[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
jmm at debian.org
Wed Jan 24 06:43:45 UTC 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
398d5bc9 by Moritz Muehlenhoff at 2018-01-24T07:43:36+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -301,25 +301,25 @@ CVE-2018-6031
CVE-2018-6030
RESERVED
CVE-2018-1000016 (Jenkins Ant Plugin 1.7 and earlier failed to escape tool names it ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2018-1000015 (On Jenkins instances with Authorize Project plugin, the authentication ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2018-1000014 (Jenkins Translation Assistance Plugin 1.15 and earlier did not require ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2018-1000013 (Jenkins Release Plugin 2.9 and earlier did not require form ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2018-1000012 (Jenkins Warnings Plugin 4.64 and earlier processes XML external ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2018-1000011 (Jenkins FindBugs Plugin 4.71 and earlier processes XML external ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2018-1000010 (Jenkins DRY Plugin 2.49 and earlier processes XML external entities in ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2018-1000009 (Jenkins Checkstyle Plugin 3.49 and earlier processes XML external ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2018-1000008 (Jenkins PMD Plugin 3.49 and earlier processes XML external entities in ...)
- TODO: check
+ NOT-FOR-US: Jenkins plugin
CVE-2015-1142857 (On multiple SR-IOV cars it is possible for VF's assigned to guests to ...)
- TODO: check
+ NOT-FOR-US: SR-IOV cars
CVE-2018-6029 (The copy function in application/admin/controller/Article.php in ...)
NOT-FOR-US: NoneCms
CVE-2018-6028
@@ -351,7 +351,7 @@ CVE-2018-6016
CVE-2018-6015
RESERVED
CVE-2018-6014 (Subsonic v6.1.3 has an insecure allow-access-from domain="*" Flash ...)
- TODO: check
+ NOT-FOR-US: Subsonic
CVE-2018-6013 (Cross-site scripting (XSS) in BigTree 4.2.19 allows any remote users to ...)
NOT-FOR-US: BigTree CMS
CVE-2018-6012
@@ -429,7 +429,7 @@ CVE-2017-18048 (Monstra CMS 3.0.4 allows users to upload arbitrary files, which
CVE-2017-1000417 (MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic ...)
- matrixssl <removed>
CVE-2017-1000416 (axTLS version 1.5.3 has a coding error in the ASN.1 parser resulting ...)
- TODO: check
+ NOT-FOR-US: axTLS
CVE-2018-6003 (An issue was discovered in the _asn1_decode_simple_ber function in ...)
- libtasn1-6 4.13-2
[jessie] - libtasn1-6 <not-affected> (Vulnerable code introduced in 4.3)
@@ -523,7 +523,7 @@ CVE-2018-5962 (index.php in CentOS-WebPanel.com (aka CWP) CentOS Web Panel throu
CVE-2018-5961 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel through v0.9.8.12 has ...)
NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2018-5960 (Zenario v7.1 - v7.6 has SQL injection via the `Name` input field of ...)
- TODO: check
+ NOT-FOR-US: Zenario
CVE-2018-5959
RESERVED
CVE-2018-5958 (In Zillya! Antivirus 3.0.2230.0, the driver file (zef.sys) allows local ...)
@@ -535,7 +535,7 @@ CVE-2018-5956 (In Zillya! Antivirus 3.0.2230.0, the driver file (zef.sys) allows
CVE-2018-5955 (An issue was discovered in GitStack through 2.3.10. User controlled ...)
TODO: check
CVE-2017-18047 (Buffer Overflow in the FTP client in LabF nfsAxe 3.7 allows remote FTP ...)
- TODO: check
+ NOT-FOR-US: LabF nfsAxe
CVE-2017-18046 (Buffer overflow on Dasan GPON ONT WiFi Router H640X 12.02-01121 ...)
NOT-FOR-US: Dasan GPON ONT WiFi Router devices
CVE-2016-10709 (pfSense before 2.3 allows remote authenticated users to execute ...)
@@ -988,7 +988,7 @@ CVE-2018-5763
CVE-2018-5762
RESERVED
CVE-2018-5761 (A man-in-the-middle vulnerability related to vCenter access was found ...)
- TODO: check
+ NOT-FOR-US: Rubrik CDM
CVE-2018-5760
RESERVED
CVE-2018-5759
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/398d5bc99cfc7dfca4eec0e4af797ea725e544a4
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/398d5bc99cfc7dfca4eec0e4af797ea725e544a4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180124/6c3b1747/attachment.html>
More information about the Secure-testing-commits
mailing list