[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Mon Apr 20 21:10:33 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
753b510d by security tracker role at 2020-04-20T20:10:26+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,619 @@
+CVE-2020-11943
+	RESERVED
+CVE-2020-11942
+	RESERVED
+CVE-2020-11941
+	RESERVED
+CVE-2020-11940
+	RESERVED
+CVE-2020-11939
+	RESERVED
+CVE-2020-11938
+	RESERVED
+CVE-2020-11937
+	RESERVED
+CVE-2020-11936
+	RESERVED
+CVE-2020-11935
+	RESERVED
+CVE-2020-11934
+	RESERVED
+CVE-2020-11933
+	RESERVED
+CVE-2020-11932
+	RESERVED
+CVE-2020-11931
+	RESERVED
+CVE-2018-21231
+	RESERVED
+CVE-2018-21230
+	RESERVED
+CVE-2018-21229
+	RESERVED
+CVE-2018-21228
+	RESERVED
+CVE-2018-21227
+	RESERVED
+CVE-2018-21226
+	RESERVED
+CVE-2018-21225
+	RESERVED
+CVE-2018-21224
+	RESERVED
+CVE-2018-21223
+	RESERVED
+CVE-2018-21222
+	RESERVED
+CVE-2018-21221
+	RESERVED
+CVE-2018-21220
+	RESERVED
+CVE-2018-21219
+	RESERVED
+CVE-2018-21218
+	RESERVED
+CVE-2018-21217
+	RESERVED
+CVE-2018-21216
+	RESERVED
+CVE-2018-21215
+	RESERVED
+CVE-2018-21214
+	RESERVED
+CVE-2018-21213
+	RESERVED
+CVE-2018-21212
+	RESERVED
+CVE-2018-21211
+	RESERVED
+CVE-2018-21210
+	RESERVED
+CVE-2018-21209
+	RESERVED
+CVE-2018-21208
+	RESERVED
+CVE-2018-21207
+	RESERVED
+CVE-2018-21206
+	RESERVED
+CVE-2018-21205
+	RESERVED
+CVE-2018-21204
+	RESERVED
+CVE-2018-21203
+	RESERVED
+CVE-2018-21202
+	RESERVED
+CVE-2018-21201
+	RESERVED
+CVE-2018-21200
+	RESERVED
+CVE-2018-21199
+	RESERVED
+CVE-2018-21198
+	RESERVED
+CVE-2018-21197
+	RESERVED
+CVE-2018-21196
+	RESERVED
+CVE-2018-21195
+	RESERVED
+CVE-2018-21194
+	RESERVED
+CVE-2018-21193
+	RESERVED
+CVE-2018-21192
+	RESERVED
+CVE-2018-21191
+	RESERVED
+CVE-2018-21190
+	RESERVED
+CVE-2018-21189
+	RESERVED
+CVE-2018-21188
+	RESERVED
+CVE-2018-21187
+	RESERVED
+CVE-2018-21186
+	RESERVED
+CVE-2018-21185
+	RESERVED
+CVE-2018-21184
+	RESERVED
+CVE-2018-21183
+	RESERVED
+CVE-2018-21182
+	RESERVED
+CVE-2018-21181
+	RESERVED
+CVE-2018-21180
+	RESERVED
+CVE-2018-21179
+	RESERVED
+CVE-2018-21178
+	RESERVED
+CVE-2018-21177
+	RESERVED
+CVE-2018-21176
+	RESERVED
+CVE-2018-21175
+	RESERVED
+CVE-2018-21174
+	RESERVED
+CVE-2018-21173
+	RESERVED
+CVE-2018-21172
+	RESERVED
+CVE-2018-21171
+	RESERVED
+CVE-2018-21170
+	RESERVED
+CVE-2018-21169
+	RESERVED
+CVE-2018-21168
+	RESERVED
+CVE-2018-21167
+	RESERVED
+CVE-2018-21166
+	RESERVED
+CVE-2018-21165
+	RESERVED
+CVE-2018-21164
+	RESERVED
+CVE-2018-21163
+	RESERVED
+CVE-2018-21162
+	RESERVED
+CVE-2018-21161
+	RESERVED
+CVE-2018-21160
+	RESERVED
+CVE-2018-21159
+	RESERVED
+CVE-2018-21158
+	RESERVED
+CVE-2018-21157
+	RESERVED
+CVE-2018-21156
+	RESERVED
+CVE-2018-21155
+	RESERVED
+CVE-2018-21154
+	RESERVED
+CVE-2018-21153
+	RESERVED
+CVE-2018-21152
+	RESERVED
+CVE-2018-21151
+	RESERVED
+CVE-2018-21150
+	RESERVED
