Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
822c50f1 by security tracker role at 2021-06-22T20:10:22+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2021-3613
+ RESERVED
+CVE-2021-35210
+ RESERVED
+CVE-2021-35209
+ RESERVED
+CVE-2021-35208
+ RESERVED
+CVE-2021-35207
+ RESERVED
+CVE-2021-35206 (Gitpod before 0.6.0 allows unvalidated redirects. ...)
+ TODO: check
+CVE-2021-35205
+ RESERVED
+CVE-2021-35204
+ RESERVED
+CVE-2021-35203
+ RESERVED
+CVE-2021-35202
+ RESERVED
+CVE-2021-35201
+ RESERVED
+CVE-2021-35200
+ RESERVED
+CVE-2021-35199
+ RESERVED
+CVE-2021-35198
+ RESERVED
+CVE-2021-35197
+ RESERVED
CVE-2021-35196 (** DISPUTED ** Manuskript through 0.12.0 allows remote
attackers to ex ...)
TODO: check
CVE-2021-35195
@@ -326,10 +356,10 @@ CVE-2021-35048
RESERVED
CVE-2021-35047
RESERVED
-CVE-2021-35046
- RESERVED
-CVE-2021-35045
- RESERVED
+CVE-2021-35046 (A session fixation vulnerability was discovered in Ice Hrm
29.0.0 OS w ...)
+ TODO: check
+CVE-2021-35045 (Cross site scripting (XSS) vulnerability in Ice Hrm 29.0.0.OS,
allows ...)
+ TODO: check
CVE-2021-35044
RESERVED
CVE-2021-35043
@@ -1693,8 +1723,8 @@ CVE-2021-34430
RESERVED
CVE-2021-34429
RESERVED
-CVE-2021-34428
- RESERVED
+CVE-2021-34428 (For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <=
11.0.2, i ...)
+ TODO: check
CVE-2021-34427
RESERVED
CVE-2021-34426
@@ -2100,10 +2130,10 @@ CVE-2021-34246
RESERVED
CVE-2021-34245
RESERVED
-CVE-2021-34244
- RESERVED
-CVE-2021-34243
- RESERVED
+CVE-2021-34244 (A cross site request forgery (CSRF) vulnerability was
discovered in Ic ...)
+ TODO: check
+CVE-2021-34243 (A stored cross site scripting (XSS) vulnerability was
discovered in Ic ...)
+ TODO: check
CVE-2021-34242
RESERVED
CVE-2021-34241
@@ -3791,7 +3821,7 @@ CVE-2021-33508 (Plone through 5.2.4 allows XSS via a full
name that is mishandle
NOT-FOR-US: Plone
CVE-2021-33507 (Zope Products.CMFCore before 2.5.1 and
Products.PluggableAuthService b ...)
NOT-FOR-US: Zope Products.CMFCore (as used in Plone)
-CVE-2021-33506 (jitsi-meet-prosody in Jitsi Meet before 5026 does not ensure
that rest ...)
+CVE-2021-33506 (jitsi-meet-prosody in Jitsi Meet before 2.0.5963-1 does not
ensure tha ...)
NOT-FOR-US: jitsi-meet-prosody
CVE-2021-33505
RESERVED
@@ -5706,8 +5736,8 @@ CVE-2021-32646 (Roomer is a discord bot cog (extension)
which provides automatic
NOT-FOR-US: Roomer
CVE-2021-32645 (Tenancy multi-tenant is an open source multi-domain controller
for the ...)
NOT-FOR-US: Teancy multi-tenant
-CVE-2021-32644
- RESERVED
+CVE-2021-32644 (Ampache is an open source web based audio/video streaming
application ...)
+ TODO: check
CVE-2021-32643 (Http4s is a Scala interface for HTTP services.
`StaticFile.fromUrl` ca ...)
NOT-FOR-US: Http4s
CVE-2021-32642 (radsecproxy is a generic RADIUS proxy that supports both UDP
and TLS ( ...)
@@ -28566,8 +28596,8 @@ CVE-2021-3046
RESERVED
CVE-2021-3045
RESERVED
-CVE-2021-3044
- RESERVED
+CVE-2021-3044 (An improper authorization vulnerability in Palo Alto Networks
Cortex X ...)
