Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: cbaf6ecd by security tracker role at 2019-03-07T20:10:24Z automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,9 @@ +CVE-2019-9627 + RESERVED +CVE-2019-9626 (PHPSHE 1.7 allows module/index/cart.php pintuan_id SQL Injection to ...) + TODO: check +CVE-2019-9625 (JBMC DirectAdmin 1.55 allows CSRF via the /CMD_ACCOUNT_ADMIN URI to ...) + TODO: check CVE-2019-XXXX [high memory usage with long running sessions] - proftpd-dfsg 1.3.5d-1 (bug #923926) NOTE: https://github.com/proftpd/proftpd/issues/330#issuecomment-276891713 @@ -13368,26 +13374,26 @@ CVE-2019-3786 RESERVED CVE-2019-3785 RESERVED -CVE-2019-3784 - RESERVED -CVE-2019-3783 - RESERVED +CVE-2019-3784 (Cloud Foundry Stratos, versions prior to 2.3.0, contains an insecure ...) + TODO: check +CVE-2019-3783 (Cloud Foundry Stratos, versions prior to 2.3.0, deploys with a public ...) + TODO: check CVE-2019-3782 (Cloud Foundry CredHub CLI, versions prior to 2.2.1, inadvertently ...) NOT-FOR-US: Cloud Foundry -CVE-2019-3781 - RESERVED +CVE-2019-3781 (Cloud Foundry CLI, versions prior to v6.43.0, improperly exposes ...) + TODO: check CVE-2019-3780 RESERVED CVE-2019-3779 RESERVED -CVE-2019-3778 - RESERVED -CVE-2019-3777 - RESERVED -CVE-2019-3776 - RESERVED -CVE-2019-3775 - RESERVED +CVE-2019-3778 (Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to ...) + TODO: check +CVE-2019-3777 (Pivotal Application Service (PAS), versions 2.2.x prior to 2.2.12, ...) + TODO: check +CVE-2019-3776 (Pivotal Operations Manager, 2.1.x versions prior to 2.1.20, 2.2.x ...) + TODO: check +CVE-2019-3775 (Cloud Foundry UAA, versions prior to v70.0, allows a user to update ...) + TODO: check CVE-2019-3774 (Spring Batch versions 3.0.9, 4.0.1, 4.1.0, and older unsupported ...) NOT-FOR-US: Spring Batch CVE-2019-3773 (Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported ...) @@ -13512,8 +13518,8 @@ CVE-2019-3714 RESERVED CVE-2019-3713 RESERVED -CVE-2019-3712 - RESERVED +CVE-2019-3712 (Dell WES Wyse Device Agent versions prior to 14.1.2.9 and Dell Wyse ...) + TODO: check CVE-2019-3711 RESERVED CVE-2019-3710 @@ -20132,10 +20138,10 @@ CVE-2019-1599 RESERVED CVE-2019-1598 RESERVED -CVE-2019-1597 - RESERVED -CVE-2019-1596 - RESERVED +CVE-2019-1597 (Multiple vulnerabilities in the implementation of the Lightweight ...) + TODO: check +CVE-2019-1596 (A vulnerability in the Bash shell implementation for Cisco NX-OS ...) + TODO: check CVE-2019-1595 (A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol ...) TODO: check CVE-2019-1594 (A vulnerability in the 802.1X implementation for Cisco NX-OS Software ...) @@ -44485,8 +44491,7 @@ CVE-2018-11784 (When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9 NOTE: https://svn.apache.org/r1840055 (9.0.x) NOTE: https://svn.apache.org/r1840056 (8.5.x) NOTE: https://svn.apache.org/r1840057 (7.0.x) -CVE-2018-11783 [Apache Traffic Server vulnerability with sslheader plugin] - RESERVED +CVE-2018-11783 (sslheaders plugin extracts information from the client certificate and ...) - trafficserver 8.0.2+ds-1 [stretch] - trafficserver <postponed> (Minor issue, experimental plugin, will be fixed along in next DSA) NOTE: https://github.com/apache/trafficserver/pull/4701 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cbaf6ecd2b0810b986488da82327e129141e4bc3 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cbaf6ecd2b0810b986488da82327e129141e4bc3 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits