Skip to content
Commits on Source (9)
Hide whitespace changes
Inline Side-by-side
data/CVE/list
View file @ b66dfc5b
......@@ -938,6 +938,7 @@ CVE-2018-20002 (The _bfd_generic_read_minisymbols function in syms.c in the Bina
NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c2f5dc30afa34696f2da0081c4ac50b958ecb0e9
CVE-2018-20001 (In Libav 12.3, there is a floating point exception in the ...)
- libav <removed>
[jessie] - libav <no-dsa> (floating point exception cannot be observed on Jessie)
NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1141
CVE-2018-20000 (Apereo Bedework bw-webdav before 4.0.3 allows XXE attacks, as ...)
TODO: check
......@@ -18483,32 +18484,36 @@ CVE-2018-1999016 (Pydio version 8.2.0 and earlier contains a Cross Site Scriptin
CVE-2018-1999015 (FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains ...)
- ffmpeg 7:4.0.2-1
[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
- libav <undetermined>
- libav <removed>
[jessie] - libav <not-affected> (Vulnerable code not present)
NOTE: https://github.com/FFmpeg/FFmpeg/commit/5aba5b89d0b1d73164d3b81764828bb8b20ff32
CVE-2018-1999014 (FFmpeg before commit bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 contains ...)
- ffmpeg 7:4.0.2-1
[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
- libav <undetermined>
- libav <removed>
[jessie] - libav <not-affected> (Vulnerable code not present)
NOTE: https://github.com/FFmpeg/FFmpeg/commit/bab0716c7f4793ec42e05a5aa7e80d82a0dd4e7
CVE-2018-1999013 (FFmpeg before commit a7e032a277452366771951e29fd0bf2bd5c029f0 contains ...)
{DSA-4249-1}
- ffmpeg 7:4.0.2-1
- libav <undetermined>
- libav <removed>
[jessie] - libav <not-affected> (Vulnerable code not present)
NOTE: https://github.com/FFmpeg/FFmpeg/commit/a7e032a277452366771951e29fd0bf2bd5c029f
CVE-2018-1999012 (FFmpeg before commit 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 contains ...)
{DSA-4249-1}
- ffmpeg 7:4.0.2-1
- libav <undetermined>
- libav <removed>
NOTE: https://github.com/FFmpeg/FFmpeg/commit/9807d3976be0e92e4ece3b4b1701be894cd7c2e
CVE-2018-1999011 (FFmpeg before commit 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 contains ...)
- ffmpeg 7:4.0.2-1
[stretch] - ffmpeg <postponed> (Minor issue, wait for next 3.2 release)
- libav <undetermined>
- libav <removed>
[jessie] - libav <not-affected> (Vulnerable code not present)
NOTE: https://github.com/FFmpeg/FFmpeg/commit/2b46ebdbff1d8dec7a3d8ea280a612b91a58286
CVE-2018-1999010 (FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains ...)
{DSA-4249-1}
- ffmpeg 7:4.0.2-1
- libav <undetermined>
- libav <removed>
NOTE: https://github.com/FFmpeg/FFmpeg/commit/cced03dd667a5df6df8fd40d8de0bff477ee02e
CVE-2018-1999009 (October CMS version prior to Build 437 contains a Local File Inclusion ...)
NOT-FOR-US: October CMS
......@@ -42912,7 +42917,6 @@ CVE-2018-5767 (An issue was discovered on Tenda AC15 V15.03.1.16_multi devices.
NOT-FOR-US: Tenda AC15 V15.03.1.16_multi devices
CVE-2018-5766 (In Libav through 12.2, there is an invalid memcpy in the av_packet_ref ...)
- libav <removed>
[jessie] - libav <ignored> (Minor issue)
[wheezy] - libav <ignored> (Minor issue)
NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1112
CVE-2018-5765
......@@ -43241,7 +43245,7 @@ CVE-2018-5685 (In GraphicsMagick 1.3.27, there is an infinite loop and applicati
NOTE: expanded to 64-bit architectures with upstream commit be5e89e6032d
CVE-2018-5684 (In Libav through 12.2, there is an invalid memcpy call in the ...)
- libav <removed>
[jessie] - libav <ignored> (Minor issue)
[jessie] - libav <not-affected> (vulnerable code is not present)
NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1110
CVE-2018-5683 (The vga_draw_text function in Qemu allows local OS guest privileged ...)
{DSA-4213-1 DLA-1497-1}