[Git][security-tracker-team/security-tracker][master] Add CVE-2019-11458/cakephp
Salvatore Bonaccorso
carnil at debian.org
Wed May 8 21:45:49 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cc75bc16 by Salvatore Bonaccorso at 2019-05-08T20:45:18Z
Add CVE-2019-11458/cakephp
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -911,7 +911,9 @@ CVE-2013-7470 (cipso_v4_validate in include/net/cipso_ipv4.h in the Linux kernel
- linux 3.11.7-1
NOTE: Fixed by: https://git.kernel.org/linus/f2e5ddcc0d12f9c4c7b254358ad245c9dddce13b
CVE-2019-11458 (An issue was discovered in SmtpTransport in CakePHP 3.7.6. An unserial ...)
- TODO: check
+ - cakephp <undetermined>
+ NOTE: https://github.com/cakephp/cakephp/commit/1a74e798309192a9895c9cedabd714ceee345f4e
+ TODO: check, possibly introduced in later version than present in unstable 2.10.11
CVE-2019-11457
RESERVED
CVE-2019-11456 (Gila CMS 1.10.1 allows fm/save CSRF for executing arbitrary PHP code. ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cc75bc16f67b42ed43225573c6ef05d83f6ae8bf
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cc75bc16f67b42ed43225573c6ef05d83f6ae8bf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190508/0ae161ff/attachment.html>
More information about the debian-security-tracker-commits
mailing list