "repo": "apache/struts", "file": "controller/rest4.java", "label": 0, "features": [ 21, 22, 8, 64 ], "cvss": 8.1, "cve_description": "Apache Struts REST plugin XStream deserialization RCE", "file_language": "Java", "file_component": "deserialize", "is_test_file": false }, { "cveId": "CVE-2017-9805", "repo": "apache/struts", "file": "service/Controller5.java", "label": 0, "features": [ 32, 35, 7, 20 ], "cvss": 8.1, "cve_description": "Apache Struts REST plugin XStream deserialization RCE", "file_language": "Java", "file_component": "rest", "is_test_file": false }, { "cveId": "CVE-2017-9805", "repo": "apache/struts", "file": "routes/struts6.js", "label": 0, "features": [ 14, 18, 4, 64 ], "cvss": 8.1, "cve_description": "Apache Struts REST plugin XStream deserialization RCE", "file_language": "JavaScript", "file_component": "struts", "is_test_file": false }, { "cveId": "CVE-2017-9805", "repo": "apache/struts", "file": "models/concern7.rb", "label": 0, "features": [ 9, 25, 2, 24 ], "cvss": 8.1, "cve_description": "Apache Struts REST plugin XStream deserialization RCE", "file_language": "Ruby", "file_component": "struts", "is_test_file": false }, { "cveId": "CVE-2017-9805", "repo": "apache/struts", "file": "web/Interceptor8.java", "label": 0, "features": [ 26, 54, 4, 29 ], "cvss": 8.1, "cve_description": "Apache Struts REST plugin XStream deserialization RCE", "file_language": "Java", "file_component": "rest", "is_test_file": false }, { "cveId": "CVE-2017-9805", "repo": "apache/struts", "file": "web/xstream9.java", "label": 0, "features": [ 20, 33, 4, 54 ], "cvss": 8.1, "cve_description": "Apache Struts REST plugin XStream deserialization RCE", "file_language": "Java", "file_component": "xstream", "is_test_file": false }, { "cveId": "CVE-2017-9805", "repo": "apache/struts", "file": "src/io10.h", "label": 0, "features": [ 8, 34, 4, 2 ], "cvss": 8.1, "cve_description": "Apache Struts REST plugin XStream deserialization RCE", "file_language": "C", "file_component": "deserialize", "is_test_file": false }, { "cveId": "CVE-2017-9805", "repo": "apache/struts", "file": "web/deserialize11.java", "label": 1, "features": [ 63, 60, 19, 55 ], "cvss": 8.1, "cve_description": "Apache Struts REST plugin XStream deserialization RCE", "file_language": "Java", "file_component": "xstream", "is_test_file": false }, { "cveId": "CVE-2018-7600", "repo": "drupal/remote", "file": "classes/Form.php", "label": 0, "features": [ 24, 49, 7, 31 ], "cvss": 9.8, "cve_description": "Drupalgeddon2 - Drupal remote code execution", "file_language": "PHP", "file_component": "element", "is_test_file": true }, { "cveId": "CVE-2018-7600", "repo": "drupal/remote", "file": "src/Model1.php", "label": 1, "features": [ 50, 74, 13, 86 ], "cvss": 9.8, "cve_description": "Drupalgeddon2 - Drupal remote code execution", "file_language": "PHP", "file_component": "element", "is_test_file": false }, { "cveId": "CVE-2018-7600", "repo": "drupal/remote", "file": "classes/Model2.php", "label": 0, "features": [ 26, 57, 2, 19 ], "cvss": 9.8, "cve_description": "Drupalgeddon2 - Drupal remote code execution", "file_language": "PHP", "file_component": "form", "is_test_file": false }, { "cveId": "CVE-2018-7600", "repo": "drupal/remote", "file": "core/Auth3.php", "label": 0, "features": [ 16, 40, 8, 37 ], "cvss": 9.8, "cve_description": "Drupalgeddon2 - Drupal remote code execution", "file_language": "PHP", "file_component": "drupal", "is_test_file": false }, { "cveId": "CVE-2018-7600", "repo": "drupal/remote", "file": "classes/Response4.php", "label": 1, "features": [ 72, 87, 30, 57 ], "cvss": 9.8, "cve_description": "Drupalgeddon2 - Drupal remote code execution", "file_language": "PHP", "file_component": "drupal", "is_test_file": false }, { "cveId": "CVE-2018-7600", "repo": "drupal/remote", "file": "app/Response5.php", "label": 0, "features": [ 16, 21, 0, 17 ], "cvss": 9.8, "cve_description": "Drupalgeddon2 - Drupal remote code execution", "file_language": "PHP", "file_component": "element", "is_test_file": false }, { "cveId": "CVE-2018-7600", "repo": "drupal/remote", "file": "core/Controller6.php", "label": 0, "features": [ 32, 28, 0, 55 ], "cvss": 9.8, "cve_description": "Drupalgeddon2 - Drupal remote code execution", "file_language": "PHP", "file_component": "element", "is_test_file": false }, { "cveId": "CVE-2018-7600", "repo": "drupal/remote", "file": "app/Response7.php", "label": 1, "features": [ 87, 45, 19, 44 ], "cvss": 9.8, "cve_description": "Drupalgeddon2 - Drupal remote code execution", "file_language": "PHP", "file_component": "element", "is_test_file": false }, { "cveId": "CVE-2018-7600", "repo": "drupal/remote", "file": "engine/client8.hpp", "label": 0, "features": [ 27, 57, 4, 59 ], "cvss": 9.8, "cve_description": "Drupalgeddon2 - Drupal remote code execution", "file_language": "C++", "file_component": "element", "is_test_file": false }, { "cveId": "CVE-2018-7600", "repo": "drupal/remote", "file": "src/main/java/Service9.java", "label": 0, "features": [ 27, 6, 6, 37 ], "cvss": 9.8, "cve_description": "Drupalgeddon2 - Drupal remote code execution", "file_language": "Java", "file_component": "render", "is_test_file": false }, { "cveId": "CVE-2018-7600", "repo": "drupal/remote", "file": "net/form10.h", "label": 0, "features": [ 37, 48, 5, 68 ], "cvss": 9.8, "cve_description": "Drupalgeddon2 - Drupal remote code execution", "file_language": "C", "file_component": "drupal", "is_test_file": true }, { "cveId": "CVE-2019-2725", "repo": "oracle/weblogic", "file": "controller/Interceptor.java", "label": 0, "features": [ 34, 27, 1, 41 ], "cvss": 9.8, "cve_description": "Oracle WebLogic deserialization RCE", "file_language": "Java", "file_component": "weblogic", "is_test_file": false }, { "cveId": "CVE-2019-2725", "repo": "oracle/weblogic", "file": "core/serializers1.py", "label": 0, "features": [ 14, 18, 5, 3 ], "cvss": 9.8, "cve_description": "Oracle WebLogic deserialization RCE", "file_language": "Python", "file_component": "wls", "is_test_file": false }, { "cveId": "CVE-2019-2725", "repo": "oracle/weblogic", "file": "controllers/application2.rb", "label": 1, "features": [ 41, 64, 3, 87 ], "cvss": 9.8, "cve_description": "Oracle WebLogic deserialization RCE", "file_language": "Ruby", "file_component": "weblogic", "is_test_file": false }, { "cveId": "CVE-2019-2725", "repo": "oracle/weblogic", "file": "controller/wls3.java", "label": 0, "features": [ 32, 42, 8, 15 ], "cvss": 9.8, "cve_description": "Oracle WebLogic deserialization RCE", "file_language": "Java", "file_component": "t3", "is_test_file": false }, { "cveId": "CVE-2019-2725", "repo": "oracle/weblogic", "file": "security/Interceptor4.java", "label": 1, "features": [ 55, 66, 8, 56 ], "cvss": 9.8, "cve_description": "Oracle WebLogic deserialization RCE", "file_language": "Java", "file_component": "t3", "is_test_file": false }, { "cveId": "CVE-2019-2725", "repo": "oracle/weblogic", "file": "app/t35.php", "label": 0, "features": [ 26, 30, 1, 45 ], "cvss": 9.8, "cve_description": "Oracle WebLogic deserialization RCE", "file_language": "PHP", "file_component": "t3", "is_test_file": false }, { "cveId": "CVE-2019-2725", "repo": "oracle/weblogic", "file": "service/weblogic6.java", "label": 1, "features": [ 64, 96, 17, 32 ], "cvss": 9.8, "cve_description": "Oracle WebLogic deserialization RCE", "file_language": "Java", "file_component": "weblogic", "is_test_file": false }, { "cveId": "CVE-2019-2725", "repo": "oracle/weblogic", "file": "src/main/java/weblogic7.java", "label": 