[Git][security-tracker-team/security-tracker][master] Add CVE-2018-1999024/mathjax
Salvatore Bonaccorso
carnil at debian.org
Mon Jul 23 21:15:11 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c60bdbfd by Salvatore Bonaccorso at 2018-07-23T22:14:49+02:00
Add CVE-2018-1999024/mathjax
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,5 +1,6 @@
CVE-2018-1999024 (MathJax version prior to version 2.7.4 contains a Cross Site Scripting ...)
- TODO: check
+ - mathjax 2.7.4+dfsg-1
+ NOTE: https://github.com/mathjax/MathJax/commit/a55da396c18cafb767a26aa9ad96f6f4199852f1
CVE-2018-1999022 (PEAR HTML_QuickForm version 3.2.14 contains an eval injection (CWE-95) ...)
TODO: check
CVE-2018-1999021 (Gleezcms Gleez Cms version 1.3.0 contains a Cross Site Scripting (XSS) ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c60bdbfdd43a9e54d04a3b55cb3c10dd7594ef73
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c60bdbfdd43a9e54d04a3b55cb3c10dd7594ef73
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180723/c04254aa/attachment.html>
More information about the debian-security-tracker-commits
mailing list