更新: 2933 个文件 - 2026-03-18 11:36:11

08-threat-intel/registry/advisories/nginx--CVE-2010-2263.json

@@ -0,0 +1,65 @@
+{
+  "canonical_id": "nginx--CVE-2010-2263",
+  "system_id": "nginx",
+  "display_name": "Nginx",
+  "category": "servers",
+  "advisory_mode": "server",
+  "title": "CVE-2010-2263",
+  "summary": "nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI.",
+  "published_at": "2010-06-15T14:04:24.313",
+  "updated_at": "2025-04-11T00:51:21.963",
+  "severity": "medium",
+  "cvss_score": 5.0,
+  "exploit_status": "unknown",
+  "source_confidence": "official",
+  "official_source_url": "http://spa-s3c.blogspot.com/2010/06/full-responsible-disclosurenginx-engine.html",
+  "secondary_source_urls": [
+    "http://www.exploit-db.com/exploits/13818",
+    "http://www.exploit-db.com/exploits/13822",
+    "http://www.securityfocus.com/bid/40760"
+  ],
+  "aliases": [
+    "CVE-2010-2263"
+  ],
+  "cve_ids": [
+    "CVE-2010-2263"
+  ],
+  "ghsa_ids": [],
+  "osv_ids": [],
+  "affected_versions": [],
+  "fixed_versions": [],
+  "package_name": null,
+  "render_markdown": false,
+  "case_path": null,
+  "secure_code_topics": [
+    "proxy-trust-boundary",
+    "request-smuggling-boundary",
+    "csp-trusted-types"
+  ],
+  "status": "triage",
+  "triage_reasons": [
+    "missing affected/fixed version details"
+  ],
+  "verification_status": "triage-manual",
+  "verification_mode": "synthetic",
+  "last_verified_at": null,
+  "last_run_id": null,
+  "evidence_bundle": null,
+  "browser_evidence": {
+    "required": false,
+    "present": false,
+    "refs": []
+  },
+  "repro_profile_id": "proxy-boundary-generic",
+  "artifact_mode": "official-image",
+  "blocked_reason": null,
+  "metadata": {
+    "source_names": [
+      "NVD NGINX"
+    ],
+    "source_kinds": [
+      "nvd-search"
+    ],
+    "candidate_count": 1
+  }
+}