18 Commits

Author	SHA1	Message	Date
Ryan Mulligan	64a512048a	[CVE] add isuse relating to doas	2019-12-21 06:48:31 -08:00
Ryan Mulligan	9a395bdd48	[CVE] fix kanboard issue	2019-12-07 20:56:08 -08:00
Ryan Mulligan	42d01c92bb	[CVE] resolve socat issue	2019-12-07 20:43:23 -08:00
Ryan Mulligan	fc9c340cb8	[CVE] add socat issue	2019-11-28 13:51:10 -08:00
Ryan Mulligan	27c59e4f46	[CVE] add issue for kanboard	2019-11-28 06:17:50 -08:00
Ryan Mulligan	fc4d20b8ca	[CVE] fix CVENOTES merge resolution mistakes	2019-11-24 21:36:49 -08:00
Ryan Mulligan	65fcc8dc21	Merge branch 'cve'	2019-11-24 21:35:18 -08:00
Ryan Mulligan	4435e4912f	[CVE] fix go issues, improve uzbl handling ... Before it was going to always ignore certain uzbl CVEs, but now it only ignores them if the version doesn't look like a date (start with four numbers).	2019-11-24 16:16:29 -08:00
Ryan Mulligan	828662099b	[CVE] fix thrift issues	2019-11-24 15:19:43 -08:00
Ryan Mulligan	cab001cbfc	[CVE] Fix arena issues	2019-11-24 15:11:51 -08:00
Ryan Mulligan	5fdc8af00d	[CVE] Only consider bounded matchers, fix tor issues ... Sometimes the NVD contains unbounded matchers that match everything for example https://nvd.nist.gov/vuln/detail/CVE-2009-0414 has a matcher of cpe:2.3🅰️tor:tor:*:*:*:*:*:*:*:* without any bounds. Lars and I decided to ignore these CPE matches because it seems nonsensical or at least not useful for there to be a CVE that cannot be fixed.	2019-11-24 15:02:42 -08:00
Ryan Mulligan	29847728fb	[CVE] fix uzbl issues	2019-11-24 14:39:52 -08:00
Ryan Mulligan	6d2c8f09c0	[CVE] add filtering, fix terraform CVE issue	2019-11-24 14:28:04 -08:00
Jan Tojnar	8ce6cf3bf0	[CVE] Fix links	2019-11-05 15:53:23 +01:00
Ryan Mulligan	ad0b954b32	[CVE] add note about golang	2019-11-01 20:53:39 -07:00
Ryan Mulligan	ad2fd44fc3	CVE: add note about Thrift	2019-10-31 06:26:40 -07:00
Ryan Mulligan	bb67484804	update CVE notes	2019-10-12 07:34:52 -07:00
Ryan Mulligan	303aed0afc	add notes researching CVE failed matches	2019-10-06 16:16:31 -07:00