tt-rss: CVE-2020-25787 CVE-2020-25788 CVE-2020-25789

Debian Bug report logs - #970633
tt-rss: CVE-2020-25787 CVE-2020-25788 CVE-2020-25789

Reply or subscribe to this bug.

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: tt-rss: CVE-2020-25787 CVE-2020-25788 CVE-2020-25789

Date: Sun, 20 Sep 2020 15:27:54 +0200

Source: tt-rss
Version: 19.8+dfsg-1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>

Hi,

The following vulnerabilities were published for tt-rss.

CVE-2020-25787[0]:
| An issue was discovered in Tiny Tiny RSS (aka tt-rss) before
| 2020-09-16. It does not validate all URLs before requesting them.


CVE-2020-25788[1]:
| An issue was discovered in Tiny Tiny RSS (aka tt-rss) before
| 2020-09-16. imgproxy in plugins/af_proxy_http/init.php mishandles
| $_REQUEST["url"] in an error message.


CVE-2020-25789[2]:
| An issue was discovered in Tiny Tiny RSS (aka tt-rss) before
| 2020-09-16. The cached_url feature mishandles JavaScript inside an SVG
| document.


If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2020-25787
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25787
[1] https://security-tracker.debian.org/tracker/CVE-2020-25788
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25788
[2] https://security-tracker.debian.org/tracker/CVE-2020-25789
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25789

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Send a report that this bug log contains spam.