[Git][security-tracker-team/security-tracker][master] new spring issue, NFUs

Tue, 22 Sep 2020 02:15:42 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d412c358 by Moritz Muehlenhoff at 2020-09-22T11:14:46+02:00
new spring issue, NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -19665,7 +19665,7 @@ CVE-2020-16173
 CVE-2020-16172
        RESERVED
 CVE-2020-16171 (An issue was discovered in Acronis Cyber Backup before 12.5 
Build 1634 ...)
-       TODO: check
+       NOT-FOR-US: Acronis
 CVE-2020-16170 (Use of Hard-coded Credentials in temi Robox OS prior to 120, 
temi Andr ...)
        NOT-FOR-US: Temi application fo Android
 CVE-2020-16169 (Authentication Bypass Using an Alternate Path or Channel in 
temi Robox ...)
@@ -41326,7 +41326,7 @@ CVE-2020-8239
 CVE-2020-8238
        RESERVED
 CVE-2020-8237 (Prototype pollution in json-bigint npm package < 1.0.0 may 
lead to  ...)
-       TODO: check
+       NOT-FOR-US: Node json-bigint
 CVE-2020-8236
        RESERVED
 CVE-2020-8235
@@ -41886,7 +41886,7 @@ CVE-2020-8030
 CVE-2020-8029
        RESERVED
 CVE-2020-8028 (A Improper Access Control vulnerability in the configuration of 
salt o ...)
-       TODO: check
+       NOT-FOR-US: Salt configuration in SUSE Server Manager
 CVE-2020-8027
        RESERVED
 CVE-2020-8026 (A Incorrect Default Permissions vulnerability in the packaging 
of inn  ...)
@@ -48341,7 +48341,8 @@ CVE-2020-5423
 CVE-2020-5422
        RESERVED
 CVE-2020-5421 (In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 
5.0.0 - 5. ...)
-       TODO: check
+       - libspring-java <unfixed>
+       NOTE: https://tanzu.vmware.com/security/cve-2020-5421
 CVE-2020-5420 (Cloud Foundry Routing (Gorouter) versions prior to 0.206.0 
allow a mal ...)
        NOT-FOR-US: Cloud Foundry
 CVE-2020-5419 (RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a 
Windows-specific ...)
@@ -64949,7 +64950,7 @@ CVE-2020-0409
 CVE-2020-0408
        RESERVED
 CVE-2020-0407 (In various functions in fscrypt_ice.c and related files in some 
implem ...)
-       TODO: check
+       NOT-FOR-US: Android kernel
 CVE-2020-0406 (In libmpeg2dec, there is a possible out of bounds write due to 
a missi ...)
        NOT-FOR-US: Android Media Framework
 CVE-2020-0405 (In NetworkStackNotifier, there is a possible permissions bypass 
due to ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d412c358fe696ae8adb8ef65cd2bbcf69f319464

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d412c358fe696ae8adb8ef65cd2bbcf69f319464
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to