diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2020-11-25 19:33:57 +0100 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2020-11-25 19:33:57 +0100 |
| commit | 29e91addcc744a2510e01eb27edbaae37e2fb679 (patch) | |
| tree | 8098e751e2d6103571a412f62451cb8800759dc8 /data | |
| parent | 050e624bc7e41d8aa493cef869ca4a0ea033d61c (diff) | |
new nomad issue
NFUs
more imagemagick triage
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/data/CVE/list b/data/CVE/list index aebf0a61f7..346e27b60f 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -2680,7 +2680,7 @@ CVE-2020-28974 (A slab-out-of-bounds read in fbcon in the Linux kernel before 5. CVE-2020-28361 (Kamailio before 5.4.0, as used in Sip Express Router (SER) in Sippy So ...) TODO: check, this might be specific to Kamailio as used in the specified product CVE-2020-28360 (Insufficient RegEx in private-ip npm package v1.0.5 and below insuffic ...) - TODO: check + NOT-FOR-US: Node private-ip CVE-2020-28359 RESERVED CVE-2020-28358 @@ -2704,7 +2704,8 @@ CVE-2020-28350 (A Cross Site Scripting (XSS) vulnerability exists in OPAC in Sok CVE-2020-28349 (** DISPUTED ** An inaccurate frame deduplication process in ChirpStack ...) NOT-FOR-US: ChirpStack Network Server CVE-2020-28348 (HashiCorp Nomad and Nomad Enterprise 0.9.0 up to 0.12.7 client Docker ...) - TODO: check + - nomad <unfixed> + NOTE: https://github.com/hashicorp/nomad/issues/9303 CVE-2020-28347 (tdpServer on TP-Link Archer A7 AC1750 devices before 201029 allows rem ...) NOT-FOR-US: TP-Link CVE-2020-28346 @@ -5809,6 +5810,7 @@ CVE-2020-27751 CVE-2020-27750 RESERVED - imagemagick 8:6.9.11.24+dfsg-1 + [buster] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1711 NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/a81ca9a1b46a96be83682af3389f0a6f3d0d389d NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/c7038e710ad0204d6cb37a0229fc55f6f8a8662f @@ -10907,6 +10909,7 @@ CVE-2020-25667 CVE-2020-25666 RESERVED - imagemagick 8:6.9.11.24+dfsg-1 + [buster] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1750 NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/94691f00839dbdf43edb1508af945ab19b388573 NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/91ae12c57f3b9b23f2072462c27a8378b59f395e @@ -12156,7 +12159,7 @@ CVE-2020-25161 CVE-2020-25160 RESERVED CVE-2020-25159 (499ES EtherNet/IP (ENIP) Adaptor Source Code is vulnerable to a stack- ...) - TODO: check + NOT-FOR-US: 499ES CVE-2020-25158 RESERVED CVE-2020-25157 (The R-SeeNet webpage (1.5.1 through 2.4.10) suffers from SQL injection ...) @@ -53943,7 +53946,7 @@ CVE-2020-7779 CVE-2020-7778 RESERVED CVE-2020-7777 (This affects all versions of package jsen. If an attacker can control ...) - TODO: check + NOT-FOR-US: Node jsen CVE-2020-7776 RESERVED CVE-2020-7775 |