[Git][security-tracker-team/security-tracker][master] Process NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ff211915 by Salvatore Bonaccorso at 2020-12-29T09:24:57+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -989,19 +989,19 @@ CVE-2020-35618
 CVE-2020-35617
 	RESERVED
 CVE-2020-35616 (An issue was discovered in Joomla! 1.7.0 through 3.9.22. Lack of input ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2020-35615 (An issue was discovered in Joomla! 2.5.0 through 3.9.22. A missing tok ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2020-35614 (An issue was discovered in Joomla! 3.9.0 through 3.9.22. Improper hand ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2020-35613 (An issue was discovered in Joomla! 3.0.0 through 3.9.22. Improper filt ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2020-35612 (An issue was discovered in Joomla! 2.5.0 through 3.9.22. The folder pa ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2020-35611 (An issue was discovered in Joomla! 2.5.0 through 3.9.22. The globlal c ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2020-35610 (An issue was discovered in Joomla! 2.5.0 through 3.9.22. The autosugge ...)
-	TODO: check
+	NOT-FOR-US: Joomla!
 CVE-2020-35609 (A denial-of-service vulnerability exists in the asynchronous ioctl fun ...)
 	NOT-FOR-US: Microsoft Azure Sphere
 CVE-2020-35608 (A code execution vulnerability exists in the normal world’s sign ...)
@@ -15067,7 +15067,7 @@ CVE-2020-27174 (In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.
 CVE-2020-27173 (In vm-superio before 0.1.1, the serial console FIFO can grow to unlimi ...)
 	NOT-FOR-US: vm-superio
 CVE-2020-27172 (An issue was discovered in G-Data before 25.5.9.25 using Symbolic link ...)
-	TODO: check
+	NOT-FOR-US: G-Data
 CVE-2020-27171
 	RESERVED
 CVE-2020-27170
@@ -17076,9 +17076,9 @@ CVE-2020-26289 (date-and-time is an npm package for manipulating date and time.
 CVE-2020-26288
 	RESERVED
 CVE-2020-26287 (HedgeDoc is a collaborative platform for writing and sharing markdown. ...)
-	TODO: check
+	NOT-FOR-US: HedgeDoc
 CVE-2020-26286 (HedgeDoc is a collaborative platform for writing and sharing markdown. ...)
-	TODO: check
+	NOT-FOR-US: HedgeDoc
 CVE-2020-26285
 	RESERVED
 CVE-2020-26284 (Hugo is a fast and Flexible Static Site Generator built in Go. Hugo de ...)
@@ -19062,7 +19062,7 @@ CVE-2020-25509
 CVE-2020-25508
 	RESERVED
 CVE-2020-25507 (An incorrect permission assignment (chmod 777) of /etc/environment dur ...)
-	TODO: check
+	NOT-FOR-US: No Magic TeamworkCloud
 CVE-2020-25506
 	RESERVED
 CVE-2020-25505
@@ -45726,13 +45726,13 @@ CVE-2020-13478
 CVE-2020-13477
 	RESERVED
 CVE-2020-13476 (NCH Express Invoice 8.06 to 8.24 is vulnerable to Reflected XSS in the ...)
-	TODO: check
+	NOT-FOR-US: NCH Express Invoice
 CVE-2020-13475
 	RESERVED
 CVE-2020-13474 (In NCH Express Accounts 8.24 and earlier, an authenticated low-privile ...)
-	TODO: check
+	NOT-FOR-US: NCH Express Accounts
 CVE-2020-13473 (NCH Express Accounts 8.24 and earlier allows local users to discover t ...)
-	TODO: check
+	NOT-FOR-US: NCH Express Accounts
 CVE-2020-13472 (The flash memory readout protection in Gigadevice GD32F103 devices all ...)
 	NOT-FOR-US: Gigadevice GD32F103 devices
 CVE-2020-13471 (Apex Microelectronics APM32F103 devices allow physical attackers to ex ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff2119159ee5be1153f808536a09fe324bc1e777

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff2119159ee5be1153f808536a09fe324bc1e777
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201229/1266eca1/attachment.html>