[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Fri Apr 24 21:10:37 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
13cfda81 by security tracker role at 2020-04-24T20:10:30+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,213 @@
+CVE-2020-12242
+ RESERVED
+CVE-2020-12241
+ RESERVED
+CVE-2020-12240
+ RESERVED
+CVE-2020-12239
+ RESERVED
+CVE-2020-12238
+ RESERVED
+CVE-2020-12237
+ RESERVED
+CVE-2020-12236
+ RESERVED
+CVE-2020-12235
+ RESERVED
+CVE-2020-12234
+ RESERVED
+CVE-2020-12233
+ RESERVED
+CVE-2020-12232
+ RESERVED
+CVE-2020-12231
+ RESERVED
+CVE-2020-12230
+ RESERVED
+CVE-2020-12229
+ RESERVED
+CVE-2020-12228
+ RESERVED
+CVE-2020-12227
+ RESERVED
+CVE-2020-12226
+ RESERVED
+CVE-2020-12225
+ RESERVED
+CVE-2020-12224
+ RESERVED
+CVE-2020-12223
+ RESERVED
+CVE-2020-12222
+ RESERVED
+CVE-2020-12221
+ RESERVED
+CVE-2020-12220
+ RESERVED
+CVE-2020-12219
+ RESERVED
+CVE-2020-12218
+ RESERVED
+CVE-2020-12217
+ RESERVED
+CVE-2020-12216
+ RESERVED
+CVE-2020-12215
+ RESERVED
+CVE-2020-12214
+ RESERVED
+CVE-2020-12213
+ RESERVED
+CVE-2020-12212
+ RESERVED
+CVE-2020-12211
+ RESERVED
+CVE-2020-12210
+ RESERVED
+CVE-2020-12209
+ RESERVED
+CVE-2020-12208
+ RESERVED
+CVE-2020-12207
+ RESERVED
+CVE-2020-12206
+ RESERVED
+CVE-2020-12205
+ RESERVED
+CVE-2020-12204
+ RESERVED
+CVE-2020-12203
+ RESERVED
+CVE-2020-12202
+ RESERVED
+CVE-2020-12201
+ RESERVED
+CVE-2020-12200
+ RESERVED
+CVE-2020-12199
+ RESERVED
+CVE-2020-12198
+ RESERVED
+CVE-2020-12197
+ RESERVED
+CVE-2020-12196
+ RESERVED
+CVE-2020-12195
+ RESERVED
+CVE-2020-12194
+ RESERVED
+CVE-2020-12193
+ RESERVED
+CVE-2020-12192
+ RESERVED
+CVE-2020-12191
+ RESERVED
+CVE-2020-12190
+ RESERVED
+CVE-2020-12189
+ RESERVED
+CVE-2020-12188
+ RESERVED
+CVE-2020-12187
+ RESERVED
+CVE-2020-12186
+ RESERVED
+CVE-2020-12185
+ RESERVED
+CVE-2020-12184
+ RESERVED
+CVE-2020-12183
+ RESERVED
+CVE-2020-12182
+ RESERVED
+CVE-2020-12181
+ RESERVED
+CVE-2020-12180
+ RESERVED
+CVE-2020-12179
+ RESERVED
+CVE-2020-12178
+ RESERVED
+CVE-2020-12177
+ RESERVED
+CVE-2020-12176
+ RESERVED
+CVE-2020-12175
+ RESERVED
+CVE-2020-12174
+ RESERVED
+CVE-2020-12173
+ RESERVED
+CVE-2020-12172
+ RESERVED
+CVE-2020-12171
+ RESERVED
+CVE-2020-12170
+ RESERVED
+CVE-2020-12169
+ RESERVED
+CVE-2020-12168
+ RESERVED
+CVE-2020-12167
+ RESERVED
+CVE-2020-12166
+ RESERVED
+CVE-2020-12165
+ RESERVED
+CVE-2020-12164
+ RESERVED
+CVE-2020-12163
+ RESERVED
+CVE-2020-12162
+ RESERVED
+CVE-2020-12161
+ RESERVED
+CVE-2020-12160
+ RESERVED
+CVE-2020-12159
+ RESERVED
+CVE-2020-12158
+ RESERVED
+CVE-2020-12157
+ RESERVED
+CVE-2020-12156
+ RESERVED
+CVE-2020-12155
+ RESERVED
+CVE-2020-12154
+ RESERVED
+CVE-2020-12153
+ RESERVED
+CVE-2020-12152
+ RESERVED
+CVE-2020-12151
+ RESERVED
+CVE-2020-12150
+ RESERVED
+CVE-2020-12149
+ RESERVED
+CVE-2020-12148
+ RESERVED
+CVE-2020-12147
+ RESERVED
+CVE-2020-12146
+ RESERVED
+CVE-2020-12145
+ RESERVED
+CVE-2020-12144
+ RESERVED
+CVE-2020-12143
+ RESERVED
+CVE-2020-12142
+ RESERVED
+CVE-2020-12141
+ RESERVED
+CVE-2020-12140
+ RESERVED
+CVE-2020-12139
+ RESERVED
+CVE-2020-12138
+ RESERVED
CVE-2020-12136
RESERVED
CVE-2020-12135 (bson before 0.8 incorrectly uses int rather than size_t for many varia ...)
