[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Thu, 12 Nov 2020 00:11:08 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
0ca0b453 by security tracker role at 2020-11-12T08:10:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5195,7 +5195,7 @@ CVE-2020-26951
        RESERVED
 CVE-2020-26950
        RESERVED
-       {DSA-4788-1}
+       {DSA-4788-1 DLA-2448-1}
        - firefox 82.0.3-1
        - firefox-esr 78.4.1esr-1
        - thunderbird 1:78.4.2-1
@@ -6734,14 +6734,14 @@ CVE-2020-26223
        RESERVED
 CVE-2020-26222
        RESERVED
-CVE-2020-26221
-       RESERVED
-CVE-2020-26220
-       RESERVED
-CVE-2020-26219
-       RESERVED
-CVE-2020-26218
-       RESERVED
+CVE-2020-26221 (touchbase.ai before version 2.0 is vulnerable to Cross-Site 
Scripting  ...)
+       TODO: check
+CVE-2020-26220 (toucbase.ai before version 2.0 leaks information by not 
stripping exif ...)
+       TODO: check
+CVE-2020-26219 (touchbase.ai before version 2.0 is vulnerable to Open 
Redirect. Impact ...)
+       TODO: check
+CVE-2020-26218 (touchbase.ai before version 2.0 is vulnerable to Cross-Site 
Scripting. ...)
+       TODO: check
 CVE-2020-26217
        RESERVED
 CVE-2020-26216
@@ -7103,8 +7103,8 @@ CVE-2020-26072
        RESERVED
 CVE-2020-26071
        RESERVED
-CVE-2020-26070
-       RESERVED
+CVE-2020-26070 (A vulnerability in the ingress packet processing function of 
Cisco IOS ...)
+       TODO: check
 CVE-2020-26069
        RESERVED
 CVE-2020-26068
@@ -50920,6 +50920,7 @@ CVE-2020-7762 (This affects the package 
jsreport-chrome-pdf before 1.10.0. ...)
 CVE-2020-7761 (This affects the package @absolunet/kafe before 3.2.10. It 
allows caus ...)
        NOT-FOR-US: @absolunet/kafe
 CVE-2020-7760 (This affects the package codemirror before 5.58.2; the package 
org.apa ...)
+       {DSA-4789-1}
        - codemirror-js 5.58.2+~cs0.23.101-1
        [stretch] - codemirror-js <not-affected> (Vulnerable code added later)
        NOTE: https://snyk.io/vuln/SNYK-JS-CODEMIRROR-1016937
@@ -55432,8 +55433,8 @@ CVE-2020-5994
        RESERVED
 CVE-2020-5993
        RESERVED
-CVE-2020-5992
-       RESERVED
+CVE-2020-5992 (NVIDIA GeForce NOW application software on Windows, all 
versions prior ...)
+       TODO: check
 CVE-2020-5991 (NVIDIA CUDA Toolkit, all versions prior to 11.1.1, contains a 
vulnerab ...)
        - nvidia-cuda-toolkit <unfixed> (bug #973543)
        [buster] - nvidia-cuda-toolkit <ignored> (Non-free not supported)
@@ -65932,12 +65933,12 @@ CVE-2020-2052
        RESERVED
 CVE-2020-2051
        RESERVED
-CVE-2020-2050
-       RESERVED
+CVE-2020-2050 (An authentication bypass vulnerability exists in the 
GlobalProtect SSL ...)
+       TODO: check
 CVE-2020-2049
        RESERVED
-CVE-2020-2048
-       RESERVED
+CVE-2020-2048 (An information exposure through log file vulnerability exists 
where th ...)
+       TODO: check
 CVE-2020-2047
        RESERVED
 CVE-2020-2046
@@ -65988,8 +65989,8 @@ CVE-2020-2024 (An improper link resolution 
vulnerability affects Kata Containers
        NOT-FOR-US: Kata Containers
 CVE-2020-2023 (Kata Containers doesn't restrict containers from accessing the 
guest's ...)
        NOT-FOR-US: Kata Containers
-CVE-2020-2022
-       RESERVED
+CVE-2020-2022 (An information exposure vulnerability exists in Palo Alto 
Networks Pan ...)
+       TODO: check
 CVE-2020-2021 (When Security Assertion Markup Language (SAML) authentication 
is enabl ...)
        NOT-FOR-US: Palo Alto Networks
 CVE-2020-2020
@@ -66032,10 +66033,10 @@ CVE-2020-2002 (An authentication bypass by spoofing 
vulnerability exists in the
        NOT-FOR-US: PAN-OS
 CVE-2020-2001 (An external control of path and data vulnerability in the Palo 
Alto Ne ...)
        NOT-FOR-US: PAN-OS
-CVE-2020-2000
-       RESERVED
-CVE-2020-1999
-       RESERVED
+CVE-2020-2000 (An OS command injection and memory corruption vulnerability in 
the PAN ...)
+       TODO: check
+CVE-2020-1999 (A vulnerability exists in the Palo Alto Network PAN-OS 
signature-based ...)
+       TODO: check
 CVE-2020-1998 (An improper authorization vulnerability in PAN-OS that 
mistakenly uses ...)
        NOT-FOR-US: PAN-OS
 CVE-2020-1997 (An open redirection vulnerability in the GlobalProtect 
component of Pa ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0ca0b4539adca8c1c1c5b8580dedee6ce5585cd4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0ca0b4539adca8c1c1c5b8580dedee6ce5585cd4
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to