Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
373878db by security tracker role at 2020-10-12T20:10:36+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,145 @@
+CVE-2020-27020
+ RESERVED
+CVE-2020-27019
+ RESERVED
+CVE-2020-27018
+ RESERVED
+CVE-2020-27017
+ RESERVED
+CVE-2020-27016
+ RESERVED
+CVE-2020-27015
+ RESERVED
+CVE-2020-27014
+ RESERVED
+CVE-2020-27013
+ RESERVED
+CVE-2020-27012
+ RESERVED
+CVE-2020-27011
+ RESERVED
+CVE-2020-27010
+ RESERVED
+CVE-2020-27009
+ RESERVED
+CVE-2020-27008
+ RESERVED
+CVE-2020-27007
+ RESERVED
+CVE-2020-27006
+ RESERVED
+CVE-2020-27005
+ RESERVED
+CVE-2020-27004
+ RESERVED
+CVE-2020-27003
+ RESERVED
+CVE-2020-27002
+ RESERVED
+CVE-2020-27001
+ RESERVED
+CVE-2020-27000
+ RESERVED
+CVE-2020-26999
+ RESERVED
+CVE-2020-26998
+ RESERVED
+CVE-2020-26997
+ RESERVED
+CVE-2020-26996
+ RESERVED
+CVE-2020-26995
+ RESERVED
+CVE-2020-26994
+ RESERVED
+CVE-2020-26993
+ RESERVED
+CVE-2020-26992
+ RESERVED
+CVE-2020-26991
+ RESERVED
+CVE-2020-26990
+ RESERVED
+CVE-2020-26989
+ RESERVED
+CVE-2020-26988
+ RESERVED
+CVE-2020-26987
+ RESERVED
+CVE-2020-26986
+ RESERVED
+CVE-2020-26985
+ RESERVED
+CVE-2020-26984
+ RESERVED
+CVE-2020-26983
+ RESERVED
+CVE-2020-26982
+ RESERVED
+CVE-2020-26981
+ RESERVED
+CVE-2020-26980
+ RESERVED
+CVE-2020-26979
+ RESERVED
+CVE-2020-26978
+ RESERVED
+CVE-2020-26977
+ RESERVED
+CVE-2020-26976
+ RESERVED
+CVE-2020-26975
+ RESERVED
+CVE-2020-26974
+ RESERVED
+CVE-2020-26973
+ RESERVED
+CVE-2020-26972
+ RESERVED
+CVE-2020-26971
+ RESERVED
+CVE-2020-26970
+ RESERVED
+CVE-2020-26969
+ RESERVED
+CVE-2020-26968
+ RESERVED
+CVE-2020-26967
+ RESERVED
+CVE-2020-26966
+ RESERVED
+CVE-2020-26965
+ RESERVED
+CVE-2020-26964
+ RESERVED
+CVE-2020-26963
+ RESERVED
+CVE-2020-26962
+ RESERVED
+CVE-2020-26961
+ RESERVED
+CVE-2020-26960
+ RESERVED
+CVE-2020-26959
+ RESERVED
+CVE-2020-26958
+ RESERVED
+CVE-2020-26957
+ RESERVED
+CVE-2020-26956
+ RESERVED
+CVE-2020-26955
+ RESERVED
+CVE-2020-26954
+ RESERVED
+CVE-2020-26953
+ RESERVED
+CVE-2020-26952
+ RESERVED
+CVE-2020-26951
+ RESERVED
+CVE-2020-26950
+ RESERVED
CVE-2020-26949
RESERVED
CVE-2020-26948 (Emby Server before 4.5.0 allows SSRF via the
Items/RemoteSearch/Image ...)
@@ -164,12 +306,12 @@ CVE-2020-26871
CVE-2020-26870 (Cure53 DOMPurify before 2.0.17 allows mutation XSS. This
occurs becaus ...)
- dompurify.js <removed>
NOTE:
https://research.securitum.com/mutation-xss-via-mathml-mutation-dompurify-2-0-17-bypass/
-CVE-2020-26869
- RESERVED
-CVE-2020-26868
- RESERVED
-CVE-2020-26867
- RESERVED
+CVE-2020-26869 (An information exposure vulnerability exists in PcVue 12,
allowing a n ...)
