[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Sep 9 21:13:43 BST 2020



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
baa80316 by Salvatore Bonaccorso at 2020-09-09T22:13:14+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2020-25213 (The File Manager (wp-file-manager) plugin before 6.9 for WordPress all ...)
-	TODO: check
+	NOT-FOR-US: File Manager (wp-file-manager) plugin for WordPress
 CVE-2020-25212 (A TOCTOU mismatch in the NFS client code in the Linux kernel before 5. ...)
 	- linux 5.7.17-1
 	NOTE: https://git.kernel.org/linus/b4487b93545214a9db8cbf32e86411677b0cca21
@@ -45017,93 +45017,93 @@ CVE-2020-6363
 CVE-2020-6362
 	RESERVED
 CVE-2020-6361 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6360 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6359 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6358 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6357 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6356 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6355 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6354 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6353 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6352 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6351 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6350 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6349 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6348 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6347 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6346 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6345 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6344 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6343 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6342 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6341 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6340 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6339 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6338 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6337 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6336 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6335 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6334 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6333 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6332 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6331 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6330 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6329 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6328 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6327 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6326 (SAP NetWeaver (Knowledge Management), version-7.30,7.31,7.40,7.50, all ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6325
 	RESERVED
 CVE-2020-6324 (SAP Netweaver AS ABAP(BSP Test Application sbspext_table), version-700 ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6323
 	RESERVED
 CVE-2020-6322 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6321 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6320 (SAP Marketing (Servlet), version-130,140,150, allows an authenticated  ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6319
 	RESERVED
 CVE-2020-6318 (A Remote Code Execution vulnerability exists in the SAP NetWeaver (ABA ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6317
 	RESERVED
 CVE-2020-6316
@@ -45111,13 +45111,13 @@ CVE-2020-6316
 CVE-2020-6315
 	RESERVED
 CVE-2020-6314 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6313 (SAP NetWeaver Application Server JAVA(XML Forms) versions 7.30, 7.31,  ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6312 (SAP BusinessObjects Business Intelligence Platform (Web Intelligence H ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6311 (Banking services from SAP 9.0 (Bank Analyzer), version - 500, and SAP  ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6310 (Improper access control in SOA Configuration Trace component in SAP Ne ...)
 	NOT-FOR-US: SAP
 CVE-2020-6309 (SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7. ...)
@@ -45135,7 +45135,7 @@ CVE-2020-6304 (Improper input validation in SAP NetWeaver Internet Communication
 CVE-2020-6303 (SAP Disclosure Management, before version 10.1, does not validate user ...)
 	NOT-FOR-US: SAP
 CVE-2020-6302 (SAP Commerce versions 6.7, 1808, 1811, 1905, 2005 contains the jSessio ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6301 (SAP ERP (HCM Travel Management), versions - 600, 602, 603, 604, 605, 6 ...)
 	NOT-FOR-US: SAP
 CVE-2020-6300 (SAP Business Objects Business Intelligence Platform (Central Managemen ...)
@@ -45163,7 +45163,7 @@ CVE-2020-6290 (SAP Disclosure Management, version 10.1, is vulnerable to Session
 CVE-2020-6289 (SAP Disclosure Management, version 10.1, had insufficient protection a ...)
 	NOT-FOR-US: SAP
 CVE-2020-6288 (SAP Business Objects Business Intelligence Platform (Web Intelligence  ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6287 (SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31 ...)
 	NOT-FOR-US: SAP
 CVE-2020-6286 (The insufficient input path validation of certain parameter in the web ...)
@@ -45173,7 +45173,7 @@ CVE-2020-6285 (SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI) (versions- 7.10,
 CVE-2020-6284 (SAP NetWeaver (Knowledge Management), versions - 7.30, 7.31, 7.40, 7.5 ...)
 	NOT-FOR-US: SAP
 CVE-2020-6283 (SAP Fiori Launchpad does not sufficiently encode user controlled input ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2020-6282 (SAP NetWeaver AS JAVA (IIOP service) (SERVERCORE), versions 7.10, 7.11 ...)
 	NOT-FOR-US: SAP
 CVE-2020-6281 (SAP Business Objects Business Intelligence Platform (BI Launchpad), ve ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/baa80316b12891afc4b3dc27385b6bc7612721e3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/baa80316b12891afc4b3dc27385b6bc7612721e3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200909/261ec5e1/attachment.html>


More information about the debian-security-tracker-commits mailing list