Salvatore Bonaccorso · Salvatore Bonaccorso · 33362c3b
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -41,7 +41,7 @@ CVE-2018-18203
 CVE-2018-18202 (The QLogic 4Gb Fibre Channel 5.5.2.6.0 and 4/8Gb SAN 7.10.1.20.0 ...)
 	NOT-FOR-US: IBM
 CVE-2018-18201 (qibosoft V7.0 allows CSRF via ...)
-	TODO: check
+	NOT-FOR-US: qibosoft
 CVE-2018-18200 (There is a SQL injection in Benutzerverwaltung in REDAXO before 5.6.4. ...)
 	NOT-FOR-US: REDAXO
 CVE-2018-18199 (Mediamanager in REDAXO before 5.6.4 has XSS. ...)
@@ -267,7 +267,8 @@ CVE-2018-18090
 CVE-2018-18089
 	RESERVED
 CVE-2018-18088 (OpenJPEG 2.3.0 has a NULL pointer dereference for &quot;red&quot; in the ...)
-	TODO: check
+	- openjpeg2 <unfixed>
+	NOTE: https://github.com/uclouvain/openjpeg/issues/1152
 CVE-2018-18087 (The Bixie Portfolio plugin 1.2.0 for Pagekit has XSS: a logged-in user ...)
 	TODO: check
 CVE-2018-18086 (EmpireCMS v7.5 has an arbitrary file upload vulnerability in the ...)