[Git][security-tracker-team/security-tracker][master] Add CVE-2018-1999{2,3,4,5}/dolibarr issues

Thu, 03 Jan 2019 13:02:40 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
7534396e by Salvatore Bonaccorso at 2019-01-03T21:01:47Z
Add CVE-2018-1999{2,3,4,5}/dolibarr issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5801,13 +5801,18 @@ CVE-2018-19997
 CVE-2018-19996
        RESERVED
 CVE-2018-19995 (A stored cross-site scripting (XSS) vulnerability in Dolibarr 
8.0.2 ...)
-       TODO: check
+       - dolibarr <removed>
+       NOTE: 
https://github.com/Dolibarr/dolibarr/commit/4b8be6ed64763327018ac1c076f81ddffa87855e
+       NOTE: 
https://github.com/Dolibarr/dolibarr/commit/bacd5110fbdc81a35030fdc322775fa15ea85924
 CVE-2018-19994 (An error-based SQL injection vulnerability in product/card.php 
in ...)
-       TODO: check
+       - dolibarr <removed>
+       NOTE: 
https://github.com/Dolibarr/dolibarr/commit/850b939ffd2c7a4443649331b923d5e0da2d6446
 CVE-2018-19993 (A reflected cross-site scripting (XSS) vulnerability in 
Dolibarr 8.0.2 ...)
-       TODO: check
+       - dolibarr <removed>
+       NOTE: 
https://github.com/Dolibarr/dolibarr/commit/fc3fcc5455d9a610b85723e89e8be43a41ad1378
 CVE-2018-19992 (A stored cross-site scripting (XSS) vulnerability in Dolibarr 
8.0.2 ...)
-       TODO: check
+       - dolibarr <removed>
+       NOTE: 
https://github.com/Dolibarr/dolibarr/commit/0f06e39d23636bd1e4039ac61a743c79725c798b
 CVE-2018-19991 (VeryNginx 0.3.3 allows remote attackers to bypass the Web 
Application ...)
        NOT-FOR-US: VeryNginx
 CVE-2018-19990



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7534396e0ea4fe31b34d5f8ca86e45e47e21d6a7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/7534396e0ea4fe31b34d5f8ca86e45e47e21d6a7
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to