[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso Wed, 26 Aug 2020 03:21:12 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
b80a6b4d by Salvatore Bonaccorso at 2020-08-26T12:20:39+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
 CVE-2020-24656 (Maltego before 4.2.12 allows XXE attacks. ...)
-       TODO: check
+       NOT-FOR-US: Maltego
 CVE-2020-24655
        RESERVED
 CVE-2020-24654
        RESERVED
 CVE-2020-24653 (secure-store in Expo through 2.16.1 on iOS provides the 
insecure kSecA ...)
-       TODO: check
+       NOT-FOR-US: secure-store in Expo on iOS
 CVE-2020-24652
        RESERVED
 CVE-2020-24651
@@ -11353,7 +11353,7 @@ CVE-2020-19007
 CVE-2020-19006
        RESERVED
 CVE-2020-19005 (zrlog v2.1.0 has a vulnerability with the permission check. If 
admin a ...)
-       TODO: check
+       NOT-FOR-US: zrlog
 CVE-2020-19004
        RESERVED
 CVE-2020-19003
@@ -14581,9 +14581,9 @@ CVE-2020-17406
 CVE-2020-17405
        RESERVED
 CVE-2020-17404 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
-       TODO: check
+       NOT-FOR-US: Foxit
 CVE-2020-17403 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
-       TODO: check
+       NOT-FOR-US: Foxit
 CVE-2020-17402 (This vulnerability allows local attackers to disclose 
sensitive inform ...)
        TODO: check
 CVE-2020-17401 (This vulnerability allows local attackers to disclose 
sensitive inform ...)
@@ -14611,11 +14611,11 @@ CVE-2020-17391 (This vulnerability allows local 
attackers to disclose informatio
 CVE-2020-17390 (This vulnerability allows local attackers to escalate 
privileges on af ...)
        TODO: check
 CVE-2020-17389 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
-       TODO: check
+       NOT-FOR-US: Marvell QConvergeConsole
 CVE-2020-17388 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
-       TODO: check
+       NOT-FOR-US: Marvell QConvergeConsole
 CVE-2020-17387 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
-       TODO: check
+       NOT-FOR-US: Marvell QConvergeConsole
 CVE-2020-17386 (Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL 
inputte ...)
        NOT-FOR-US: Cellopoint Cellos
 CVE-2020-17385 (Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL 
inputte ...)
@@ -18095,7 +18095,7 @@ CVE-2020-15778 (scp in OpenSSH through 8.3p1 allows 
command injection in scp.c r
        NOTE: Negligible security impact, changing the scp protocol can have a 
good chance
        NOTE: of breaking existing workflows.
 CVE-2020-15777 (An issue was discovered in the Maven Extension plugin before 
1.6 for G ...)
-       TODO: check
+       NOT-FOR-US: Maven Extension plugin for Gradle Enterprise
 CVE-2020-15776
        RESERVED
 CVE-2020-15775
@@ -18491,19 +18491,19 @@ CVE-2020-15646
        - thunderbird 1:68.10.0-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2020-26/#CVE-2020-15646
 CVE-2020-15645 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
-       TODO: check
+       NOT-FOR-US: Marvell QConvergeConsole
 CVE-2020-15644 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
-       TODO: check
+       NOT-FOR-US: Marvell QConvergeConsole
 CVE-2020-15643 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
-       TODO: check
+       NOT-FOR-US: Marvell QConvergeConsole
 CVE-2020-15642 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
-       TODO: check
+       NOT-FOR-US: Marvell QConvergeConsole
 CVE-2020-15641 (This vulnerability allows remote attackers to disclose 
sensitive infor ...)
-       TODO: check
+       NOT-FOR-US: Marvell QConvergeConsole
 CVE-2020-15640 (This vulnerability allows remote attackers to disclose 
sensitive infor ...)
-       TODO: check
+       NOT-FOR-US: Marvell QConvergeConsole
 CVE-2020-15639 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
-       TODO: check
+       NOT-FOR-US: Marvell QConvergeConsole
 CVE-2020-15638 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
        NOT-FOR-US: Foxit
 CVE-2020-15637 (This vulnerability allows remote attackers to disclose 
sensitive infor ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b80a6b4d920ff5d80f0469c9abb9ee2448fb586b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b80a6b4d920ff5d80f0469c9abb9ee2448fb586b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to