[Git][security-tracker-team/security-tracker][master] Add CVE-2019-1834{5,6,7}/davical

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b35a3ee1 by Salvatore Bonaccorso at 2019-12-04T20:27:36Z
Add CVE-2019-1834{5,6,7}/davical

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5923,11 +5923,15 @@ CVE-2019-18348 (An issue was discovered in urllib2 in Python 2.x through 2.7.17
 	NOTE: not the case in all suites, but the issue is minor in general and would
 	NOTE: tend to a no-dsa/ignored tag in those suites.
 CVE-2019-18347 (A stored XSS issue was discovered in DAViCal through 1.1.8. It does no ...)
-	TODO: check
+	- davical <unfixed>
+	NOTE: https://hackdefense.com/publications/cve-2019-18347-davical-caldav-server-vulnerability/
 CVE-2019-18346 (A CSRF issue was discovered in DAViCal through 1.1.8. If an authentica ...)
-	TODO: check
+	- davical <unfixed>
+	NOTE: https://hackdefense.com/publications/cve-2019-18346-davical-caldav-server-vulnerability/
 CVE-2019-18345
 	RESERVED
+	- davical <unfixed>
+	NOTE: https://hackdefense.com/publications/cve-2019-18345-davical-caldav-server-vulnerability/
 CVE-2019-18344 (Sourcecodester Online Grading System 1.0 is vulnerable to unauthentica ...)
 	NOT-FOR-US: Sourcecodester Online Grading System
 CVE-2019-18343



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b35a3ee142efdb7adaf3167b654c8421d0781fbf

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b35a3ee142efdb7adaf3167b654c8421d0781fbf
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191204/19eb143e/attachment.html>