[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Thu Nov 12 08:10:28 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0ca0b453 by security tracker role at 2020-11-12T08:10:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5195,7 +5195,7 @@ CVE-2020-26951
 	RESERVED
 CVE-2020-26950
 	RESERVED
-	{DSA-4788-1}
+	{DSA-4788-1 DLA-2448-1}
 	- firefox 82.0.3-1
 	- firefox-esr 78.4.1esr-1
 	- thunderbird 1:78.4.2-1
@@ -6734,14 +6734,14 @@ CVE-2020-26223
 	RESERVED
 CVE-2020-26222
 	RESERVED
-CVE-2020-26221
-	RESERVED
-CVE-2020-26220
-	RESERVED
-CVE-2020-26219
-	RESERVED
-CVE-2020-26218
-	RESERVED
+CVE-2020-26221 (touchbase.ai before version 2.0 is vulnerable to Cross-Site Scripting  ...)
+	TODO: check
+CVE-2020-26220 (toucbase.ai before version 2.0 leaks information by not stripping exif ...)
+	TODO: check
+CVE-2020-26219 (touchbase.ai before version 2.0 is vulnerable to Open Redirect. Impact ...)
+	TODO: check
+CVE-2020-26218 (touchbase.ai before version 2.0 is vulnerable to Cross-Site Scripting. ...)
+	TODO: check
 CVE-2020-26217
 	RESERVED
 CVE-2020-26216
@@ -7103,8 +7103,8 @@ CVE-2020-26072
 	RESERVED
 CVE-2020-26071
 	RESERVED
-CVE-2020-26070
-	RESERVED
+CVE-2020-26070 (A vulnerability in the ingress packet processing function of Cisco IOS ...)
+	TODO: check
 CVE-2020-26069
 	RESERVED
 CVE-2020-26068
@@ -50920,6 +50920,7 @@ CVE-2020-7762 (This affects the package jsreport-chrome-pdf before 1.10.0. ...)
 CVE-2020-7761 (This affects the package @absolunet/kafe before 3.2.10. It allows caus ...)
 	NOT-FOR-US: @absolunet/kafe
 CVE-2020-7760 (This affects the package codemirror before 5.58.2; the package org.apa ...)
+	{DSA-4789-1}
 	- codemirror-js 5.58.2+~cs0.23.101-1
 	[stretch] - codemirror-js <not-affected> (Vulnerable code added later)
 	NOTE: https://snyk.io/vuln/SNYK-JS-CODEMIRROR-1016937
@@ -55432,8 +55433,8 @@ CVE-2020-5994
 	RESERVED
 CVE-2020-5993
 	RESERVED
-CVE-2020-5992
-	RESERVED
+CVE-2020-5992 (NVIDIA GeForce NOW application software on Windows, all versions prior ...)
+	TODO: check
 CVE-2020-5991 (NVIDIA CUDA Toolkit, all versions prior to 11.1.1, contains a vulnerab ...)
 	- nvidia-cuda-toolkit <unfixed> (bug #973543)
 	[buster] - nvidia-cuda-toolkit <ignored> (Non-free not supported)
@@ -65932,12 +65933,12 @@ CVE-2020-2052
 	RESERVED
 CVE-2020-2051
 	RESERVED
-CVE-2020-2050
-	RESERVED
+CVE-2020-2050 (An authentication bypass vulnerability exists in the GlobalProtect SSL ...)
+	TODO: check
 CVE-2020-2049
 	RESERVED
-CVE-2020-2048
-	RESERVED
+CVE-2020-2048 (An information exposure through log file vulnerability exists where th ...)
+	TODO: check
 CVE-2020-2047
 	RESERVED
 CVE-2020-2046
@@ -65988,8 +65989,8 @@ CVE-2020-2024 (An improper link resolution vulnerability affects Kata Containers
 	NOT-FOR-US: Kata Containers
 CVE-2020-2023 (Kata Containers doesn't restrict containers from accessing the guest's ...)
 	NOT-FOR-US: Kata Containers
-CVE-2020-2022
-	RESERVED
+CVE-2020-2022 (An information exposure vulnerability exists in Palo Alto Networks Pan ...)
+	TODO: check
 CVE-2020-2021 (When Security Assertion Markup Language (SAML) authentication is enabl ...)
 	NOT-FOR-US: Palo Alto Networks
 CVE-2020-2020
@@ -66032,10 +66033,10 @@ CVE-2020-2002 (An authentication bypass by spoofing vulnerability exists in the
 	NOT-FOR-US: PAN-OS
 CVE-2020-2001 (An external control of path and data vulnerability in the Palo Alto Ne ...)
 	NOT-FOR-US: PAN-OS
-CVE-2020-2000
-	RESERVED
-CVE-2020-1999
-	RESERVED
+CVE-2020-2000 (An OS command injection and memory corruption vulnerability in the PAN ...)
+	TODO: check
+CVE-2020-1999 (A vulnerability exists in the Palo Alto Network PAN-OS signature-based ...)
+	TODO: check
 CVE-2020-1998 (An improper authorization vulnerability in PAN-OS that mistakenly uses ...)
 	NOT-FOR-US: PAN-OS
 CVE-2020-1997 (An open redirection vulnerability in the GlobalProtect component of Pa ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0ca0b4539adca8c1c1c5b8580dedee6ce5585cd4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0ca0b4539adca8c1c1c5b8580dedee6ce5585cd4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201112/63d74a33/attachment.html>

More information about the debian-security-tracker-commits mailing list