diff options
author | security tracker role <sectracker@soriano.debian.org> | 2021-03-31 08:10:28 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2021-03-31 08:10:28 +0000 |
commit | a1381fc1ed1126fa66413e60db1e34695fd8786a (patch) | |
tree | 3ec4fafe79aec85006c9dcf356b2aa11337e990e /data/CVE/2020.list | |
parent | 58c4c8f697abdc462b8eb614478154884ac68d78 (diff) |
automatic update
Diffstat (limited to 'data/CVE/2020.list')
-rw-r--r-- | data/CVE/2020.list | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 45543ecd60..1030e75814 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -1,3 +1,7 @@ +CVE-2020-36285 + RESERVED +CVE-2020-36284 + RESERVED CVE-2020-36283 (HID OMNIKEY 5427 and OMNIKEY 5127 readers are vulnerable to CSRF when ...) NOT-FOR-US: HID OMNIKEY 5427 and OMNIKEY 5127 readers CVE-2020-36282 (JMS Client for RabbitMQ 1.x before 1.15.2 and 2.x before 2.2.0 is vuln ...) @@ -13905,8 +13909,8 @@ CVE-2020-24997 CVE-2020-24996 (There is an invalid memory access in the function TextString::~TextStr ...) - xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed) NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=42028 -CVE-2020-24995 - RESERVED +CVE-2020-24995 (Buffer overflow vulnerability in sniff_channel_order function in aacde ...) + TODO: check CVE-2020-24994 (Stack overflow in the parse_tag function in libass/ass_parse.c in liba ...) - libass 1:0.15.0-1 [buster] - libass <no-dsa> (Minor issue) @@ -15239,8 +15243,8 @@ CVE-2020-24392 (In voloko twitter-stream 0.1.10, missing TLS hostname validation [buster] - ruby-twitter-stream <no-dsa> (Minor issue) [stretch] - ruby-twitter-stream <no-dsa> (Minor issue) NOTE: https://securitylab.github.com/advisories/GHSL-2020-097-voloko-twitter-stream -CVE-2020-24391 - RESERVED +CVE-2020-24391 (mongo-express before 1.0.0 offers support for certain advanced syntax ...) + TODO: check CVE-2020-24390 (eonweb in EyesOfNetwork before 5.3-7 does not properly escape the user ...) NOT-FOR-US: EyesOfNetwork (EON) CVE-2020-24389 |