[Git][security-tracker-team/security-tracker][master] new google-compute-image-packages issues
Moritz Muehlenhoff
jmm at debian.org
Mon Jun 29 09:00:14 BST 2020
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
32334cfa by Moritz Muehlenhoff at 2020-06-29T09:59:50+02:00
new google-compute-image-packages issues
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
CVE-2020-15365 (LibRaw before 0.20-Beta3 has an out-of-bounds write in parse_exif() in ...)
TODO: check
CVE-2020-15364 (The Nexos theme through 1.7 for WordPress allows top-map/?search_locat ...)
- TODO: check
+ NOT-FOR-US: Wordpress theme
CVE-2020-15363 (The Nexos theme through 1.7 for WordPress allows side-map/?search_orde ...)
- TODO: check
+ NOT-FOR-US: Wordpress theme
CVE-2020-15362
RESERVED
CVE-2020-15361
@@ -113,13 +113,13 @@ CVE-2020-15313
CVE-2020-15312
RESERVED
CVE-2020-15311 (Stash 1.0.3 allows SQL Injection via the downloadmp3.php download para ...)
- TODO: check
+ NOT-FOR-US: Stash
CVE-2020-15310
RESERVED
CVE-2020-15309
RESERVED
CVE-2020-15308 (Support Incident Tracker (aka SiT! or SiTracker) 3.67 p2 allows post-a ...)
- TODO: check
+ NOT-FOR-US: Support Incident Tracker
CVE-2020-15307
RESERVED
CVE-2020-15306 (An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount a ...)
@@ -720,9 +720,9 @@ CVE-2020-15019
CVE-2020-15018 (playSMS through 1.4.3 is vulnerable to session fixation. ...)
NOT-FOR-US: playSMS
CVE-2020-15017 (NeDi 1.9C is vulnerable to reflected cross-site scripting. The Devices ...)
- TODO: check
+ NOT-FOR-US: NeDi
CVE-2020-15016 (NeDi 1.9C is vulnerable to reflected cross-site scripting. The Other-C ...)
- TODO: check
+ NOT-FOR-US: NeDi
CVE-2020-15015 (The FileExplorer component in GleamTech FileUltimate 6.1.5.0 allows XS ...)
NOT-FOR-US: FileExplorer component in GleamTech FileUltimate
CVE-2020-15014 (pramodmahato BlogCMS through 2019-12-31 has admin/changepass.php CSRF. ...)
@@ -16831,7 +16831,7 @@ CVE-2020-9049
CVE-2020-9048
RESERVED
CVE-2020-9047 (A vulnerability exists that could allow the execution of unauthorized ...)
- TODO: check
+ NOT-FOR-US: exacqVision Web Service
CVE-2020-9046 (A vulnerability in all versions of Kantech EntraPass Editions could po ...)
NOT-FOR-US: Kantech
CVE-2020-9045 (During installation or upgrade to Software House C•CURE 9000 v2. ...)
@@ -17128,7 +17128,9 @@ CVE-2020-8935
CVE-2020-8934
RESERVED
CVE-2020-8933 (A vulnerability in Google Cloud Platform's guest-oslogin versions betw ...)
- TODO: check
+ - google-compute-image-packages <unfixed>
+ NOTE: https://cloud.google.com/compute/docs/security-bulletins#2020619
+ NOTE: https://github.com/GoogleCloudPlatform/guest-oslogin/pull/29
CVE-2020-8932
RESERVED
CVE-2020-8931
@@ -17182,7 +17184,9 @@ CVE-2020-8909
CVE-2020-8908
RESERVED
CVE-2020-8907 (A vulnerability in Google Cloud Platform's guest-oslogin versions betw ...)
- TODO: check
+ - google-compute-image-packages <unfixed>
+ NOTE: https://cloud.google.com/compute/docs/security-bulletins#2020619
+ NOTE: https://github.com/GoogleCloudPlatform/guest-oslogin/pull/29
CVE-2020-8906
RESERVED
CVE-2020-8905
@@ -17190,7 +17194,9 @@ CVE-2020-8905
CVE-2020-8904
RESERVED
CVE-2020-8903 (A vulnerability in Google Cloud Platform's guest-oslogin versions betw ...)
- TODO: check
+ - google-compute-image-packages <unfixed>
+ NOTE: https://cloud.google.com/compute/docs/security-bulletins#2020619
+ NOTE: https://github.com/GoogleCloudPlatform/guest-oslogin/pull/29
CVE-2020-8902
RESERVED
CVE-2020-8901
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32334cfa0cd254023b8374cec1f928fc38264b85
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/32334cfa0cd254023b8374cec1f928fc38264b85
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200629/12bc48a2/attachment.html>
More information about the debian-security-tracker-commits
mailing list