[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Fri Jan 3 08:10:24 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bdf1eeb7 by security tracker role at 2020-01-03T08:10:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,541 @@
+CVE-2020-5314
+ RESERVED
+CVE-2020-5313 (libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overfl ...)
+ TODO: check
+CVE-2020-5312 (libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer ...)
+ TODO: check
+CVE-2020-5311 (libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer ove ...)
+ TODO: check
+CVE-2020-5310 (libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding int ...)
+ TODO: check
+CVE-2020-5309
+ RESERVED
+CVE-2020-5308
+ RESERVED
+CVE-2020-5307
+ RESERVED
+CVE-2020-5306
+ RESERVED
+CVE-2020-5305
+ RESERVED
+CVE-2020-5304
+ RESERVED
+CVE-2020-5303
+ RESERVED
+CVE-2020-5302
+ RESERVED
+CVE-2020-5301
+ RESERVED
+CVE-2020-5300
+ RESERVED
+CVE-2020-5299
+ RESERVED
+CVE-2020-5298
+ RESERVED
+CVE-2020-5297
+ RESERVED
+CVE-2020-5296
+ RESERVED
+CVE-2020-5295
+ RESERVED
+CVE-2020-5294
+ RESERVED
+CVE-2020-5293
+ RESERVED
+CVE-2020-5292
+ RESERVED
+CVE-2020-5291
+ RESERVED
+CVE-2020-5290
+ RESERVED
+CVE-2020-5289
+ RESERVED
+CVE-2020-5288
+ RESERVED
+CVE-2020-5287
+ RESERVED
+CVE-2020-5286
+ RESERVED
+CVE-2020-5285
+ RESERVED
+CVE-2020-5284
+ RESERVED
+CVE-2020-5283
+ RESERVED
+CVE-2020-5282
+ RESERVED
+CVE-2020-5281
+ RESERVED
+CVE-2020-5280
+ RESERVED
+CVE-2020-5279
+ RESERVED
+CVE-2020-5278
+ RESERVED
+CVE-2020-5277
+ RESERVED
+CVE-2020-5276
+ RESERVED
+CVE-2020-5275
+ RESERVED
+CVE-2020-5274
+ RESERVED
+CVE-2020-5273
+ RESERVED
+CVE-2020-5272
+ RESERVED
+CVE-2020-5271
+ RESERVED
+CVE-2020-5270
+ RESERVED
+CVE-2020-5269
+ RESERVED
+CVE-2020-5268
+ RESERVED
+CVE-2020-5267
+ RESERVED
+CVE-2020-5266
+ RESERVED
+CVE-2020-5265
+ RESERVED
+CVE-2020-5264
+ RESERVED
+CVE-2020-5263
+ RESERVED
+CVE-2020-5262
+ RESERVED
+CVE-2020-5261
+ RESERVED
+CVE-2020-5260
+ RESERVED
+CVE-2020-5259
+ RESERVED
+CVE-2020-5258
+ RESERVED
+CVE-2020-5257
+ RESERVED
+CVE-2020-5256
+ RESERVED
+CVE-2020-5255
+ RESERVED
+CVE-2020-5254
+ RESERVED
+CVE-2020-5253
+ RESERVED
+CVE-2020-5252
+ RESERVED
+CVE-2020-5251
+ RESERVED
+CVE-2020-5250
+ RESERVED
+CVE-2020-5249
+ RESERVED
+CVE-2020-5248
+ RESERVED
+CVE-2020-5247
+ RESERVED
+CVE-2020-5246
+ RESERVED
+CVE-2020-5245
+ RESERVED
+CVE-2020-5244
+ RESERVED
+CVE-2020-5243
+ RESERVED
+CVE-2020-5242
+ RESERVED
+CVE-2020-5241
+ RESERVED
+CVE-2020-5240
+ RESERVED
+CVE-2020-5239
+ RESERVED
+CVE-2020-5238
+ RESERVED
+CVE-2020-5237
+ RESERVED
+CVE-2020-5236
+ RESERVED
+CVE-2020-5235
+ RESERVED
+CVE-2020-5234
+ RESERVED
+CVE-2020-5233
+ RESERVED
+CVE-2020-5232
+ RESERVED
+CVE-2020-5231
+ RESERVED
+CVE-2020-5230
+ RESERVED
+CVE-2020-5229
+ RESERVED