+ TODO: check
+CVE-2020-26868 (A Denial Of Service vulnerability exists in PcVue from version
8.10 on ...)
+ TODO: check
+CVE-2020-26867 (A Remote Code Execution vulnerability exists in PcVue from
version 8.1 ...)
+ TODO: check
CVE-2020-26866
RESERVED
CVE-2020-26865
@@ -851,8 +993,8 @@ CVE-2020-26548
RESERVED
CVE-2020-26547
RESERVED
-CVE-2020-26546
- RESERVED
+CVE-2020-26546 (** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in
HelpDeskZ 1 ...)
+ TODO: check
CVE-2020-26545
RESERVED
CVE-2020-26544
@@ -2387,8 +2529,8 @@ CVE-2020-25827 (An issue was discovered in the OATHAuth
extension in MediaWiki b
NOTE: https://phabricator.wikimedia.org/T251661
CVE-2020-25826 (PingID Integration for Windows Login before 2.4.2 allows local
users t ...)
NOT-FOR-US: PingID Integration for Windows Login
-CVE-2020-25825
- RESERVED
+CVE-2020-25825 (In Octopus Deploy 3.1.0 to 2020.4.0, certain scripts can
reveal sensit ...)
+ TODO: check
CVE-2020-25824
RESERVED
CVE-2020-25823
@@ -2405,7 +2547,7 @@ CVE-2020-25818
RESERVED
CVE-2020-25817
RESERVED
-CVE-2020-25816 (HashiCorp Vault and Vault Enterprise 1.0 before 1.5.4 have
Incorrect A ...)
+CVE-2020-25816 (HashiCorp Vault and Vault Enterprise versions 1.0 and newer
allowed le ...)
NOT-FOR-US: HashiCorp Vault
CVE-2020-25815 (An issue was discovered in MediaWiki 1.32.x through 1.34.x
before 1.34 ...)
- mediawiki 1:1.35.0-1
@@ -24609,8 +24751,8 @@ CVE-2020-15252
RESERVED
CVE-2020-15251
RESERVED
-CVE-2020-15250
- RESERVED
+CVE-2020-15250 (In JUnit4 before version 4.13.1, the test rule TemporaryFolder
contain ...)
+ TODO: check
CVE-2020-15249
RESERVED
CVE-2020-15248
@@ -28173,8 +28315,7 @@ CVE-2020-13945
RESERVED
CVE-2020-13944 (In Apache Airflow < 1.10.12, the "origin" parameter passed
to some ...)
- airflow <itp> (bug #819700)
-CVE-2020-13943
- RESERVED
+CVE-2020-13943 (If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to
10.0.0-M7 ...)
- tomcat9 9.0.38-1
- tomcat8 <removed>
NOTE:
https://github.com/apache/tomcat/commit/55911430df13f8c9998fbdee1f9716994d2db59b
(9.0.38)
@@ -28286,7 +28427,7 @@ CVE-2020-13904 (FFmpeg 4.2.3 has a use-after-free via a
crafted EXTINF duration
NOTE:
https://github.com/FFmpeg/FFmpeg/commit/9dfb19baeb86a8bb02c53a441682c6e9a6e104cc
NOTE: https://trac.ffmpeg.org/ticket/8673
CVE-2020-13903
- RESERVED
+ REJECTED
CVE-2020-13902 (ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer
over-re ...)
- imagemagick 8:6.9.11.24+dfsg-1
[buster] - imagemagick <not-affected> (Not affected, tiff uses
TIFF_SETGET_C32_UINT32)
@@ -29753,8 +29894,8 @@ CVE-2020-13343 (An issue has been discovered in GitLab
affecting all versions st
- gitlab 13.2.10-1
CVE-2020-13342 (An issue has been discovered in GitLab affecting versions
prior to 13. ...)
- gitlab 13.2.10-1
-CVE-2020-13341
- RESERVED
+CVE-2020-13341 (An issue has been discovered in GitLab affecting all versions
prior to ...)
+ TODO: check
CVE-2020-13340 (An issue has been discovered in GitLab affecting all versions
prior to ...)
- gitlab 13.2.10-1
CVE-2020-13339 (An issue has been discovered in GitLab affecting all versions
before 1 ...)
