diff options
| author | Sébastien Delafond <sdelafond@gmail.com> | 2020-11-02 12:48:45 +0100 |
|---|---|---|
| committer | Sébastien Delafond <sdelafond@gmail.com> | 2020-11-02 12:48:45 +0100 |
| commit | 48a5ada179078122b66c8fbee232b6b71cffd910 (patch) | |
| tree | 54c7bb7470c0cdf80287208d976ca6cd6dc4938f /data/CVE/2017.list | |
| parent | 02d66a3f40a74ccdea1afbe09a67508b4899ca94 (diff) | |
Triage odoo issues
Diffstat (limited to 'data/CVE/2017.list')
| -rw-r--r-- | data/CVE/2017.list | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/data/CVE/2017.list b/data/CVE/2017.list index a31283fadf..38b6f5093b 100644 --- a/data/CVE/2017.list +++ b/data/CVE/2017.list @@ -23361,11 +23361,14 @@ CVE-2017-10807 (JabberD 2.x (aka jabberd2) before 2.6.1 allows anyone to authent NOTE: Fixed by: https://github.com/jabberd2/jabberd2/commit/8416ae54ecefa670534f27a31db71d048b9c7f16 NOTE: https://github.com/jabberd2/jabberd2/releases/tag/jabberd-2.6.1 CVE-2017-10805 (In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise ...) - - odoo <undetermined> + - odoo <not-affected> (Fixed before initial upload to Debian) + NOTE: https://github.com/odoo/odoo/issues/17921 CVE-2017-10804 (In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise ...) - - odoo <undetermined> + - odoo <not-affected> (Fixed before initial upload to Debian) + NOTE: https://github.com/odoo/odoo/issues/17914 CVE-2017-10803 (In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise ...) - - odoo <undetermined> + - odoo <not-affected> (Fixed before initial upload to Debian) + NOTE: https://github.com/odoo/odoo/issues/17898 CVE-2017-10802 RESERVED CVE-2017-10801 (phpSocial (formerly phpDolphin) before 3.0.1 has XSS in the PATH_INFO ...) @@ -27248,7 +27251,8 @@ CVE-2017-9417 (Broadcom BCM43xx Wi-Fi chips allow remote attackers to execute ar NOTE: https://www.blackhat.com/us-17/briefings/schedule/#broadpwn-remotely-compromising-android-and-ios-via-a-bug-in-broadcoms-wi-fi-chipsets-7603 NOTE: https://marc.info/?l=linux-wireless&m=150391055518346&w=2 CVE-2017-9416 (Directory traversal vulnerability in tools.file_open in Odoo 8.0, 9.0, ...) - - odoo <undetermined> + - odoo <not-affected> (Fixed before initial upload to Debian) + NOTE: https://github.com/odoo/odoo/issues/17394 CVE-2017-9415 (Cross-site request forgery (CSRF) vulnerability in subsonic 6.1.1 allo ...) NOT-FOR-US: Subsonic CVE-2017-9414 (Cross-site request forgery (CSRF) vulnerability in the Subscribe to Po ...) @@ -37757,7 +37761,7 @@ CVE-2017-5873 (Unquoted Windows search path vulnerability in the guest service i CVE-2017-5872 (The TCP/IP networking module in Unisys ClearPath MCP systems with TCP- ...) NOT-FOR-US: Unisys ClearPath CVE-2017-5871 (Odoo Version <= 8.0-20160726 and Version 9 is affected by: CWE-601: ...) - - odoo <undetermined> + - odoo <not-affected> (Fixed before initial upload to Debian) CVE-2017-5870 (Multiple cross-site scripting (XSS) vulnerabilities in ViMbAdmin 3.0.1 ...) NOT-FOR-US: ViMbAdmin CVE-2017-5869 (Directory traversal vulnerability in the file import feature in Nuxeo ...) |