[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Apr 1 21:16:04 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
876620d9 by Salvatore Bonaccorso at 2020-04-01T22:15:37+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8119,9 +8119,9 @@ CVE-2020-7950 (meshsystem.dll in Valve Dota 2 before 7.23f allows remote attacke
 CVE-2020-7949 (schemasystem.dll in Valve Dota 2 before 7.23f allows remote attackers  ...)
 	NOT-FOR-US: Dota 2
 CVE-2020-7948 (An issue was discovered in the Login by Auth0 plugin before 4.0.0 for  ...)
-	TODO: check
+	NOT-FOR-US: Login by Auth0 plugin for WordPress
 CVE-2020-7947 (An issue was discovered in the Login by Auth0 plugin before 4.0.0 for  ...)
-	TODO: check
+	NOT-FOR-US: Login by Auth0 plugin for WordPress
 CVE-2020-7946
 	RESERVED
 CVE-2020-7945
@@ -10926,7 +10926,7 @@ CVE-2020-6755
 CVE-2020-6754 (dotCMS before 5.2.4 is vulnerable to directory traversal, leading to i ...)
 	NOT-FOR-US: dotCMS
 CVE-2020-6753 (The Login by Auth0 plugin before 4.0.0 for WordPress allows stored XSS ...)
-	TODO: check
+	NOT-FOR-US: Login by Auth0 plugin for WordPress
 CVE-2020-6752
 	RESERVED
 CVE-2020-6751
@@ -13954,9 +13954,9 @@ CVE-2020-5394
 CVE-2020-5393 (In Appspace On-Prem through 7.1.3, an adversary can steal a session to ...)
 	NOT-FOR-US: Appspace On-Prem
 CVE-2020-5392 (A stored cross-site scripting (XSS) vulnerability exists in the Auth0  ...)
-	TODO: check
+	NOT-FOR-US: Auth0 plugin for WordPress
 CVE-2020-5391 (Cross-site request forgery (CSRF) vulnerabilities exist in the Auth0 p ...)
-	TODO: check
+	NOT-FOR-US: Auth0 plugin for WordPress
 CVE-2020-5390 (PySAML2 before 5.0.0 does not check that the signature in a SAML docum ...)
 	{DSA-4630-1 DLA-2119-1}
 	- python-pysaml2 4.5.0-7 (bug #949322)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/876620d9ed471412465434a18d128e51e3f0061b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/876620d9ed471412465434a18d128e51e3f0061b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200401/4b979844/attachment.html>

More information about the debian-security-tracker-commits mailing list