[Git][security-tracker-team/security-tracker][master] Add CVE-2020-35701/cacti

Mon Jan 11 20:22:14 GMT 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
39257043 by Salvatore Bonaccorso at 2021-01-11T21:18:16+01:00
Add CVE-2020-35701/cacti

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5982,7 +5982,9 @@ CVE-2020-35702 (** DISPUTED ** DCTStream::getChars in DCTStream.cc in Poppler 20
 	NOTE: Introduced by: https://gitlab.freedesktop.org/poppler/poppler/-/commit/f1c3ded779582aef5f2cbaf29bc5da7a8eae6f69
 	NOTE: Fixed by: https://gitlab.freedesktop.org/poppler/poppler/-/commit/ae614bf8ab42c9d0c7ac57ecdfdcbcfc4ff6c639
 CVE-2020-35701 (An issue was discovered in Cacti 1.2.x through 1.2.16. A SQL injection ...)
-	TODO: check
+	- cacti <unfixed>
+	NOTE: https://github.com/Cacti/cacti/issues/4022
+	NOTE: https://asaf.me/2020/12/15/cacti-1-2-0-to-1-2-16-sql-injection/
 CVE-2020-35700
 	RESERVED
 CVE-2020-35699



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/392570438efe75f8b6df78f63d541d07e03ab71e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/392570438efe75f8b6df78f63d541d07e03ab71e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210111/ec1e3b96/attachment.html>
