[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Fri Aug 7 13:23:41 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ac07f474 by Salvatore Bonaccorso at 2020-08-07T14:22:51+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8377,7 +8377,7 @@ CVE-2020-13795 (An issue was discovered in Navigate CMS through 2.8.7. It allows
 CVE-2020-13794
 	RESERVED
 CVE-2020-13793 (Unsafe storage of AD credentials in Ivanti DSM netinst 5.1 due to a st ...)
-	TODO: check
+	NOT-FOR-US: Ivanti
 CVE-2020-13792 (PlayTube 1.8 allows disclosure of user details via ajax.php?type=../ad ...)
 	NOT-FOR-US: PlayTube
 CVE-2019-20837 (An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It  ...)
@@ -25757,7 +25757,7 @@ CVE-2020-7363
 CVE-2020-7362
 	RESERVED
 CVE-2020-7361 (The EasyCorp ZenTao Pro application suffers from an OS command injecti ...)
-	TODO: check
+	NOT-FOR-US: EasyCorp ZenTao Pro application
 CVE-2020-7360
 	RESERVED
 CVE-2020-7359
@@ -25765,9 +25765,9 @@ CVE-2020-7359
 CVE-2020-7358
 	RESERVED
 CVE-2020-7357 (Cayin CMS suffers from an authenticated OS semi-blind command injectio ...)
-	TODO: check
+	NOT-FOR-US: Cayin CMS
 CVE-2020-7356 (CAYIN xPost suffers from an unauthenticated SQL Injection vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: CAYIN xPost
 CVE-2020-7355 (Cross-site Scripting (XSS) vulnerability in the 'notes' field of a dis ...)
 	NOT-FOR-US: Metasploit Pro
 CVE-2020-7354 (Cross-site Scripting (XSS) vulnerability in the 'host' field of a disc ...)
@@ -45672,7 +45672,7 @@ CVE-2019-18620
 CVE-2019-18619 (Incorrect parameter validation in the synaTee component of Synaptics W ...)
 	TODO: check
 CVE-2019-18618 (Incorrect access control in the firmware of Synaptics VFS75xx family f ...)
-	TODO: check
+	NOT-FOR-US: firmware of Synaptics VFS75xx family fingerprint sensors
 CVE-2019-18617
 	RESERVED
 CVE-2019-18616
@@ -137017,7 +137017,7 @@ CVE-2017-18114
 CVE-2017-18113
 	RESERVED
 CVE-2017-18112 (Affected versions of Atlassian Fisheye allow remote attackers to view  ...)
-	TODO: check
+	NOT-FOR-US: Atlassian
 CVE-2017-18111 (The OAuthHelper in Atlassian Application Links before version 5.0.10,  ...)
 	NOT-FOR-US: Atlassian Application Links
 CVE-2017-18110 (The administration backup restore resource in Atlassian Crowd before v ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac07f474d7757d6100fb67ffaab7d9ecc4e2c093

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac07f474d7757d6100fb67ffaab7d9ecc4e2c093
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200807/612efb57/attachment.html>

More information about the debian-security-tracker-commits mailing list