[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Mon Nov 9 16:48:00 GMT 2020 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3b46b8f9 by Moritz Muehlenhoff at 2020-11-09T17:47:40+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3768,7 +3768,7 @@ CVE-2020-27591
 CVE-2020-27590
 	RESERVED
 CVE-2020-27589 (Synopsys hub-rest-api-python (aka blackduck on PyPI) version 0.0.25 -  ...)
-	TODO: check
+	NOT-FOR-US: hub-rest-api-python
 CVE-2020-27588
 	RESERVED
 CVE-2020-27587
@@ -6625,9 +6625,9 @@ CVE-2020-26216
 CVE-2020-26215
 	RESERVED
 CVE-2020-26214 (In Alerta before version 8.1.0, users may be able to bypass LDAP authe ...)
-	TODO: check
+	NOT-FOR-US: Alerta
 CVE-2020-26213 (In teler before version 0.0.1, if you run teler inside a Docker contai ...)
-	TODO: check
+	NOT-FOR-US: Alerta
 CVE-2020-26212
 	RESERVED
 CVE-2020-26211 (In BookStack before version 0.30.4, a user with permissions to edit a  ...)
@@ -29820,7 +29820,7 @@ CVE-2020-15261 (On Windows the Veyon Service before version 4.4.2 contains an un
 CVE-2020-15260
 	RESERVED
 CVE-2020-15259 (ad-ldap-connector's admin panel before version 5.0.13 does not provide ...)
-	TODO: check
+	NOT-FOR-US: ad-ldap-connector
 CVE-2020-15258 (In Wire before 3.20.x, `shell.openExternal` was used without checking  ...)
 	NOT-FOR-US: Wire app
 CVE-2020-15257
@@ -50763,9 +50763,9 @@ CVE-2020-7766
 CVE-2020-7765
 	RESERVED
 CVE-2020-7764 (This affects the package find-my-way before 2.2.5, from 3.0.0 and befo ...)
-	TODO: check
+	NOT-FOR-US: Node find-my-way
 CVE-2020-7763 (This affects the package phantom-html-to-pdf before 0.6.1. ...)
-	NOT-FOR-US: Nodephantom-html-to-pdf
+	NOT-FOR-US: Node phantom-html-to-pdf
 CVE-2020-7762 (This affects the package jsreport-chrome-pdf before 1.10.0. ...)
 	NOT-FOR-US: Node jsreport-chrome-pdf
 CVE-2020-7761 (This affects the package @absolunet/kafe before 3.2.10. It allows caus ...)
@@ -52044,7 +52044,7 @@ CVE-2020-7200
 CVE-2020-7199
 	RESERVED
 CVE-2020-7198 (There is a remote escalation of privilege possible for a malicious use ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2020-7197 (SSMC3.7.0.0 is vulnerable to remote authentication bypass. HPE StoreSe ...)
 	NOT-FOR-US: HPE
 CVE-2020-7196 (The HPE BlueData EPIC Software Platform version 4.0 and HPE Ezmeral Co ...)
@@ -55715,7 +55715,7 @@ CVE-2020-5796
 CVE-2020-5795 (UNIX Symbolic Link (Symlink) Following in TP-Link Archer A7(US)_V5_200 ...)
 	NOT-FOR-US: TP-Link
 CVE-2020-5794 (A vulnerability in Nessus Network Monitor versions 5.11.0, 5.11.1, and ...)
-	TODO: check
+	NOT-FOR-US: Nessus
 CVE-2020-5793 (A vulnerability in Nessus versions 8.9.0 through 8.12.0 for Windows &a ...)
 	NOT-FOR-US: Nessus
 CVE-2020-5792 (Improper neutralization of argument delimiters in a command in Nagios  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b46b8f98c2410bccb2c1beb2446d9872f88d88b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b46b8f98c2410bccb2c1beb2446d9872f88d88b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201109/7ded68d4/attachment.html>

More information about the debian-security-tracker-commits mailing list