Created
April 7, 2020 02:45
-
-
Save jcran/b0b17b73047529e0e4b438ac277f27ef to your computer and use it in GitHub Desktop.
example output from intrigue.io collection results api - vulnerabilities
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"success": true, | |
"message": "success", | |
"result": [ | |
{ | |
"name": "CVE-2019-11044", | |
"cve": "CVE-2019-11044", | |
"shortname": "Vulnerability in PHP", | |
"description": "In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 on Windows, PHP link() function accepts filenames with embedded \\0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access.", | |
"exploits": [], | |
"cwe": "NVD-CWE-Other", | |
"score": 2.9, | |
"cvss_v2_score": 2.9, | |
"cvss_v3_score": null, | |
"count": 136, | |
"affected": [ | |
"https://abc.acme.com:443" | |
] | |
}, | |
{ | |
"name": "CVE-2019-11047", | |
"cve": "CVE-2019-11047", | |
"shortname": "Out-of-bounds Read on PHP", | |
"description": "When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.", | |
"exploits": [], | |
"cwe": "CWE-125", | |
"score": 4.9, | |
"cvss_v2_score": 4.9, | |
"cvss_v3_score": null, | |
"count": 136, | |
"affected": [ | |
"https://abc.acme.com:443" | |
] | |
} | |
] | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment