[Git][security-tracker-team/security-tracker][master] Add new CVEs for nextcloud-server

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Jun 14 21:42:55 BST 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9c627d79 by Salvatore Bonaccorso at 2024-06-14T22:42:10+02:00
Add new CVEs for nextcloud-server

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -19,17 +19,17 @@ CVE-2024-37889 (MyFinances is a web application for managing finances. MyFinance
 CVE-2024-37888 (The Open Link is a CKEditor plugin, extending context menu with a poss ...)
 	TODO: check
 CVE-2024-37887 (Nextcloud Server is a self hosted personal cloud system. Private share ...)
-	TODO: check
+	- nextcloud-server <itp> (bug #941708)
 CVE-2024-37886 (user_oidc app is an OpenID Connect user backend for Nextcloud. An atta ...)
 	NOT-FOR-US: Nextcloud user_oidc app
 CVE-2024-37885 (The Nextcloud Desktop Client is a tool to synchronize files from Nextc ...)
 	TODO: check
 CVE-2024-37884 (Nextcloud Server is a self hosted personal cloud system. A malicious u ...)
-	TODO: check
+	- nextcloud-server <itp> (bug #941708)
 CVE-2024-37883 (Nextcloud Deck is a kanban style organization tool aimed at personal p ...)
 	NOT-FOR-US: Nextcloud Deck
 CVE-2024-37882 (Nextcloud Server is a self hosted personal cloud system. A recipient o ...)
-	TODO: check
+	- nextcloud-server <itp> (bug #941708)
 CVE-2024-37831 (Itsourcecode Payroll Management System 1.0 is vulnerable to SQL Inject ...)
 	NOT-FOR-US: Itsourcecode Payroll Management System
 CVE-2024-37645 (TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a stack o ...)
@@ -59,11 +59,11 @@ CVE-2024-37317 (The Nextcloud Notes app is a distraction free notes taking app f
 CVE-2024-37316 (Nextcloud Calendar is a calendar app for Nextcloud. Authenticated user ...)
 	NOT-FOR-US: Nextcloud Calendar
 CVE-2024-37315 (Nextcloud Server is a self hosted personal cloud system. An attacker w ...)
-	TODO: check
+	- nextcloud-server <itp> (bug #941708)
 CVE-2024-37314 (Nextcloud Photos is a photo management app. Users can remove photos fr ...)
 	NOT-FOR-US: Nextcloud Photos
 CVE-2024-37313 (Nextcloud server is a self hosted personal cloud system. Under some ci ...)
-	TODO: check
+	- nextcloud-server <itp> (bug #941708)
 CVE-2024-37312 (user_oidc app is an OpenID Connect user backend for Nextcloud. Missing ...)
 	TODO: check
 CVE-2024-37182 (Mattermost Desktop App versions <=5.7.0 fail to correctly prompt for p ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c627d799dfde16faa0a2c16abeb41d336780cc0

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c627d799dfde16faa0a2c16abeb41d336780cc0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240614/522f8782/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list