+ TODO: check
CVE-2021-3043
RESERVED
CVE-2021-3042
@@ -30330,20 +30360,20 @@ CVE-2021-22385
RESERVED
CVE-2021-22384
RESERVED
-CVE-2021-22383
- RESERVED
-CVE-2021-22382
- RESERVED
+CVE-2021-22383 (There is an out-of-bounds read vulnerability in eCNS280_TD
V100R005C10 ...)
+ TODO: check
+CVE-2021-22382 (Huawei LTE USB Dongle products have an improper permission
assignment ...)
+ TODO: check
CVE-2021-22381
RESERVED
CVE-2021-22380
RESERVED
CVE-2021-22379
RESERVED
-CVE-2021-22378
- RESERVED
-CVE-2021-22377
- RESERVED
+CVE-2021-22378 (There is a race condition vulnerability in eCNS280_TD
V100R005C00 and ...)
+ TODO: check
+CVE-2021-22377 (There is a command injection vulnerability in S12700
V200R019C00SPC500 ...)
+ TODO: check
CVE-2021-22376
RESERVED
CVE-2021-22375
@@ -30364,18 +30394,18 @@ CVE-2021-22368
RESERVED
CVE-2021-22367
RESERVED
-CVE-2021-22366
- RESERVED
-CVE-2021-22365
- RESERVED
+CVE-2021-22366 (There is an out-of-bounds read vulnerability in eSE620X vESS
V100R001C ...)
+ TODO: check
+CVE-2021-22365 (There is an out of bounds read vulnerability in eSE620X vESS
V100R001C ...)
+ TODO: check
CVE-2021-22364 (There is a denial of service vulnerability in the versions
10.1.0.126( ...)
NOT-FOR-US: Huawei
-CVE-2021-22363
- RESERVED
+CVE-2021-22363 (There is a resource management error vulnerability in
eCNS280_TD V100R ...)
+ TODO: check
CVE-2021-22362 (There is an out of bounds write vulnerability in some Huawei
products. ...)
NOT-FOR-US: Huawei
-CVE-2021-22361
- RESERVED
+CVE-2021-22361 (There is an improper authorization vulnerability in eCNS280
V100R005C0 ...)
+ TODO: check
CVE-2021-22360 (There is a resource management error vulnerability in the
verisions V5 ...)
NOT-FOR-US: Huawei
CVE-2021-22359 (There is a denial of service vulnerability in the verisions
V200R005C0 ...)
@@ -30412,8 +30442,8 @@ CVE-2021-22344
RESERVED
CVE-2021-22343
RESERVED
-CVE-2021-22342
- RESERVED
+CVE-2021-22342 (There is an information leak vulnerability in Huawei products.
A modul ...)
+ TODO: check
CVE-2021-22341
RESERVED
CVE-2021-22340
@@ -45594,16 +45624,14 @@ CVE-2021-0610
RESERVED
CVE-2021-0609
RESERVED
-CVE-2021-0608
- RESERVED
-CVE-2021-0607
- RESERVED
-CVE-2021-0606
- RESERVED
+CVE-2021-0608 (In handleAppLaunch of AppLaunchActivity.java, there is a
possible arbi ...)
+ TODO: check
+CVE-2021-0607 (In iaxxx_calc_i2s_div of iaxxx-codec.c, there is a possible
hardware p ...)
+ TODO: check
+CVE-2021-0606 (In drm_syncobj_handle_to_fd of drm_syncobj.c, there is a
possible use ...)
- linux <not-affected> (Vulnerability specific to 4.14.y backporting)
NOTE: https://source.android.com/security/bulletin/pixel/2021-06-01
-CVE-2021-0605
- RESERVED
+CVE-2021-0605 (In pfkey_dump of af_key.c, there is a possible out-of-bounds
read due ...)
- linux 5.8.7-1
[buster] - linux 4.19.152-1
[stretch] - linux 4.9.240-1
@@ -45672,84 +45700,84 @@ CVE-2021-0574
RESERVED
CVE-2021-0573
RESERVED
-CVE-2021-0572
- RESERVED
-CVE-2021-0571
- RESERVED
-CVE-2021-0570
- RESERVED
-CVE-2021-0569
- RESERVED
-CVE-2021-0568
- RESERVED
-CVE-2021-0567
- RESERVED
-CVE-2021-0566
- RESERVED
-CVE-2021-0565
- RESERVED
-CVE-2021-0564
- RESERVED
-CVE-2021-0563
- RESERVED
-CVE-2021-0562
- RESERVED
-CVE-2021-0561
- RESERVED
+CVE-2021-0572 (In doNotification of AccountManagerService.java, there is a
possible p ...)
