[Git][security-tracker-team/security-tracker][master] Add CVE-2019-3888/undertow
Salvatore Bonaccorso
carnil at debian.org
Tue Jun 11 07:15:08 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
179dcc6b by Salvatore Bonaccorso at 2019-06-11T06:14:40Z
Add CVE-2019-3888/undertow
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -22306,8 +22306,10 @@ CVE-2019-3890
NOTE: Depends on evolution-data-server patch: https://gitlab.gnome.org/GNOME/evolution-data-server/commit/6672b8236139bd6ef41ecb915f4c72e2a052dba5
CVE-2019-3889
RESERVED
-CVE-2019-3888
+CVE-2019-3888 [leak credentials to log files UndertowLogger.REQUEST_LOGGER.undertowRequestFailed]
RESERVED
+ - undertow <unfixed>
+ NOTE: https://github.com/undertow-io/undertow/pull/736
CVE-2019-3887 (A flaw was found in the way KVM hypervisor handled x2APIC Machine Spec ...)
- linux 4.19.37-1
[stretch] - linux <not-affected> (Vulnerability introduced later)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/179dcc6b4a67644a6653447c84fee1a96da562c5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/179dcc6b4a67644a6653447c84fee1a96da562c5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190611/fa22cead/attachment.html>
More information about the debian-security-tracker-commits
mailing list