Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 693ca55b by security tracker role at 2020-05-08T20:10:17+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,21 @@ +CVE-2020-12744 + RESERVED +CVE-2020-12743 + RESERVED +CVE-2020-12742 + RESERVED +CVE-2020-12741 + RESERVED +CVE-2020-12740 (tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-rea ...) + TODO: check +CVE-2020-12739 + RESERVED +CVE-2020-12738 + RESERVED +CVE-2020-12737 (An issue was discovered in Maxum Rumpus before 8.2.12 on macOS. Authen ...) + TODO: check +CVE-2020-12736 + RESERVED CVE-2020-12735 (reset.php in DomainMOD 4.13.0 uses insufficient entropy for password r ...) NOT-FOR-US: DomainMOD CVE-2020-12734 @@ -100,8 +118,8 @@ CVE-2020-12682 RESERVED CVE-2020-12681 RESERVED -CVE-2020-12680 - RESERVED +CVE-2020-12680 (** DISPUTED ** Avira Free Antivirus through 15.0.2005.1866 allows loca ...) + TODO: check CVE-2020-12679 (A reflected cross-site scripting (XSS) vulnerability in the Mitel Shor ...) NOT-FOR-US: Mitel CVE-2020-12678 @@ -745,6 +763,7 @@ CVE-2020-12398 RESERVED CVE-2020-12397 RESERVED + {DSA-4683-1} - thunderbird 1:68.8.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-18/#CVE-2020-12397 CVE-2020-12396 @@ -753,7 +772,7 @@ CVE-2020-12396 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-16/#CVE-2020-12396 CVE-2020-12395 RESERVED - {DSA-4678-1} + {DSA-4683-1 DSA-4678-1 DLA-2205-1} - firefox 76.0-1 - firefox-esr 68.8.0esr-1 - thunderbird 1:68.8.0-1 @@ -774,7 +793,7 @@ CVE-2020-12393 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-18/#CVE-2020-12393 CVE-2020-12392 RESERVED - {DSA-4678-1} + {DSA-4683-1 DSA-4678-1 DLA-2205-1} - firefox 76.0-1 - firefox-esr 68.8.0esr-1 - thunderbird 1:68.8.0-1 @@ -803,7 +822,7 @@ CVE-2020-12388 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-17/#CVE-2020-12388 CVE-2020-12387 RESERVED - {DSA-4678-1} + {DSA-4683-1 DSA-4678-1 DLA-2205-1} - firefox 76.0-1 - firefox-esr 68.8.0esr-1 - thunderbird 1:68.8.0-1 @@ -1645,56 +1664,56 @@ CVE-2020-12028 RESERVED CVE-2020-12027 RESERVED -CVE-2020-12026 - RESERVED +CVE-2020-12026 (Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Mult ...) + TODO: check CVE-2020-12025 RESERVED CVE-2020-12024 RESERVED CVE-2020-12023 RESERVED -CVE-2020-12022 - RESERVED +CVE-2020-12022 (Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An i ...) + TODO: check CVE-2020-12021 RESERVED CVE-2020-12020 RESERVED CVE-2020-12019 RESERVED -CVE-2020-12018 - RESERVED +CVE-2020-12018 (Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An o ...) + TODO: check CVE-2020-12017 RESERVED CVE-2020-12016 RESERVED CVE-2020-12015 RESERVED -CVE-2020-12014 - RESERVED +CVE-2020-12014 (Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Inpu ...) + TODO: check CVE-2020-12013 RESERVED CVE-2020-12012 RESERVED CVE-2020-12011 RESERVED -CVE-2020-12010 - RESERVED +CVE-2020-12010 (Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Mult ...) + TODO: check CVE-2020-12009 RESERVED CVE-2020-12008 RESERVED CVE-2020-12007 RESERVED -CVE-2020-12006 - RESERVED +CVE-2020-12006 (Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Mult ...) + TODO: check CVE-2020-12005 RESERVED CVE-2020-12004 RESERVED CVE-2020-12003 RESERVED -CVE-2020-12002 - RESERVED +CVE-2020-12002 (Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Mult ...) + TODO: check CVE-2020-12001 RESERVED CVE-2020-12000 @@ -1816,6 +1835,7 @@ CVE-2020-11947 CVE-2020-11946 (Zoho ManageEngine OpManager before 125120 allows an unauthenticated us ...) NOT-FOR-US: Zoho ManageEngine OpManager CVE-2020-11945 (An issue was discovered in Squid before 5.0.2. A remote attacker can r ...) + {DSA-4682-1} - squid 4.11-1 - squid3 <removed> NOTE: http://www.squid-cache.org/Advisories/SQUID-2020_4.txt @@ -4000,8 +4020,8 @@ CVE-2020-11543 (OpsRamp Gateway before 5.5.0 has a backdoor account vadmin with NOT-FOR-US: OpsRamp Gateway CVE-2020-11542 (3xLOGIC Infinias eIDC32 2.213 