+CVE-2018-21149
+	RESERVED
+CVE-2018-21148
+	RESERVED
+CVE-2018-21147
+	RESERVED
+CVE-2018-21146
+	RESERVED
+CVE-2018-21145
+	RESERVED
+CVE-2018-21144
+	RESERVED
+CVE-2018-21143
+	RESERVED
+CVE-2018-21142
+	RESERVED
+CVE-2018-21141
+	RESERVED
+CVE-2018-21140
+	RESERVED
+CVE-2018-21139
+	RESERVED
+CVE-2018-21138
+	RESERVED
+CVE-2018-21137
+	RESERVED
+CVE-2018-21136
+	RESERVED
+CVE-2018-21135
+	RESERVED
+CVE-2018-21134
+	RESERVED
+CVE-2018-21133
+	RESERVED
+CVE-2018-21132
+	RESERVED
+CVE-2018-21131
+	RESERVED
+CVE-2018-21130
+	RESERVED
+CVE-2018-21129
+	RESERVED
+CVE-2018-21128
+	RESERVED
+CVE-2018-21127
+	RESERVED
+CVE-2018-21126
+	RESERVED
+CVE-2018-21125
+	RESERVED
+CVE-2018-21124
+	RESERVED
+CVE-2018-21123
+	RESERVED
+CVE-2018-21122
+	RESERVED
+CVE-2018-21121
+	RESERVED
+CVE-2018-21120
+	RESERVED
+CVE-2018-21119
+	RESERVED
+CVE-2018-21118
+	RESERVED
+CVE-2018-21117
+	RESERVED
+CVE-2018-21116
+	RESERVED
+CVE-2018-21115
+	RESERVED
+CVE-2018-21114
+	RESERVED
+CVE-2018-21113
+	RESERVED
+CVE-2018-21112
+	RESERVED
+CVE-2018-21111
+	RESERVED
+CVE-2018-21110
+	RESERVED
+CVE-2018-21109
+	RESERVED
+CVE-2018-21108
+	RESERVED
+CVE-2018-21107
+	RESERVED
+CVE-2018-21106
+	RESERVED
+CVE-2018-21105
+	RESERVED
+CVE-2018-21104
+	RESERVED
+CVE-2018-21103
+	RESERVED
+CVE-2018-21102
+	RESERVED
+CVE-2018-21101
+	RESERVED
+CVE-2018-21100
+	RESERVED
+CVE-2018-21099
+	RESERVED
+CVE-2018-21098
+	RESERVED
+CVE-2018-21097
+	RESERVED
+CVE-2018-21096
+	RESERVED
+CVE-2018-21095
+	RESERVED
+CVE-2018-21094
+	RESERVED
+CVE-2018-21093
+	RESERVED
+CVE-2017-18852 (Certain NETGEAR devices are affected by CSRF and authentication bypass ...)
+	TODO: check
+CVE-2017-18851 (Certain NETGEAR devices are affected by command injection by an authen ...)
+	TODO: check
+CVE-2017-18850 (Certain NETGEAR devices are affected by authentication bypass. This af ...)
+	TODO: check
+CVE-2017-18849 (Certain NETGEAR devices are affected by command injection. This affect ...)
+	TODO: check
+CVE-2017-18848 (Certain NETGEAR devices are affected by CSRF. This affects R6300v2 bef ...)
+	TODO: check
+CVE-2017-18847 (Certain NETGEAR devices are affected by an attacker's ability to read  ...)
+	TODO: check
+CVE-2017-18846 (Certain NETGEAR devices are affected by a stack-based buffer overflow. ...)
+	TODO: check
+CVE-2017-18845 (Certain NETGEAR devices are affected by disclosure of administrative c ...)
+	TODO: check
+CVE-2017-18844 (Certain NETGEAR devices are affected by disclosure of administrative c ...)
+	TODO: check
+CVE-2017-18843 (Certain NETGEAR devices are affected by disclosure of administrative c ...)
+	TODO: check
+CVE-2017-18842 (Certain NETGEAR devices are affected by CSRF. This affects R7300 befor ...)
+	TODO: check
+CVE-2017-18841 (Certain NETGEAR devices are affected by command injection. This affect ...)
