[Git][security-tracker-team/security-tracker][master] Add CVE-2020-16145/roundcube
Salvatore Bonaccorso
carnil at debian.org
Tue Aug 11 05:44:16 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7a2fcdea by Salvatore Bonaccorso at 2020-08-11T06:40:13+02:00
Add CVE-2020-16145/roundcube
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2688,8 +2688,11 @@ CVE-2020-16147
RESERVED
CVE-2020-16146
RESERVED
-CVE-2020-16145
+CVE-2020-16145 [Fix cross-site scripting (XSS) via HTML messages with malicious svg content]
RESERVED
+ - roundcube <unfixed>
+ NOTE: https://github.com/roundcube/roundcubemail/commit/a71bf2e8d4a64ff2c83fdabc1e8cb0c045a41ef4 (1.4.8)
+ NOTE: https://github.com/roundcube/roundcubemail/commit/d44ca2308a96576b88d6bf27528964d4fe1a6b8b (1.3.15)
CVE-2020-16144
RESERVED
CVE-2020-16143 (The seafile-client client 7.0.8 for Seafile is vulnerable to DLL hijac ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7a2fcdea10548970896872e1f9e2fa99b877aa5b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7a2fcdea10548970896872e1f9e2fa99b877aa5b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200811/829a1a2e/attachment.html>
More information about the debian-security-tracker-commits
mailing list