[Git][security-tracker-team/security-tracker][master] Track several CVEs for zammad (itp'ed, #841355)

Salvatore Bonaccorso carnil at debian.org
Mon Dec 28 20:16:18 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
20398b98 by Salvatore Bonaccorso at 2020-12-28T21:15:50+01:00
Track several CVEs for zammad (itp'ed, #841355)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7237,11 +7237,11 @@ CVE-2020-29162
 CVE-2020-29161
 	RESERVED
 CVE-2020-29160 (An issue was discovered in Zammad before 3.5.1. A REST API call allows ...)
-	TODO: check
+	- zammad <itp> (bug #841355)
 CVE-2020-29159 (An issue was discovered in Zammad before 3.5.1. The default signup Rol ...)
-	TODO: check
+	- zammad <itp> (bug #841355)
 CVE-2020-29158 (An issue was discovered in Zammad before 3.5.1. An Agent with Customer ...)
-	TODO: check
+	- zammad <itp> (bug #841355)
 CVE-2020-29157
 	RESERVED
 CVE-2020-29156 (The WooCommerce plugin before 4.7.0 for WordPress allows remote attack ...)
@@ -17661,21 +17661,21 @@ CVE-2020-26037
 CVE-2020-26036
 	RESERVED
 CVE-2020-26035 (An issue was discovered in Zammad before 3.4.1. There is Stored XSS vi ...)
-	TODO: check
+	- zammad <itp> (bug #841355)
 CVE-2020-26034 (An account-enumeration issue was discovered in Zammad before 3.4.1. Th ...)
-	TODO: check
+	- zammad <itp> (bug #841355)
 CVE-2020-26033 (An issue was discovered in Zammad before 3.4.1. The Tag and Link REST  ...)
-	TODO: check
+	- zammad <itp> (bug #841355)
 CVE-2020-26032 (An SSRF issue was discovered in Zammad before 3.4.1. The SMS configura ...)
-	TODO: check
+	- zammad <itp> (bug #841355)
 CVE-2020-26031 (An issue was discovered in Zammad before 3.4.1. The global-search feat ...)
-	TODO: check
+	- zammad <itp> (bug #841355)
 CVE-2020-26030 (An issue was discovered in Zammad before 3.4.1. There is an authentica ...)
-	TODO: check
+	- zammad <itp> (bug #841355)
 CVE-2020-26029 (An issue was discovered in Zammad before 3.4.1. There are wrong author ...)
-	TODO: check
+	- zammad <itp> (bug #841355)
 CVE-2020-26028 (An issue was discovered in Zammad before 3.4.1. Admin Users without a  ...)
-	TODO: check
+	- zammad <itp> (bug #841355)
 CVE-2020-26027
 	RESERVED
 CVE-2020-26026



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/20398b989413986990cec77133a390eefcf54c67

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/20398b989413986990cec77133a390eefcf54c67
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201228/fb1a24cf/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list