[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Salvatore Bonaccorso Mon, 20 Apr 2020 13:30:40 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
fd33e83d by Salvatore Bonaccorso at 2020-04-20T22:29:49+02:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1294,7 +1294,7 @@ CVE-2020-11755
 CVE-2020-11754
        RESERVED
 CVE-2020-11753 (An issue was discovered in Sonatype Nexus Repository Manager 
in versio ...)
-       TODO: check
+       NOT-FOR-US: Sonatype
 CVE-2020-11752
        RESERVED
 CVE-2020-11751
@@ -16020,7 +16020,7 @@ CVE-2020-5571
 CVE-2020-5570
        RESERVED
 CVE-2020-5569 (An unquoted search path vulnerability exists HDD Password tool 
(for Wi ...)
-       TODO: check
+       NOT-FOR-US: HDD Password tool (CANVIO)
 CVE-2020-5568
        RESERVED
 CVE-2020-5567
@@ -16676,7 +16676,7 @@ CVE-2020-5295
 CVE-2020-5294 (PrestaShop module ps_facetedsearch versions before 2.1.0 has a 
reflect ...)
        NOT-FOR-US: PrestaShop
 CVE-2020-5293 (In PrestaShop between versions 1.7.0.0 and 1.7.6.5, there are 
improper ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop
 CVE-2020-5292 (Leantime before versions 2.0.15 and 2.1-beta3 has a SQL 
Injection vuln ...)
        NOT-FOR-US: Leantime
 CVE-2020-5290 (In RedpwnCTF before version 2.3, there is a session fixation 
vulnerabi ...)
@@ -16684,13 +16684,13 @@ CVE-2020-5290 (In RedpwnCTF before version 2.3, there 
is a session fixation vuln
 CVE-2020-5289 (In Elide before 4.5.14, it is possible for an adversary to 
"guess and  ...)
        NOT-FOR-US: Elide
 CVE-2020-5288 ("In PrestaShop between versions 1.7.0.0 and 1.7.6.5, there is 
improper ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop
 CVE-2020-5287 (In PrestaShop between versions 1.5.5.0 and 1.7.6.5, there is 
improper  ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop
 CVE-2020-5286 (In PrestaShop between versions 1.7.4.0 and 1.7.6.5, there is a 
reflect ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop
 CVE-2020-5285 (In PrestaShop between versions 1.7.6.0 and 1.7.6.5, there is a 
reflect ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop
 CVE-2020-5284 (Next.js versions before 9.3.2 have a directory traversal 
vulnerability ...)
        NOT-FOR-US: next.js
 CVE-2020-5283 (ViewVC before versions 1.1.28 and 1.2.1 has a XSS vulnerability 
in CVS ...)
@@ -16708,13 +16708,13 @@ CVE-2020-5281 (In Perun before version 3.9.1, VO or 
group manager can modify con
 CVE-2020-5280 (http4s before versions 0.18.26, 0.20.20, and 0.21.2 has a local 
file i ...)
        NOT-FOR-US: http4s
 CVE-2020-5279 (In PrestaShop between versions 1.5.0.0 and 1.7.6.5, there are 
improper ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop
 CVE-2020-5278 (In PrestaShop between versions 1.5.4.0 and 1.7.6.5, there is a 
reflect ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop
 CVE-2020-5277 (PrestaShop module ps_facetedsearch versions before 3.5.0 has a 
reflect ...)
        NOT-FOR-US: PrestaShop
 CVE-2020-5276 (In PrestaShop between versions 1.7.1.0 and 1.7.6.5, there is a 
reflect ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop
 CVE-2020-5275 (In symfony/security-http before versions 4.4.7 and 5.0.7, when 
a `Fire ...)
        - symfony <unfixed>
        [buster] - symfony <not-affected> (Introduced in 4.4.0)
@@ -16733,13 +16733,13 @@ CVE-2020-5274 (In Symfony before versions 5.0.5 and 
4.4.5, some properties of th
 CVE-2020-5273 (In PrestaShop module ps_linklist versions before 3.1.0, there 
is a sto ...)
        NOT-FOR-US: PrestaShop
 CVE-2020-5272 (In PrestaShop between versions 1.5.5.0 and 1.7.6.5, there is a 
reflect ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop
 CVE-2020-5271 (In PrestaShop between versions 1.6.0.0 and 1.7.6.5, there is a 
reflect ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop
 CVE-2020-5270 (In PrestaShop between versions 1.7.6.0 and 1.7.6.5, there is an 
open r ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop
 CVE-2020-5269 (In PrestaShop between versions 1.7.6.1 and 1.7.6.5, there is a 
reflect ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop
 CVE-2020-5268
        RESERVED
 CVE-2020-5267 (In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a 
possible ...)
@@ -16752,9 +16752,9 @@ CVE-2020-5267 (In ActionView before versions 6.0.2.2 
and 5.2.4.2, there is a pos
 CVE-2020-5266 (In the ps_link module for PrestaShop before version 3.1.0, 
there is a  ...)
        NOT-FOR-US: PrestaShop
 CVE-2020-5265 (In PrestaShop between versions 1.7.6.1 and 1.7.6.5, there is a 
reflect ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop
 CVE-2020-5264 (In PrestaShop before version 1.7.6.5, there is a reflected XSS 
while r ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop
 CVE-2020-5263 (auth0.js (NPM package auth0-js) greater than version 8.0.0 and 
before  ...)
        NOT-FOR-US: Node auth0-js
 CVE-2020-5262 (In EasyBuild before version 4.1.2, the GitHub Personal Access 
Token (P ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd33e83d48af27a4101157e0a2c33e87afaae7f6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd33e83d48af27a4101157e0a2c33e87afaae7f6
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Reply via email to