[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
90ce5b40 by security tracker role at 2020-06-13T08:10:16+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2020-14057
+	RESERVED
+CVE-2020-14056
+	RESERVED
+CVE-2020-14055
+	RESERVED
 CVE-2020-14054
 	RESERVED
 CVE-2020-14053
@@ -382,9 +388,9 @@ CVE-2020-13895 (Crypt::Perl::ECDSA in the Crypt::Perl (aka p5-Crypt-Perl) module
 	NOTE: https://github.com/FGasper/p5-Crypt-Perl/commit/f960ce75502acf7404187231a706672f8369acb2
 CVE-2020-13886
 	RESERVED
-CVE-2020-13885 (Citrix Workspace App before 2006.1 on Windows has Insecure Permissions ...)
+CVE-2020-13885 (Citrix Workspace App before 1912 on Windows has Insecure Permissions w ...)
 	NOT-FOR-US: Citrix
-CVE-2020-13884 (Citrix Workspace App before 2006.1 on Windows has Insecure Permissions ...)
+CVE-2020-13884 (Citrix Workspace App before 1912 on Windows has Insecure Permissions a ...)
 	NOT-FOR-US: Citrix
 CVE-2020-13883 (In WSO2 API Manager 3.0.0 and earlier, WSO2 API Microgateway 2.2.0, an ...)
 	NOT-FOR-US: WSO2 API Manager
@@ -1001,8 +1007,8 @@ CVE-2020-13658
 	RESERVED
 CVE-2020-13657
 	RESERVED
-CVE-2020-13656
-	RESERVED
+CVE-2020-13656 (In Morgan Stanley Hobbes through 2020-05-21, the array implementation  ...)
+	TODO: check
 CVE-2020-13655
 	RESERVED
 CVE-2020-13654
@@ -4989,8 +4995,8 @@ CVE-2020-11982
 	RESERVED
 CVE-2020-11981
 	RESERVED
-CVE-2020-11980
-	RESERVED
+CVE-2020-11980 (In Karaf, JMX authentication takes place using JAAS and authorization  ...)
+	TODO: check
 CVE-2020-11979
 	RESERVED
 CVE-2020-11978
@@ -5956,8 +5962,8 @@ CVE-2020-11841
 	RESERVED
 CVE-2020-11840
 	RESERVED
-CVE-2020-11839
-	RESERVED
+CVE-2020-11839 (Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Logge ...)
+	TODO: check
 CVE-2020-11838
 	RESERVED
 CVE-2020-11837
@@ -9540,8 +9546,7 @@ CVE-2020-10754 (It was found that nmcli, a command line interface to NetworkMana
 	NOTE: plugin).
 CVE-2020-10753
 	RESERVED
-CVE-2020-10752
-	RESERVED
+CVE-2020-10752 (A flaw was found in the OpenShift API Server, where it failed to suffi ...)
 	NOT-FOR-US: OpenShift
 CVE-2020-10751 (A flaw was found in the Linux kernels SELinux LSM hook implementation  ...)
 	{DSA-4699-1 DSA-4698-1 DLA-2242-1 DLA-2241-1}
@@ -44694,8 +44699,8 @@ CVE-2019-16254 (Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4
 	NOTE: https://www.ruby-lang.org/en/news/2019/10/01/http-response-splitting-in-webrick-cve-2019-16254/
 CVE-2019-16253 (The Text-to-speech Engine (aka SamsungTTS) application before 3.0.02.7 ...)
 	NOT-FOR-US: Samsung
-CVE-2019-16252
-	RESERVED
+CVE-2019-16252 (Missing SSL Certificate Validation in the Nutfind.com application thro ...)
+	TODO: check
 CVE-2019-16251 (plugin-fw/lib/yit-plugin-panel-wc.php in the YIT Plugin Framework thro ...)
 	NOT-FOR-US: YIT Plugin Framework
 CVE-2019-16250 (includes/wizard/wizard.php in the Ocean Extra plugin through 1.5.8 for ...)
@@ -48120,8 +48125,8 @@ CVE-2018-20975 (Fat Free CRM before 0.18.1 has XSS in the tags_helper in app/hel
 	NOT-FOR-US: Fat Free CRM
 CVE-2019-15124 (In the MobileFrontend extension for MediaWiki, XSS exists within the e ...)
 	NOT-FOR-US: MobileFrontend extension for MediaWiki
-CVE-2019-15123
-	RESERVED
+CVE-2019-15123 (The Branding Module in Viki Vera 4.9.1.26180 allows an authenticated u ...)
+	TODO: check
 CVE-2019-15122
 	RESERVED
 CVE-2019-15121



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90ce5b40a6829be1a6c178b792cf8a5dd8458294

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90ce5b40a6829be1a6c178b792cf8a5dd8458294
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200613/35b16783/attachment.html>