[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso Tue, 10 Jul 2018 12:42:48 -0700

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
6d7f7eca by Salvatore Bonaccorso at 2018-07-10T21:41:57+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3,29 +3,29 @@ CVE-2018-13797 [node macaddress command injection]
        NOTE: https://github.com/scravy/node-macaddress/pull/20
        NOTE: nodejs not covered by security support
 CVE-2018-13795 (Gravity before 0.5.1 does not support a maximum recursion 
depth. ...)
-       TODO: check
+       NOT-FOR-US: Gravity
 CVE-2018-13794 (A heap-based buffer overflow exists in stbi__bmp_load_cont in 
...)
        TODO: check
 CVE-2018-13793 (Multiple Cross Site Request Forgery (CSRF) vulnerabilities in 
the HTTP ...)
-       TODO: check
+       NOT-FOR-US: ABBYY FlexiCapture
 CVE-2018-13792
        RESERVED
 CVE-2018-13791 (The HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 
7 allows ...)
-       TODO: check
+       NOT-FOR-US: ABBYY FlexiCapture
 CVE-2018-13790 (A Server Side Request Forgery (SSRF) vulnerability in ...)
-       TODO: check
+       NOT-FOR-US: concrete5
 CVE-2018-13789
        RESERVED
 CVE-2018-13788
        RESERVED
 CVE-2018-1000623 (JFrog JFrog Artifactory version Prior to version 6.0.3, 
since version ...)
-       TODO: check
+       NOT-FOR-US: JFrog JFrog Artifactory
 CVE-2018-1000621 (Mycroft AI mycroft-core version 18.2.8b and earlier contains 
a ...)
-       TODO: check
+       NOT-FOR-US: Mycroft AI mycroft-core
 CVE-2018-1000620 (Eran Hammer cryptiles version 4.1.1 earlier contains a 
CWE-331: ...)
-       TODO: check
+       NOT-FOR-US: Eran Hammer cryptiles
 CVE-2018-1000619 (Ovidentia version 8.4.3 and earlier contains a Unsanitized 
User Input ...)
-       TODO: check
+       NOT-FOR-US: Ovidentia
 CVE-2018-1000618 (EOSIO/eos eos version after commit ...)
        TODO: check
 CVE-2018-1000617 (Atlassian Floodlight Atlassian Floodlight Controller version 
1.2 and ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d7f7ecaecc2cd2001eef9d479c8632a4d5aaabe

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d7f7ecaecc2cd2001eef9d479c8632a4d5aaabe
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to