[Git][security-tracker-team/security-tracker][master] automatic update

Thu, 28 May 2020 01:11:10 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
11beafa4 by security tracker role at 2020-05-28T08:10:19+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2020-13644 (An issue was discovered in the Accordion plugin before 2.2.9 
for WordP ...)
+       TODO: check
+CVE-2020-13643 (An issue was discovered in the SiteOrigin Page Builder plugin 
before 2 ...)
+       TODO: check
+CVE-2020-13642 (An issue was discovered in the SiteOrigin Page Builder plugin 
before 2 ...)
+       TODO: check
+CVE-2020-13641 (An issue was discovered in the Real-Time Find and Replace 
plugin befor ...)
+       TODO: check
+CVE-2020-13640
+       RESERVED
+CVE-2020-13639
+       RESERVED
+CVE-2020-13638
+       RESERVED
+CVE-2020-13637
+       RESERVED
 CVE-2020-13636
        RESERVED
 CVE-2020-13635
@@ -7079,8 +7095,8 @@ CVE-2020-11076 (In Puma (RubyGem) before 4.3.4 and 
3.12.5, an attacker could smu
        - puma <unfixed>
        NOTE: 
https://github.com/puma/puma/security/advisories/GHSA-x7jg-6pwg-fx5h
        NOTE: 
https://github.com/puma/puma/commit/f24d5521295a2152c286abb0a45a1e1e2bd275bd
-CVE-2020-11075
-       RESERVED
+CVE-2020-11075 (In Anchore Engine version 0.7.0, a specially crafted container 
image m ...)
+       TODO: check
 CVE-2020-11074
        RESERVED
 CVE-2020-11073 (In Autoswitch Python Virtualenv before version 0.16.0, a user 
who ente ...)
@@ -7117,8 +7133,8 @@ CVE-2020-11060 (In GLPI before 9.4.6, an attacker can 
execute system commands by
        NOTE: 
https://github.com/glpi-project/glpi/security/advisories/GHSA-cvvq-3fww-5v6f
        NOTE: 
https://github.com/glpi-project/glpi/commit/ad748d59c94da177a3ed25111c453902396f320c
        NOTE: Only supported behind an authenticated HTTP zone
-CVE-2020-11059
-       RESERVED
+CVE-2020-11059 (In AEgir greater than or equal to 21.7.0 and less than 
21.10.1, aegir  ...)
+       TODO: check
 CVE-2020-11058 (In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds 
seek in  ...)
        - freerdp2 2.1.1+dfsg1-1
        [buster] - freerdp2 <no-dsa> (Minor issue)
@@ -13302,14 +13318,14 @@ CVE-2020-8608 (In libslirp 4.1.0, as used in QEMU 
4.2.0, tcp_subr.c misuses snpr
        NOTE: slirp4netns 1.0.1-1 switched to system libslirp, marking that 
version as fixed.
 CVE-2020-8607
        RESERVED
-CVE-2020-8606
-       RESERVED
-CVE-2020-8605
-       RESERVED
-CVE-2020-8604
-       RESERVED
-CVE-2020-8603
-       RESERVED
+CVE-2020-8606 (A vulnerability in Trend Micro InterScan Web Security Virtual 
Applianc ...)
+       TODO: check
+CVE-2020-8605 (A vulnerability in Trend Micro InterScan Web Security Virtual 
Applianc ...)
+       TODO: check
+CVE-2020-8604 (A vulnerability in Trend Micro InterScan Web Security Virtual 
Applianc ...)
+       TODO: check
+CVE-2020-8603 (A cross-site scripting vulnerability (XSS) in Trend Micro 
InterScan We ...)
+       TODO: check
 CVE-2020-8602
        RESERVED
 CVE-2020-8601 (Trend Micro Vulnerability Protection 2.0 is affected by a 
vulnerabilit ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11beafa48e8e98e10a340883bffaf0668721ecc1

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11beafa48e8e98e10a340883bffaf0668721ecc1
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to