Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
52408497 by security tracker role at 2023-07-26T08:12:11+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,11 +1,127 @@
-CVE-2023-3773 [xfrm: add forgotten nla_policy for XFRMA_MTIMER_THRESH]
+CVE-2023-3947 (The Video Conferencing with Zoom plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2023-3946 (A reflected cross-site scripting (XSS) vulnerability in ePO
prior to 5 ...)
+ TODO: check
+CVE-2023-3945 (A vulnerability was found in phpscriptpoint Lawyer 1.6. It has
been cl ...)
+ TODO: check
+CVE-2023-3944 (A vulnerability was found in phpscriptpoint Lawyer 1.6 and
classified ...)
+ TODO: check
+CVE-2023-3897 (Username enumeration is possible through Bypassing CAPTCHA in
On-premi ...)
+ TODO: check
+CVE-2023-3890 (A vulnerability classified as problematic has been found in
Campcodes ...)
+ TODO: check
+CVE-2023-3548 (An unauthorized user could gain account access to IQ Wifi 6
versions p ...)
+ TODO: check
+CVE-2023-3486 (An authentication bypass exists in PaperCut NG versions 22.0.12
and pr ...)
+ TODO: check
+CVE-2023-39175 (In JetBrains TeamCity before 2023.05.2 reflected XSS via
GitHub integr ...)
+ TODO: check
+CVE-2023-39174 (In JetBrains TeamCity before 2023.05.2 a ReDoS attack was
possible via ...)
+ TODO: check
+CVE-2023-39173 (In JetBrains TeamCity before 2023.05.2 a token with limited
permission ...)
+ TODO: check
+CVE-2023-39130 (GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a
heap bu ...)
+ TODO: check
+CVE-2023-39129 (GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a
heap us ...)
+ TODO: check
+CVE-2023-39128 (GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a
stack o ...)
+ TODO: check
+CVE-2023-38555 (Authentication bypass vulnerability in Fujitsu network devices
Si-R se ...)
+ TODO: check
+CVE-2023-38503 (Directus is a real-time API and App dashboard for managing SQL
databas ...)
+ TODO: check
+CVE-2023-38502 (TDengine is an open source, time-series database optimized for
Interne ...)
+ TODO: check
+CVE-2023-38501 (copyparty is file server software. Prior to version 1.8.7, the
applica ...)
+ TODO: check
+CVE-2023-38500 (TYPO3 HTML Sanitizer is an HTML sanitizer, written in PHP,
aiming to p ...)
+ TODO: check
+CVE-2023-38499 (TYPO3 is an open source PHP based web content management
system. Start ...)
+ TODO: check
+CVE-2023-38496 (Apptainer is an open source container platform. Version
1.2.0-rc.2 int ...)
+ TODO: check
+CVE-2023-38493 (Armeria is a microservice framework Spring supports Matrix
variables. ...)
+ TODO: check
+CVE-2023-38435 (An improper neutralization of input during web page generation
('Cross ...)
+ TODO: check
+CVE-2023-38433 (Fujitsu Real-time Video Transmission Gear "IP series" use
hard-coded c ...)
+ TODO: check
+CVE-2023-37920 (Certifi is a curated collection of Root Certificates for
validating th ...)
+ TODO: check
+CVE-2023-37919 (Cal.com is open-source scheduling software. A vulnerability
allows act ...)
+ TODO: check
+CVE-2023-37907 (Cryptomator is data encryption software for users who store
their file ...)
+ TODO: check
+CVE-2023-37902 (Vyper is a Pythonic programming language that targets the
Ethereum Vir ...)
+ TODO: check
+CVE-2023-37677 (Pligg CMS v2.0.2 (also known as Kliqqi) was discovered to
contain a re ...)
+ TODO: check
+CVE-2023-37460 (Plexis Archiver is a collection of Plexus components to create
archive ...)
+ TODO: check
+CVE-2023-37258 (DataEase is an open source data visualization analysis tool.