+CVE-2020-5228
+ RESERVED
+CVE-2020-5227
+ RESERVED
+CVE-2020-5226
+ RESERVED
+CVE-2020-5225
+ RESERVED
+CVE-2020-5224
+ RESERVED
+CVE-2020-5223
+ RESERVED
+CVE-2020-5222
+ RESERVED
+CVE-2020-5221
+ RESERVED
+CVE-2020-5220
+ RESERVED
+CVE-2020-5219
+ RESERVED
+CVE-2020-5218
+ RESERVED
+CVE-2020-5217
+ RESERVED
+CVE-2020-5216
+ RESERVED
+CVE-2020-5215
+ RESERVED
+CVE-2020-5214
+ RESERVED
+CVE-2020-5213
+ RESERVED
+CVE-2020-5212
+ RESERVED
+CVE-2020-5211
+ RESERVED
+CVE-2020-5210
+ RESERVED
+CVE-2020-5209
+ RESERVED
+CVE-2020-5208
+ RESERVED
+CVE-2020-5207
+ RESERVED
+CVE-2020-5206
+ RESERVED
+CVE-2020-5205
+ RESERVED
+CVE-2020-5204
+ RESERVED
+CVE-2020-5203
+ RESERVED
+CVE-2020-5202
+ RESERVED
+CVE-2020-5201
+ RESERVED
+CVE-2019-20330 (FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.eh ...)
+ TODO: check
+CVE-2019-20329 (OpenLambda 2019-09-10 allows DNS rebinding attacks against the OL serv ...)
+ TODO: check
+CVE-2019-20328
+ RESERVED
+CVE-2019-20327
+ RESERVED
+CVE-2019-20325
+ REJECTED
+ TODO: check
+CVE-2019-20324
+ REJECTED
+ TODO: check
+CVE-2019-20323
+ REJECTED
+ TODO: check
+CVE-2019-20322
+ REJECTED
+ TODO: check
+CVE-2019-20321
+ REJECTED
+ TODO: check
+CVE-2019-20320
+ REJECTED
+ TODO: check
+CVE-2019-20319
+ REJECTED
+ TODO: check
+CVE-2019-20318
+ REJECTED
+ TODO: check
+CVE-2019-20317
+ REJECTED
+ TODO: check
+CVE-2019-20316
+ REJECTED
+ TODO: check
+CVE-2019-20315
+ REJECTED
+ TODO: check
+CVE-2019-20314
+ REJECTED
+ TODO: check
+CVE-2019-20313
+ REJECTED
+ TODO: check
+CVE-2019-20312
+ REJECTED
+ TODO: check
+CVE-2019-20311
+ REJECTED
+ TODO: check
+CVE-2019-20310
+ REJECTED
+ TODO: check
+CVE-2019-20309
+ REJECTED
+ TODO: check
+CVE-2019-20308
+ REJECTED
+ TODO: check
+CVE-2019-20307
+ REJECTED
+ TODO: check
+CVE-2019-20306
+ REJECTED
+ TODO: check
+CVE-2019-20305
+ REJECTED
+ TODO: check
+CVE-2019-20304
+ REJECTED
+ TODO: check
+CVE-2019-20303
+ REJECTED
+ TODO: check
+CVE-2019-20302
+ REJECTED
+ TODO: check
+CVE-2019-20301
+ REJECTED
+ TODO: check
+CVE-2019-20300
+ REJECTED
+ TODO: check
+CVE-2019-20299
+ REJECTED
+ TODO: check
+CVE-2019-20298
+ REJECTED
+ TODO: check
+CVE-2019-20297
+ REJECTED
+ TODO: check
+CVE-2019-20296
+ REJECTED
+ TODO: check
+CVE-2019-20295
+ REJECTED
+ TODO: check
+CVE-2019-20294
+ REJECTED
+ TODO: check
+CVE-2019-20293
+ REJECTED
+ TODO: check
+CVE-2019-20292
+ REJECTED
+ TODO: check
+CVE-2019-20291
+ REJECTED
+ TODO: check
+CVE-2019-20290
+ REJECTED
+ TODO: check
+CVE-2019-20289
+ REJECTED
+ TODO: check
+CVE-2019-20288
+ REJECTED
+ TODO: check
+CVE-2019-20287
+ REJECTED
+ TODO: check
+CVE-2019-20286
+ REJECTED
+ TODO: check
+CVE-2019-20285
+ REJECTED
+ TODO: check
+CVE-2019-20284
+ REJECTED
+ TODO: check
+CVE-2019-20283
+ REJECTED
+ TODO: check
+CVE-2019-20282
