diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2021-09-03 11:45:35 +0200 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2021-09-03 11:45:35 +0200 |
commit | 837bc2c189c6b075e7b42ef1cfce32b37e40acd2 (patch) | |
tree | 9b3b130ec2078b36d91c11ded656164efa0cc0ba /data/CVE/2019.list | |
parent | 51cbcaec8cbb41e4fbf7768cce5827eefbdcb480 (diff) |
some zoneminder issues fixed
Diffstat (limited to 'data/CVE/2019.list')
-rw-r--r-- | data/CVE/2019.list | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/data/CVE/2019.list b/data/CVE/2019.list index adc9bc1898..c01584dab5 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -34604,20 +34604,26 @@ CVE-2019-8429 (ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.ph - zoneminder <unfixed> (unimportant; bug #922724) NOTE: See README.Debian.security, only supported behind an authenticated HTTP zone CVE-2019-8428 (ZoneMinder before 1.32.3 has SQL Injection via the skins/classic/views ...) - - zoneminder <unfixed> (unimportant; bug #922724) + - zoneminder 1.34.6-1 (unimportant; bug #922724) NOTE: See README.Debian.security, only supported behind an authenticated HTTP zone + NOTE: https://github.com/ZoneMinder/zoneminder/pull/2422 + NOTE: https://github.com/ZoneMinder/zoneminder/commit/c0a6e54d60d3a8f297cc5f2ef6a862f6f00d746e CVE-2019-8427 (daemonControl in includes/functions.php in ZoneMinder before 1.32.3 al ...) - zoneminder <unfixed> (unimportant; bug #922724) NOTE: See README.Debian.security, only supported behind an authenticated HTTP zone CVE-2019-8426 (skins/classic/views/controlcap.php in ZoneMinder before 1.32.3 has XSS ...) - - zoneminder <unfixed> (unimportant; bug #922724) + - zoneminder 1.34.6-1 (unimportant; bug #922724) NOTE: See README.Debian.security, only supported behind an authenticated HTTP zone + NOTE: https://github.com/ZoneMinder/zoneminder/commit/34e2e4799364639483f93cff70204618b834f7a2 + NOTE: https://github.com/ZoneMinder/zoneminder/pull/2423 CVE-2019-8425 (includes/database.php in ZoneMinder before 1.32.3 has XSS in the const ...) - zoneminder <unfixed> (unimportant; bug #922724) NOTE: See README.Debian.security, only supported behind an authenticated HTTP zone CVE-2019-8424 (ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sor ...) - - zoneminder <unfixed> (unimportant; bug #922724) + - zoneminder 1.34.6-1 (unimportant; bug #922724) NOTE: See README.Debian.security, only supported behind an authenticated HTTP zone + NOTE: https://github.com/ZoneMinder/zoneminder/commit/02fd1e79b3bfa5b2e2087cb1255f9dbd921ccae8 + NOTE: https://github.com/ZoneMinder/zoneminder/pull/2421 CVE-2019-8423 (ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/view ...) - zoneminder <unfixed> (unimportant; bug #922724) NOTE: See README.Debian.security, only supported behind an authenticated HTTP zone @@ -37295,9 +37301,10 @@ CVE-2019-7331 (Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder thr NOTE: https://github.com/ZoneMinder/zoneminder/commit/254b7286b4d2654b95080a175c44195667e42ea8 NOTE: See README.Debian.security, only supported behind an authenticated HTTP zone CVE-2019-7330 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...) - - zoneminder <unfixed> (unimportant; bug #922724) + - zoneminder 1.34.6-1 (unimportant; bug #922724) NOTE: https://github.com/ZoneMinder/zoneminder/issues/2448 NOTE: See README.Debian.security, only supported behind an authenticated HTTP zone + NOTE: https://github.com/ZoneMinder/zoneminder/commit/b2a97ee190c6dc3e30b9c36b9c33c33348dde4d6 CVE-2019-7329 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...) - zoneminder 1.34.6-1 (unimportant; bug #922724) NOTE: https://github.com/ZoneMinder/zoneminder/issues/2446 |