[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs

Sun, 18 Feb 2018 01:41:38 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5bcb376a by Salvatore Bonaccorso at 2018-02-18T10:40:22+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,9 +1,9 @@
 CVE-2018-7218
        RESERVED
 CVE-2018-7217 (In Bravo Tejari Procurement Portal, uploaded files are not 
properly ...)
-       TODO: check
+       NOT-FOR-US: Bravo Tejari Procurement Portal
 CVE-2018-7216 (Cross-site request forgery (CSRF) vulnerability in ...)
-       TODO: check
+       NOT-FOR-US: Bravo Tejari Procurement Portal
 CVE-2018-7215
        RESERVED
 CVE-2018-7214
@@ -13,15 +13,15 @@ CVE-2018-7213
 CVE-2018-7212 (An issue was discovered in ...)
        TODO: check
 CVE-2018-7211 (An issue was discovered in iDashboards 9.6b. The SSO 
implementation is ...)
-       TODO: check
+       NOT-FOR-US: iDashboards
 CVE-2018-7210 (An issue was discovered in iDashboards 9.6b. It allows remote 
attackers ...)
-       TODO: check
+       NOT-FOR-US: iDashboards
 CVE-2018-7209 (An issue was discovered in iDashboards 9.6b. It allows remote 
attackers ...)
-       TODO: check
+       NOT-FOR-US: iDashboards
 CVE-2018-7208 (In the coff_pointerize_aux function in coffgen.c in the Binary 
File ...)
        TODO: check
 CVE-2018-7207 (National Payments Corporation of India (NPCI) Bharat Interface 
for ...)
-       TODO: check
+       NOT-FOR-US: BHIM
 CVE-2018-7206 (An issue was discovered in Project Jupyter JupyterHub 
OAuthenticator ...)
        TODO: check
 CVE-2018-7205
@@ -39,7 +39,7 @@ CVE-2018-7200
 CVE-2018-7199
        RESERVED
 CVE-2018-7198 (October CMS through 1.0.431 allows XSS by entering HTML on the 
Add ...)
-       TODO: check
+       NOT-FOR-US: October CMS
 CVE-2018-7197 (An issue was discovered in Pluck through 4.7.4. A stored 
cross-site ...)
        TODO: check
 CVE-2018-7196
@@ -3313,11 +3313,11 @@ CVE-2018-6008 (Arbitrary File Download exists in the 
Jtag Members Directory 5.3.
 CVE-2018-6007 (CSRF exists in the JS Support Ticket 1.1.0 component for 
Joomla! and ...)
        NOT-FOR-US: Support Ticket component for Joomla!
 CVE-2018-6006 (SQL Injection exists in the JS Autoz 1.0.9 component for 
Joomla! via ...)
-       TODO: check
+       NOT-FOR-US: JS Autoz component for Joomla!
 CVE-2018-6005 (SQL Injection exists in the Realpin through 1.5.04 component 
for ...)
-       TODO: check
+       NOT-FOR-US: Realpin component for Joomla!
 CVE-2018-6004 (SQL Injection exists in the File Download Tracker 3.0 component 
for ...)
-       TODO: check
+       NOT-FOR-US: File Download Tracker component for Joomla!
 CVE-2017-18074
        RESERVED
 CVE-2017-18073
@@ -3411,17 +3411,17 @@ CVE-2018-5996 (Insufficient exception handling in the 
method ...)
 CVE-2018-5995
        RESERVED
 CVE-2018-5994 (SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! 
via the ...)
-       TODO: check
+       NOT-FOR-US: JS Jobs component for Joomla!
 CVE-2018-5993 (SQL Injection exists in the Aist through 2.0 component for 
Joomla! via ...)
-       TODO: check
+       NOT-FOR-US: Aist component for Joomla!
 CVE-2018-5992 (SQL Injection exists in the Staff Master through 1.0 RC 1 
component for ...)
-       TODO: check
+       NOT-FOR-US: Staff Master component for Joomla!
 CVE-2018-5991 (SQL Injection exists in the Form Maker 3.6.12 component for 
Joomla! via ...)
-       TODO: check
+       NOT-FOR-US: Form Maker component for Joomla!
 CVE-2018-5990 (SQL Injection exists in the AllVideos Reloaded 1.2.x component 
for ...)
-       TODO: check
+       NOT-FOR-US: AllVideos Reloaded component for Joomla!
 CVE-2018-5989 (SQL Injection exists in the ccNewsletter 2.x component for 
Joomla! via ...)
-       TODO: check
+       NOT-FOR-US: ccNewsletter component for Joomla!
 CVE-2018-5988 (SQL Injection exists in Flexible Poll 1.2 via the id parameter 
to ...)
        NOT-FOR-US: Flexible Poll
 CVE-2018-5987 (SQL Injection exists in the Pinterest Clone Social Pinboard 2.0 
...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5bcb376a07da9243b13106d4445231319c7d7391

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5bcb376a07da9243b13106d4445231319c7d7391
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to