[Git][security-tracker-team/security-tracker][master] Add CVE-2020-25265/libappimage
Salvatore Bonaccorso
carnil at debian.org
Fri Dec 4 06:18:27 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
94350010 by Salvatore Bonaccorso at 2020-12-04T07:17:13+01:00
Add CVE-2020-25265/libappimage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13167,7 +13167,9 @@ CVE-2020-25267 (An XSS issue exists in the question-pool file-upload preview fea
CVE-2020-25266 (AppImage appimaged before 1.0.3 does not properly check whether a down ...)
TODO: check
CVE-2020-25265 (AppImage libappimage before 1.0.3 allows attackers to trigger an overw ...)
- TODO: check
+ - libappimage <unfixed>
+ NOTE: https://github.com/AppImage/libappimage/pull/146
+ NOTE: https://github.com/refi64/CVE-2020-25265-25266
CVE-2020-25264
RESERVED
CVE-2020-25263 (PyroCMS 3.7 is vulnerable to cross-site request forgery (CSRF) via the ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/94350010fcd515e7ddb063757e6b521dff81f00f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/94350010fcd515e7ddb063757e6b521dff81f00f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201204/62870ffe/attachment.html>
More information about the debian-security-tracker-commits
mailing list