diff options
| author | Jose Alonso Cardenas Marquez <acm@FreeBSD.org> | 2019-02-21 14:45:24 +0000 |
|---|---|---|
| committer | Jose Alonso Cardenas Marquez <acm@FreeBSD.org> | 2019-02-21 14:45:24 +0000 |
| commit | 7e6fef065b3d4e0bde7932558d1edc502fae1b8a (patch) | |
| tree | 60a80256301d9d6756d2cb77b46fec205f2e5654 /security | |
| parent | 24ee0054d4bd8fa02562e6dfec448c853b336d96 (diff) | |
| download | ports-7e6fef065b3d4e0bde7932558d1edc502fae1b8a.tar.gz ports-7e6fef065b3d4e0bde7932558d1edc502fae1b8a.zip | |
Notes
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 22d69238d7c3..5b11055aac18 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -58,6 +58,33 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="002b4b05-35dd-11e9-94a8-000ffec0b3e1"> + <topic>drupal -- Drupal core - Highly critical - Remote Code Execution</topic> + <affects> + <package> + <name>drupal8</name> + <range><lt>8.6.10</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Drupal Security Team</p> + <blockquote cite="https://www.drupal.org/SA-CORE-2019-003"> + <p>Some field types do not properly sanitize data from non-form sources. + This can lead to arbitrary PHP code execution in some cases..</p> + </blockquote> + </body> + </description> + <references> + <url>https://www.drupal.org/sa-core-2019-002</url> + <cvename>CVE-2019-6340</cvename> + </references> + <dates> + <discovery>2019-02-20</discovery> + <entry>2019-02-21</entry> + </dates> + </vuln> + <vuln vid="7700061f-34f7-11e9-b95c-b499baebfeaf"> <topic>OpenSSL -- Undisclosed vulnerability</topic> <affects> |