Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
df034a7f by Salvatore Bonaccorso at 2021-01-19T07:26:46+01:00
Add CVE-2020-16255/owncloud
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -47269,7 +47269,7 @@ CVE-2020-16257 (Winston 1.5.4 devices are vulnerable to
command injection via th
CVE-2020-16256 (The API on Winston 1.5.4 devices is vulnerable to CSRF. ...)
NOT-FOR-US: Winston devices
CVE-2020-16255 (ownCloud (Core) before 10.5 allows XSS in login page 'forgot
password. ...)
- TODO: check
+ - owncloud <removed>
CVE-2020-16254 (The Chartkick gem through 3.3.2 for Ruby allows Cascading
Style Sheets ...)
NOT-FOR-US: Chartkick gem
CVE-2020-16253 (The PgHero gem through 2.6.0 for Ruby allows CSRF. ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df034a7f69609cad21fd1e81ff4a1138acaf94be
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/df034a7f69609cad21fd1e81ff4a1138acaf94be
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