+	TODO: check
+CVE-2017-18840 (Certain NETGEAR devices are affected by denial of service. This affect ...)
+	TODO: check
+CVE-2017-18839 (Certain NETGEAR devices are affected by stored XSS. This affects M4300 ...)
+	TODO: check
+CVE-2017-18838 (Certain NETGEAR devices are affected by privilege escalation. This aff ...)
+	TODO: check
+CVE-2017-18837 (Certain NETGEAR devices are affected by vertical privilege escalation. ...)
+	TODO: check
+CVE-2017-18836 (Certain NETGEAR devices are affected by denial of service. This affect ...)
+	TODO: check
+CVE-2017-18835 (Certain NETGEAR devices are affected by reflected XSS. This affects M4 ...)
+	TODO: check
+CVE-2017-18834 (Certain NETGEAR devices are affected by reflected XSS. This affects M4 ...)
+	TODO: check
+CVE-2017-18833 (Certain NETGEAR devices are affected by reflected XSS. This affects M4 ...)
+	TODO: check
+CVE-2017-18832 (Certain NETGEAR devices are affected by stored XSS. This affects M4300 ...)
+	TODO: check
+CVE-2017-18831 (Certain NETGEAR devices are affected by stored XSS. This affects M4300 ...)
+	TODO: check
+CVE-2017-18830 (Certain NETGEAR devices are affected by vertical privilege escalation. ...)
+	TODO: check
+CVE-2017-18829 (Certain NETGEAR devices are affected by vertical privilege escalation. ...)
+	TODO: check
+CVE-2017-18828 (Certain NETGEAR devices are affected by stored XSS. This affects M4300 ...)
+	TODO: check
+CVE-2017-18827 (Certain NETGEAR devices are affected by stored XSS. This affects M4300 ...)
+	TODO: check
+CVE-2017-18826 (Certain NETGEAR devices are affected by vertical privilege escalation. ...)
+	TODO: check
+CVE-2017-18825 (Certain NETGEAR devices are affected by stored XSS. This affects M4300 ...)
+	TODO: check
+CVE-2017-18824 (Certain NETGEAR devices are affected by directory traversal. This affe ...)
+	TODO: check
+CVE-2017-18823 (Certain NETGEAR devices are affected by incorrect configuration of sec ...)
+	TODO: check
+CVE-2017-18822 (Certain NETGEAR devices are affected by vertical privilege escalation. ...)
+	TODO: check
+CVE-2017-18821
+	RESERVED
+CVE-2017-18820
+	RESERVED
+CVE-2017-18819
+	RESERVED
+CVE-2017-18818
+	RESERVED
+CVE-2017-18817
+	RESERVED
+CVE-2017-18816
+	RESERVED
+CVE-2017-18815
+	RESERVED
+CVE-2017-18814
+	RESERVED
+CVE-2017-18813
+	RESERVED
+CVE-2017-18812
+	RESERVED
+CVE-2017-18811
+	RESERVED
+CVE-2017-18810
+	RESERVED
+CVE-2017-18809
+	RESERVED
+CVE-2017-18808
+	RESERVED
+CVE-2017-18807
+	RESERVED
+CVE-2017-18806
+	RESERVED
+CVE-2017-18805
+	RESERVED
+CVE-2017-18804
+	RESERVED
+CVE-2017-18803
+	RESERVED
+CVE-2017-18802
+	RESERVED
+CVE-2017-18801
+	RESERVED
+CVE-2017-18800
+	RESERVED
+CVE-2017-18799
+	RESERVED
+CVE-2017-18798
+	RESERVED
+CVE-2017-18797
+	RESERVED
+CVE-2017-18796
+	RESERVED
+CVE-2017-18795
+	RESERVED
+CVE-2017-18794
+	RESERVED
+CVE-2017-18793
+	RESERVED
+CVE-2017-18792
+	RESERVED
+CVE-2017-18791
+	RESERVED
