[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
carnil at debian.org
Tue Jan 7 18:14:22 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a21db497 by Salvatore Bonaccorso at 2020-01-07T19:13:47+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -12397,7 +12397,7 @@ CVE-2019-18844 (The Device Model in ACRN before 2019w25.5-140000p relies on asse
CVE-2019-18843
RESERVED
CVE-2019-18842 (A cross-site scripting (XSS) vulnerability in the configuration web in ...)
- TODO: check
+ NOT-FOR-US: Jinan USR IOT USR-WIFI232-S/T/G2/H Low Power WiFi Module
CVE-2019-18841 (Chartkick.js 3.1.0 through 3.1.3, as used in the Chartkick gem before ...)
- chartkick.js <not-affected> (Vulnerability introduced with 3.1.0)
NOTE: https://github.com/ankane/chartkick/commit/b810936bbf687bc74c5b6dba72d2397a399885fa
@@ -24241,9 +24241,9 @@ CVE-2019-15605
CVE-2019-15604
RESERVED
CVE-2019-15603 (The seefl package v0.1.1 is vulnerable to a stored Cross-Site Scriptin ...)
- TODO: check
+ NOT-FOR-US: seefl
CVE-2019-15602 (The fileview package v0.1.6 has inadequate output encoding and escapin ...)
- TODO: check
+ NOT-FOR-US: fileview
CVE-2019-15601 (CURL before 7.68.0 lacks proper input validation, which allows users t ...)
- curl <not-affected> (Windows only)
CVE-2019-15600 (A Path traversal exists in http_server which allows an attacker to rea ...)
@@ -51059,13 +51059,13 @@ CVE-2019-6859
CVE-2019-6858
RESERVED
CVE-2019-6857 (A CWE-754: Improper Check for Unusual or Exceptional Conditions vulner ...)
- TODO: check
+ NOT-FOR-US: Modicon
CVE-2019-6856 (A CWE-754: Improper Check for Unusual or Exceptional Conditions vulner ...)
- TODO: check
+ NOT-FOR-US: Modicon
CVE-2019-6855 (An Improper Authorization - CWE-285 vulnerability exists in EcoStruxur ...)
- TODO: check
+ NOT-FOR-US: EcoStruxure Control Expert
CVE-2019-6854 (A CWE-264 Permissions, Privileges, and Access Controls vulnerability e ...)
- TODO: check
+ NOT-FOR-US: EcoStruxure Geo SCADA Expert
CVE-2019-6853 (A CWE-79: Failure to Preserve Web Page Structure vulnerability exists ...)
NOT-FOR-US: Andover Continuum
CVE-2019-6852 (A CWE-200: Information Exposure vulnerability exists in Modicon Contro ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a21db4971347d60a6538061b02e639e60b375b09
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a21db4971347d60a6538061b02e639e60b375b09
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200107/a6a61ff7/attachment.html>
More information about the debian-security-tracker-commits
mailing list