[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cc4f93e5 by Salvatore Bonaccorso at 2020-10-22T22:17:24+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -405,11 +405,11 @@ CVE-2020-27668
 CVE-2020-27667
 	RESERVED
 CVE-2020-27666 (Strapi before 3.2.5 has stored XSS in the wysiwyg editor's preview fea ...)
-	TODO: check
+	NOT-FOR-US: Strapi
 CVE-2020-27665 (In Strapi before 3.2.5, there is no admin::hasPermissions restriction  ...)
-	TODO: check
+	NOT-FOR-US: Strapi
 CVE-2020-27664 (admin/src/containers/InputModalStepperProvider/index.js in Strapi befo ...)
-	TODO: check
+	NOT-FOR-US: Strapi
 CVE-2020-27663
 	RESERVED
 CVE-2020-27662
@@ -445,7 +445,7 @@ CVE-2020-27648
 CVE-2020-27647
 	RESERVED
 CVE-2020-27646 (Biscom Secure File Transfer (SFT) before 5.1.1082 and 6.x before 6.0.1 ...)
-	TODO: check
+	NOT-FOR-US: Biscom Secure File Transfer (SFT)
 CVE-2020-27645
 	RESERVED
 CVE-2020-27644
@@ -453,7 +453,7 @@ CVE-2020-27644
 CVE-2020-27643
 	RESERVED
 CVE-2020-27642 (A cross-site scripting (XSS) vulnerability exists in the 'merge accoun ...)
-	TODO: check
+	NOT-FOR-US: BigBlueButton
 CVE-2020-27641
 	RESERVED
 CVE-2020-27640
@@ -701,7 +701,7 @@ CVE-2020-27535
 CVE-2020-27534
 	RESERVED
 CVE-2020-27533 (A Cross Site Scripting (XSS) issue was discovered in the search featur ...)
-	TODO: check
+	NOT-FOR-US: DedeCMS
 CVE-2020-27532
 	RESERVED
 CVE-2020-27531
@@ -1466,7 +1466,7 @@ CVE-2020-27157 (Veritas APTARE versions prior to 10.5 included code that bypasse
 CVE-2020-27156 (Veritas APTARE versions prior to 10.5 did not perform adequate authori ...)
 	NOT-FOR-US: Veritas
 CVE-2020-27155 (An issue was discovered in Octopus Deploy through 2020.4.4. If enabled ...)
-	TODO: check
+	NOT-FOR-US: Octopus Deploy
 CVE-2020-27154
 	RESERVED
 CVE-2020-27152 [KVM: host stack overflow due to lazy update IOAPIC]
@@ -2495,9 +2495,9 @@ CVE-2020-26652
 CVE-2020-26651
 	RESERVED
 CVE-2020-26650 (AtomXCMS 2.0 is affected by Arbitrary File Read via admin/dump.php ...)
-	TODO: check
+	NOT-FOR-US: AtomXCMS
 CVE-2020-26649 (AtomXCMS 2.0 is affected by Incorrect Access Control via admin/dump.ph ...)
-	TODO: check
+	NOT-FOR-US: AtomXCMS
 CVE-2020-26648
 	RESERVED
 CVE-2020-26647



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc4f93e5438d4058abe3f606c24976f30cf507c5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc4f93e5438d4058abe3f606c24976f30cf507c5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201022/6f555de3/attachment.html>