[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
jmm at debian.org
Wed Mar 4 17:54:23 GMT 2020
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
89b308a1 by Moritz Muehlenhoff at 2020-03-04T18:54:05+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10276,9 +10276,9 @@ CVE-2020-5406
CVE-2020-5405
RESERVED
CVE-2020-5404 (The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and ...)
- TODO: check
+ NOT-FOR-US: Reactor Netty, different from src:netty
CVE-2020-5403 (Reactor Netty HttpServer, versions 0.9.3 and 0.9.4, is exposed to a UR ...)
- TODO: check
+ NOT-FOR-US: Reactor Netty, different from src:netty
CVE-2020-5402 (In Cloud Foundry UAA, versions prior to 74.14.0, a CSRF vulnerability ...)
NOT-FOR-US: Cloud Foundry
CVE-2020-5401 (Cloud Foundry Routing Release, versions prior to 0.197.0, contains GoR ...)
@@ -34096,7 +34096,7 @@ CVE-2019-15611 (Violation of Secure Design Principles in the iOS App 2.23.0 caus
CVE-2019-15610 (Improper authorization in the Circles app 0.17.7 causes retaining acce ...)
NOT-FOR-US: Circles app
CVE-2019-15609 (The kill-port-process package version < 2.2.0 is vulnerable to a Co ...)
- TODO: check
+ NOT-FOR-US: Node kill-port-process
CVE-2019-15608
RESERVED
CVE-2019-15607 (A stored XSS vulnerability is present within node-red (version: <= ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/89b308a1cc639ed4d570cad9107fa54b1f2e270f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/89b308a1cc639ed4d570cad9107fa54b1f2e270f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200304/c1910a4c/attachment.html>
More information about the debian-security-tracker-commits
mailing list