0, "features": [ 8, 38, 2, 17 ], "cvss": 9.8, "cve_description": "Oracle WebLogic deserialization RCE", "file_language": "Java", "file_component": "deserialize", "is_test_file": false }, { "cveId": "CVE-2019-2725", "repo": "oracle/weblogic", "file": "kernel/config8.h", "label": 0, "features": [ 26, 16, 2, 66 ], "cvss": 9.8, "cve_description": "Oracle WebLogic deserialization RCE", "file_language": "C", "file_component": "wls", "is_test_file": false }, { "cveId": "CVE-2019-2725", "repo": "oracle/weblogic", "file": "src/main/java/wls9.java", "label": 0, "features": [ 19, 30, 5, 33 ], "cvss": 9.8, "cve_description": "Oracle WebLogic deserialization RCE", "file_language": "Java", "file_component": "deserialize", "is_test_file": false }, { "cveId": "CVE-2019-2725", "repo": "oracle/weblogic", "file": "web/wls10.java", "label": 0, "features": [ 26, 7, 8, 48 ], "cvss": 9.8, "cve_description": "Oracle WebLogic deserialization RCE", "file_language": "Java", "file_component": "weblogic", "is_test_file": false }, { "cveId": "CVE-2019-2725", "repo": "oracle/weblogic", "file": "src/main/java/Controller11.java", "label": 1, "features": [ 26, 66, 4, 44 ], "cvss": 9.8, "cve_description": "Oracle WebLogic deserialization RCE", "file_language": "Java", "file_component": "wls", "is_test_file": false }, { "cveId": "CVE-2019-2725", "repo": "oracle/weblogic", "file": "util/weblogic12.java", "label": 1, "features": [ 54, 70, 17, 62 ], "cvss": 9.8, "cve_description": "Oracle WebLogic deserialization RCE", "file_language": "Java", "file_component": "t3", "is_test_file": false }, { "cveId": "CVE-2019-2725", "repo": "oracle/weblogic", "file": "controller/Validator13.java", "label": 0, "features": [ 36, 17, 2, 28 ], "cvss": 9.8, "cve_description": "Oracle WebLogic deserialization RCE", "file_language": "Java", "file_component": "deserialize", "is_test_file": false }, { "cveId": "CVE-2019-2725", "repo": "oracle/weblogic", "file": "security/Controller14.java", "label": 0, "features": [ 18, 44, 1, 31 ], "cvss": 9.8, "cve_description": "Oracle WebLogic deserialization RCE", "file_language": "Java", "file_component": "wls", "is_test_file": false }, { "cveId": "CVE-2019-2725", "repo": "oracle/weblogic", "file": "web/Validator15.java", "label": 0, "features": [ 33, 38, 4, 16 ], "cvss": 9.8, "cve_description": "Oracle WebLogic deserialization RCE", "file_language": "Java", "file_component": "deserialize", "is_test_file": false }, { "cveId": "CVE-2019-2725", "repo": "oracle/weblogic", "file": "controller/Validator16.java", "label": 0, "features": [ 24, 45, 0, 25 ], "cvss": 9.8, "cve_description": "Oracle WebLogic deserialization RCE", "file_language": "Java", "file_component": "wls", "is_test_file": false }, { "cveId": "CVE-2019-2725", "repo": "oracle/weblogic", "file": "util/deserialize17.java", "label": 0, "features": [ 0, 41, 7, 61 ], "cvss": 9.8, "cve_description": "Oracle WebLogic deserialization RCE", "file_language": "Java", "file_component": "weblogic", "is_test_file": false }, { "cveId": "CVE-2019-2725", "repo": "oracle/weblogic", "file": "service/Service18.java", "label": 1, "features": [ 84, 68, 5, 65 ], "cvss": 9.8, "cve_description": "Oracle WebLogic deserialization RCE", "file_language": "Java", "file_component": "t3", "is_test_file": false }, { "cveId": "CVE-2020-2551", "repo": "oracle/weblogic", "file": "security/Controller.java", "label": 0, "features": [ 16, 9, 5, 54 ], "cvss": 9.8, "cve_description": "Oracle WebLogic IIOP deserialization RCE", "file_language": "Java", "file_component": "marshal", "is_test_file": false }, { "cveId": "CVE-2020-2551", "repo": "oracle/weblogic", "file": "core/corba1.java", "label": 0, "features": [ 8, 60, 5, 39 ], "cvss": 9.8, "cve_description": "Oracle