+ REJECTED
+ TODO: check
+CVE-2019-20281
+ REJECTED
+ TODO: check
+CVE-2019-20280
+ REJECTED
+ TODO: check
+CVE-2019-20279
+ REJECTED
+ TODO: check
+CVE-2019-20278
+ REJECTED
+ TODO: check
+CVE-2019-20277
+ REJECTED
+ TODO: check
+CVE-2019-20276
+ REJECTED
+ TODO: check
+CVE-2019-20275
+ REJECTED
+ TODO: check
+CVE-2019-20274
+ REJECTED
+ TODO: check
+CVE-2019-20273
+ REJECTED
+ TODO: check
+CVE-2019-20272
+ REJECTED
+ TODO: check
+CVE-2019-20271
+ REJECTED
+ TODO: check
+CVE-2019-20270
+ REJECTED
+ TODO: check
+CVE-2019-20269
+ REJECTED
+ TODO: check
+CVE-2019-20268
+ REJECTED
+ TODO: check
+CVE-2019-20267
+ REJECTED
+ TODO: check
+CVE-2019-20266
+ REJECTED
+ TODO: check
+CVE-2019-20265
+ REJECTED
+ TODO: check
+CVE-2019-20264
+ REJECTED
+ TODO: check
+CVE-2019-20263
+ REJECTED
+ TODO: check
+CVE-2019-20262
+ REJECTED
+ TODO: check
+CVE-2019-20261
+ REJECTED
+ TODO: check
+CVE-2019-20260
+ REJECTED
+ TODO: check
+CVE-2019-20259
+ REJECTED
+ TODO: check
+CVE-2019-20258
+ REJECTED
+ TODO: check
+CVE-2019-20257
+ REJECTED
+ TODO: check
+CVE-2019-20256
+ REJECTED
+ TODO: check
+CVE-2019-20255
+ REJECTED
+ TODO: check
+CVE-2019-20254
+ REJECTED
+ TODO: check
+CVE-2019-20253
+ REJECTED
+ TODO: check
+CVE-2019-20252
+ REJECTED
+ TODO: check
+CVE-2019-20251
+ REJECTED
+ TODO: check
+CVE-2019-20250
+ REJECTED
+ TODO: check
+CVE-2019-20249
+ REJECTED
+ TODO: check
+CVE-2019-20248
+ REJECTED
+ TODO: check
+CVE-2019-20247
+ REJECTED
+ TODO: check
+CVE-2019-20246
+ REJECTED
+ TODO: check
+CVE-2019-20245
+ REJECTED
+ TODO: check
+CVE-2019-20244
+ REJECTED
+ TODO: check
+CVE-2019-20243
+ REJECTED
+ TODO: check
+CVE-2019-20242
+ REJECTED
+ TODO: check
+CVE-2019-20241
+ REJECTED
+ TODO: check
+CVE-2019-20240
+ REJECTED
+ TODO: check
+CVE-2019-20239
+ REJECTED
+ TODO: check
+CVE-2019-20238
+ REJECTED
+ TODO: check
+CVE-2019-20237
+ REJECTED
+ TODO: check
+CVE-2019-20236
+ REJECTED
+ TODO: check
+CVE-2019-20235
+ REJECTED
+ TODO: check
+CVE-2019-20234
+ REJECTED
+ TODO: check
+CVE-2019-20233
+ REJECTED
+ TODO: check
+CVE-2019-20232
+ REJECTED
+ TODO: check
+CVE-2019-20231
+ REJECTED
+ TODO: check
+CVE-2019-20230
+ REJECTED
+ TODO: check
+CVE-2019-20229
+ REJECTED
+ TODO: check
+CVE-2019-20228
+ REJECTED
+ TODO: check
+CVE-2019-20227
+ REJECTED
+ TODO: check
+CVE-2019-20226
+ REJECTED
+ TODO: check
CVE-2019-20326 [buffer overflow]
+ RESERVED
- gthumb <unfixed>
NOTE: https://gitlab.gnome.org/GNOME/gthumb/commit/4faa5ce2358812d23a1147953ee76f59631590ad
NOTE: https://gitlab.gnome.org/GNOME/gthumb/commit/ca8f528209ab78935c30e42fe53bdf1a24f3cb44
@@ -184276,8 +184813,7 @@ CVE-2016-1000103
RESERVED
CVE-2016-1000102
REJECTED
-CVE-2016-1000027
- RESERVED
+CVE-2016-1000027 (Pivotal Spring Framework 4.1.4 suffers from a potential remote code ex ...)