@@ -119,7 +329,7 @@ CVE-2019-20788 (libvncclient/cursor.c in LibVNCServer through 0.9.12 has a Handl
[buster] - libvncserver <no-dsa> (Minor issue)
[stretch] - libvncserver <no-dsa> (Minor issue)
NOTE: https://github.com/LibVNC/libvncserver/commit/54220248886b5001fbbb9fa73c4e1a2cb9413fed
-CVE-2020-12137 [GNU Mailman 2.x stored XSS in attachments]
+CVE-2020-12137 (GNU Mailman 2.x before 2.1.30 uses the .obj extension for scrubbed app ...)
- mailman <unfixed>
NOTE: https://www.openwall.com/lists/oss-security/2020/02/24/2
NOTE: http://bazaar.launchpad.net/~mailman-coders/mailman/2.1/revision/1801
@@ -158,8 +368,7 @@ CVE-2020-12065
RESERVED
CVE-2020-12064
RESERVED
-CVE-2020-12063
- RESERVED
+CVE-2020-12063 (** DISPUTED ** A certain Postfix 2.10.1-7 package could allow an attac ...)
- postfix <unfixed> (unimportant)
NOTE: https://www.openwall.com/lists/oss-security/2020/04/23/3
NOTE: https://www.openwall.com/lists/oss-security/2020/04/23/12
@@ -449,16 +658,16 @@ CVE-2020-11932
RESERVED
CVE-2020-11931
RESERVED
-CVE-2018-21231
- RESERVED
-CVE-2018-21230
- RESERVED
-CVE-2018-21229
- RESERVED
-CVE-2018-21228
- RESERVED
-CVE-2018-21227
- RESERVED
+CVE-2018-21231 (Certain NETGEAR devices are affected by incorrect configuration of sec ...)
+ TODO: check
+CVE-2018-21230 (Certain NETGEAR devices are affected by incorrect configuration of sec ...)
+ TODO: check
+CVE-2018-21229 (Certain NETGEAR devices are affected by incorrect configuration of sec ...)
+ TODO: check
+CVE-2018-21228 (Certain NETGEAR devices are affected by command injection by an authen ...)
+ TODO: check
+CVE-2018-21227 (Certain NETGEAR devices are affected by command injection by an authen ...)
+ TODO: check
CVE-2018-21226
RESERVED
CVE-2018-21225
@@ -969,76 +1178,76 @@ CVE-2017-18733 (Certain NETGEAR devices are affected by authentication bypass. T
NOT-FOR-US: Netgear
CVE-2017-18732 (Certain NETGEAR devices are affected by authentication bypass. This af ...)
