[Git][security-tracker-team/security-tracker][master] Reassociate some NFUs for TeamPass to src:teampass and itp'ed
Salvatore Bonaccorso
carnil at debian.org
Tue Aug 6 22:12:26 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ab635994 by Salvatore Bonaccorso at 2019-08-06T21:09:53Z
Reassociate some NFUs for TeamPass to src:teampass and itp'ed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5880,7 +5880,7 @@ CVE-2019-12951 (An issue was discovered in Mongoose before 6.15. The parse_mqtt(
NOT-FOR-US: Cesanta Mongoose
NOTE: smplayer embeds a copy, which is unused in any released version and disabled since 18.5.0~ds1-1
CVE-2019-12950 (An issue was discovered in TeamPass 2.1.27.35. From the sources/items. ...)
- NOT-FOR-US: TeamPass
+ - teampass <itp> (bug #730180)
CVE-2019-12949 (In pfSense 2.4.4-p2 and 2.4.4-p3, if it is possible to trick an authen ...)
NOT-FOR-US: pfSense
CVE-2019-12948 (A vulnerability in the web-based management interface of VVX, Trio, So ...)
@@ -21167,7 +21167,7 @@ CVE-2019-1000002 (Gitea version 1.6.2 and earlier contains a Incorrect Access Co
- gitea <removed>
NOTE: https://github.com/go-gitea/gitea/pull/5631
CVE-2019-1000001 (TeamPass version 2.1.27 and earlier contains a Storing Passwords in a ...)
- NOT-FOR-US: TeamPass
+ - teampass <itp> (bug #730180)
CVE-2018-20753 (Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 be ...)
NOT-FOR-US: Kaseya VSA RMM
CVE-2018-20752 (An issue was discovered in Recon-ng before 4.9.5. Lack of validation i ...)
@@ -100875,7 +100875,7 @@ CVE-2017-15280 (XML external entity (XXE) vulnerability in Umbraco CMS before 7.
CVE-2017-15279 (Cross-site scripting (XSS) vulnerability in Umbraco CMS before 7.7.3 a ...)
NOT-FOR-US: Umbraco CMS
CVE-2017-15278 (Cross-Site Scripting (XSS) was discovered in TeamPass before 2.1.27.9. ...)
- NOT-FOR-US: TeamPass
+ - teampass <itp> (bug #730180)
CVE-2017-15277 (ReadGIFImage in coders/gif.c in ImageMagick 7.0.6-1 and GraphicsMagick ...)
{DSA-4321-1 DSA-4040-1 DSA-4032-1 DLA-1456-1 DLA-1140-1 DLA-1139-1}
- imagemagick 8:6.9.9.34+dfsg-3 (bug #878578)
@@ -118489,7 +118489,7 @@ CVE-2017-9438 (libyara/re.c in the regexp module in YARA 3.5.0 allows remote att
CVE-2017-9437 (Openbravo Business Suite 3.0 is affected by SQL injection. This vulner ...)
NOT-FOR-US: Openbravo Business Suite
CVE-2017-9436 (TeamPass before 2.1.27.4 is vulnerable to a SQL injection in users.que ...)
- NOT-FOR-US: TeamPass
+ - teampass <itp> (bug #730180)
CVE-2017-9435 (Dolibarr ERP/CRM before 5.0.3 is vulnerable to a SQL injection in user ...)
- dolibarr 5.0.4+dfsg3-1 (bug #864569)
NOTE: https://github.com/Dolibarr/dolibarr/commit/70636cc59ffa1ffbc0ce3dba315d7d9b837aad04
@@ -180358,11 +180358,11 @@ CVE-2015-7566 (The clie_5_attach function in drivers/usb/serial/visor.c in the L
CVE-2015-7565 (Cross-site scripting (XSS) vulnerability in Ember.js 1.8.x through 1.1 ...)
NOT-FOR-US: ember.js
CVE-2015-7564 (Multiple SQL injection vulnerabilities in TeamPass 2.1.24 and earlier ...)
- NOT-FOR-US: TeamPass
+ - teampass <itp> (bug #730180)
CVE-2015-7563 (Cross-site request forgery (CSRF) vulnerability in TeamPass 2.1.24 and ...)
- NOT-FOR-US: TeamPass
+ - teampass <itp> (bug #730180)
CVE-2015-7562 (Multiple cross-site scripting (XSS) vulnerabilities in TeamPass 2.1.24 ...)
- NOT-FOR-US: TeamPass
+ - teampass <itp> (bug #730180)
CVE-2015-7561 (Kubernetes in OpenShift3 allows remote authenticated users to use the ...)
NOT-FOR-US: OpenShift
CVE-2015-7560 (The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4. ...)
@@ -259036,7 +259036,7 @@ CVE-2012-2236 (SQL injection vulnerability in users.php in PHP Gift Registry 1.5
CVE-2012-2235 (Cross-site scripting (XSS) vulnerability in Support Incident Tracker ( ...)
NOT-FOR-US: Support Incident Tracker
CVE-2012-2234 (Cross-site scripting (XSS) vulnerability in sources/users.queries.php ...)
- NOT-FOR-US: TeamPass.net
+ - teampass <itp> (bug #730180)
CVE-2012-2233
RESERVED
CVE-2012-2232
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ab635994dfee3ac5cc6149499cfc7547b26ecb38
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ab635994dfee3ac5cc6149499cfc7547b26ecb38
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190806/a0d1545a/attachment.html>
More information about the debian-security-tracker-commits
mailing list