[Git][security-tracker-team/security-tracker][master] Process more NFUs

Wed, 12 Aug 2020 13:30:29 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
44c81bc9 by Salvatore Bonaccorso at 2020-08-12T22:29:50+02:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -61,9 +61,9 @@ CVE-2020-17508
 CVE-2020-17507 (An issue was discovered in Qt through 5.12.9, and 5.13.x 
through 5.15. ...)
        TODO: check
 CVE-2020-17506 (Artica Web Proxy 4.30.00000000 allows remote attacker to 
bypass privil ...)
-       TODO: check
+       NOT-FOR-US: Artica Web Proxy
 CVE-2020-17505 (Artica Web Proxy 4.30.000000 allows an authenticated remote 
attacker t ...)
-       TODO: check
+       NOT-FOR-US: Artica Web Proxy
 CVE-2020-17504
        RESERVED
 CVE-2020-17503
@@ -81,7 +81,7 @@ CVE-2020-17498
 CVE-2020-17497 (eapol.c in iNet wireless daemon (IWD) through 1.8 allows 
attackers to  ...)
        TODO: check
 CVE-2020-17496 (vBulletin 5.5.4 through 5.6.2 allows remote command execution 
via craf ...)
-       TODO: check
+       NOT-FOR-US: vBulletin
 CVE-2020-17495 (django-celery-results through 1.2.1 stores task results in the 
databas ...)
        - python-django-celery-results <unfixed> (bug #968305)
        NOTE: https://github.com/celery/django-celery-results/issues/142
@@ -335,9 +335,9 @@ CVE-2020-17375
 CVE-2020-17374
        RESERVED
 CVE-2020-17373 (SugarCRM before 10.1.0 (Q3 2020) allows SQL Injection. ...)
-       TODO: check
+       NOT-FOR-US: SugarCRM
 CVE-2020-17372 (SugarCRM before 10.1.0 (Q3 2020) allows XSS. ...)
-       TODO: check
+       NOT-FOR-US: SugarCRM
 CVE-2020-17371
        RESERVED
 CVE-2020-17370
@@ -363,9 +363,9 @@ CVE-2020-17363
 CVE-2020-17362
        RESERVED
 CVE-2020-17361 (** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in 
ReadyTalk A ...)
-       TODO: check
+       NOT-FOR-US: ReadyTalk Avian
 CVE-2020-17360 (** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in 
ReadyTalk A ...)
-       TODO: check
+       NOT-FOR-US: ReadyTalk Avian
 CVE-2020-17359
        RESERVED
 CVE-2020-17358
@@ -10054,7 +10054,7 @@ CVE-2020-13280
 CVE-2020-13279 (Client side code execution in gitlab-vscode-extension v2.2.0 
allows at ...)
        NOT-FOR-US: gitlab-vscode-extension
 CVE-2020-13278 (Reflected Cross-Site Scripting vulnerability in Modules.php in 
Rosario ...)
-       TODO: check
+       NOT-FOR-US: RosarioSIS Student Information System
 CVE-2020-13277 (An authorization issue in the mirroring logic allowed read 
access to p ...)
        - gitlab 13.2.3-2
        NOTE: 
https://about.gitlab.com/releases/2020/06/10/critical-security-release-13-0-6-released/
@@ -22484,7 +22484,7 @@ CVE-2020-8915
 CVE-2020-8914
        RESERVED
 CVE-2020-8913 (A local, arbitrary code execution vulnerability exists in the 
SplitCom ...)
-       TODO: check
+       NOT-FOR-US: Android's Play Core Library
 CVE-2020-8912 (A vulnerability in the in-band key negotiation exists in the 
AWS S3 Cr ...)
        TODO: check
 CVE-2020-8911 (A padding oracle vulnerability exists in the AWS S3 Crypto SDK 
for GoL ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44c81bc9330defc9be08a1425bbabe1d132e10c1

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44c81bc9330defc9be08a1425bbabe1d132e10c1
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to