[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Tue May 19 21:37:51 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1dddb4b8 by Salvatore Bonaccorso at 2020-05-19T22:37:28+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3736,7 +3736,7 @@ CVE-2020-11809
 CVE-2020-11808
 	RESERVED
 CVE-2020-11807 (Because of Unrestricted Upload of a File with a Dangerous Type, Source ...)
-	TODO: check
+	NOT-FOR-US: Sourcefabric Newscoop
 CVE-2020-11806 (In MailStore Outlook Add-in (and Email Archive Outlook Add-in) through ...)
 	NOT-FOR-US: MailStore Outlook Add-in
 CVE-2020-11805
@@ -4265,7 +4265,7 @@ CVE-2020-11717
 CVE-2020-11716
 	RESERVED
 CVE-2020-11715 (Panasonic P99 devices through 2020-04-10 have Incorrect Access Control ...)
-	TODO: check
+	NOT-FOR-US: Panasonic
 CVE-2020-11714 (eten PSG-6528VM 1.1 devices allow XSS via System Contact or System Loc ...)
 	NOT-FOR-US: eten PSG-6528VM 1.1 devices
 CVE-2020-11713 (wolfSSL 4.3.0 has mulmod code in wc_ecc_mulmod_ex in ecc.c that does n ...)
@@ -12579,7 +12579,7 @@ CVE-2020-8436 (XSS was discovered in the RegistrationMagic plugin 4.6.0.0 for Wo
 CVE-2020-8435 (An issue was discovered in the RegistrationMagic plugin 4.6.0.0 for Wo ...)
 	NOT-FOR-US: RegistrationMagic plugin for WordPress
 CVE-2020-8434 (Jenzabar JICS (aka Internet Campus Solution) before 9.0.1 Patch 3, 9.1 ...)
-	TODO: check
+	NOT-FOR-US: Jenzabar JICS (aka Internet Campus Solution)
 CVE-2020-8433
 	RESERVED
 CVE-2019-20445 (HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length  ...)
@@ -14079,7 +14079,7 @@ CVE-2020-7811
 CVE-2020-7810
 	RESERVED
 CVE-2020-7809 (ALSong 3.46 and earlier version contain a Document Object Model (DOM)  ...)
-	TODO: check
+	NOT-FOR-US: ALSong
 CVE-2020-7808
 	RESERVED
 CVE-2020-7807
@@ -14774,7 +14774,7 @@ CVE-2020-7473 (In certain situations, all versions of Citrix ShareFile StorageZo
 CVE-2020-7472
 	RESERVED
 CVE-2019-20390 (A Cross-Site Request Forgery (CSRF) vulnerability was discovered in Su ...)
-	TODO: check
+	NOT-FOR-US: Subrion CMS
 CVE-2019-20389 (An XSS issue was identified on the Subrion CMS 4.2.1 /panel/configurat ...)
 	NOT-FOR-US: Subrion CMS
 CVE-2019-20388 (xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaV ...)
@@ -16006,7 +16006,7 @@ CVE-2020-6958 (An XXE vulnerability in JnlpSupport in Yet Another Java Service W
 CVE-2020-6957
 	RESERVED
 CVE-2020-6956 (PCS DEXICON 3.4.1 allows XSS via the loginName parameter in login_acti ...)
-	TODO: check
+	NOT-FOR-US: PCS DEXICON
 CVE-2020-6955 (An issue was discovered on Cayin SMP-PRO4 devices. They allow image_pr ...)
 	NOT-FOR-US: Cayin SMP-PRO4 devices
 CVE-2020-6954 (An issue was discovered on Cayin SMP-PRO4 devices. A user can discover ...)
@@ -18130,9 +18130,9 @@ CVE-2020-6095 (An exploitable denial of service vulnerability exists in the GstR
 CVE-2020-6094 (An exploitable code execution vulnerability exists in the TIFF fillinr ...)
 	NOT-FOR-US: Accusoft ImageGear
 CVE-2020-6093 (An exploitable information disclosure vulnerability exists in the way  ...)
-	TODO: check
+	NOT-FOR-US: Nitro Pro
 CVE-2020-6092 (An exploitable code execution vulnerability exists in the way Nitro Pr ...)
-	TODO: check
+	NOT-FOR-US: Nitro Pro
 CVE-2020-6091
 	RESERVED
 CVE-2020-6090
@@ -18192,7 +18192,7 @@ CVE-2020-6076 (An exploitable out-of-bounds write vulnerability exists in the ig
 CVE-2020-6075 (An exploitable out-of-bounds write vulnerability exists in the store_d ...)
 	NOT-FOR-US: Accusoft
 CVE-2020-6074 (An exploitable code execution vulnerability exists in the PDF parser o ...)
-	TODO: check
+	NOT-FOR-US: Nitro Pro
 CVE-2020-6073 (An exploitable denial-of-service vulnerability exists in the TXT recor ...)
 	{DSA-4671-1}
 	- libmicrodns <removed>
@@ -29804,7 +29804,7 @@ CVE-2019-19456 (A Reflected XSS was found in the server selection box inside the
 CVE-2019-19455
 	RESERVED
 CVE-2019-19454 (An arbitrary file download was found in the "Download Log" functionali ...)
-	TODO: check
+	NOT-FOR-US: Wowza Streaming Engine
 CVE-2019-19453
 	RESERVED
 CVE-2019-19452 (A buffer overflow was found in Patriot Viper RGB through 1.1 when proc ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1dddb4b848f3ec7198ac1707de6a18317599e35f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1dddb4b848f3ec7198ac1707de6a18317599e35f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200519/5226f242/attachment.html>

More information about the debian-security-tracker-commits mailing list