[Git][security-tracker-team/security-tracker][master] new symfony issues
Moritz Muehlenhoff
jmm at debian.org
Fri Dec 7 07:51:40 GMT 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5e6f05dd by Moritz Muehlenhoff at 2018-12-07T07:51:16Z
new symfony issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -359,10 +359,14 @@ CVE-2018-19792 (The server in LiteSpeed OpenLiteSpeed before 1.5.0 RC6 allows lo
NOT-FOR-US: OpenLiteSpeed
CVE-2018-19791 (The server in LiteSpeed OpenLiteSpeed before 1.5.0 RC6 does not ...)
NOT-FOR-US: OpenLiteSpeed
-CVE-2018-19790
+CVE-2018-19790 [symfony: Open Redirect Vulnerability when using Security\Http]
RESERVED
-CVE-2018-19789
+ - symfony 3.4.20+dfsg-1
+ NOTE: https://symfony.com/blog/cve-2018-19790-open-redirect-vulnerability-when-using-security-http
+CVE-2018-19789 [symfony: Disclosure of uploaded files full path]
RESERVED
+ - symfony 3.4.20+dfsg-1
+ NOTE: https://symfony.com/blog/cve-2018-19789-disclosure-of-uploaded-files-full-path
CVE-2018-19788 (A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user ...)
- policykit-1 <unfixed> (bug #915332)
NOTE: https://gitlab.freedesktop.org/polkit/polkit/issues/74
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5e6f05dd43d6d780ce47b7a8b66624f057bfd2d9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5e6f05dd43d6d780ce47b7a8b66624f057bfd2d9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181207/22ee043a/attachment.html>
More information about the debian-security-tracker-commits
mailing list