diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2021-09-23 16:48:05 +0200 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2021-09-23 16:48:29 +0200 |
commit | d5f8b4ba4d9163b0d8b8807fcd20ba65f7e4c3a7 (patch) | |
tree | 316c68d91454e97da6d00bf5a64f57de4c680c61 /data/CVE/list.2020 | |
parent | d01da76f45a9b2f15afcb2694363ff144741d251 (diff) |
buster/bullseye triage
Diffstat (limited to 'data/CVE/list.2020')
-rw-r--r-- | data/CVE/list.2020 | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index 5215d7c760..14067f2ff0 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -8720,6 +8720,7 @@ CVE-2020-27512 RESERVED CVE-2020-27511 (An issue was discovered in the stripTags and unescapeHTML components i ...) - prototypejs <unfixed> (bug #991898) + [bullseye] - prototypejs <no-dsa> (Minor issue) NOTE: https://github.com/prototypejs/prototype/blame/dee2f7d8611248abce81287e1be4156011953c90/src/prototype/lang/string.js#L283 NOTE: https://github.com/yetingli/PoCs/blob/main/CVE-2020-27511/Prototype.md NOTE: CVE mentions newer version but vulnerable code exists in older versions too @@ -22221,10 +22222,12 @@ CVE-2020-21549 RESERVED CVE-2020-21548 (Libsixel 1.8.3 contains a heap-based buffer overflow in the sixel_enco ...) - libsixel 1.8.6-1 + [buster] - libsixel <no-dsa> (Minor issue) NOTE: https://github.com/saitoha/libsixel/issues/116 NOTE: https://github.com/saitoha/libsixel/commit/9d0a7ff417b66d80a4bff714de1f27b24742f55a (v1.8.4) CVE-2020-21547 (Libsixel 1.8.2 contains a heap-based buffer overflow in the dither_fun ...) - libsixel 1.8.6-1 + [buster] - libsixel <no-dsa> (Minor issue) NOTE: https://github.com/saitoha/libsixel/issues/114 NOTE: https://github.com/saitoha/libsixel/commit/9d0a7ff417b66d80a4bff714de1f27b24742f55a (v1.8.4) CVE-2020-21546 @@ -23250,14 +23253,17 @@ CVE-2020-21051 RESERVED CVE-2020-21050 (Libsixel prior to v1.8.3 contains a stack buffer overflow in the funct ...) - libsixel 1.8.6-1 + [buster] - libsixel <no-dsa> (Minor issue) NOTE: https://github.com/saitoha/libsixel/commit/7808a06b88c11dbc502318cdd51fa374f8cd47ee (v1.8.3) NOTE: https://github.com/saitoha/libsixel/issues/75 CVE-2020-21049 (An invalid read in the stb_image.h component of libsixel prior to v1.8 ...) - libsixel 1.8.6-1 + [buster] - libsixel <no-dsa> (Minor issue) NOTE: https://github.com/saitoha/libsixel/issues/74 NOTE: https://github.com/saitoha/libsixel/commit/0b1e0b3f7b44233f84e5c9f512f8c90d6bbbe33d (v1.8.5) CVE-2020-21048 (An issue in the dither.c component of libsixel prior to v1.8.4 allows ...) - libsixel 1.8.6-1 + [buster] - libsixel <no-dsa> (Minor issue) NOTE: https://github.com/saitoha/libsixel/issues/73 NOTE: https://github.com/saitoha/libsixel/commit/cb373ab6614c910407c5e5a93ab935144e62b037 (v1.8.4) NOTE: https://github.com/saitoha/libsixel/commit/26ac06f3623279348f0dce2d191a9b6ca0c80226 (v1.8.4) |