[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Fri Dec 25 08:16:03 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
02afa21f by Salvatore Bonaccorso at 2020-12-25T09:15:36+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
 CVE-2020-35708 (phpList 3.5.9 allows SQL injection by admins who provide a crafted fou ...)
 	TODO: check
 CVE-2020-35707 (Daybyday 2.1.0 allows stored XSS via the Company Name parameter to the ...)
-	TODO: check
+	NOT-FOR-US: Daybyday
 CVE-2020-35706 (Daybyday 2.1.0 allows stored XSS via the Title parameter to the New Pr ...)
-	TODO: check
+	NOT-FOR-US: Daybyday
 CVE-2020-35705 (Daybyday 2.1.0 allows stored XSS via the Name parameter to the New Use ...)
-	TODO: check
+	NOT-FOR-US: Daybyday
 CVE-2020-35704 (Daybyday 2.1.0 allows stored XSS via the Title parameter to the New Le ...)
-	TODO: check
+	NOT-FOR-US: Daybyday
 CVE-2020-35703
 	RESERVED
 CVE-2020-35702 (DCTStream::getChars in DCTStream.cc in Poppler 20.12.1 has a heap-base ...)
@@ -6411,11 +6411,11 @@ CVE-2020-29476
 CVE-2020-29475
 	RESERVED
 CVE-2020-29474 (EGavilan Media EGM Address Book 1.0 contains a SQL injection vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: EGavilan Media EGM Address Book
 CVE-2020-29473
 	RESERVED
 CVE-2020-29472 (EGavilan Media Under Construction page with cPanel 1.0 contains a SQL  ...)
-	TODO: check
+	NOT-FOR-US: cPanel
 CVE-2020-29471
 	RESERVED
 CVE-2020-29470
@@ -6918,7 +6918,7 @@ CVE-2020-29249
 CVE-2020-29248
 	RESERVED
 CVE-2020-29247 (WonderCMS 3.1.3 is affected by cross-site scripting (XSS) in the Admin ...)
-	TODO: check
+	NOT-FOR-US: WonderCMS
 CVE-2020-29246
 	RESERVED
 CVE-2020-29245



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02afa21ff0d7c3f747e05f93cbbe784f5667d7ef

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02afa21ff0d7c3f747e05f93cbbe784f5667d7ef
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201225/87057d53/attachment.html>

More information about the debian-security-tracker-commits mailing list