+ TODO: check
+CVE-2021-0571 (In ActivityTaskManagerService.startActivity() and
AppTaskImpl.startAct ...)
+ TODO: check
+CVE-2021-0570 (In sendBugreportNotification of BugreportProgressService.java,
there i ...)
+ TODO: check
+CVE-2021-0569 (In onStart of ContactsDumpActivity.java, there is possible
access to c ...)
+ TODO: check
+CVE-2021-0568 (In onReceive of DevicePolicyManagerService.java, there is a
possible e ...)
+ TODO: check
+CVE-2021-0567 (In isRestricted of RemoteViews.java, there is a possible way to
inject ...)
+ TODO: check
+CVE-2021-0566 (In accessAudioHalPidscpp of TimeCheck.cpp, there is a possible
out of ...)
+ TODO: check
+CVE-2021-0565 (In wrapUserThread of AudioStream.cpp, there is a possible use
after fr ...)
+ TODO: check
+CVE-2021-0564 (In decrypt of CryptoPlugin.cpp, there is a possible
use-after-free due ...)
+ TODO: check
+CVE-2021-0563 (In ih264e_fmt_conv_422i_to_420sp of ih264e_fmt_conv.c, there is
a poss ...)
+ TODO: check
+CVE-2021-0562 (In RasterIntraUpdate of motion_est.cpp, there is a possible out
of bou ...)
+ TODO: check
+CVE-2021-0561 (In append_to_verify_fifo_interleaved_ of stream_encoder.c,
there is a ...)
+ TODO: check
CVE-2021-0560
RESERVED
-CVE-2021-0559
- RESERVED
-CVE-2021-0558
- RESERVED
-CVE-2021-0557
- RESERVED
-CVE-2021-0556
- RESERVED
-CVE-2021-0555
- RESERVED
-CVE-2021-0554
- RESERVED
-CVE-2021-0553
- RESERVED
-CVE-2021-0552
- RESERVED
-CVE-2021-0551
- RESERVED
-CVE-2021-0550
- RESERVED
-CVE-2021-0549
- RESERVED
-CVE-2021-0548
- RESERVED
-CVE-2021-0547
- RESERVED
-CVE-2021-0546
- RESERVED
-CVE-2021-0545
- RESERVED
-CVE-2021-0544
- RESERVED
-CVE-2021-0543
- RESERVED
-CVE-2021-0542
- RESERVED
-CVE-2021-0541
- RESERVED
-CVE-2021-0540
- RESERVED
-CVE-2021-0539
- RESERVED
-CVE-2021-0538
- RESERVED
-CVE-2021-0537
- RESERVED
-CVE-2021-0536
- RESERVED
-CVE-2021-0535
- RESERVED
-CVE-2021-0534
- RESERVED
+CVE-2021-0559 (In Lag_max of p_ol_wgh.cpp, there is a possible out of bounds
read due ...)
+ TODO: check
+CVE-2021-0558 (In fillMainDataBuf of pvmp3_framedecoder.cpp, there is a
possible out ...)
+ TODO: check
+CVE-2021-0557 (In setRange of ABuffer.cpp, there is a possible out of bounds
write du ...)
+ TODO: check
+CVE-2021-0556 (In getBlockSum of fastcodemb.cpp, there is a possible out of
bounds re ...)
+ TODO: check
+CVE-2021-0555 (In RenderStruct of protostream_objectsource.cc, there is a
possible cr ...)
+ TODO: check
+CVE-2021-0554 (In isBackupServiceActive of BackupManagerService.java, there is
a miss ...)
+ TODO: check
+CVE-2021-0553 (In onBindViewHolder of AppSwitchPreference.java, there is a
possible b ...)
+ TODO: check
+CVE-2021-0552 (In getEndItemSliceAction of MediaOutputSlice.java, there is a
possible ...)
+ TODO: check
+CVE-2021-0551 (In bind of MediaControlPanel.java, there is a possible way to
lock up ...)
+ TODO: check
+CVE-2021-0550 (In onLoadFailed of AnnotateActivity.java, there is a possible
way to g ...)
