[Git][security-tracker-team/security-tracker][master] Process more NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Oct 1 21:56:26 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
12f9b490 by Salvatore Bonaccorso at 2020-10-01T22:55:50+02:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1088,7 +1088,7 @@ CVE-2020-25992
 CVE-2020-25991
 	RESERVED
 CVE-2020-25990 (WebsiteBaker 2.12.2 allows SQL Injection via parameter 'display_name'  ...)
-	TODO: check
+	NOT-FOR-US: WebsiteBaker
 CVE-2020-25989
 	RESERVED
 CVE-2020-25988
@@ -2877,7 +2877,7 @@ CVE-2020-25202
 CVE-2020-25201
 	RESERVED
 CVE-2020-25200 (Pritunl 1.29.2145.25 allows attackers to enumerate valid VPN usernames ...)
-	TODO: check
+	NOT-FOR-US: Pritunl
 CVE-2019-20916 (The pip package before 19.2 for Python allows Directory Traversal when ...)
 	{DLA-2370-1}
 	- python-pip 20.0.2-1
@@ -3616,9 +3616,9 @@ CVE-2020-25016 (A safety violation was discovered in the rgb crate before 0.8.20
 	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0029.html
 	NOTE: https://github.com/kornelski/rust-rgb/issues/35
 CVE-2020-24861 (GetSimple CMS 3.3.16 allows in parameter 'permalink' on the Settings p ...)
-	TODO: check
+	NOT-FOR-US: GetSimple CMS
 CVE-2020-24860 (CMS Made Simple 2.2.14 allows an authenticated user with access to the ...)
-	TODO: check
+	NOT-FOR-US: CMS Made Simple
 CVE-2020-24859
 	RESERVED
 CVE-2020-24858
@@ -4126,7 +4126,7 @@ CVE-2020-24622 (In Sonatype Nexus Repository 3.26.1, an S3 secret key can be exp
 CVE-2020-24621 (A remote code execution (RCE) vulnerability was discovered in the html ...)
 	NOT-FOR-US: OpenMRS
 CVE-2020-24620 (Unisys Stealth(core) before 4.0.132 stores Passwords in a Recoverable  ...)
-	TODO: check
+	NOT-FOR-US: Unisys
 CVE-2020-24619 (In mainwindow.cpp in Shotcut before 20.09.13, the upgrade check misuse ...)
 	NOT-FOR-US: Shotcut
 CVE-2020-24618 (In JetBrains YouTrack versions before 2020.3.4313, 2020.2.11008, 2020. ...)
@@ -22938,7 +22938,7 @@ CVE-2020-15535 (An issue was discovered in the bestsoftinc Car Rental System plu
 CVE-2020-15534
 	RESERVED
 CVE-2020-15533 (In Zoho ManageEngine Application Manager 14.7 Build 14730 (before 1468 ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine Application Manager
 CVE-2019-20895
 	RESERVED
 CVE-2020-15532 (Silicon Labs Bluetooth Low Energy SDK before 2.13.3 has a buffer overf ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12f9b49041f72e3a2e7a12552e6d35caa0d8675d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12f9b49041f72e3a2e7a12552e6d35caa0d8675d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201001/718a8cd6/attachment.html>

More information about the debian-security-tracker-commits mailing list