@@ -30079,7 +30220,7 @@ CVE-2020-13225 (phpIPAM 1.4 contains a stored cross
site scripting (XSS) vulnera
NOTE: https://github.com/phpipam/phpipam/issues/3025
CVE-2020-13224 (TP-LINK NC200 devices through 2.1.10 build 200401, NC210
devices throu ...)
NOT-FOR-US: TP-LINK
-CVE-2020-13223 (HashiCorp Vault and Vault Enterprise before 1.3.6, and 1.4.2
before 1. ...)
+CVE-2020-13223 (HashiCorp Vault and Vault Enterprise logged proxy environment
variable ...)
NOT-FOR-US: HashiCorp Vault
CVE-2020-13222
RESERVED
@@ -31219,7 +31360,7 @@ CVE-2020-12758 (HashiCorp Consul and Consul Enterprise
could crash when configur
[buster] - consul <not-affected> (Vulnerable code not present)
NOTE: https://github.com/hashicorp/consul/blob/v1.7.4/CHANGELOG.md
NOTE: https://github.com/hashicorp/consul/pull/7783
-CVE-2020-12757 (HashiCorp Vault and Vault Enterprise 1.4.x before 1.4.2 has
Incorrect ...)
+CVE-2020-12757 (HashiCorp Vault and Vault Enterprise 1.4.0 and 1.4.1, when
configured ...)
NOT-FOR-US: HashiCorp Vault
CVE-2020-12756
RESERVED
@@ -31453,8 +31594,8 @@ CVE-2020-12672 (GraphicsMagick through 1.3.35 has a
heap-based buffer overflow i
NOTE: Fixed by:
https://sourceforge.net/p/graphicsmagick/code/ci/50395430a37188d0d197e71bd85ed6dd0f649ee3/
CVE-2020-12671
RESERVED
-CVE-2020-12670
- RESERVED
+CVE-2020-12670 (XSS exists in Webmin 1.941 and earlier affecting the Save
function of ...)
+ TODO: check
CVE-2020-12669 (core/get_menudiv.php in Dolibarr before 11.0.4 allows remote
authentic ...)
- dolibarr <removed>
CVE-2020-12668
@@ -41736,12 +41877,12 @@ CVE-2020-9242 (FusionCompute 8.0.0 have a command
injection vulnerability. The s
NOT-FOR-US: Huawei
CVE-2020-9241 (Huawei 5G Mobile WiFi E6878-370 with versions of
10.0.3.1(H563SP1C00), ...)
NOT-FOR-US: Huawei
-CVE-2020-9240
- RESERVED
+CVE-2020-9240 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have
a buff ...)
+ TODO: check
CVE-2020-9239 (Huawei smartphones BLA-A09 versions 8.0.0.123(C212),versions
earlier t ...)
NOT-FOR-US: Huawei
-CVE-2020-9238
- RESERVED
+CVE-2020-9238 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have
a buff ...)
+ TODO: check
CVE-2020-9237 (Huawei smartphone Taurus-AL00B with versions earlier than
10.1.0.126(C ...)
NOT-FOR-US: Huawei
CVE-2020-9236
@@ -41756,8 +41897,8 @@ CVE-2020-9232
RESERVED
CVE-2020-9231
RESERVED
-CVE-2020-9230
- RESERVED
+CVE-2020-9230 (WS5800-10 version 10.0.3.25 has a denial of service
vulnerability. Due ...)
+ TODO: check
CVE-2020-9229 (FusionCompute 8.0.0 has an information disclosure
vulnerability. Due t ...)
NOT-FOR-US: Huawei
CVE-2020-9228 (FusionCompute 8.0.0 has an information disclosure
vulnerability. Due t ...)
@@ -41970,10 +42111,10 @@ CVE-2020-9125
RESERVED
CVE-2020-9124
RESERVED
-CVE-2020-9123
- RESERVED
-CVE-2020-9122
- RESERVED
+CVE-2020-9123 (HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8)
and versi ...)
+ TODO: check
+CVE-2020-9122 (Some Huawei products have an insufficient input verification
vulnerabi ...)
+ TODO: check
CVE-2020-9121
RESERVED
CVE-2020-9120
@@ -41996,16 +42137,16 @@ CVE-2020-9112
RESERVED
CVE-2020-9111
RESERVED
-CVE-2020-9110
- RESERVED
-CVE-2020-9109
- RESERVED
-CVE-2020-9108
- RESERVED
-CVE-2020-9107
- RESERVED
-CVE-2020-9106
- RESERVED
+CVE-2020-9110 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have
an inf ...)
