Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 81b25318 by Moritz Muehlenhoff at 2020-06-03T18:47:23+02:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -16033,19 +16033,19 @@ CVE-2020-7656 (jquery prior to 1.9.0 allows Cross-site Scripting attacks via the CVE-2020-7655 (netius prior to 1.17.58 is vulnerable to HTTP Request Smuggling. HTTP ...) NOT-FOR-US: netius CVE-2020-7654 (All versions of snyk-broker before 4.73.1 are vulnerable to Informatio ...) - TODO: check + NOT-FOR-US: snyk-broker CVE-2020-7653 (All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary ...) - TODO: check + NOT-FOR-US: snyk-broker CVE-2020-7652 (All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary ...) - TODO: check + NOT-FOR-US: snyk-broker CVE-2020-7651 (All versions of snyk-broker before 4.79.0 are vulnerable to Arbitrary ...) - TODO: check + NOT-FOR-US: snyk-broker CVE-2020-7650 (All versions of snyk-broker after 4.72.0 including and before 4.73.1 a ...) - TODO: check + NOT-FOR-US: snyk-broker CVE-2020-7649 RESERVED CVE-2020-7648 (All versions of snyk-broker before 4.72.2 are vulnerable to Arbitrary ...) - TODO: check + NOT-FOR-US: snyk-broker CVE-2020-7647 (All versions before 1.6.7 and all versions after 2.0.0 inclusive and b ...) NOT-FOR-US: jooby CVE-2020-7646 (curlrequest through 1.0.1 allows execution of arbitrary commands.It is ...) @@ -17690,7 +17690,7 @@ CVE-2020-6939 CVE-2020-6938 RESERVED CVE-2020-6937 (A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, ...) - TODO: check + NOT-FOR-US: MuleSoft CVE-2020-6936 RESERVED CVE-2020-6935 @@ -24664,7 +24664,7 @@ CVE-2020-4028 CVE-2020-4027 RESERVED CVE-2020-4026 (The CustomAppsRestResource list resource in Atlassian Navigator Links ...) - TODO: check + NOT-FOR-US: Atlassian CVE-2020-4025 RESERVED CVE-2020-4024 @@ -30916,6 +30916,7 @@ CVE-2020-1964 (It was noticed that Apache Heron 0.20.2-incubating, Release 0.20. NOT-FOR-US: Apache Heron CVE-2020-1963 RESERVED + NOT-FOR-US: Apache Ignite CVE-2020-1962 REJECTED CVE-2020-1961 (Vulnerability to Server-Side Template Injection on Mail templates for ...) @@ -31296,7 +31297,7 @@ CVE-2020-1872 (Huawei smart phones P10 Plus with versions earlier than 9.1.0.201 CVE-2020-1871 (USG9500 with software of V500R001C30SPC100; V500R001C30SPC200; V500R00 ...) NOT-FOR-US: Huawei CVE-2020-1870 (CloudEngine 12800 products with versions of V200R019C00, V200R019C10SP ...) - TODO: check + NOT-FOR-US: Huawei CVE-2020-1869 RESERVED CVE-2020-1868 @@ -39852,7 +39853,7 @@ CVE-2019-17605 (A mass assignment vulnerability in eyecomms eyeCMS through 2019- CVE-2019-17604 (An Insecure Direct Object Reference (IDOR) vulnerability in eyecomms e ...) NOT-FOR-US: eyeCMS CVE-2019-17603 (Ene.sys in Asus Aura Sync through 1.07.71 does not properly validate i ...) - TODO: check + NOT-FOR-US: Asus CVE-2019-17602 (An issue was discovered in Zoho ManageEngine OpManager before 12.4 bui ...) NOT-FOR-US: Zoho ManageEngine OpManager CVE-2019-17601 (In MiniShare 1.4.1, there is a stack-based buffer overflow via an HTTP ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81b253188494ff65c3370f206704292d1c532db0 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81b253188494ff65c3370f206704292d1c532db0 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits