Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b2e95c58 by Salvatore Bonaccorso at 2020-02-05T09:38:06+01:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -17322,7 +17322,7 @@ CVE-2019-19274 (typed_ast 1.3.0 and 1.3.1 has a
handle_keywordonly_args out-of-b
NOTE: Introduced by:
https://github.com/python/typed_ast/commit/156afcb26c198e162504a57caddfe0acd9ed7dce
(1.3.0)
NOTE: Fixed by:
https://github.com/python/typed_ast/commit/dc317ac9cff859aa84eeabe03fb5004982545b3b
(1.3.2)
CVE-2019-19273 (On Samsung mobile devices with O(8.0) and P(9.0) software and
an Exyno ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2015-9539 (The Fast Secure Contact Form plugin before 4.0.38 for WordPress
allows ...)
NOT-FOR-US: Fast Secure Contact Form plugin for WordPress
CVE-2015-9538 (The NextGEN Gallery plugin before 2.1.15 for WordPress allows
../ Dire ...)
@@ -30404,7 +30404,7 @@ CVE-2019-15624 (Improper Input Validation in Nextcloud
Server 15.0.7 allows grou
CVE-2019-15623 (Exposure of Private Information in Nextcloud Server 16.0.1
causes the ...)
TODO: check
CVE-2019-15622 (Not strictly enough sanitization in the Nextcloud Android app
3.6.0 al ...)
- TODO: check
+ NOT-FOR-US: Nextcloud Android App
CVE-2019-15621 (Improper permissions preservation in Nextcloud Server 16.0.1
causes sh ...)
TODO: check
CVE-2019-15620 (Improper access control in Nextcloud Talk 6.0.3 leaks the
existance an ...)
@@ -30418,15 +30418,15 @@ CVE-2019-15617 (A missing check in Nextcloud Server
17.0.0 allowed an attacker t
CVE-2019-15616 (Dangling remote share attempts in Nextcloud 16 allow a DNS
pollution w ...)
TODO: check
CVE-2019-15615 (A wrong check for the system time in the Android App 3.9.0
causes a by ...)
- TODO: check
+ NOT-FOR-US: Nextcloud Android app
CVE-2019-15614 (Missing sanitization in the iOS App 2.24.4 causes an XSS when
opening ...)
- TODO: check
+ NOT-FOR-US: Nextcloud iOS App
CVE-2019-15613 (A bug in Nextcloud Server 17.0.1 causes the workflow rules to
depend t ...)
TODO: check
CVE-2019-15612 (A bug in Nextcloud Server 15.0.2 causes pending 2FA logins to
not be c ...)
TODO: check
CVE-2019-15611 (Violation of Secure Design Principles in the iOS App 2.23.0
causes the ...)
- TODO: check
+ NOT-FOR-US: Nextcloud iOS App
CVE-2019-15610 (Improper authorization in the Circles app 0.17.7 causes
retaining acce ...)
TODO: check
CVE-2019-15609
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b2e95c58fb4d6aeb29da7e3e7b7fbff3e25077a1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b2e95c58fb4d6aeb29da7e3e7b7fbff3e25077a1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
