diff options
| author | security tracker role <sectracker@soriano.debian.org> | 2021-02-27 08:10:19 +0000 |
|---|---|---|
| committer | security tracker role <sectracker@soriano.debian.org> | 2021-02-27 08:10:19 +0000 |
| commit | 4c6194f43e693ed8666c0747d60c340f343c4a78 (patch) | |
| tree | 75da64a6270a7c601a0892704fad8f498e1e8071 /data/CVE/2020.list | |
| parent | a41266969e6e023049c1df0065a39518d0d939c3 (diff) | |
automatic update
Diffstat (limited to 'data/CVE/2020.list')
| -rw-r--r-- | data/CVE/2020.list | 25 |
1 files changed, 12 insertions, 13 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 24a0e98a9c..be67e1c233 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -493,8 +493,8 @@ CVE-2020-36081 RESERVED CVE-2020-36080 RESERVED -CVE-2020-36079 - RESERVED +CVE-2020-36079 (Zenphoto through 1.5.7 is affected by authenticated arbitrary file upl ...) + TODO: check CVE-2020-36078 RESERVED CVE-2020-36077 @@ -1397,8 +1397,8 @@ CVE-2020-35664 (An issue was discovered in Acronis Cyber Protect before 15 Updat NOT-FOR-US: Acronis CVE-2020-35663 RESERVED -CVE-2020-35662 - RESERVED +CVE-2020-35662 (In SaltStack Salt before 3002.5, when authenticating to services using ...) + TODO: check CVE-2020-35661 RESERVED CVE-2020-35660 @@ -4377,8 +4377,8 @@ CVE-2020-28975 (** DISPUTED ** svm_predict_values in svm.cpp in Libsvm v324, as NOTE: disputed libsvm non issue CVE-2020-28973 RESERVED -CVE-2020-28972 - RESERVED +CVE-2020-28972 (In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsp ...) + TODO: check CVE-2020-26235 (In Rust time crate from version 0.2.7 and before version 0.2.23, unix- ...) - rust-time <not-affected> (Vulnerable methods introduced in v0.2.7) NOTE: https://github.com/time-rs/time/security/advisories/GHSA-wcg3-cvx6-7396 @@ -5461,7 +5461,7 @@ CVE-2020-28495 (This affects the package total.js before 3.4.7. The set function NOT-FOR-US: Node total.js CVE-2020-28494 (This affects the package total.js before 3.4.7. The issue occurs in th ...) NOT-FOR-US: Node total.js -CVE-2020-28493 (This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDO ...) +CVE-2020-28493 (This affects the package jinja2 from 0.0.0 and before 2.11.3. The ReDo ...) - jinja2 <unfixed> (bug #982736) [stretch] - jinja2 <no-dsa> (Minor issue) NOTE: https://github.com/pallets/jinja/pull/1343 @@ -6030,8 +6030,8 @@ CVE-2020-28245 RESERVED CVE-2020-28244 RESERVED -CVE-2020-28243 - RESERVED +CVE-2020-28243 (An issue was discovered in SaltStack Salt before 3002.5. The minion's ...) + TODO: check CVE-2020-28242 (An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 1 ...) - asterisk 1:16.15.0~dfsg-1 (bug #974713) [buster] - asterisk <no-dsa> (Minor issue) @@ -7638,8 +7638,7 @@ CVE-2020-27619 (In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.p NOTE: https://github.com/python/cpython/commit/43e523103886af66d6c27cd72431b5d9d14cd2a9 (3.7) NOTE: https://bugs.python.org/issue41944 NOTE: Only affects the testsuite -CVE-2020-27618 [iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop] - RESERVED +CVE-2020-27618 (The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and ...) - glibc 2.31-5 (bug #973914) [buster] - glibc <no-dsa> (Minor issue) [stretch] - glibc <no-dsa> (Minor issue) @@ -8487,8 +8486,8 @@ CVE-2020-27225 RESERVED CVE-2020-27224 (In Eclipse Theia versions up to and including 1.2.0, the Markdown Prev ...) NOT-FOR-US: Eclipse Theia -CVE-2020-27223 - RESERVED +CVE-2020-27223 (In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0 ...) + TODO: check CVE-2020-27222 (In Eclipse Californium version 2.3.0 to 2.6.0, the certificate based ( ...) NOT-FOR-US: Eclipse Californium CVE-2020-27221 (In Eclipse OpenJ9 up to and including version 0.23, there is potential ...) |