[Secure-testing-commits] r38734 - data/CVE
David Prévot
taffit at moszumanska.debian.org
Wed Jan 6 17:43:07 UTC 2016
Author: taffit
Date: 2016-01-06 17:43:07 +0000 (Wed, 06 Jan 2016)
New Revision: 38734
Modified:
data/CVE/list
Log:
Add CVE-2016-1{498,499,500,501}/owncloud
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-06 16:25:43 UTC (rev 38733)
+++ data/CVE/list 2016-01-06 17:43:07 UTC (rev 38734)
@@ -1,3 +1,18 @@
+CVE-2016-1501 [Full installation path disclosure through error message]
+ - owncloud 7.0.12~dfsg-2
+ NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2016-004
+CVE-2016-1500 [Disclosure of files that begin with ".v" due to unchecked return value]
+ - owncloud 7.0.12~dfsg-1
+ [experimental] - owncloud 8.2.2~dfsg-1
+ NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2016-003
+CVE-2016-1499 [Information Exposure Through Directory Listing in the file scanner]
+ - owncloud 7.0.12~dfsg-2
+ [experimental] - owncloud 8.2.2~dfsg-1
+ NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2016-002
+CVE-2016-1498 [Reflected XSS in OCS provider discovery]
+ - owncloud 7.0.12~dfsg-1
+ [experimental] - owncloud 8.2.2~dfsg-1
+ NOTE: https://owncloud.org/security/advisory/?id=oc-sa-2016-001
CVE-2016-1493
RESERVED
CVE-2016-1492
More information about the Secure-testing-commits
mailing list