[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
carnil at debian.org
Sat Dec 12 08:19:36 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
40566127 by Salvatore Bonaccorso at 2020-12-12T09:19:13+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11,7 +11,7 @@ CVE-2020-35177
CVE-2020-35176 (In AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial a ...)
TODO: check
CVE-2020-35175 (Frappe Framework 12 and 13 does not properly validate the HTTP method ...)
- TODO: check
+ NOT-FOR-US: Frappe Framework
CVE-2020-35174
RESERVED
CVE-2020-35173
@@ -111,9 +111,9 @@ CVE-2020-35129
CVE-2020-35128
RESERVED
CVE-2020-35127 (Ignite Realtime Openfire 4.6.0 has plugins/bookmarks/create-bookmark.j ...)
- TODO: check
+ NOT-FOR-US: Ignite Realtime Openfire
CVE-2020-35126 (** DISPUTED ** Typesetter CMS 5.x through 5.1 allows admins to conduct ...)
- TODO: check
+ NOT-FOR-US: Typesetter CMS
CVE-2020-35125
RESERVED
CVE-2020-35124
@@ -1207,7 +1207,7 @@ CVE-2020-29656 (An information disclosure vulnerability exists in RT-AC88U Downl
CVE-2020-29655 (An injection vulnerability exists in RT-AC88U Download Master before 3 ...)
NOT-FOR-US: RT-AC88U Download Master
CVE-2020-29654 (Western Digital Dashboard before 3.2.2.9 allows DLL Hijacking that lea ...)
- TODO: check
+ NOT-FOR-US: Western Digital Dashboard
CVE-2020-29653
RESERVED
CVE-2020-29652
@@ -1901,7 +1901,7 @@ CVE-2020-29576 (The official eggdrop Docker images before 1.8.4rc2 contain a bla
CVE-2020-29575 (The official elixir Docker images before 1.8.0-alpine (Alpine specific ...)
NOT-FOR-US: elixir Docker images
CVE-2020-29574 (An SQL injection vulnerability in the WebAdmin of Cyberoam OS through ...)
- TODO: check
+ NOT-FOR-US: WebAdmin of Cyberoam OS
CVE-2020-29573 (sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) befo ...)
- glibc <unfixed>
[stretch] - glibc <no-dsa> (Minor issue)
@@ -1932,7 +1932,7 @@ CVE-2020-29565 (An issue was discovered in OpenStack Horizon before 15.3.2, 16.x
CVE-2020-29564 (The official Consul Docker images 0.7.1 through 1.4.2 contain a blank ...)
NOT-FOR-US: Consul Docker images
CVE-2020-29563 (An issue was discovered on Western Digital My Cloud OS 5 devices befor ...)
- TODO: check
+ NOT-FOR-US: Western Digital My Cloud OS
CVE-2020-29562 (The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2 ...)
- glibc <unfixed> (bug #976391)
[stretch] - glibc <no-dsa> (Minor issue)
@@ -2381,7 +2381,7 @@ CVE-2020-29457
CVE-2020-29456 (Multiple cross-site scripting (XSS) vulnerabilities in Papermerge befo ...)
NOT-FOR-US: Papermerge
CVE-2020-29455 (A cross-Site Scripting (XSS) vulnerability in this.showInvalid and thi ...)
- TODO: check
+ NOT-FOR-US: SmartyStreets liveAddressPlugin.js
CVE-2020-29454 (Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user ...)
NOT-FOR-US: Umbraco CMS
CVE-2020-29453
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/40566127265bd58ff8f6d8a97a76a9b09c82f767
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/40566127265bd58ff8f6d8a97a76a9b09c82f767
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201212/ad40d203/attachment.html>
More information about the debian-security-tracker-commits
mailing list