Prior to ...)
+ TODO: check
+CVE-2023-37257 (DataEase is an open source data visualization analysis tool.
Prior to ...)
+ TODO: check
+CVE-2023-36826 (Sentry is an error tracking and performance monitoring
platform. Start ...)
+ TODO: check
+CVE-2023-36806 (Contao is an open source content management system. Starting
in versio ...)
+ TODO: check
+CVE-2023-36503 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability
in Max F ...)
+ TODO: check
+CVE-2023-36502 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2023-36501 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Michael ...)
+ TODO: check
+CVE-2023-36385 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
wpxpo Po ...)
+ TODO: check
+CVE-2023-35982 (There are buffer overflow vulnerabilities in multiple
underlying servi ...)
+ TODO: check
+CVE-2023-35981 (There are buffer overflow vulnerabilities in multiple
underlying servi ...)
+ TODO: check
+CVE-2023-35980 (There are buffer overflow vulnerabilities in multiple
underlying servi ...)
+ TODO: check
+CVE-2023-35944 (Envoy is an open source edge and service proxy designed for
cloud-nati ...)
+ TODO: check
+CVE-2023-35943 (Envoy is an open source edge and service proxy designed for
cloud-nati ...)
+ TODO: check
+CVE-2023-35942 (Envoy is an open source edge and service proxy designed for
cloud-nati ...)
+ TODO: check
+CVE-2023-35941 (Envoy is an open source edge and service proxy designed for
cloud-nati ...)
+ TODO: check
+CVE-2023-35929 (Tuleap is a free and open source suite to improve management
of softwa ...)
+ TODO: check
+CVE-2023-35043 (Unauth. Stored Cross-Site Scripting (XSS) vulnerability in
Neha Goel R ...)
+ TODO: check
+CVE-2023-34798 (An arbitrary file upload vulnerability in eoffice before v9.5
allows a ...)
+ TODO: check
+CVE-2023-34369 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Gran ...)
+ TODO: check
+CVE-2023-34235 (Strapi is an open-source headless content management system.
Prior to ...)
+ TODO: check
+CVE-2023-34093 (Strapi is an open-source headless content management system.
Prior to ...)
+ TODO: check
+CVE-2023-34017 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
FiveStar ...)
+ TODO: check
+CVE-2023-33925 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
PluginFo ...)
+ TODO: check
+CVE-2023-32629 (Local privilege escalation vulnerability in Ubuntu Kernels
overlayfs o ...)
+ TODO: check
+CVE-2023-32468 (Dell ECS Streamer, versions prior to 2.0.7.1, contain an
insertion of ...)
+ TODO: check
+CVE-2023-2850 (NodeBB is affected by a Cross-Site WebSocket Hijacking
vulnerability d ...)
+ TODO: check
+CVE-2023-2640 (On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU:
SAUCE: overl ...)
+ TODO: check
+CVE-2023-2626 (There exists an authentication bypass vulnerability in
OpenThread bord ...)
+ TODO: check
+CVE-2023-3773 (A flaw was found in the Linux kernel\u2019s IP framework for
transform ...)
- linux <unfixed>
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://lore.kernel.org/all/20230723074110.3705047-1-li...@zju.edu.cn/T/#u
-CVE-2023-3772 [xfrm: add NULL check in xfrm_update_ae_params]
+CVE-2023-3772 (A flaw was found in the Linux kernel\u2019s IP framework for
transform ...)
- linux <unfixed>
NOTE:
https://lore.kernel.org/netdev/20230721145103.2714073-1-li...@zju.edu.cn/
-CVE-2023-37895
+CVE-2023-37895 (Java object deserialization issue in Jackrabbit
webapp/standalone on a ...)
- jackrabbit <unfixed>
NOTE: https://www.openwall.com/lists/oss-security/2023/07/25/8
CVE-2023-3888 (A vulnerability was found in Campcodes Beauty Salon Management
System ...)
