[Secure-testing-commits] r55297 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Aug 31 09:18:08 UTC 2017


Author: carnil
Date: 2017-08-31 09:18:08 +0000 (Thu, 31 Aug 2017)
New Revision: 55297

Modified:
   data/CVE/list
Log:
Process NFUs

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-31 09:17:42 UTC (rev 55296)
+++ data/CVE/list	2017-08-31 09:18:08 UTC (rev 55297)
@@ -15,13 +15,13 @@
 CVE-2017-14043
 	RESERVED
 CVE-2017-14038 (CrushFTP before 7.8.0 and 8.x before 8.2.0 has a redirect ...)
-	TODO: check
+	NOT-FOR-US: CrushFTP
 CVE-2017-14037 (CrushFTP before 7.8.0 and 8.x before 8.2.0 has an HTTP header ...)
-	TODO: check
+	NOT-FOR-US: CrushFTP
 CVE-2017-14036 (CrushFTP before 7.8.0 and 8.x before 8.2.0 has XSS. ...)
-	TODO: check
+	NOT-FOR-US: CrushFTP
 CVE-2017-14035 (CrushFTP 8.x before 8.2.0 has a serialization vulnerability. ...)
-	TODO: check
+	NOT-FOR-US: CrushFTP
 CVE-2017-14051 (An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in ...)
 	- linux <unfixed>
 	NOTE: https://patchwork.kernel.org/patch/9929625/
@@ -953,7 +953,7 @@
 CVE-2017-13671 (app/View/Helper/CommandHelper.php in MISP before 2.4.79 has persistent ...)
 	NOT-FOR-US: MISP (Malware Information Sharing Platform and Threat Sharing)
 CVE-2017-13670 (In BlackCat CMS 1.2, remote authenticated users can upload any file via ...)
-	TODO: check
+	NOT-FOR-US: BlackCat CMS
 CVE-2017-13669 (SQL Injection exists in NexusPHP 1.5.beta5.20120707 via the setanswered ...)
 	NOT-FOR-US: NexusPHP
 CVE-2017-13668




More information about the Secure-testing-commits mailing list