devices with Web 1.107 allow Authenticat ...) NOT-FOR-US: 3xLOGIC Infinias eIDC32 2.213 devices -CVE-2020-11541 - RESERVED +CVE-2020-11541 (In TechSmith SnagIt before 20.1.1, an XML External Entity (XXE) inject ...) + TODO: check CVE-2020-11540 RESERVED CVE-2020-11539 (An issue was discovered on Tata Sonata Smart SF Rush 1.12 devices. It ...) @@ -5221,8 +5241,8 @@ CVE-2020-11008 (Affected versions of Git have a vulnerability whereby Git can be NOTE: Fixed by: https://git.kernel.org/pub/scm/git/git.git/commit/?id=1a3609e402a062ef7b11f197fe96c28cabca132c CVE-2020-11007 (In Shopizer before version 2.11.0, using API or Controller based versi ...) NOT-FOR-US: Shopizer -CVE-2020-11006 - RESERVED +CVE-2020-11006 (In Shopizer before version 2.11.0, a script can be injected in various ...) + TODO: check CVE-2020-11005 (The WindowsHello open source library (NuGet HaemmerElectronics.SeppPen ...) NOT-FOR-US: WindowsHello CVE-2020-11004 (SQL Injection was discovered in Admidio before version 3.3.13. The mai ...) @@ -6263,8 +6283,7 @@ CVE-2020-10691 (An archive traversal flaw was found in all ansible-engine versio NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1817161 NOTE: https://github.com/ansible/ansible/pull/68596 NOTE: https://github.com/ansible/ansible/commit/b2551bb6943eec078066aa3a923e0bb3ed85abe8 (stable-2.9) -CVE-2020-10690 - RESERVED +CVE-2020-10690 (There is a use-after-free in kernel versions before 5.5 due to a race ...) - linux 5.4.8-1 [buster] - linux 4.19.98-1 NOTE: Fixed by: https://git.kernel.org/linus/a33121e5487b424339636b25c35d3a180eaa5f5e @@ -6469,8 +6488,8 @@ CVE-2020-10640 RESERVED CVE-2020-10639 (Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 3.00.23 and p ...) NOT-FOR-US: Eaton HMiSoft VU3 -CVE-2020-10638 - RESERVED +CVE-2020-10638 (Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Mult ...) + TODO: check CVE-2020-10637 (Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 3.00.23 and p ...) NOT-FOR-US: Eaton HMiSoft VU3 CVE-2020-10636 @@ -11466,6 +11485,7 @@ CVE-2020-8452 CVE-2020-8451 RESERVED CVE-2020-8450 (An issue was discovered in Squid before 4.10. Due to incorrect buffer ...) + {DSA-4682-1} - squid 4.10-1 (bug #950802) - squid3 <removed> NOTE: http://www.squid-cache.org/Advisories/SQUID-2020_1.txt @@ -11473,6 +11493,7 @@ CVE-2020-8450 (An issue was discovered in Squid before 4.10. Due to incorrect bu NOTE: http://www.squid-cache.org/Versions/v4/changesets/SQUID-2020_1.patch (Squid 4.8 and older) NOTE: http://www.squid-cache.org/Versions/v4/changesets/squid-4-b3a0719affab099c684f1cd62b79ab02816fa962.patch (Squid 4.9) CVE-2020-8449 (An issue was discovered in Squid before 4.10. Due to incorrect input v ...) + {DSA-4682-1} - squid 4.10-1 (bug #950802) - squid3 <removed> NOTE: http://www.squid-cache.org/Advisories/SQUID-2020_1.txt @@ -14086,20 +14107,20 @@ CVE-2020-7293 RESERVED CVE-2020-7292 RESERVED -CVE-2020-7291 - RESERVED -CVE-2020-7290 - RESERVED -CVE-2020-7289 - RESERVED -CVE-2020-7288 - RESERVED -CVE-2020-7287 - RESERVED -CVE-2020-7286 - RESERVED -CVE-2020-7285 - RESERVED +CVE-2020-7291 (Privilege Escalation vulnerability in McAfee Active Response (MAR) for ...) + TODO: check +CVE-2020-7290 (Privilege Escalation vulnerability in McAfee Active Response (MAR) for ...) + TODO: check +CVE-2020-7289 (Privilege Escalation vulnerability in McAfee Active Response (MAR) for ...) + TODO: check +CVE-2020-7288 (Privilege Escalation vulnerability in McAfee Exploit Detection and Res ...) + TODO: check +CVE-2020-7287 (Privilege Escalation vulnerability in McAfee Exploit Detection and Res ...) + TODO: check +CVE-2020-7286 (Privilege Escalation vulnerability in McAfee Exploit Detection and Res ...) + TODO: check +CVE-2020-7285 (Privilege Escalation vulnerability in McAfee MVISION Endpoint prior to ...) + TODO: check CVE-2020-7284 RESERVED CVE-2020-7283 @@ -14134,14 +14155,14 @@ CVE-2020-7269 RESERVED