Analysis

pypa · Jun 16, 2021 · e4035d8 · e4035d8
1 parent e191611
commit e4035d8
Show file tree

Hide file tree

Showing 12 changed files with 746 additions and 53 deletions.
diff --git a/vulns/django-anymail/PYSEC-2018-7.yaml b/vulns/django-anymail/PYSEC-2018-7.yaml
@@ -15,6 +15,33 @@ affects:
  fixed: c07998304b4a31df4c61deddcb03d3607a04691b
  - type: ECOSYSTEM
  fixed: 1.2.1
+ versions:
+ - '0.1'
+ - 0.1.dev0
+ - 0.1.dev1
+ - 0.1.dev2
+ - '0.10'
+ - '0.11'
+ - 0.11.1
+ - '0.2'
+ - '0.3'
+ - 0.3.1
+ - 0.4.1
+ - 0.4.2
+ - '0.5'
+ - '0.6'
+ - 0.6.1
+ - '0.7'
+ - '0.8'
+ - '0.9'
+ - '1.0'
+ - 1.0rc0
+ - '1.1'
+ - '1.2'
+aliases:
+- CVE-2018-6596
+modified: '2021-06-16T00:03:22.915097Z'
+published: '2018-02-03T21:29:00Z'
 references:
 - type: WEB
  url: https://github.com/anymail/django-anymail/releases/tag/v1.3
@@ -28,7 +55,3 @@ references:
  url: https://bugs.debian.org/889450
 - type: WEB
  url: https://www.debian.org/security/2018/dsa-4107
-aliases:
-- CVE-2018-6596
-modified: "2018-03-02T13:56:00Z"
-published: "2018-02-03T21:29:00Z"
diff --git a/vulns/django/PYSEC-2018-4.yaml b/vulns/django/PYSEC-2018-4.yaml
@@ -9,16 +9,19 @@ details: django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2
 affects:
  ranges:
  - type: ECOSYSTEM
- introduced: "2.0"
+ introduced: '2.0'
  fixed: 2.0.2
+ versions:
+ - '2.0'
+ - 2.0.1
+aliases:
+- CVE-2018-6188
+modified: '2021-06-16T00:03:23.096188Z'
+published: '2018-02-05T03:29:00Z'
 references:
 - type: WEB
  url: https://www.djangoproject.com/weblog/2018/feb/01/security-releases/
 - type: WEB
  url: http://www.securitytracker.com/id/1040422
 - type: WEB
  url: https://usn.ubuntu.com/3559-1/
-aliases:
-- CVE-2018-6188
-modified: "2019-03-12T17:54:00Z"
-published: "2018-02-05T03:29:00Z"
diff --git a/vulns/django/PYSEC-2018-5.yaml b/vulns/django/PYSEC-2018-5.yaml
@@ -11,14 +11,52 @@ details: An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11
 affects:
  ranges:
  - type: ECOSYSTEM
- introduced: "1.8"
+ introduced: '1.8'
  fixed: 1.8.19
  - type: ECOSYSTEM
- introduced: "1.11"
+ introduced: '1.11'
  fixed: 1.11.11
  - type: ECOSYSTEM
- introduced: "2.0"
+ introduced: '2.0'
  fixed: 2.0.3
+ versions:
+ - '1.11'