- libspring-java 4.2.7-1 (unimportant)
NOTE: https://www.tenable.com/security/research/tra-2016-20
NOTE: This is not a vulnerability in Spring itself, just how applications are using it
@@ -233924,8 +234460,7 @@ CVE-2014-8184 (A vulnerability was found in liblouis, versions 2.5.x before 2.5.
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1492701#c7
CVE-2014-8183 (It was found that foreman, versions 1.x.x before 1.15.6, in Satellite ...)
NOT-FOR-US: Red Hat Satellite
-CVE-2014-8182 [crash in ldap_domain2hostlist when processing SRV records]
- RESERVED
+CVE-2014-8182 (An off-by-one error leading to a crash was discovered in openldap 2.4 ...)
- openldap <not-affected> (Vulnerable code introduced in RHEL specific patch)
NOTE: http://www.openldap.org/its/index.cgi/Software%20Enhancements?id=7027
NOTE: Reference for upstream fix: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=blobdiff;f=libraries/libldap/dnssrv.c;h=de849e30d5b01ae855853c79e88fb06d7aea1137;hp=6d1bfa8e3c2b05ca5ed0ebebc00c3a30086bca95;hb=31995b535e10c45e698b62d39db998c51f799327;hpb=5de85b922aaa5bfa6eb53db6000adf01ebdb0736
@@ -238703,8 +239238,7 @@ CVE-2014-6276 (schema.py in Roundup before 1.5.1 does not properly limit attribu
{DSA-3502-1}
- roundup <removed> (bug #816780)
NOTE: http://hg.code.sf.net/p/roundup/code/rev/a403c29ffaf9
-CVE-2014-6275
- RESERVED
+CVE-2014-6275 (FusionForge before 5.3.2 use scripts that run under the shared Apache ...)
- fusionforge 5.3.2-1
[squeeze] - fusionforge <end-of-life> (Not supported in Squeeze LTS)
NOTE: https://lists.fusionforge.org/pipermail/fusionforge-general/2014-September/002824.html
@@ -245244,8 +245778,7 @@ CVE-2014-3591 (Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement
- gnupg 1.4.18-7
NOTE: http://www.cs.tau.ac.il/~tromer/radioexp/
NOTE: http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=ff53cf06e966dce0daba5f2c84e03ab9db2c3c8b
-CVE-2014-3590
- RESERVED
+CVE-2014-3590 (Versions of Foreman as shipped with Red Hat Satellite 6 does not check ...)
- foreman <itp> (bug #663101)
CVE-2014-3589 (PIL/IcnsImagePlugin.py in Python Imaging Library (PIL) and Pillow befo ...)
{DSA-3009-1 DLA-41-1}
@@ -247982,8 +248515,7 @@ CVE-2014-2654 (Multiple SQL injection vulnerabilities in MobFox mAdserve 2.0 and
NOT-FOR-US: MobFox mAdserve
CVE-2013-7346 (Cross-site request forgery (CSRF) vulnerability in Symphony CMS before ...)
NOT-FOR-US: Symphony CMS
-CVE-2013-7351 [several XSS]
- RESERVED
+CVE-2013-7351 (Multiple cross-site scripting (XSS) vulnerabilities in index.php in Sh ...)
- shaarli 0.0.41~beta~dfsg2-4 (bug #743252)
NOTE: https://github.com/sebsauvage/Shaarli/commit/53da201749f8f362323ef278bf338f1d9f7a925a
CVE-2014-2685 (The GenericConsumer class in the Consumer component in ZendOpenId befo ...)
