Attachment #221497 for bug #252612

View | Details | Raw Unified | Return to bug 252612
Collapse All | Expand All




  * Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
  <vuln vid="2dc8927b-54e0-11eb-9342-1c697a013f4b">
    <topic>mantis -- multiple vulnerabilities</topic>
    <affects>
      <package>
	<name>mantis-php72</name>
	<name>mantis-php73</name>
	<name>mantis-php74</name>
	<name>mantis-php80</name>
	<range><lt>2.24.4,1</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
	<p>Mantis 2.24.4 release reports:</p>
	<blockquote cite="https://mantisbt.org/bugs/changelog_page.php?project=mantisbt&amp;version=2.24.4">
	  <p>Security and maintenance release, addressing 6 CVEs:</p>
	  <ul>
	    <li>0027726: CVE-2020-29603: disclosure of private project name</li>
	    <li>0027727: CVE-2020-29605: disclosure of private issue summary</li>
	    <li>0027728: CVE-2020-29604: full disclosure of private issue contents, including bugnotes and attachments</li>
	    <li>0027361: Private category can be access/used by a non member of a private project (IDOR)</li>
	    <li>0027779: CVE-2020-35571: XSS in helper_ensure_confirmed() calls</li>
	    <li>0026794: User Account - Takeover</li>
	    <li>0027363: Fixed in version can be changed to a version that doesn't exist</li>
	    <li>0027350: When updating an issue, a Viewer user can be set as Reporter</li>
	    <li>0027370: CVE-2020-35849: Revisions allow viewing private bugnotes id and summary</li>
	    <li>0027495: CVE-2020-28413: SQL injection in the parameter "access" on the mc_project_get_users function throught the API SOAP.</li>
	    <li>0027444: Printing unsanitized user input in install.php</li>
	  </ul>
	</blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2020-28413</cvename>
      <url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28413</url>
      <cvename>CVE-2020-35849</cvename>
      <url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35849</url>
    </references>
    <dates>
      <discovery>2020-11-10</discovery>
      <entry>2021-01-12</entry>
    </dates>
  </vuln>

  <vuln vid="6193b3f6-548c-11eb-ba01-206a8a720317">
    <topic>sudo -- Potential information leak in sudoedit</topic>
    <affects>

Return to bug 252612

Lines 58-63 Link Here

(-)security/vuxml/vuln.xml (+44 lines)
58	* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)	58	* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
59	-->	59	-->
60	<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">	60	<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
		61	<vuln vid="2dc8927b-54e0-11eb-9342-1c697a013f4b">
		62	<topic>mantis -- multiple vulnerabilities</topic>
		63	<affects>
		64	<package>
		65	<name>mantis-php72</name>
		66	<name>mantis-php73</name>
		67	<name>mantis-php74</name>
		68	<name>mantis-php80</name>
		69	<range><lt>2.24.4,1</lt></range>
		70	</package>
		71	</affects>
		72	<description>
		73	<body xmlns="http://www.w3.org/1999/xhtml">
		74	<p>Mantis 2.24.4 release reports:</p>
		75	<blockquote cite="https://mantisbt.org/bugs/changelog_page.php?project=mantisbt&version=2.24.4">
		76	<p>Security and maintenance release, addressing 6 CVEs:</p>
		77	<ul>
		78	<li>0027726: CVE-2020-29603: disclosure of private project name</li>
		79	<li>0027727: CVE-2020-29605: disclosure of private issue summary</li>
		80	<li>0027728: CVE-2020-29604: full disclosure of private issue contents, including bugnotes and attachments</li>
		81	<li>0027361: Private category can be access/used by a non member of a private project (IDOR)</li>
		82	<li>0027779: CVE-2020-35571: XSS in helper_ensure_confirmed() calls</li>
		83	<li>0026794: User Account - Takeover</li>
		84	<li>0027363: Fixed in version can be changed to a version that doesn't exist</li>
		85	<li>0027350: When updating an issue, a Viewer user can be set as Reporter</li>
		86	<li>0027370: CVE-2020-35849: Revisions allow viewing private bugnotes id and summary</li>
		87	<li>0027495: CVE-2020-28413: SQL injection in the parameter "access" on the mc_project_get_users function throught the API SOAP.</li>
		88	<li>0027444: Printing unsanitized user input in install.php</li>
		89	</ul>
		90	</blockquote>
		91	</body>
		92	</description>
		93	<references>
		94	<cvename>CVE-2020-28413</cvename>
		95	<url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28413</url>
		96	<cvename>CVE-2020-35849</cvename>
		97	<url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35849</url>
		98	</references>
		99	<dates>
		100	<discovery>2020-11-10</discovery>
		101	<entry>2021-01-12</entry>
		102	</dates>
		103	</vuln>
		104
61	<vuln vid="6193b3f6-548c-11eb-ba01-206a8a720317">	105	<vuln vid="6193b3f6-548c-11eb-ba01-206a8a720317">
62	<topic>sudo -- Potential information leak in sudoedit</topic>	106	<topic>sudo -- Potential information leak in sudoedit</topic>
63	<affects>	107	<affects>