[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Dec 2 20:26:09 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e32b1e30 by Salvatore Bonaccorso at 2020-12-02T21:25:48+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -57,11 +57,11 @@ CVE-2020-29460
 CVE-2020-29459
 	RESERVED
 CVE-2020-29458 (Textpattern CMS 4.6.2 allows CSRF via the prefs subsystem. ...)
-	TODO: check
+	NOT-FOR-US: Textpattern CMS
 CVE-2020-29457
 	RESERVED
 CVE-2020-29456 (Multiple cross-site scripting (XSS) vulnerabilities in Papermerge befo ...)
-	TODO: check
+	NOT-FOR-US: Papermerge
 CVE-2020-29455
 	RESERVED
 CVE-2020-29454 (Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user  ...)
@@ -199,7 +199,7 @@ CVE-2020-29391
 CVE-2020-29390 (Zeroshell 3.9.3 contains a command injection vulnerability in the /cgi ...)
 	NOT-FOR-US: Zeroshell
 CVE-2020-29389 (The official Crux Linux Docker images 3.0 through 3.4 contain a blank  ...)
-	TODO: check
+	NOT-FOR-US: Crux Linux Docker images
 CVE-2020-29388
 	RESERVED
 CVE-2020-29387
@@ -529,9 +529,9 @@ CVE-2020-29242
 CVE-2020-29241
 	RESERVED
 CVE-2020-29240 (Lepton-CMS 4.7.0 is affected by cross-site scripting (XSS). An attacke ...)
-	TODO: check
+	NOT-FOR-US: Lepton-CMS
 CVE-2020-29239 (Online Birth Certificate System Project V 1.0 is affected by cross-sit ...)
-	TODO: check
+	NOT-FOR-US: Online Birth Certificate System Project
 CVE-2020-29238
 	RESERVED
 CVE-2020-29237
@@ -38840,17 +38840,17 @@ CVE-2020-13500 (SQL injection vulnerability exists in the CHaD.asmx web service
 CVE-2020-13499 (An SQL injection vulnerability exists in the CHaD.asmx web service fun ...)
 	NOT-FOR-US: CHaD.asmx
 CVE-2020-13498 (An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 han ...)
-	TODO: check
+	NOT-FOR-US: Pixar OpenUSD
 CVE-2020-13497 (An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 han ...)
-	TODO: check
+	NOT-FOR-US: Pixar OpenUSD
 CVE-2020-13496 (An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 han ...)
-	TODO: check
+	NOT-FOR-US: Pixar OpenUSD
 CVE-2020-13495
 	RESERVED
 CVE-2020-13494 (A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 parsin ...)
-	TODO: check
+	NOT-FOR-US: Pixar OpenUSD
 CVE-2020-13493 (A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the s ...)
-	TODO: check
+	NOT-FOR-US: Pixar OpenUSD
 CVE-2020-13492
 	RESERVED
 CVE-2020-13491
@@ -41274,7 +41274,7 @@ CVE-2020-12526
 CVE-2020-12525
 	RESERVED
 CVE-2020-12524 (Uncontrolled Resource Consumption can be exploited to cause the Phoeni ...)
-	TODO: check
+	NOT-FOR-US: Phoenix Contact HMIs BTP
 CVE-2020-12523
 	RESERVED
 CVE-2020-12522
@@ -55492,7 +55492,7 @@ CVE-2020-7535
 CVE-2020-7534
 	RESERVED
 CVE-2020-7533 (A CWE-255: Credentials Management vulnerability exists in Web Server o ...)
-	TODO: check
+	NOT-FOR-US: Modicon
 CVE-2020-7532 (A CWE-502 Deserialization of Untrusted Data vulnerability exists in SC ...)
 	NOT-FOR-US: SCADAPack x70 Security Administrator
 CVE-2020-7531 (A CWE-284 Improper Access Control vulnerability exists in SCADAPack 7x ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e32b1e30b057458dc1c366e56b84e2e5f3b5075a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e32b1e30b057458dc1c366e56b84e2e5f3b5075a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201202/d404b276/attachment.html>

More information about the debian-security-tracker-commits mailing list