WebLogic IIOP deserialization RCE", "file_language": "Java", "file_component": "weblogic", "is_test_file": false }, { "cveId": "CVE-2020-2551", "repo": "oracle/weblogic", "file": "util/iiop2.java", "label": 1, "features": [ 33, 93, 23, 58 ], "cvss": 9.8, "cve_description": "Oracle WebLogic IIOP deserialization RCE", "file_language": "Java", "file_component": "weblogic", "is_test_file": false }, { "cveId": "CVE-2020-2551", "repo": "oracle/weblogic", "file": "controller/Interceptor3.java", "label": 0, "features": [ 33, 38, 0, 68 ], "cvss": 9.8, "cve_description": "Oracle WebLogic IIOP deserialization RCE", "file_language": "Java", "file_component": "corba", "is_test_file": false }, { "cveId": "CVE-2020-2551", "repo": "oracle/weblogic", "file": "web/Service4.java", "label": 1, "features": [ 94, 54, 28, 49 ], "cvss": 9.8, "cve_description": "Oracle WebLogic IIOP deserialization RCE", "file_language": "Java", "file_component": "iiop", "is_test_file": false }, { "cveId": "CVE-2020-2551", "repo": "oracle/weblogic", "file": "internal/marshal5.go", "label": 1, "features": [ 75, 69, 12, 47 ], "cvss": 9.8, "cve_description": "Oracle WebLogic IIOP deserialization RCE", "file_language": "Go", "file_component": "iiop", "is_test_file": false }, { "cveId": "CVE-2020-2551", "repo": "oracle/weblogic", "file": "web/weblogic6.java", "label": 0, "features": [ 3, 53, 6, 17 ], "cvss": 9.8, "cve_description": "Oracle WebLogic IIOP deserialization RCE", "file_language": "Java", "file_component": "weblogic", "is_test_file": false }, { "cveId": "CVE-2020-2551", "repo": "oracle/weblogic", "file": "middleware/iiop7.py", "label": 0, "features": [ 15, 58, 5, 9 ], "cvss": 9.8, "cve_description": "Oracle WebLogic IIOP deserialization RCE", "file_language": "Python", "file_component": "marshal", "is_test_file": false }, { "cveId": "CVE-2020-2551", "repo": "oracle/weblogic", "file": "src/main/java/iiop8.java", "label": 0, "features": [ 17, 53, 5, 1 ], "cvss": 9.8, "cve_description": "Oracle WebLogic IIOP deserialization RCE", "file_language": "Java", "file_component": "marshal", "is_test_file": false }, { "cveId": "CVE-2020-2551", "repo": "oracle/weblogic", "file": "util/marshal9.java", "label": 0, "features": [ 19, 57, 1, 69 ], "cvss": 9.8, "cve_description": "Oracle WebLogic IIOP deserialization RCE", "file_language": "Java", "file_component": "weblogic", "is_test_file": false }, { "cveId": "CVE-2020-2551", "repo": "oracle/weblogic", "file": "util/Validator10.java", "label": 0, "features": [ 2, 29, 4, 14 ], "cvss": 9.8, "cve_description": "Oracle WebLogic IIOP deserialization RCE", "file_language": "Java", "file_component": "weblogic", "is_test_file": false }, { "cveId": "CVE-2020-2551", "repo": "oracle/weblogic", "file": "security/Validator11.java", "label": 0, "features": [ 14, 38, 1, 11 ], "cvss": 9.8, "cve_description": "Oracle WebLogic IIOP deserialization RCE", "file_language": "Java", "file_component": "iiop", "is_test_file": false }, { "cveId": "CVE-2020-2551", "repo": "oracle/weblogic", "file": "core/Serializer12.java", "label": 0, "features": [ 27, 31, 0, 13 ], "cvss": 9.8, "cve_description": "Oracle WebLogic IIOP deserialization RCE", "file_language": "Java", "file_component": "corba", "is_test_file": false }, { "cveId": "CVE-2020-2551", "repo": "oracle/weblogic", "file": "web/Validator13.java", "label": 0, "features": [ 16, 27, 1, 1 ], "cvss": 9.8, "cve_description": "Oracle WebLogic IIOP deserialization RCE", "file_language": "Java", "file_component": "corba", "is_test_file": false }, { "cveId": "CVE-2020-2551", "repo": "oracle/weblogic", "file": "lib/marshal14.py", "label": 1, "features": [ 86, 78, 28, 78 ], "cvss": 9.8, "cve_description": "Oracle WebLogic IIOP deserialization