data/CVE/list

@@ -67,7 +67,7 @@ CVE-2017-18357 (Shopware before 5.3.4 has a PHP Object Instantiation issue via t
 CVE-2017-18356 (In the Automattic WooCommerce plugin before 3.2.4 for WordPress, an ...)
 	NOT-FOR-US: Automattic WooCommerce plugin for WordPress
 CVE-2019-6293 (An issue was discovered in the function mark_beginning_as_normal in ...)
-	- flex <unfixed> (low)
+	- flex <unfixed> (low; bug #919428)
 	[stretch] - flex <no-dsa> (Minor issue)
 	NOTE: https://github.com/westes/flex/issues/414
 CVE-2019-6292 (An issue was discovered in singledocparser.cpp in yaml-cpp (aka ...)