[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Sun Aug 4 09:21:55 BST 2019



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c1a8dde5 by Salvatore Bonaccorso at 2019-08-04T08:21:22Z
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2842,7 +2842,7 @@ CVE-2019-13657
 CVE-2019-13656
 	RESERVED
 CVE-2019-13655 (Imgix through 2019-06-19 allows remote attackers to cause a denial of  ...)
-	TODO: check
+	NOT-FOR-US: Imgix
 CVE-2019-13654
 	RESERVED
 CVE-2019-13653
@@ -25766,17 +25766,17 @@ CVE-2019-5457 (Cross-site scripting (XSS) vulnerability in min-http-server (all
 CVE-2019-5456 (SMTP MITM refers to a malicious actor setting up an SMTP proxy server  ...)
 	TODO: check
 CVE-2019-5455 (Bypassing lock protection exists in Nextcloud Android app 3.6.0 when c ...)
-	TODO: check
+	NOT-FOR-US: Nextcloud Android app
 CVE-2019-5454 (SQL Injection in the Nextcloud Android app prior to version 3.0.0 allo ...)
-	TODO: check
+	NOT-FOR-US: Nextcloud Android app
 CVE-2019-5453 (Bypass lock protection in the Nextcloud Android app prior to version 3 ...)
-	TODO: check
+	NOT-FOR-US: Nextcloud Android app
 CVE-2019-5452 (Bypass lock protection in the Nextcloud Android app prior to version 3 ...)
-	TODO: check
+	NOT-FOR-US: Nextcloud Android app
 CVE-2019-5451 (Bypass lock protection in the Nextcloud Android app prior to version 3 ...)
-	TODO: check
+	NOT-FOR-US: Nextcloud Android app
 CVE-2019-5450 (Improper sanitization of HTML in directory names in the Nextcloud Andr ...)
-	TODO: check
+	NOT-FOR-US: Nextcloud Android app
 CVE-2019-5449 (A missing check in the Nextcloud Server prior to version 15.0.1 causes ...)
 	TODO: check
 CVE-2019-5448 (Yarn before 1.17.3 is vulnerable to Missing Encryption of Sensitive Da ...)
@@ -35753,7 +35753,7 @@ CVE-2019-1903 (A vulnerability in Cisco Security Manager could allow an unauthen
 CVE-2019-1902
 	RESERVED
 CVE-2019-1901 (A vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2019-1900
 	RESERVED
 CVE-2019-1899 (A vulnerability in the web interface of Cisco RV110W, RV130W, and RV21 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c1a8dde5277942adae4698e8d0485e7203c9f9a2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c1a8dde5277942adae4698e8d0485e7203c9f9a2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190804/a452f30e/attachment.html>


More information about the debian-security-tracker-commits mailing list