Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
45d58da2 by Moritz Muehlenhoff at 2020-03-23T22:03:41+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4694,17 +4694,17 @@ CVE-2020-8878 (This vulnerability allows remote
attackers to execute arbitrary c
CVE-2020-8877 (This vulnerability allows remote attackers to disclose
sensitive infor ...)
NOT-FOR-US: Foxit Studio Photo
CVE-2020-8876 (This vulnerability allows local attackers to disclose
information on a ...)
- TODO: check
+ NOT-FOR-US: Parallels
CVE-2020-8875 (This vulnerability allows local attackers to escalate
privileges on af ...)
- TODO: check
+ NOT-FOR-US: Parallels
CVE-2020-8874 (This vulnerability allows local attackers to escalate
privileges on af ...)
- TODO: check
+ NOT-FOR-US: Parallels
CVE-2020-8873 (This vulnerability allows local attackers to escalate
privileges on af ...)
- TODO: check
+ NOT-FOR-US: Parallels
CVE-2020-8872 (This vulnerability allows local attackers to disclose sensitive
inform ...)
- TODO: check
+ NOT-FOR-US: Parallels
CVE-2020-8871 (This vulnerability allows local attackers to escalate
privileges on af ...)
- TODO: check
+ NOT-FOR-US: Parallels
CVE-2020-8870
RESERVED
CVE-2020-8869
@@ -6326,11 +6326,11 @@ CVE-2020-8139 (A missing access control check in
Nextcloud Server < 18.0.1, &
CVE-2020-8138 (A missing check for IPv4 nested inside IPv6 in Nextcloud server
< 1 ...)
- nextcloud-server <itp> (bug #941708)
CVE-2020-8137 (Code injection vulnerability in blamer 1.0.0 and earlier may
result in ...)
- TODO: check
+ NOT-FOR-US: Node blamer
CVE-2020-8136 (Prototype pollution vulnerability in fastify-multipart <
1.0.5 allo ...)
- TODO: check
+ NOT-FOR-US: Node fastify-multipart
CVE-2020-8135 (The uppy npm package < 1.9.3 is vulnerable to a Server-Side
Request ...)
- TODO: check
+ NOT-FOR-US: Node uppy
CVE-2020-8134 (Server-side request forgery (SSRF) vulnerability in Ghost CMS
< 3.1 ...)
NOT-FOR-US: Ghost CMS
CVE-2020-8133
@@ -6846,7 +6846,7 @@ CVE-2020-7937 (An XSS issue in the title field in Plone
5.0 through 5.2.1 allows
CVE-2020-7936 (An open redirect on the login form (and possibly other places)
in Plon ...)
NOT-FOR-US: Plone
CVE-2020-7935 (Artica Pandora FMS through 7.42 is vulnerable to remote PHP
code execu ...)
- TODO: check
+ NOT-FOR-US: Artica Pandora FMS
CVE-2020-7934 (In LifeRay Portal CE 7.1.0 through 7.2.1, the First Name,
Middle Name, ...)
NOT-FOR-US: LifeRay Portal
CVE-2020-7933
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45d58da2cda506d3547ba175d08d1e71db136d0e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45d58da2cda506d3547ba175d08d1e71db136d0e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
