Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
02586405 by Salvatore Bonaccorso at 2018-11-11T08:58:30Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
CVE-2018-19170 (In JPress v1.0-rc.5, there is stored XSS via each of the first
three ...)
- TODO: check
+ NOT-FOR-US: JPress
CVE-2018-19169
RESERVED
CVE-2018-19168 (Shell Metacharacter Injection in www/modules/save.php in
FruityWifi ...)
- TODO: check
+ NOT-FOR-US: FruityWifi
CVE-2018-19167
RESERVED
CVE-2018-19166
@@ -65,7 +65,7 @@ CVE-2018-19137 (DomainMOD through 4.11.01 has XSS via the
assets/edit/ip-address
CVE-2018-19136 (DomainMOD through 4.11.01 has XSS via the ...)
NOT-FOR-US: DomainMOD
CVE-2018-19135 (ClipperCMS 1.3.3 does not have CSRF protection on its kcfinder
file ...)
- TODO: check
+ NOT-FOR-US: ClipperCMS
CVE-2018-19134
RESERVED
CVE-2018-19133 (In Flarum Core 0.1.0-beta.7.1, a serious leak can get
everyone's email ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/025864055128b1780af55ee26a598597581221a6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/025864055128b1780af55ee26a598597581221a6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