RCE", "file_language": "Python", "file_component": "marshal", "is_test_file": false }, { "cveId": "CVE-2021-21972", "repo": "vmware/vcenter", "file": "utils/handlers.py", "label": 0, "features": [ 2, 27, 7, 58 ], "cvss": 9.8, "cve_description": "VMware vCenter RCE via file upload", "file_language": "Python", "file_component": "vsphere", "is_test_file": true }, { "cveId": "CVE-2021-21972", "repo": "vmware/vcenter", "file": "util/Serializer1.java", "label": 0, "features": [ 1, 18, 2, 3 ], "cvss": 9.8, "cve_description": "VMware vCenter RCE via file upload", "file_language": "Java", "file_component": "plugin", "is_test_file": false }, { "cveId": "CVE-2021-21972", "repo": "vmware/vcenter", "file": "service/Serializer2.java", "label": 0, "features": [ 16, 27, 5, 45 ], "cvss": 9.8, "cve_description": "VMware vCenter RCE via file upload", "file_language": "Java", "file_component": "vsphere", "is_test_file": false }, { "cveId": "CVE-2021-21972", "repo": "vmware/vcenter", "file": "util/Controller3.java", "label": 1, "features": [ 48, 89, 27, 50 ], "cvss": 9.8, "cve_description": "VMware vCenter RCE via file upload", "file_language": "Java", "file_component": "plugin", "is_test_file": false }, { "cveId": "CVE-2021-21972", "repo": "vmware/vcenter", "file": "app/Helper4.php", "label": 0, "features": [ 21, 27, 8, 29 ], "cvss": 9.8, "cve_description": "VMware vCenter RCE via file upload", "file_language": "PHP", "file_component": "plugin", "is_test_file": false }, { "cveId": "CVE-2021-21972", "repo": "vmware/vcenter", "file": "security/Filter5.java", "label": 0, "features": [ 40, 16, 6, 25 ], "cvss": 9.8, "cve_description": "VMware vCenter RCE via file upload", "file_language": "Java", "file_component": "vcenter", "is_test_file": false }, { "cveId": "CVE-2021-21972", "repo": "vmware/vcenter", "file": "core/Response6.php", "label": 0, "features": [ 20, 6, 1, 24 ], "cvss": 9.8, "cve_description": "VMware vCenter RCE via file upload", "file_language": "PHP", "file_component": "vsphere", "is_test_file": false }, { "cveId": "CVE-2021-21972", "repo": "vmware/vcenter", "file": "routes/plugin7.js", "label": 0, "features": [ 16, 14, 5, 68 ], "cvss": 9.8, "cve_description": "VMware vCenter RCE via file upload", "file_language": "JavaScript", "file_component": "upload", "is_test_file": false }, { "cveId": "CVE-2021-21972", "repo": "vmware/vcenter", "file": "src/main/java/Serializer8.java", "label": 0, "features": [ 5, 25, 3, 56 ], "cvss": 9.8, "cve_description": "VMware vCenter RCE via file upload", "file_language": "Java", "file_component": "plugin", "is_test_file": false }, { "cveId": "CVE-2021-21972", "repo": "vmware/vcenter", "file": "security/Handler9.java", "label": 1, "features": [ 43, 55, 30, 58 ], "cvss": 9.8, "cve_description": "VMware vCenter RCE via file upload", "file_language": "Java", "file_component": "upload", "is_test_file": false }, { "cveId": "CVE-2021-21972", "repo": "vmware/vcenter", "file": "web/Service10.java", "label": 0, "features": [ 30, 58, 7, 53 ], "cvss": 9.8, "cve_description": "VMware vCenter RCE via file upload", "file_language": "Java", "file_component": "vcenter", "is_test_file": false }, { "cveId": "CVE-2021-21972", "repo": "vmware/vcenter", "file": "lib/handlers11.py", "label": 0, "features": [ 23, 56, 4, 55 ], "cvss": 9.8, "cve_description": "VMware vCenter RCE via file upload", "file_language": "Python", "file_component": "plugin", "is_test_file": false }, { "cveId": "CVE-2021-21972", "repo": "vmware/vcenter", "file": "utils/utils12.py", "label": 0, "features": [ 8, 25, 3, 68 ], "cvss": 9.8, "cve_description": "VMware vCenter RCE via file upload", "file_language": "Python", "file_component": "vsphere", "is_test_file": false }, { "cveId": "CVE-2021-21972", "repo": "vmware/vcenter", "file": "controller/Handler13.java", "label": 0, "features": [ 38, 19, 5, 70 ], "cvss": 9.8, "cve_description": "VMware vCenter RCE via file upload", "file_language": "Java", "file_component": "plugin", "is_test_file": false }, { "cveId": "CVE-2021-21972", "repo": "vmware/vcenter", "file": "controller/Serializer14.java", "label": 0, "features": [ 28, 36, 6, 8 ], "cvss": 9.8, "cve_description": "VMware vCenter RCE via file upload", "file_language": "Java", "file_component": "vsphere", "is_test_file": false }, { "cveId": "CVE-2021-21972", "repo": "vmware/vcenter", "file": "controller/Validator15.java", "label": 0, "features": [ 30, 60, 2, 8 ], "cvss": 9.8, "cve_description": "VMware vCenter RCE via file upload", "file_language": "Java", "file_component": "plugin", "is_test_file": false }, { "cveId": "CVE-2021-21972", "repo": "vmware/vcenter", "file": "controller/Handler16.java", "label": 1, "features": [ 77, 67, 24, 47 ], "cvss": 9.8, "cve_description": "VMware vCenter RCE via file upload", "file_language": "Java", "file_component": "vsphere", "is_test_file": false }, { "cveId": "CVE-2019-17558", "repo": "apache/solr", "file": "core/Serializer.java", "label": 0, "features": [ 39, 8, 5, 15 ], "cvss": 8.8, "cve_description": "Apache Solr Velocity template injection SSRF", "file_language": "Java", "file_component": "config", "is_test_file": false }, { "cveId": "CVE-2019-17558", "repo": "apache/solr", "file": "controller/Filter1.java", "label": 0, "features": [ 15, 43, 2, 23 ], "cvss": 8.8, "cve_description": "Apache Solr Velocity template injection SSRF", "file_language": "Java", "file_component": "solr", "is_test_file": false }, { "cveId": "CVE-2019-17558", "repo": "apache/solr", "file": "src/manager2.h", "label": 0, "features": [ 24, 56, 6, 48 ], "cvss": 8.8, "cve_description": "Apache Solr Velocity template injection SSRF", "file_language": "C++", "file_component": "template", "is_test_file": true }, { "cveId": "CVE-2019-17558", "repo": "apache/solr", "file": "core/config3.java", "label": 0, "features": [ 16, 36, 1, 23 ], "cvss": 8.8, "cve_description": "Apache Solr Velocity template injection SSRF", "file_language": "Java", "file_component": "template", "is_test_file": false }, { "cveId": "CVE-2019-17558", "repo": "apache/solr", "file": "security/solr4.java", "label": 0, "features": [ 33, 21, 0, 7 ], "cvss": 8.8, "cve_description": "Apache Solr Velocity template injection SSRF", "file_language": "Java", "file_component": "template", "is_test_file": false }, { "cveId": "CVE-2019-17558", "repo": "apache/solr", "file": "src/main/java/Service5.java", "label": 0, "features": [ 33, 5, 0, 41 ], "cvss": 8.8, "cve_description": "Apache Solr Velocity template injection SSRF", "file_language": "Java", "file_component": "template", "is_test_file": false }, { "cveId": "CVE-2019-17558", "repo": "apache/solr", "file": "util/config6.java", "label": 0, "features": [ 11, 39, 3, 44 ], "cvss": 8.8, "cve_description": "Apache Solr Velocity template injection SSRF", "file_language": "Java", "file_component": "template", "is_test_file": false }, { "cveId": "CVE-2019-17558", "repo": "apache/solr", "file": "controller/Handler7.java", "label": 0, "features": [ 11, 37, 2, 56 ], "cvss": 8.8, "cve_description": "Apache Solr Velocity template injection SSRF", "file_language": "Java", "file_component": "velocity", "is_test_file": true }, { "cveId": "CVE-2019-17558", "repo": "apache/solr", "file": "util/velocity8.java", "label": 1, "features": [ 90, 73, 7, 42 ], "cvss": 8.8, "cve_description": "Apache Solr Velocity template injection SSRF", "file_language": "Java", "file_component": "solr", "is_test_file": false }, { "cveId": "CVE-2019-17558", "repo": "apache/solr", "file": "service/Validator9.java", "label": 