+CVE-2017-18790
+	RESERVED
+CVE-2017-18789
+	RESERVED
+CVE-2017-18788
+	RESERVED
+CVE-2017-18787
+	RESERVED
+CVE-2017-18786
+	RESERVED
+CVE-2017-18785
+	RESERVED
+CVE-2017-18784
+	RESERVED
+CVE-2017-18783
+	RESERVED
+CVE-2017-18782
+	RESERVED
+CVE-2017-18781
+	RESERVED
+CVE-2017-18780
+	RESERVED
+CVE-2017-18779
+	RESERVED
+CVE-2017-18778
+	RESERVED
+CVE-2017-18777
+	RESERVED
+CVE-2017-18776
+	RESERVED
+CVE-2017-18775
+	RESERVED
+CVE-2017-18774
+	RESERVED
+CVE-2017-18773
+	RESERVED
+CVE-2017-18772
+	RESERVED
+CVE-2017-18771
+	RESERVED
+CVE-2017-18770
+	RESERVED
+CVE-2017-18769
+	RESERVED
+CVE-2017-18768
+	RESERVED
+CVE-2017-18767
+	RESERVED
+CVE-2017-18766
+	RESERVED
+CVE-2017-18765
+	RESERVED
+CVE-2017-18764
+	RESERVED
+CVE-2017-18763
+	RESERVED
+CVE-2017-18762
+	RESERVED
+CVE-2017-18761
+	RESERVED
+CVE-2017-18760
+	RESERVED
+CVE-2017-18759
+	RESERVED
+CVE-2017-18758
+	RESERVED
+CVE-2017-18757
+	RESERVED
+CVE-2017-18756
+	RESERVED
+CVE-2017-18755
+	RESERVED
+CVE-2017-18754
+	RESERVED
+CVE-2017-18753
+	RESERVED
+CVE-2017-18752
+	RESERVED
+CVE-2017-18751
+	RESERVED
+CVE-2017-18750
+	RESERVED
+CVE-2017-18749
+	RESERVED
+CVE-2017-18748
+	RESERVED
+CVE-2017-18747
+	RESERVED
+CVE-2017-18746
+	RESERVED
+CVE-2017-18745
+	RESERVED
+CVE-2017-18744
+	RESERVED
+CVE-2017-18743
+	RESERVED
+CVE-2017-18742
+	RESERVED
+CVE-2017-18741
+	RESERVED
+CVE-2017-18740
+	RESERVED
+CVE-2017-18739
+	RESERVED
+CVE-2017-18738
+	RESERVED
+CVE-2017-18737
+	RESERVED
+CVE-2017-18736
+	RESERVED
+CVE-2017-18735
+	RESERVED
+CVE-2017-18734
+	RESERVED
+CVE-2017-18733
+	RESERVED
+CVE-2017-18732
+	RESERVED
+CVE-2017-18731
+	RESERVED
+CVE-2017-18730
+	RESERVED
+CVE-2017-18729
+	RESERVED
+CVE-2017-18728
+	RESERVED
+CVE-2017-18727
+	RESERVED
+CVE-2017-18726
+	RESERVED
+CVE-2017-18725
+	RESERVED
+CVE-2017-18724
+	RESERVED
+CVE-2017-18723
+	RESERVED
+CVE-2017-18722
+	RESERVED
+CVE-2017-18721
+	RESERVED
+CVE-2017-18720
+	RESERVED
+CVE-2017-18719
+	RESERVED
+CVE-2017-18718
+	RESERVED
+CVE-2017-18717
+	RESERVED
+CVE-2017-18716
+	RESERVED
+CVE-2017-18715
+	RESERVED
+CVE-2017-18714
+	RESERVED
+CVE-2017-18713
+	RESERVED
+CVE-2017-18712
+	RESERVED
+CVE-2017-18711
+	RESERVED
+CVE-2017-18710
+	RESERVED
+CVE-2017-18709
+	RESERVED
+CVE-2017-18708
+	RESERVED
+CVE-2017-18707
+	RESERVED
+CVE-2017-18706
+	RESERVED
+CVE-2017-18705
+	RESERVED
+CVE-2017-18704
+	RESERVED
+CVE-2017-18703
+	RESERVED
+CVE-2017-18702
+	RESERVED
+CVE-2017-18701
+	RESERVED
+CVE-2017-18700
+	RESERVED
+CVE-2017-18699
+	RESERVED
+CVE-2017-18698
+	RESERVED
+CVE-2017-18697
+	RESERVED
 CVE-2020-11930 (The GTranslate plugin before 2.8.52 for WordPress has Reflected XSS vi ...)
 	NOT-FOR-US: GTranslate plugin for WordPress
 CVE-2020-11929
@@ -86,8 +702,8 @@ CVE-2020-11890
 	RESERVED
 CVE-2020-11889
 	RESERVED
-CVE-2020-11888
-	RESERVED
+CVE-2020-11888 (python-markdown2 through 2.3.8 allows XSS because element names are mi ...)