+ TODO: check
+CVE-2020-9109 (There is an information disclosure vulnerability in several
smartphone ...)
+ TODO: check
+CVE-2020-9108 (HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8)
have an o ...)
+ TODO: check
+CVE-2020-9107 (HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8)
have an o ...)
+ TODO: check
+CVE-2020-9106 (HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8)
have a pa ...)
+ TODO: check
CVE-2020-9105 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have
an ins ...)
NOT-FOR-US: Huawei
CVE-2020-9104 (HUAWEI P30 smartphones with Versions earlier than
10.1.0.123(C431E22R2 ...)
@@ -42034,16 +42175,16 @@ CVE-2020-9093
RESERVED
CVE-2020-9092
RESERVED
-CVE-2020-9091
- RESERVED
-CVE-2020-9090
- RESERVED
+CVE-2020-9091 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have
an out ...)
+ TODO: check
+CVE-2020-9090 (FusionAccess version 6.5.1 has an improper authorization
vulnerability ...)
+ TODO: check
CVE-2020-9089
RESERVED
CVE-2020-9088
RESERVED
-CVE-2020-9087
- RESERVED
+CVE-2020-9087 (Taurus-AL00A version 10.0.0.1(C00E1R1P1) has an out-of-bounds
read vul ...)
+ TODO: check
CVE-2020-9086
RESERVED
CVE-2020-9085
@@ -42707,10 +42848,10 @@ CVE-2020-8823 (htmlfile in lib/transport/htmlfile.js
in SockJS before 3.0 is vul
NOT-FOR-US: SockJS
CVE-2020-8822 (Digi TransPort WR21 5.2.2.3, WR44 5.1.6.4, and WR44v2 5.1.6.9
devices ...)
NOT-FOR-US: Digi TransPort
-CVE-2020-8821
- RESERVED
-CVE-2020-8820
- RESERVED
+CVE-2020-8821 (An Improper Data Validation Vulnerability exists in Webmin
1.941 and e ...)
+ TODO: check
+CVE-2020-8820 (An XSS Vulnerability exists in Webmin 1.941 and earlier
affecting the ...)
+ TODO: check
CVE-2020-8819 (An issue was discovered in the CardGate Payments plugin through
3.1.15 ...)
NOT-FOR-US: CardGate Payments plugin for WooCommerce
CVE-2020-8818 (An issue was discovered in the CardGate Payments plugin through
2.0.30 ...)
@@ -45300,8 +45441,8 @@ CVE-2020-7813 (Ezhttptrans.ocx ActiveX Control in Kaoni
ezHTTPTrans 1.0.0.70 and
NOT-FOR-US: Kaoni
CVE-2020-7812 (Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70
and prio ...)
NOT-FOR-US: Kaoni ezHTTPTrans
-CVE-2020-7811
- RESERVED
+CVE-2020-7811 (Samsung Update 3.0.2.0 ~ 3.0.32.0 has a vulnerability that
allows priv ...)
+ TODO: check
CVE-2020-7810 (hslogin2.dll ActiveX Control in Groupware contains a
vulnerability tha ...)
NOT-FOR-US: hslogin2.dll ActiveX Control in Groupware
CVE-2020-7809 (ALSong 3.46 and earlier version contain a Document Object Model
(DOM) ...)
@@ -46617,7 +46758,7 @@ CVE-2020-7219 (HashiCorp Consul and Consul Enterprise
up to 1.6.2 HTTP/RPC servi
[buster] - consul <no-dsa> (Minor issue)
NOTE: https://github.com/hashicorp/consul/issues/7159
NOTE: Fixed in 1.6.3.
-CVE-2020-7218 (HashiCorp Nomad and Nomad Enterprise before 0.10.3 allow
unbounded res ...)
+CVE-2020-7218 (HashiCorp Nomad and Nonad Enterprise up to 0.10.2 HTTP/RPC
services al ...)
- nomad 0.10.3+dfsg1-1
NOTE: https://github.com/hashicorp/nomad/issues/7002
CVE-2020-7217 (An ni_dhcp4_fsm_process_dhcp4_packet memory leak in openSUSE
wicked 0. ...)
