[Git][security-tracker-team/security-tracker][master] Add new NFUs

Salvatore Bonaccorso carnil at debian.org
Fri Sep 7 09:42:59 BST 2018


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
af007081 by Salvatore Bonaccorso at 2018-09-07T08:42:33Z
Add new NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,17 +1,17 @@
 CVE-2018-16656
 	RESERVED
 CVE-2018-16655 (Gxlcms 1.0 has XSS via the PATH_INFO to ...)
-	TODO: check
+	NOT-FOR-US: Gxlcms
 CVE-2018-16654 (Zurmo 3.2.4 Stable allows XSS via ...)
-	TODO: check
+	NOT-FOR-US: Zurmo
 CVE-2018-16653 (rejucms 2.1 has XSS via the ucenter/cms_user_add.php u_name parameter. ...)
-	TODO: check
+	NOT-FOR-US: rejucms
 CVE-2018-16652
 	RESERVED
 CVE-2018-16651 (The admin backend in phpMyFAQ before 2.9.11 allows CSV injection in ...)
-	TODO: check
+	NOT-FOR-US: phpMyFAQ
 CVE-2018-16650 (phpMyFAQ before 2.9.11 allows CSRF. ...)
-	TODO: check
+	NOT-FOR-US: phpMyFAQ
 CVE-2018-16649
 	RESERVED
 CVE-2018-16648 (In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/af0070811ad69762ecc4fa010164b4f038961ebf

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/af0070811ad69762ecc4fa010164b4f038961ebf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180907/b3d43ace/attachment.html>


More information about the debian-security-tracker-commits mailing list