NOT-FOR-US: Netgear
-CVE-2017-18731
- RESERVED
-CVE-2017-18730
- RESERVED
-CVE-2017-18729
- RESERVED
-CVE-2017-18728
- RESERVED
-CVE-2017-18727
- RESERVED
-CVE-2017-18726
- RESERVED
-CVE-2017-18725
- RESERVED
-CVE-2017-18724
- RESERVED
-CVE-2017-18723
- RESERVED
-CVE-2017-18722
- RESERVED
-CVE-2017-18721
- RESERVED
-CVE-2017-18720
- RESERVED
-CVE-2017-18719
- RESERVED
-CVE-2017-18718
- RESERVED
-CVE-2017-18717
- RESERVED
-CVE-2017-18716
- RESERVED
-CVE-2017-18715
- RESERVED
-CVE-2017-18714
- RESERVED
-CVE-2017-18713
- RESERVED
-CVE-2017-18712
- RESERVED
-CVE-2017-18711
- RESERVED
-CVE-2017-18710
- RESERVED
-CVE-2017-18709
- RESERVED
-CVE-2017-18708
- RESERVED
-CVE-2017-18707
- RESERVED
-CVE-2017-18706
- RESERVED
-CVE-2017-18705
- RESERVED
-CVE-2017-18704
- RESERVED
-CVE-2017-18703
- RESERVED
-CVE-2017-18702
- RESERVED
-CVE-2017-18701
- RESERVED
-CVE-2017-18700
- RESERVED
-CVE-2017-18699
- RESERVED
-CVE-2017-18698
- RESERVED
-CVE-2017-18697
- RESERVED
+CVE-2017-18731 (Certain NETGEAR devices are affected by incorrect configuration of sec ...)
+ TODO: check
+CVE-2017-18730 (Certain NETGEAR devices are affected by a stack-based buffer overflow ...)
+ TODO: check
+CVE-2017-18729 (Certain NETGEAR devices are affected by a stack-based buffer overflow ...)
+ TODO: check
+CVE-2017-18728 (Certain NETGEAR devices are affected by a stack-based buffer overflow ...)
+ TODO: check
+CVE-2017-18727 (Certain NETGEAR devices are affected by a stack-based buffer overflow ...)
+ TODO: check
+CVE-2017-18726 (Certain NETGEAR devices are affected by a stack-based buffer overflow ...)
+ TODO: check
+CVE-2017-18725 (Certain NETGEAR devices are affected by a stack-based buffer overflow ...)
+ TODO: check
+CVE-2017-18724 (Certain NETGEAR devices are affected by a stack-based buffer overflow ...)
+ TODO: check
+CVE-2017-18723 (Certain NETGEAR devices are affected by a stack-based buffer overflow ...)
+ TODO: check
+CVE-2017-18722 (Certain NETGEAR devices are affected by a stack-based buffer overflow ...)
+ TODO: check
+CVE-2017-18721 (Certain NETGEAR devices are affected by a stack-based buffer overflow ...)
+ TODO: check
+CVE-2017-18720 (Certain NETGEAR devices are affected by authentication bypass. This af ...)
+ TODO: check
+CVE-2017-18719 (Certain NETGEAR devices are affected by a stack-based buffer overflow ...)
+ TODO: check
+CVE-2017-18718 (Certain NETGEAR devices are affected by a stack-based buffer overflow ...)
+ TODO: check
+CVE-2017-18717 (Certain NETGEAR devices are affected by a stack-based buffer overflow ...)
+ TODO: check
+CVE-2017-18716 (Certain NETGEAR devices are affected by a stack-based buffer overflow ...)
+ TODO: check
+CVE-2017-18715 (Certain NETGEAR devices are affected by reflected XSS. This affects EX ...)
+ TODO: check
+CVE-2017-18714 (NETGEAR WNDR4500v3 devices before 1.0.0.48 are affected by denial of s ...)
+ TODO: check
+CVE-2017-18713 (Certain NETGEAR devices are affected by an attacker's ability to read ...)
+ TODO: check
+CVE-2017-18712 (Certain NETGEAR devices are affected by an attacker's ability to read ...)
+ TODO: check
+CVE-2017-18711 (Certain NETGEAR devices are affected by incorrect configuration of sec ...)
+ TODO: check
+CVE-2017-18710 (Certain NETGEAR devices are affected by disclosure of sensitive inform ...)
+ TODO: check
+CVE-2017-18709 (Certain NETGEAR devices are affected by incorrect configuration of sec ...)
+ TODO: check
+CVE-2017-18708 (Certain NETGEAR devices are affected by CSRF. This affects R8300 befor ...)
+ TODO: check
+CVE-2017-18707 (Certain NETGEAR devices are affected by a buffer overflow by an authen ...)
+ TODO: check
+CVE-2017-18706 (Certain NETGEAR devices are affected by incorrect configuration of sec ...)