CVE-2020-7268 RESERVED -CVE-2020-7267 - RESERVED -CVE-2020-7266 - RESERVED -CVE-2020-7265 - RESERVED -CVE-2020-7264 - RESERVED +CVE-2020-7267 (Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE ...) + TODO: check +CVE-2020-7266 (Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE ...) + TODO: check +CVE-2020-7265 (Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) f ...) + TODO: check +CVE-2020-7264 (Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) f ...) + TODO: check CVE-2020-7263 (Improper access control vulnerability in ESConfigTool.exe in ENS for W ...) NOT-FOR-US: ENS for Windows CVE-2020-7262 @@ -15214,7 +15235,7 @@ CVE-2019-20377 (TopList before 2019-09-03 allows XSS via a title. ...) NOT-FOR-US: TopList CVE-2020-6831 RESERVED - {DSA-4678-1} + {DSA-4683-1 DSA-4678-1 DLA-2205-1} - firefox 76.0-1 - firefox-esr 68.8.0esr-1 - chromium <unfixed> @@ -17820,8 +17841,8 @@ CVE-2020-5743 (Improper Control of Resource Identifiers in TCExam 14.2.2 allows TODO: check CVE-2020-5742 RESERVED -CVE-2020-5741 - RESERVED +CVE-2020-5741 (Deserialization of Untrusted Data in Plex Media Server on Windows allo ...) + TODO: check CVE-2020-5740 (Improper Input Validation in Plex Media Server on Windows allows a loc ...) NOT-FOR-US: Plex Media Server CVE-2020-5739 (Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable ...) @@ -21108,11 +21129,11 @@ CVE-2020-4432 RESERVED CVE-2020-4431 RESERVED -CVE-2020-4430 (IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 cou ...) +CVE-2020-4430 (IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a rem ...) NOT-FOR-US: IBM CVE-2020-4429 (IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 con ...) NOT-FOR-US: IBM -CVE-2020-4428 (IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 cou ...) +CVE-2020-4428 (IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a rem ...) NOT-FOR-US: IBM CVE-2020-4427 (IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 cou ...) NOT-FOR-US: IBM @@ -33317,25 +33338,26 @@ CVE-2019-18680 (An issue was discovered in the Linux kernel 4.4.x before 4.4.195 - linux <not-affected> (Vulnerable code not present) NOTE: https://lkml.org/lkml/2019/9/18/337 CVE-2019-18679 (An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to ...) - {DLA-2028-1} + {DSA-4682-1 DLA-2028-1} - squid 4.9-1 - squid3 <removed> NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-671ba97abe929156dc4c717ee52ad22fba0f7443.patch NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_11.txt CVE-2019-18678 (An issue was discovered in Squid 3.x and 4.x through 4.8. It allows at ...) - {DLA-2028-1} + {DSA-4682-1 DLA-2028-1} - squid 4.9-1 - squid3 <removed> NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-671ba97abe929156dc4c717ee52ad22fba0f7443.patch NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_10.txt CVE-2019-18677 (An issue was discovered in Squid 3.x and 4.x through 4.8 when the appe ...) - {DLA-2028-1} + {DSA-4682-1 DLA-2028-1} - squid 4.9-1 - squid3 <removed> NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-36492033ea4097821a4f7ff3ddcb971fbd1e8ba0.patch NOTE: Squid 3.5: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-e5f1813a674848dde570f7920873e1071f96e0b4.patch NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_9.txt CVE-2019-18676 (An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incor ...) + {DSA-4682-1} - squid 4.9-1 - squid3 <removed> NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_8.txt @@ -38043,35 +38065,35 @@ CVE-2019-17293 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection CVE-2019-17292 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the ...) NOT-FOR-US: SugarCRM CVE-2019-17291 - RESERVED + REJECTED CVE-2019-17290 - RESERVED + REJECTED CVE-2019-17289 - RESERVED + REJECTED CVE-2019-17288 - RESERVED + REJECTED CVE-2019-17287 - RESERVED + REJECTED CVE-2019-17286 - RESERVED + REJECTED CVE-2019-17285 - RESERVED + REJECTED