[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Tue, 07 Jan 2020 10:14:36 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
a21db497 by Salvatore Bonaccorso at 2020-01-07T19:13:47+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12397,7 +12397,7 @@ CVE-2019-18844 (The Device Model in ACRN before 
2019w25.5-140000p relies on asse
 CVE-2019-18843
        RESERVED
 CVE-2019-18842 (A cross-site scripting (XSS) vulnerability in the 
configuration web in ...)
-       TODO: check
+       NOT-FOR-US: Jinan USR IOT USR-WIFI232-S/T/G2/H Low Power WiFi Module
 CVE-2019-18841 (Chartkick.js 3.1.0 through 3.1.3, as used in the Chartkick gem 
before  ...)
        - chartkick.js <not-affected> (Vulnerability introduced with 3.1.0)
        NOTE: 
https://github.com/ankane/chartkick/commit/b810936bbf687bc74c5b6dba72d2397a399885fa
@@ -24241,9 +24241,9 @@ CVE-2019-15605
 CVE-2019-15604
        RESERVED
 CVE-2019-15603 (The seefl package v0.1.1 is vulnerable to a stored Cross-Site 
Scriptin ...)
-       TODO: check
+       NOT-FOR-US: seefl
 CVE-2019-15602 (The fileview package v0.1.6 has inadequate output encoding and 
escapin ...)
-       TODO: check
+       NOT-FOR-US: fileview
 CVE-2019-15601 (CURL before 7.68.0 lacks proper input validation, which allows 
users t ...)
        - curl <not-affected> (Windows only)
 CVE-2019-15600 (A Path traversal exists in http_server which allows an 
attacker to rea ...)
@@ -51059,13 +51059,13 @@ CVE-2019-6859
 CVE-2019-6858
        RESERVED
 CVE-2019-6857 (A CWE-754: Improper Check for Unusual or Exceptional Conditions 
vulner ...)
-       TODO: check
+       NOT-FOR-US: Modicon
 CVE-2019-6856 (A CWE-754: Improper Check for Unusual or Exceptional Conditions 
vulner ...)
-       TODO: check
+       NOT-FOR-US: Modicon
 CVE-2019-6855 (An Improper Authorization - CWE-285 vulnerability exists in 
EcoStruxur ...)
-       TODO: check
+       NOT-FOR-US: EcoStruxure Control Expert
 CVE-2019-6854 (A CWE-264 Permissions, Privileges, and Access Controls 
vulnerability e ...)
-       TODO: check
+       NOT-FOR-US: EcoStruxure Geo SCADA Expert
 CVE-2019-6853 (A CWE-79: Failure to Preserve Web Page Structure vulnerability 
exists  ...)
        NOT-FOR-US: Andover Continuum
 CVE-2019-6852 (A CWE-200: Information Exposure vulnerability exists in Modicon 
Contro ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a21db4971347d60a6538061b02e639e60b375b09

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/a21db4971347d60a6538061b02e639e60b375b09
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to