+	TODO: check
 CVE-2020-11887 (svg2png 4.1.1 allows XSS with resultant SSRF via JavaScript inside an  ...)
 	NOT-FOR-US: svg2png
 CVE-2020-11886 (OpenNMS Horizon and Meridian allows HQL Injection in element/nodeList. ...)
@@ -611,7 +1227,7 @@ CVE-2019-20658 (Certain NETGEAR devices are affected by disclosure of sensitive
 	NOT-FOR-US: Netgear
 CVE-2019-20657 (Certain NETGEAR devices are affected by a buffer overflow by an authen ...)
 	NOT-FOR-US: Netgear
-CVE-2019-20656 (Certain NETGEAR devices are affected by a a hardcoded password. This a ...)
+CVE-2019-20656 (Certain NETGEAR devices are affected by a hardcoded password. This aff ...)
 	NOT-FOR-US: Netgear
 CVE-2019-20655 (Certain NETGEAR devices are affected by command injection by an authen ...)
 	NOT-FOR-US: Netgear
@@ -677,8 +1293,8 @@ CVE-2020-11755
 	RESERVED
 CVE-2020-11754
 	RESERVED
-CVE-2020-11753
-	RESERVED
+CVE-2020-11753 (An issue was discovered in Sonatype Nexus Repository Manager in versio ...)
+	TODO: check
 CVE-2020-11752
 	RESERVED
 CVE-2020-11751
@@ -2606,6 +3222,7 @@ CVE-2020-11009
 	RESERVED
 CVE-2020-11008
 	RESERVED
+	{DSA-4659-1}
 	- git 1:2.26.2-1
 	NOTE: https://lore.kernel.org/lkml/xmqq4kterq5s.fsf@gitster.c.googlers.com/
 	NOTE: https://github.com/git/git/security/advisories/GHSA-hjc9-x69f-jqj7
@@ -15402,8 +16019,8 @@ CVE-2020-5571
 	RESERVED
 CVE-2020-5570
 	RESERVED
-CVE-2020-5569
-	RESERVED
+CVE-2020-5569 (An unquoted search path vulnerability exists HDD Password tool (for Wi ...)
+	TODO: check
 CVE-2020-5568
 	RESERVED
 CVE-2020-5567
@@ -16058,22 +16675,22 @@ CVE-2020-5295
 	RESERVED
 CVE-2020-5294 (PrestaShop module ps_facetedsearch versions before 2.1.0 has a reflect ...)
 	NOT-FOR-US: PrestaShop
-CVE-2020-5293
-	RESERVED
+CVE-2020-5293 (In PrestaShop between versions 1.7.0.0 and 1.7.6.5, there are improper ...)
+	TODO: check
 CVE-2020-5292 (Leantime before versions 2.0.15 and 2.1-beta3 has a SQL Injection vuln ...)
 	NOT-FOR-US: Leantime
 CVE-2020-5290 (In RedpwnCTF before version 2.3, there is a session fixation vulnerabi ...)
 	NOT-FOR-US: RedpwnCTF
 CVE-2020-5289 (In Elide before 4.5.14, it is possible for an adversary to "guess and  ...)
 	NOT-FOR-US: Elide
-CVE-2020-5288
-	RESERVED
-CVE-2020-5287
-	RESERVED
-CVE-2020-5286
-	RESERVED
-CVE-2020-5285
-	RESERVED
+CVE-2020-5288 ("In PrestaShop between versions 1.7.0.0 and 1.7.6.5, there is improper ...)
+	TODO: check
+CVE-2020-5287 (In PrestaShop between versions 1.5.5.0 and 1.7.6.5, there is improper  ...)
+	TODO: check
+CVE-2020-5286 (In PrestaShop between versions 1.7.4.0 and 1.7.6.5, there is a reflect ...)
+	TODO: check
+CVE-2020-5285 (In PrestaShop between versions 1.7.6.0 and 1.7.6.5, there is a reflect ...)
+	TODO: check
 CVE-2020-5284 (Next.js versions before 9.3.2 have a directory traversal vulnerability ...)
 	NOT-FOR-US: next.js
 CVE-2020-5283 (ViewVC before versions 1.1.28 and 1.2.1 has a XSS vulnerability in CVS ...)
