Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: f4a88e26 by security tracker role at 2020-03-22T08:10:45+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,11 @@ +CVE-2020-10804 (In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection v ...) + TODO: check +CVE-2020-10803 (In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection v ...) + TODO: check +CVE-2020-10802 (In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection v ...) + TODO: check +CVE-2020-10801 + RESERVED CVE-2020-10800 (lix through 15.8.7 allows man-in-the-middle attackers to execute arbit ...) TODO: check CVE-2020-10799 (The svglib package through 0.9.3 for Python allows XXE attacks via an ...) @@ -45781,6 +45789,7 @@ CVE-2019-12922 (A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server NOTE: https://seclists.org/fulldisclosure/2019/Sep/23 NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/427fbed55d3154d96ecfc1c7784d49eaa3c04161 (4.9.1) CVE-2019-12921 (In GraphicsMagick before 1.3.32, the text filename component allows re ...) + {DLA-2152-1} - graphicsmagick 1.4~hg16039-1 NOTE: https://github.com/d0ge/data-processing/blob/master/CVE-2019-12921.md NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/f780c290b4ab View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4a88e26eef5c24828547cc58dde5d3c6362fc96 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4a88e26eef5c24828547cc58dde5d3c6362fc96 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits