[Git][security-tracker-team/security-tracker][master] Process NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d064ca66 by Salvatore Bonaccorso at 2020-10-09T10:17:38+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -772,7 +772,7 @@ CVE-2020-26569
 CVE-2020-26568
 	RESERVED
 CVE-2020-26567 (An issue was discovered on D-Link DSR-250N before 3.17B devices. The C ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2020-26566
 	RESERVED
 CVE-2020-26565
@@ -866,7 +866,7 @@ CVE-2020-26524 (CodeLathe FileCloud before 20.2.0.11915 allows username enumerat
 CVE-2020-26523 (Froala Editor before 3.2.2 allows XSS via pasted content. ...)
 	NOT-FOR-US: Froala Editor
 CVE-2020-26522 (A cross-site request forgery (CSRF) vulnerability in mod/user/act_user ...)
-	TODO: check
+	NOT-FOR-US: Garfield Petshop
 CVE-2020-26521
 	RESERVED
 CVE-2020-26520
@@ -1599,7 +1599,7 @@ CVE-2020-26164 (In kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker
 CVE-2020-26163 (BigBlueButton Greenlight before 2.5.6 allows HTTP header (Host and Ori ...)
 	NOT-FOR-US: BigBlueButton Greenlight
 CVE-2020-26162 (Xerox WorkCentre EC7836 before 073.050.059.25300 and EC7856 before 073 ...)
-	TODO: check
+	NOT-FOR-US: Xerox
 CVE-2020-26161
 	RESERVED
 CVE-2020-26160 (jwt-go before 4.0.0-preview1 allows attackers to bypass intended acces ...)
@@ -3591,13 +3591,13 @@ CVE-2013-7490 (An issue was discovered in the DBI module before 1.632 for Perl.
 	NOTE: https://github.com/perl5-dbi/dbi/commit/a8b98e988d6ea2946f5f56691d6d5ead53f65766
 	NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=86744
 CVE-2020-25273 (In SourceCodester Online Bus Booking System 1.0, there is Authenticati ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Bus Booking System
 CVE-2020-25272 (In SourceCodester Online Bus Booking System 1.0, there is XSS through  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester Online Bus Booking System
 CVE-2020-25271 (PHPGurukul hospital-management-system-in-php 4.0 allows XSS via admin/ ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul hospital-management-system-in-php
 CVE-2020-25270 (PHPGurukul hostel-management-system 2.1 allows XSS via Guardian Name,  ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul hostel-management-system
 CVE-2020-25269 (An issue was discovered in InspIRCd 2 before 2.0.29 and 3 before 3.6.0 ...)
 	{DSA-4764-1 DLA-2375-1}
 	- inspircd <unfixed> (bug #960650)
@@ -3619,9 +3619,9 @@ CVE-2020-25265
 CVE-2020-25264
 	RESERVED
 CVE-2020-25263 (PyroCMS 3.7 is vulnerable to cross-site request forgery (CSRF) via the ...)
-	TODO: check
+	NOT-FOR-US: PyroCMS
 CVE-2020-25262 (PyroCMS 3.7 is vulnerable to cross-site request forgery (CSRF) via the ...)
-	TODO: check
+	NOT-FOR-US: PyroCMS
 CVE-2020-25261
 	RESERVED
 CVE-2020-25260 (An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x th ...)
@@ -5757,7 +5757,7 @@ CVE-2020-24303
 CVE-2020-24302
 	RESERVED
 CVE-2020-24301 (Users of the HAPI FHIR Testpage Overlay 5.0.0 and below can use a spec ...)
-	TODO: check
+	NOT-FOR-US: HAPI FHIR Testpage Overlay
 CVE-2020-24300
 	RESERVED
 CVE-2020-24299
@@ -23007,7 +23007,7 @@ CVE-2020-15840 (In Liferay Portal before 7.3.1, Liferay Portal 6.2 EE, and Lifer
 CVE-2020-15839 (Liferay Portal before 7.3.3, and Liferay DXP 7.1 before fix pack 18 an ...)
 	NOT-FOR-US: Liferay
 CVE-2020-15838 (The Agent Update System in ConnectWise Automate before 2020.8 allows P ...)
-	TODO: check
+	NOT-FOR-US: ConnectWise Automate
 CVE-2020-15837
 	RESERVED
 CVE-2020-15836
@@ -24578,11 +24578,11 @@ CVE-2020-15245
 CVE-2020-15244
 	RESERVED
 CVE-2020-15243 (Affected versions of Smartstore have a missing WebApi Authentication a ...)
-	TODO: check
+	NOT-FOR-US: Smartstore
 CVE-2020-15242 (Next.js versions >=9.5.0 and <9.5.4 are vulnerable to an Open Re ...)
 	TODO: check
 CVE-2020-15241 (TYPO3 Fluid Engine (package `typo3fluid/fluid`) before versions 2.0.5, ...)
-	TODO: check
+	NOT-FOR-US: TYPO3 Fluid Engine
 CVE-2020-15240
 	RESERVED
 CVE-2020-15239 (In xmpp-http-upload before version 0.4.0, when the GET method is attac ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d064ca66c2beb7daa2aaad7e3cadb50b30669ca2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d064ca66c2beb7daa2aaad7e3cadb50b30669ca2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201009/89864eec/attachment.html>