1, "features": [ 29, 82, 19, 38 ], "cvss": 8.8, "cve_description": "Apache Solr Velocity template injection SSRF", "file_language": "Java", "file_component": "template", "is_test_file": false }, { "cveId": "CVE-2019-17558", "repo": "apache/solr", "file": "util/Filter10.java", "label": 0, "features": [ 2, 27, 0, 61 ], "cvss": 8.8, "cve_description": "Apache Solr Velocity template injection SSRF", "file_language": "Java", "file_component": "velocity", "is_test_file": false }, { "cveId": "CVE-2019-17558", "repo": "apache/solr", "file": "network/client11.cc", "label": 1, "features": [ 87, 76, 24, 98 ], "cvss": 8.8, "cve_description": "Apache Solr Velocity template injection SSRF", "file_language": "C++", "file_component": "solr", "is_test_file": false }, { "cveId": "CVE-2019-17558", "repo": "apache/solr", "file": "core/serializers12.py", "label": 0, "features": [ 18, 45, 6, 51 ], "cvss": 8.8, "cve_description": "Apache Solr Velocity template injection SSRF", "file_language": "Python", "file_component": "template", "is_test_file": false }, { "cveId": "CVE-2019-17558", "repo": "apache/solr", "file": "service/Controller13.java", "label": 0, "features": [ 39, 29, 4, 63 ], "cvss": 8.8, "cve_description": "Apache Solr Velocity template injection SSRF", "file_language": "Java", "file_component": "solr", "is_test_file": false }, { "cveId": "CVE-2019-17558", "repo": "apache/solr", "file": "net/utils14.h", "label": 1, "features": [ 88, 74, 7, 70 ], "cvss": 8.8, "cve_description": "Apache Solr Velocity template injection SSRF", "file_language": "C", "file_component": "solr", "is_test_file": false }, { "cveId": "CVE-2019-17558", "repo": "apache/solr", "file": "web/solr15.java", "label": 0, "features": [ 27, 52, 8, 67 ], "cvss": 8.8, "cve_description": "Apache Solr Velocity template injection SSRF", "file_language": "Java", "file_component": "solr", "is_test_file": false }, { "cveId": "CVE-2019-17558", "repo": "apache/solr", "file": "core/Controller16.java", "label": 0, "features": [ 14, 50, 5, 9 ], "cvss": 8.8, "cve_description": "Apache Solr Velocity template injection SSRF", "file_language": "Java", "file_component": "solr", "is_test_file": false }, { "cveId": "CVE-2020-17530", "repo": "apache/struts", "file": "web/Controller.java", "label": 1, "features": [ 57, 51, 14, 59 ], "cvss": 9.8, "cve_description": "Apache Struts OGNL injection via tag attributes", "file_language": "Java", "file_component": "struts", "is_test_file": false }, { "cveId": "CVE-2020-17530", "repo": "apache/struts", "file": "core/socket1.c", "label": 0, "features": [ 16, 32, 4, 26 ], "cvss": 9.8, "cve_description": "Apache Struts OGNL injection via tag attributes", "file_language": "C", "file_component": "ognl", "is_test_file": false }, { "cveId": "CVE-2020-17530", "repo": "apache/struts", "file": "service/Validator2.java", "label": 0, "features": [ 26, 29, 4, 24 ], "cvss": 9.8, "cve_description": "Apache Struts OGNL injection via tag attributes", "file_language": "Java", "file_component": "tag", "is_test_file": false }, { "cveId": "CVE-2020-17530", "repo": "apache/struts", "file": "security/value3.java", "label": 0, "features": [ 8, 47, 3, 9 ], "cvss": 9.8, "cve_description": "Apache Struts OGNL injection via tag attributes", "file_language": "Java", "file_component": "struts", "is_test_file": false }, { "cveId": "CVE-2020-17530", "repo": "apache/struts", "file": "src/main/java/tag4.java", "label": 0, "features": [ 25, 23, 8, 36 ], "cvss": 9.8, "cve_description": "Apache Struts OGNL injection via tag attributes", "file_language": "Java", "file_component": "value", "is_test_file": false }, { "cveId": "CVE-2020-17530", "repo": "apache/struts", "file": "util/Controller5.java", "label": 0, "features": [ 