[Secure-testing-commits] r53475 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jul 13 21:33:23 UTC 2017
Author: carnil
Date: 2017-07-13 21:33:23 +0000 (Thu, 13 Jul 2017)
New Revision: 53475
Modified:
data/CVE/list
Log:
Add CVE-2017-1000061/xmlsec1
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-13 21:28:14 UTC (rev 53474)
+++ data/CVE/list 2017-07-13 21:33:23 UTC (rev 53475)
@@ -451,7 +451,8 @@
CVE-2017-1000062 (kittoframework kitto 0.5.1 is vulnerable to directory traversal in the ...)
TODO: check
CVE-2017-1000061 (xmlsec 1.2.23 and before is vulnerable to XML External Entity ...)
- TODO: check
+ - xmlsec1 <unfixed>
+ NOTE: https://github.com/lsh123/xmlsec/issues/43
CVE-2017-1000060 (EyesOfNetwork (EON) 5.1 Unauthenticated SQL Injection in eonweb ...)
TODO: check
CVE-2017-1000059 (Live Helper Chat version 2.06v and older is vulnerable to Cross-Site ...)
More information about the Secure-testing-commits
mailing list