CVE-2019-17284 - RESERVED + REJECTED CVE-2019-17283 - RESERVED + REJECTED CVE-2019-17282 - RESERVED + REJECTED CVE-2019-17281 - RESERVED + REJECTED CVE-2019-17280 - RESERVED + REJECTED CVE-2019-17279 - RESERVED + REJECTED CVE-2019-17278 - RESERVED + REJECTED CVE-2019-17277 - RESERVED + REJECTED CVE-2019-17276 (OnCommand System Manager versions 9.3 prior to 9.3P18 and 9.4 prior to ...) NOT-FOR-US: OnCommand CVE-2019-17275 (OnCommand Cloud Manager versions prior to 3.8.0 are susceptible to arb ...) @@ -45249,8 +45271,7 @@ CVE-2019-14900 RESERVED CVE-2019-14899 (A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, ...) NOTE: https://www.openwall.com/lists/oss-security/2019/12/05/1 -CVE-2019-14898 [RHEL-7 specific incompete fix issue for CVE-2019-11599] - RESERVED +CVE-2019-14898 (The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 w ...) - linux <not-affected> (RHEL-7 specific incomplete fix for CVE-2019-11599) CVE-2019-14897 (A stack-based buffer overflow was found in the Linux kernel, version k ...) {DLA-2114-1 DLA-2068-1} @@ -53527,6 +53548,7 @@ CVE-2019-12529 (An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x th NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_2.txt NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-dd46b5417809647f561d8a5e0e74c3aacd235258.patch CVE-2019-12528 (An issue was discovered in Squid before 4.10. It allows a crafted FTP ...) + {DSA-4682-1} - squid 4.10-1 (bug #950925) - squid3 <removed> NOTE: http://www.squid-cache.org/Advisories/SQUID-2020_2.txt @@ -53542,7 +53564,7 @@ CVE-2019-12527 (An issue was discovered in Squid 4.0.23 through 4.7. When checki NOTE: than the length of the target buffer, whilst in 4.x the entire input is decoded NOTE: without regard for the size of the target buffer. CVE-2019-12526 (An issue was discovered in Squid before 4.9. URN response handling in ...) - {DLA-2028-1} + {DSA-4682-1 DLA-2028-1} - squid 4.9-1 - squid3 <removed> NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-7aa0184a720fd216191474e079f4fe87de7c4f5a.patch @@ -53555,11 +53577,13 @@ CVE-2019-12525 (An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x th NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-409956536647b3a05ee1e367424a24ae6b8f13fd.patch NOTE: Squid 3.5: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-ec0d0f39cf28da14eead0ba5e777e95855bc2f67.patch CVE-2019-12524 (An issue was discovered in Squid through 4.7. When handling requests f ...) + {DSA-4682-1} - squid 4.8-1 - squid3 <removed> NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_4.txt NOTE: http://www.squid-cache.org/Versions/v4/changesets/SQUID-2019_4.patch CVE-2019-12523 (An issue was discovered in Squid before 4.9. When handling a URN reque ...) + {DSA-4682-1} - squid 4.9-1 - squid3 <removed> NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_8.txt @@ -53567,16 +53591,19 @@ CVE-2019-12523 (An issue was discovered in Squid before 4.9. When handling a URN CVE-2019-12522 (An issue was discovered in Squid through 4.7. When Squid is run as roo ...) TODO: check CVE-2019-12521 (An issue was discovered in Squid through 4.7. When Squid is parsing ES ...) + {DSA-4682-1} - squid 4.11-1 - squid3 <removed> NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_12.txt NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-fdd4123629320aa1ee4c3481bb392437c90d188d.patch CVE-2019-12520 (An issue was discovered in Squid through 4.7 and 5. When receiving a r ...) + {DSA-4682-1} - squid 4.8-1 - squid3 <removed> NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_4.txt NOTE: http://www.squid-cache.org/Versions/v4/changesets/SQUID-2019_4.patch CVE-2019-12519 (An issue was discovered in Squid through 4.7. When handling the tag es ...) + {DSA-4682-1} - squid 4.11-1 - squid3 <removed> NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_12.txt @@ -60181,11 +60208,9 @@ CVE-2019-10172 (A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9. NOTE: https://stackoverflow.com/questions/38017676/small-fix-for-cve-2016-3720-with-older-versions-of-jackson-all-1-9-11-and-in-ja/38017721 CVE-2019-10171 (It was found that the fix for CVE-2018-14648 in 389-ds-base, versions ...) - 389-ds-base <not-affected> (Incomplete RHEL backport) -CVE-2019-10170 - RESERVED +CVE-2019-10170 (A flaw was found in the Keycloak admin console, where the realm manage ...) NOT-FOR-US: Keycloak -CVE-2019-10169 - RESERVED +CVE-2019-10169 (A flaw was found in Keycloak’s user-managed access interface, wh ...) NOT-FOR-US: Keycloak CVE-2019-10168 (The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorC ...) - libvirt 5.0.0-4 @@ -73640,7 +73665,7 @@ CVE-2019-5501 (Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 may disc CVE-2019-5500 RESERVED CVE-2019-5499 - RESERVED + REJECTED CVE-2019-5498 (OnCommand Insight versions through 7.3.6 may disclose sensitive accoun ...) NOT-FOR-US: OnCommand Insight CVE-2019-5497 (NetApp AFF A700s Baseboard Management Controller (BMC) firmware versio ...) @@ -79877,8 +79902,8 @@ CVE-2018-20227 (RDF4J 2.4.2 allows Directory Traversal via ../ in an entry in a NOT-FOR-US: RDF4J CVE-2018-20226 (An organization administrator can add a super administrator in THEHIVE ...) NOT-FOR-US: THEHIVE -CVE-2018-20225 - RESERVED +CVE-2018-20225 (An issue was discovered in pip (all versions) because it installs the ...) + TODO: check CVE-2018-20224 RESERVED CVE-2018-20223 @@ -127764,7 +127789,7 @@ CVE-2018-5493 (ATTO FibreBridge 7500N firmware versions prior to 2.90 are suscep CVE-2018-5492 (NetApp E-Series SANtricity OS Controller Software 11.30 and later vers ...) NOT-FOR-US: NetApp CVE-2018-5491 - RESERVED + REJECTED CVE-2018-5490 (Read-Only export policy rules are not correctly enforced in Clustered ...) NOT-FOR-US: NetApp Data ONTAP CVE-2018-5489 (NetApp 7-Mode Transition Tool allows users with valid credentials to a ...) @@ -127778,7 +127803,7 @@ CVE-2018-5486 (NetApp OnCommand Unified Manager for Linux versions 7.2 though 7. CVE-2018-5485 (NetApp OnCommand Unified Manager for Windows versions 7.2 through 7.3 ...) NOT-FOR-US: NetApp OnCommand Unified Manager for Windows CVE-2018-5484 - RESERVED + REJECTED CVE-2018-5483 RESERVED CVE-2018-5482 (NetApp SnapCenter Server prior to 4.1 does not set the secure flag for ...) @@ -127786,7 +127811,7 @@ CVE-2018-5482 (NetApp SnapCenter Server prior to 4.1 does not set the secure fla CVE-2018-5481 (OnCommand Unified Manager for 7-Mode (core package) prior to 5.2.4 use ...) NOT-FOR-US: OnCommand Unified Manager CVE-2018-5480 - RESERVED + REJECTED CVE-2018-5479 (FoxSash ImgHosting 1.5 (according to footer information) is vulnerable ...) NOT-FOR-US: FoxSash ImgHosting CVE-2018-5478 @@ -148443,7 +148468,7 @@ CVE-2017-15516 (NetApp SnapCenter Server versions 1.1 through 2.x are susceptibl CVE-2017-15515 (NetApp SnapCenter Server prior to 4.0 is susceptible to cross site scr ...) NOT-FOR-US: NetApp SnapCenter Server CVE-2017-15514 - RESERVED + REJECTED CVE-2017-15568 (In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, X ...) {DSA-4191-1} - redmine 3.4.4-1 (bug #882544) @@ -154339,19 +154364,19 @@ CVE-2017-13660 CVE-2017-13659 RESERVED CVE-2017-13657 - RESERVED + REJECTED CVE-2017-13656 - RESERVED + REJECTED CVE-2017-13655 - RESERVED + REJECTED CVE-2017-13654 - RESERVED + REJECTED CVE-2017-13653 - RESERVED + REJECTED CVE-2017-13652 (NetApp OnCommand Insight version 7.3.0 and versions prior to 7.2.0 are ...) NOT-FOR-US: NetApp CVE-2017-13651 - RESERVED + REJECTED CVE-2017-13650 RESERVED CVE-2017-1002150 (python-fedora 0.8.0 and lower is vulnerable to an open redirect result ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/693ca55bb108074dc75455b0dcf7211c90161c12 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/693ca55bb108074dc75455b0dcf7211c90161c12 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits