[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Thu, 31 Dec 2020 12:23:53 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
7a317d42 by Salvatore Bonaccorso at 2020-12-31T21:23:22+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -268,7 +268,7 @@ CVE-2020-35853
 CVE-2020-35852
        RESERVED
 CVE-2020-35851 (HGiga MailSherlock does not validate specific parameters 
properly. Att ...)
-       TODO: check
+       NOT-FOR-US: HGiga MailSherlock
 CVE-2021-21443
        RESERVED
 CVE-2021-21442
@@ -506,13 +506,13 @@ CVE-2020-35745
 CVE-2020-35744
        RESERVED
 CVE-2020-35743 (HGiga MailSherlock contains a SQL injection flaw. Attackers 
can inject ...)
-       TODO: check
+       NOT-FOR-US: HGiga MailSherlock
 CVE-2020-35742 (HGiga MailSherlock contains a vulnerability of SQL Injection. 
Attacker ...)
-       TODO: check
+       NOT-FOR-US: HGiga MailSherlock
 CVE-2020-35741 (HGiga MailSherlock does not validate user parameters on 
multiple login ...)
-       TODO: check
+       NOT-FOR-US: HGiga MailSherlock
 CVE-2020-35740 (HGiga MailSherlock does not validate specific URL parameters 
properly  ...)
-       TODO: check
+       NOT-FOR-US: HGiga MailSherlock
 CVE-2020-35739
        RESERVED
 CVE-2020-35738 (WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples 
in pack ...)
@@ -18595,11 +18595,11 @@ CVE-2020-25852
 CVE-2020-25851
        RESERVED
 CVE-2020-25850 (The function, view the source code, of HGiga MailSherlock does 
not val ...)
-       TODO: check
+       NOT-FOR-US: HGiga MailSherlock
 CVE-2020-25849 (MailGates and MailAudit products contain Command Injection 
flaw, which ...)
        NOT-FOR-US: MailGates and MailAudit
 CVE-2020-25848 (HGiga MailSherlock contains weak authentication flaw that 
attackers gr ...)
-       TODO: check
+       NOT-FOR-US: HGiga MailSherlock
 CVE-2020-25847 (This command injection vulnerability allows attackers to 
execute arbit ...)
        NOT-FOR-US: QNAP
 CVE-2020-25846 (The digest generation function of NHIServiSignAdapter has not 
been ver ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7a317d420713d6ff328d82619a05de67d1c36a77

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7a317d420713d6ff328d82619a05de67d1c36a77
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to