[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
673332fa by Salvatore Bonaccorso at 2020-03-09T21:31:57+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,17 +1,17 @@
 CVE-2020-10250 (BWA DiREX-Pro 1.2181 devices allow remote attackers to execute arbitra ...)
-	TODO: check
+	NOT-FOR-US: BWA DiREX-Pro devices
 CVE-2020-10249 (BWA DiREX-Pro 1.2181 devices allow full path disclosure via an invalid ...)
-	TODO: check
+	NOT-FOR-US: BWA DiREX-Pro devices
 CVE-2020-10248 (BWA DiREX-Pro 1.2181 devices allow remote attackers to discover passwo ...)
-	TODO: check
+	NOT-FOR-US: BWA DiREX-Pro devices
 CVE-2020-10247 (MISP 2.4.122 has Persistent XSS in the sighting popover tool. This is  ...)
-	TODO: check
+	NOT-FOR-US: MISP
 CVE-2020-10246 (MISP 2.4.122 has reflected XSS via unsanitized URL parameters. This is ...)
-	TODO: check
+	NOT-FOR-US: MISP
 CVE-2020-10245
 	RESERVED
 CVE-2020-10244 (JPaseto before 0.3.0 generates weak hashes when using v2.local tokens. ...)
-	TODO: check
+	NOT-FOR-US: JPaseto
 CVE-2020-10243
 	RESERVED
 CVE-2020-10242
@@ -25,11 +25,11 @@ CVE-2020-10239
 CVE-2020-10238
 	RESERVED
 CVE-2020-10237 (An issue was discovered in Froxlor through 0.10.15. The installer wrot ...)
-	TODO: check
+	NOT-FOR-US: Froxlor
 CVE-2020-10236 (An issue was discovered in Froxlor before 0.10.14. It created files wi ...)
-	TODO: check
+	NOT-FOR-US: Froxlor
 CVE-2020-10235 (An issue was discovered in Froxlor before 0.10.14. Remote attackers wi ...)
-	TODO: check
+	NOT-FOR-US: Froxlor
 CVE-2020-10234
 	RESERVED
 CVE-2020-10233 (In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a heap- ...)
@@ -125,11 +125,11 @@ CVE-2020-10194
 CVE-2020-10193 (ESET Archive Support Module before 1294 allows virus-detection bypass  ...)
 	NOT-FOR-US: ESET Archive Support Module
 CVE-2020-10192 (An issue was discovered in Munkireport before 5.3.0.3923. An unauthent ...)
-	TODO: check
+	NOT-FOR-US: Munkireport
 CVE-2020-10191 (An issue was discovered in MunkiReport before 5.3.0. An authenticated  ...)
-	TODO: check
+	NOT-FOR-US: Munkireport
 CVE-2020-10190 (An issue was discovered in MunkiReport before 5.3.0. An authenticated  ...)
-	TODO: check
+	NOT-FOR-US: Munkireport
 CVE-2020-10189 (Zoho ManageEngine Desktop Central before 10.0.474 allows remote code e ...)
 	NOT-FOR-US: Zoho ManageEngine
 CVE-2020-10188 (utility.c in telnetd in netkit telnet through 0.17 allows remote attac ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/673332fa70e65f1d3a4a05105baa6c2fb97e9fc8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/673332fa70e65f1d3a4a05105baa6c2fb97e9fc8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200309/4fc26787/attachment.html>