Add CVE-2019-12799 to Shopware
From https://nvd.nist.gov/vuln/detail/CVE-2019-12799
Note: this vulnerability is for version 5.6.x, right now, there is only one such release 5.6.x-dev
https://packagist.org/packages/shopware/shopware#5.6.x-dev
Last version in Gemnasium is 5.4.2
To be checked:
-
identifier
should be the CVE id when it exists. -
package_slug
refers to a package listed on Gemnasium. -
title
is a short description. It does not contain the package name. -
description
must not contain an overview of the package, fixed versions, affected versions, solution or links. It leverages the Markdown syntax. -
date
is the date on which the advisory was made public. -
not_impacted
lists old versions that are not impacted, if any, the fixed versions. -
solution
tells how to remediate the vulnerability. -
urls
must contain URLs specific to the vulnerability, not URLs generic to the package itself. -
uuid
must benull
or omitted. It's set when publishing the advisory on Gemnasium.
Edited by 🤖 GitLab Bot 🤖