diff options
| author | security tracker role <sectracker@soriano.debian.org> | 2021-03-01 20:10:31 +0000 |
|---|---|---|
| committer | security tracker role <sectracker@soriano.debian.org> | 2021-03-01 20:10:31 +0000 |
| commit | c1f5fdb27e541c9c96215f5510c62db867e39dbf (patch) | |
| tree | 82d8412902f09db7b8cfd3805117e208bb0a59a7 /data/CVE/2020.list | |
| parent | 98899242963023dffa029825c07fc3dc8eb460ef (diff) | |
automatic update
Diffstat (limited to 'data/CVE/2020.list')
| -rw-r--r-- | data/CVE/2020.list | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list index f1cf4fba94..b9401995f9 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -39,8 +39,8 @@ CVE-2020-36241 (autoar-extractor.c in GNOME gnome-autoar through 0.2.4, as used [stretch] - gnome-autoar <no-dsa> (Minor issue) NOTE: https://gitlab.gnome.org/GNOME/gnome-autoar/-/commit/adb067e645732fdbe7103516e506d09eb6a54429 NOTE: https://gitlab.gnome.org/GNOME/gnome-autoar/-/issues/7 -CVE-2020-36240 - RESERVED +CVE-2020-36240 (The ResourceDownloadRewriteRule class in Crowd before version 4.0.4, a ...) + TODO: check CVE-2020-36239 RESERVED CVE-2020-36238 @@ -38283,7 +38283,7 @@ CVE-2020-13754 (hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=dba04c3488c4699f5afe96f66e448b1d447cf3fb (regression fix) NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=8e67fda2dd6202ccec093fda561107ba14830a17 (regression fix) NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=70b78d4e71494c90d2ccb40381336bc9b9a22f79 (regression fix) -CVE-2020-13702 (** DISPUTED ** The Rolling Proximity Identifier used in the Apple/Goog ...) +CVE-2020-13702 (The Rolling Proximity Identifier used in the Apple/Google Exposure Not ...) NOT-FOR-US: Apple/Google Exposure Notification API CVE-2020-13701 RESERVED @@ -48927,8 +48927,7 @@ CVE-2020-9481 (Apache ATS 6.0.0 to 6.2.3, 7.0.0 to 7.1.9, and 8.0.0 to 8.0.6 is NOTE: https://github.com/apache/trafficserver/commit/50441b39e6631389ef95c4133f06bbf94544879c CVE-2020-9480 (In Apache Spark 2.4.5 and earlier, a standalone resource manager's mas ...) - apache-spark <itp> (bug #802194) -CVE-2020-9479 - RESERVED +CVE-2020-9479 (When loading a UDF, a specially crafted zip file could allow files to ...) NOT-FOR-US: Apache AsterixDB CVE-2020-9478 (An issue was discovered in Rubrik 5.0.3-2296. An OS command injection ...) NOT-FOR-US: Rubrik @@ -52608,8 +52607,8 @@ CVE-2020-7931 (In JFrog Artifactory 5.x and 6.x, insecure FreeMarker template pr NOT-FOR-US: JFrog Artifactory CVE-2020-7930 RESERVED -CVE-2020-7929 - RESERVED +CVE-2020-7929 (A user authorized to perform database queries may trigger denial of se ...) + TODO: check CVE-2020-7928 (A user authorized to perform database queries may trigger a read overr ...) - mongodb <removed> [stretch] - mongodb <not-affected> (Vulnerable code introduced later) |