[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff Mon, 23 Mar 2020 14:04:23 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
45d58da2 by Moritz Muehlenhoff at 2020-03-23T22:03:41+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4694,17 +4694,17 @@ CVE-2020-8878 (This vulnerability allows remote 
attackers to execute arbitrary c
 CVE-2020-8877 (This vulnerability allows remote attackers to disclose 
sensitive infor ...)
        NOT-FOR-US: Foxit Studio Photo
 CVE-2020-8876 (This vulnerability allows local attackers to disclose 
information on a ...)
-       TODO: check
+       NOT-FOR-US: Parallels
 CVE-2020-8875 (This vulnerability allows local attackers to escalate 
privileges on af ...)
-       TODO: check
+       NOT-FOR-US: Parallels
 CVE-2020-8874 (This vulnerability allows local attackers to escalate 
privileges on af ...)
-       TODO: check
+       NOT-FOR-US: Parallels
 CVE-2020-8873 (This vulnerability allows local attackers to escalate 
privileges on af ...)
-       TODO: check
+       NOT-FOR-US: Parallels
 CVE-2020-8872 (This vulnerability allows local attackers to disclose sensitive 
inform ...)
-       TODO: check
+       NOT-FOR-US: Parallels
 CVE-2020-8871 (This vulnerability allows local attackers to escalate 
privileges on af ...)
-       TODO: check
+       NOT-FOR-US: Parallels
 CVE-2020-8870
        RESERVED
 CVE-2020-8869
@@ -6326,11 +6326,11 @@ CVE-2020-8139 (A missing access control check in 
Nextcloud Server &lt; 18.0.1, &
 CVE-2020-8138 (A missing check for IPv4 nested inside IPv6 in Nextcloud server 
&lt; 1 ...)
        - nextcloud-server <itp> (bug #941708)
 CVE-2020-8137 (Code injection vulnerability in blamer 1.0.0 and earlier may 
result in ...)
-       TODO: check
+       NOT-FOR-US: Node blamer
 CVE-2020-8136 (Prototype pollution vulnerability in fastify-multipart &lt; 
1.0.5 allo ...)
-       TODO: check
+       NOT-FOR-US: Node fastify-multipart
 CVE-2020-8135 (The uppy npm package &lt; 1.9.3 is vulnerable to a Server-Side 
Request ...)
-       TODO: check
+       NOT-FOR-US: Node uppy
 CVE-2020-8134 (Server-side request forgery (SSRF) vulnerability in Ghost CMS 
&lt; 3.1 ...)
        NOT-FOR-US: Ghost CMS
 CVE-2020-8133
@@ -6846,7 +6846,7 @@ CVE-2020-7937 (An XSS issue in the title field in Plone 
5.0 through 5.2.1 allows
 CVE-2020-7936 (An open redirect on the login form (and possibly other places) 
in Plon ...)
        NOT-FOR-US: Plone
 CVE-2020-7935 (Artica Pandora FMS through 7.42 is vulnerable to remote PHP 
code execu ...)
-       TODO: check
+       NOT-FOR-US: Artica Pandora FMS
 CVE-2020-7934 (In LifeRay Portal CE 7.1.0 through 7.2.1, the First Name, 
Middle Name, ...)
        NOT-FOR-US: LifeRay Portal
 CVE-2020-7933



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45d58da2cda506d3547ba175d08d1e71db136d0e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45d58da2cda506d3547ba175d08d1e71db136d0e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to