Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f600595b by Moritz Muehlenhoff at 2020-10-28T15:01:53+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21,7 +21,7 @@ CVE-2020-27959
CVE-2020-27958
RESERVED
CVE-2020-27957 (The RandomGameUnit extension for MediaWiki through 1.35 was
not proper ...)
- TODO: check
+ NOT-FOR-US: MediaWiki extension
CVE-2020-27956 (An Arbitrary File Upload in the Upload Image component in
SourceCodest ...)
NOT-FOR-US: SourceCodester Car Rental Management System
CVE-2020-27955
@@ -159,7 +159,7 @@ CVE-2020-27890 (The Zigbee protocol implementation on Texas
Instruments CC2538 d
CVE-2020-27889
RESERVED
CVE-2020-27888 (An issue was discovered on Ubiquiti UniFi Meshing Access Point
UAP-AC- ...)
- TODO: check
+ NOT-FOR-US: Ubiquiti
CVE-2021-0300
RESERVED
CVE-2021-0299
@@ -429,7 +429,7 @@ CVE-2020-27855
CVE-2020-27854
RESERVED
CVE-2020-27853 (Wire before 2020-10-16 allows remote attackers to cause a
denial of se ...)
- TODO: check
+ NOT-FOR-US: Wire app
CVE-2020-27852
RESERVED
CVE-2020-27851
@@ -27363,11 +27363,11 @@ CVE-2020-15276
CVE-2020-15275
RESERVED
CVE-2020-15274 (In Wiki.js before version 2.5.162, an XSS payload can be
injected in a ...)
- TODO: check
+ NOT-FOR-US: Wiki.js
CVE-2020-15273
RESERVED
CVE-2020-15272 (In the git-tag-annotation-action (open source GitHub Action)
before ve ...)
- TODO: check
+ NOT-FOR-US: git-tag-annotation-action
CVE-2020-15271 (In lookatme (python/pypi package) versions prior to 2.3.0, the
package ...)
- lookatme <unfixed> (bug #972988)
NOTE:
https://github.com/d0c-s4vage/lookatme/security/advisories/GHSA-c84h-w6cr-5v8q
@@ -42767,7 +42767,7 @@ CVE-2020-9981
CVE-2020-9980 (An out-of-bounds write issue was addressed with improved bounds
checki ...)
NOT-FOR-US: Apple
CVE-2020-9979 (A trust issue was addressed by removing a legacy API. This
issue is fi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9978
RESERVED
CVE-2020-9977
@@ -42779,7 +42779,7 @@ CVE-2020-9975
CVE-2020-9974
RESERVED
CVE-2020-9973 (An out-of-bounds read was addressed with improved bounds
checking. Thi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9972
RESERVED
CVE-2020-9971
@@ -42803,7 +42803,7 @@ CVE-2020-9963
CVE-2020-9962
RESERVED
CVE-2020-9961 (An out-of-bounds read was addressed with improved input
validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9960
RESERVED
CVE-2020-9959 (A lock screen issue allowed access to messages on a locked
device. Thi ...)
@@ -42843,7 +42843,7 @@ CVE-2020-9943
CVE-2020-9942
RESERVED
CVE-2020-9941 (This issue was addressed with improved checks. This issue is
fixed in ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9940 (A buffer overflow issue was addressed with improved memory
handling. T ...)
NOT-FOR-US: Apple
CVE-2020-9939 (This issue was addressed with improved checks. This issue is
fixed in ...)
@@ -42861,7 +42861,7 @@ CVE-2020-9934 (An issue existed in the handling of
environment variables. This i
CVE-2020-9933 (An authorization issue was addressed with improved state
management. T ...)
NOT-FOR-US: Apple
CVE-2020-9932 (A memory corruption issue was addressed with improved
validation. This ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9931 (A denial of service issue was addressed with improved input
validation ...)
NOT-FOR-US: Apple
CVE-2020-9930
@@ -43018,7 +43018,7 @@ CVE-2020-9868 (A certificate validation issue existed
when processing administra
CVE-2020-9867
RESERVED
CVE-2020-9866 (A buffer overflow was addressed with improved bounds checking.
This is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9865 (A memory corruption issue was addressed by removing the
vulnerable cod ...)
NOT-FOR-US: Apple
CVE-2020-9864 (A logic issue was addressed with improved restrictions. This
issue is ...)
@@ -43035,13 +43035,13 @@ CVE-2020-9862 (A command injection issue existed in
Web Inspector. This issue wa
CVE-2020-9861
RESERVED
CVE-2020-9860 (A custom URL scheme handling issue was addressed with improved
input v ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9859 (A memory consumption issue was addressed with improved memory
handling ...)
NOT-FOR-US: Apple
CVE-2020-9858 (A dynamic library loading issue was addressed with improved
path searc ...)
NOT-FOR-US: Apple
CVE-2020-9857 (An issue existed in the parsing of URLs. This issue was
addressed with ...)
- TODO: check
+ NOT-FOR-US: Safari
CVE-2020-9856 (This issue was addressed with improved checks. This issue is
fixed in ...)