@@ -255087,8 +255619,7 @@ CVE-2014-0247 (LibreOffice 4.2.4 executes unspecified VBA macros automatically,
CVE-2014-0246 (SOSreport stores the md5 hash of the GRUB bootloader password in an ar ...)
- sosreport <unfixed> (unimportant; bug #749568)
NOTE: Non-issue, see https://bugzilla.redhat.com/show_bug.cgi?id=1101393#c5
-CVE-2014-0245
- RESERVED
+CVE-2014-0245 (It was found that the implementation of the GTNSubjectCreatingIntercep ...)
NOT-FOR-US: GateIn
CVE-2014-0244 (The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x ...)
{DSA-2966-1}
@@ -255338,8 +255869,7 @@ CVE-2014-0185 (sapi/fpm/fpm/fpm_unix.c in the FastCGI Process Manager (FPM) in P
NOTE: https://bugs.php.net/bug.php?id=67060
CVE-2014-0184 (Red Hat CloudForms 3.0 Management Engine (CFME) before 5.2.4.2 logs th ...)
NOT-FOR-US: RedHat CloudForms Management Engine
-CVE-2014-0183
- RESERVED
+CVE-2014-0183 (Versions of Katello as shipped with Red Hat Subscription Asset Manager ...)
NOT-FOR-US: Katello
CVE-2014-0182 (Heap-based buffer overflow in the virtio_load function in hw/virtio/vi ...)
- qemu 2.1+dfsg-1 (bug #739589)
@@ -255387,8 +255917,7 @@ CVE-2014-0171 (XML external entity (XXE) vulnerability in StaxXMLFactoryProvider
NOT-FOR-US: Odata4j
CVE-2014-0170 (Teiid before 8.4.3 and before 8.7 and Red Hat JBoss Data Virtualizatio ...)
NOT-FOR-US: Teiid
-CVE-2014-0169
- RESERVED
+CVE-2014-0169 (In JBoss EAP 6 a security domain is configured to use a cache that is ...)
NOT-FOR-US: JBoss EAP
CVE-2014-0168 (Cross-site request forgery (CSRF) vulnerability in Jolokia before 1.2. ...)
NOT-FOR-US: Jolokia
@@ -255961,8 +256490,7 @@ CVE-2014-0012 (FileSystemBytecodeCache in Jinja2 2.7.2 does not properly create
[squeeze] - jinja2 <not-affected> (introduced by fix in 2.7.2)
[wheezy] - jinja2 <not-affected> (introduced by fix in 2.7.2)
NOTE: introduced by https://github.com/mitsuhiko/jinja2/commit/acb672b6a179567632e032f547582f30fa2f4aa7
-CVE-2014-0011 [ZRLE decoding bounds checking issue]
- RESERVED
+CVE-2014-0011 (Multiple heap-based buffer overflows in the ZRLE_DECODE function in co ...)
- tigervnc <not-affected> (Fixed before initial release in Debian)
- vnc4 4.1.1+X4.3.0+t-1 (unimportant)
NOTE: may affect related *VNC implementations if built with NDEBUG
@@ -263972,16 +264500,16 @@ CVE-2013-3943 (Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) befo
NOT-FOR-US: DotNetNukeDot
CVE-2013-3942
RESERVED
-CVE-2013-3941
- RESERVED
+CVE-2013-3941 (Xjp2.dll in XnView before 2.13 allows remote attackers to execute arbi ...)
+ TODO: check
CVE-2013-3940 (Integer overflow in the Graphics Device Interface (GDI) in Microsoft W ...)
NOT-FOR-US: Microsoft
-CVE-2013-3939
- RESERVED
+CVE-2013-3939 (xnview.exe in XnView before 2.13 does not properly handle RLE strip le ...)
+ TODO: check
CVE-2013-3938 (Integer overflow in xnview.exe in XnView 2.13 allows remote attackers ...)
NOT-FOR-US: XnView
-CVE-2013-3937
- RESERVED
+CVE-2013-3937 (Heap-based buffer overflow in xnview.exe in XnView before 2.13 allows ...)
