Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3b46b8f9 by Moritz Muehlenhoff at 2020-11-09T17:47:40+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3768,7 +3768,7 @@ CVE-2020-27591
CVE-2020-27590
RESERVED
CVE-2020-27589 (Synopsys hub-rest-api-python (aka blackduck on PyPI) version
0.0.25 - ...)
- TODO: check
+ NOT-FOR-US: hub-rest-api-python
CVE-2020-27588
RESERVED
CVE-2020-27587
@@ -6625,9 +6625,9 @@ CVE-2020-26216
CVE-2020-26215
RESERVED
CVE-2020-26214 (In Alerta before version 8.1.0, users may be able to bypass
LDAP authe ...)
- TODO: check
+ NOT-FOR-US: Alerta
CVE-2020-26213 (In teler before version 0.0.1, if you run teler inside a
Docker contai ...)
- TODO: check
+ NOT-FOR-US: Alerta
CVE-2020-26212
RESERVED
CVE-2020-26211 (In BookStack before version 0.30.4, a user with permissions to
edit a ...)
@@ -29820,7 +29820,7 @@ CVE-2020-15261 (On Windows the Veyon Service before
version 4.4.2 contains an un
CVE-2020-15260
RESERVED
CVE-2020-15259 (ad-ldap-connector's admin panel before version 5.0.13 does not
provide ...)
- TODO: check
+ NOT-FOR-US: ad-ldap-connector
CVE-2020-15258 (In Wire before 3.20.x, `shell.openExternal` was used without
checking ...)
NOT-FOR-US: Wire app
CVE-2020-15257
@@ -50763,9 +50763,9 @@ CVE-2020-7766
CVE-2020-7765
RESERVED
CVE-2020-7764 (This affects the package find-my-way before 2.2.5, from 3.0.0
and befo ...)
- TODO: check
+ NOT-FOR-US: Node find-my-way
CVE-2020-7763 (This affects the package phantom-html-to-pdf before 0.6.1. ...)
- NOT-FOR-US: Nodephantom-html-to-pdf
+ NOT-FOR-US: Node phantom-html-to-pdf
CVE-2020-7762 (This affects the package jsreport-chrome-pdf before 1.10.0. ...)
NOT-FOR-US: Node jsreport-chrome-pdf
CVE-2020-7761 (This affects the package @absolunet/kafe before 3.2.10. It
allows caus ...)
@@ -52044,7 +52044,7 @@ CVE-2020-7200
CVE-2020-7199
RESERVED
CVE-2020-7198 (There is a remote escalation of privilege possible for a
malicious use ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2020-7197 (SSMC3.7.0.0 is vulnerable to remote authentication bypass. HPE
StoreSe ...)
NOT-FOR-US: HPE
CVE-2020-7196 (The HPE BlueData EPIC Software Platform version 4.0 and HPE
Ezmeral Co ...)
@@ -55715,7 +55715,7 @@ CVE-2020-5796
CVE-2020-5795 (UNIX Symbolic Link (Symlink) Following in TP-Link Archer
A7(US)_V5_200 ...)
NOT-FOR-US: TP-Link
CVE-2020-5794 (A vulnerability in Nessus Network Monitor versions 5.11.0,
5.11.1, and ...)
- TODO: check
+ NOT-FOR-US: Nessus
CVE-2020-5793 (A vulnerability in Nessus versions 8.9.0 through 8.12.0 for
Windows &a ...)
NOT-FOR-US: Nessus
CVE-2020-5792 (Improper neutralization of argument delimiters in a command in
Nagios ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b46b8f98c2410bccb2c1beb2446d9872f88d88b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b46b8f98c2410bccb2c1beb2446d9872f88d88b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
