[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Tue, 25 Feb 2020 12:45:46 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
28a642f9 by Salvatore Bonaccorso at 2020-02-25T21:44:12+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -36,7 +36,7 @@ CVE-2020-9381 (controllers/admin.js in Total.js CMS 13 allows 
remote attackers t
 CVE-2020-9380
        RESERVED
 CVE-2020-9379 (The Software Development Kit of the MiContact Center Business 
with Sit ...)
-       TODO: check
+       NOT-FOR-US: Mitel
 CVE-2020-9378
        RESERVED
 CVE-2020-9377
@@ -153,7 +153,7 @@ CVE-2020-6802 [mutation XSS vulnerability]
        NOTE: 
https://github.com/mozilla/bleach/security/advisories/GHSA-q65m-pv3f-wr5r
        NOTE: 
https://github.com/mozilla/bleach/commit/f77e0f6392177a06e46a49abd61a4d9f035e57fd
 CVE-2020-9335 (Multiple stored XSS vulnerabilities exist in the 10Web Photo 
Gallery p ...)
-       TODO: check
+       NOT-FOR-US: 10Web Photo Gallery plugin for WordPress
 CVE-2020-9334 (A stored XSS vulnerability exists in the Envira Photo Gallery 
plugin t ...)
        NOT-FOR-US: Envira Photo Gallery plugin for WordPress
 CVE-2020-9333
@@ -842,9 +842,9 @@ CVE-2020-9020 (Iteris Vantage Velocity Field Unit 2.3.1, 
2.4.2, and 3.0 devices
 CVE-2020-9019 (The WPJobBoard plugin 5.5.3 for WordPress allows Persistent XSS 
via th ...)
        NOT-FOR-US: WPJobBoard plugin for WordPress
 CVE-2020-9018 (LiteCart through 2.2.1 allows 
admin/?app=users&amp;doc=edit_user CSRF  ...)
-       TODO: check
+       NOT-FOR-US: LiteCart
 CVE-2020-9017 (LiteCart through 2.2.1 allows CSV injection via a customer's 
profile. ...)
-       TODO: check
+       NOT-FOR-US: LiteCart
 CVE-2020-9016 (Dolibarr 11.0 allows XSS via the joinfiles, topic, or code 
parameter,  ...)
        - dolibarr <removed>
 CVE-2020-9015 (Arista DCS-7050QX-32S-R 4.20.9M, DCS-7050CX3-32S-R 4.20.11M, 
and DCS-7 ...)
@@ -862,7 +862,7 @@ CVE-2020-9010
 CVE-2020-9009
        RESERVED
 CVE-2020-9008 (Stored Cross-site scripting (XSS) vulnerability in Blackboard 
Learn/Pe ...)
-       TODO: check
+       NOT-FOR-US: Blackboard Learn/PeopleTool
 CVE-2019-20473
        RESERVED
 CVE-2019-20472
@@ -42475,7 +42475,7 @@ CVE-2012-6711 (A heap-based buffer overflow exists in 
GNU Bash before 4.3 when w
 CVE-2019-12864
        RESERVED
 CVE-2019-12863 (SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) 
allows  ...)
-       TODO: check
+       NOT-FOR-US: SolarWinds
 CVE-2019-12862
        RESERVED
 CVE-2019-12861



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/28a642f91881e5a1b785d45ed4678f468f93816b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/28a642f91881e5a1b785d45ed4678f468f93816b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to