[Git][security-tracker-team/security-tracker][master] Process NFUs (various nodejs modules)

Salvatore Bonaccorso carnil at debian.org
Tue Jun 5 20:22:09 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
adce843e by Salvatore Bonaccorso at 2018-06-05T21:21:32+02:00
Process NFUs (various nodejs modules)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -21610,13 +21610,13 @@ CVE-2018-3748
 CVE-2018-3747
 	RESERVED
 CVE-2018-3746 (The pdfinfojs NPM module versions <= 0.3.6 has a command injection ...)
-	TODO: check
+	NOT-FOR-US: pdfinfojs nodejs module
 CVE-2018-3745 (atob 2.0.3 and earlier allocates uninitialized Buffers when number is ...)
 	NOT-FOR-US: nodejs atob module
 CVE-2018-3744 (The html-pages node module contains a path traversal vulnerabilities ...)
-	TODO: check
+	NOT-FOR-US: html-pages nodejs module
 CVE-2018-3743 (Open redirect in hekto <=0.2.3 when target domain name is used as html ...)
-	TODO: check
+	NOT-FOR-US: hekto nodejs module
 CVE-2018-3742
 	REJECTED
 CVE-2018-3741 (There is a possible XSS vulnerability in all rails-html-sanitizer gem ...)
@@ -21640,9 +21640,9 @@ CVE-2018-3736
 CVE-2018-3735
 	RESERVED
 CVE-2018-3734 (stattic node module suffers from a Path Traversal vulnerability due to ...)
-	TODO: check
+	NOT-FOR-US: stattic nodejs module
 CVE-2018-3733 (crud-file-server node module before 0.9.0 suffers from a Path ...)
-	TODO: check
+	NOT-FOR-US: crud-file-server nodejs module
 CVE-2018-3732
 	RESERVED
 CVE-2018-3731



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/adce843ee8d3783d6730c2e09aede088b885daf9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/adce843ee8d3783d6730c2e09aede088b885daf9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180605/e01d85e9/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list