Author: carnil Date: 2016-01-14 22:00:14 +0000 (Thu, 14 Jan 2016) New Revision: 38923
Modified: data/CVE/list Log: Add three CVEs for cgit Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-01-14 21:37:17 UTC (rev 38922) +++ data/CVE/list 2016-01-14 22:00:14 UTC (rev 38923) @@ -1,3 +1,12 @@ +CVE-2016-1901 [Integer Overflow resulting in Buffer Overflow] + - cgit <unfixed> + NOTE: http://git.zx2c4.com/cgit/commit/?id=4458abf64172a62b92810c2293450106e6dfc763 (v0.12) +CVE-2016-1900 [Stored Cross Site Scripting & Header Injection in Filename Parameter] + - cgit <unfixed> + NOTE: http://git.zx2c4.com/cgit/commit/?id=513b3863d999f91b47d7e9f26710390db55f9463 (v0.12) +CVE-2016-1899 [Reflected Cross Site Scripting & Header Injection in Mimetype Query String] + - cgit <unfixed> + NOTE: http://git.zx2c4.com/cgit/commit/?id=1c581a072651524f3b0d91f33e22a42c4166dd96 (v0.12) CVE-2016-1896 RESERVED CVE-2016-1895 _______________________________________________ Secure-testing-commits mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
