[Git][security-tracker-team/security-tracker][master] "new" cvsweb issue

Moritz Muehlenhoff Tue, 05 Feb 2019 13:39:22 -0800

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
9925a79f by Moritz Muehlenhoff at 2019-02-05T21:38:22Z
&quot;new&quot; cvsweb issue
new gitea issue
NFU

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -180,7 +180,8 @@ CVE-2019-1000004 (yugandhargangu JspMyAdmin2 version 1.0.6 
and earlier contains
 CVE-2019-1000003 (MapSVG MapSVG Lite version 3.2.3 contains a Cross Site 
Request Forgery ...)
        NOT-FOR-US: Wordpress plugin
 CVE-2019-1000002 (Gitea version 1.6.2 and earlier contains a Incorrect Access 
Control ...)
-       TODO: check
+       - gitea <removed>
+       NOTE: https://github.com/go-gitea/gitea/pull/5631
 CVE-2019-1000001 (TeamPass version 2.1.27 and earlier contains a Storing 
Passwords in a ...)
        NOT-FOR-US: TeamPass
 CVE-2018-20753 (Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and 
R9.5 ...)
@@ -191,11 +192,12 @@ CVE-2018-20752 (An issue was discovered in Recon-ng 
before 4.9.5. Lack of valida
 CVE-2018-1000999 (Fastnet SA MailCleaner version 2018092601 contains a Command 
Injection ...)
        NOT-FOR-US: Fastnet SA MailCleaner
 CVE-2018-1000998 (FreeBSD CVSweb version 2.x contains a Cross Site Scripting 
(XSS) ...)
-       TODO: check
+       - cvsweb 3:3.0.0-1
+       NOTE: https://www.kvakil.me/posts/cvsweb/
 CVE-2017-18362 (ConnectWise ManagedITSync integration through 2017 for Kaseya 
VSA is ...)
        NOT-FOR-US: ConnectWise ManagedITSync
 CVE-2016-1000282 (Haraka version 2.8.8 and earlier comes with a plugin for 
processing ...)
-       TODO: check
+       NOT-FOR-US: Haraka
 CVE-2016-1000276 (Audacity version 2.1.2 is vulnerable to DLL Hijack, it tries 
to load ...)
        TODO: check, probably a dupe of CVE-2017-1000010
 CVE-2016-1000271 (Joomla extension DT Register version before 3.1.12 (Joomla 
3.x) / ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9925a79f265d3bc694f3a13322b54e6ee84901e9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9925a79f265d3bc694f3a13322b54e6ee84901e9
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] "new" cvsweb issue

Reply via email to