[Git][security-tracker-team/security-tracker][master] new nette issue

Tue, 06 Oct 2020 06:08:18 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c895ca68 by Moritz Muehlenhoff at 2020-10-06T15:07:21+02:00
new nette issue
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4877,7 +4877,7 @@ CVE-2020-24358
 CVE-2020-24357
        RESERVED
 CVE-2020-24356 (`cloudflared` versions prior to 2020.8.1 contain a local 
privilege esc ...)
-       TODO: check
+       NOT-FOR-US: cloudflared
 CVE-2020-24355 (Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and 
possibl ...)
        NOT-FOR-US: Zyxel
 CVE-2020-24354 (Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and 
possibl ...)
@@ -22922,7 +22922,7 @@ CVE-2019-20905
 CVE-2019-20904
        RESERVED
 CVE-2019-20903 (The hyperlinks functionality in atlaskit/editor-core in before 
version ...)
-       TODO: check
+       NOT-FOR-US: Atlassian
 CVE-2019-20902 (Upgrading Crowd via XML Data Transfer can reactivate a 
disabled user f ...)
        NOT-FOR-US: Atlassian
 CVE-2019-20901 (The login.jsp resource in Jira before version 8.5.2, and from 
version  ...)
@@ -23797,17 +23797,18 @@ CVE-2020-15234 (ORY Fosite is a security first OAuth2 
& OpenID Connect frame
 CVE-2020-15233 (ORY Fosite is a security first OAuth2 & OpenID Connect 
framework f ...)
        NOT-FOR-US: ORY Fosite
 CVE-2020-15232 (In mapfish-print before version 3.24, a user can do to an XML 
External ...)
-       TODO: check
+       NOT-FOR-US: mapfish-print
 CVE-2020-15231 (In mapfish-print before version 3.24, a user can use the JSONP 
support ...)
-       TODO: check
+       NOT-FOR-US: mapfish-print
 CVE-2020-15230 (Vapor is a web framework for Swift. In Vapor before version 
4.29.4, At ...)
-       TODO: check
+       NOT-FOR-US: Vapor
 CVE-2020-15229
        RESERVED
 CVE-2020-15228 (In the `@actions/core` npm module before version 
1.2.6,`addPath` and ` ...)
        TODO: check
 CVE-2020-15227 (Nette versions before 2.0.19, 2.1.13, 2.2.10, 2.3.14, 2.4.16, 
3.0.6 ar ...)
-       TODO: check
+       - php-nette <removed>
+       NOTE: 
https://github.com/nette/application/security/advisories/GHSA-8gv3-3j7f-wg94
 CVE-2020-15226
        RESERVED
 CVE-2020-15225



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c895ca68c629a9ba7c21d9020bd6a0fd3baa5ecd

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c895ca68c629a9ba7c21d9020bd6a0fd3baa5ecd
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to