[Git][security-tracker-team/security-tracker][master] Process more NFUs

Thu, 01 Oct 2020 13:57:28 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
12f9b490 by Salvatore Bonaccorso at 2020-10-01T22:55:50+02:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1088,7 +1088,7 @@ CVE-2020-25992
 CVE-2020-25991
        RESERVED
 CVE-2020-25990 (WebsiteBaker 2.12.2 allows SQL Injection via parameter 
'display_name'  ...)
-       TODO: check
+       NOT-FOR-US: WebsiteBaker
 CVE-2020-25989
        RESERVED
 CVE-2020-25988
@@ -2877,7 +2877,7 @@ CVE-2020-25202
 CVE-2020-25201
        RESERVED
 CVE-2020-25200 (Pritunl 1.29.2145.25 allows attackers to enumerate valid VPN 
usernames ...)
-       TODO: check
+       NOT-FOR-US: Pritunl
 CVE-2019-20916 (The pip package before 19.2 for Python allows Directory 
Traversal when ...)
        {DLA-2370-1}
        - python-pip 20.0.2-1
@@ -3616,9 +3616,9 @@ CVE-2020-25016 (A safety violation was discovered in the 
rgb crate before 0.8.20
        NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0029.html
        NOTE: https://github.com/kornelski/rust-rgb/issues/35
 CVE-2020-24861 (GetSimple CMS 3.3.16 allows in parameter 'permalink' on the 
Settings p ...)
-       TODO: check
+       NOT-FOR-US: GetSimple CMS
 CVE-2020-24860 (CMS Made Simple 2.2.14 allows an authenticated user with 
access to the ...)
-       TODO: check
+       NOT-FOR-US: CMS Made Simple
 CVE-2020-24859
        RESERVED
 CVE-2020-24858
@@ -4126,7 +4126,7 @@ CVE-2020-24622 (In Sonatype Nexus Repository 3.26.1, an 
S3 secret key can be exp
 CVE-2020-24621 (A remote code execution (RCE) vulnerability was discovered in 
the html ...)
        NOT-FOR-US: OpenMRS
 CVE-2020-24620 (Unisys Stealth(core) before 4.0.132 stores Passwords in a 
Recoverable  ...)
-       TODO: check
+       NOT-FOR-US: Unisys
 CVE-2020-24619 (In mainwindow.cpp in Shotcut before 20.09.13, the upgrade 
check misuse ...)
        NOT-FOR-US: Shotcut
 CVE-2020-24618 (In JetBrains YouTrack versions before 2020.3.4313, 
2020.2.11008, 2020. ...)
@@ -22938,7 +22938,7 @@ CVE-2020-15535 (An issue was discovered in the 
bestsoftinc Car Rental System plu
 CVE-2020-15534
        RESERVED
 CVE-2020-15533 (In Zoho ManageEngine Application Manager 14.7 Build 14730 
(before 1468 ...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine Application Manager
 CVE-2019-20895
        RESERVED
 CVE-2020-15532 (Silicon Labs Bluetooth Low Energy SDK before 2.13.3 has a 
buffer overf ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12f9b49041f72e3a2e7a12552e6d35caa0d8675d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12f9b49041f72e3a2e7a12552e6d35caa0d8675d
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to