[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Mon Oct 19 15:34:41 BST 2020 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ab9bb159 by Moritz Muehlenhoff at 2020-10-19T16:34:25+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -46026,7 +46026,7 @@ CVE-2020-7746
 CVE-2020-7745
 	RESERVED
 CVE-2020-7744 (This affects all versions of package com.mintegral.msdk:alphab. The An ...)
-	TODO: check
+	NOT-FOR-US: com.mintegral.msdk:alphab
 CVE-2020-7743 (The package mathjs before 7.5.1 are vulnerable to Prototype Pollution  ...)
 	NOT-FOR-US: Node mathjs
 CVE-2020-7742 (This affects the package simpl-schema before 1.10.2. ...)
@@ -56404,7 +56404,7 @@ CVE-2019-19886 (Trustwave ModSecurity 3.0.0 through 3.0.3 allows an attacker to
 	NOTE: https://github.com/SpiderLabs/ModSecurity/pull/2202
 	NOTE: https://github.com/SpiderLabs/ModSecurity/commit/7ba77631f9a37e0680d23ee57c455c6a35c65cb9
 CVE-2019-19885 (In Bender COMTRAXX, user authorization is validated for most, but not  ...)
-	TODO: check
+	NOT-FOR-US: Bender COMTRAXX
 CVE-2019-19884
 	RESERVED
 CVE-2019-19883
@@ -61628,7 +61628,7 @@ CVE-2019-19515 (Ayision Ays-WR01 v28K.RPT.20161224 devices allow stored XSS in w
 CVE-2019-19514 (Ayision Ays-WR01 v28K.RPT.20161224 devices allow stored XSS in basic r ...)
 	NOT-FOR-US: Ayision
 CVE-2019-19513 (The BASSMIDI plugin 2.4.12.1 for Un4seen BASS Audio Library on Windows ...)
-	TODO: check
+	NOT-FOR-US: BASS Audio Library
 CVE-2020-1924
 	RESERVED
 CVE-2020-1923
@@ -64278,11 +64278,11 @@ CVE-2019-18797 (LibSass 3.6.1 has uncontrolled recursion in Sass::Eval::operator
 	[stretch] - libsass <no-dsa> (Minor issue)
 	NOTE: https://github.com/sass/libsass/issues/3000
 CVE-2019-18796 (The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamC ...)
-	TODO: check
+	NOT-FOR-US: BASS Audio Library
 CVE-2019-18795 (The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamC ...)
-	TODO: check
+	NOT-FOR-US: BASS Audio Library
 CVE-2019-18794 (The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamC ...)
-	TODO: check
+	NOT-FOR-US: BASS Audio Library
 CVE-2019-18793 (Parallels Plesk Panel 9.5 allows XSS in target/locales/tr-TR/help/inde ...)
 	NOT-FOR-US: Parallels Plesk Panel
 CVE-2017-18639 (Progress Sitefinity CMS before 10.1 allows XSS via /Pages Parameter :  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab9bb1592c883be86c331b372e59d2b713727bd8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab9bb1592c883be86c331b372e59d2b713727bd8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201019/41af4719/attachment.html>

More information about the debian-security-tracker-commits mailing list