[Git][security-tracker-team/security-tracker][master] Add upstream issue and fix commit URLs for piwigo CVE-2018-7722 and CVE-2018-7724
Henri Salo
gitlab at salsa.debian.org
Fri Jul 6 22:08:26 BST 2018
Henri Salo pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4987d3f9 by Henri Salo at 2018-07-07T00:08:14+03:00
Add upstream issue and fix commit URLs for piwigo CVE-2018-7722 and CVE-2018-7724
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -14301,10 +14301,14 @@ CVE-2018-7725 (An issue was discovered in ZZIPlib 0.13.68. An invalid memory add
NOTE: https://github.com/gdraheim/zziplib/commit/1ba660b3300d67b8ce9f6b96bbae0b36fa2d6b06
CVE-2018-7724 (The management panel in Piwigo 2.9.3 has stored XSS via the name ...)
- piwigo <removed>
+ NOTE: https://github.com/Piwigo/Piwigo/issues/872
+ NOTE: https://github.com/Piwigo/Piwigo/commit/55a9754b111309d7a85c6dd86efe47954e984072
CVE-2018-7723 (The management panel in Piwigo 2.9.3 has stored XSS via the ...)
- piwigo <removed>
CVE-2018-7722 (The management panel in Piwigo 2.9.3 has stored XSS via the name ...)
- piwigo <removed>
+ NOTE: https://github.com/Piwigo/Piwigo/issues/871
+ NOTE: https://github.com/Piwigo/Piwigo/commit/0ec289769ee1fc314dbc7d90fdc480389e786942
CVE-2018-7721 (Cross Site Scripting (XSS) exists in MetInfo 6.0.0 via ...)
NOT-FOR-US: MetInfo
CVE-2018-7720 (A cross-site request forgery (CSRF) vulnerability exists in Western ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4987d3f95ca5254921d9f2b462df5c2befd50bb7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4987d3f95ca5254921d9f2b462df5c2befd50bb7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180706/fb92316b/attachment.html>
More information about the debian-security-tracker-commits
mailing list