+ TODO: check
+CVE-2021-0549 (In sspRequestCallback of BondStateMachine.java, there is a
possible le ...)
+ TODO: check
+CVE-2021-0548 (In rw_i93_send_to_lower of rw_i93.cc, there is a possible out
of bound ...)
+ TODO: check
+CVE-2021-0547 (In onReceive of NetInitiatedActivity.java, there is a possible
way to ...)
+ TODO: check
+CVE-2021-0546 (In phNxpNciHal_print_res_status of phNxpNciHal.cc, there is a
possible ...)
+ TODO: check
+CVE-2021-0545 (In phNxpNciHal_print_res_status of phNxpNciHal.cc, there is a
possible ...)
+ TODO: check
+CVE-2021-0544 (In phNxpNciHal_print_res_status of phNxpNciHal.cc, there is a
possible ...)
+ TODO: check
+CVE-2021-0543 (In phNxpNciHal_process_ext_rsp of phNxpNciHal_ext.cc, there is
a possi ...)
+ TODO: check
+CVE-2021-0542 (In updateNotification of BeamTransferManager.java, there is a
missing ...)
+ TODO: check
+CVE-2021-0541 (In phNxpNciHal_ext_process_nfc_init_rsp of phNxpNciHal_ext.cc,
there i ...)
+ TODO: check
+CVE-2021-0540 (In halWrapperDataCallback of hal_wrapper.cc, there is a
possible out o ...)
+ TODO: check
+CVE-2021-0539 (In archiveStoredConversation of MmsService.java, there is a
possible w ...)
+ TODO: check
+CVE-2021-0538 (In onCreate of EmergencyCallbackModeExitDialog.java, there is a
possib ...)
+ TODO: check
+CVE-2021-0537 (In onCreate of WiFiInstaller.java, there is a possible way to
install ...)
+ TODO: check
+CVE-2021-0536 (In dropFile of WiFiInstaller, there is a way to delete files
accessibl ...)
+ TODO: check
+CVE-2021-0535 (In wpas_ctrl_msg_queue_timeout of ctrl_iface_unix.c, there is a
possib ...)
+ TODO: check
+CVE-2021-0534 (In permission declarations of DeviceAdminReceiver.java, there
is a pos ...)
+ TODO: check
CVE-2021-0533 (In memory management driver, there is a possible memory
corruption due ...)
NOT-FOR-US: MediaTek components for Android
CVE-2021-0532 (In memory management driver, there is a possible memory
corruption due ...)
@@ -60978,32 +61006,32 @@ CVE-2020-22178
RESERVED
CVE-2020-22177
RESERVED
-CVE-2020-22176
- RESERVED
-CVE-2020-22175
- RESERVED
-CVE-2020-22174
- RESERVED
-CVE-2020-22173
- RESERVED
-CVE-2020-22172
- RESERVED
-CVE-2020-22171
- RESERVED
-CVE-2020-22170
- RESERVED
-CVE-2020-22169
- RESERVED
-CVE-2020-22168
- RESERVED
-CVE-2020-22167
- RESERVED
-CVE-2020-22166
- RESERVED
-CVE-2020-22165
- RESERVED
-CVE-2020-22164
- RESERVED
+CVE-2020-22176 (PHPGurukul Hospital Management System in PHP v4.0 has a
sensitive info ...)
+ TODO: check
+CVE-2020-22175 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL
injection ...)
+ TODO: check
+CVE-2020-22174 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL
injection ...)
+ TODO: check
+CVE-2020-22173 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL
injection ...)
+ TODO: check
+CVE-2020-22172 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL
injection ...)
+ TODO: check
+CVE-2020-22171 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL
injection ...)
+ TODO: check
+CVE-2020-22170 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL
injection ...)
+ TODO: check
+CVE-2020-22169 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL
injection ...)
+ TODO: check
+CVE-2020-22168 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL
injection ...)
+ TODO: check
+CVE-2020-22167 (PHPGurukul Hospital Management System in PHP v4.0 has a
Persistent Cro ...)
+ TODO: check
+CVE-2020-22166 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL
injection ...)
+ TODO: check
+CVE-2020-22165 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL
injection ...)
+ TODO: check
+CVE-2020-22164 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL
injection ...)
+ TODO: check
CVE-2020-22163
RESERVED
CVE-2020-22162
@@ -68169,8 +68197,8 @@ CVE-2020-18656
RESERVED
CVE-2020-18655
RESERVED
-CVE-2020-18654
- RESERVED
+CVE-2020-18654 (Cross Site Scripting (XSS) in Wuzhi CMS v4.1.0 allows remote
attackers ...)
+ TODO: check
CVE-2020-18653
RESERVED
CVE-2020-18652
@@ -68181,12 +68209,12 @@ CVE-2020-18650
RESERVED
CVE-2020-18649
RESERVED
-CVE-2020-18648
- RESERVED
-CVE-2020-18647
- RESERVED
-CVE-2020-18646
- RESERVED
+CVE-2020-18648 (Cross Site Request Forgery (CSRF) in JuQingCMS v1.0 allows
remote atta ...)
+ TODO: check
+CVE-2020-18647 (Information Disclosure in NoneCMS v1.3 allows remote attackers
to obta ...)
+ TODO: check
+CVE-2020-18646 (Information Disclosure in NoneCMS v1.3 allows remote attackers
to obta ...)
+ TODO: check
CVE-2020-18645
RESERVED
CVE-2020-18644
@@ -74618,8 +74646,8 @@ CVE-2020-15734 (An Origin Validation Error
vulnerability in Bitdefender Safepay
NOT-FOR-US: Bitdefender
CVE-2020-15733 (An Origin Validation Error vulnerability in the SafePay
component of B ...)
NOT-FOR-US: Bitdefender Antivirus Plus
-CVE-2020-15732
- RESERVED
+CVE-2020-15732 (Improper Certificate Validation vulnerability in the Online
Threat Pre ...)
+ TODO: check
CVE-2020-15731 (An improper Input Validation vulnerability in the code
handling file r ...)
NOT-FOR-US: Bitdefender
CVE-2020-15730
@@ -403301,8 +403329,8 @@ CVE-2010-4818 (The GLX extension in X.Org xserver
1.7.7 allows remote authentica
NOTE:
http://cgit.freedesktop.org/xorg/xserver/commit/?id=3f0d3f4d97bce75c1828635c322b6560a45a037f
CVE-2010-4817 (pithos before 0.3.5 allows overwrite of arbitrary files via
symlinks. ...)
- pithos 0.3.5-1
-CVE-2010-4816
- RESERVED
+CVE-2010-4816 (It was found in FreeBSD 8.0, 6.3 and 4.9, and OpenBSD 4.6 that
a null ...)
+ TODO: check
CVE-2010-4815 (Coppermine gallery before 1.4.26 has an input validation
vulnerability ...)
NOT-FOR-US: Coppermine Photo Gallery
CVE-2011-3169 (Unspecified vulnerability in the SMTP service implementation in
HP TCP ...)
@@ -413735,12 +413763,12 @@ CVE-2010-4268 (SQL injection vulnerability in the
Pulse Infotech Flip Wall (com_
CVE-2010-4267 (Stack-based buffer overflow in the hpmud_get_pml function in
io/hpmud/ ...)
{DSA-2152-1}
- hplip 3.10.6-2 (bug #610960)
-CVE-2010-4266
- RESERVED
+CVE-2010-4266 (It was found in vanilla forums before 2.0.10 a potential
linkbait vuln ...)
+ TODO: check
CVE-2010-4265 (The
org.jboss.remoting.transport.bisocket.BisocketServerInvoker$Second ...)
- jbossas4 <not-affected> (Red Hat issue, they didn't include the fix
for CVE-2010-3862 in the update)
-CVE-2010-4264
- RESERVED
+CVE-2010-4264 (It was found in vanilla forums before 2.0.10 a cross-site
scripting vu ...)
+ TODO: check
CVE-2010-4263 (The igb_receive_skb function in drivers/net/igb/igb_main.c in
the Inte ...)
- linux-2.6 2.6.32-30
[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
@@ -414806,7 +414834,7 @@ CVE-2010-3846 (Array index error in the
apply_rcs_change function in rcs.c in CV
CVE-2010-3844 (An unchecked sscanf() call in ettercap before 0.7.5 allows an
insecure ...)
