new webcit issues

NFUs

1 files changed, 18 insertions, 18 deletions

diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index a290118e63..d4fdb1e8c6 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -19,7 +19,7 @@ CVE-2020-27983
 CVE-2020-27982
 	RESERVED
 CVE-2020-27981 (An XSS vulnerability in the auto-complete function of the description  ...)
-	TODO: check
+	NOT-FOR-US: Firefly III
 CVE-2020-27980 (Genexis Platinum-4410 P4410-V2-1.28 devices allow stored XSS in the WL ...)
 	NOT-FOR-US: Genexis Platinum-4410 P4410-V2-1.28 devices
 CVE-2020-27979
@@ -498,13 +498,13 @@ CVE-2020-27743 (libtac in pam_tacplus through 1.5.1 lacks a check for a failure
 	- libpam-tacplus <unfixed> (bug #973250)
 	NOTE: https://github.com/kravietz/pam_tacplus/pull/163
 CVE-2020-27742 (An Insecure Direct Object Reference vulnerability in Citadel WebCit th ...)
-	TODO: check
+	- webcit <unfixed>
 CVE-2020-27741 (Multiple cross-site scripting (XSS) vulnerabilities in Citadel WebCit  ...)
-	TODO: check
+	- webcit <unfixed>
 CVE-2020-27740 (Citadel WebCit through 926 allows unauthenticated remote attackers to  ...)
-	TODO: check
+	- webcit <unfixed>
 CVE-2020-27739 (A Weak Session Management vulnerability in Citadel WebCit through 926  ...)
-	TODO: check
+	- webcit <unfixed>
 CVE-2020-27738
 	RESERVED
 CVE-2020-27737
@@ -6982,19 +6982,19 @@ CVE-2020-24715 (The Scalyr Agent before 2.1.10 has Missing SSL Certificate Valid
 CVE-2020-24714 (The Scalyr Agent before 2.1.10 has Missing SSL Certificate Validation  ...)
 	NOT-FOR-US: Scalyr
 CVE-2020-24713 (Gophish through 0.10.1 does not invalidate the gophish cookie upon log ...)
-	TODO: check
+	NOT-FOR-US: Gophish
 CVE-2020-24712 (Cross Site Scripting (XSS) vulnerability in Gophish before 0.11.0 via  ...)
-	TODO: check
+	NOT-FOR-US: Gophish
 CVE-2020-24711 (The Reset button on the Account Settings page in Gophish before 0.11.0 ...)
-	TODO: check
+	NOT-FOR-US: Gophish
 CVE-2020-24710 (Gophish before 0.11.0 allows SSRF attacks. ...)
-	TODO: check
+	NOT-FOR-US: Gophish
 CVE-2020-24709 (Cross Site Scripting (XSS) vulnerability in Gophish through 0.10.1 via ...)
-	TODO: check
+	NOT-FOR-US: Gophish
 CVE-2020-24708 (Cross Site Scripting (XSS) vulnerability in Gophish before 0.11.0 via  ...)
-	TODO: check
+	NOT-FOR-US: Gophish
 CVE-2020-24707 (Gophish before 0.11.0 allows the creation of CSV sheets that contain m ...)
-	TODO: check
+	NOT-FOR-US: Gophish
 CVE-2020-24706 (An issue was discovered in certain WSO2 products. The Try It tool allo ...)
 	NOT-FOR-US: WSO2
 CVE-2020-24705 (An issue was discovered in certain WSO2 products. A valid Carbon Manag ...)
@@ -45129,13 +45129,13 @@ CVE-2020-7757
 CVE-2020-7756
 	RESERVED
 CVE-2020-7755 (All versions of package dat.gui are vulnerable to Regular Expression D ...)
-	TODO: check
+	NOT-FOR-US: dat.GUI
 CVE-2020-7754 (This affects the package npm-user-validate before 1.0.1. The regex tha ...)
-	TODO: check
+	NOT-FOR-US: npm-user-validate
 CVE-2020-7753 (All versions of package trim are vulnerable to Regular Expression Deni ...)
-	TODO: check
+	NOT-FOR-US: Node trim
 CVE-2020-7752 (This affects the package systeminformation before 4.27.11. This packag ...)
-	TODO: check
+	NOT-FOR-US: Node systeminformation
 CVE-2020-7751 (This affects all versions of package pathval. ...)
 	- node-pathval 1.1.0-4 (bug #972895)
 	[buster] - node-pathval <no-dsa> (Minor issue)
@@ -51429,9 +51429,9 @@ CVE-2020-5147
 CVE-2020-5146
 	RESERVED
 CVE-2020-5145 (SonicWall Global VPN client version 4.10.4.0314 and earlier have an in ...)
-	TODO: check
+	NOT-FOR-US: SonicWall
 CVE-2020-5144 (SonicWall Global VPN client version 4.10.4.0314 and earlier allows unp ...)
-	TODO: check
+	NOT-FOR-US: SonicWall
 CVE-2020-5143 (SonicOS SSLVPN login page allows a remote unauthenticated attacker to  ...)
 	NOT-FOR-US: SonicOS SSLVPN
 CVE-2020-5142 (A stored cross-site scripting (XSS) vulnerability exists in the SonicO ...)