[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Thu May 7 21:38:51 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
73c5a2ad by Salvatore Bonaccorso at 2020-05-07T22:37:33+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,7 +5,7 @@ CVE-2020-12710
 CVE-2020-12709
 	RESERVED
 CVE-2020-12708 (Multiple cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 al ...)
-	TODO: check
+	NOT-FOR-US: PHP-Fusion
 CVE-2020-12707
 	RESERVED
 CVE-2020-12706
@@ -39,7 +39,7 @@ CVE-2020-12693
 CVE-2020-12688
 	RESERVED
 CVE-2020-12687 (An issue was discovered in Serpico before 1.3.3. The /admin/attacments ...)
-	TODO: check
+	NOT-FOR-US: Serpico
 CVE-2020-12686
 	RESERVED
 CVE-2020-12685
@@ -47,7 +47,7 @@ CVE-2020-12685
 CVE-2020-12684
 	RESERVED
 CVE-2020-12683 (Katyshop2 before 2.12 has multiple stored XSS issues. ...)
-	TODO: check
+	NOT-FOR-US: Katyshop2
 CVE-2020-12682
 	RESERVED
 CVE-2020-12681
@@ -55,7 +55,7 @@ CVE-2020-12681
 CVE-2020-12680
 	RESERVED
 CVE-2020-12679 (A reflected cross-site scripting (XSS) vulnerability in the Mitel Shor ...)
-	TODO: check
+	NOT-FOR-US: Mitel
 CVE-2020-12678
 	REJECTED
 CVE-2020-12677
@@ -239,7 +239,7 @@ CVE-2020-12610
 CVE-2020-12609
 	RESERVED
 CVE-2020-12608 (An issue was discovered in SolarWinds MSP PME (Patch Management Engine ...)
-	TODO: check
+	NOT-FOR-US: SolarWinds
 CVE-2020-12607
 	RESERVED
 CVE-2020-12606
@@ -5210,13 +5210,13 @@ CVE-2020-10975 (GitLab EE/CE 10.8 to 12.9 is leaking metadata and comments on vu
 	- gitlab <unfixed>
 	NOTE: https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/
 CVE-2020-10974 (An issue was discovered on Wavlink WL-WN579G3 - M79X3.V5030.180719 and ...)
-	TODO: check
+	NOT-FOR-US: Wavlink
 CVE-2020-10973 (An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 dev ...)
-	TODO: check
+	NOT-FOR-US: Wavlink
 CVE-2020-10972 (An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 dev ...)
-	TODO: check
+	NOT-FOR-US: Wavlink
 CVE-2020-10971 (An issue was discovered on Wavlink WL-WN579G3 M79X3.V5030.180719, WL-W ...)
-	TODO: check
+	NOT-FOR-US: Wavlink
 CVE-2020-10970
 	RESERVED
 CVE-2020-10969 (FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interact ...)
@@ -10124,9 +10124,9 @@ CVE-2020-8985 (ZendTo prior to 5.22-2 Beta allowed reflected XSS and CSRF via th
 CVE-2020-8984 (lib/NSSDropbox.php in ZendTo prior to 5.22-2 Beta allowed IP address s ...)
 	NOT-FOR-US: ZendTo
 CVE-2020-8983 (In certain situations, all versions of Citrix ShareFile StorageZones ( ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2020-8982 (In certain situations, all versions of Citrix ShareFile StorageZones ( ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2020-8981 (A cross-site scripting (XSS) vulnerability was discovered in the Sourc ...)
 	NOT-FOR-US: Source Integration plugin for MantisBT
 CVE-2020-8980
@@ -12911,7 +12911,7 @@ CVE-2020-7807
 CVE-2020-7806 (Tobesoft Xplatform 9.2.2.250 and earlier version have an arbitrary cod ...)
 	NOT-FOR-US: Tobesoft Xplatform
 CVE-2020-7805 (An issue was discovered on KT Slim egg IML500 (R7283, R8112, R8424) an ...)
-	TODO: check
+	NOT-FOR-US: KT Slim egg IML500 wifi devices
 CVE-2020-7804 (ActiveX Control(HShell.dll) in Handy Groupware 1.7.3.1 for Windows 7,  ...)
 	NOT-FOR-US: Handy Groupware
 CVE-2020-7803 (IMGTech Co,Ltd ZInsX.ocx ActiveX Control in Zoneplayer 2.0.1.3, versio ...)
@@ -13594,7 +13594,7 @@ CVE-2020-7475 (A CWE-74: Improper Neutralization of Special Elements in Output U
 CVE-2020-7474 (A CWE-427: Uncontrolled Search Path Element vulnerability exists in Pr ...)
 	NOT-FOR-US: ProSoft Configurator
 CVE-2020-7473 (In certain situations, all versions of Citrix ShareFile StorageZones ( ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2020-7472
 	RESERVED
 CVE-2019-20390



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/73c5a2ad650ef2f4852fe0cd5312e741103b47ed

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/73c5a2ad650ef2f4852fe0cd5312e741103b47ed
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200507/cb962a66/attachment.html>

More information about the debian-security-tracker-commits mailing list