[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f47bffd6 by Moritz Muehlenhoff at 2018-11-01T08:27:01Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,15 +1,15 @@
 CVE-2018-18892 (MiniCMS 1.10 allows execution of arbitrary PHP code via the install.php ...)
-	TODO: check
+	NOT-FOR-US: MiniCMS
 CVE-2018-18891 (MiniCMS 1.10 allows file deletion via ...)
-	TODO: check
+	NOT-FOR-US: MiniCMS
 CVE-2018-18890 (MiniCMS 1.10 allows full path disclosure via ...)
-	TODO: check
+	NOT-FOR-US: MiniCMS
 CVE-2018-18889
 	RESERVED
 CVE-2018-18888 (An issue was discovered in laravelCMS through 2018-04-02. ...)
-	TODO: check
+	NOT-FOR-US: laravelCMS
 CVE-2018-18887 (S-CMS PHP 1.0 has SQL injection in member/member_news.php via the type ...)
-	TODO: check
+	NOT-FOR-US: S-CMS
 CVE-2018-18886
 	RESERVED
 CVE-2018-18885
@@ -48,7 +48,7 @@ CVE-2018-18869 (EmpireCMS V7.5 allows remote attackers to upload and execute arb
 CVE-2018-18868 (No-CMS 1.1.3 is prone to Persistent XSS via a contact_us name ...)
 	NOT-FOR-US: No-CMS
 CVE-2018-18867 (An SSRF issue was discovered in tecrail Responsive FileManager 9.13.4 ...)
-	TODO: check
+	NOT-FOR-US: tecrail Responsive FileManager
 CVE-2018-18866
 	RESERVED
 CVE-2018-18865
@@ -74,9 +74,9 @@ CVE-2018-18856
 CVE-2018-18855
 	RESERVED
 CVE-2018-18854 (Lightbend Spray spray-json through 1.3.4 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Lightbend Spray spray-json
 CVE-2018-18853 (Lightbend Spray spray-json through 1.3.4 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: Lightbend Spray spray-json
 CVE-2018-18852
 	RESERVED
 CVE-2018-18851
@@ -117,7 +117,7 @@ CVE-2018-18836
 CVE-2018-18835 (upload_template() in system/changeskin.php in DocCms 2016.5.12 allows ...)
 	NOT-FOR-US: DocCms
 CVE-2018-18834 (An issue has been found in libIEC61850 v1.3. It is a heap-based buffer ...)
-	TODO: check
+	NOT-FOR-US: libIEC61850
 CVE-2018-18833
 	RESERVED
 CVE-2018-18832 (admin/check.asp in DKCMS 9.4 allows SQL Injection via an ASPSESSIONID ...)
@@ -5879,7 +5879,7 @@ CVE-2018-16471
 CVE-2018-16470
 	RESERVED
 CVE-2018-16469 (The merge.recursive function in the merge package v <1.2 can be ...)
-	TODO: check
+	NOT-FOR-US: merge package v
 CVE-2018-16468 (In the Loofah gem for Ruby, through v2.2.2, unsanitized JavaScript may ...)
 	- ruby-loofah <unfixed> (bug #912398)
 	NOTE: https://github.com/flavorjones/loofah/issues/154



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f47bffd6e08fd27d3efe29b4c7a1bdcfaf883f9b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f47bffd6e08fd27d3efe29b4c7a1bdcfaf883f9b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181101/750d3895/attachment.html>