@@ -227,7 +343,7 @@ CVE-2023-3819 (Exposure of Sensitive Information to an
Unauthorized Actor in Git
NOT-FOR-US: pimcore
CVE-2023-3102 (A sensitive information leak issue has been discovered in
GitLab EE af ...)
- gitlab <not-affected> (Specific to EE)
-CVE-2023-38647
+CVE-2023-38647 (An attacker can use SnakeYAML to deserialize
java.net.URLClassLoader a ...)
NOT-FOR-US: Apache Helix
CVE-2023-38646 (Metabase open source before 0.46.6.1 and Metabase Enterprise
before 1. ...)
NOT-FOR-US: Metabase
@@ -799,7 +915,7 @@ CVE-2023-38405 (On Crestron 3-Series Control Systems before
1.8001.0187, craftin
CVE-2023-38404 (The XPRTLD web application in Veritas InfoScale Operations
Manager (VI ...)
NOT-FOR-US: Veritas InfoScale
CVE-2023-38403 (iperf3 before 3.14 allows peers to cause an integer overflow
and heap ...)
- {DSA-5455-1}
+ {DSA-5455-1 DLA-3506-1}
- iperf3 3.14-1 (bug #1040830)
NOTE: https://downloads.es.net/pub/iperf/esnet-secadv-2023-0001.txt.asc
NOTE:
https://github.com/esnet/iperf/commit/0ef151550d96cc4460f98832df84b4a1e87c65e9
(3.14)
@@ -2702,6 +2818,7 @@ CVE-2023-35939 (GLPI is a free asset and IT management
software package. Startin
NOTE:
https://github.com/glpi-project/glpi/security/advisories/GHSA-cjcx-pwcx-v34c
NOTE: Only supported behind an authenticated HTTP zone
CVE-2023-35936 (Pandoc is a Haskell library for converting from one markup
format to a ...)
+ {DLA-3507-1}
- pandoc 2.17.1.1-2 (bug #1041976)
[bookworm] - pandoc <no-dsa> (Minor issue)
[bullseye] - pandoc <no-dsa> (Minor issue)
@@ -3309,7 +3426,7 @@ CVE-2023-33277 (The web interface of Gira Giersiepen Gira
KNX/IP-Router 3.1.3683
CVE-2023-33190 (Sealos is an open source cloud operating system distribution
based on ...)
NOT-FOR-US: Sealos
CVE-2023-37329 [Heap overwrite in PGS subtitle overlay decoder]
- {DSA-5444-1}
+ {DSA-5444-1 DLA-3503-1}
- gst-plugins-bad1.0 1.22.4-1
- gst-plugins-bad0.10 <removed>
NOTE: https://gstreamer.freedesktop.org/security/sa-2023-0003.html
@@ -3317,7 +3434,7 @@ CVE-2023-37329 [Heap overwrite in PGS subtitle overlay
decoder]
NOTE:
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/5f3cf0a7d7ae7ab883d0611e85c06354f1e94907
NOTE:
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/60226124ec367c2549e4bf1e6174dfb8eca5a63d
CVE-2023-37327 [Integer overflow leading to heap overwrite in FLAC image tag
handling]
- {DSA-5445-1}
+ {DSA-5445-1 DLA-3505-1}
- gst-plugins-good1.0 1.22.4-1
- gst-plugins-good0.10 <removed>
NOTE: https://gstreamer.freedesktop.org/security/sa-2023-0001.html
@@ -3325,7 +3442,7 @@ CVE-2023-37327 [Integer overflow leading to heap
overwrite in FLAC image tag han
NOTE:
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/bdc8021c73c16c49d594579c606a4f4771a2670e
NOTE:
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/7bcd791fabe03b9ab1c72f494fc86cd0c06c3556
CVE-2023-37328 [Heap overwrite in subtitle parsing]
- {DSA-5443-1}
+ {DSA-5443-1 DLA-3504-1}
- gst-plugins-base1.0 1.22.4-1
- gst-plugins-base0.10 <removed>
NOTE: https://gstreamer.freedesktop.org/security/sa-2023-0002.html
@@ -18229,8 +18346,8 @@ CVE-2023-1403 (The Weaver Xtreme Theme for WordPress is
vulnerable to stored Cro
NOT-FOR-US: WordPress plugin
CVE-2023-1402 (The course participation report required additional checks to
prevent ...)
