Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
11b03ace by Salvatore Bonaccorso at 2021-01-11T09:44:26+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2021-3120
CVE-2021-3119
RESERVED
CVE-2021-3118 (** UNSUPPORTED WHEN ASSIGNED ** EVOLUCARE ECSIMAGING (aka ECS
Imaging) ...)
- TODO: check
+ NOT-FOR-US: EVOLUCARE ECSIMAGING (aka ECS Imaging)
CVE-2021-3117
RESERVED
CVE-2021-3116 (before_upstream_connection in AuthPlugin in http/proxy/auth.py
in prox ...)
@@ -5913,23 +5913,23 @@ CVE-2020-35728 (FasterXML jackson-databind 2.x before
2.9.10.8 mishandles the in
NOTE: Starting from 2.10 series mitigated as Safe Default Typing is
enabled by default
NOTE: but still an issue when Default Typing is enabled.
CVE-2020-35727 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy
Authorit ...)
- TODO: check
+ NOT-FOR-US: Quest Policy Authority
CVE-2020-35726 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy
Authorit ...)
- TODO: check
+ NOT-FOR-US: Quest Policy Authority
CVE-2020-35725 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy
Authorit ...)
- TODO: check
+ NOT-FOR-US: Quest Policy Authority
CVE-2020-35724 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy
Authorit ...)
- TODO: check
+ NOT-FOR-US: Quest Policy Authority
CVE-2020-35723 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy
Authorit ...)
- TODO: check
+ NOT-FOR-US: Quest Policy Authority
CVE-2020-35722 (** UNSUPPORTED WHEN ASSIGNED ** CSRF in Web Compliance Manager
in Ques ...)
- TODO: check
+ NOT-FOR-US: Quest Policy Authority
CVE-2020-35721 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy
Authorit ...)
- TODO: check
+ NOT-FOR-US: Quest Policy Authority
CVE-2020-35720 (** UNSUPPORTED WHEN ASSIGNED ** Stored XSS in Quest Policy
Authority 8 ...)
- TODO: check
+ NOT-FOR-US: Quest Policy Authority
CVE-2020-35719 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy
Authorit ...)
- TODO: check
+ NOT-FOR-US: Quest Policy Authority
CVE-2020-35718
RESERVED
CVE-2020-35717 (zonote through 0.4.0 allows XSS via a crafted note, with
resultant Rem ...)
@@ -9979,13 +9979,13 @@ CVE-2020-35208 (** DISPUTED ** An issue was discovered
in the LogMein LastPass P
CVE-2020-35207 (** DISPUTED ** An issue was discovered in the LogMein LastPass
Passwor ...)
NOT-FOR-US: LogMein LastPass Password Manager (aka
com.lastpass.ilastpass) app for iOS
CVE-2020-35206 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Web
Compliance Manage ...)
- TODO: check
+ NOT-FOR-US: Quest Policy Authority
CVE-2020-35205 (** UNSUPPORTED WHEN ASSIGNED ** Server Side Request Forgery
(SSRF) in ...)
- TODO: check
+ NOT-FOR-US: Quest Policy Authority
CVE-2020-35204 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy
Authorit ...)
- TODO: check
+ NOT-FOR-US: Quest Policy Authority
CVE-2020-35203 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Web
Compliance Manage ...)
- TODO: check
+ NOT-FOR-US: Quest Policy Authority
CVE-2020-35202 (Ignite Realtime Openfire 4.6.0 has
plugins/dbaccess/db-access.jsp sql ...)
NOT-FOR-US: Ignite Realtime Openfire
CVE-2020-35201 (Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp users
Stored XS ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11b03ace6576155cf83ce6596944e14c9d0c8435
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11b03ace6576155cf83ce6596944e14c9d0c8435
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