+ TODO: check
+CVE-2017-18705 (Certain NETGEAR devices are affected by incorrect configuration of sec ...)
+ TODO: check
+CVE-2017-18704 (Certain NETGEAR devices are affected by an attacker's ability to read ...)
+ TODO: check
+CVE-2017-18703 (Certain NETGEAR devices are affected by CSRF. This affects D1500 befor ...)
+ TODO: check
+CVE-2017-18702 (NETGEAR R6220 devices before 1.1.0.60 are affected by incorrect config ...)
+ TODO: check
+CVE-2017-18701 (Certain NETGEAR devices are affected by reflected XSS. This affects R6 ...)
+ TODO: check
+CVE-2017-18700 (Certain NETGEAR devices are affected by stored XSS. This affects D6400 ...)
+ TODO: check
+CVE-2017-18699 (Certain NETGEAR devices are affected by a stack-based buffer overflow ...)
+ TODO: check
+CVE-2017-18698 (Certain NETGEAR devices are affected by a stack-based buffer overflow ...)
+ TODO: check
+CVE-2017-18697 (Certain NETGEAR devices are affected by a stack-based buffer overflow ...)
+ TODO: check
CVE-2020-11930 (The GTranslate plugin before 2.8.52 for WordPress has Reflected XSS vi ...)
NOT-FOR-US: GTranslate plugin for WordPress
CVE-2020-11929
@@ -12814,14 +13023,14 @@ CVE-2020-7136
RESERVED
CVE-2020-7135
RESERVED
-CVE-2020-7134
- RESERVED
-CVE-2020-7133
- RESERVED
+CVE-2020-7134 (A remote access to sensitive data vulnerability was discovered in HPE ...)
+ TODO: check
+CVE-2020-7133 (A unauthorized remote access vulnerability was discovered in HPE IOT + ...)
+ TODO: check
CVE-2020-7132 (A potential security vulnerability has been identified in HPE Onboard ...)
TODO: check
-CVE-2020-7131
- RESERVED
+CVE-2020-7131 (This document describes a security vulnerability in Blade Maintenance ...)
+ TODO: check
CVE-2020-7130 (HPE OneView Global Dashboard (OVGD) 1.9 has a remote information discl ...)
NOT-FOR-US: HPE
CVE-2020-7129
@@ -13572,20 +13781,16 @@ CVE-2020-6830
RESERVED
CVE-2020-6829
RESERVED
-CVE-2020-6828
- RESERVED
+CVE-2020-6828 (A malicious Android application could craft an Intent that would have ...)
- firefox-esr <not-affected> (Android-specific)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/#CVE-2020-6828
-CVE-2020-6827
- RESERVED
+CVE-2020-6827 (When following a link that opened an intent://-schemed URL, causing a ...)
- firefox-esr <not-affected> (Android-specific)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/#CVE-2020-6827
-CVE-2020-6826
- RESERVED
+CVE-2020-6826 (Mozilla developers Tyson Smith, Bob Clary, and Alexandru Michis report ...)
- firefox 75.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/#CVE-2020-6826
-CVE-2020-6825
- RESERVED
+CVE-2020-6825 (Mozilla developers and community members Tyson Smith and Christian Hol ...)
{DSA-4656-1 DSA-4655-1 DLA-2172-1 DLA-2170-1}
- firefox 75.0-1
- firefox-esr 68.7.0esr-1
@@ -13593,16 +13798,13 @@ CVE-2020-6825
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-14/#CVE-2020-6825
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/#CVE-2020-6825
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/#CVE-2020-6825
-CVE-2020-6824
- RESERVED
+CVE-2020-6824 (Initially, a user opens a Private Browsing Window and generates a pass ...)
- firefox 75.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/#CVE-2020-6824
-CVE-2020-6823
- RESERVED
+CVE-2020-6823 (A malicious extension could have called <code>browser.identity.l ...)
- firefox 75.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/#CVE-2020-6823
-CVE-2020-6822
- RESERVED
+CVE-2020-6822 (On 32-bit builds, an out of bounds write could have occurred when proc ...)
