Skip to content
Commits on Source (2)
  • Salvatore Bonaccorso's avatar
    Add note for CVE-2019-5428/jquery · a5d5d0e4
    Salvatore Bonaccorso authored 
    Already in contact with MITRE CNA to resolve the issue. This seems to be
a duplicate of CVE-2019-11358 but maybe there is a scrict CNA rules
reasoning for the two CVEs.

As such we might then just track the fixed versions for src:jquery
accordingly.
    a5d5d0e4
  • Salvatore Bonaccorso's avatar
    Wrap note · e25e1b30
    Salvatore Bonaccorso authored
    e25e1b30
Show whitespace changes
Inline Side-by-side
data/CVE/list
View file @ e25e1b30
......@@ -5178,7 +5178,8 @@ CVE-2019-9619 [not enabled pam_systemd for non-interactive sessions]
[jessie] - systemd <ignored> (Too intrusive change for a stable release)
NOTE: https://bugs.launchpad.net/bugs/1812316
NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1756
NOTE: for a stable release, activating pam_systemd for non-interactive sessions will likely have all sorts of unexpected/unwanted side-effects, so CAVE
NOTE: For a stable release, activating pam_systemd for non-interactive sessions will
NOTE: likely have all sorts of unexpected/unwanted side-effects.
CVE-2019-9618
RESERVED
CVE-2019-9617 (An issue was discovered in OFCMS before 1.1.3. Remote attackers can ex ...)
......@@ -15459,7 +15460,8 @@ CVE-2019-5430
CVE-2019-5429
RESERVED
CVE-2019-5428 (A prototype pollution vulnerability exists in jQuery versions &lt; 3.4 ...)
TODO: check
NOTE: Duplicate of CVE-2019-11358
TODO: check (MITRE already contacted)
CVE-2019-5427 (c3p0 version &lt; 0.9.5.4 may be exploited by a billion laughs attack ...)
TODO: check
CVE-2019-5426 (In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an unauthenticated ...)