[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso Thu, 22 Oct 2020 13:18:04 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
cc4f93e5 by Salvatore Bonaccorso at 2020-10-22T22:17:24+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -405,11 +405,11 @@ CVE-2020-27668
 CVE-2020-27667
        RESERVED
 CVE-2020-27666 (Strapi before 3.2.5 has stored XSS in the wysiwyg editor's 
preview fea ...)
-       TODO: check
+       NOT-FOR-US: Strapi
 CVE-2020-27665 (In Strapi before 3.2.5, there is no admin::hasPermissions 
restriction  ...)
-       TODO: check
+       NOT-FOR-US: Strapi
 CVE-2020-27664 (admin/src/containers/InputModalStepperProvider/index.js in 
Strapi befo ...)
-       TODO: check
+       NOT-FOR-US: Strapi
 CVE-2020-27663
        RESERVED
 CVE-2020-27662
@@ -445,7 +445,7 @@ CVE-2020-27648
 CVE-2020-27647
        RESERVED
 CVE-2020-27646 (Biscom Secure File Transfer (SFT) before 5.1.1082 and 6.x 
before 6.0.1 ...)
-       TODO: check
+       NOT-FOR-US: Biscom Secure File Transfer (SFT)
 CVE-2020-27645
        RESERVED
 CVE-2020-27644
@@ -453,7 +453,7 @@ CVE-2020-27644
 CVE-2020-27643
        RESERVED
 CVE-2020-27642 (A cross-site scripting (XSS) vulnerability exists in the 
'merge accoun ...)
-       TODO: check
+       NOT-FOR-US: BigBlueButton
 CVE-2020-27641
        RESERVED
 CVE-2020-27640
@@ -701,7 +701,7 @@ CVE-2020-27535
 CVE-2020-27534
        RESERVED
 CVE-2020-27533 (A Cross Site Scripting (XSS) issue was discovered in the 
search featur ...)
-       TODO: check
+       NOT-FOR-US: DedeCMS
 CVE-2020-27532
        RESERVED
 CVE-2020-27531
@@ -1466,7 +1466,7 @@ CVE-2020-27157 (Veritas APTARE versions prior to 10.5 
included code that bypasse
 CVE-2020-27156 (Veritas APTARE versions prior to 10.5 did not perform adequate 
authori ...)
        NOT-FOR-US: Veritas
 CVE-2020-27155 (An issue was discovered in Octopus Deploy through 2020.4.4. If 
enabled ...)
-       TODO: check
+       NOT-FOR-US: Octopus Deploy
 CVE-2020-27154
        RESERVED
 CVE-2020-27152 [KVM: host stack overflow due to lazy update IOAPIC]
@@ -2495,9 +2495,9 @@ CVE-2020-26652
 CVE-2020-26651
        RESERVED
 CVE-2020-26650 (AtomXCMS 2.0 is affected by Arbitrary File Read via 
admin/dump.php ...)
-       TODO: check
+       NOT-FOR-US: AtomXCMS
 CVE-2020-26649 (AtomXCMS 2.0 is affected by Incorrect Access Control via 
admin/dump.ph ...)
-       TODO: check
+       NOT-FOR-US: AtomXCMS
 CVE-2020-26648
        RESERVED
 CVE-2020-26647



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc4f93e5438d4058abe3f606c24976f30cf507c5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc4f93e5438d4058abe3f606c24976f30cf507c5
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to