12, 10, 8, 63 ], "cvss": 9.8, "cve_description": "Apache Struts OGNL injection via tag attributes", "file_language": "Java", "file_component": "struts", "is_test_file": false }, { "cveId": "CVE-2020-17530", "repo": "apache/struts", "file": "service/struts6.java", "label": 0, "features": [ 24, 16, 1, 8 ], "cvss": 9.8, "cve_description": "Apache Struts OGNL injection via tag attributes", "file_language": "Java", "file_component": "struts", "is_test_file": false }, { "cveId": "CVE-2020-17530", "repo": "apache/struts", "file": "security/Service7.java", "label": 0, "features": [ 2, 47, 8, 24 ], "cvss": 9.8, "cve_description": "Apache Struts OGNL injection via tag attributes", "file_language": "Java", "file_component": "value", "is_test_file": false }, { "cveId": "CVE-2020-17530", "repo": "apache/struts", "file": "core/config8.h", "label": 0, "features": [ 22, 34, 3, 7 ], "cvss": 9.8, "cve_description": "Apache Struts OGNL injection via tag attributes", "file_language": "C", "file_component": "struts", "is_test_file": false }, { "cveId": "CVE-2020-17530", "repo": "apache/struts", "file": "controller/ognl9.java", "label": 1, "features": [ 57, 82, 25, 86 ], "cvss": 9.8, "cve_description": "Apache Struts OGNL injection via tag attributes", "file_language": "Java", "file_component": "tag", "is_test_file": false }, { "cveId": "CVE-2020-17530", "repo": "apache/struts", "file": "controller/Interceptor10.java", "label": 1, "features": [ 33, 75, 12, 37 ], "cvss": 9.8, "cve_description": "Apache Struts OGNL injection via tag attributes", "file_language": "Java", "file_component": "ognl", "is_test_file": false }, { "cveId": "CVE-2021-21975", "repo": "vmware/vrealize", "file": "security/vrealize.java", "label": 0, "features": [ 14, 5, 6, 0 ], "cvss": 7.5, "cve_description": "VMware vRealize SSRF", "file_language": "Java", "file_component": "proxy", "is_test_file": false }, { "cveId": "CVE-2021-21975", "repo": "vmware/vrealize", "file": "network/request1.cpp", "label": 0, "features": [ 36, 46, 6, 36 ], "cvss": 7.5, "cve_description": "VMware vRealize SSRF", "file_language": "C++", "file_component": "proxy", "is_test_file": false }, { "cveId": "CVE-2021-21975", "repo": "vmware/vrealize", "file": "security/request2.java", "label": 0, "features": [ 30, 14, 7, 68 ], "cvss": 7.5, "cve_description": "VMware vRealize SSRF", "file_language": "Java", "file_component": "proxy", "is_test_file": false }, { "cveId": "CVE-2021-21975", "repo": "vmware/vrealize", "file": "security/Validator3.java", "label": 0, "features": [ 24, 21, 2, 47 ], "cvss": 7.5, "cve_description": "VMware vRealize SSRF", "file_language": "Java", "file_component": "url", "is_test_file": false }, { "cveId": "CVE-2021-21975", "repo": "vmware/vrealize", "file": "core/Controller4.java", "label": 1, "features": [ 84, 94, 9, 81 ], "cvss": 7.5, "cve_description": "VMware vRealize SSRF", "file_language": "Java", "file_component": "url", "is_test_file": false }, { "cveId": "CVE-2021-21975", "repo": "vmware/vrealize", "file": "service/Filter5.java", "label": 0, "features": [ 28, 33, 6, 59 ], "cvss": 7.5, "cve_description": "VMware vRealize SSRF", "file_language": "Java", "file_component": "proxy", "is_test_file": false }, { "cveId": "CVE-2021-21975", "repo": "vmware/vrealize", "file": "core/proxy6.java", "label": 1, "features": [ 87, 52, 29, 76 ], "cvss": 7.5, "cve_description": "VMware vRealize SSRF", "file_language": "Java", "file_component": "request", "is_test_file": false }, { "cveId": "CVE-2021-21975", "repo": "vmware/vrealize", "file": "web/proxy7.java", "label": 0, "features": [ 30, 11, 8, 57 ], "cvss": 7.5, "cve_description": "VMware vRealize SSRF", "file_language": "Java", "file_component": "request", "is_test_file": false } ]