[Git][security-tracker-team/security-tracker][master] automatic update

Thu May 28 09:10:27 BST 2020


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
11beafa4 by security tracker role at 2020-05-28T08:10:19+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2020-13644 (An issue was discovered in the Accordion plugin before 2.2.9 for WordP ...)
+	TODO: check
+CVE-2020-13643 (An issue was discovered in the SiteOrigin Page Builder plugin before 2 ...)
+	TODO: check
+CVE-2020-13642 (An issue was discovered in the SiteOrigin Page Builder plugin before 2 ...)
+	TODO: check
+CVE-2020-13641 (An issue was discovered in the Real-Time Find and Replace plugin befor ...)
+	TODO: check
+CVE-2020-13640
+	RESERVED
+CVE-2020-13639
+	RESERVED
+CVE-2020-13638
+	RESERVED
+CVE-2020-13637
+	RESERVED
 CVE-2020-13636
 	RESERVED
 CVE-2020-13635
@@ -7079,8 +7095,8 @@ CVE-2020-11076 (In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smu
 	- puma <unfixed>
 	NOTE: https://github.com/puma/puma/security/advisories/GHSA-x7jg-6pwg-fx5h
 	NOTE: https://github.com/puma/puma/commit/f24d5521295a2152c286abb0a45a1e1e2bd275bd
-CVE-2020-11075
-	RESERVED
+CVE-2020-11075 (In Anchore Engine version 0.7.0, a specially crafted container image m ...)
+	TODO: check
 CVE-2020-11074
 	RESERVED
 CVE-2020-11073 (In Autoswitch Python Virtualenv before version 0.16.0, a user who ente ...)
@@ -7117,8 +7133,8 @@ CVE-2020-11060 (In GLPI before 9.4.6, an attacker can execute system commands by
 	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-cvvq-3fww-5v6f
 	NOTE: https://github.com/glpi-project/glpi/commit/ad748d59c94da177a3ed25111c453902396f320c
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2020-11059
-	RESERVED
+CVE-2020-11059 (In AEgir greater than or equal to 21.7.0 and less than 21.10.1, aegir  ...)
+	TODO: check
 CVE-2020-11058 (In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds seek in  ...)
 	- freerdp2 2.1.1+dfsg1-1
 	[buster] - freerdp2 <no-dsa> (Minor issue)
@@ -13302,14 +13318,14 @@ CVE-2020-8608 (In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snpr
 	NOTE: slirp4netns 1.0.1-1 switched to system libslirp, marking that version as fixed.
 CVE-2020-8607
 	RESERVED
-CVE-2020-8606
-	RESERVED
-CVE-2020-8605
-	RESERVED
-CVE-2020-8604
-	RESERVED
-CVE-2020-8603
-	RESERVED
+CVE-2020-8606 (A vulnerability in Trend Micro InterScan Web Security Virtual Applianc ...)
+	TODO: check
+CVE-2020-8605 (A vulnerability in Trend Micro InterScan Web Security Virtual Applianc ...)
+	TODO: check
+CVE-2020-8604 (A vulnerability in Trend Micro InterScan Web Security Virtual Applianc ...)
+	TODO: check
+CVE-2020-8603 (A cross-site scripting vulnerability (XSS) in Trend Micro InterScan We ...)
+	TODO: check
 CVE-2020-8602
 	RESERVED
 CVE-2020-8601 (Trend Micro Vulnerability Protection 2.0 is affected by a vulnerabilit ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11beafa48e8e98e10a340883bffaf0668721ecc1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11beafa48e8e98e10a340883bffaf0668721ecc1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200528/10e53cb0/attachment.html>
