diff options
author | security tracker role <sectracker@soriano.debian.org> | 2020-08-16 20:10:15 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2020-08-16 20:10:15 +0000 |
commit | 12b63c7b52670c189c8bbf24b0b9100c9101fd28 (patch) | |
tree | c3d9fbf9d6bb781421e426d0e35fe1deaf204443 /data/CVE | |
parent | 403179e1d42cbb18b207727458a6213ec501bfe7 (diff) |
automatic update
Diffstat (limited to 'data/CVE')
-rw-r--r-- | data/CVE/2016.list | 2 | ||||
-rw-r--r-- | data/CVE/2017.list | 2 | ||||
-rw-r--r-- | data/CVE/2019.list | 18 | ||||
-rw-r--r-- | data/CVE/2020.list | 3 |
4 files changed, 15 insertions, 10 deletions
diff --git a/data/CVE/2016.list b/data/CVE/2016.list index 3618739c8b..c1ae5bce59 100644 --- a/data/CVE/2016.list +++ b/data/CVE/2016.list @@ -1,3 +1,5 @@ +CVE-2016-11085 (php/qmn_options_questions_tab.php in the quiz-master-next plugin befor ...) + TODO: check CVE-2016-11084 (An issue was discovered in Mattermost Server before 2.1.0. It allows X ...) NOT-FOR-US: Mattermost CVE-2016-11083 (An issue was discovered in Mattermost Server before 2.2.0. It allows X ...) diff --git a/data/CVE/2017.list b/data/CVE/2017.list index 7ceb3463fb..cc2c55cf3c 100644 --- a/data/CVE/2017.list +++ b/data/CVE/2017.list @@ -3435,7 +3435,7 @@ CVE-2017-17744 (A cross-site scripting (XSS) vulnerability in the custom-map plu CVE-2017-17743 (Improper input sanitization within the restricted administration shell ...) NOT-FOR-US: UCOPIA Wireless Appliance CVE-2017-17742 (Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x befo ...) - {DSA-4259-1 DLA-2027-1 DLA-1421-1 DLA-1359-1 DLA-1358-1} + {DSA-4259-1 DLA-2330-1 DLA-2027-1 DLA-1421-1 DLA-1359-1 DLA-1358-1} - jruby <unfixed> - ruby2.5 2.5.1-1 - ruby2.3 <removed> diff --git a/data/CVE/2019.list b/data/CVE/2019.list index 5001554571..eb51818519 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -11643,7 +11643,7 @@ CVE-2019-16257 (Some Motorola devices include the SIMalliance Toolbox Browser (a CVE-2019-16256 (Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T ...) NOT-FOR-US: SIMalliance Toolbox Browser CVE-2019-16255 (Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allow ...) - {DSA-4587-1 DSA-4586-1 DLA-2027-1 DLA-2007-1} + {DSA-4587-1 DSA-4586-1 DLA-2330-1 DLA-2027-1 DLA-2007-1} - ruby2.5 2.5.7-1 - ruby2.3 <removed> - ruby2.1 <removed> @@ -11651,7 +11651,7 @@ CVE-2019-16255 (Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 NOTE: https://www.ruby-lang.org/en/news/2019/10/01/code-injection-shell-test-cve-2019-16255/ NOTE: ruby2.5: https://github.com/ruby/ruby/commit/3af01ae1101e0b8815ae5a106be64b0e82a58640 CVE-2019-16254 (Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allow ...) - {DSA-4587-1 DSA-4586-1 DLA-2027-1 DLA-2007-1} + {DSA-4587-1 DSA-4586-1 DLA-2330-1 DLA-2027-1 DLA-2007-1} - ruby2.5 2.5.7-1 - ruby2.3 <removed> - ruby2.1 <removed> @@ -11842,7 +11842,7 @@ CVE-2019-16203 (Brocade Fabric OS Versions before v8.2.2a and v8.2.1d could expo CVE-2019-16202 (MISP before 2.4.115 allows privilege escalation in certain situations. ...) NOT-FOR-US: MISP CVE-2019-16201 (WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5 ...) - {DSA-4587-1 DSA-4586-1 DLA-2027-1 DLA-2007-1} + {DSA-4587-1 DSA-4586-1 DLA-2330-1 DLA-2027-1 DLA-2007-1} - ruby2.5 2.5.7-1 - ruby2.3 <removed> - ruby2.1 <removed> @@ -34375,7 +34375,7 @@ CVE-2019-8327 CVE-2019-8326 RESERVED CVE-2019-8325 (An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since ...) - {DSA-4433-1 DLA-1796-1 DLA-1735-1} + {DSA-4433-1 DLA-2330-1 DLA-1796-1 DLA-1735-1} - ruby2.5 2.5.5-1 - ruby2.3 <removed> - ruby2.1 <removed> @@ -34385,7 +34385,7 @@ CVE-2019-8325 (An issue was discovered in RubyGems 2.6 and later through 3.0.2. NOTE: https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html NOTE: https://github.com/rubygems/rubygems/commit/56c0bbb69e4506bda7ef7f447dfec5db820df20b CVE-2019-8324 (An issue was discovered in RubyGems 2.6 and later through 3.0.2. A cra ...) - {DSA-4433-1 DLA-1796-1 DLA-1735-1} + {DSA-4433-1 DLA-2330-1 DLA-1796-1 DLA-1735-1} - ruby2.5 2.5.5-1 - ruby2.3 <removed> - ruby2.1 <removed> @@ -34395,7 +34395,7 @@ CVE-2019-8324 (An issue was discovered in RubyGems 2.6 and later through 3.0.2. NOTE: https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html NOTE: https://github.com/rubygems/rubygems/commit/56c0bbb69e4506bda7ef7f447dfec5db820df20b CVE-2019-8323 (An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem:: ...) - {DSA-4433-1 DLA-1796-1 DLA-1735-1} + {DSA-4433-1 DLA-2330-1 DLA-1796-1 DLA-1735-1} - ruby2.5 2.5.5-1 - ruby2.3 <removed> - ruby2.1 <removed> @@ -34405,7 +34405,7 @@ CVE-2019-8323 (An issue was discovered in RubyGems 2.6 and later through 3.0.2. NOTE: https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html NOTE: https://github.com/rubygems/rubygems/commit/56c0bbb69e4506bda7ef7f447dfec5db820df20b CVE-2019-8322 (An issue was discovered in RubyGems 2.6 and later through 3.0.2. The g ...) - {DSA-4433-1 DLA-1796-1 DLA-1735-1} + {DSA-4433-1 DLA-2330-1 DLA-1796-1 DLA-1735-1} - ruby2.5 2.5.5-1 - ruby2.3 <removed> - ruby2.1 <removed> @@ -34415,7 +34415,7 @@ CVE-2019-8322 (An issue was discovered in RubyGems 2.6 and later through 3.0.2. NOTE: https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html NOTE: https://github.com/rubygems/rubygems/commit/56c0bbb69e4506bda7ef7f447dfec5db820df20b CVE-2019-8321 (An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since ...) - {DSA-4433-1 DLA-1796-1} + {DSA-4433-1 DLA-2330-1 DLA-1796-1} - ruby2.5 2.5.5-1 - ruby2.3 <removed> - ruby2.1 <removed> @@ -34426,7 +34426,7 @@ CVE-2019-8321 (An issue was discovered in RubyGems 2.6 and later through 3.0.2. NOTE: https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html NOTE: https://github.com/rubygems/rubygems/commit/56c0bbb69e4506bda7ef7f447dfec5db820df20b CVE-2019-8320 (A Directory Traversal issue was discovered in RubyGems 2.7.6 and later ...) - {DSA-4433-1 DLA-1735-1} + {DSA-4433-1 DLA-2330-1 DLA-1735-1} - ruby2.5 2.5.5-1 - ruby2.3 <removed> - ruby2.1 <removed> diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 795384d1de..892167d7bd 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -1,3 +1,5 @@ +CVE-2020-24363 + RESERVED CVE-2020-24362 RESERVED CVE-2020-24361 (SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, P ...) @@ -16951,6 +16953,7 @@ CVE-2020-15954 (KDE KMail 19.12.3 (aka 5.13.3) engages in unencrypted POP3 commu NOTE: kdepim-runtime: https://invent.kde.org/pim/kdepim-runtime/commit/bd64ab29116aa7318fdee7f95878ff97580162f2 NOTE: kmail-account-wizard: https://invent.kde.org/pim/kmail-account-wizard/commit/a64d80e523edce7d3d59c26834973418fae042f6 CVE-2020-15953 (LibEtPan through 1.9.4, as used in MailCore 2 through 0.6.3 and other ...) + {DLA-2329-1} - libetpan <unfixed> (bug #966647) NOTE: https://github.com/dinhvh/libetpan/issues/386 NOTE: https://github.com/dinhvh/libetpan/pull/387 |