diff options
| author | security tracker role <sectracker@soriano.debian.org> | 2021-02-23 08:10:18 +0000 |
|---|---|---|
| committer | security tracker role <sectracker@soriano.debian.org> | 2021-02-23 08:10:18 +0000 |
| commit | b95d6118a25ed885f988a426d49916daea9f1804 (patch) | |
| tree | 127a2765b1e2d8df6cde32ec1b4cdd20762e94fc /data/CVE/2020.list | |
| parent | 08e923952b7d42f653c0f5f7da0a7b43b5eb7300 (diff) | |
automatic update
Diffstat (limited to 'data/CVE/2020.list')
| -rw-r--r-- | data/CVE/2020.list | 21 |
1 files changed, 9 insertions, 12 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list index e5ec45e865..d2c45d4d78 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -50,8 +50,8 @@ CVE-2020-36234 (Affected versions of Atlassian Jira Server and Data Center allow NOT-FOR-US: Atlassian CVE-2020-36233 (The Microsoft Windows Installer for Atlassian Bitbucket Server and Dat ...) NOT-FOR-US: Atlassian -CVE-2020-36232 - RESERVED +CVE-2020-36232 (The MessageBundleWhiteList class of atlassian-gadgets before version 4 ...) + TODO: check CVE-2020-36231 (Affected versions of Atlassian Jira Server and Data Center allow remot ...) NOT-FOR-US: Atlassian CVE-2020-36230 (A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertio ...) @@ -957,8 +957,8 @@ CVE-2020-35854 (Textpattern 4.8.4 is affected by cross-site scripting (XSS) in t NOT-FOR-US: Textpattern CMS CVE-2020-35853 (4images Image Gallery Management System 1.7.11 is affected by cross-si ...) NOT-FOR-US: 4images Image Gallery Management System -CVE-2020-35852 - RESERVED +CVE-2020-35852 (Chatbox is affected by cross-site scripting (XSS). An attacker has to ...) + TODO: check CVE-2020-35851 (HGiga MailSherlock does not validate specific parameters properly. Att ...) NOT-FOR-US: HGiga MailSherlock CVE-2020-35850 (** DISPUTED ** An SSRF issue was discovered in cockpit-project.org Coc ...) @@ -4150,8 +4150,8 @@ CVE-2020-29077 RESERVED CVE-2020-29076 RESERVED -CVE-2020-29075 - RESERVED +CVE-2020-29075 (Acrobat Reader DC versions 2020.013.20066 (and earlier), 2020.001.3001 ...) + TODO: check CVE-2020-29074 (scan.c in x11vnc 0.9.16 uses IPC_CREAT|0777 in shmget calls, which all ...) {DSA-4799-1 DLA-2490-1} - x11vnc 0.9.16-5 (bug #975875) @@ -7007,8 +7007,7 @@ CVE-2020-27821 (A flaw was found in the memory management API of QEMU during the CVE-2020-27820 [use-after-free in nouveau kernel module] RESERVED - linux <unfixed> -CVE-2020-27819 [NULL pointer dereference via crafted xls file] - RESERVED +CVE-2020-27819 (An issue was discovered in libxls before and including 1.6.1 when read ...) - r-cran-readxl <not-affected> (Embeds libxls, but not affected) NOTE: https://github.com/libxls/libxls/issues/84 CVE-2020-27818 (A flaw was found in the check_chunk_name() function of pngcheck-2.4.0. ...) @@ -7194,8 +7193,7 @@ CVE-2020-27769 NOTE: https://github.com/ImageMagick/ImageMagick/issues/1740 NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/7b058696133c6d36e0b48a454e357482db71982e NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/7661113a654c9c822c23a8fb8aa1b021fc7fbe9d -CVE-2020-27768 - RESERVED +CVE-2020-27768 (In ImageMagick, there is an outside the range of representable values ...) - imagemagick 8:6.9.11.24+dfsg-1 [buster] - imagemagick <ignored> (Minor issue) [stretch] - imagemagick <ignored> (Minor issue, UBSAN outside range warning) @@ -12002,8 +12000,7 @@ CVE-2020-25693 (A flaw was found in CImg in versions prior to 2.9.3. Integer ove NOTE: Fixed by: https://github.com/dtschump/CImg/commit/4f184f89f9ab6785a6c90fd238dbaa6d901d3505 CVE-2020-25691 RESERVED -CVE-2020-25690 - RESERVED +CVE-2020-25690 (An out-of-bounds write flaw was found in FontForge in versions before ...) - fontforge <not-affected> (Insufficient patch for CVE-2020-5395 not applied) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1893188 CVE-2020-25689 (A memory leak flaw was found in WildFly in all versions up to 21.0.0.F ...) |