[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
carnil at debian.org
Mon Dec 28 20:15:39 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b8419814 by Salvatore Bonaccorso at 2020-12-28T21:15:09+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -697,7 +697,7 @@ CVE-2021-21235
CVE-2021-21234
RESERVED
CVE-2020-35627 (Ultimate WooCommerce Gift Cards 3.0.2 is affected by a file upload vul ...)
- TODO: check
+ NOT-FOR-US: Ultimate WooCommerce Gift Cards
CVE-2021-21233
RESERVED
CVE-2021-21232
@@ -7067,7 +7067,7 @@ CVE-2020-29247 (WonderCMS 3.1.3 is affected by cross-site scripting (XSS) in the
CVE-2020-29246
RESERVED
CVE-2020-29245 (dhowden tag before 2020-11-19 allows "panic: runtime error: slice boun ...)
- TODO: check
+ NOT-FOR-US: dhowden tag
CVE-2020-29244 (dhowden tag before 2020-11-19 allows "panic: runtime error: slice boun ...)
NOT-FOR-US: dhowden tag
CVE-2020-29243 (dhowden tag before 2020-11-19 allows "panic: runtime error: index out ...)
@@ -16449,7 +16449,7 @@ CVE-2020-26570 (The Oberthur smart card software driver in OpenSC before 0.21.0-
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24316
NOTE: https://github.com/OpenSC/OpenSC/commit/6903aebfddc466d966c7b865fae34572bf3ed23e (0.21.0-rc1)
CVE-2020-26569 (In EVPN VxLAN setups in Arista EOS, specific malformed packets can lea ...)
- TODO: check
+ NOT-FOR-US: Arista
CVE-2020-26568
RESERVED
CVE-2020-26567 (An issue was discovered on D-Link DSR-250N before 3.17B devices. The C ...)
@@ -21574,7 +21574,7 @@ CVE-2020-24361 (SNMPTT before 1.4.2 allows attackers to execute shell code via E
- snmptt 1.4.2-1
NOTE: https://sourceforge.net/p/snmptt/git/ci/f6aef5223bc9ed8126268a273ac9f5c341af835a
CVE-2020-24360 (An issue with ARP packets in Arista’s EOS affecting the 7800R3, ...)
- TODO: check
+ NOT-FOR-US: Arista
CVE-2020-24359 (HashiCorp vault-ssh-helper up to and including version 0.1.6 incorrect ...)
NOT-FOR-US: vault-ssh-helper
CVE-2020-24358
@@ -38992,7 +38992,7 @@ CVE-2020-15900 (A memory corruption issue was found in Artifex Ghostscript 9.50
CVE-2020-15899 (Grin 3.0.0 before 4.0.0 has insufficient validation of data related to ...)
NOT-FOR-US: Grin
CVE-2020-15898 (In Arista EOS malformed packets can be incorrectly forwarded across VL ...)
- TODO: check
+ NOT-FOR-US: Arista
CVE-2020-15897 (Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23. ...)
NOT-FOR-US: Arista EOS
CVE-2020-15896 (An authentication-bypass issue was discovered on D-Link DAP-1522 devic ...)
@@ -43541,7 +43541,7 @@ CVE-2020-14275
CVE-2020-14274
RESERVED
CVE-2020-14273 (HCL Domino v10 and v11 is susceptible to a Denial of Service (DoS) vul ...)
- TODO: check
+ NOT-FOR-US: HCL Domino
CVE-2020-14272
RESERVED
CVE-2020-14271 (HCL iNotes v9, v10 and v11 is susceptible to a Stored Cross-Site Scrip ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b8419814e0a7c7cba53ef2d0012bccac9ae6c8b7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b8419814e0a7c7cba53ef2d0012bccac9ae6c8b7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201228/533d59ef/attachment.html>
More information about the debian-security-tracker-commits
mailing list