{DSA-4656-1 DSA-4655-1 DLA-2172-1 DLA-2170-1}
- firefox 75.0-1
- firefox-esr 68.7.0esr-1
@@ -13610,8 +13812,7 @@ CVE-2020-6822
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-14/#CVE-2020-6822
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/#CVE-2020-6822
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/#CVE-2020-6822
-CVE-2020-6821
- RESERVED
+CVE-2020-6821 (When reading from areas partially or fully outside the source resource ...)
{DSA-4656-1 DSA-4655-1 DLA-2172-1 DLA-2170-1}
- firefox 75.0-1
- firefox-esr 68.7.0esr-1
@@ -13619,16 +13820,14 @@ CVE-2020-6821
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-14/#CVE-2020-6821
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-13/#CVE-2020-6821
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-12/#CVE-2020-6821
-CVE-2020-6820
- RESERVED
+CVE-2020-6820 (Under certain conditions, when handling a ReadableStream, a race condi ...)
{DSA-4656-1 DSA-4653-1 DLA-2172-1 DLA-2170-1}
- firefox 74.0.1-1
- firefox-esr 68.6.1esr-1
- thunderbird 1:68.7.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/#CVE-2020-6820
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-14/#CVE-2020-6820
-CVE-2020-6819
- RESERVED
+CVE-2020-6819 (Under certain conditions, when running the nsDocShell destructor, a ra ...)
{DSA-4656-1 DSA-4653-1 DLA-2172-1 DLA-2170-1}
- firefox 74.0.1-1
- firefox-esr 68.6.1esr-1
@@ -15869,12 +16068,12 @@ CVE-2020-5872
RESERVED
CVE-2020-5871
RESERVED
-CVE-2020-5870
- RESERVED
-CVE-2020-5869
- RESERVED
-CVE-2020-5868
- RESERVED
+CVE-2020-5870 (In BIG-IQ 5.2.0-7.0.0, high availability (HA) synchronization mechanis ...)
+ TODO: check
+CVE-2020-5869 (In BIG-IQ 5.2.0-7.0.0, high availability (HA) synchronization is not s ...)
+ TODO: check
+CVE-2020-5868 (In BIG-IQ 6.0.0-7.0.0, a remote access vulnerability has been discover ...)
+ TODO: check
CVE-2020-5867 (In versions prior to 3.3.0, the NGINX Controller Agent installer scrip ...)
TODO: check
CVE-2020-5866 (In versions of NGINX Controller prior to 3.3.0, the helper.sh script, ...)
@@ -19739,8 +19938,8 @@ CVE-2020-4269 (IBM QRadar 7.3.0 to 7.3.3 Patch 2 contains hard-coded credentials
NOT-FOR-US: IBM
CVE-2020-4268 (IBM QRadar 7.3.0 to 7.3.3 Patch 2 is vulnerable to cross-site scriptin ...)
NOT-FOR-US: IBM
-CVE-2020-4267
- RESERVED
+CVE-2020-4267 (IBM MQ and MQ Appliance 8.0, 9.1 LTS, and 9.1 CD could allow an authen ...)
+ TODO: check
CVE-2020-4266
RESERVED
CVE-2020-4265
@@ -23909,6 +24108,7 @@ CVE-2020-2832 (Vulnerability in the Oracle One-to-One Fulfillment product of Ora
CVE-2020-2831 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
NOT-FOR-US: Oracle
CVE-2020-2830 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
+ {DSA-4662-1}
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
- openjdk-8 8u252-b09-1
@@ -23940,6 +24140,7 @@ CVE-2020-2818 (Vulnerability in the Oracle Universal Work Queue product of Oracl
CVE-2020-2817 (Vulnerability in the Oracle Scripting product of Oracle E-Business Sui ...)
NOT-FOR-US: Oracle
CVE-2020-2816 (Vulnerability in the Java SE product of Oracle Java SE (component: JSS ...)
+ {DSA-4662-1}
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
CVE-2020-2815 (Vulnerability in the Oracle iSupport product of Oracle E-Business Suit ...)