@@ -52169,28 +52310,28 @@ CVE-2020-5145
RESERVED
CVE-2020-5144
RESERVED
-CVE-2020-5143
- RESERVED
-CVE-2020-5142
- RESERVED
-CVE-2020-5141
- RESERVED
-CVE-2020-5140
- RESERVED
-CVE-2020-5139
- RESERVED
-CVE-2020-5138
- RESERVED
-CVE-2020-5137
- RESERVED
-CVE-2020-5136
- RESERVED
-CVE-2020-5135
- RESERVED
-CVE-2020-5134
- RESERVED
-CVE-2020-5133
- RESERVED
+CVE-2020-5143 (SonicOS SSLVPN login page allows a remote unauthenticated
attacker to ...)
+ TODO: check
+CVE-2020-5142 (A stored cross-site scripting (XSS) vulnerability exists in the
SonicO ...)
+ TODO: check
+CVE-2020-5141 (A vulnerability in SonicOS allows a remote unauthenticated
attacker to ...)
+ TODO: check
+CVE-2020-5140 (A vulnerability in SonicOS allows a remote unauthenticated
attacker to ...)
+ TODO: check
+CVE-2020-5139 (A vulnerability in SonicOS SSLVPN service allows a remote
unauthentica ...)
+ TODO: check
+CVE-2020-5138 (A Heap Overflow vulnerability in the SonicOS allows a remote
unauthent ...)
+ TODO: check
+CVE-2020-5137 (A buffer overflow vulnerability in SonicOS allows a remote
unauthentic ...)
+ TODO: check
+CVE-2020-5136 (A buffer overflow vulnerability in SonicOS allows an
authenticated att ...)
+ TODO: check
+CVE-2020-5135 (A buffer overflow vulnerability in SonicOS allows a remote
attacker to ...)
+ TODO: check
+CVE-2020-5134 (A vulnerability in SonicOS allows an authenticated attacker to
cause o ...)
+ TODO: check
+CVE-2020-5133 (A vulnerability in SonicOS allows a remote unauthenticated
attacker to ...)
+ TODO: check
CVE-2020-5132 (SonicWall SSL-VPN products and SonicWall firewall SSL-VPN
feature misc ...)
NOT-FOR-US: SonicWall
CVE-2020-5131 (SonicWall NetExtender Windows client vulnerable to arbitrary
file writ ...)
@@ -53051,26 +53192,26 @@ CVE-2020-4783
RESERVED
CVE-2020-4782
RESERVED
-CVE-2020-4781
- RESERVED
-CVE-2020-4780
- RESERVED
-CVE-2020-4779
- RESERVED
-CVE-2020-4778
- RESERVED
+CVE-2020-4781 (An improper input validation before calling java readLine()
method may ...)
+ TODO: check
+CVE-2020-4780 (OOTB build scripts does not set the secure attribute on session
cookie ...)
+ TODO: check
+CVE-2020-4779 (A HTTP Verb Tampering vulnerability may impact IBM Curam Social
Progra ...)
+ TODO: check
+CVE-2020-4778 (IBM Curam Social Program Management 7.0.9 and 7.0.10 uses MD5
algorith ...)
+ TODO: check
CVE-2020-4777
RESERVED
-CVE-2020-4776
- RESERVED
-CVE-2020-4775
- RESERVED
-CVE-2020-4774
- RESERVED
-CVE-2020-4773
- RESERVED
-CVE-2020-4772
- RESERVED
+CVE-2020-4776 (A path traversal vulnerability may impact IBM Curam Social
Program Man ...)
+ TODO: check
+CVE-2020-4775 (A cross-site scripting (XSS) vulnerability may impact IBM Curam
Social ...)
+ TODO: check
+CVE-2020-4774 (An XPath vulnerability may impact IBM Curam Social Program
Management ...)
+ TODO: check
+CVE-2020-4773 (A cross-site request forgery (CSRF) vulnerability may impact
IBM Curam ...)
+ TODO: check
+CVE-2020-4772 (An XML External Entity Injection (XXE) vulnerability may impact
IBM Cu ...)