- moodle <removed>
-CVE-2023-1401
- RESERVED
+CVE-2023-1401 (An issue has been discovered in GitLab DAST scanner affecting
all vers ...)
+ TODO: check
CVE-2023-1400 (The Modern Events Calendar Lite WordPress plugin through 5.16.2
does n ...)
NOT-FOR-US: WordPress plugin
CVE-2023-1399 (N6854A Geolocation Server versions 2.4.2 are vulnerable to
untrusted d ...)
@@ -31494,8 +31611,8 @@ CVE-2023-23835 (A vulnerability has been identified in
Mendix Applications using
NOT-FOR-US: Siemens
CVE-2023-23834
RESERVED
-CVE-2023-23833
- RESERVED
+CVE-2023-23833 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability
in Steve ...)
+ TODO: check
CVE-2023-23832 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability
in TC Ul ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23831 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
@@ -38817,8 +38934,8 @@ CVE-2022-4610 (A vulnerability, which was classified as
problematic, has been fo
NOT-FOR-US: Click Studios Passwordstate and Passwordstate Browser
Extension Chrome
CVE-2022-4609 (Cross-site Scripting (XSS) - Stored in GitHub repository
usememos/memo ...)
NOT-FOR-US: usememos
-CVE-2022-4608
- RESERVED
+CVE-2022-4608 (A vulnerability exists in HCI IEC 60870-5-104 function included
in cer ...)
+ TODO: check
CVE-2021-4262 (A vulnerability classified as critical was found in
laravel-jqgrid. Af ...)
NOT-FOR-US: laravel-jqgrid.
CVE-2021-4261 (A vulnerability classified as critical has been found in
pacman-canvas ...)
@@ -39290,6 +39407,7 @@ CVE-2023-22051 (Vulnerability in the Oracle GraalVM
Enterprise Edition, Oracle G
CVE-2023-22050 (Vulnerability in the JD Edwards EnterpriseOne Orchestrator
product of ...)
NOT-FOR-US: Oracle
CVE-2023-22049 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
+ {DSA-5458-1}
- openjdk-8 8u382-ga-1
- openjdk-11 11.0.20+8-1
- openjdk-17 17.0.8+7-1
@@ -39300,10 +39418,12 @@ CVE-2023-22047 (Vulnerability in the PeopleSoft
Enterprise PeopleTools product o
CVE-2023-22046 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
- mysql-8.0 8.0.34-1 (bug #1041819)
CVE-2023-22045 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
+ {DSA-5458-1}
- openjdk-8 8u382-ga-1
- openjdk-11 11.0.20+8-1
- openjdk-17 17.0.8+7-1
CVE-2023-22044 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
+ {DSA-5458-1}
- openjdk-8 8u382-ga-1
- openjdk-17 17.0.8+7-1
CVE-2023-22043 (Vulnerability in Oracle Java SE (component: JavaFX). The
supported v ...)
@@ -39312,6 +39432,7 @@ CVE-2023-22043 (Vulnerability in Oracle Java SE
(component: JavaFX). The suppo
CVE-2023-22042 (Vulnerability in the Oracle Applications Framework product of
Oracle E ...)
NOT-FOR-US: Oracle
CVE-2023-22041 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
+ {DSA-5458-1}
- openjdk-8 8u382-ga-1
- openjdk-11 11.0.20+8-1
- openjdk-17 17.0.8+7-1
@@ -39324,6 +39445,7 @@ CVE-2023-22038 (Vulnerability in the MySQL Server
product of Oracle MySQL (compo
CVE-2023-22037 (Vulnerability in the Oracle Web Applications Desktop
Integrator produc ...)
