[Secure-testing-commits] r53637 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Tue Jul 18 22:05:43 UTC 2017
Author: jmm
Date: 2017-07-18 22:05:43 +0000 (Tue, 18 Jul 2017)
New Revision: 53637
Modified:
data/CVE/list
Log:
new cacti issue (might be fixed, needs to be investigated further)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-18 22:02:18 UTC (rev 53636)
+++ data/CVE/list 2017-07-18 22:05:43 UTC (rev 53637)
@@ -828,7 +828,7 @@
CVE-2017-1000038 (WordPress plugin Relevanssi version 3.5.7.1 is vulnerable to stored ...)
NOT-FOR-US: WordPress plugin
CVE-2017-1000037 (RVM automatically loads environment variables from files in $PWD ...)
- TODO: check
+ NOT-FOR-US: RVM
CVE-2017-1000036 (All versions of Candy Chat are vulnerable to an XSS attack by message ...)
NOT-FOR-US: Candy Chat
CVE-2017-1000035 (Tiny Tiny RSS before 829d478f is vulnerable to XSS window.opener ...)
@@ -841,7 +841,8 @@
CVE-2017-1000032 (Cross-Site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow ...)
NOTE: Seems like a duplicate, contacted MITRE for rejection
CVE-2017-1000031 (SQL injection vulnerability in graph_templates_inputs.php in Cacti ...)
- TODO: check
+ - cacti <unfixed>
+ NOTE: https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-007/?fid=7789
CVE-2017-1000030 (Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is ...)
- glassfish <not-affected> (Vulnerable code not included, see bug #853998)
CVE-2017-1000029 (Oracle, GlassFish Server Open Source Edition 3.0.1 (build 22) is ...)
More information about the Secure-testing-commits
mailing list