Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 45d58da2 by Moritz Muehlenhoff at 2020-03-23T22:03:41+01:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -4694,17 +4694,17 @@ CVE-2020-8878 (This vulnerability allows remote attackers to execute arbitrary c CVE-2020-8877 (This vulnerability allows remote attackers to disclose sensitive infor ...) NOT-FOR-US: Foxit Studio Photo CVE-2020-8876 (This vulnerability allows local attackers to disclose information on a ...) - TODO: check + NOT-FOR-US: Parallels CVE-2020-8875 (This vulnerability allows local attackers to escalate privileges on af ...) - TODO: check + NOT-FOR-US: Parallels CVE-2020-8874 (This vulnerability allows local attackers to escalate privileges on af ...) - TODO: check + NOT-FOR-US: Parallels CVE-2020-8873 (This vulnerability allows local attackers to escalate privileges on af ...) - TODO: check + NOT-FOR-US: Parallels CVE-2020-8872 (This vulnerability allows local attackers to disclose sensitive inform ...) - TODO: check + NOT-FOR-US: Parallels CVE-2020-8871 (This vulnerability allows local attackers to escalate privileges on af ...) - TODO: check + NOT-FOR-US: Parallels CVE-2020-8870 RESERVED CVE-2020-8869 @@ -6326,11 +6326,11 @@ CVE-2020-8139 (A missing access control check in Nextcloud Server < 18.0.1, & CVE-2020-8138 (A missing check for IPv4 nested inside IPv6 in Nextcloud server < 1 ...) - nextcloud-server <itp> (bug #941708) CVE-2020-8137 (Code injection vulnerability in blamer 1.0.0 and earlier may result in ...) - TODO: check + NOT-FOR-US: Node blamer CVE-2020-8136 (Prototype pollution vulnerability in fastify-multipart < 1.0.5 allo ...) - TODO: check + NOT-FOR-US: Node fastify-multipart CVE-2020-8135 (The uppy npm package < 1.9.3 is vulnerable to a Server-Side Request ...) - TODO: check + NOT-FOR-US: Node uppy CVE-2020-8134 (Server-side request forgery (SSRF) vulnerability in Ghost CMS < 3.1 ...) NOT-FOR-US: Ghost CMS CVE-2020-8133 @@ -6846,7 +6846,7 @@ CVE-2020-7937 (An XSS issue in the title field in Plone 5.0 through 5.2.1 allows CVE-2020-7936 (An open redirect on the login form (and possibly other places) in Plon ...) NOT-FOR-US: Plone CVE-2020-7935 (Artica Pandora FMS through 7.42 is vulnerable to remote PHP code execu ...) - TODO: check + NOT-FOR-US: Artica Pandora FMS CVE-2020-7934 (In LifeRay Portal CE 7.1.0 through 7.2.1, the First Name, Middle Name, ...) NOT-FOR-US: LifeRay Portal CVE-2020-7933 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45d58da2cda506d3547ba175d08d1e71db136d0e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45d58da2cda506d3547ba175d08d1e71db136d0e You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits