Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4c8813d1 by Salvatore Bonaccorso at 2023-07-10T20:39:10+02:00
Update status for CVE-2020-23066 and sync with CVE-2020-17480
The former looks to be a duplicate assignment for CVE-2020-17480, MITRE
as the both assignin CNA is contacted to decide on the possible
rejection. Until it's not clear they were not assigned for a particular
reason (e.g. to cover different vectors) keep both in sync.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -210402,7 +210402,10 @@ CVE-2020-23068
CVE-2020-23067
RESERVED
CVE-2020-23066 (Cross Site Scripting vulnerability in TinyMCE v.4.9.6 and
before and v ...)
- - tinymce <removed>
+ - tinymce <removed> (bug #972642)
+ [buster] - tinymce <no-dsa> (Minor issue)
+ NOTE:
https://github.com/tinymce/tinymce/security/advisories/GHSA-27gm-ghr9-4v95
+ NOTE: Duplicate CVE of CVE-2020-17480
CVE-2020-23065 (Cross Site Scripting vulnerabiltiy in eZ Systems AS eZPublish
Platform ...)
NOT-FOR-US: eZ Systems AS eZPublish
CVE-2020-23064 (Cross Site Scripting vulnerability in jQuery 2.2.0 through 3.x
before ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4c8813d16eb10b38f25e84a25d2dcdeb47a22c26
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4c8813d16eb10b38f25e84a25d2dcdeb47a22c26
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
