[Git][security-tracker-team/security-tracker][master] Add CVE-2020-27834/zabbix

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fbdc5a84 by Salvatore Bonaccorso at 2020-12-15T07:44:28+01:00
Add CVE-2020-27834/zabbix

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9312,8 +9312,12 @@ CVE-2020-27835 [IB/hfi1: Ensure correct mm is used at all times]
 	RESERVED
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/3d2a9d642512c21a12d19b9250e7a835dcb41a79
-CVE-2020-27834
+CVE-2020-27834 [attacker can send the same request over and over again without changing the CSRF token]
 	RESERVED
+	- zabbix <undetermined>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1907497
+	NOTE: http://almorabea.net/cves/zabbix.txt
+	TODO: check for details, very scarce/incomplete CVE request from http://almorabea.net/cves/zabbix.txt
 CVE-2020-27833
 	RESERVED
 	NOT-FOR-US: OpenShift



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fbdc5a84d512ce1eb86e33b0a6d9be1c66f2efd3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fbdc5a84d512ce1eb86e33b0a6d9be1c66f2efd3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201215/e0ef419d/attachment.html>