[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
carnil at debian.org
Tue Jan 15 20:23:32 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ca1f2478 by Salvatore Bonaccorso at 2019-01-15T20:22:57Z
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -41,31 +41,31 @@ CVE-2019-6298
CVE-2019-6297
RESERVED
CVE-2019-6296 (Cleanto 5.0 has SQL Injection via the assets/lib/export_ajax.php id ...)
- TODO: check
+ NOT-FOR-US: Cleanto
CVE-2019-6295 (Cleanto 5.0 has SQL Injection via the ...)
- TODO: check
+ NOT-FOR-US: Cleanto
CVE-2019-6294 (An issue was discovered in EasyCMS 1.5. There is CSRF via the ...)
- TODO: check
+ NOT-FOR-US: EasyCMS
CVE-2018-20719 (In Tiki before 17.2, the user task component is vulnerable to a SQL ...)
TODO: check
CVE-2018-20718 (In Pydio before 8.2.2, an attack is possible via PHP Object Injection ...)
TODO: check
CVE-2018-20717 (In the orders section of PrestaShop before 1.7.2.5, an attack is ...)
- TODO: check
+ NOT-FOR-US: PrestaShop
CVE-2018-20716 (CubeCart before 6.1.13 has SQL Injection via the validate[] parameter ...)
- TODO: check
+ NOT-FOR-US: CubeCart
CVE-2018-20715 (The DB abstraction layer of OXID eSales 4.10.6 is vulnerable to SQL ...)
- TODO: check
+ NOT-FOR-US: OXID eSales
CVE-2018-20714 (The logging system of the Automattic WooCommerce plugin before 3.4.6 ...)
- TODO: check
+ NOT-FOR-US: Automattic WooCommerce plugin for WordPress
CVE-2018-20713 (Shopware before 5.4.3 allows SQL Injection by remote authenticated ...)
- TODO: check
+ NOT-FOR-US: Shopware
CVE-2017-18358 (LimeSurvey before 2.72.4 has Stored XSS by using the Continue Later ...)
TODO: check
CVE-2017-18357 (Shopware before 5.3.4 has a PHP Object Instantiation issue via the sort ...)
- TODO: check
+ NOT-FOR-US: Shopware
CVE-2017-18356 (In the Automattic WooCommerce plugin before 3.2.4 for WordPress, an ...)
- TODO: check
+ NOT-FOR-US: Automattic WooCommerce plugin for WordPress
CVE-2019-6293 (An issue was discovered in the function mark_beginning_as_normal in ...)
TODO: check
CVE-2019-6292 (An issue was discovered in singledocparser.cpp in yaml-cpp (aka ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ca1f247830a86a51f0950604909363d05296dc79
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ca1f247830a86a51f0950604909363d05296dc79
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190115/6a2854d5/attachment.html>
More information about the debian-security-tracker-commits
mailing list