[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso Fri, 27 Nov 2020 12:21:20 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
14042b7b by Salvatore Bonaccorso at 2020-11-27T21:20:27+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -457,7 +457,7 @@ CVE-2020-29140
 CVE-2020-29139
        RESERVED
 CVE-2020-29138 (Incorrect Access Control in the configuration backup path in 
SAGEMCOM  ...)
-       TODO: check
+       NOT-FOR-US: SAGEMCOM
 CVE-2020-29137 (cPanel before 90.0.17 allows self-XSS via the WHM Transfer 
Tool interf ...)
        NOT-FOR-US: cPanel
 CVE-2020-29136 (In cPanel before 90.0.17, 2FA can be bypassed via a 
brute-force approa ...)
@@ -944,9 +944,9 @@ CVE-2020-28924 (An issue was discovered in Rclone before 
1.53.3. Due to the use
 CVE-2020-28923
        RESERVED
 CVE-2020-28922 (An issue was discovered in Devid Espenschied PC Analyser 
through 4.10. ...)
-       TODO: check
+       NOT-FOR-US: Devid Espenschied PC Analyser
 CVE-2020-28921 (An issue was discovered in Devid Espenschied PC Analyser 
through 4.10. ...)
-       TODO: check
+       NOT-FOR-US: Devid Espenschied PC Analyser
 CVE-2020-28920
        RESERVED
 CVE-2020-28919
@@ -13107,7 +13107,7 @@ CVE-2020-25017 (Envoy through 1.15.0 only considers the 
first value when multipl
 CVE-2020-25015 (A specific router allows changing the Wi-Fi password remotely. 
Genexis ...)
        NOT-FOR-US: Genexis Platinum 4410 V2-1.28
 CVE-2020-25014 (A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel 
UTM and  ...)
-       TODO: check
+       NOT-FOR-US: Zyxel
 CVE-2020-25013 (JetBrains ToolBox before version 1.18 is vulnerable to a 
Denial of Ser ...)
        NOT-FOR-US: JetBrains
 CVE-2020-25012
@@ -65074,25 +65074,25 @@ CVE-2019-19880 (exprListAppendList in window.c in 
SQLite 3.30.1 allows attackers
 CVE-2019-19879 (HashiCorp Sentinel up to 0.10.1 incorrectly parsed negation in 
certain ...)
        NOT-FOR-US: HashiCorp Sentinel (different from Redis Sentinel)
 CVE-2019-19878 (An issue was discovered in B&amp;R Industrial Automation APROL 
before  ...)
-       TODO: check
+       NOT-FOR-US: B&R Industrial Automation APROL
 CVE-2019-19877 (An issue was discovered in B&amp;R Industrial Automation APROL 
before  ...)
-       TODO: check
+       NOT-FOR-US: B&R Industrial Automation APROL
 CVE-2019-19876 (An issue was discovered in B&amp;R Industrial Automation APROL 
before  ...)
-       TODO: check
+       NOT-FOR-US: B&R Industrial Automation APROL
 CVE-2019-19875 (An issue was discovered in B&amp;R Industrial Automation APROL 
before  ...)
-       TODO: check
+       NOT-FOR-US: B&R Industrial Automation APROL
 CVE-2019-19874 (An issue was discovered in B&amp;R Industrial Automation APROL 
before  ...)
-       TODO: check
+       NOT-FOR-US: B&R Industrial Automation APROL
 CVE-2019-19873 (An issue was discovered in B&amp;R Industrial Automation APROL 
before  ...)
-       TODO: check
+       NOT-FOR-US: B&R Industrial Automation APROL
 CVE-2019-19872 (An issue was discovered in B&amp;R Industrial Automation APROL 
before  ...)
-       TODO: check
+       NOT-FOR-US: B&R Industrial Automation APROL
 CVE-2019-19871
        RESERVED
 CVE-2019-19870
        RESERVED
 CVE-2019-19869 (An issue was discovered in B&amp;R Industrial Automation APROL 
before  ...)
-       TODO: check
+       NOT-FOR-US: B&R Industrial Automation APROL
 CVE-2019-19868
        RESERVED
 CVE-2019-19867
@@ -190404,19 +190404,19 @@ CVE-2017-15688
 CVE-2017-15687 (DOM Based Cross Site Scripting (XSS) exists in Logitech Media 
Server 7 ...)
        NOT-FOR-US: Logitech
 CVE-2017-15686 (Crafter CMS Crafter Studio 3.0.1 is affected by: Cross Site 
Scripting  ...)
-       TODO: check
+       NOT-FOR-US: Crafter CMS Crafter Studio
 CVE-2017-15685 (Crafter CMS Crafter Studio 3.0.1 is affected by: XML External 
Entity ( ...)
-       TODO: check
+       NOT-FOR-US: Crafter CMS Crafter Studio
 CVE-2017-15684 (Crafter CMS Crafter Studio 3.0.1 has a directory traversal 
vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: Crafter CMS Crafter Studio
 CVE-2017-15683 (In Crafter CMS Crafter Studio 3.0.1 an unauthenticated 
attacker is abl ...)
-       TODO: check
+       NOT-FOR-US: Crafter CMS Crafter Studio
 CVE-2017-15682 (In Crafter CMS Crafter Studio 3.0.1 an unauthenticated 
attacker is abl ...)
-       TODO: check
+       NOT-FOR-US: Crafter CMS Crafter Studio
 CVE-2017-15681 (In Crafter CMS Crafter Studio 3.0.1 a directory traversal 
vulnerabilit ...)
-       TODO: check
+       NOT-FOR-US: Crafter CMS Crafter Studio
 CVE-2017-15680 (In Crafter CMS Crafter Studio 3.0.1 an IDOR vulnerability 
exists which ...)
-       TODO: check
+       NOT-FOR-US: Crafter CMS Crafter Studio
 CVE-2017-15679
        RESERVED
 CVE-2017-15678



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14042b7bf9bc01e9ca3e20b19d749a2d1bb2a44a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14042b7bf9bc01e9ca3e20b19d749a2d1bb2a44a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to