[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Fri Jul 10 22:22:49 BST 2020 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
23d7a9ae by Moritz Muehlenhoff at 2020-07-10T23:22:32+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -409,7 +409,7 @@ CVE-2020-15506 (An Authentication Bypass vulnerability in MobileIron Core and Co
 CVE-2020-15505 (A remote code execution vulnerability in MobileIron Core and Connector ...)
 	NOT-FOR-US: MobileIron Core and Connector
 CVE-2020-15504 (A SQL injection vulnerability in the user and admin web interfaces of  ...)
-	TODO: check
+	NOT-FOR-US: Sophos
 CVE-2020-15503 (LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affect ...)
 	- libraw <unfixed> (bug #964747)
 	[buster] - libraw <no-dsa> (Minor issue)
@@ -3608,9 +3608,9 @@ CVE-2020-14173 (The file upload feature in Atlassian Jira Server and Data Center
 CVE-2020-14172 (Affected versions of Atlassian Jira Server and Data Center allow remot ...)
 	NOT-FOR-US: Atlassian
 CVE-2020-14171 (Atlassian Bitbucket Server from version 4.9.0 before version 7.2.4 all ...)
-	TODO: check
+	NOT-FOR-US: Atlassian
 CVE-2020-14170 (Webhooks in Atlassian Bitbucket Server from version 5.4.0 before versi ...)
-	TODO: check
+	NOT-FOR-US: Atlassian
 CVE-2020-14169 (The quick search component in Atlassian Jira Server and Data Center be ...)
 	NOT-FOR-US: Atlassian
 CVE-2020-14168 (The email client in Jira Server and Data Center before version 7.13.16 ...)
@@ -4105,11 +4105,11 @@ CVE-2020-13996 (The J2Store plugin before 3.3.13 for Joomla! allows a SQL inject
 CVE-2020-13995
 	RESERVED
 CVE-2020-13994 (An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. A pri ...)
-	TODO: check
+	NOT-FOR-US: Mods for HESK
 CVE-2020-13993 (An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. A bli ...)
-	TODO: check
+	NOT-FOR-US: Mods for HESK
 CVE-2020-13992 (An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. A Sto ...)
-	TODO: check
+	NOT-FOR-US: Mods for HESK
 CVE-2020-13991
 	RESERVED
 CVE-2020-13990
@@ -16990,9 +16990,9 @@ CVE-2020-9379 (The Software Development Kit of the MiContact Center Business wit
 CVE-2020-9378
 	RESERVED
 CVE-2020-9377 (** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-610 devices allow Remote Co ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2020-9376 (** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-610 devices allow Informati ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2020-9375 (TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 allows re ...)
 	NOT-FOR-US: TP-Link
 CVE-2019-20482
@@ -17330,11 +17330,11 @@ CVE-2020-9262 (HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3)
 CVE-2020-9261 (HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have ...)
 	NOT-FOR-US: HUAWEI
 CVE-2020-9260 (HUAWEI P30 and HUAWEI P30 Pro smartphones with versions earlier than 1 ...)
-	TODO: check
+	NOT-FOR-US: HUAWEI
 CVE-2020-9259
 	RESERVED
 CVE-2020-9258 (HUAWEI P30 smartphone with versions earlier than 10.1.0.135(C00E135R2P ...)
-	TODO: check
+	NOT-FOR-US: HUAWEI
 CVE-2020-9257
 	RESERVED
 CVE-2020-9256
@@ -19757,31 +19757,31 @@ CVE-2020-8201
 CVE-2020-8200
 	RESERVED
 CVE-2020-8199 (Improper access control in Citrix ADC Gateway Linux client versions be ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2020-8198 (Improper input validation in Citrix ADC and Citrix Gateway versions be ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2020-8197 (Privilege escalation vulnerability on Citrix ADC and Citrix Gateway ve ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2020-8196 (Improper access control in Citrix ADC and Citrix Gateway versions befo ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2020-8195 (Improper input validation in Citrix ADC and Citrix Gateway versions be ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2020-8194 (Reflected code injection in Citrix ADC and Citrix Gateway versions bef ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2020-8193 (Improper access control in Citrix ADC and Citrix Gateway versions befo ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2020-8192
 	RESERVED
 CVE-2020-8191 (Improper input validation in Citrix ADC and Citrix Gateway versions be ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2020-8190 (Incorrect file permissions in Citrix ADC and Citrix Gateway before ver ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2020-8189
 	RESERVED
 CVE-2020-8188 (We have recently released new version of UniFi Protect firmware v1.13. ...)
 	NOT-FOR-US: UniFi Protect
 CVE-2020-8187 (Improper input validation in Citrix ADC and Citrix Gateway versions be ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2020-8186 (A command injection vulnerability in the `devcert` module may lead to  ...)
 	TODO: check
 CVE-2020-8185 (A denial of service vulnerability exists in Rails <6.0.3.2 that all ...)
@@ -19797,7 +19797,7 @@ CVE-2020-8183
 CVE-2020-8182
 	RESERVED
 CVE-2020-8181 (A missing file type check in Nextcloud Contacts 3.2.0 allowed a malici ...)
-	TODO: check
+	NOT-FOR-US: Nextcloud Contacts
 CVE-2020-8180 (A too lax check in Nextcloud Talk 6.0.4, 7.0.2 and 8.0.7 allowed a cod ...)
 	NOT-FOR-US: Nextcloud Talk
 CVE-2020-8179 (Improper access control in Nextcloud Deck 1.0.0 allowed an attacker to ...)
@@ -20829,9 +20829,9 @@ CVE-2020-7817
 CVE-2020-7816 (A vulnerability in the JPEG image parsing module in DaView Indy, DaVa+ ...)
 	NOT-FOR-US: DaView
 CVE-2020-7815 (XPLATFORM v9.2.260 and eariler versions contain a vulnerability that c ...)
-	TODO: check
+	NOT-FOR-US: XPLATFORM
 CVE-2020-7814 (RAONWIZ v2018.0.2.50 and eariler versions contains a vulnerability tha ...)
-	TODO: check
+	NOT-FOR-US: RAONWIZ
 CVE-2020-7813 (Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 and prio ...)
 	NOT-FOR-US: Kaoni
 CVE-2020-7812 (Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 and prio ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23d7a9ae88294ffe99a7b65f93ff17a13926db62

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23d7a9ae88294ffe99a7b65f93ff17a13926db62
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200710/65dc8267/attachment.html>

More information about the debian-security-tracker-commits mailing list