[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Mar 11 08:19:31 GMT 2020



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
be81d1f6 by Salvatore Bonaccorso at 2020-03-11T09:19:03+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2020-10385 (A stored cross-site scripting (XSS) vulnerability exists in the WPForm ...)
-	TODO: check
+	NOT-FOR-US: WPForms Contact Form plugin for WordPress
 CVE-2020-10384
 	RESERVED
 CVE-2020-10383
@@ -9456,35 +9456,35 @@ CVE-2020-6212
 CVE-2020-6211
 	RESERVED
 CVE-2020-6210 (SAP Fiori Launchpad, versions- 753, 754, does not sufficiently encode  ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6209 (SAP Disclosure Management, version 10.1, does not perform necessary au ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6208 (SAP Business Objects Business Intelligence Platform (Crystal Reports), ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6207 (SAP Solution Manager (User Experience Monitoring), version- 7.2, due t ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6206 (SAP Cloud Platform Integration for Data Services, version 1.0, allows  ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6205 (SAP NetWeaver AS ABAP Business Server Pages (Smart Forms), SAP_BASIS v ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6204 (The selection query in SAP Treasury and Risk Management (Transaction M ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6203 (SAP NetWeaver UDDI Server (Services Registry), versions- 7.10, 7.11, 7 ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6202 (SAP NetWeaver Application Server Java (User Management Engine), versio ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6201 (The SAP Commerce (Testweb Extension), versions- 6.6, 6.7, 1808, 1811,  ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6200 (The SAP Commerce (SmartEdit Extension), versions- 6.6, 6.7, 1808, 1811 ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6199 (The view FIMENAV_COMPCERT in SAP ERP (MENA Certificate Management), EA ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6198 (SAP Solution Manager (Diagnostics Agent), version 720, allows unencryp ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6197 (SAP Enable Now, before version 1908, does not invalidate session token ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6196 (SAP BusinessObjects Mobile (MobileBIService), version 4.2, allows an a ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6195
 	RESERVED
 CVE-2020-6194
@@ -9520,7 +9520,7 @@ CVE-2020-6180
 CVE-2020-6179
 	RESERVED
 CVE-2020-6178 (SAP Enable Now, before version 1911, sends the Session ID cookie value ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6177 (SAP Mobile Platform, version 3.0, does not sufficiently validate an XM ...)
 	NOT-FOR-US: SAP
 CVE-2019-20367 (nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a com ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/be81d1f6bdd64b33c5598d1ca51ffe5c6976452c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/be81d1f6bdd64b33c5598d1ca51ffe5c6976452c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200311/dbbf12d0/attachment.html>


More information about the debian-security-tracker-commits mailing list