NFUs

author: Moritz Muehlenhoff <jmm@debian.org> 2020-10-28 14:03:14 +0100
committer: Moritz Muehlenhoff <jmm@debian.org> 2020-10-28 15:01:53 +0100
commit: f600595b5a03db9f8a7da24c39675f9e78705d91 (patch)
tree: f8582d84bb8215a6f77948aa6204fd7d8fefd056 /data/CVE/list
parent: e4b8cafc8c21a766001fed4f28af92a2a7ab7042 (diff)
1 files changed, 24 insertions, 24 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 86ae842e3e..9597c4955b 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -21,7 +21,7 @@ CVE-2020-27959
 CVE-2020-27958
 	RESERVED
 CVE-2020-27957 (The RandomGameUnit extension for MediaWiki through 1.35 was not proper ...)
-	TODO: check
+	NOT-FOR-US: MediaWiki extension
 CVE-2020-27956 (An Arbitrary File Upload in the Upload Image component in SourceCodest ...)
 	NOT-FOR-US: SourceCodester Car Rental Management System
 CVE-2020-27955
@@ -159,7 +159,7 @@ CVE-2020-27890 (The Zigbee protocol implementation on Texas Instruments CC2538 d
 CVE-2020-27889
 	RESERVED
 CVE-2020-27888 (An issue was discovered on Ubiquiti UniFi Meshing Access Point UAP-AC- ...)
-	TODO: check
+	NOT-FOR-US: Ubiquiti
 CVE-2021-0300
 	RESERVED
 CVE-2021-0299
@@ -429,7 +429,7 @@ CVE-2020-27855
 CVE-2020-27854
 	RESERVED
 CVE-2020-27853 (Wire before 2020-10-16 allows remote attackers to cause a denial of se ...)
-	TODO: check
+	NOT-FOR-US: Wire app
 CVE-2020-27852
 	RESERVED
 CVE-2020-27851
@@ -27363,11 +27363,11 @@ CVE-2020-15276
 CVE-2020-15275
 	RESERVED
 CVE-2020-15274 (In Wiki.js before version 2.5.162, an XSS payload can be injected in a ...)
-	TODO: check
+	NOT-FOR-US: Wiki.js
 CVE-2020-15273
 	RESERVED
 CVE-2020-15272 (In the git-tag-annotation-action (open source GitHub Action) before ve ...)
-	TODO: check
+	NOT-FOR-US: git-tag-annotation-action
 CVE-2020-15271 (In lookatme (python/pypi package) versions prior to 2.3.0, the package ...)
 	- lookatme <unfixed> (bug #972988)
 	NOTE: https://github.com/d0c-s4vage/lookatme/security/advisories/GHSA-c84h-w6cr-5v8q
@@ -42767,7 +42767,7 @@ CVE-2020-9981
 CVE-2020-9980 (An out-of-bounds write issue was addressed with improved bounds checki ...)
 	NOT-FOR-US: Apple
 CVE-2020-9979 (A trust issue was addressed by removing a legacy API. This issue is fi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9978
 	RESERVED
 CVE-2020-9977
@@ -42779,7 +42779,7 @@ CVE-2020-9975
 CVE-2020-9974
 	RESERVED
 CVE-2020-9973 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9972
 	RESERVED
 CVE-2020-9971
@@ -42803,7 +42803,7 @@ CVE-2020-9963
 CVE-2020-9962
 	RESERVED
 CVE-2020-9961 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9960
 	RESERVED
 CVE-2020-9959 (A lock screen issue allowed access to messages on a locked device. Thi ...)
@@ -42843,7 +42843,7 @@ CVE-2020-9943
 CVE-2020-9942
 	RESERVED
 CVE-2020-9941 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9940 (A buffer overflow issue was addressed with improved memory handling. T ...)
 	NOT-FOR-US: Apple
 CVE-2020-9939 (This issue was addressed with improved checks. This issue is fixed in  ...)
@@ -42861,7 +42861,7 @@ CVE-2020-9934 (An issue existed in the handling of environment variables. This i
 CVE-2020-9933 (An authorization issue was addressed with improved state management. T ...)
 	NOT-FOR-US: Apple
 CVE-2020-9932 (A memory corruption issue was addressed with improved validation. This ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9931 (A denial of service issue was addressed with improved input validation ...)
 	NOT-FOR-US: Apple
 CVE-2020-9930
@@ -43018,7 +43018,7 @@ CVE-2020-9868 (A certificate validation issue existed when processing administra
 CVE-2020-9867
 	RESERVED
 CVE-2020-9866 (A buffer overflow was addressed with improved bounds checking. This is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9865 (A memory corruption issue was addressed by removing the vulnerable cod ...)
 	NOT-FOR-US: Apple
 CVE-2020-9864 (A logic issue was addressed with improved restrictions. This issue is  ...)
@@ -43035,13 +43035,13 @@ CVE-2020-9862 (A command injection issue existed in Web Inspector. This issue wa
 CVE-2020-9861
 	RESERVED
 CVE-2020-9860 (A custom URL scheme handling issue was addressed with improved input v ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9859 (A memory consumption issue was addressed with improved memory handling ...)
 	NOT-FOR-US: Apple
 CVE-2020-9858 (A dynamic library loading issue was addressed with improved path searc ...)
 	NOT-FOR-US: Apple
 CVE-2020-9857 (An issue existed in the parsing of URLs. This issue was addressed with ...)
