Lucene search
GoogleOSV:GHSA-926Q-WXR6-3CRQHistoryApr 09, 2019 - 7:47 p.m.
Moderate severity vulnerability that affects roundup
2019-04-0919:47:14
Google
osv.dev
5
0.002 Low
EPSS
Percentile
53.7%
Roundup 1.6 allows XSS via the URI because frontends/roundup.cgi and roundup/cgi/wsgi_handler.py mishandle 404 errors.
References
www.openwall.com/lists/oss-security/2019/04/07/1
bugs.python.org/issue36391
github.com/advisories/GHSA-926q-wxr6-3crq
github.com/python/bugs.python.org/issues/34
lists.debian.org/debian-lts-announce/2019/04/msg00009.html
nvd.nist.gov/vuln/detail/CVE-2019-10904
www.openwall.com/lists/oss-security/2019/04/05/1
Related
osv
osv
PYSEC-2019-201
2019-04-06 20:29:00
roundup - security update
2019-04-07 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-1750-1)
2019-04-08 00:00:00
nessus
nessus
Debian DLA-1750-1 : roundup security update
2019-04-08 00:00:00
ubuntucve
ubuntucve
CVE-2019-10904
2019-04-06 00:00:00
veracode
veracode
Cross-site Scripting (XSS)
2019-04-08 02:57:49
github
github
Moderate severity vulnerability that affects roundup
2019-04-09 19:47:14
cve
cve
CVE-2019-10904
2019-04-06 20:29:00
nvd
nvd
CVE-2019-10904
2019-04-06 20:29:00
prion
prion
Design/Logic Flaw
2019-04-06 20:29:00
cvelist
cvelist
CVE-2019-10904
2019-04-06 19:40:05
debian
debian
[SECURITY] [DLA 1750-1] roundup security update
2019-04-07 12:33:23