diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2020-11-26 08:23:20 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-11-26 08:23:20 +0100 |
| commit | f27c42fb780f1d7715f6ba2fa8070b1e98deec4a (patch) | |
| tree | c740edb9192c00302579cd3b8aa3e0ad96ad7a7b /data | |
| parent | 2160a66d1e01901eccdf917e0acb0dc81d9c9671 (diff) | |
Track drupal7 as well under CVE-2020-2894{8,9}
The drupal project seems to reuse the CVes as well for the respective
affecting issues in the drupal code base. Follow that for now.
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list index 753ed475e3..e0ad98f1d6 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -270,14 +270,18 @@ CVE-2020-28950 RESERVED CVE-2020-28949 (Archive_Tar through 1.4.10 has :// filename sanitization only to addre ...) {DLA-2465-1} + - drupal7 <removed> - php-pear <unfixed> NOTE: https://github.com/pear/Archive_Tar/issues/33 NOTE: https://github.com/pear/Archive_Tar/commit/0670a05fdab997036a3fc3ef113b8f5922e574da + NOTE: https://www.drupal.org/sa-core-2020-013 CVE-2020-28948 (Archive_Tar through 1.4.10 allows an unserialization attack because ph ...) {DLA-2465-1} + - drupal7 <removed> - php-pear <unfixed> NOTE: https://github.com/pear/Archive_Tar/issues/33 NOTE: https://github.com/pear/Archive_Tar/commit/0670a05fdab997036a3fc3ef113b8f5922e574da + NOTE: https://www.drupal.org/sa-core-2020-013 CVE-2020-28947 (In MISP 2.4.134, XSS exists in the template element index view because ...) NOT-FOR-US: MISP CVE-2020-28946 |