[Git][security-tracker-team/security-tracker][master] 2 commits: Add reference for CVE-2020-28374
Salvatore Bonaccorso
carnil at debian.org
Wed Jan 13 08:32:53 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6d027f86 by Salvatore Bonaccorso at 2021-01-13T09:27:50+01:00
Add reference for CVE-2020-28374
- - - - -
65d64130 by Salvatore Bonaccorso at 2021-01-13T09:32:31+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,25 +7,25 @@ CVE-2021-3136
CVE-2021-3135
RESERVED
CVE-2021-23936 (OX App Suite through 7.10.4 allows XSS via the subject of a task. ...)
- TODO: check
+ NOT-FOR-US: OX App Suite
CVE-2021-23935 (OX App Suite through 7.10.4 allows XSS via an appointment in which the ...)
- TODO: check
+ NOT-FOR-US: OX App Suite
CVE-2021-23934 (OX App Suite through 7.10.4 allows XSS via a contact whose name contai ...)
- TODO: check
+ NOT-FOR-US: OX App Suite
CVE-2021-23933 (OX App Suite through 7.10.4 allows XSS via JavaScript in a Note refere ...)
- TODO: check
+ NOT-FOR-US: OX App Suite
CVE-2021-23932 (OX App Suite through 7.10.4 allows XSS via an inline image with a craf ...)
- TODO: check
+ NOT-FOR-US: OX App Suite
CVE-2021-23931 (OX App Suite through 7.10.4 allows XSS via an inline binary file. ...)
- TODO: check
+ NOT-FOR-US: OX App Suite
CVE-2021-23930 (OX App Suite through 7.10.4 allows XSS via use of the conversion API f ...)
- TODO: check
+ NOT-FOR-US: OX App Suite
CVE-2021-23929 (OX App Suite through 7.10.4 allows XSS via a crafted Content-Dispositi ...)
- TODO: check
+ NOT-FOR-US: OX App Suite
CVE-2021-23928 (OX App Suite through 7.10.3 allows XSS via the ajax/apps/manifests que ...)
- TODO: check
+ NOT-FOR-US: OX App Suite
CVE-2021-23927 (OX App Suite through 7.10.4 allows SSRF via a URL with an @ character ...)
- TODO: check
+ NOT-FOR-US: OX App Suite
CVE-2021-23926
RESERVED
CVE-2021-23925
@@ -16313,6 +16313,7 @@ CVE-2020-28374 (In drivers/target/target_core_xcopy.c in the Linux kernel before
NOTE: https://git.kernel.org/linus/2896c93811e39d63a4d9b63ccf12a8fbc226e5e4
NOTE: https://www.openwall.com/lists/oss-security/2021/01/12/12
NOTE: tcmu-runner patch: https://bugzilla.suse.com/attachment.cgi?id=844924&action=diff&context=patch&collapsed=&headers=1&format=raw
+ NOTE: https://github.com/open-iscsi/tcmu-runner/issues/645
CVE-2020-28373 (upnpd on certain NETGEAR devices allows remote (LAN) attackers to exec ...)
NOT-FOR-US: Netgear
CVE-2020-28372
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0495ed6690543d013e5a68efead3fd3344d3784a...65d64130733f0823570c0a362ec7c10a4c55cf9c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0495ed6690543d013e5a68efead3fd3344d3784a...65d64130733f0823570c0a362ec7c10a4c55cf9c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210113/a14ab14c/attachment.html>
More information about the debian-security-tracker-commits
mailing list