[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Mon, 26 Oct 2020 13:37:43 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
651a523e by Salvatore Bonaccorso at 2020-10-26T21:36:41+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3683,7 +3683,7 @@ CVE-2020-26163 (BigBlueButton Greenlight before 2.5.6 
allows HTTP header (Host a
 CVE-2020-26162 (Xerox WorkCentre EC7836 before 073.050.059.25300 and EC7856 
before 073 ...)
        NOT-FOR-US: Xerox
 CVE-2020-26161 (In Octopus Deploy through 2020.4.2, an attacker could redirect 
users t ...)
-       TODO: check
+       NOT-FOR-US: Octopus Deploy
 CVE-2020-26160 (jwt-go before 4.0.0-preview1 allows attackers to bypass 
intended acces ...)
        - golang-github-dgrijalva-jwt-go <unfixed> (bug #971556)
        NOTE: https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDGRIJALVAJWTGO-596515
@@ -5282,7 +5282,7 @@ CVE-2020-25472
 CVE-2020-25471
        RESERVED
 CVE-2020-25470 (AntSword 2.1.8.1 contains a cross-site scripting (XSS) 
vulnerability i ...)
-       TODO: check
+       NOT-FOR-US: AntSword
 CVE-2020-25469
        RESERVED
 CVE-2020-25468
@@ -6255,7 +6255,7 @@ CVE-2020-25036
 CVE-2020-25035
        RESERVED
 CVE-2020-25034 (eMPS prior to eMPS 9.0 FireEye EX 3500 devices allows remote 
authentic ...)
-       TODO: check
+       NOT-FOR-US: eMPS
 CVE-2020-25033 (The Blubrry subscribe-sidebar (aka Subscribe Sidebar) plugin 
1.3.1 for ...)
        NOT-FOR-US: Blubrry subscribe-sidebar (aka Subscribe Sidebar) plugin 
for WordPress
 CVE-2020-25032 (An issue was discovered in Flask-CORS (aka CORS Middleware for 
Flask)  ...)
@@ -18956,7 +18956,7 @@ CVE-2020-18768
 CVE-2020-18767
        RESERVED
 CVE-2020-18766 (A cross-site scripting (XSS) vulnerability AntSword v2.0.7 can 
remotel ...)
-       TODO: check
+       NOT-FOR-US: AntSword
 CVE-2020-18765
        RESERVED
 CVE-2020-18764
@@ -25006,7 +25006,7 @@ CVE-2020-15899 (Grin 3.0.0 before 4.0.0 has 
insufficient validation of data rela
 CVE-2020-15898
        RESERVED
 CVE-2020-15897 (Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x 
before 4.23. ...)
-       TODO: check
+       NOT-FOR-US: Arista EOS
 CVE-2020-15896 (An authentication-bypass issue was discovered on D-Link 
DAP-1522 devic ...)
        NOT-FOR-US: D-Link
 CVE-2020-15895 (An XSS issue was discovered on D-Link DIR-816L devices 2.x 
before 1.10 ...)
@@ -32549,7 +32549,7 @@ CVE-2020-13102
 CVE-2020-13101 (In OASIS Digital Signature Services (DSS) 1.0, an attacker can 
control ...)
        NOT-FOR-US: OASIS Digital Signature Services (DSS)
 CVE-2020-13100 (Arista&#8217;s CloudVision eXchange (CVX) server before 
4.21.12M, 4.22 ...)
-       TODO: check
+       NOT-FOR-US: Arista
 CVE-2020-13099
        RESERVED
 CVE-2020-13098
@@ -48875,7 +48875,7 @@ CVE-2020-7198
 CVE-2020-7197 (SSMC3.7.0.0 is vulnerable to remote authentication bypass. HPE 
StoreSe ...)
        TODO: check
 CVE-2020-7196 (The HPE BlueData EPIC Software Platform version 4.0 and HPE 
Ezmeral Co ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2020-7195 (A iccselectrules expression language injection remote code 
execution v ...)
        NOT-FOR-US: HPE Intelligent Management Center (iMC)
 CVE-2020-7194 (A perfaddormoddevicemonitor expression language injection 
remote code  ...)
@@ -49013,13 +49013,13 @@ CVE-2020-7129
 CVE-2020-7128
        RESERVED
 CVE-2020-7127 (A remote unauthenticated arbitrary code execution vulnerability 
was di ...)
-       TODO: check
+       NOT-FOR-US: Aruba
 CVE-2020-7126 (A remote server-side request forgery (ssrf) vulnerability was 
discover ...)
-       TODO: check
+       NOT-FOR-US: Aruba
 CVE-2020-7125 (A remote escalation of privilege vulnerability was discovered 
in Aruba ...)
-       TODO: check
+       NOT-FOR-US: Aruba
 CVE-2020-7124 (A remote unauthorized access vulnerability was discovered in 
Aruba Air ...)
-       TODO: check
+       NOT-FOR-US: Aruba
 CVE-2020-7123
        RESERVED
 CVE-2020-7122 (Two memory corruption vulnerabilities in the Aruba CX Switches 
Series  ...)
@@ -49654,7 +49654,7 @@ CVE-2020-6878
 CVE-2020-6877
        RESERVED
 CVE-2020-6876 (A ZTE product is impacted by an XSS vulnerability. The 
vulnerability i ...)
-       TODO: check
+       NOT-FOR-US: ZTE
 CVE-2020-6875 (A ZTE product is impacted by the improper access control 
vulnerability ...)
        NOT-FOR-US: ZTE
 CVE-2020-6874 (A ZTE product is impacted by the cryptographic issues 
vulnerability. T ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/651a523e427d9159f9f693da53868a9f2a2de7a4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/651a523e427d9159f9f693da53868a9f2a2de7a4
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to