[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff Fri, 10 Jul 2020 14:23:32 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
23d7a9ae by Moritz Muehlenhoff at 2020-07-10T23:22:32+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -409,7 +409,7 @@ CVE-2020-15506 (An Authentication Bypass vulnerability in 
MobileIron Core and Co
 CVE-2020-15505 (A remote code execution vulnerability in MobileIron Core and 
Connector ...)
        NOT-FOR-US: MobileIron Core and Connector
 CVE-2020-15504 (A SQL injection vulnerability in the user and admin web 
interfaces of  ...)
-       TODO: check
+       NOT-FOR-US: Sophos
 CVE-2020-15503 (LibRaw before 0.20-RC1 lacks a thumbnail size range check. 
This affect ...)
        - libraw <unfixed> (bug #964747)
        [buster] - libraw <no-dsa> (Minor issue)
@@ -3608,9 +3608,9 @@ CVE-2020-14173 (The file upload feature in Atlassian Jira 
Server and Data Center
 CVE-2020-14172 (Affected versions of Atlassian Jira Server and Data Center 
allow remot ...)
        NOT-FOR-US: Atlassian
 CVE-2020-14171 (Atlassian Bitbucket Server from version 4.9.0 before version 
7.2.4 all ...)
-       TODO: check
+       NOT-FOR-US: Atlassian
 CVE-2020-14170 (Webhooks in Atlassian Bitbucket Server from version 5.4.0 
before versi ...)
-       TODO: check
+       NOT-FOR-US: Atlassian
 CVE-2020-14169 (The quick search component in Atlassian Jira Server and Data 
Center be ...)
        NOT-FOR-US: Atlassian
 CVE-2020-14168 (The email client in Jira Server and Data Center before version 
7.13.16 ...)
@@ -4105,11 +4105,11 @@ CVE-2020-13996 (The J2Store plugin before 3.3.13 for 
Joomla! allows a SQL inject
 CVE-2020-13995
        RESERVED
 CVE-2020-13994 (An issue was discovered in Mods for HESK 3.1.0 through 
2019.1.0. A pri ...)
-       TODO: check
+       NOT-FOR-US: Mods for HESK
 CVE-2020-13993 (An issue was discovered in Mods for HESK 3.1.0 through 
2019.1.0. A bli ...)
-       TODO: check
+       NOT-FOR-US: Mods for HESK
 CVE-2020-13992 (An issue was discovered in Mods for HESK 3.1.0 through 
2019.1.0. A Sto ...)
-       TODO: check
+       NOT-FOR-US: Mods for HESK
 CVE-2020-13991
        RESERVED
 CVE-2020-13990
@@ -16990,9 +16990,9 @@ CVE-2020-9379 (The Software Development Kit of the 
MiContact Center Business wit
 CVE-2020-9378
        RESERVED
 CVE-2020-9377 (** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-610 devices allow 
Remote Co ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2020-9376 (** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-610 devices allow 
Informati ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2020-9375 (TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 
allows re ...)
        NOT-FOR-US: TP-Link
 CVE-2019-20482
@@ -17330,11 +17330,11 @@ CVE-2020-9262 (HUAWEI Mate 30 with versions earlier 
than 10.1.0.150(C00E136R5P3)
 CVE-2020-9261 (HUAWEI Mate 30 with versions earlier than 
10.1.0.150(C00E136R5P3) have ...)
        NOT-FOR-US: HUAWEI
 CVE-2020-9260 (HUAWEI P30 and HUAWEI P30 Pro smartphones with versions earlier 
than 1 ...)
-       TODO: check
+       NOT-FOR-US: HUAWEI
 CVE-2020-9259
        RESERVED
 CVE-2020-9258 (HUAWEI P30 smartphone with versions earlier than 
10.1.0.135(C00E135R2P ...)
