[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Mon May 4 21:24:07 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
484e75dc by Salvatore Bonaccorso at 2020-05-04T22:23:29+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2020-12642 (An issue was discovered in service-api before 4.3.12 and 5.x before 5. ...)
-	TODO: check
+	NOT-FOR-US: Report Portal
 CVE-2020-12641 (rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to  ...)
 	TODO: check
 CVE-2020-12640 (Roundcube Webmail before 1.4.4 allows attackers to include local files ...)
@@ -331,7 +331,7 @@ CVE-2020-12477 (The REST API functions in TeamPass 2.1.27.36 allow any user with
 CVE-2020-12476
 	RESERVED
 CVE-2020-12475 (TP-Link Omada Controller Software 3.2.6 allows Directory Traversal for ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2020-12474 (Telegram Desktop through 2.0.1, Telegram through 6.0.1 for Android, an ...)
 	TODO: check
 CVE-2020-12473 (MonoX through 5.1.40.5152 allows admins to execute arbitrary programs  ...)
@@ -1155,7 +1155,7 @@ CVE-2020-12119
 CVE-2020-12118 (The keygen protocol implementation in Binance tss-lib before 1.2.0 all ...)
 	NOT-FOR-US: Binance tss-lib
 CVE-2020-12117 (Moxa Service in Moxa NPort 5150A firmware version 1.5 and earlier allo ...)
-	TODO: check
+	NOT-FOR-US: Moxa
 CVE-2020-12116
 	RESERVED
 CVE-2020-12115
@@ -1168,11 +1168,11 @@ CVE-2020-12113 (BigBlueButton before 2.2.4 allows XSS via closed captions becaus
 CVE-2020-12112 (BigBlueButton before 2.2.5 allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: BigBlueButton
 CVE-2020-12111 (Certain TP-Link devices allow Command Injection. This affects NC260 1. ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2020-12110 (Certain TP-Link devices have a Hardcoded Encryption Key. This affects  ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2020-12109 (Certain TP-Link devices allow Command Injection. This affects NC200 2. ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2020-12108
 	RESERVED
 CVE-2020-12107



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/484e75dc80650899a950ef99c2f6399036707027

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/484e75dc80650899a950ef99c2f6399036707027
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200504/50677008/attachment.html>

More information about the debian-security-tracker-commits mailing list