Author: carnil
Date: 2017-11-18 13:05:57 +0000 (Sat, 18 Nov 2017)
New Revision: 57780

Modified:
   data/CVE/list
Log:
Add CVE-2017-1000190/simple-xml

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-11-18 13:05:45 UTC (rev 57779)
+++ data/CVE/list       2017-11-18 13:05:57 UTC (rev 57780)
@@ -9,7 +9,8 @@
 CVE-2017-1000217 (Opencast 2.3.2 and older versions are vulnerable to script 
injections ...)
        TODO: check
 CVE-2017-1000190 (SimpleXML (latest version 2.7.1) is vulnerable to an XXE 
vulnerability ...)
-       TODO: check
+       - simple-xml <unfixed>
+       NOTE: https://github.com/ngallagher/simplexml/issues/18
 CVE-2017-1000163 (The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 
through ...)
        TODO: check
 CVE-2017-1000128 (Exiv2 0.26 contains a stack out of bounds read in JPEG2000 
parser ...)


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to