Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
253abc13 by Moritz Muehlenhoff at 2020-12-21T12:47:39+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27,7 +27,7 @@ CVE-2020-35581
CVE-2020-35580
RESERVED
CVE-2020-35579 (tindy2013 subconverter 0.6.4 has a
/sub?target=%TARGET%&url=%URL%& ...)
- TODO: check
+ NOT-FOR-US: tindy2013
CVE-2020-35578
RESERVED
CVE-2020-35577
@@ -5569,7 +5569,7 @@ CVE-2020-29449
CVE-2020-29448
RESERVED
CVE-2020-29447 (Affected versions of Atlassian Crucible allow remote attackers
to impa ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2020-29446
RESERVED
CVE-2020-29445
@@ -8855,9 +8855,9 @@ CVE-2020-28459
CVE-2020-28458 (All versions of package datatables.net are vulnerable to
Prototype Pol ...)
NOT-FOR-US: Node datatables.net
CVE-2020-28457 (This affects the package s-cart/core before 4.4. The search
functional ...)
- TODO: check
+ NOT-FOR-US: s-cart/core
CVE-2020-28456 (The package s-cart/core before 4.4 are vulnerable to
Cross-site Script ...)
- TODO: check
+ NOT-FOR-US: s-cart/core
CVE-2020-28455
RESERVED
CVE-2020-28454
@@ -8885,7 +8885,7 @@ CVE-2020-28444
CVE-2020-28443
RESERVED
CVE-2020-28442 (All versions of package js-data are vulnerable to Prototype
Pollution ...)
- TODO: check
+ NOT-FOR-US: Node js-data
CVE-2020-28441
RESERVED
CVE-2020-28440 (All versions of package corenlp-js-interface are vulnerable to
Command ...)
@@ -12483,7 +12483,7 @@ CVE-2020-27689 (The Relish (Verve Connect) VH510 device
with firmware before 1.0
CVE-2020-27688 (RVToolsPasswordEncryption.exe in RVTools 4.0.6 allows users to
encrypt ...)
NOT-FOR-US: RVTools
CVE-2020-27687 (ThingsBoard before v3.2 is vulnerable to Host header injection
in pass ...)
- TODO: check
+ NOT-FOR-US: ThingsBoard
CVE-2020-27686
RESERVED
CVE-2020-27685
@@ -16009,7 +16009,7 @@ CVE-2020-26282
CVE-2020-26281
RESERVED
CVE-2020-26280 (OpenSlides is a free, Web-based presentation and assembly
system for m ...)
- TODO: check
+ NOT-FOR-US: OpenSlides
CVE-2020-26279
RESERVED
CVE-2020-26278
@@ -16017,7 +16017,7 @@ CVE-2020-26278
CVE-2020-26277
RESERVED
CVE-2020-26276 (Fleet is an open source osquery manager. In Fleet before
version 3.5.1 ...)
- TODO: check
+ NOT-FOR-US: Fleet (osquery frontend)
CVE-2020-26275
RESERVED
CVE-2020-26274 (In systeminformation (npm package) before version 4.31.1 there
is a co ...)
@@ -16970,6 +16970,7 @@ CVE-2020-25861
CVE-2020-25860
RESERVED
- rauc 1.5-1
+ NOTE:
https://github.com/rauc/rauc/security/advisories/GHSA-cgf3-h62j-w9vv
CVE-2020-25859 (The QCMAP_CLI utility in the Qualcomm QCMAP software suite
prior to ve ...)
NOT-FOR-US: Qualcomm QCMAP
CVE-2020-25858 (The QCMAP_Web_CLIENT binary in the Qualcomm QCMAP software
suite prior ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/253abc13a44aa8c0ef7c96d379bbd445d2ef6b56
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/253abc13a44aa8c0ef7c96d379bbd445d2ef6b56
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
