Skip to content
Commits on Source (2)
Show whitespace changes
Inline Side-by-side
data/CVE/list
View file @ 464fa7c2
......@@ -822,13 +822,16 @@ CVE-2017-1000495 (QuickApps CMS version 2.0.0 is vulnerable to Stored Cross-site
CVE-2017-1000494 (Uninitialized stack variable vulnerability in NameValueParserEndElt ...)
TODO: check
CVE-2017-1000490 (Mautic versions 1.0.0 - 2.11.0 are vulnerable to allowing any ...)
TODO: check
NOT-FOR-US: Mautic
CVE-2017-1000489 (Mautic versions 2.0.0 - 2.11.0 with a SSO plugin installed could allow ...)
TODO: check
NOT-FOR-US: Mautic
CVE-2017-1000488 (Mautic version 2.1.0 - 2.11.0 is vulnerable to an inline JS XSS attack ...)
TODO: check
NOT-FOR-US: Mautic
CVE-2017-1000487 (Plexus-utils before 3.0.16 is vulnerable to command injection because ...)
TODO: check
- plexus-utils <unfixed>
- plexus-utils2 3.0.22-1
NOTE: https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522
NOTE: https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41
CVE-2017-1000486 (Primetek Primefaces 5.x is vulnerable to a weak encryption flaw ...)
TODO: check
CVE-2017-1000485 (Nylas Mail Lives 2.2.2 uses 0755 permissions for $HOME/.nylas-mail, ...)