Salvatore Bonaccorso · Salvatore Bonaccorso · cf72946d
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -207,9 +207,11 @@ CVE-2018-18409 (A stack-based buffer over-read exists in setbit() at iptree.h of
 	- tcpflow <unfixed> (bug #911263)
 	NOTE: https://github.com/simsong/tcpflow/issues/195
 CVE-2018-18408 (A use-after-free was discovered in the tcpbridge binary of Tcpreplay ...)
-	TODO: check
+	- tcpreplay <unfixed>
+	NOTE: https://github.com/appneta/tcpreplay/issues/489
 CVE-2018-18407 (A heap-based buffer over-read was discovered in the tcpreplay-edit ...)
-	TODO: check
+	- tcpreplay <unfixed>
+	NOTE: https://github.com/appneta/tcpreplay/issues/488
 CVE-2018-18406
 	RESERVED
 CVE-2018-18405