Gentoo Project

Webapps

Security Bug Reports

• <mail-client/roundcube-1.5.0: Homograph vulnerability (punycode mishandling) (CVE-2019-15237)

  711270 - Assigned to security
• www-misc/awstats: Arbitrary code execution (CVE-2020-35176)

  759544 - Assigned to security
• <www-apps/mediawiki-1.36.2: multiple vulnerabilities

  815376 - Assigned to security
• <mail-client/roundcube-1.5.0: multiple vulnerabilities

  824918 - Assigned to security
• <mail-client/roundcube-1.5.2: XSS via crafted CSS

  830666 - Assigned to security
• <www-apps/wordpress-5.8.3: multiple vulnerabilities

  830715 - Assigned to security
• <dev-db/phpmyadmin-5.2.0: multiple vulnerabilities

  831841 - Assigned to security
• <dev-db/phpmyadmin-5.2.0: information leakage via invalid requests

  835071 - Assigned to security
• www-apps/drupal: multiple vulnerabilities

  835524 - Assigned to security
• www-apps/drupal: multiple vulnerabilities

  839978 - Assigned to security
• www-apps/drupal: multiple vulnerabilities

  851942 - Assigned to security
• www-apps/dokuwiki: reflected XSS

  868624 - Assigned to security
• www-apps/moodle: XSS via crafted topic fields

  870040 - Assigned to security
• www-apps/drupal: arbitrary file include via bundled twig

  873361 - Assigned to security
• <www-apps/nextcloud-{23.0.10,24.0.6}: multiple vulnerabilities

  878491 - Assigned to security
• <www-apps/nextcloud-{23.0.11,24.0.7,25.0.1}: multiple vulnerabilities

  883683 - Assigned to security
• www-apps/moodle: multiple vulnerabilities

  883691 - Assigned to security
• www-apps/wordpress: SSRF

  886027 - Assigned to security
• <www-apps/mediawiki-{1.38.5,1.39.1}: sqlite vulnerability (?)

  888041 - Assigned to security
• www-apps/mediawiki: multiple vulnerabilities

  890373 - Assigned to security
• <www-apps/nextcloud-{24.0.9,25.0.3}: multiple vulnerabilities

  897918 - Assigned to security