Hi, I have been using elog for years at CERN.
Now I installed in my local workstation at my home inistitue
and sysadmin reported the following vulnerabilities:
- Configuration File Disclosure (CVE-2019-3992)
- Password Hash Disclosure (CVE-2019-3993)
- Use After Free (CVE-2019-3994)
- NULL Pointer Dereference (CVE-2019-3995)
- Unintended Proxy (CVE-2019-3996)
Am I doing soimething wrong?
sysadmin will not allow me to use it until it is fixed....
Any help is welcome.
|