[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Dec 31 08:43:53 GMT 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d631d909 by Salvatore Bonaccorso at 2019-12-31T08:43:15Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12,7 +12,7 @@ CVE-2019-20174
 CVE-2019-20173
 	RESERVED
 CVE-2019-20172 (Kernel/VM/MemoryManager.cpp in SerenityOS before 2019-12-30 does not r ...)
-	TODO: check
+	NOT-FOR-US: SerenityOS
 CVE-2019-20171 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
 	TODO: check
 CVE-2019-20170 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
@@ -2461,7 +2461,7 @@ CVE-2019-20140 (An issue was discovered in libsixel 1.8.4. There is a heap-based
 CVE-2019-20139 (In Nagios XI 5.6.9, XSS exists via the nocscreenapi.php host, hostgrou ...)
 	NOT-FOR-US: Nagios XI
 CVE-2019-20138 (The HTTP Authentication library before 2019-12-27 for Nim has weak pas ...)
-	TODO: check
+	NOT-FOR-US: HTTP Authentication library for Nim
 CVE-2019-20137
 	RESERVED
 CVE-2019-20136
@@ -9825,9 +9825,9 @@ CVE-2019-19034
 CVE-2019-19033 (Jalios JCMS 10 allows attackers to access any part of the website and  ...)
 	NOT-FOR-US: Jalios JCMS
 CVE-2019-19032 (XMLBlueprint through 16.191112 is affected by XML External Entity Inje ...)
-	TODO: check
+	NOT-FOR-US: XMLBlueprint
 CVE-2019-19031 (Easy XML Editor through v1.7.8 is affected by: XML External Entity Inj ...)
-	TODO: check
+	NOT-FOR-US: Easy XML Editor
 CVE-2019-19030
 	RESERVED
 CVE-2019-19029
@@ -37437,7 +37437,7 @@ CVE-2019-10760 (safer-eval before 1.3.2 are vulnerable to Arbitrary Code Executi
 CVE-2019-10759 (safer-eval before 1.3.4 are vulnerable to Arbitrary Code Execution. A  ...)
 	NOT-FOR-US: safer-eval Node module
 CVE-2019-10758 (mongo-express before 0.54.0 is vulnerable to Remote Code Execution via ...)
-	TODO: check
+	NOT-FOR-US: mongo-express
 CVE-2019-10757 (knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. ...)
 	NOT-FOR-US: knex.js
 CVE-2019-10756 (It is possible to inject JavaScript within node-red-dashboard versions ...)
@@ -47220,9 +47220,9 @@ CVE-2019-7481 (Vulnerability in SonicWall SMA100 allow unauthenticated user to g
 CVE-2019-7480
 	RESERVED
 CVE-2019-7479 (A vulnerability in SonicOS allow authenticated read-only admin can ele ...)
-	TODO: check
+	NOT-FOR-US: SonicOS
 CVE-2019-7478 (A vulnerability in GMS allow unauthenticated user to SQL injection in  ...)
-	TODO: check
+	NOT-FOR-US: SonicWall
 CVE-2019-7477 (A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow ...)
 	NOT-FOR-US: SonicWall
 CVE-2019-7476 (A vulnerability in SonicWall Global Management System (GMS), allow a r ...)
@@ -98728,7 +98728,7 @@ CVE-2018-7861
 CVE-2018-7860
 	RESERVED
 CVE-2018-7859 (A security vulnerability in D-Link DGS-1510-series switches with firmw ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2018-7858 (Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Em ...)
 	- qemu 1:2.12~rc3+dfsg-1 (bug #892497)
 	[stretch] - qemu <not-affected> (Vulnerable code not present)
@@ -260784,7 +260784,7 @@ CVE-2013-4869 (Cisco Unified Communications Manager (CUCM) 7.1(x) through 9.1(2)
 CVE-2013-4868 (Karotz API 12.07.19.00: Session Token Information Disclosure ...)
 	TODO: check
 CVE-2013-4867 (Electronic Arts Karotz Smart Rabbit 12.07.19.00 allows Python module h ...)
-	TODO: check
+	NOT-FOR-US: Electronic Arts Karotz Smart Rabbit
 CVE-2013-4866 (The LIXIL Corporation My SATIS Genius Toilet application for Android h ...)
 	NOT-FOR-US: LIXIL Corporation My SATIS Genius Toilet application for Android
 CVE-2013-4865



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d631d90901cabb1b294579f8e1db033c257b7072

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d631d90901cabb1b294579f8e1db033c257b7072
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191231/50f96d9a/attachment.html>

More information about the debian-security-tracker-commits mailing list