+ - 1.11.1
+ - 1.11.10
+ - 1.11.2
+ - 1.11.3
+ - 1.11.4
+ - 1.11.5
+ - 1.11.6
+ - 1.11.7
+ - 1.11.8
+ - 1.11.9
+ - '1.8'
+ - 1.8.1
+ - 1.8.10
+ - 1.8.11
+ - 1.8.12
+ - 1.8.13
+ - 1.8.14
+ - 1.8.15
+ - 1.8.16
+ - 1.8.17
+ - 1.8.18
+ - 1.8.2
+ - 1.8.3
+ - 1.8.4
+ - 1.8.5
+ - 1.8.6
+ - 1.8.7
+ - 1.8.8
+ - 1.8.9
+ - '2.0'
+ - 2.0.1
+ - 2.0.2
+aliases:
+- CVE-2018-7536
+modified: '2021-06-16T00:03:23.200365Z'
+published: '2018-03-09T20:29:00Z'
 references:
 - type: WEB
  url: https://www.djangoproject.com/weblog/2018/mar/06/security-releases/
@@ -38,7 +76,3 @@ references:
  url: https://access.redhat.com/errata/RHSA-2019:0051
 - type: WEB
  url: https://access.redhat.com/errata/RHSA-2019:0265
-aliases:
-- CVE-2018-7536
-modified: "2019-02-28T21:21:00Z"
-published: "2018-03-09T20:29:00Z"
diff --git a/vulns/lxml/PYSEC-2018-12.yaml b/vulns/lxml/PYSEC-2018-12.yaml
@@ -13,6 +13,139 @@ affects:
  fixed: 6be1d081b49c97cfd7b3fbd934a193b668629109
  - type: ECOSYSTEM
  fixed: 4.2.5
+ versions:
+ - '0.9'
+ - 0.9.1
+ - 0.9.2
+ - '1.0'
+ - 1.0.1
+ - 1.0.2
+ - 1.0.3
+ - 1.0.4
+ - 1.0.beta
+ - '1.1'
+ - 1.1.1
+ - 1.1.2
+ - 1.1alpha
+ - 1.1beta
+ - '1.2'
+ - 1.2.1
+ - '1.3'
+ - 1.3.1
+ - 1.3.2
+ - 1.3.3
+ - 1.3.4
+ - 1.3.5
+ - 1.3.6
+ - 1.3beta
+ - '2.0'
+ - 2.0.1
+ - 2.0.10
+ - 2.0.11
+ - 2.0.2
+ - 2.0.3
+ - 2.0.4
+ - 2.0.5
+ - 2.0.6
+ - 2.0.7
+ - 2.0.8
+ - 2.0.9
+ - 2.0alpha1
+ - 2.0alpha2
+ - 2.0alpha3
+ - 2.0alpha4
+ - 2.0alpha5
+ - 2.0alpha6
+ - 2.0beta1
+ - 2.0beta2
+ - '2.1'
+ - 2.1.1
+ - 2.1.2
+ - 2.1.3
+ - 2.1.4
+ - 2.1.5
+ - 2.1alpha1
+ - 2.1beta1
+ - 2.1beta2
+ - 2.1beta3
+ - '2.2'
+ - 2.2.1
+ - 2.2.2
+ - 2.2.3
+ - 2.2.4
+ - 2.2.5
+ - 2.2.6
+ - 2.2.7
+ - 2.2.8
+ - 2.2alpha1
+ - 2.2beta1
+ - 2.2beta2
+ - 2.2beta3
+ - 2.2beta4
+ - '2.3'
+ - 2.3.1
+ - 2.3.2
+ - 2.3.3
+ - 2.3.4
+ - 2.3.5
+ - 2.3.6
+ - 2.3alpha1
+ - 2.3alpha2
+ - 2.3beta1
+ - '3.0'
+ - 3.0.1
+ - 3.0.2
+ - 3.1.0
+ - 3.1.1
+ - 3.1.2
+ - 3.1beta1
+ - 3.2.0
+ - 3.2.1
+ - 3.2.2
+ - 3.2.3
+ - 3.2.4
+ - 3.2.5
+ - 3.3.0
+ - 3.3.0beta1
+ - 3.3.0beta2
+ - 3.3.0beta3
+ - 3.3.0beta4
+ - 3.3.0beta5
+ - 3.3.1
+ - 3.3.2
+ - 3.3.3
+ - 3.3.4
+ - 3.3.5
+ - 3.3.6
+ - 3.4.0
+ - 3.4.1
+ - 3.4.2
+ - 3.4.3
+ - 3.4.4
+ - 3.5.0