@@ -23966,6 +24167,7 @@ CVE-2020-2806 (Vulnerability in the MySQL Server product of Oracle MySQL (compon
- mysql-5.7 <unfixed> (bug #956832)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2805 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
+ {DSA-4662-1}
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
- openjdk-8 8u252-b09-1
@@ -23974,6 +24176,7 @@ CVE-2020-2804 (Vulnerability in the MySQL Server product of Oracle MySQL (compon
- mysql-5.7 <unfixed> (bug #956832)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2803 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
+ {DSA-4662-1}
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
- openjdk-8 8u252-b09-1
@@ -23983,6 +24186,7 @@ CVE-2020-2802 (Vulnerability in the Oracle GraalVM Enterprise Edition product of
CVE-2020-2801 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
NOT-FOR-US: Oracle
CVE-2020-2800 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
+ {DSA-4662-1}
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
- openjdk-8 8u252-b09-1
@@ -24025,6 +24229,7 @@ CVE-2020-2783 (Vulnerability in the Oracle Outside In Technology product of Orac
CVE-2020-2782 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
NOT-FOR-US: Oracle
CVE-2020-2781 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
+ {DSA-4662-1}
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
- openjdk-8 8u252-b09-1
@@ -24036,6 +24241,7 @@ CVE-2020-2779 (Vulnerability in the MySQL Server product of Oracle MySQL (compon
- mysql-5.7 <not-affected> (MySQL 8 only)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2778 (Vulnerability in the Java SE product of Oracle Java SE (component: JSS ...)
+ {DSA-4662-1}
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
CVE-2020-2777 (Vulnerability in the Hyperion Financial Management product of Oracle H ...)
@@ -24048,6 +24254,7 @@ CVE-2020-2774 (Vulnerability in the MySQL Server product of Oracle MySQL (compon
- mysql-5.7 <not-affected> (Only affects MySQL 8)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2773 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
+ {DSA-4662-1}
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
- openjdk-8 8u252-b09-1
@@ -24065,6 +24272,7 @@ CVE-2020-2768 (Vulnerability in the MySQL Cluster product of Oracle MySQL (compo
- mysql-cluster <itp> (bug #833356)
NOTE: https://www.oracle.com/security-alerts/cpuapr2020.html#AppendixMSQL
CVE-2020-2767 (Vulnerability in the Java SE product of Oracle Java SE (component: JSS ...)
+ {DSA-4662-1}
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
CVE-2020-2766 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
@@ -24093,20 +24301,24 @@ CVE-2020-2758 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtu
- virtualbox 6.1.6-dfsg-1
[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2020-2757 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
+ {DSA-4662-1}
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
- openjdk-8 8u252-b09-1
- openjdk-7 <removed>
CVE-2020-2756 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
+ {DSA-4662-1}
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
- openjdk-8 8u252-b09-1
- openjdk-7 <removed>
CVE-2020-2755 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
+ {DSA-4662-1}
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
- openjdk-8 8u252-b09-1
CVE-2020-2754 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java ...)
+ {DSA-4662-1}
- openjdk-14 14.0.1+7-1
- openjdk-11 11.0.7+10-1
- openjdk-8 8u252-b09-1
@@ -27320,8 +27532,7 @@ CVE-2020-1743
CVE-2020-1742
RESERVED
NOT-FOR-US: OpenShift jenkins-slave-base-rhel7-container
-CVE-2020-1741
- RESERVED
+CVE-2020-1741 (A flaw was found in openshift-ansible. OpenShift Container Platform (O ...)
NOT-FOR-US: openshift-ansible
CVE-2020-1740 (A flaw was found in Ansible Engine when using Ansible Vault for editin ...)
- ansible <unfixed>
@@ -73528,10 +73739,10 @@ CVE-2019-4753
RESERVED
CVE-2019-4752 (IBM Emptoris Spend Analysis and IBM Emptoris Strategic Supply Manageme ...)
NOT-FOR-US: IBM
-CVE-2019-4751
- RESERVED
-CVE-2019-4750
- RESERVED
+CVE-2019-4751 (IBM Cloud App Management 2019.3.0 and 2019.4.0 reveals a stack trace o ...)
+ TODO: check
+CVE-2019-4750 (IBM Cloud App Management 2019.3.0 and 2019.4.0 is vulnerable to cross- ...)
+ TODO: check
CVE-2019-4749 (IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. ...)
NOT-FOR-US: IBM
CVE-2019-4748
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13cfda810f731425925b5ab943cdd908a57aebb1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13cfda810f731425925b5ab943cdd908a57aebb1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200424/0453f97f/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list