[Git][security-tracker-team/security-tracker][master] Add inital tracking of some odoo issues

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ab0061c2 by Salvatore Bonaccorso at 2020-12-25T00:01:38+01:00
Add inital tracking of some odoo issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -104779,16 +104779,28 @@ CVE-2019-11788
 CVE-2019-11787
 	RESERVED
 CVE-2019-11786 (Improper access control in Odoo Community 13.0 and earlier and Odoo En ...)
+	- odoo <undetermined>
+	NOTE: https://github.com/odoo/odoo/issues/63711
 	TODO: check
 CVE-2019-11785 (Improper access control in mail module (followers) in Odoo Community 1 ...)
+	- odoo <undetermined>
+	NOTE: https://github.com/odoo/odoo/issues/63710
 	TODO: check
 CVE-2019-11784 (Improper access control in mail module (notifications) in Odoo Communi ...)
+	- odoo <undetermined>
+	NOTE: https://github.com/odoo/odoo/issues/63709
 	TODO: check
 CVE-2019-11783 (Improper access control in mail module (channel partners) in Odoo Comm ...)
+	- odoo <undetermined>
+	NOTE: https://github.com/odoo/odoo/issues/63708
 	TODO: check
 CVE-2019-11782 (Improper access control in Odoo Community 14.0 and earlier and Odoo En ...)
+	- odoo <undetermined>
+	NOTE: https://github.com/odoo/odoo/issues/63707
 	TODO: check
 CVE-2019-11781 (Improper input validation in portal component in Odoo Community 12.0 a ...)
+	- odoo <undetermined>
+	NOTE: https://github.com/odoo/odoo/issues/63706
 	TODO: check
 CVE-2019-11780 (Improper access control in the computed fields system of the framework ...)
 	- odoo <not-affected> (Fixed before initial upload to Debian)
@@ -148882,6 +148894,8 @@ CVE-2018-15647
 CVE-2018-15646
 	RESERVED
 CVE-2018-15645 (Improper access control in message routing in Odoo Community 12.0 and  ...)
+	- odoo <undetermined>
+	NOTE: https://github.com/odoo/odoo/issues/63705
 	TODO: check
 CVE-2018-15644
 	RESERVED
@@ -148890,6 +148904,8 @@ CVE-2018-15643
 CVE-2018-15642
 	RESERVED
 CVE-2018-15641 (Cross-site scripting (XSS) issue in web module in Odoo Community 11.0  ...)
+	- odoo <undetermined>
+	NOTE: https://github.com/odoo/odoo/issues/63704
 	TODO: check
 CVE-2018-15640 (Improper access control in the Helpdesk App of Odoo Enterprise 10.0 th ...)
 	- odoo <not-affected> (Only in enterprise version)
@@ -148897,6 +148913,8 @@ CVE-2018-15640 (Improper access control in the Helpdesk App of Odoo Enterprise 1
 CVE-2018-15639
 	RESERVED
 CVE-2018-15638 (Cross-site scripting (XSS) issue in mail module in Odoo Community 13.0 ...)
+	- odoo <undetermined>
+	NOTE: https://github.com/odoo/odoo/issues/63703
 	TODO: check
 CVE-2018-15637
 	RESERVED
@@ -148906,10 +148924,16 @@ CVE-2018-15635 (Cross-site scripting vulnerability in the Discuss App of Odoo Co
 	- odoo <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://github.com/odoo/odoo/issues/32515
 CVE-2018-15634 (Cross-site scripting (XSS) issue in attachment management in Odoo Comm ...)
+	- odoo <undetermined>
+	NOTE: https://github.com/odoo/odoo/issues/63702
 	TODO: check
 CVE-2018-15633 (Cross-site scripting (XSS) issue in "document" module in Odoo Communit ...)
+	- odoo <undetermined>
+	NOTE: https://github.com/odoo/odoo/issues/63701
 	TODO: check
 CVE-2018-15632 (Improper input validation in database creation logic in Odoo Community ...)
+	- odoo <undetermined>
+	NOTE: https://github.com/odoo/odoo/issues/63700
 	TODO: check
 CVE-2018-15631 (Improper access control in the Discuss App of Odoo Community 12.0 and  ...)
 	- odoo <not-affected> (Fixed before initial upload to Debian)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab0061c209115924005f93f54465a6e06adb4f71

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab0061c209115924005f93f54465a6e06adb4f71
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201224/2bcf2888/attachment.html>