- ettercap 1:0.7.4-1 (unimportant; bug #600130)
NOTE: Very far-fetched attack vector
-CVE-2010-3843 (The gtkui_conf_read function in
src/interfaces/gtk/ec_gtk_conf.c in Et ...)
+CVE-2010-3843 (The GTK version of ettercap uses a global settings file at
/tmp/.etter ...)
- ettercap 1:0.7.4-1 (unimportant; bug #600130)
NOTE: Very far-fetched attack vector
CVE-2010-3842 (Absolute path traversal vulnerability in curl 7.20.0 through
7.21.1, w ...)
@@ -415930,7 +415958,7 @@ CVE-2010-3447 (Cross-site scripting (XSS)
vulnerability in view.php in the file
[lenny] - gollem <not-affected> ($filename not printed directly and
passed through htmlspecialchars())
NOTE: http://bugs.horde.org/ticket/9191
CVE-2010-3446
- RESERVED
+ REJECTED
CVE-2010-3445 (Stack consumption vulnerability in the dissect_ber_unknown
function in ...)
{DSA-2127-1}
- wireshark 1.2.11-3 (low)
@@ -416324,8 +416352,8 @@ CVE-2010-3302 (Buffer overflow in
programs/pluto/xauth.c in the client in Opensw
CVE-2010-3301 (The IA32 system call emulation functionality in
arch/x86/ia32/ia32entr ...)
- linux-2.6 2.6.32-23
[lenny] - linux-2.6 <not-affected> (vulnerability introduced in 2.6.27)
-CVE-2010-3300
- RESERVED
+CVE-2010-3300 (It was found that all OWASP ESAPI for Java up to version 2.0
RC2 are v ...)
+ TODO: check
CVE-2010-3299 (The encrypt/decrypt functions in Ruby on Rails 2.3 are
vulnerable to p ...)
- rails <unfixed> (unimportant)
NOTE: http://seclists.org/oss-sec/2010/q3/415
@@ -417702,7 +417730,7 @@ CVE-2010-2805 (The FT_Stream_EnterFrame function in
base/ftstream.c in FreeType
{DSA-2105-1}
- freetype 2.4.2-1
CVE-2010-2804
- RESERVED
+ REJECTED
CVE-2010-2803 (The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the
Direct Rend ...)
{DSA-2094-1}
- linux-2.6 2.6.32-22
@@ -418562,8 +418590,8 @@ CVE-2010-2527 (Multiple buffer overflows in demo
programs in FreeType before 2.4
CVE-2010-2526 (The cluster logical volume manager daemon (clvmd) in
lvm2-cluster in L ...)
{DSA-2095-1}
- lvm2 2.02.66-3 (bug #591204)
-CVE-2010-2525
- RESERVED
+CVE-2010-2525 (A flaw was discovered in gfs2 file system’s handling of
acls (ac ...)
+ TODO: check
CVE-2010-2524 (The DNS resolution functionality in the CIFS implementation in
the Lin ...)
{DSA-2264-1}
- linux-2.6 2.6.32-19
@@ -418686,9 +418714,9 @@ CVE-2010-2487 (Multiple cross-site scripting (XSS)
vulnerabilities in MoinMoin 1
{DSA-2083-1}
- moin 1.9.3-1 (bug #584809)
CVE-2010-2486
- RESERVED
+ REJECTED
CVE-2010-2485
- RESERVED
+ REJECTED
CVE-2010-2484 (The strrchr function in PHP 5.2 before 5.2.14 allows
context-dependent ...)
- php5 5.3.3-1 (unimportant)
CVE-2010-2483 (The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote
attackers ...)
@@ -418714,7 +418742,7 @@ CVE-2010-2477 (Multiple cross-site scripting (XSS)
vulnerabilities in the paste.
[lenny] - paste 1.7.1-1+lenny1
NOTE: http://bitbucket.org/ianb/paste/changeset/fcae59df8b56
CVE-2010-2475
- RESERVED
+ REJECTED
CVE-2010-2474 (JBoss Enterprise Service Bus (ESB) before 4.7 CP02 in JBoss
Enterprise ...)
- jbossas4 <not-affected> (Only builds a few libraries, not the full
application server, #581226)
CVE-2010-2470 (Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6.1 and 3.7
through ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/822c50f1a1c70cb8dbe3e765117d530a34dfdb75
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/822c50f1a1c70cb8dbe3e765117d530a34dfdb75
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
