Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
44c81bc9 by Salvatore Bonaccorso at 2020-08-12T22:29:50+02:00
Process more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -61,9 +61,9 @@ CVE-2020-17508
CVE-2020-17507 (An issue was discovered in Qt through 5.12.9, and 5.13.x
through 5.15. ...)
TODO: check
CVE-2020-17506 (Artica Web Proxy 4.30.00000000 allows remote attacker to
bypass privil ...)
- TODO: check
+ NOT-FOR-US: Artica Web Proxy
CVE-2020-17505 (Artica Web Proxy 4.30.000000 allows an authenticated remote
attacker t ...)
- TODO: check
+ NOT-FOR-US: Artica Web Proxy
CVE-2020-17504
RESERVED
CVE-2020-17503
@@ -81,7 +81,7 @@ CVE-2020-17498
CVE-2020-17497 (eapol.c in iNet wireless daemon (IWD) through 1.8 allows
attackers to ...)
TODO: check
CVE-2020-17496 (vBulletin 5.5.4 through 5.6.2 allows remote command execution
via craf ...)
- TODO: check
+ NOT-FOR-US: vBulletin
CVE-2020-17495 (django-celery-results through 1.2.1 stores task results in the
databas ...)
- python-django-celery-results <unfixed> (bug #968305)
NOTE: https://github.com/celery/django-celery-results/issues/142
@@ -335,9 +335,9 @@ CVE-2020-17375
CVE-2020-17374
RESERVED
CVE-2020-17373 (SugarCRM before 10.1.0 (Q3 2020) allows SQL Injection. ...)
- TODO: check
+ NOT-FOR-US: SugarCRM
CVE-2020-17372 (SugarCRM before 10.1.0 (Q3 2020) allows XSS. ...)
- TODO: check
+ NOT-FOR-US: SugarCRM
CVE-2020-17371
RESERVED
CVE-2020-17370
@@ -363,9 +363,9 @@ CVE-2020-17363
CVE-2020-17362
RESERVED
CVE-2020-17361 (** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in
ReadyTalk A ...)
- TODO: check
+ NOT-FOR-US: ReadyTalk Avian
CVE-2020-17360 (** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in
ReadyTalk A ...)
- TODO: check
+ NOT-FOR-US: ReadyTalk Avian
CVE-2020-17359
RESERVED
CVE-2020-17358
@@ -10054,7 +10054,7 @@ CVE-2020-13280
CVE-2020-13279 (Client side code execution in gitlab-vscode-extension v2.2.0
allows at ...)
NOT-FOR-US: gitlab-vscode-extension
CVE-2020-13278 (Reflected Cross-Site Scripting vulnerability in Modules.php in
Rosario ...)
- TODO: check
+ NOT-FOR-US: RosarioSIS Student Information System
CVE-2020-13277 (An authorization issue in the mirroring logic allowed read
access to p ...)
- gitlab 13.2.3-2
NOTE:
https://about.gitlab.com/releases/2020/06/10/critical-security-release-13-0-6-released/
@@ -22484,7 +22484,7 @@ CVE-2020-8915
CVE-2020-8914
RESERVED
CVE-2020-8913 (A local, arbitrary code execution vulnerability exists in the
SplitCom ...)
- TODO: check
+ NOT-FOR-US: Android's Play Core Library
CVE-2020-8912 (A vulnerability in the in-band key negotiation exists in the
AWS S3 Cr ...)
TODO: check
CVE-2020-8911 (A padding oracle vulnerability exists in the AWS S3 Crypto SDK
for GoL ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44c81bc9330defc9be08a1425bbabe1d132e10c1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44c81bc9330defc9be08a1425bbabe1d132e10c1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
