diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-02-09 22:01:10 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-02-09 22:01:10 +0100 |
commit | f03b8ff2a3ad54109352dc3ac7a8fb9c7928a0bb (patch) | |
tree | 2ab086f525b00f5803758816b8dc591f225f46e3 /data | |
parent | e8cd45d0dcdbd7e447c49d13a013ab17d34d548f (diff) |
Update information on CVE-2020-5236/waitress
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/data/CVE/list b/data/CVE/list index 183cb42637..552de58016 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -7820,9 +7820,10 @@ CVE-2020-5238 CVE-2020-5237 (oneup/uploader-bundle before 1.9.3 and 2.1.5, can be exploited to uplo ...) NOT-FOR-US: oneup/uploader-bundle CVE-2020-5236 (Waitress version 1.4.2 allows a DOS attack When waitress receives a he ...) - - waitress <unfixed> + - waitress <not-affected> (Vulnerable code introduced later) NOTE: https://github.com/Pylons/waitress/security/advisories/GHSA-73m2-3pwg-5fgc - NOTE: https://github.com/Pylons/waitress/commit/6e46f9e3f014d64dd7d1e258eaf626e39870ee1f + NOTE: Introduced in: https://github.com/Pylons/waitress/commit/0bf98dadd8cae23830cb365cc6cb9cedd7f98db0 (v1.4.2) + NOTE: https://github.com/Pylons/waitress/commit/6e46f9e3f014d64dd7d1e258eaf626e39870ee1f (v1.4.3) CVE-2020-5235 (There is a potentially exploitable out of memory condition In Nanopb b ...) - nanopb <not-affected> (Fixed before initial upload to Debian) NOTE: https://github.com/nanopb/nanopb/security/advisories/GHSA-gcx3-7m76-287p |