+ - 3.5.0b1
+ - 3.6.0
+ - 3.6.1
+ - 3.6.2
+ - 3.6.3
+ - 3.6.4
+ - 3.7.0
+ - 3.7.1
+ - 3.7.2
+ - 3.7.3
+ - 3.8.0
+ - 4.0.0
+ - 4.1.0
+ - 4.1.1
+ - 4.2.0
+ - 4.2.1
+ - 4.2.2
+ - 4.2.3
+ - 4.2.4
+aliases:
+- CVE-2018-19787
+modified: '2021-06-16T00:03:23.627691Z'
+published: '2018-12-02T10:29:00Z'
 references:
 - type: WEB
  url: https://github.com/lxml/lxml/commit/6be1d081b49c97cfd7b3fbd934a193b668629109
@@ -24,7 +157,3 @@ references:
  url: https://usn.ubuntu.com/3841-1/
 - type: WEB
  url: https://lists.debian.org/debian-lts-announce/2020/11/msg00044.html
-aliases:
-- CVE-2018-19787
-modified: "2020-11-26T21:15:00Z"
-published: "2018-12-02T10:29:00Z"
diff --git a/vulns/markdown2/PYSEC-2018-13.yaml b/vulns/markdown2/PYSEC-2018-13.yaml
@@ -10,10 +10,46 @@ affects:
  ranges:
  - type: ECOSYSTEM
  fixed: 2.3.6
+ versions:
+ - 1.0.1.10
+ - 1.0.1.11
+ - 1.0.1.12
+ - 1.0.1.13
+ - 1.0.1.14
+ - 1.0.1.15
+ - 1.0.1.16
+ - 1.0.1.17
+ - 1.0.1.18
+ - 1.0.1.19
+ - 1.0.1.6
+ - 1.0.1.7
+ - 1.0.1.8
+ - 1.0.1.9
+ - 1.1.0
+ - 1.1.1
+ - 1.2.0
+ - 1.3.0
+ - 1.3.1
+ - 1.4.0
+ - 1.4.1
+ - 1.4.2
+ - 2.0.0
+ - 2.0.1
+ - 2.1.0
+ - 2.2.0
+ - 2.2.1
+ - 2.2.2
+ - 2.2.3
+ - 2.3.0
+ - 2.3.1
+ - 2.3.2
+ - 2.3.3
+ - 2.3.4
+ - 2.3.5
+aliases:
+- CVE-2018-5773
+modified: '2021-06-16T00:03:23.657711Z'
+published: '2018-01-18T21:29:00Z'
 references:
 - type: WEB
  url: https://github.com/trentm/python-markdown2/issues/285
-aliases:
-- CVE-2018-5773
-modified: "2018-02-06T13:39:00Z"
-published: "2018-01-18T21:29:00Z"
diff --git a/vulns/mayan-edms-ng/PYSEC-2018-16.yaml b/vulns/mayan-edms-ng/PYSEC-2018-16.yaml
@@ -8,14 +8,18 @@ affects:
  ranges:
  - type: ECOSYSTEM
  fixed: 3.0.2
+ versions:
+ - '2.8'
+ - '3.0'
+ - 3.0.1
+aliases:
+- CVE-2018-16405
+modified: '2021-06-16T00:03:23.682256Z'
+published: '2018-09-03T19:29:00Z'
 references:
 - type: WEB
  url: https://gitlab.com/mayan-edms/mayan-edms/issues/494
 - type: WEB
  url: https://gitlab.com/mayan-edms/mayan-edms/commit/9ebe80595afe4fdd1e2c74358d6a9421f4ce130e
 - type: WEB
  url: https://gitlab.com/mayan-edms/mayan-edms/blob/master/HISTORY.rst
-aliases:
-- CVE-2018-16405
-modified: "2018-10-30T19:47:00Z"
-published: "2018-09-03T19:29:00Z"