[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Tue May 26 22:13:53 BST 2020



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
09ab9df6 by Moritz Muehlenhoff at 2020-05-26T23:13:34+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -213,7 +213,7 @@ CVE-2020-13489
 CVE-2020-13488
 	RESERVED
 CVE-2020-13487 (The bbPress plugin through 2.6.4 for WordPress has stored XSS in the F ...)
-	TODO: check
+	NOT-FOR-US: Wordpress plugin
 CVE-2020-13486 (The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious red ...)
 	NOT-FOR-US: Craft CMS plugin
 CVE-2020-13485 (The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist  ...)
@@ -14106,13 +14106,13 @@ CVE-2020-8173
 CVE-2020-8172
 	RESERVED
 CVE-2020-8171 (We have recently released new version of AirMax AirOS firmware v6.3.0  ...)
-	TODO: check
+	NOT-FOR-US: AirMax AirOS
 CVE-2020-8170 (We have recently released new version of AirMax AirOS firmware v6.3.0  ...)
-	TODO: check
+	NOT-FOR-US: AirMax AirOS
 CVE-2020-8169
 	RESERVED
 CVE-2020-8168 (We have recently released new version of AirMax AirOS firmware v6.3.0  ...)
-	TODO: check
+	NOT-FOR-US: AirMax AirOS
 CVE-2020-8167
 	RESERVED
 CVE-2020-8166
@@ -14157,7 +14157,7 @@ CVE-2020-8151 (There is a possible information disclosure issue in Active Resour
 CVE-2020-8150
 	RESERVED
 CVE-2020-8149 (Lack of output sanitization allowed an attack to execute arbitrary she ...)
-	TODO: check
+	NOT-FOR-US: Node logkitty
 CVE-2020-8148 (UniFi Cloud Key firmware < 1.1.6 contains a vulnerability that enab ...)
 	NOT-FOR-US: UniFi Cloud Key firmware
 CVE-2020-8147 (Flaw in input validation in npm package utils-extend version 1.0.8 and ...)
@@ -15364,13 +15364,13 @@ CVE-2020-7660
 CVE-2020-7659
 	RESERVED
 CVE-2020-7658 (meinheld prior to 1.0.2 is vulnerable to HTTP Request Smuggling. HTTP  ...)
-	TODO: check
+	NOT-FOR-US: meinheld
 CVE-2020-7657
 	RESERVED
 CVE-2020-7656 (jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load ...)
 	TODO: check
 CVE-2020-7655 (netius prior to 1.17.58 is vulnerable to HTTP Request Smuggling. HTTP  ...)
-	TODO: check
+	NOT-FOR-US: netius
 CVE-2020-7654
 	RESERVED
 CVE-2020-7653



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/09ab9df631ee06bcd40de1bb1067b31f4db62762

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/09ab9df631ee06bcd40de1bb1067b31f4db62762
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200526/bacb36d5/attachment.html>


More information about the debian-security-tracker-commits mailing list