[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process more NFUs

Thu, 04 Jan 2018 14:20:21 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
0030e1d8 by Salvatore Bonaccorso at 2018-01-04T23:18:05+01:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -11,11 +11,11 @@ CVE-2018-5216 (Radiant CMS 1.1.4 has XSS via crafted 
Markdown input in the ...)
 CVE-2018-5215 (Fork CMS 5.0.7 has XSS in /private/en/pages/edit via the title 
...)
        NOT-FOR-US: Fork CMS
 CVE-2018-5214 (The "Add Link to Facebook" plugin through 2.3 for 
WordPress has XSS via ...)
-       TODO: check
+       NOT-FOR-US: "Add Link to Facebook" plugin for WordPress
 CVE-2018-5213 (The Simple Download Monitor plugin before 3.5.4 for WordPress 
has XSS ...)
-       TODO: check
+       NOT-FOR-US: Simple Download Monitor plugin for WordPress
 CVE-2018-5212 (The Simple Download Monitor plugin before 3.5.4 for WordPress 
has XSS ...)
-       TODO: check
+       NOT-FOR-US: Simple Download Monitor plugin for WordPress
 CVE-2018-5211
        RESERVED
 CVE-2018-5210 (On Samsung mobile devices with N(7.x) software and Exynos 
chipsets, ...)
@@ -726,7 +726,7 @@ CVE-2017-1000497 (Pepperminty-Wiki version 0.15 is 
vulnerable to XXE attacks in 
 CVE-2017-1000496 (Commsy version 9.0.0 is vulnerable to XXE attacks in the 
configuration ...)
        TODO: check
 CVE-2017-1000495 (QuickApps CMS version 2.0.0 is vulnerable to Stored 
Cross-site ...)
-       TODO: check
+       NOT-FOR-US: QuickApps CMS
 CVE-2017-1000494 (Uninitialized stack variable vulnerability in 
NameValueParserEndElt ...)
        TODO: check
 CVE-2017-1000490 (Mautic versions 1.0.0 - 2.11.0 are vulnerable to allowing 
any ...)
@@ -752,7 +752,7 @@ CVE-2017-1000481 (When you visit a page where you need to 
login, Plone 2.5-5.1rc
 CVE-2017-1000480 (Smarty 3 before 3.1.32 is vulnerable to a PHP code injection 
when ...)
        TODO: check
 CVE-2017-1000479 (pfSense versions 2.4.1 and lower are vulnerable to 
clickjacking ...)
-       TODO: check
+       NOT-FOR-US: pfSense
 CVE-2017-1000478 (ELabftw version 1.7.8 is vulnerable to stored cross-site 
scripting in ...)
        TODO: check
 CVE-2017-1000477 (XMLBundle version 0.1.7 is vulnerable to XXE attacks which 
can result ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0030e1d86fa5e2d55065cf9af9b6c539f58802df

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/0030e1d86fa5e2d55065cf9af9b6c539f58802df
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to