[Git][security-tracker-team/security-tracker][master] Process more NFUs

Salvatore Bonaccorso Fri, 18 Dec 2020 12:41:22 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2e644a6f by Salvatore Bonaccorso at 2020-12-18T21:40:46+01:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12716,9 +12716,9 @@ CVE-2020-27642 (A cross-site scripting (XSS) 
vulnerability exists in the 'merge
 CVE-2020-27641
        REJECTED
 CVE-2020-27640 (The Bluetooth handset of Mitel MiVoice 6940 and 6930 MiNet 
phones with ...)
-       TODO: check
+       NOT-FOR-US: Mitel
 CVE-2020-27639 (The Bluetooth handset of Mitel MiVoice 6873i, 6930, and 6940 
SIP phone ...)
-       TODO: check
+       NOT-FOR-US: Mitel
 CVE-2020-27637
        RESERVED
 CVE-2020-27636
@@ -13379,7 +13379,7 @@ CVE-2020-27342
 CVE-2020-27341
        RESERVED
 CVE-2020-27340 (The online help portal of Mitel MiCollab before 9.2 could 
allow an att ...)
-       TODO: check
+       NOT-FOR-US: Mitel
 CVE-2020-27339
        RESERVED
 CVE-2020-27338
@@ -13772,7 +13772,7 @@ CVE-2020-27156 (Veritas APTARE versions prior to 10.5 
did not perform adequate a
 CVE-2020-27155 (An issue was discovered in Octopus Deploy through 2020.4.4. If 
enabled ...)
        NOT-FOR-US: Octopus Deploy
 CVE-2020-27154 (The chat window of Mitel BusinessCTI Enterprise (MBC-E) Client 
for Win ...)
-       TODO: check
+       NOT-FOR-US: Mitel
 CVE-2020-27152 (An issue was discovered in ioapic_lazy_update_eoi in 
arch/x86/kvm/ioap ...)
        - linux 5.9.6-1
        [buster] - linux <not-affected> (Vulnerable code not present)
@@ -15980,21 +15980,21 @@ CVE-2020-26180
 CVE-2020-26179
        RESERVED
 CVE-2020-26178 (In tangro Business Workflow before 1.18.1, knowing an 
attachment ID, i ...)
-       TODO: check
+       NOT-FOR-US: tangro Business Workflow
 CVE-2020-26177 (In tangro Business Workflow before 1.18.1, a user's profile 
contains s ...)
-       TODO: check
+       NOT-FOR-US: tangro Business Workflow
 CVE-2020-26176 (An issue was discovered in tangro Business Workflow before 
1.18.1. No  ...)
-       TODO: check
+       NOT-FOR-US: tangro Business Workflow
 CVE-2020-26175 (In tangro Business Workflow before 1.18.1, an attacker can 
manipulate  ...)
-       TODO: check
+       NOT-FOR-US: tangro Business Workflow
 CVE-2020-26174 (tangro Business Workflow before 1.18.1 requests a list of 
allowed file ...)
-       TODO: check
+       NOT-FOR-US: tangro Business Workflow
 CVE-2020-26173 (An incorrect access control implementation in Tangro Business 
Workflow ...)
-       TODO: check
+       NOT-FOR-US: tangro Business Workflow
 CVE-2020-26172 (Every login in tangro Business Workflow before 1.18.1 
generates the sa ...)
-       TODO: check
+       NOT-FOR-US: tangro Business Workflow
 CVE-2020-26171 (In tangro Business Workflow before 1.18.1, the documentId of 
attachmen ...)
-       TODO: check
+       NOT-FOR-US: tangro Business Workflow
 CVE-2020-26170
        RESERVED
 CVE-2020-26169
@@ -17480,19 +17480,19 @@ CVE-2020-25613 (An issue was discovered in Ruby 
through 2.5.8, 2.6.x through 2.6
        NOTE: 
https://www.ruby-lang.org/en/news/2020/09/29/http-request-smuggling-cve-2020-25613/
        NOTE: Fix in webrick: 
https://github.com/ruby/webrick/commit/8946bb38b4d87549f0d99ed73c62c41933f97cc7
 CVE-2020-25612 (The NuPoint Messenger of Mitel MiCollab before 9.2 could allow 
an atta ...)
-       TODO: check
+       NOT-FOR-US: Mitel
 CVE-2020-25611 (The AWV portal of Mitel MiCollab before 9.2 could allow an 
attacker to ...)
-       TODO: check
+       NOT-FOR-US: Mitel
 CVE-2020-25610 (The AWV component of Mitel MiCollab before 9.2 could allow an 
attacker ...)
-       TODO: check
+       NOT-FOR-US: Mitel
 CVE-2020-25609 (The NuPoint Messenger Portal of Mitel MiCollab before 9.2 
could allow  ...)
-       TODO: check
+       NOT-FOR-US: Mitel
 CVE-2020-25608 (The SAS portal of Mitel MiCollab before 9.2 could allow an 
attacker to ...)
-       TODO: check
+       NOT-FOR-US: Mitel
 CVE-2020-25607
        RESERVED
 CVE-2020-25606 (The AWV component of Mitel MiCollab before 9.2 could allow an 
attacker ...)
-       TODO: check
+       NOT-FOR-US: Mitel
 CVE-2020-25605
        RESERVED
 CVE-2020-25604 (An issue was discovered in Xen through 4.14.x. There is a race 
conditi ...)
@@ -19503,7 +19503,7 @@ CVE-2020-24695
 CVE-2020-24694
        RESERVED
 CVE-2020-24693 (The Ignite portal in Mitel MiContact Center Business before 
9.3.0.0 co ...)
-       TODO: check
+       NOT-FOR-US: Mitel
 CVE-2020-24692 (The Ignite portal in Mitel MiContact Center Business before 
9.3.0.0 co ...)
        NOT-FOR-US: Mitel
 CVE-2020-24691



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e644a6f2caedd0f0f167c5e3c7cfcaa87c5c6d0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e644a6f2caedd0f0f167c5e3c7cfcaa87c5c6d0
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process more NFUs

Reply via email to