Vulnerability Change Records for CVE-2018-14041

Change History

CVE Modified by MITRE 5/09/2019 2:29:04 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://seclists.org/bugtraq/2019/May/18 [No Types Assigned]

CVE Modified by MITRE 10/21/2019 12:15:14 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E [No Types Assigned]

Reanalysis 1/09/2019 12:32:30 PM

Action Type Old Value New Value
Changed CPE Configuration
OR
     *cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0
     *cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions from (including) 4.0.0 up to (excluding) 4.1.2
     *cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha:*:*:*:*:*:*
     *cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha2:*:*:*:*:*:*
     *cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha3:*:*:*:*:*:*
     *cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha4:*:*:*:*:*:*
     *cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha5:*:*:*:*:*:*
     *cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha6:*:*:*:*:*:*
     *cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*
     *cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta2:*:*:*:*:*:*
     *cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta3:*:*:*:*:*:*
OR
     *cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions from (including) 4.0.0 up to (excluding) 4.1.2
     *cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha:*:*:*:*:*:*
     *cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha2:*:*:*:*:*:*
     *cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha3:*:*:*:*:*:*
     *cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha4:*:*:*:*:*:*
     *cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha5:*:*:*:*:*:*
     *cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha6:*:*:*:*:*:*
     *cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*
     *cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta2:*:*:*:*:*:*
     *cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta3:*:*:*:*:*:*

CVE Modified by MITRE 9/26/2019 8:15:10 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E [No Types Assigned]

Initial Analysis 9/05/2018 2:58:16 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
OR
     *cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions up to (excluding) 4.1.2
Added CVSS V2

								
							
							
						
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Added CVSS V2 Metadata

								
							
							
						
Victim must voluntarily interact with attack mechanism
Added CVSS V3

								
							
							
						
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Added CWE

								
							
							
						
CWE-79
Changed Reference Type
https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/ No Types Assigned
https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/ Vendor Advisory
Changed Reference Type
https://github.com/twbs/bootstrap/issues/26423 No Types Assigned
https://github.com/twbs/bootstrap/issues/26423 Issue Tracking, Third Party Advisory
Changed Reference Type
https://github.com/twbs/bootstrap/issues/26627 No Types Assigned
https://github.com/twbs/bootstrap/issues/26627 Exploit, Issue Tracking, Third Party Advisory
Changed Reference Type
https://github.com/twbs/bootstrap/pull/26630 No Types Assigned
https://github.com/twbs/bootstrap/pull/26630 Issue Tracking, Patch, Third Party Advisory

CVE Modified by MITRE 3/15/2020 12:15:13 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html [No Types Assigned]
Added Reference

								
							
							
						
https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E [No Types Assigned]

CVE Modified by MITRE 10/17/2019 6:15:13 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E [No Types Assigned]

CVE Modified by MITRE 6/11/2019 2:29:00 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2019:1456 [No Types Assigned]

CVE Modified by MITRE 5/10/2019 2:29:02 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html [No Types Assigned]

CVE Modified by MITRE 5/10/2019 3:29:03 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://seclists.org/fulldisclosure/2019/May/10 [No Types Assigned]
Added Reference

								
							
							
						
http://seclists.org/fulldisclosure/2019/May/11 [No Types Assigned]
Added Reference

								
							
							
						
http://seclists.org/fulldisclosure/2019/May/13 [No Types Assigned]