[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Wed Aug 15 10:57:26 BST 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6d665e85 by Moritz Muehlenhoff at 2018-08-15T09:56:55Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -2190,7 +2190,7 @@ CVE-2018-14431
 CVE-2018-14430 (The Mondula Multi Step Form plugin through 1.2.5 for WordPress allows ...)
 	NOT-FOR-US:  Mondula Multi Step Form plugin for WordPress
 CVE-2018-14429 (man-cgi before 1.16 allows Local File Inclusion via absolute path ...)
-	TODO: check
+	NOT-FOR-US: man-cgi
 CVE-2018-14428
 	RESERVED
 CVE-2018-14427
@@ -3309,8 +3309,7 @@ CVE-2018-14008
 	RESERVED
 CVE-2018-14007 [XAPI HTTP directory traversal]
 	RESERVED
-	NOTE: https://xenbits.xen.org/xsa/advisory-271.html
-	TODO: check
+	NOT-FOR-US: xapi
 CVE-2018-14006 (An integer overflow vulnerability exists in the function ...)
 	NOT-FOR-US: Neo Genesis Token (NGT)
 CVE-2018-14005 (An integer overflow vulnerability exists in the function transferAny of ...)
@@ -6796,7 +6795,7 @@ CVE-2018-12541
 CVE-2018-12540 (In version from 3.0.0 to 3.5.2 of Eclipse Vert.x, the CSRFHandler do ...)
 	NOT-FOR-US: Eclipse Vertx
 CVE-2018-12539 (In Eclipse OpenJ9 version 0.8, users other than the process owner may ...)
-	TODO: check
+	NOT-FOR-US: Eclipse OpenJ9
 CVE-2018-12538 (In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional ...)
 	- jetty9 <not-affected> (Only affects 9.4.x)
 	- jetty8 <not-affected> (Only affects 9.4.x)
@@ -21414,19 +21413,19 @@ CVE-2018-7101
 CVE-2018-7100 (A potential security vulnerability has been identified in HPE ...)
 	NOT-FOR-US: HPE OfficeConnect 1810 Switch Series
 CVE-2018-7099 (A security vulnerability was identified in 3PAR Service Processor (SP) ...)
-	TODO: check
+	NOT-FOR-US: 3PAR
 CVE-2018-7098 (A security vulnerability was identified in 3PAR Service Processor (SP) ...)
-	TODO: check
+	NOT-FOR-US: 3PAR
 CVE-2018-7097 (A security vulnerability was identified in 3PAR Service Processor (SP) ...)
-	TODO: check
+	NOT-FOR-US: 3PAR
 CVE-2018-7096 (A security vulnerability was identified in 3PAR Service Processor (SP) ...)
-	TODO: check
+	NOT-FOR-US: 3PAR
 CVE-2018-7095 (A security vulnerability was identified in 3PAR Service Processor (SP) ...)
-	TODO: check
+	NOT-FOR-US: 3PAR
 CVE-2018-7094 (A security vulnerability was identified in 3PAR Service Processor (SP) ...)
-	TODO: check
+	NOT-FOR-US: 3PAR
 CVE-2018-7093 (A security vulnerability in HPE Integrated Lights-Out 3 prior to ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2018-7092 (A potential security vulnerability has been identified in HPE ...)
 	NOT-FOR-US: HPE
 CVE-2018-7091 (HPE XP P9000 Command View Advanced Edition Software (CVAE) has open ...)
@@ -21458,7 +21457,7 @@ CVE-2018-7079
 CVE-2018-7078 (A remote code execution was identified in HPE Integrated Lights-Out 4 ...)
 	NOT-FOR-US: HPE
 CVE-2018-7077 (A security vulnerability in HPE XP P9000 Command View Advanced Edition ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2018-7076
 	RESERVED
 CVE-2018-7075 (A remote cross-site scripting (XSS) vulnerability was identified in ...)
@@ -30421,9 +30420,9 @@ CVE-2018-3940
 CVE-2018-3939 (An exploitable use-after-free vulnerability exists in the JavaScript ...)
 	NOT-FOR-US: Foxit
 CVE-2018-3938 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
-	TODO: check
+	NOT-FOR-US: Sony
 CVE-2018-3937 (An exploitable command injection vulnerability exists in the ...)
-	TODO: check
+	NOT-FOR-US: Sony
 CVE-2018-3936 (In Antenna House Office Server Document Converter version V6.1 Pro MR2 ...)
 	NOT-FOR-US: Antenna House Office Server Document Converter
 CVE-2018-3935
@@ -42134,7 +42133,7 @@ CVE-2018-0133
 CVE-2018-0132 (A vulnerability in the forwarding information base (FIB) code of Cisco ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0131 (A vulnerability in the implementation of RSA-encrypted nonces in Cisco ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2018-0130 (A vulnerability in the use of JSON web tokens by the web-based service ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0129 (A vulnerability in the web-based management interface of Cisco Data ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d665e85b9cd98feeb2fd906d78874a1df1b5815

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d665e85b9cd98feeb2fd906d78874a1df1b5815
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180815/80428829/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list