[Git][security-tracker-team/security-tracker][master] Process some NFUs

Sun, 09 Aug 2020 01:31:53 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1f5729ee by Salvatore Bonaccorso at 2020-08-09T10:30:39+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -192,7 +192,7 @@ CVE-2020-17353 (scm/define-stencil-commands.scm in LilyPond 
through 2.20.0, and
        - lilypond <unfixed>
        NOTE: 
http://git.savannah.gnu.org/gitweb/?p=lilypond.git;a=commit;h=b84ea4740f3279516905c5db05f4074e777c16ff
 CVE-2020-17352 (Two OS command injection vulnerabilities in the User Portal of 
Sophos  ...)
-       TODO: check
+       NOT-FOR-US: Sophos
 CVE-2020-17351
        RESERVED
 CVE-2020-17350
@@ -3333,35 +3333,35 @@ CVE-2020-15833
 CVE-2020-15832
        RESERVED
 CVE-2020-15831 (JetBrains TeamCity before 2019.2.3 is vulnerable to reflected 
XSS in t ...)
-       TODO: check
+       NOT-FOR-US: JetBrains TeamCity
 CVE-2020-15830 (JetBrains TeamCity before 2019.2.3 is vulnerable to stored XSS 
in the  ...)
-       TODO: check
+       NOT-FOR-US: JetBrains TeamCity
 CVE-2020-15829 (In JetBrains TeamCity before 2019.2.3, password parameters 
could be di ...)
-       TODO: check
+       NOT-FOR-US: JetBrains TeamCity
 CVE-2020-15828 (In JetBrains TeamCity before 2020.1.1, project parameter 
values can be ...)
-       TODO: check
+       NOT-FOR-US: JetBrains TeamCity
 CVE-2020-15827 (In JetBrains ToolBox version 1.17 before 1.17.6856, the set of 
signatu ...)
-       TODO: check
+       NOT-FOR-US: JetBrains ToolBox
 CVE-2020-15826 (In JetBrains TeamCity before 2020.1, users are able to assign 
more per ...)
-       TODO: check
+       NOT-FOR-US: JetBrains TeamCity
 CVE-2020-15825 (In JetBrains TeamCity before 2020.1, users with the Modify 
Group permi ...)
-       TODO: check
+       NOT-FOR-US: JetBrains TeamCity
 CVE-2020-15824 (In JetBrains Kotlin before 1.4.0, there is a script-cache 
privilege es ...)
-       TODO: check
+       NOT-FOR-US: JetBrains Kotlin
 CVE-2020-15823 (JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in 
the Wor ...)
-       TODO: check
+       NOT-FOR-US: JetBrains YouTrack
 CVE-2020-15822
        RESERVED
 CVE-2020-15821 (In JetBrains YouTrack before 2020.2.6881, a user without 
permission is ...)
-       TODO: check
+       NOT-FOR-US: JetBrains YouTrack
 CVE-2020-15820 (In JetBrains YouTrack before 2020.2.6881, the markdown parser 
could di ...)
-       TODO: check
+       NOT-FOR-US: JetBrains YouTrack
 CVE-2020-15819 (JetBrains YouTrack before 2020.2.10643 was vulnerable to SSRF 
that all ...)
-       TODO: check
+       NOT-FOR-US: JetBrains YouTrack
 CVE-2020-15818 (In JetBrains YouTrack before 2020.2.8527, the subtasks 
workflow could  ...)
-       TODO: check
+       NOT-FOR-US: JetBrains YouTrack
 CVE-2020-15817 (In JetBrains YouTrack before 2020.1.1331, an external user 
could execu ...)
-       TODO: check
+       NOT-FOR-US: JetBrains YouTrack
 CVE-2020-15862 [privilege escalation]
        RESERVED
        {DLA-2299-1}
@@ -38805,7 +38805,7 @@ CVE-2019-19706
 CVE-2019-19705
        RESERVED
 CVE-2019-19704 (In JetBrains Upsource before 2020.1, information disclosure is 
possibl ...)
-       TODO: check
+       NOT-FOR-US: JetBrains Upsource
 CVE-2019-19703 (In Ktor through 1.2.6, the client resends data from the HTTP 
Authoriza ...)
        NOT-FOR-US: Ktor
 CVE-2019-19702 (The modoboa-dmarc plugin 1.1.0 for Modoboa is vulnerable to an 
XML Ext ...)
@@ -82325,7 +82325,7 @@ CVE-2019-7007 (A directory traversal vulnerability has 
been found in the Avaya E
 CVE-2019-7006 (Avaya one-X Communicator uses weak cryptographic algorithms in 
the cli ...)
        NOT-FOR-US: Avaya
 CVE-2019-7005 (A vulnerability was discovered in the web interface component 
of IP Of ...)
-       TODO: check
+       NOT-FOR-US: IP Office
 CVE-2019-7004 (A Cross-Site Scripting (XSS) vulnerability in the WebUI 
component of I ...)
        NOT-FOR-US: Avaya
 CVE-2019-7003 (A SQL injection vulnerability in the reporting component of 
Avaya Cont ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1f5729ee5389eaa65e5bd62b70ae23393634cf2c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1f5729ee5389eaa65e5bd62b70ae23393634cf2c
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to