[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Tue Sep 15 21:39:04 BST 2020 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9eb74d9f by Moritz Muehlenhoff at 2020-09-15T22:38:42+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -21602,7 +21602,7 @@ CVE-2020-15181
 CVE-2020-15180
 	RESERVED
 CVE-2020-15179 (The ScratchSig extension for MediaWiki before version 1.0.1 allows sto ...)
-	TODO: check
+	NOT-FOR-US: ScratchSig MediaWiki extension
 CVE-2020-15178 (In PrestaShop contactform module (prestashop/contactform) before versi ...)
 	NOT-FOR-US: PrestaShop
 CVE-2020-15177
@@ -21616,7 +21616,7 @@ CVE-2020-15174
 CVE-2020-15173 (In ACCEL-PPP (an implementation of PPTP/PPPoE/L2TP/SSTP), there is a b ...)
 	NOT-FOR-US: ACCEL-PPP
 CVE-2020-15172 (The Act module for Red Discord Bot before commit 6b9f3b86 is vulnerabl ...)
-	TODO: check
+	NOT-FOR-US: Act module for Red Discord Bot
 CVE-2020-15171 (In XWiki before versions 11.10.5 or 12.2.1, any user with SCRIPT right ...)
 	NOT-FOR-US: XWiki
 CVE-2020-15170 (apollo-adminservice before version 1.7.1 does not implement access con ...)
@@ -21677,7 +21677,7 @@ CVE-2020-15150 (There is a vulnerability in Paginator (Elixir/Hex package) which
 CVE-2020-15149 (NodeBB before version 1.14.3 has a bug introduced in version 1.12.2 in ...)
 	NOT-FOR-US: NodeBB
 CVE-2020-15148 (Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote cod ...)
-	TODO: check
+	NOT-FOR-US: Yii 2
 CVE-2020-15147 (Red Discord Bot before versions 3.3.12 and 3.4 has a Remote Code Execu ...)
 	NOT-FOR-US: Red Discord Bot
 CVE-2020-15146 (In SyliusResourceBundle before versions 1.3.14, 1.4.7, 1.5.2 and 1.6.4 ...)
@@ -38010,7 +38010,7 @@ CVE-2020-9418 (An untrusted search path vulnerability in the installer of PDFesc
 CVE-2020-9417
 	RESERVED
 CVE-2020-9416 (The Spotfire client component of TIBCO Software Inc.'s TIBCO Spotfire  ...)
-	TODO: check
+	NOT-FOR-US: TIBCO
 CVE-2020-9415 (The TIBCO Data Virtualization Server component of TIBCO Software Inc.' ...)
 	NOT-FOR-US: TIBCO
 CVE-2020-9414 (The MFT admin service component of TIBCO Software Inc.'s TIBCO Managed ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9eb74d9f9eeb629fb7e32ccf9c6355d436421f54

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9eb74d9f9eeb629fb7e32ccf9c6355d436421f54
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200915/aa24d301/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list