[Secure-testing-commits] r56567 - data/CVE

Raphael Geissert geissert at moszumanska.debian.org
Tue Oct 10 09:19:27 UTC 2017


Author: geissert
Date: 2017-10-10 09:19:27 +0000 (Tue, 10 Oct 2017)
New Revision: 56567

Modified:
   data/CVE/list
Log:
kanboard and shaarli issues, NFUs


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-10-10 09:10:15 UTC (rev 56566)
+++ data/CVE/list	2017-10-10 09:19:27 UTC (rev 56567)
@@ -1,45 +1,45 @@
 CVE-2017-15215 (Reflected XSS vulnerability in Shaarli v0.9.1 allows an unauthenticated ...)
-	TODO: check
+	- shaarli <itp> (bug #864559)
 CVE-2017-15214 (Stored XSS vulnerability in Flyspray 1.0-rc4 before 1.0-rc6 allows an ...)
-	TODO: check
+	NOT-FOR-US: Flyspray
 CVE-2017-15213 (Stored XSS vulnerability in Flyspray before 1.0-rc6 allows an ...)
-	TODO: check
+	NOT-FOR-US: Flyspray
 CVE-2017-15212 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
-	TODO: check
+	- kanboard <itp> (bug #790814)
 CVE-2017-15211 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
-	TODO: check
+	- kanboard <itp> (bug #790814)
 CVE-2017-15210 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
-	TODO: check
+	- kanboard <itp> (bug #790814)
 CVE-2017-15209 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
-	TODO: check
+	- kanboard <itp> (bug #790814)
 CVE-2017-15208 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
-	TODO: check
+	- kanboard <itp> (bug #790814)
 CVE-2017-15207 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
-	TODO: check
+	- kanboard <itp> (bug #790814)
 CVE-2017-15206 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
-	TODO: check
+	- kanboard <itp> (bug #790814)
 CVE-2017-15205 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
-	TODO: check
+	- kanboard <itp> (bug #790814)
 CVE-2017-15204 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
-	TODO: check
+	- kanboard <itp> (bug #790814)
 CVE-2017-15203 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
-	TODO: check
+	- kanboard <itp> (bug #790814)
 CVE-2017-15202 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
-	TODO: check
+	- kanboard <itp> (bug #790814)
 CVE-2017-15201 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
-	TODO: check
+	- kanboard <itp> (bug #790814)
 CVE-2017-15200 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
-	TODO: check
+	- kanboard <itp> (bug #790814)
 CVE-2017-15199 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
-	TODO: check
+	- kanboard <itp> (bug #790814)
 CVE-2017-15198 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
-	TODO: check
+	- kanboard <itp> (bug #790814)
 CVE-2017-15197 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
-	TODO: check
+	- kanboard <itp> (bug #790814)
 CVE-2017-15196 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
-	TODO: check
+	- kanboard <itp> (bug #790814)
 CVE-2017-15195 (In Kanboard before 1.0.47, by altering form data, an authenticated user ...)
-	TODO: check
+	- kanboard <itp> (bug #790814)
 CVE-2017-15193
 	RESERVED
 CVE-2017-15192
@@ -51,7 +51,7 @@
 CVE-2017-15189
 	RESERVED
 CVE-2017-15188 (A persistent (stored) XSS vulnerability in the EyesOfNetwork web ...)
-	TODO: check
+	NOT-FOR-US: EyesOfNetwork (EON)
 CVE-2017-15187
 	RESERVED
 CVE-2017-15194 (include/global_session.php in Cacti 1.1.25 has XSS related to (1) the ...)
@@ -724,7 +724,7 @@
 CVE-2017-14944 (Inedo ProGet before 4.7.14 does not properly address dangerous package ...)
 	NOT-FOR-US: Inedo ProGet
 CVE-2017-14943 (Trapeze TransitMaster is vulnerable to information disclosure (emails / ...)
-	TODO: check
+	NOT-FOR-US: Trapeze TransitMaster
 CVE-2017-14942 (Intelbras WRN 150 devices allow remote attackers to read the ...)
 	NOT-FOR-US: Intelbras WRN 150 devices
 CVE-2017-14941 (Jaspersoft JasperReports 4.7 suffers from a saved credential disclosure ...)




More information about the Secure-testing-commits mailing list