[Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso
carnil at debian.org
Wed Feb 5 08:39:39 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b2e95c58 by Salvatore Bonaccorso at 2020-02-05T09:38:06+01:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -17322,7 +17322,7 @@ CVE-2019-19274 (typed_ast 1.3.0 and 1.3.1 has a handle_keywordonly_args out-of-b
NOTE: Introduced by: https://github.com/python/typed_ast/commit/156afcb26c198e162504a57caddfe0acd9ed7dce (1.3.0)
NOTE: Fixed by: https://github.com/python/typed_ast/commit/dc317ac9cff859aa84eeabe03fb5004982545b3b (1.3.2)
CVE-2019-19273 (On Samsung mobile devices with O(8.0) and P(9.0) software and an Exyno ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2015-9539 (The Fast Secure Contact Form plugin before 4.0.38 for WordPress allows ...)
NOT-FOR-US: Fast Secure Contact Form plugin for WordPress
CVE-2015-9538 (The NextGEN Gallery plugin before 2.1.15 for WordPress allows ../ Dire ...)
@@ -30404,7 +30404,7 @@ CVE-2019-15624 (Improper Input Validation in Nextcloud Server 15.0.7 allows grou
CVE-2019-15623 (Exposure of Private Information in Nextcloud Server 16.0.1 causes the ...)
TODO: check
CVE-2019-15622 (Not strictly enough sanitization in the Nextcloud Android app 3.6.0 al ...)
- TODO: check
+ NOT-FOR-US: Nextcloud Android App
CVE-2019-15621 (Improper permissions preservation in Nextcloud Server 16.0.1 causes sh ...)
TODO: check
CVE-2019-15620 (Improper access control in Nextcloud Talk 6.0.3 leaks the existance an ...)
@@ -30418,15 +30418,15 @@ CVE-2019-15617 (A missing check in Nextcloud Server 17.0.0 allowed an attacker t
CVE-2019-15616 (Dangling remote share attempts in Nextcloud 16 allow a DNS pollution w ...)
TODO: check
CVE-2019-15615 (A wrong check for the system time in the Android App 3.9.0 causes a by ...)
- TODO: check
+ NOT-FOR-US: Nextcloud Android app
CVE-2019-15614 (Missing sanitization in the iOS App 2.24.4 causes an XSS when opening ...)
- TODO: check
+ NOT-FOR-US: Nextcloud iOS App
CVE-2019-15613 (A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend t ...)
TODO: check
CVE-2019-15612 (A bug in Nextcloud Server 15.0.2 causes pending 2FA logins to not be c ...)
TODO: check
CVE-2019-15611 (Violation of Secure Design Principles in the iOS App 2.23.0 causes the ...)
- TODO: check
+ NOT-FOR-US: Nextcloud iOS App
CVE-2019-15610 (Improper authorization in the Circles app 0.17.7 causes retaining acce ...)
TODO: check
CVE-2019-15609
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b2e95c58fb4d6aeb29da7e3e7b7fbff3e25077a1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b2e95c58fb4d6aeb29da7e3e7b7fbff3e25077a1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200205/a8d1bd49/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list