Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d412c358 by Moritz Muehlenhoff at 2020-09-22T11:14:46+02:00
new spring issue, NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -19665,7 +19665,7 @@ CVE-2020-16173
CVE-2020-16172
RESERVED
CVE-2020-16171 (An issue was discovered in Acronis Cyber Backup before 12.5
Build 1634 ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2020-16170 (Use of Hard-coded Credentials in temi Robox OS prior to 120,
temi Andr ...)
NOT-FOR-US: Temi application fo Android
CVE-2020-16169 (Authentication Bypass Using an Alternate Path or Channel in
temi Robox ...)
@@ -41326,7 +41326,7 @@ CVE-2020-8239
CVE-2020-8238
RESERVED
CVE-2020-8237 (Prototype pollution in json-bigint npm package < 1.0.0 may
lead to ...)
- TODO: check
+ NOT-FOR-US: Node json-bigint
CVE-2020-8236
RESERVED
CVE-2020-8235
@@ -41886,7 +41886,7 @@ CVE-2020-8030
CVE-2020-8029
RESERVED
CVE-2020-8028 (A Improper Access Control vulnerability in the configuration of
salt o ...)
- TODO: check
+ NOT-FOR-US: Salt configuration in SUSE Server Manager
CVE-2020-8027
RESERVED
CVE-2020-8026 (A Incorrect Default Permissions vulnerability in the packaging
of inn ...)
@@ -48341,7 +48341,8 @@ CVE-2020-5423
CVE-2020-5422
RESERVED
CVE-2020-5421 (In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17,
5.0.0 - 5. ...)
- TODO: check
+ - libspring-java <unfixed>
+ NOTE: https://tanzu.vmware.com/security/cve-2020-5421
CVE-2020-5420 (Cloud Foundry Routing (Gorouter) versions prior to 0.206.0
allow a mal ...)
NOT-FOR-US: Cloud Foundry
CVE-2020-5419 (RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a
Windows-specific ...)
@@ -64949,7 +64950,7 @@ CVE-2020-0409
CVE-2020-0408
RESERVED
CVE-2020-0407 (In various functions in fscrypt_ice.c and related files in some
implem ...)
- TODO: check
+ NOT-FOR-US: Android kernel
CVE-2020-0406 (In libmpeg2dec, there is a possible out of bounds write due to
a missi ...)
NOT-FOR-US: Android Media Framework
CVE-2020-0405 (In NetworkStackNotifier, there is a possible permissions bypass
due to ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d412c358fe696ae8adb8ef65cd2bbcf69f319464
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d412c358fe696ae8adb8ef65cd2bbcf69f319464
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
