diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2018-06-16 15:16:59 +0200 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2018-06-16 15:16:59 +0200 |
| commit | b8f8887896d31ea9a79f6640202cfec30795ab32 (patch) | |
| tree | c4634d2c5c4ed9094ddb514a9eba41425266bcd7 /data | |
| parent | dddb484200b321287455bde46a5a6c20a7665864 (diff) | |
Add three (not yet CVEified) issues in src:lava
The CVEs were requested to the DWF project already, expecting to get
CVEs, so tracking those issues already.
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list index c7df248c15..c02d5b5ea4 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,9 @@ +CVE-2018-XXXX [Remove the ability to past URLs in the submit page] + - lava 2018.5.post1-1 +CVE-2018-XXXX [Use yaml.safe_load when parsing user data] + - lava 2018.5.post1-1 +CVE-2018-XXXX [Use requests instead of urlopen] + - lava 2018.5.post1-1 CVE-2018-12498 (spider.admincp.php in iCMS v7.0.8 has SQL Injection via the id ...) NOT-FOR-US: iCMS CVE-2018-12497 |