[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Mon Oct 12 21:21:01 BST 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cb06a587 by Salvatore Bonaccorso at 2020-10-12T22:19:42+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -307,11 +307,11 @@ CVE-2020-26870 (Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs
 	- dompurify.js <removed>
 	NOTE: https://research.securitum.com/mutation-xss-via-mathml-mutation-dompurify-2-0-17-bypass/
 CVE-2020-26869 (An information exposure vulnerability exists in PcVue 12, allowing a n ...)
-	TODO: check
+	NOT-FOR-US: PcVue
 CVE-2020-26868 (A Denial Of Service vulnerability exists in PcVue from version 8.10 on ...)
-	TODO: check
+	NOT-FOR-US: PcVue
 CVE-2020-26867 (A Remote Code Execution vulnerability exists in PcVue from version 8.1 ...)
-	TODO: check
+	NOT-FOR-US: PcVue
 CVE-2020-26866
 	RESERVED
 CVE-2020-26865
@@ -994,7 +994,7 @@ CVE-2020-26548
 CVE-2020-26547
 	RESERVED
 CVE-2020-26546 (** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in HelpDeskZ 1 ...)
-	TODO: check
+	NOT-FOR-US: HelpDeskZ
 CVE-2020-26545
 	RESERVED
 CVE-2020-26544
@@ -2530,7 +2530,7 @@ CVE-2020-25827 (An issue was discovered in the OATHAuth extension in MediaWiki b
 CVE-2020-25826 (PingID Integration for Windows Login before 2.4.2 allows local users t ...)
 	NOT-FOR-US: PingID Integration for Windows Login
 CVE-2020-25825 (In Octopus Deploy 3.1.0 to 2020.4.0, certain scripts can reveal sensit ...)
-	TODO: check
+	NOT-FOR-US: Octopus Deploy
 CVE-2020-25824
 	RESERVED
 CVE-2020-25823
@@ -41878,11 +41878,11 @@ CVE-2020-9242 (FusionCompute 8.0.0 have a command injection vulnerability. The s
 CVE-2020-9241 (Huawei 5G Mobile WiFi E6878-370 with versions of 10.0.3.1(H563SP1C00), ...)
 	NOT-FOR-US: Huawei
 CVE-2020-9240 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a buff ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9239 (Huawei smartphones BLA-A09 versions 8.0.0.123(C212),versions earlier t ...)
 	NOT-FOR-US: Huawei
 CVE-2020-9238 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a buff ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9237 (Huawei smartphone Taurus-AL00B with versions earlier than 10.1.0.126(C ...)
 	NOT-FOR-US: Huawei
 CVE-2020-9236
@@ -41898,7 +41898,7 @@ CVE-2020-9232
 CVE-2020-9231
 	RESERVED
 CVE-2020-9230 (WS5800-10 version 10.0.3.25 has a denial of service vulnerability. Due ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9229 (FusionCompute 8.0.0 has an information disclosure vulnerability. Due t ...)
 	NOT-FOR-US: Huawei
 CVE-2020-9228 (FusionCompute 8.0.0 has an information disclosure vulnerability. Due t ...)
@@ -42112,9 +42112,9 @@ CVE-2020-9125
 CVE-2020-9124
 	RESERVED
 CVE-2020-9123 (HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) and versi ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9122 (Some Huawei products have an insufficient input verification vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9121
 	RESERVED
 CVE-2020-9120
@@ -42138,15 +42138,15 @@ CVE-2020-9112
 CVE-2020-9111
 	RESERVED
 CVE-2020-9110 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an inf ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9109 (There is an information disclosure vulnerability in several smartphone ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9108 (HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an o ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9107 (HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an o ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9106 (HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have a pa ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9105 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an ins ...)
 	NOT-FOR-US: Huawei
 CVE-2020-9104 (HUAWEI P30 smartphones with Versions earlier than 10.1.0.123(C431E22R2 ...)
@@ -42176,7 +42176,7 @@ CVE-2020-9093
 CVE-2020-9092
 	RESERVED
 CVE-2020-9091 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an out ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9090 (FusionAccess version 6.5.1 has an improper authorization vulnerability ...)
 	TODO: check
 CVE-2020-9089
@@ -42184,7 +42184,7 @@ CVE-2020-9089
 CVE-2020-9088
 	RESERVED
 CVE-2020-9087 (Taurus-AL00A version 10.0.0.1(C00E1R1P1) has an out-of-bounds read vul ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9086
 	RESERVED
 CVE-2020-9085
@@ -45442,7 +45442,7 @@ CVE-2020-7813 (Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 and
 CVE-2020-7812 (Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 and prio ...)
 	NOT-FOR-US: Kaoni ezHTTPTrans
 CVE-2020-7811 (Samsung Update 3.0.2.0 ~ 3.0.32.0 has a vulnerability that allows priv ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2020-7810 (hslogin2.dll ActiveX Control in Groupware contains a vulnerability tha ...)
 	NOT-FOR-US: hslogin2.dll ActiveX Control in Groupware
 CVE-2020-7809 (ALSong 3.46 and earlier version contain a Document Object Model (DOM)  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb06a5876ad0c7a468f8b4ab2bb7c6d34fe2728f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb06a5876ad0c7a468f8b4ab2bb7c6d34fe2728f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201012/83fbf28c/attachment.html>

More information about the debian-security-tracker-commits mailing list