[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Fri May 8 09:22:52 BST 2020



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
182f177a by Salvatore Bonaccorso at 2020-05-08T10:21:49+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2020-12735 (reset.php in DomainMOD 4.13.0 uses insufficient entropy for password r ...)
-	TODO: check
+	NOT-FOR-US: DomainMOD
 CVE-2020-12734
 	RESERVED
 CVE-2020-12733
@@ -29,11 +29,11 @@ CVE-2020-12722
 CVE-2020-12721
 	RESERVED
 CVE-2020-12720 (vBulletin before 5.5.6pl1, 5.6.0 before 5.6.0pl1, and 5.6.1 before 5.6 ...)
-	TODO: check
+	NOT-FOR-US: vBulletin
 CVE-2020-12719 (XXE during an EventPublisher update can occur in Management Console in ...)
-	TODO: check
+	NOT-FOR-US: WSO2
 CVE-2020-12718 (In administration/comments.php in PHP-Fusion 9.03.50, an authenticated ...)
-	TODO: check
+	NOT-FOR-US: PHP-Fusion
 CVE-2020-12717
 	RESERVED
 CVE-2020-12716
@@ -57,13 +57,13 @@ CVE-2020-12708 (Multiple cross-site scripting vulnerabilities in PHP-Fusion 9.03
 CVE-2020-12707 (An XSS vulnerability exists in modules/wysiwyg/save.php of LeptonCMS 4 ...)
 	TODO: check
 CVE-2020-12706 (Multiple Cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 al ...)
-	TODO: check
+	NOT-FOR-US: PHP-Fusion
 CVE-2020-12705 (Multiple cross-site scripting (XSS) vulnerabilities exist in LeptonCMS ...)
 	TODO: check
 CVE-2020-12704 (UliCMS before 2020.2 has PageController stored XSS. ...)
-	TODO: check
+	NOT-FOR-US: UliCMS
 CVE-2020-12703 (UliCMS before 2020.2 has XSS during PackageController uninstall. ...)
-	TODO: check
+	NOT-FOR-US: UliCMS
 CVE-2020-12702
 	RESERVED
 CVE-2020-12701
@@ -1429,7 +1429,7 @@ CVE-2020-12118 (The keygen protocol implementation in Binance tss-lib before 1.2
 CVE-2020-12117 (Moxa Service in Moxa NPort 5150A firmware version 1.5 and earlier allo ...)
 	NOT-FOR-US: Moxa
 CVE-2020-12116 (Zoho ManageEngine OpManager Stable build before 124196 and Released bu ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine
 CVE-2020-12115
 	RESERVED
 CVE-2020-12114 (A pivot_root race condition in fs/namespace.c in the Linux kernel 4.4. ...)
@@ -5468,7 +5468,7 @@ CVE-2020-10918
 CVE-2020-10917
 	RESERVED
 CVE-2020-10916 (This vulnerability allows network-adjacent attackers to escalate privi ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2020-10915 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: VEEAM One Agent
 CVE-2020-10914 (This vulnerability allows remote attackers to execute arbitrary code o ...)
@@ -21109,13 +21109,13 @@ CVE-2020-4432
 CVE-2020-4431
 	RESERVED
 CVE-2020-4430 (IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 cou ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4429 (IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 con ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4428 (IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 cou ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4427 (IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 cou ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4426
 	RESERVED
 CVE-2020-4425



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/182f177a7f9f7a1ec7167782cdfcc677d92e2363

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/182f177a7f9f7a1ec7167782cdfcc677d92e2363
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200508/9c431531/attachment.html>


More information about the debian-security-tracker-commits mailing list