[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Sat Sep 5 09:10:27 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c840b418 by security tracker role at 2020-09-05T08:10:18+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,11 @@
+CVE-2020-25202
+	RESERVED
+CVE-2020-25201
+	RESERVED
+CVE-2020-25200
+	RESERVED
+CVE-2019-20916 (The pip package before 19.2 for Python allows Directory Traversal when ...)
+	TODO: check
 CVE-2020-25199
 	RESERVED
 CVE-2020-25198
@@ -434,10 +442,10 @@ CVE-2020-24989
 	RESERVED
 CVE-2020-24988
 	RESERVED
-CVE-2020-24987
-	RESERVED
-CVE-2020-24986
-	RESERVED
+CVE-2020-24987 (Tenda AC18 Router through V15.03.05.05_EN and through V15.03.05.19(631 ...)
+	TODO: check
+CVE-2020-24986 (Concrete5 up to and including 8.5.2 allows Unrestricted Upload of File ...)
+	TODO: check
 CVE-2020-24985
 	RESERVED
 CVE-2020-24984
@@ -446,8 +454,8 @@ CVE-2020-24983
 	RESERVED
 CVE-2020-24982
 	RESERVED
-CVE-2020-24981
-	RESERVED
+CVE-2020-24981 (An Incorrect Access Control vulnerability exists in /ucms/chk.php in U ...)
+	TODO: check
 CVE-2020-24980 (An assertion failure was found in src/parse-gram.c in GNU bison 3.7.1. ...)
 	- bison <unfixed> (unimportant)
 	NOTE: https://github.com/akimd/bison/commit/b801b7b670872b8a31d11b3683b4afc3e45a07f8
@@ -19410,8 +19418,7 @@ CVE-2020-15711 (In MISP before 2.4.129, setting a favourite homepage was not CSR
 	NOT-FOR-US: MISP
 CVE-2020-15710
 	RESERVED
-CVE-2020-15709
-	RESERVED
+CVE-2020-15709 (Versions of add-apt-repository before 0.98.9.2, 0.96.24.32.14, 0.96.20 ...)
 	{DLA-2339-1}
 	- software-properties <unfixed> (bug #968850)
 	[buster] - software-properties <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c840b418300414cfae2796866771f408165872e3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c840b418300414cfae2796866771f408165872e3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200905/77a99623/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list