[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Nov 19 08:29:00 GMT 2020



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dacba148 by Salvatore Bonaccorso at 2020-11-19T09:28:30+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4423,7 +4423,7 @@ CVE-2020-28093
 CVE-2020-28092 (PESCMS Team 2.3.2 has multiple reflected XSS via the id parameter:?g=T ...)
 	NOT-FOR-US: PESCMS Team
 CVE-2020-28091 (cxuucms v3 has a SQL injection vulnerability, which can lead to the le ...)
-	TODO: check
+	NOT-FOR-US: cxuucms
 CVE-2020-28090
 	RESERVED
 CVE-2020-28089
@@ -32315,9 +32315,9 @@ CVE-2020-15303
 CVE-2020-15302 (In Argent RecoveryManager before 0xdc350d09f71c48c5D22fBE2741e4d6A0397 ...)
 	NOT-FOR-US: Argent RecoveryManager
 CVE-2020-15301 (SuiteCRM through 7.11.13 allows CSV Injection via registration fields  ...)
-	TODO: check
+	NOT-FOR-US: SuiteCRM
 CVE-2020-15300 (SuiteCRM through 7.11.13 has an Open Redirect in the Documents module  ...)
-	TODO: check
+	NOT-FOR-US: SuiteCRM
 CVE-2020-15299 (A reflected Cross-Site Scripting (XSS) Vulnerability in the KingCompos ...)
 	NOT-FOR-US: KingComposer plugin for WordPress
 CVE-2020-15298
@@ -35373,7 +35373,7 @@ CVE-2020-14210 (MONITORAPP AIWAF-VE and AIWAF-4000 through 2020-06-16 allow refl
 CVE-2020-14209 (Dolibarr before 11.0.5 allows low-privilege users to upload files of d ...)
 	- dolibarr <removed>
 CVE-2020-14208 (SuiteCRM 7.11.13 is affected by stored Cross-Site Scripting (XSS) in t ...)
-	TODO: check
+	NOT-FOR-US: SuiteCRM
 CVE-2020-14207
 	RESERVED
 CVE-2020-14206
@@ -36470,7 +36470,7 @@ CVE-2020-13802 (Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS comm
 CVE-2020-13801
 	RESERVED
 CVE-2020-13799 (Western Digital iNAND devices through 2020-06-03 allow Authentication  ...)
-	TODO: check
+	NOT-FOR-US: Western Digital iNAND devices
 CVE-2020-13798 (An issue was discovered in Navigate CMS through 2.8.7. It allows XSS b ...)
 	NOT-FOR-US: Navigate CMS
 CVE-2020-13797 (An issue was discovered in Navigate CMS through 2.8.7. It allows XSS b ...)
@@ -39599,7 +39599,7 @@ CVE-2020-12595
 CVE-2020-12594
 	RESERVED
 CVE-2020-12593 (Symantec Endpoint Detection & Response, prior to 4.5, may be susce ...)
-	TODO: check
+	NOT-FOR-US: Symantec
 CVE-2020-12592
 	RESERVED
 CVE-2020-12591
@@ -58044,7 +58044,7 @@ CVE-2020-5949
 CVE-2020-5948
 	RESERVED
 CVE-2020-5947 (In versions 16.0.0-16.0.0.1 and 15.1.0-15.1.1, on specific BIG-IP plat ...)
-	TODO: check
+	NOT-FOR-US: F5 BIG-IP
 CVE-2020-5946 (In BIG-IP Advanced WAF and FPS versions 16.0.0-16.0.0.1, 15.1.0-15.1.0 ...)
 	NOT-FOR-US: F5 BIG-IP
 CVE-2020-5945 (In BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dacba148845b246441bb3b91359050f13edfdeab

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dacba148845b246441bb3b91359050f13edfdeab
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201119/47f36fbf/attachment.html>


More information about the debian-security-tracker-commits mailing list