[Git][security-tracker-team/security-tracker][master] Add CVE-2018-1999{2,3,4,5}/dolibarr issues
Salvatore Bonaccorso
carnil at debian.org
Thu Jan 3 21:02:13 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7534396e by Salvatore Bonaccorso at 2019-01-03T21:01:47Z
Add CVE-2018-1999{2,3,4,5}/dolibarr issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5801,13 +5801,18 @@ CVE-2018-19997
CVE-2018-19996
RESERVED
CVE-2018-19995 (A stored cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 ...)
- TODO: check
+ - dolibarr <removed>
+ NOTE: https://github.com/Dolibarr/dolibarr/commit/4b8be6ed64763327018ac1c076f81ddffa87855e
+ NOTE: https://github.com/Dolibarr/dolibarr/commit/bacd5110fbdc81a35030fdc322775fa15ea85924
CVE-2018-19994 (An error-based SQL injection vulnerability in product/card.php in ...)
- TODO: check
+ - dolibarr <removed>
+ NOTE: https://github.com/Dolibarr/dolibarr/commit/850b939ffd2c7a4443649331b923d5e0da2d6446
CVE-2018-19993 (A reflected cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 ...)
- TODO: check
+ - dolibarr <removed>
+ NOTE: https://github.com/Dolibarr/dolibarr/commit/fc3fcc5455d9a610b85723e89e8be43a41ad1378
CVE-2018-19992 (A stored cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 ...)
- TODO: check
+ - dolibarr <removed>
+ NOTE: https://github.com/Dolibarr/dolibarr/commit/0f06e39d23636bd1e4039ac61a743c79725c798b
CVE-2018-19991 (VeryNginx 0.3.3 allows remote attackers to bypass the Web Application ...)
NOT-FOR-US: VeryNginx
CVE-2018-19990
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7534396e0ea4fe31b34d5f8ca86e45e47e21d6a7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7534396e0ea4fe31b34d5f8ca86e45e47e21d6a7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190103/8b749e9f/attachment.html>
More information about the debian-security-tracker-commits
mailing list