[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
jmm at debian.org
Mon Oct 12 15:08:17 BST 2020
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3d0da7e0 by Moritz Muehlenhoff at 2020-10-12T16:07:53+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,7 +3,7 @@ CVE-2020-26949
CVE-2020-26948 (Emby Server before 4.5.0 allows SSRF via the Items/RemoteSearch/Image ...)
NOT-FOR-US: Emby Server
CVE-2020-26947 (monero-wallet-gui in Monero GUI 0.17.0.1 includes the . directory in a ...)
- TODO: check
+ NOT-FOR-US: monero-wallet-gui
CVE-2020-26946
RESERVED
CVE-2020-26945 (MyBatis before 3.5.6 mishandles deserialization of object streams. ...)
@@ -111,7 +111,7 @@ CVE-2020-26896
CVE-2020-26895
RESERVED
CVE-2020-26894 (Faulkner Wildlife Issues in the New Millennium 18.0.160 on Windows all ...)
- TODO: check
+ NOT-FOR-US: New Millennium
CVE-2020-26893
RESERVED
CVE-2020-26892
@@ -31394,7 +31394,7 @@ CVE-2020-12678
CVE-2020-12677 (An issue was discovered in Progress MOVEit Automation Web Admin. A Web ...)
NOT-FOR-US: Progress MOVEit Automation Web Admin
CVE-2020-12676 (FusionAuth fusionauth-samlv2 0.2.3 allows remote attackers to forge me ...)
- TODO: check
+ NOT-FOR-US: FusionAuth
CVE-2020-12675 (The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPr ...)
NOT-FOR-US: mappress-google-maps-for-wordpress plugin for WordPress
CVE-2020-12692 (An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0. ...)
@@ -42112,7 +42112,7 @@ CVE-2020-9050
CVE-2020-9049
RESERVED
CVE-2020-9048 (A vulnerability in victor Web Client versions up to and including v5.4 ...)
- TODO: check
+ NOT-FOR-US: Johnson Controls
CVE-2020-9047 (A vulnerability exists that could allow the execution of unauthorized ...)
NOT-FOR-US: exacqVision Web Service
CVE-2020-9046 (A vulnerability in all versions of Kantech EntraPass Editions could po ...)
@@ -45430,15 +45430,15 @@ CVE-2020-7744
CVE-2020-7743
RESERVED
CVE-2020-7742 (This affects the package simpl-schema before 1.10.2. ...)
- TODO: check
+ NOT-FOR-US: Node simpl-schema
CVE-2020-7741 (This affects the package hellojs before 1.18.6. The code get the param ...)
- TODO: check
+ NOT-FOR-US: hello.js
CVE-2020-7740 (This affects all versions of package node-pdf-generator. Due to lack o ...)
- TODO: check
+ NOT-FOR-US: Node pdf-generator
CVE-2020-7739 (This affects all versions of package phantomjs-seo. It is possible for ...)
- TODO: check
+ NOT-FOR-US: Node phantomjs-seo
CVE-2020-7738 (All versions of package shiba are vulnerable to Arbitrary Code Executi ...)
- TODO: check
+ NOT-FOR-US: Node shiba
CVE-2020-7737 (All versions of package safetydance are vulnerable to Prototype Pollut ...)
TODO: check
CVE-2020-7736 (The package bmoor before 0.8.12 are vulnerable to Prototype Pollution ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3d0da7e0e64247878593215592ae69f10023b8f6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3d0da7e0e64247878593215592ae69f10023b8f6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201012/53accaf5/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list