diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2021-09-03 11:45:35 +0200 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2021-09-03 11:45:35 +0200 |
commit | 7b4b87615b6055d8676f646137bad88326c05f67 (patch) | |
tree | b40edd09685020f1e9ad4a4008f63a131eb67482 /data/CVE/list.2019 | |
parent | 7f78b3a4efca091eabdef288eb0b3fa98ba61e2e (diff) |
some zoneminder issues fixed
Diffstat (limited to 'data/CVE/list.2019')
-rw-r--r-- | data/CVE/list.2019 | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/data/CVE/list.2019 b/data/CVE/list.2019 index adc9bc1898..c01584dab5 100644 --- a/data/CVE/list.2019 +++ b/data/CVE/list.2019 @@ -34604,20 +34604,26 @@ CVE-2019-8429 (ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.ph - zoneminder <unfixed> (unimportant; bug #922724) NOTE: See README.Debian.security, only supported behind an authenticated HTTP zone CVE-2019-8428 (ZoneMinder before 1.32.3 has SQL Injection via the skins/classic/views ...) - - zoneminder <unfixed> (unimportant; bug #922724) + - zoneminder 1.34.6-1 (unimportant; bug #922724) NOTE: See README.Debian.security, only supported behind an authenticated HTTP zone + NOTE: https://github.com/ZoneMinder/zoneminder/pull/2422 + NOTE: https://github.com/ZoneMinder/zoneminder/commit/c0a6e54d60d3a8f297cc5f2ef6a862f6f00d746e CVE-2019-8427 (daemonControl in includes/functions.php in ZoneMinder before 1.32.3 al ...) - zoneminder <unfixed> (unimportant; bug #922724) NOTE: See README.Debian.security, only supported behind an authenticated HTTP zone CVE-2019-8426 (skins/classic/views/controlcap.php in ZoneMinder before 1.32.3 has XSS ...) - - zoneminder <unfixed> (unimportant; bug #922724) + - zoneminder 1.34.6-1 (unimportant; bug #922724) NOTE: See README.Debian.security, only supported behind an authenticated HTTP zone + NOTE: https://github.com/ZoneMinder/zoneminder/commit/34e2e4799364639483f93cff70204618b834f7a2 + NOTE: https://github.com/ZoneMinder/zoneminder/pull/2423 CVE-2019-8425 (includes/database.php in ZoneMinder before 1.32.3 has XSS in the const ...) - zoneminder <unfixed> (unimportant; bug #922724) NOTE: See README.Debian.security, only supported behind an authenticated HTTP zone CVE-2019-8424 (ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sor ...) - - zoneminder <unfixed> (unimportant; bug #922724) + - zoneminder 1.34.6-1 (unimportant; bug #922724) NOTE: See README.Debian.security, only supported behind an authenticated HTTP zone + NOTE: https://github.com/ZoneMinder/zoneminder/commit/02fd1e79b3bfa5b2e2087cb1255f9dbd921ccae8 + NOTE: https://github.com/ZoneMinder/zoneminder/pull/2421 CVE-2019-8423 (ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/view ...) - zoneminder <unfixed> (unimportant; bug #922724) NOTE: See README.Debian.security, only supported behind an authenticated HTTP zone @@ -37295,9 +37301,10 @@ CVE-2019-7331 (Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder thr NOTE: https://github.com/ZoneMinder/zoneminder/commit/254b7286b4d2654b95080a175c44195667e42ea8 NOTE: See README.Debian.security, only supported behind an authenticated HTTP zone CVE-2019-7330 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...) - - zoneminder <unfixed> (unimportant; bug #922724) + - zoneminder 1.34.6-1 (unimportant; bug #922724) NOTE: https://github.com/ZoneMinder/zoneminder/issues/2448 NOTE: See README.Debian.security, only supported behind an authenticated HTTP zone + NOTE: https://github.com/ZoneMinder/zoneminder/commit/b2a97ee190c6dc3e30b9c36b9c33c33348dde4d6 CVE-2019-7329 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...) - zoneminder 1.34.6-1 (unimportant; bug #922724) NOTE: https://github.com/ZoneMinder/zoneminder/issues/2446 |