[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Nov 11 20:49:26 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d04336a2 by Salvatore Bonaccorso at 2020-11-11T21:46:31+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -51856,9 +51856,9 @@ CVE-2020-7331
 CVE-2020-7330 (Privilege Escalation vulnerability in McAfee Total Protection (MTP) tr ...)
 	NOT-FOR-US: McAfee
 CVE-2020-7329 (Server-side request forgery vulnerability in the ePO extension in McAf ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2020-7328 (External entity attack vulnerability in the ePO extension in McAfee MV ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2020-7327 (Improperly implemented security check in McAfee MVISION Endpoint Detec ...)
 	NOT-FOR-US: McAfee
 CVE-2020-7326 (Improperly implemented security check in McAfee Active Response (MAR)  ...)
@@ -69422,7 +69422,7 @@ CVE-2020-1601 (Certain types of malformed Path Computation Element Protocol (PCE
 CVE-2020-1600 (In a Point-to-Multipoint (P2MP) Label Switched Path (LSP) scenario, an ...)
 	NOT-FOR-US: Juniper
 CVE-2020-1599 (, aka 'Windows Spoofing Vulnerability'. ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-1598 (An elevation of privilege vulnerability exists when the Windows Univer ...)
 	NOT-FOR-US: Microsoft
 CVE-2020-1597 (A denial of service vulnerability exists when ASP.NET Core improperly  ...)
@@ -69977,7 +69977,7 @@ CVE-2020-1327 (A spoofing vulnerability exists in Microsoft Azure DevOps Server
 CVE-2020-1326 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
 	NOT-FOR-US: Microsoft
 CVE-2020-1325 (, aka 'Azure DevOps Server and Team Foundation Services Spoofing Vulne ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2020-1324 (An elevation of privilege (user to user) vulnerability exists in Windo ...)
 	NOT-FOR-US: Microsoft
 CVE-2020-1323 (An open redirect vulnerability exists in Microsoft SharePoint that cou ...)
@@ -107308,7 +107308,7 @@ CVE-2019-7359 (An exploitable heap overflow vulnerability in the AcCellMargin ha
 CVE-2019-7358 (An exploitable heap overflow vulnerability in the DXF-parsing function ...)
 	NOT-FOR-US: Autodesk
 CVE-2019-7357 (Subrion CMS 4.2.1 has CSRF in panel/modules/plugins/. The attacker can ...)
-	TODO: check
+	NOT-FOR-US: Subrion CMS
 CVE-2019-7356 (Subrion CMS v4.2.1 allows XSS via the panel/phrases/ VALUE parameter. ...)
 	NOT-FOR-US: Subrion CMS
 CVE-2019-1000024 (OPT/NET BV NG-NetMS version v3.6-2 and earlier versions contains a Cro ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d04336a2f98835247f50c54f54cc141376371244

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d04336a2f98835247f50c54f54cc141376371244
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201111/f45787d3/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list