[Git][security-tracker-team/security-tracker][master] Process two NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Aug 27 09:17:26 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
332f9af1 by Salvatore Bonaccorso at 2020-08-27T10:16:59+02:00
Process two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -201,9 +201,9 @@ CVE-2020-24601
 CVE-2020-24600
 	RESERVED
 CVE-2020-24599 (An issue was discovered in Joomla! before 3.9.21. Lack of escaping in  ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2020-24598 (An issue was discovered in Joomla! before 3.9.21. Lack of input valida ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2020-24597
 	RESERVED
 CVE-2020-24596
@@ -1438,9 +1438,9 @@ CVE-2020-24010
 CVE-2020-24009
 	RESERVED
 CVE-2020-24008 (Umanni RH 1.0 has a user enumeration vulnerability. This issue occurs  ...)
-	TODO: check
+	NOT-FOR-US: Umanni RH
 CVE-2020-24007 (Umanni RH 1.0 does not limit the number of authentication attempts. An ...)
-	TODO: check
+	NOT-FOR-US: Umanni RH
 CVE-2020-24006
 	RESERVED
 CVE-2020-24005
@@ -2138,7 +2138,7 @@ CVE-2020-23660 (webTareas v2.1 is affected by Cross Site Scripting (XSS) on "Sea
 CVE-2020-23659 (WebPort-v1.19.17121 is affected by Cross Site Scripting (XSS) on the " ...)
 	TODO: check
 CVE-2020-23658 (PHP-Fusion 9.03.60 is affected by Cross Site Scripting (XSS) via infus ...)
-	TODO: check
+	NOT-FOR-US: PHP-Fusion
 CVE-2020-23657 (NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "C ...)
 	NOT-FOR-US: NavigateCMS
 CVE-2020-23656 (NavigateCMS 2.9 is affected by Cross Site Scripting (XSS) on module "C ...)
@@ -103077,7 +103077,7 @@ CVE-2019-4697 (IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores user c
 CVE-2019-4696
 	RESERVED
 CVE-2019-4695 (IBM Security Guardium Data Encryption (GDE) 3.0.0.2 allows web pages t ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2019-4694 (IBM Security Guardium Data Encryption (GDE) 3.0.0.2 contains hard-code ...)
 	NOT-FOR-US: IBM
 CVE-2019-4693 (IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores user creden ...)
@@ -340289,7 +340289,7 @@ CVE-2011-4822 (Multiple cross-site scripting (XSS) vulnerabilities in the user p
 CVE-2011-4821 (Directory traversal vulnerability in the TFTP server in D-Link DIR-601 ...)
 	NOT-FOR-US: D-Link router
 CVE-2011-4820 (IBM Rational Asset Manager 7.5 could allow a remote attacker to bypass ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2011-4819 (Multiple cross-site scripting (XSS) vulnerabilities in IBM Maximo Asse ...)
 	NOT-FOR-US: IBM Maximo Asset Management
 CVE-2011-4818 (Open redirect vulnerability in IBM Maximo Asset Management and Asset M ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/332f9af141215aaa159ad894fb7687314ff72c3b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/332f9af141215aaa159ad894fb7687314ff72c3b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200827/082652f8/attachment.html>

More information about the debian-security-tracker-commits mailing list