NOT-FOR-US: Oracle
CVE-2023-22036 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
+ {DSA-5458-1}
- openjdk-11 11.0.20+8-1
- openjdk-17 17.0.8+7-1
CVE-2023-22035 (Vulnerability in the Oracle Scripting product of Oracle
E-Business Sui ...)
@@ -39385,6 +39507,7 @@ CVE-2023-22008 (Vulnerability in the MySQL Server
product of Oracle MySQL (compo
CVE-2023-22007 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
- mysql-8.0 8.0.34-1 (bug #1041819)
CVE-2023-22006 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
+ {DSA-5458-1}
- openjdk-11 11.0.20+8-1
- openjdk-17 17.0.8+7-1
CVE-2023-22005 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
@@ -41952,16 +42075,16 @@ CVE-2022-46904 (Insufficient processing of user input
in WebSoft HCM 2021.2.3.32
NOT-FOR-US: WebSoft HCM
CVE-2022-46903 (Insufficient processing of user input in WebSoft HCM
2021.2.3.327 allo ...)
NOT-FOR-US: WebSoft HCM
-CVE-2022-46902
- RESERVED
-CVE-2022-46901
- RESERVED
-CVE-2022-46900
- RESERVED
-CVE-2022-46899
- RESERVED
-CVE-2022-46898
- RESERVED
+CVE-2022-46902 (An issue was discovered in Vocera Report Server and Voice
Server 5.x t ...)
+ TODO: check
+CVE-2022-46901 (An issue was discovered in Vocera Report Server and Voice
Server 5.x t ...)
+ TODO: check
+CVE-2022-46900 (An issue was discovered in Vocera Report Server and Voice
Server 5.x t ...)
+ TODO: check
+CVE-2022-46899 (An issue was discovered in Vocera Report Server and Voice
Server 5.x t ...)
+ TODO: check
+CVE-2022-46898 (An issue was discovered in Vocera Report Server and Voice
Server 5.x t ...)
+ TODO: check
CVE-2022-46897
RESERVED
CVE-2022-46896
@@ -50024,8 +50147,8 @@ CVE-2023-20893 (The VMware vCenter Server contains a
use-after-free vulnerabilit
NOT-FOR-US: VMware
CVE-2023-20892 (The vCenter Server contains a heap overflow vulnerability due
to the u ...)
NOT-FOR-US: VMware
-CVE-2023-20891
- RESERVED
+CVE-2023-20891 (The VMware Tanzu Application Service for VMs and Isolation
Segment con ...)
+ TODO: check
CVE-2023-20890
RESERVED
CVE-2023-20889 (Aria Operations for Networks contains an information
disclosure vulner ...)
@@ -52154,6 +52277,7 @@ CVE-2023-20595
CVE-2023-20594
RESERVED
CVE-2023-20593 (An issue in \u201cZen 2\u201d CPUs, under specific
microarchitectural ...)
+ {DSA-5459-1}
- linux <unfixed>
- amd64-microcode 3.20230719.1 (bug #1041863)
NOTE: https://www.openwall.com/lists/oss-security/2023/07/24/1
@@ -60917,7 +61041,7 @@ CVE-2022-3278 (NULL Pointer Dereference in GitHub
repository vim/vim prior to 9.
NOTE: https://huntr.dev/bounties/a9fad77e-f245-4ce9-ba15-c7d4c86c4612/
NOTE:
https://github.com/vim/vim/commit/69082916c8b5d321545d60b9f5facad0a2dd5a4e
(v9.0.0552)
NOTE: Crash in CLI toool, no security impact
-CVE-2023-3637 [unrestricted creation of security groups (fix for
CVE-2022-3277)]
+CVE-2023-3637 (An uncontrolled resource consumption flaw was found in
openstack-neutr ...)
