diff options
author | security tracker role <sectracker@soriano.debian.org> | 2021-12-13 20:10:18 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2021-12-13 20:10:18 +0000 |
commit | a8bdf39aafa0774a6dc5265c876396b4611637f9 (patch) | |
tree | 07541453251bd4374937dd883fe071adde7b32a2 /data/CVE/list.2020 | |
parent | 6e42a016c5550c7c4edc61c6fc9da91e7b50a9f2 (diff) |
automatic update
Diffstat (limited to 'data/CVE/list.2020')
-rw-r--r-- | data/CVE/list.2020 | 17 |
1 files changed, 7 insertions, 10 deletions
diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index f327f2451b..944877154b 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -33762,24 +33762,21 @@ CVE-2020-16158 (GoPro gpmf-parser through 1.5 has a stack out-of-bounds write vu NOT-FOR-US: GoPro CVE-2020-16157 (A Stored XSS vulnerability exists in Nagios Log Server before 2.1.7 vi ...) NOT-FOR-US: Nagios Log Server -CVE-2020-16156 [Signature Verification Bypass] - RESERVED +CVE-2020-16156 (CPAN 2.28 allows Signature Verification Bypass. ...) - perl <unfixed> [bullseye] - perl <no-dsa> (Minor issue) [buster] - perl <no-dsa> (Minor issue) [stretch] - perl <no-dsa> (Minor issue) NOTE: https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/ NOTE: http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html -CVE-2020-16155 [does not uniquely define signed data] - RESERVED +CVE-2020-16155 (The CPAN::Checksums package 2.12 for Perl does not uniquely define sig ...) - libcpan-checksums-perl <unfixed> [bullseye] - libcpan-checksums-perl <no-dsa> (Minor issue) [buster] - libcpan-checksums-perl <no-dsa> (Minor issue) [stretch] - libcpan-checksums-perl <no-dsa> (Minor issue) NOTE: https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/ NOTE: http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html -CVE-2020-16154 [Signature Verification Bypass] - RESERVED +CVE-2020-16154 (The App::cpanminus package 1.7044 for Perl allows Signature Verificati ...) - cpanminus <unfixed> [bullseye] - cpanminus <no-dsa> (Minor issue) [buster] - cpanminus <no-dsa> (Minor issue) @@ -33883,7 +33880,7 @@ CVE-2020-16120 (Overlayfs did not properly perform permission checking when copy [stretch] - linux <not-affected> (Vulnerable configuration combination not possible) NOTE: https://www.openwall.com/lists/oss-security/2020/10/13/6 CVE-2020-16119 (Use-after-free vulnerability in the Linux kernel exploitable by a loca ...) - {DSA-4978-1 DLA-2785-1} + {DSA-4978-1 DLA-2843-1 DLA-2785-1} - linux 5.14.6-1 [buster] - linux 4.19.208-1 NOTE: https://www.openwall.com/lists/oss-security/2020/10/13/7 @@ -62795,8 +62792,8 @@ CVE-2020-4498 (IBM MQ Appliance 9.1 LTS and 9.1 CD could allow a local privilege NOT-FOR-US: IBM CVE-2020-4497 RESERVED -CVE-2020-4496 - RESERVED +CVE-2020-4496 (The IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x server connect ...) + TODO: check CVE-2020-4495 (IBM Jazz Foundation and IBM Engineering products could allow a remote ...) NOT-FOR-US: IBM CVE-2020-4494 (IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows ...) @@ -64494,7 +64491,7 @@ CVE-2020-3704 (u'While processing invalid connection request PDU which is nonsta CVE-2020-3703 (u'Buffer over-read issue in Bluetooth peripheral firmware due to lack ...) NOT-FOR-US: Qualcomm components for Android CVE-2020-3702 (u'Specifically timed and handcrafted traffic can cause internal errors ...) - {DSA-4978-1 DLA-2785-1} + {DSA-4978-1 DLA-2843-1 DLA-2785-1} - linux 5.14.6-1 [buster] - linux 4.19.208-1 NOTE: https://lore.kernel.org/linux-wireless/CABvG-CVvPF++0vuGzCrBj8+s=Bcx1GwWfiW1_Somu_GVncTAcQ@mail.gmail.com/ |