+ TODO: check
CVE-2013-3936 (Multiple cross-site scripting (XSS) vulnerabilities in Opsview before ...)
TODO: check
CVE-2013-3935 (Cross-site request forgery (CSRF) vulnerability in Opsview before 4.4. ...)
@@ -263990,10 +264518,10 @@ CVE-2013-3934 (Stack-based buffer overflow in Kingsoft Writer 2012 8.1.0.3030, a
NOT-FOR-US: Kingsoft Office 2013
CVE-2013-3933 (Cross-site scripting (XSS) vulnerability in the JoomShopping (com_joom ...)
NOT-FOR-US: Joomla component com_joomshopping
-CVE-2013-3932
- RESERVED
-CVE-2013-3931
- RESERVED
+CVE-2013-3932 (SQL injection vulnerability in the Jomres (com_jomres) component befor ...)
+ TODO: check
+CVE-2013-3931 (Cross-site scripting (XSS) vulnerability in the Jomres (com_jomres) co ...)
+ TODO: check
CVE-2013-3930 (Stack-based buffer overflow in Core FTP before 2.2 build 1785 allows r ...)
NOT-FOR-US: Core FTP (client)
CVE-2013-3929 (Cross-site scripting (XSS) vulnerability in admin/editevent.php in CMS ...)
@@ -265551,10 +266079,10 @@ CVE-2013-3249 (Stack-based buffer overflow in the "Add from text file" feature i
NOT-FOR-US: DameWare Remote Support
CVE-2013-3248 (Untrusted search path vulnerability in Corel PDF Fusion 1.11 allows lo ...)
NOT-FOR-US: Corel PDF Fusion
-CVE-2013-3247
- RESERVED
-CVE-2013-3246
- RESERVED
+CVE-2013-3247 (Heap-based buffer overflow in xnview.exe in XnView before 2.03 allows ...)
+ TODO: check
+CVE-2013-3246 (Stack-based buffer overflow in xnview.exe in XnView before 2.03 allows ...)
+ TODO: check
CVE-2013-3245 (** DISPUTED ** plugins/demux/libmkv_plugin.dll in VideoLAN VLC Media P ...)
- vlc 2.0.7-1 (unimportant)
NOTE: Harmless crasher
@@ -270405,8 +270933,8 @@ CVE-2013-1643 (The SOAP parser in PHP before 5.3.23 and 5.4.x before 5.4.13 allo
{DSA-2639-1}
- php5 5.4.4-14 (bug #702221)
NOTE: http://git.php.net/?p=php-src.git;a=commitdiff;h=c737b89473df9dba6742b8fc8fbf6d009bf05c36
-CVE-2013-1642
- RESERVED
+CVE-2013-1642 (Multiple cross-site scripting (XSS) vulnerabilities in QuiXplorer befo ...)
+ TODO: check
CVE-2013-1641 (Directory traversal vulnerability in the zip download functionality in ...)
NOT-FOR-US: QuiXplorer
CVE-2013-1640 (The (1) template and (2) inline_template functions in the master serve ...)
@@ -271129,8 +271657,8 @@ CVE-2013-1422
RESERVED
CVE-2013-1421 (Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar ...)
- webcalendar <removed>
-CVE-2013-1420
- RESERVED
+CVE-2013-1420 (Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS b ...)
+ TODO: check
CVE-2013-1419
RESERVED
CVE-2013-1418 (The setup_server_realm function in main.c in the Key Distribution Cent ...)
@@ -273009,8 +273537,8 @@ CVE-2013-0739
RESERVED
CVE-2013-0738
RESERVED
-CVE-2013-0737
- RESERVED
+CVE-2013-0737 (Cross-site scripting (XSS) vulnerability in BoltWire 3.5 and earlier a ...)
+ TODO: check
CVE-2013-0736 (Multiple cross-site request forgery (CSRF) vulnerabilities in the Ming ...)
NOT-FOR-US: mingle forum plugin for wp
CVE-2013-0735 (Multiple SQL injection vulnerabilities in wpf.class.php in the Mingle ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bdf1eeb72cfea1204e1df5f05b44d86612d8df4a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bdf1eeb72cfea1204e1df5f05b44d86612d8df4a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200103/ebfabb49/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list