[Git][security-tracker-team/security-tracker][master] Process several more NFUs

Salvatore Bonaccorso carnil at debian.org
Fri Apr 17 12:27:30 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
902207ad by Salvatore Bonaccorso at 2020-04-17T13:26:02+02:00
Process several more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -262,25 +262,25 @@ CVE-2020-11768 (Certain NETGEAR devices are affected by Stored XSS. This affects
 CVE-2019-20767 (Certain NETGEAR devices are affected by a stack-based buffer overflow  ...)
 	NOT-FOR-US: Netgear
 CVE-2019-20766 (NETGEAR R7800 devices before 1.0.2.52 are affected by a stack-based bu ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2019-20765 (NETGEAR R7800 devices before 1.0.2.52 are affected by a stack-based bu ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2019-20764 (NETGEAR R7800 devices before 1.0.2.52 are affected by a stack-based bu ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2019-20763 (NETGEAR R7800 devices before 1.0.2.52 are affected by a stack-based bu ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2019-20762 (Certain NETGEAR devices are affected by a buffer overflow by an authen ...)
 	NOT-FOR-US: Netgear
 CVE-2019-20761 (NETGEAR R7800 devices before 1.0.2.62 are affected by command injectio ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2019-20760 (NETGEAR R9000 devices before 1.0.4.26 are affected by authentication b ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2019-20759 (NETGEAR R9000 devices before 1.0.4.26 are affected by stored XSS. ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2019-20758 (NETGEAR R7000 devices before 1.0.9.42 are affected by a buffer overflo ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2019-20757 (NETGEAR R7800 devices before 1.0.2.62 are affected by command injectio ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2019-20756 (Certain NETGEAR devices are affected by reflected XSS. This affects EX ...)
 	NOT-FOR-US: Netgear
 CVE-2019-20755 (Certain NETGEAR devices are affected by a stack-based buffer overflow  ...)
@@ -306,17 +306,17 @@ CVE-2019-20746 (Certain NETGEAR devices are affected by reflected XSS. This affe
 CVE-2019-20745 (Certain NETGEAR devices are affected by command injection by an authen ...)
 	NOT-FOR-US: Netgear
 CVE-2019-20744 (NETGEAR WAC510 devices before 5.0.10.2 are affected by disclosure of s ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2019-20743 (NETGEAR WAC510 devices before 8.0.1.3 are affected by stored XSS. ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2019-20742 (NETGEAR WAC510 devices before 8.0.1.3 are affected by stored XSS. ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2019-20741 (NETGEAR WAC510 devices before 5.0.10.2 are affected by disclosure of s ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2019-20740 (Certain NETGEAR devices are affected by a stack-based buffer overflow  ...)
 	NOT-FOR-US: Netgear
 CVE-2019-20739 (NETGEAR R8500 devices before v1.0.2.128 are affected by a buffer overf ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2019-20738 (Certain NETGEAR devices are affected by stored XSS. This affects D6100 ...)
 	NOT-FOR-US: Netgear
 CVE-2019-20737 (Certain NETGEAR devices are affected by a stack-based buffer overflow  ...)
@@ -15881,7 +15881,7 @@ CVE-2020-5296
 CVE-2020-5295
 	RESERVED
 CVE-2020-5294 (PrestaShop module ps_facetedsearch versions before 2.1.0 has a reflect ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop
 CVE-2020-5293
 	RESERVED
 CVE-2020-5292 (Leantime before versions 2.0.15 and 2.1-beta3 has a SQL Injection vuln ...)
@@ -15938,7 +15938,7 @@ CVE-2020-5274 (In Symfony before versions 5.0.5 and 4.4.5, some properties of th
 	NOTE: https://github.com/symfony/symfony/commit/cf80224589ac05402d4f72f5ddf80900ec94d5ad
 	NOTE: https://github.com/symfony/symfony/commit/629d21b800a15dc649fb0ae9ed7cd9211e7e45db
 CVE-2020-5273 (In PrestaShop module ps_linklist versions before 3.1.0, there is a sto ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop
 CVE-2020-5272
 	RESERVED
 CVE-2020-5271
@@ -15957,7 +15957,7 @@ CVE-2020-5267 (In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a pos
 	NOTE: https://www.openwall.com/lists/oss-security/2020/03/19/1
 	NOTE: https://github.com/rails/rails/commit/033a738817abd6e446e1b320cb7d1a5c15224e9a (master)
 CVE-2020-5266 (In the ps_link module for PrestaShop before version 3.1.0, there is a  ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop
 CVE-2020-5265
 	RESERVED
 CVE-2020-5264
@@ -27404,7 +27404,7 @@ CVE-2019-18950
 CVE-2019-18949 (SnowHaze before 2.6.6 is sometimes too late to honor a per-site JavaSc ...)
 	NOT-FOR-US: SnowHaze
 CVE-2019-18948 (An issue was found in Arista EOS. Specific malformed ARP packets can i ...)
-	TODO: check
+	NOT-FOR-US: Arista
 CVE-2019-18947
 	RESERVED
 CVE-2019-18946



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/902207add56fae8d77570482037866888c8e3c37

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/902207add56fae8d77570482037866888c8e3c37
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200417/5cdd4bb1/attachment.html>

More information about the debian-security-tracker-commits mailing list