-	TODO: check
+	NOT-FOR-US: Safari
 CVE-2020-9856 (This issue was addressed with improved checks. This issue is fixed in  ...)
 	NOT-FOR-US: Apple
 CVE-2020-9855 (A validation issue existed in the handling of symlinks. This issue was ...)
@@ -43219,7 +43219,7 @@ CVE-2020-9788 (A validation issue was addressed with improved input sanitization
 CVE-2020-9787 (A logic issue was addressed with improved restrictions. This issue is  ...)
 	NOT-FOR-US: Apple
 CVE-2020-9786 (This issue was addressed with improved checks This issue is fixed in m ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9785 (Multiple memory corruption issues were addressed with improved state m ...)
 	NOT-FOR-US: Apple
 CVE-2020-9784 (A logic issue was addressed with improved restrictions. This issue is  ...)
@@ -43227,7 +43227,7 @@ CVE-2020-9784 (A logic issue was addressed with improved restrictions. This issu
 CVE-2020-9783 (A use after free issue was addressed with improved memory management.  ...)
 	NOT-FOR-US: Apple
 CVE-2020-9782 (A parsing issue in the handling of directory paths was addressed with  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9781 (The issue was addressed by clearing website permission prompts after n ...)
 	NOT-FOR-US: Apple
 CVE-2020-9780 (The issue was resolved by clearing application previews when content i ...)
@@ -43243,7 +43243,7 @@ CVE-2020-9776 (This issue was addressed with a new entitlement. This issue is fi
 CVE-2020-9775 (An issue existed in the handling of tabs displaying picture in picture ...)
 	NOT-FOR-US: Apple
 CVE-2020-9774 (An issue existed with Siri Suggestions access to encrypted data. The i ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9773 (The issue was addressed with improved handling of icon caches. This is ...)
 	NOT-FOR-US: Apple
 CVE-2020-9772 (A logic issue was addressed with improved restrictions. This issue is  ...)
@@ -58569,7 +58569,7 @@ CVE-2020-3882 (This issue was addressed with improved checks. This issue is fixe
 CVE-2020-3881 (A logic issue was addressed with improved state management. This issue ...)
 	NOT-FOR-US: Apple
 CVE-2020-3880 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-3879
 	RESERVED
 CVE-2020-3878 (An out-of-bounds read was addressed with improved input validation. Th ...)
@@ -58623,7 +58623,7 @@ CVE-2020-3864 (A logic issue was addressed with improved validation. This issue
 	- wpewebkit 2.26.4-1
 	NOTE: https://webkitgtk.org/security/WSA-2020-0002.html
 CVE-2020-3863 (A memory corruption issue was addressed with improved memory handling. ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-3862 (A denial of service issue was addressed with improved memory handling. ...)
 	{DSA-4627-1}
 	- webkit2gtk 2.26.4-1
@@ -58644,15 +58644,15 @@ CVE-2020-3857 (A memory corruption issue was addressed with improved memory hand
 CVE-2020-3856 (A memory corruption issue was addressed with improved input validation ...)
 	NOT-FOR-US: Apple
 CVE-2020-3855 (An access issue was addressed with improved access restrictions. This  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-3854 (A memory corruption issue was addressed with improved memory handling. ...)
 	NOT-FOR-US: Apple
 CVE-2020-3853 (A type confusion issue was addressed with improved memory handling. Th ...)
 	NOT-FOR-US: Apple
 CVE-2020-3852 (A logic issue was addressed with improved validation. This issue is fi ...)
-	TODO: check
+	NOT-FOR-US: Safari
 CVE-2020-3851 (A use after free issue was addressed with improved memory management.  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-3850 (A memory corruption issue was addressed with improved input validation ...)
 	NOT-FOR-US: Apple
 CVE-2020-3849 (A memory corruption issue was addressed with improved input validation ...)
@@ -63963,7 +63963,7 @@ CVE-2020-1917
 CVE-2020-1916
 	RESERVED
 CVE-2020-1915 (An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes ...)
-	TODO: check
+	NOT-FOR-US: Facebook Hermes
 CVE-2020-1914 (A logic vulnerability when handling the SaveGeneratorLong instruction  ...)
 	NOT-FOR-US: Facebook Hermes
 CVE-2020-1913 (An Integer signedness error in the JavaScript Interpreter in Facebook  ...)
@@ -100829,13 +100829,13 @@ CVE-2019-8903 (index.js in Total.js Platform before 3.2.3 allows path traversal.
 CVE-2019-8902 (An issue was discovered in idreamsoft iCMS through 7.0.14. A CSRF vuln ...)
 	NOT-FOR-US: idreamsoft iCMS
 CVE-2019-8901 (This issue was addressed by verifying host keys when connecting to a p ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2019-8900
 	RESERVED
 CVE-2019-8899
 	RESERVED
 CVE-2019-8898 (An information disclosure issue existed in the handling of the Storage ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2019-8897
 	RESERVED
 CVE-2019-8896
author	Moritz Muehlenhoff <jmm@debian.org>	2020-10-28 14:03:14 +0100
committer	Moritz Muehlenhoff <jmm@debian.org>	2020-10-28 15:01:53 +0100
commit	f600595b5a03db9f8a7da24c39675f9e78705d91 (patch)
tree	f8582d84bb8215a6f77948aa6204fd7d8fefd056 /data/CVE/list
parent	e4b8cafc8c21a766001fed4f28af92a2a7ab7042 (diff)