Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
81b25318 by Moritz Muehlenhoff at 2020-06-03T18:47:23+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -16033,19 +16033,19 @@ CVE-2020-7656 (jquery prior to 1.9.0 allows
Cross-site Scripting attacks via the
CVE-2020-7655 (netius prior to 1.17.58 is vulnerable to HTTP Request
Smuggling. HTTP ...)
NOT-FOR-US: netius
CVE-2020-7654 (All versions of snyk-broker before 4.73.1 are vulnerable to
Informatio ...)
- TODO: check
+ NOT-FOR-US: snyk-broker
CVE-2020-7653 (All versions of snyk-broker before 4.80.0 are vulnerable to
Arbitrary ...)
- TODO: check
+ NOT-FOR-US: snyk-broker
CVE-2020-7652 (All versions of snyk-broker before 4.80.0 are vulnerable to
Arbitrary ...)
- TODO: check
+ NOT-FOR-US: snyk-broker
CVE-2020-7651 (All versions of snyk-broker before 4.79.0 are vulnerable to
Arbitrary ...)
- TODO: check
+ NOT-FOR-US: snyk-broker
CVE-2020-7650 (All versions of snyk-broker after 4.72.0 including and before
4.73.1 a ...)
- TODO: check
+ NOT-FOR-US: snyk-broker
CVE-2020-7649
RESERVED
CVE-2020-7648 (All versions of snyk-broker before 4.72.2 are vulnerable to
Arbitrary ...)
- TODO: check
+ NOT-FOR-US: snyk-broker
CVE-2020-7647 (All versions before 1.6.7 and all versions after 2.0.0
inclusive and b ...)
NOT-FOR-US: jooby
CVE-2020-7646 (curlrequest through 1.0.1 allows execution of arbitrary
commands.It is ...)
@@ -17690,7 +17690,7 @@ CVE-2020-6939
CVE-2020-6938
RESERVED
CVE-2020-6937 (A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x,
3.9.x, ...)
- TODO: check
+ NOT-FOR-US: MuleSoft
CVE-2020-6936
RESERVED
CVE-2020-6935
@@ -24664,7 +24664,7 @@ CVE-2020-4028
CVE-2020-4027
RESERVED
CVE-2020-4026 (The CustomAppsRestResource list resource in Atlassian Navigator
Links ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2020-4025
RESERVED
CVE-2020-4024
@@ -30916,6 +30916,7 @@ CVE-2020-1964 (It was noticed that Apache Heron
0.20.2-incubating, Release 0.20.
NOT-FOR-US: Apache Heron
CVE-2020-1963
RESERVED
+ NOT-FOR-US: Apache Ignite
CVE-2020-1962
REJECTED
CVE-2020-1961 (Vulnerability to Server-Side Template Injection on Mail
templates for ...)
@@ -31296,7 +31297,7 @@ CVE-2020-1872 (Huawei smart phones P10 Plus with
versions earlier than 9.1.0.201
CVE-2020-1871 (USG9500 with software of V500R001C30SPC100; V500R001C30SPC200;
V500R00 ...)
NOT-FOR-US: Huawei
CVE-2020-1870 (CloudEngine 12800 products with versions of V200R019C00,
V200R019C10SP ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2020-1869
RESERVED
CVE-2020-1868
@@ -39852,7 +39853,7 @@ CVE-2019-17605 (A mass assignment vulnerability in
eyecomms eyeCMS through 2019-
CVE-2019-17604 (An Insecure Direct Object Reference (IDOR) vulnerability in
eyecomms e ...)
NOT-FOR-US: eyeCMS
CVE-2019-17603 (Ene.sys in Asus Aura Sync through 1.07.71 does not properly
validate i ...)
- TODO: check
+ NOT-FOR-US: Asus
CVE-2019-17602 (An issue was discovered in Zoho ManageEngine OpManager before
12.4 bui ...)
NOT-FOR-US: Zoho ManageEngine OpManager
CVE-2019-17601 (In MiniShare 1.4.1, there is a stack-based buffer overflow via
an HTTP ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81b253188494ff65c3370f206704292d1c532db0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81b253188494ff65c3370f206704292d1c532db0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
