Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
32334cfa by Moritz Muehlenhoff at 2020-06-29T09:59:50+02:00
new google-compute-image-packages issues
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
CVE-2020-15365 (LibRaw before 0.20-Beta3 has an out-of-bounds write in
parse_exif() in ...)
TODO: check
CVE-2020-15364 (The Nexos theme through 1.7 for WordPress allows
top-map/?search_locat ...)
- TODO: check
+ NOT-FOR-US: Wordpress theme
CVE-2020-15363 (The Nexos theme through 1.7 for WordPress allows
side-map/?search_orde ...)
- TODO: check
+ NOT-FOR-US: Wordpress theme
CVE-2020-15362
RESERVED
CVE-2020-15361
@@ -113,13 +113,13 @@ CVE-2020-15313
CVE-2020-15312
RESERVED
CVE-2020-15311 (Stash 1.0.3 allows SQL Injection via the downloadmp3.php
download para ...)
- TODO: check
+ NOT-FOR-US: Stash
CVE-2020-15310
RESERVED
CVE-2020-15309
RESERVED
CVE-2020-15308 (Support Incident Tracker (aka SiT! or SiTracker) 3.67 p2
allows post-a ...)
- TODO: check
+ NOT-FOR-US: Support Incident Tracker
CVE-2020-15307
RESERVED
CVE-2020-15306 (An issue was discovered in OpenEXR before v2.5.2. Invalid
chunkCount a ...)
@@ -720,9 +720,9 @@ CVE-2020-15019
CVE-2020-15018 (playSMS through 1.4.3 is vulnerable to session fixation. ...)
NOT-FOR-US: playSMS
CVE-2020-15017 (NeDi 1.9C is vulnerable to reflected cross-site scripting. The
Devices ...)
- TODO: check
+ NOT-FOR-US: NeDi
CVE-2020-15016 (NeDi 1.9C is vulnerable to reflected cross-site scripting. The
Other-C ...)
- TODO: check
+ NOT-FOR-US: NeDi
CVE-2020-15015 (The FileExplorer component in GleamTech FileUltimate 6.1.5.0
allows XS ...)
NOT-FOR-US: FileExplorer component in GleamTech FileUltimate
CVE-2020-15014 (pramodmahato BlogCMS through 2019-12-31 has
admin/changepass.php CSRF. ...)
@@ -16831,7 +16831,7 @@ CVE-2020-9049
CVE-2020-9048
RESERVED
CVE-2020-9047 (A vulnerability exists that could allow the execution of
unauthorized ...)
- TODO: check
+ NOT-FOR-US: exacqVision Web Service
CVE-2020-9046 (A vulnerability in all versions of Kantech EntraPass Editions
could po ...)
NOT-FOR-US: Kantech
CVE-2020-9045 (During installation or upgrade to Software House C•CURE
9000 v2. ...)
@@ -17128,7 +17128,9 @@ CVE-2020-8935
CVE-2020-8934
RESERVED
CVE-2020-8933 (A vulnerability in Google Cloud Platform's guest-oslogin
versions betw ...)
- TODO: check
+ - google-compute-image-packages <unfixed>
+ NOTE: https://cloud.google.com/compute/docs/security-bulletins#2020619
+ NOTE: https://github.com/GoogleCloudPlatform/guest-oslogin/pull/29
CVE-2020-8932
RESERVED
CVE-2020-8931
@@ -17182,7 +17184,9 @@ CVE-2020-8909
CVE-2020-8908
RESERVED
CVE-2020-8907 (A vulnerability in Google Cloud Platform's guest-oslogin
versions betw ...)
- TODO: check
+ - google-compute-image-packages <unfixed>
+ NOTE: https://cloud.google.com/compute/docs/security-bulletins#2020619
+ NOTE: https://github.com/GoogleCloudPlatform/guest-oslogin/pull/29
CVE-2020-8906
RESERVED
CVE-2020-8905
@@ -17190,7 +17194,9 @@ CVE-2020-8905
CVE-2020-8904
RESERVED
CVE-2020-8903 (A vulnerability in Google Cloud Platform's guest-oslogin
versions betw ...)
- TODO: check
+ - google-compute-image-packages <unfixed>
+ NOTE: https://cloud.google.com/compute/docs/security-bulletins#2020619
+ NOTE: https://github.com/GoogleCloudPlatform/guest-oslogin/pull/29
CVE-2020-8902
RESERVED
CVE-2020-8901
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32334cfa0cd254023b8374cec1f928fc38264b85
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32334cfa0cd254023b8374cec1f928fc38264b85
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
