[Secure-testing-commits] r53478 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Jul 13 21:49:46 UTC 2017
Author: carnil
Date: 2017-07-13 21:49:46 +0000 (Thu, 13 Jul 2017)
New Revision: 53478
Modified:
data/CVE/list
Log:
Add note and todo for roundcube entry
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-13 21:42:36 UTC (rev 53477)
+++ data/CVE/list 2017-07-13 21:49:46 UTC (rev 53478)
@@ -475,7 +475,9 @@
CVE-2017-1000051 (Cross-site scripting (XSS) vulnerability in pad export in XWiki labs ...)
TODO: check
CVE-2017-1000049 (Roundcube Webmail 1.1.5 is vulnerable to Persistent Xss ...)
- TODO: check
+ - roundcube <undetermined>
+ NOTE: https://github.com/roundcube/roundcubemail/issues/4949
+ TODO: check if different from CVE-2015-2181
CVE-2017-1000048 (the web framework using ljharb's qs module older than v6.3.2, v6.2.3, ...)
TODO: check
CVE-2017-1000047 (rbenv (all current versions) is vulnerable to Directory Traversal in ...)
More information about the Secure-testing-commits
mailing list