+ TODO: check
CVE-2020-4771
RESERVED
CVE-2020-4770
@@ -53131,10 +53272,10 @@ CVE-2020-4743
RESERVED
CVE-2020-4742
RESERVED
-CVE-2020-4741
- RESERVED
-CVE-2020-4740
- RESERVED
+CVE-2020-4741 (IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable
to store ...)
+ TODO: check
+CVE-2020-4740 (IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable
to HTML ...)
+ TODO: check
CVE-2020-4739
RESERVED
CVE-2020-4738
@@ -53215,8 +53356,8 @@ CVE-2020-4701
RESERVED
CVE-2020-4700
RESERVED
-CVE-2020-4699
- RESERVED
+CVE-2020-4699 (IBM Security Access Manager 9.0.7 and IBM Security Verify
Access 10.0. ...)
+ TODO: check
CVE-2020-4698 (IBM Business Process Manager 8.5, 8.6 and IBM Business
Automation Work ...)
NOT-FOR-US: IBM
CVE-2020-4697
@@ -53235,8 +53376,8 @@ CVE-2020-4691
RESERVED
CVE-2020-4690
RESERVED
-CVE-2020-4689
- RESERVED
+CVE-2020-4689 (IBM Security Guardium 11.2 is vulnerable to CVS Injection. A
remote pr ...)
+ TODO: check
CVE-2020-4688
RESERVED
CVE-2020-4687 (IBM Content Navigator 3.0.7 and 3.0.8 could allow an
authenticated use ...)
@@ -53251,14 +53392,14 @@ CVE-2020-4683
RESERVED
CVE-2020-4682
RESERVED
-CVE-2020-4681
- RESERVED
-CVE-2020-4680
- RESERVED
-CVE-2020-4679
- RESERVED
-CVE-2020-4678
- RESERVED
+CVE-2020-4681 (IBM Security Guardium 11.2 is vulnerable to cross-site
scripting. This ...)
+ TODO: check
+CVE-2020-4680 (IBM Security Guardium 11.2 is vulnerable to cross-site
scripting. This ...)
+ TODO: check
+CVE-2020-4679 (IBM Security Guardium 11.2 is vulnerable to cross-site
scripting. This ...)
+ TODO: check
+CVE-2020-4678 (IBM Security Guardium 11.2 could allow an attacker with admin
access t ...)
+ TODO: check
CVE-2020-4677
RESERVED
CVE-2020-4676
@@ -53291,10 +53432,10 @@ CVE-2020-4663
RESERVED
CVE-2020-4662 (IBM Event Streams 10.0.0 could allow an authenticated user to
perform ...)
NOT-FOR-US: IBM
-CVE-2020-4661
- RESERVED
-CVE-2020-4660
- RESERVED
+CVE-2020-4661 (IBM Security Access Manager 9.0.7 and IBM Security Verify
Access 10.0. ...)
+ TODO: check
+CVE-2020-4660 (IBM Security Access Manager 9.0.7 and IBM Security Verify
Access 10.0. ...)
+ TODO: check
CVE-2020-4659
RESERVED
CVE-2020-4658
@@ -53837,8 +53978,8 @@ CVE-2020-4390
RESERVED
CVE-2020-4389
RESERVED
-CVE-2020-4388
- RESERVED
+CVE-2020-4388 (IBM Cognos Analytics 11.0 and 11.1 could be vulnerable to a
denial of ...)
+ TODO: check
CVE-2020-4387 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect
Server) 9.7, ...)
NOT-FOR-US: IBM
CVE-2020-4386 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect
Server) 9.7, ...)
@@ -54009,8 +54150,8 @@ CVE-2020-4304 (IBM WebSphere Application Server -
Liberty 17.0.0.3 through 20.0.
NOT-FOR-US: IBM
CVE-2020-4303 (IBM WebSphere Application Server - Liberty 17.0.0.3 through
20.0.0.3 i ...)
NOT-FOR-US: IBM
-CVE-2020-4302
- RESERVED
+CVE-2020-4302 (IBM Cognos Analytics 11.0 and 11.1 could allow a remote
attacker to ex ...)
+ TODO: check
CVE-2020-4301
RESERVED
CVE-2020-4300
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/373878db6e02e3dc13e780f6d2497393b3cb1185
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/373878db6e02e3dc13e780f6d2497393b3cb1185
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