@@ -16090,14 +16707,14 @@ CVE-2020-5281 (In Perun before version 3.9.1, VO or group manager can modify con
 	NOT-FOR-US: Perun
 CVE-2020-5280 (http4s before versions 0.18.26, 0.20.20, and 0.21.2 has a local file i ...)
 	NOT-FOR-US: http4s
-CVE-2020-5279
-	RESERVED
-CVE-2020-5278
-	RESERVED
+CVE-2020-5279 (In PrestaShop between versions 1.5.0.0 and 1.7.6.5, there are improper ...)
+	TODO: check
+CVE-2020-5278 (In PrestaShop between versions 1.5.4.0 and 1.7.6.5, there is a reflect ...)
+	TODO: check
 CVE-2020-5277 (PrestaShop module ps_facetedsearch versions before 3.5.0 has a reflect ...)
 	NOT-FOR-US: PrestaShop
-CVE-2020-5276
-	RESERVED
+CVE-2020-5276 (In PrestaShop between versions 1.7.1.0 and 1.7.6.5, there is a reflect ...)
+	TODO: check
 CVE-2020-5275 (In symfony/security-http before versions 4.4.7 and 5.0.7, when a `Fire ...)
 	- symfony <unfixed>
 	[buster] - symfony <not-affected> (Introduced in 4.4.0)
@@ -16115,14 +16732,14 @@ CVE-2020-5274 (In Symfony before versions 5.0.5 and 4.4.5, some properties of th
 	NOTE: https://github.com/symfony/symfony/commit/629d21b800a15dc649fb0ae9ed7cd9211e7e45db
 CVE-2020-5273 (In PrestaShop module ps_linklist versions before 3.1.0, there is a sto ...)
 	NOT-FOR-US: PrestaShop
-CVE-2020-5272
-	RESERVED
-CVE-2020-5271
-	RESERVED
-CVE-2020-5270
-	RESERVED
-CVE-2020-5269
-	RESERVED
+CVE-2020-5272 (In PrestaShop between versions 1.5.5.0 and 1.7.6.5, there is a reflect ...)
+	TODO: check
+CVE-2020-5271 (In PrestaShop between versions 1.6.0.0 and 1.7.6.5, there is a reflect ...)
+	TODO: check
+CVE-2020-5270 (In PrestaShop between versions 1.7.6.0 and 1.7.6.5, there is an open r ...)
+	TODO: check
+CVE-2020-5269 (In PrestaShop between versions 1.7.6.1 and 1.7.6.5, there is a reflect ...)
+	TODO: check
 CVE-2020-5268
 	RESERVED
 CVE-2020-5267 (In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible ...)
@@ -16134,10 +16751,10 @@ CVE-2020-5267 (In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a pos
 	NOTE: https://github.com/rails/rails/commit/033a738817abd6e446e1b320cb7d1a5c15224e9a (master)
 CVE-2020-5266 (In the ps_link module for PrestaShop before version 3.1.0, there is a  ...)
 	NOT-FOR-US: PrestaShop
-CVE-2020-5265
-	RESERVED
-CVE-2020-5264
-	RESERVED
+CVE-2020-5265 (In PrestaShop between versions 1.7.6.1 and 1.7.6.5, there is a reflect ...)
+	TODO: check
+CVE-2020-5264 (In PrestaShop before version 1.7.6.5, there is a reflected XSS while r ...)
+	TODO: check
 CVE-2020-5263 (auth0.js (NPM package auth0-js) greater than version 8.0.0 and before  ...)
 	NOT-FOR-US: Node auth0-js
 CVE-2020-5262 (In EasyBuild before version 4.1.2, the GitHub Personal Access Token (P ...)
@@ -19313,8 +19930,8 @@ CVE-2020-3948 (Linux Guest VMs running on VMware Workstation (15.x before 15.5.2
 	NOT-FOR-US: VMware
 CVE-2020-3947 (VMware Workstation (15.x before 15.5.2) and Fusion (11.x before 11.5.2 ...)
 	NOT-FOR-US: VMware
-CVE-2020-3946
-	RESERVED
+CVE-2020-3946 (InstallBuilder AutoUpdate tool and regular installers enabling <che ...)
+	TODO: check
 CVE-2020-3945 (vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6. ...)
 	NOT-FOR-US: VMware
 CVE-2020-3944 (vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/753b510d821ca33f9ddb9208a1f2b1cb71c9d324

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/753b510d821ca33f9ddb9208a1f2b1cb71c9d324
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200420/233c66e9/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list