[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Dec 29 20:18:02 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d9f39dc7 by Salvatore Bonaccorso at 2020-12-29T21:17:29+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,7 +3,7 @@ CVE-2020-35775
 CVE-2020-35774 (server/handler/HistogramQueryHandler.scala in Twitter TwitterServer (a ...)
 	TODO: check
 CVE-2020-35773 (The site-offline plugin before 1.4.4 for WordPress lacks certain wp_cr ...)
-	TODO: check
+	NOT-FOR-US: site-offline plugin for WordPress
 CVE-2020-35772
 	RESERVED
 CVE-2020-35771
@@ -81,7 +81,7 @@ CVE-2020-35737
 CVE-2020-35736 (GateOne 1.1 allows arbitrary file download without authentication via  ...)
 	NOT-FOR-US: GateOne
 CVE-2020-35735 (Vidyo 02-09-/D allows clickjacking via the portal/ URI. ...)
-	TODO: check
+	NOT-FOR-US: Vidyo
 CVE-2020-35734
 	RESERVED
 CVE-2020-35733
@@ -6605,7 +6605,7 @@ CVE-2020-29477
 CVE-2020-29476
 	RESERVED
 CVE-2020-29475 (nopCommerce Store 4.30 is affected by cross-site scripting (XSS) in th ...)
-	TODO: check
+	NOT-FOR-US: nopCommerce Store
 CVE-2020-29474 (EGavilan Media EGM Address Book 1.0 contains a SQL injection vulnerabi ...)
 	NOT-FOR-US: EGavilan Media EGM Address Book
 CVE-2020-29473
@@ -18105,7 +18105,7 @@ CVE-2020-25849 (MailGates and MailAudit products contain Command Injection flaw,
 CVE-2020-25848
 	RESERVED
 CVE-2020-25847 (This command injection vulnerability allows attackers to execute arbit ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2020-25846
 	RESERVED
 CVE-2020-25845
@@ -35347,7 +35347,7 @@ CVE-2020-17535
 CVE-2020-17534
 	RESERVED
 CVE-2020-17533 (Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not ...)
-	TODO: check
+	NOT-FOR-US: Apache Accumulo
 CVE-2020-17532
 	RESERVED
 CVE-2020-17531 (A Java Serialization vulnerability was found in Apache Tapestry 4. Apa ...)
@@ -58175,7 +58175,7 @@ CVE-2020-9225 (FusionSphere OpenStack 6.5.1 have an improper permissions managem
 CVE-2020-9224
 	RESERVED
 CVE-2020-9223 (There is a denial of service vulnerability in some Huawei smartphones. ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9222
 	RESERVED
 CVE-2020-9221
@@ -58205,9 +58205,9 @@ CVE-2020-9210
 CVE-2020-9209
 	RESERVED
 CVE-2020-9208 (There is an information leak vulnerability in iManager NetEco 6000 ver ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9207 (There is an improper authentication vulnerability in some verisons of  ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9206
 	RESERVED
 CVE-2020-9205
@@ -58371,9 +58371,9 @@ CVE-2020-9127 (Some Huawei products have a command injection vulnerability. Due
 CVE-2020-9126
 	RESERVED
 CVE-2020-9125 (There is an out-of-bound read vulnerability in huawei smartphone Mate  ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9124 (There is a memory leak vulnerability in some versions of Huawei CloudE ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9123 (HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) and versi ...)
 	NOT-FOR-US: Huawei
 CVE-2020-9122 (Some Huawei products have an insufficient input verification vulnerabi ...)
@@ -58433,9 +58433,9 @@ CVE-2020-9096 (HUAWEI P30 Pro smartphones with Versions earlier than 10.1.0.160(
 CVE-2020-9095 (HUAWEI P30 Pro smartphone with Versions earlier than 10.1.0.160(C00E16 ...)
 	NOT-FOR-US: Huawei
 CVE-2020-9094 (There is an out of bound read vulnerability in some verisons of Huawei ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9093 (There is a use after free vulnerability in Taurus-AL00A versions 10.0. ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9092 (HUAWEI Mate 20 versions earlier than 10.1.0.163(C00E160R3P8) have a Ja ...)
 	NOT-FOR-US: Huawei
 CVE-2020-9091 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an out ...)
@@ -77811,7 +77811,7 @@ CVE-2020-1850
 CVE-2020-1849
 	RESERVED
 CVE-2020-1848 (There is a resource management error vulnerability in Jackman-AL00D ve ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-1847 (There is a denial of service vulnerability in some Huawei products. Th ...)
 	NOT-FOR-US: Huawei
 CVE-2020-1846



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9f39dc7f233bbcea1a7617e263d79aaeda47219

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9f39dc7f233bbcea1a7617e263d79aaeda47219
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201229/bf0238fa/attachment.html>

More information about the debian-security-tracker-commits mailing list