[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Jul 8 21:20:33 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
97655094 by Salvatore Bonaccorso at 2020-07-08T22:20:04+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8937,7 +8937,7 @@ CVE-2020-11996 (A specially crafted sequence of HTTP/2 requests sent to Apache T
 CVE-2020-11995
 	RESERVED
 CVE-2020-11994 (Server-Side Template Injection and arbitrary file disclosure on Camel  ...)
-	TODO: check
+	NOT-FOR-US: Apache Camel
 CVE-2020-11993
 	RESERVED
 CVE-2020-11992
@@ -9928,7 +9928,7 @@ CVE-2020-11851
 CVE-2020-11850
 	RESERVED
 CVE-2020-11849 (Elevation of privilege and/or unauthorized access vulnerability in Mic ...)
-	TODO: check
+	NOT-FOR-US: Micro Focus
 CVE-2020-11848
 	RESERVED
 CVE-2020-11847
@@ -22173,7 +22173,7 @@ CVE-2020-7142
 CVE-2020-7141
 	RESERVED
 CVE-2020-7140 (A security vulnerability in HPE IceWall SSO Dfw and Dgfw (Domain Gatew ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2020-7139 (Potential remote access security vulnerabilities have been identified  ...)
 	NOT-FOR-US: HPE
 CVE-2020-7138 (Potential remote code execution security vulnerabilities have been ide ...)
@@ -22697,7 +22697,7 @@ CVE-2020-6940
 CVE-2020-6939
 	RESERVED
 CVE-2020-6938 (A sensitive information disclosure vulnerability in Tableau Server 10. ...)
-	TODO: check
+	NOT-FOR-US: Tableau Server
 CVE-2020-6937 (A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, ...)
 	NOT-FOR-US: MuleSoft
 CVE-2020-6936
@@ -25114,7 +25114,7 @@ CVE-2020-6015
 CVE-2020-6014
 	RESERVED
 CVE-2020-6013 (ZoneAlarm Firewall and Antivirus products before version 15.8.109.1843 ...)
-	TODO: check
+	NOT-FOR-US: ZoneAlarm
 CVE-2020-6012
 	RESERVED
 CVE-2020-6011
@@ -25494,7 +25494,7 @@ CVE-2020-5841 (An issue was discovered in OpServices OpMon 9.3.1-1. Using passwo
 CVE-2020-5840 (An issue was discovered in HashBrown CMS before 1.3.2. Server/Entity/R ...)
 	NOT-FOR-US: HashBrown CMS
 CVE-2020-5839 (Symantec Endpoint Detection And Response, prior to 4.4, may be suscept ...)
-	TODO: check
+	NOT-FOR-US: Symantec
 CVE-2020-5838 (Symantec IT Analytics, prior to 2.9.1, may be susceptible to a cross-s ...)
 	NOT-FOR-US: Symantec
 CVE-2020-5837 (Symantec Endpoint Protection, prior to 14.3, may not respect file perm ...)
@@ -25644,7 +25644,7 @@ CVE-2020-5766
 CVE-2020-5765
 	RESERVED
 CVE-2020-5764 (MX Player Android App versions prior to v1.24.5, are vulnerable to a d ...)
-	TODO: check
+	NOT-FOR-US: MX Player Android App
 CVE-2020-5763
 	RESERVED
 CVE-2020-5762
@@ -25972,17 +25972,17 @@ CVE-2020-5602 (Mitsubishi Electoric FA Engineering Software (CPU Module Logging
 CVE-2020-5601 (Chrome Extension for e-Tax Reception System Ver1.0.0.0 allows remote a ...)
 	NOT-FOR-US: Chrome Extension for e-Tax Reception System
 CVE-2020-5600 (TCP/IP function included in the firmware of Mitsubishi Electric GOT200 ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi
 CVE-2020-5599 (TCP/IP function included in the firmware of Mitsubishi Electric GOT200 ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi
 CVE-2020-5598 (TCP/IP function included in the firmware of Mitsubishi Electric GOT200 ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi
 CVE-2020-5597 (TCP/IP function included in the firmware of Mitsubishi Electric GOT200 ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi
 CVE-2020-5596 (TCP/IP function included in the firmware of Mitsubishi Electric GOT200 ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi
 CVE-2020-5595 (TCP/IP function included in the firmware of Mitsubishi Electric GOT200 ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi
 CVE-2020-5594 (Mitsubishi Electric MELSEC iQ-R, iQ-F, Q, L, and FX series CPU modules ...)
 	NOT-FOR-US: Mitsubishi
 CVE-2020-5593 (Zenphoto versions prior to 1.5.7 allows an attacker to conduct PHP cod ...)
@@ -26545,7 +26545,7 @@ CVE-2020-5358 (Dell Encryption versions prior to 10.7 and Dell Endpoint Security
 CVE-2020-5357 (Dell Dock Firmware Update Utilities for Dell Client Consumer and Comme ...)
 	NOT-FOR-US: Dell
 CVE-2020-5356 (Dell PowerProtect Data Manager (PPDM) versions prior to 19.4 and Dell  ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2020-5355
 	RESERVED
 CVE-2020-5354
@@ -29734,7 +29734,7 @@ CVE-2020-4063
 CVE-2020-4062 (In Conjur OSS Helm Chart before 2.0.0, a recently identified critical  ...)
 	TODO: check
 CVE-2020-4061 (In October from version 1.0.319 and before version 1.0.467, pasting co ...)
-	TODO: check
+	NOT-FOR-US: October CMS
 CVE-2020-4060 (In LoRa Basics Station before 2.0.4, there is a Use After Free vulnera ...)
 	NOT-FOR-US: LoRa Basics Station
 CVE-2020-4059 (In mversion before 2.0.0, there is a command injection vulnerability.  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97655094fbd433de2b4aa43044b5fab5eb999700

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97655094fbd433de2b4aa43044b5fab5eb999700
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200708/46806671/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list