NOT-FOR-US: Apple
CVE-2020-9855 (A validation issue existed in the handling of symlinks. This
issue was ...)
@@ -43219,7 +43219,7 @@ CVE-2020-9788 (A validation issue was addressed with
improved input sanitization
CVE-2020-9787 (A logic issue was addressed with improved restrictions. This
issue is ...)
NOT-FOR-US: Apple
CVE-2020-9786 (This issue was addressed with improved checks This issue is
fixed in m ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9785 (Multiple memory corruption issues were addressed with improved
state m ...)
NOT-FOR-US: Apple
CVE-2020-9784 (A logic issue was addressed with improved restrictions. This
issue is ...)
@@ -43227,7 +43227,7 @@ CVE-2020-9784 (A logic issue was addressed with
improved restrictions. This issu
CVE-2020-9783 (A use after free issue was addressed with improved memory
management. ...)
NOT-FOR-US: Apple
CVE-2020-9782 (A parsing issue in the handling of directory paths was
addressed with ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9781 (The issue was addressed by clearing website permission prompts
after n ...)
NOT-FOR-US: Apple
CVE-2020-9780 (The issue was resolved by clearing application previews when
content i ...)
@@ -43243,7 +43243,7 @@ CVE-2020-9776 (This issue was addressed with a new
entitlement. This issue is fi
CVE-2020-9775 (An issue existed in the handling of tabs displaying picture in
picture ...)
NOT-FOR-US: Apple
CVE-2020-9774 (An issue existed with Siri Suggestions access to encrypted
data. The i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-9773 (The issue was addressed with improved handling of icon caches.
This is ...)
NOT-FOR-US: Apple
CVE-2020-9772 (A logic issue was addressed with improved restrictions. This
issue is ...)
@@ -58569,7 +58569,7 @@ CVE-2020-3882 (This issue was addressed with improved
checks. This issue is fixe
CVE-2020-3881 (A logic issue was addressed with improved state management.
This issue ...)
NOT-FOR-US: Apple
CVE-2020-3880 (An out-of-bounds read was addressed with improved input
validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-3879
RESERVED
CVE-2020-3878 (An out-of-bounds read was addressed with improved input
validation. Th ...)
@@ -58623,7 +58623,7 @@ CVE-2020-3864 (A logic issue was addressed with
improved validation. This issue
- wpewebkit 2.26.4-1
NOTE: https://webkitgtk.org/security/WSA-2020-0002.html
CVE-2020-3863 (A memory corruption issue was addressed with improved memory
handling. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-3862 (A denial of service issue was addressed with improved memory
handling. ...)
{DSA-4627-1}
- webkit2gtk 2.26.4-1
@@ -58644,15 +58644,15 @@ CVE-2020-3857 (A memory corruption issue was
addressed with improved memory hand
CVE-2020-3856 (A memory corruption issue was addressed with improved input
validation ...)
NOT-FOR-US: Apple
CVE-2020-3855 (An access issue was addressed with improved access
restrictions. This ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-3854 (A memory corruption issue was addressed with improved memory
handling. ...)
NOT-FOR-US: Apple
CVE-2020-3853 (A type confusion issue was addressed with improved memory
handling. Th ...)
NOT-FOR-US: Apple
CVE-2020-3852 (A logic issue was addressed with improved validation. This
issue is fi ...)
- TODO: check
+ NOT-FOR-US: Safari
CVE-2020-3851 (A use after free issue was addressed with improved memory
management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2020-3850 (A memory corruption issue was addressed with improved input
validation ...)
NOT-FOR-US: Apple
CVE-2020-3849 (A memory corruption issue was addressed with improved input
validation ...)
@@ -63963,7 +63963,7 @@ CVE-2020-1917
CVE-2020-1916
RESERVED
CVE-2020-1915 (An out-of-bounds read in the JavaScript Interpreter in Facebook
Hermes ...)
- TODO: check
+ NOT-FOR-US: Facebook Hermes
CVE-2020-1914 (A logic vulnerability when handling the SaveGeneratorLong
instruction ...)
NOT-FOR-US: Facebook Hermes
CVE-2020-1913 (An Integer signedness error in the JavaScript Interpreter in
Facebook ...)
@@ -100829,13 +100829,13 @@ CVE-2019-8903 (index.js in Total.js Platform before
3.2.3 allows path traversal.
CVE-2019-8902 (An issue was discovered in idreamsoft iCMS through 7.0.14. A
CSRF vuln ...)
NOT-FOR-US: idreamsoft iCMS
CVE-2019-8901 (This issue was addressed by verifying host keys when connecting
to a p ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2019-8900
RESERVED
CVE-2019-8899
RESERVED
CVE-2019-8898 (An information disclosure issue existed in the handling of the
Storage ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2019-8897
RESERVED
CVE-2019-8896
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f600595b5a03db9f8a7da24c39675f9e78705d91
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f600595b5a03db9f8a7da24c39675f9e78705d91
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
