[Git][security-tracker-team/security-tracker][master] Process more NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Aug 25 05:52:35 BST 2020



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3ba98c8b by Salvatore Bonaccorso at 2020-08-25T06:51:44+02:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -509,7 +509,7 @@ CVE-2020-24366
 CVE-2020-24365
 	RESERVED
 CVE-2020-24364 (MineTime through 1.8.5 allows XSS via the notes field in a meeting inv ...)
-	TODO: check
+	NOT-FOR-US: MineTime
 CVE-2020-24363
 	RESERVED
 CVE-2016-11085 (php/qmn_options_questions_tab.php in the quiz-master-next plugin befor ...)
@@ -9477,35 +9477,35 @@ CVE-2020-19893
 CVE-2020-19892
 	RESERVED
 CVE-2020-19891 (DBHcms v1.2.0 has an Arbitrary file write vulnerability in dbhcms\mod\ ...)
-	TODO: check
+	NOT-FOR-US: DBHcms
 CVE-2020-19890 (DBHcms v1.2.0 has an Arbitrary file read vulnerability in dbhcms\mod\m ...)
-	TODO: check
+	NOT-FOR-US: DBHcms
 CVE-2020-19889 (DBHcms v1.2.0 has no CSRF protection mechanism,as demonstrated by CSRF ...)
-	TODO: check
+	NOT-FOR-US: DBHcms
 CVE-2020-19888 (DBHcms v1.2.0 has an unauthorized operation vulnerability because ther ...)
-	TODO: check
+	NOT-FOR-US: DBHcms
 CVE-2020-19887 (DBHcms v1.2.0 has a stored XSS vulnerability as there is no htmlspecia ...)
-	TODO: check
+	NOT-FOR-US: DBHcms
 CVE-2020-19886 (DBHcms v1.2.0 has no CSRF protection mechanism,as demonstrated by CSRF ...)
-	TODO: check
+	NOT-FOR-US: DBHcms
 CVE-2020-19885 (DBHcms v1.2.0 has a stored xss vulnerability as there is no htmlspecia ...)
-	TODO: check
+	NOT-FOR-US: DBHcms
 CVE-2020-19884 (DBHcms v1.2.0 has a stored xss vulnerability as there is no htmlspecia ...)
-	TODO: check
+	NOT-FOR-US: DBHcms
 CVE-2020-19883 (DBHcms v1.2.0 has a stored xss vulnerability as there is no security f ...)
-	TODO: check
+	NOT-FOR-US: DBHcms
 CVE-2020-19882 (DBHcms v1.2.0 has a stored xss vulnerability as there is no htmlspecia ...)
-	TODO: check
+	NOT-FOR-US: DBHcms
 CVE-2020-19881 (DBHcms v1.2.0 has a reflected xss vulnerability as there is no securit ...)
-	TODO: check
+	NOT-FOR-US: DBHcms
 CVE-2020-19880 (DBHcms v1.2.0 has a stored xss vulnerability as there is no htmlspecia ...)
-	TODO: check
+	NOT-FOR-US: DBHcms
 CVE-2020-19879 (DBHcms v1.2.0 has a stored xss vulnerability as there is no security f ...)
-	TODO: check
+	NOT-FOR-US: DBHcms
 CVE-2020-19878 (DBHcms v1.2.0 has a sensitive information leaks vulnerability as there ...)
-	TODO: check
+	NOT-FOR-US: DBHcms
 CVE-2020-19877 (DBHcms v1.2.0 has a directory traversal vulnerability as there is no d ...)
-	TODO: check
+	NOT-FOR-US: DBHcms
 CVE-2020-19876
 	RESERVED
 CVE-2020-19875
@@ -22426,9 +22426,9 @@ CVE-2020-14046
 CVE-2020-14045
 	RESERVED
 CVE-2020-14044 (** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Server-Side Request Forger ...)
-	TODO: check
+	NOT-FOR-US: Codiad
 CVE-2020-14043 (** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Cross Side Request Forgery ...)
-	TODO: check
+	NOT-FOR-US: Codiad
 CVE-2020-14042
 	RESERVED
 CVE-2020-14041
@@ -24849,7 +24849,7 @@ CVE-2020-13103
 CVE-2020-13102
 	RESERVED
 CVE-2020-13101 (In OASIS Digital Signature Services (DSS) 1.0, an attacker can control ...)
-	TODO: check
+	NOT-FOR-US: OASIS Digital Signature Services (DSS)
 CVE-2020-13100
 	RESERVED
 CVE-2020-13099



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ba98c8b5c54407da6f1af6ba39cea007d153294

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ba98c8b5c54407da6f1af6ba39cea007d153294
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200825/0bc71408/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list