- neutron <not-affected> (Fix for CVE-2022-3277 not applied)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2222270
CVE-2022-3277 (An uncontrolled resource consumption flaw was found in
openstack-neutr ...)
@@ -62494,7 +62618,7 @@ CVE-2022-36424 (Cross-Site Request Forgery (CSRF)
vulnerability in Nikola Loncar
NOT-FOR-US: WordPress plugin
CVE-2022-36417 (Multiple Stored Cross-Site Scripting (XSS) via Cross-Site
Request Forg ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-36404 (Auth. (subscriber+) Broken Access Control vulnerability in
David Cole ...)
+CVE-2022-36404 (Missing Authorization, Cross-Site Request Forgery (CSRF)
vulnerability ...)
NOT-FOR-US: WordPress plugin
CVE-2022-35238 (Unauthenticated Plugin Settings Change vulnerability in
Awesome Filter ...)
NOT-FOR-US: WordPress plugin
@@ -74162,8 +74286,8 @@ CVE-2022-2503 (Dm-verity is used for extending
root-of-trust to root filesystems
[buster] - linux 4.19.249-1
NOTE:
https://git.kernel.org/linus/4caae58406f8ceb741603eee460d79bacca9b1b5 (5.19-rc1)
NOTE:
https://github.com/google/security-research/security/advisories/GHSA-6vq3-w69p-w63m
-CVE-2022-2502
- RESERVED
+CVE-2022-2502 (A vulnerability exists in the HCI IEC 60870-5-104 function
included in ...)
+ TODO: check
CVE-2022-36359 (An issue was discovered in the HTTP FileResponse class in
Django 3.2 b ...)
{DSA-5254-1}
- python-django 3:3.2.15-1
@@ -87886,10 +88010,10 @@ CVE-2022-31460 (Owl Labs Meeting Owl 5.2.0.15 allows
attackers to activate Tethe
NOT-FOR-US: Owl Labs Meeting Owl
CVE-2022-31459 (Owl Labs Meeting Owl 5.2.0.15 allows attackers to retrieve the
passcod ...)
NOT-FOR-US: Owl Labs Meeting Owl
-CVE-2022-31458
- RESERVED
-CVE-2022-31457
- RESERVED
+CVE-2022-31458 (RTX TRAP v1.0 was discovered to be vulnerable to host header
poisoning ...)
+ TODO: check
+CVE-2022-31457 (RTX TRAP v1.0 allows attackers to perform a directory
traversal via a ...)
+ TODO: check
CVE-2022-31456
RESERVED
CVE-2022-31455
@@ -104278,6 +104402,7 @@ CVE-2022-24441 (The package snyk before 1.1064.0 are
vulnerable to Code Injectio
CVE-2022-24440 (The package cocoapods-downloader before 1.6.0, from 1.6.2 and
before 1 ...)
NOT-FOR-US: cocoapods-downloader
CVE-2022-24439 (All versions of package gitpython are vulnerable to Remote
Code Execut ...)
+ {DLA-3502-1}
- python-git 3.1.30-1 (bug #1027163)
[bullseye] - python-git <no-dsa> (Minor issue)
NOTE: https://security.snyk.io/vuln/SNYK-PYTHON-GITPYTHON-3113858
@@ -186296,8 +186421,8 @@ CVE-2020-35700 (A second-order SQL injection issue in
Widgets/TopDevicesControll
NOT-FOR-US: LibreNMS
CVE-2020-35699
RESERVED
-CVE-2020-35698
- RESERVED
+CVE-2020-35698 (Thinkific Thinkific Online Course Creation Platform 1.0 is
affected by ...)
+ TODO: check
CVE-2020-35697
RESERVED
CVE-2020-35696
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5240849799b544b9ad9fcc32abb1a50176c1ffeb
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5240849799b544b9ad9fcc32abb1a50176c1ffeb
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
