[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Mon Oct 12 15:08:17 BST 2020



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3d0da7e0 by Moritz Muehlenhoff at 2020-10-12T16:07:53+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,7 +3,7 @@ CVE-2020-26949
 CVE-2020-26948 (Emby Server before 4.5.0 allows SSRF via the Items/RemoteSearch/Image  ...)
 	NOT-FOR-US: Emby Server
 CVE-2020-26947 (monero-wallet-gui in Monero GUI 0.17.0.1 includes the . directory in a ...)
-	TODO: check
+	NOT-FOR-US: monero-wallet-gui
 CVE-2020-26946
 	RESERVED
 CVE-2020-26945 (MyBatis before 3.5.6 mishandles deserialization of object streams. ...)
@@ -111,7 +111,7 @@ CVE-2020-26896
 CVE-2020-26895
 	RESERVED
 CVE-2020-26894 (Faulkner Wildlife Issues in the New Millennium 18.0.160 on Windows all ...)
-	TODO: check
+	NOT-FOR-US: New Millennium
 CVE-2020-26893
 	RESERVED
 CVE-2020-26892
@@ -31394,7 +31394,7 @@ CVE-2020-12678
 CVE-2020-12677 (An issue was discovered in Progress MOVEit Automation Web Admin. A Web ...)
 	NOT-FOR-US: Progress MOVEit Automation Web Admin
 CVE-2020-12676 (FusionAuth fusionauth-samlv2 0.2.3 allows remote attackers to forge me ...)
-	TODO: check
+	NOT-FOR-US: FusionAuth
 CVE-2020-12675 (The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPr ...)
 	NOT-FOR-US: mappress-google-maps-for-wordpress plugin for WordPress
 CVE-2020-12692 (An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0. ...)
@@ -42112,7 +42112,7 @@ CVE-2020-9050
 CVE-2020-9049
 	RESERVED
 CVE-2020-9048 (A vulnerability in victor Web Client versions up to and including v5.4 ...)
-	TODO: check
+	NOT-FOR-US: Johnson Controls
 CVE-2020-9047 (A vulnerability exists that could allow the execution of unauthorized  ...)
 	NOT-FOR-US: exacqVision Web Service
 CVE-2020-9046 (A vulnerability in all versions of Kantech EntraPass Editions could po ...)
@@ -45430,15 +45430,15 @@ CVE-2020-7744
 CVE-2020-7743
 	RESERVED
 CVE-2020-7742 (This affects the package simpl-schema before 1.10.2. ...)
-	TODO: check
+	NOT-FOR-US: Node simpl-schema
 CVE-2020-7741 (This affects the package hellojs before 1.18.6. The code get the param ...)
-	TODO: check
+	NOT-FOR-US: hello.js
 CVE-2020-7740 (This affects all versions of package node-pdf-generator. Due to lack o ...)
-	TODO: check
+	NOT-FOR-US: Node pdf-generator
 CVE-2020-7739 (This affects all versions of package phantomjs-seo. It is possible for ...)
-	TODO: check
+	NOT-FOR-US: Node phantomjs-seo
 CVE-2020-7738 (All versions of package shiba are vulnerable to Arbitrary Code Executi ...)
-	TODO: check
+	NOT-FOR-US: Node shiba
 CVE-2020-7737 (All versions of package safetydance are vulnerable to Prototype Pollut ...)
 	TODO: check
 CVE-2020-7736 (The package bmoor before 0.8.12 are vulnerable to Prototype Pollution  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3d0da7e0e64247878593215592ae69f10023b8f6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3d0da7e0e64247878593215592ae69f10023b8f6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201012/53accaf5/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list