admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-11-16 22:01:50 +00:00
parent c5f1f658d4
commit aeb2aa4808
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
3 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
2017/18xxx/CVE-2017-18926.json
View File

@ -86,6 +86,16 @@
"refsource": "MLIST", "refsource": "MLIST",
"name": "[oss-security] 20201114 Re: Buffer Overflow in raptor widely unfixed in Linux distros", "name": "[oss-security] 20201114 Re: Buffer Overflow in raptor widely unfixed in Linux distros",
"url": "http://www.openwall.com/lists/oss-security/2020/11/14/2" "url": "http://www.openwall.com/lists/oss-security/2020/11/14/2"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20201116 Re: Buffer Overflow in raptor widely unfixed in Linux distros",
"url": "http://www.openwall.com/lists/oss-security/2020/11/16/3"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20201116 Re: Buffer Overflow in raptor widely unfixed in Linux distros",
"url": "http://www.openwall.com/lists/oss-security/2020/11/16/2"
} }
] ]
} }

2
2020/26xxx/CVE-2020-26217.json
View File

@ -35,7 +35,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream. Only users who rely on blocklists are affected. Anyone using XStream's Security Framework allowlist is not affected. The linked advisory provides code workarounds for users who cannot upgrade. \nThe issue is fixed in version 1.4.14." "value": "XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream. Only users who rely on blocklists are affected. Anyone using XStream's Security Framework allowlist is not affected. The linked advisory provides code workarounds for users who cannot upgrade. The issue is fixed in version 1.4.14."
} }
] ]
}, },

2
2020/26xxx/CVE-2020-26225.json
View File

@ -35,7 +35,7 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "In PrestaShop Product Comments before version 4.2.0, an attacker could inject malicious web code into the users' web browsers by creating a malicious link.\n\nThe problem was introduced in version 4.0.0 and is fixed in 4.2.0" "value": "In PrestaShop Product Comments before version 4.2.0, an attacker could inject malicious web code into the users' web browsers by creating a malicious link. The problem was introduced in version 4.0.0 and is fixed in 4.2.0"
} }
] ]
}, },