[Git][security-tracker-team/security-tracker][master] new nette issue

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c895ca68 by Moritz Muehlenhoff at 2020-10-06T15:07:21+02:00
new nette issue
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4877,7 +4877,7 @@ CVE-2020-24358
 CVE-2020-24357
 	RESERVED
 CVE-2020-24356 (`cloudflared` versions prior to 2020.8.1 contain a local privilege esc ...)
-	TODO: check
+	NOT-FOR-US: cloudflared
 CVE-2020-24355 (Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and possibl ...)
 	NOT-FOR-US: Zyxel
 CVE-2020-24354 (Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and possibl ...)
@@ -22922,7 +22922,7 @@ CVE-2019-20905
 CVE-2019-20904
 	RESERVED
 CVE-2019-20903 (The hyperlinks functionality in atlaskit/editor-core in before version ...)
-	TODO: check
+	NOT-FOR-US: Atlassian
 CVE-2019-20902 (Upgrading Crowd via XML Data Transfer can reactivate a disabled user f ...)
 	NOT-FOR-US: Atlassian
 CVE-2019-20901 (The login.jsp resource in Jira before version 8.5.2, and from version  ...)
@@ -23797,17 +23797,18 @@ CVE-2020-15234 (ORY Fosite is a security first OAuth2 & OpenID Connect frame
 CVE-2020-15233 (ORY Fosite is a security first OAuth2 & OpenID Connect framework f ...)
 	NOT-FOR-US: ORY Fosite
 CVE-2020-15232 (In mapfish-print before version 3.24, a user can do to an XML External ...)
-	TODO: check
+	NOT-FOR-US: mapfish-print
 CVE-2020-15231 (In mapfish-print before version 3.24, a user can use the JSONP support ...)
-	TODO: check
+	NOT-FOR-US: mapfish-print
 CVE-2020-15230 (Vapor is a web framework for Swift. In Vapor before version 4.29.4, At ...)
-	TODO: check
+	NOT-FOR-US: Vapor
 CVE-2020-15229
 	RESERVED
 CVE-2020-15228 (In the `@actions/core` npm module before version 1.2.6,`addPath` and ` ...)
 	TODO: check
 CVE-2020-15227 (Nette versions before 2.0.19, 2.1.13, 2.2.10, 2.3.14, 2.4.16, 3.0.6 ar ...)
-	TODO: check
+	- php-nette <removed>
+	NOTE: https://github.com/nette/application/security/advisories/GHSA-8gv3-3j7f-wg94
 CVE-2020-15226
 	RESERVED
 CVE-2020-15225



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c895ca68c629a9ba7c21d9020bd6a0fd3baa5ecd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c895ca68c629a9ba7c21d9020bd6a0fd3baa5ecd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201006/c437c9e9/attachment-0001.html>