Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
129fe620 by Salvatore Bonaccorso at 2022-04-29T21:04:10+02:00
Update information on CVE-2017-100018{8,9}/node-ejs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -289017,9 +289017,11 @@ CVE-2017-1000194 (October CMS build 412 is
vulnerable to Apache configuration mo
CVE-2017-1000193 (October CMS build 412 is vulnerable to stored WCI (a.k.a
XSS) in brand ...)
NOT-FOR-US: October CMS
CVE-2017-1000189 (nodejs ejs version older than 2.5.5 is vulnerable to a
denial-of-servi ...)
- NOT-FOR-US: nodejs ejs
+ - node-ejs 2.5.7-1
+ NOTE:
https://github.com/mde/ejs/commit/49264e0037e313a0a3e033450b5c184112516d8f
(v2.5.4)
CVE-2017-1000188 (nodejs ejs version older than 2.5.5 is vulnerable to a
Cross-site-scri ...)
- NOT-FOR-US: nodejs ejs
+ - node-ejs 2.5.7-1
+ NOTE:
https://github.com/mde/ejs/commit/49264e0037e313a0a3e033450b5c184112516d8f
(v2.5.4)
CVE-2017-1000187 (In SWFTools, an address access exception was found in
pdf2swf. FoFiTru ...)
- swftools <removed> (unimportant)
NOTE: https://github.com/matthiaskramm/swftools/issues/36
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/129fe62034ad039c61a457a24ab05a21d01f92dd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/129fe62034ad039c61a457a24ab05a21d01f92dd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