-       TODO: check
+       NOT-FOR-US: HUAWEI
 CVE-2020-9257
        RESERVED
 CVE-2020-9256
@@ -19757,31 +19757,31 @@ CVE-2020-8201
 CVE-2020-8200
        RESERVED
 CVE-2020-8199 (Improper access control in Citrix ADC Gateway Linux client 
versions be ...)
-       TODO: check
+       NOT-FOR-US: Citrix
 CVE-2020-8198 (Improper input validation in Citrix ADC and Citrix Gateway 
versions be ...)
-       TODO: check
+       NOT-FOR-US: Citrix
 CVE-2020-8197 (Privilege escalation vulnerability on Citrix ADC and Citrix 
Gateway ve ...)
-       TODO: check
+       NOT-FOR-US: Citrix
 CVE-2020-8196 (Improper access control in Citrix ADC and Citrix Gateway 
versions befo ...)
-       TODO: check
+       NOT-FOR-US: Citrix
 CVE-2020-8195 (Improper input validation in Citrix ADC and Citrix Gateway 
versions be ...)
-       TODO: check
+       NOT-FOR-US: Citrix
 CVE-2020-8194 (Reflected code injection in Citrix ADC and Citrix Gateway 
versions bef ...)
-       TODO: check
+       NOT-FOR-US: Citrix
 CVE-2020-8193 (Improper access control in Citrix ADC and Citrix Gateway 
versions befo ...)
-       TODO: check
+       NOT-FOR-US: Citrix
 CVE-2020-8192
        RESERVED
 CVE-2020-8191 (Improper input validation in Citrix ADC and Citrix Gateway 
versions be ...)
-       TODO: check
+       NOT-FOR-US: Citrix
 CVE-2020-8190 (Incorrect file permissions in Citrix ADC and Citrix Gateway 
before ver ...)
-       TODO: check
+       NOT-FOR-US: Citrix
 CVE-2020-8189
        RESERVED
 CVE-2020-8188 (We have recently released new version of UniFi Protect firmware 
v1.13. ...)
        NOT-FOR-US: UniFi Protect
 CVE-2020-8187 (Improper input validation in Citrix ADC and Citrix Gateway 
versions be ...)
-       TODO: check
+       NOT-FOR-US: Citrix
 CVE-2020-8186 (A command injection vulnerability in the `devcert` module may 
lead to  ...)
        TODO: check
 CVE-2020-8185 (A denial of service vulnerability exists in Rails &lt;6.0.3.2 
that all ...)
@@ -19797,7 +19797,7 @@ CVE-2020-8183
 CVE-2020-8182
        RESERVED
 CVE-2020-8181 (A missing file type check in Nextcloud Contacts 3.2.0 allowed a 
malici ...)
-       TODO: check
+       NOT-FOR-US: Nextcloud Contacts
 CVE-2020-8180 (A too lax check in Nextcloud Talk 6.0.4, 7.0.2 and 8.0.7 
allowed a cod ...)
        NOT-FOR-US: Nextcloud Talk
 CVE-2020-8179 (Improper access control in Nextcloud Deck 1.0.0 allowed an 
attacker to ...)
@@ -20829,9 +20829,9 @@ CVE-2020-7817
 CVE-2020-7816 (A vulnerability in the JPEG image parsing module in DaView 
Indy, DaVa+ ...)
        NOT-FOR-US: DaView
 CVE-2020-7815 (XPLATFORM v9.2.260 and eariler versions contain a vulnerability 
that c ...)
-       TODO: check
+       NOT-FOR-US: XPLATFORM
 CVE-2020-7814 (RAONWIZ v2018.0.2.50 and eariler versions contains a 
vulnerability tha ...)
-       TODO: check
+       NOT-FOR-US: RAONWIZ
 CVE-2020-7813 (Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 
and prio ...)
        NOT-FOR-US: Kaoni
 CVE-2020-7812 (Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 
and prio ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23d7a9ae88294ffe99a7b65f93ff17a13926db62

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23d7a9ae88294ffe99a7b65f93ff17a13926db62
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to