From 52892bee6f8b706370e743abfa03c7eddd5cbf17 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Mon, 1 Jun 2020 10:16:59 +0200 Subject: Process several NFUs --- data/CVE/list.2020 | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index a3eaf611d5..3d9b6dcf76 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -5942,7 +5942,7 @@ CVE-2020-11076 (In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smu NOTE: https://github.com/puma/puma/security/advisories/GHSA-x7jg-6pwg-fx5h NOTE: https://github.com/puma/puma/commit/f24d5521295a2152c286abb0a45a1e1e2bd275bd CVE-2020-11075 (In Anchore Engine version 0.7.0, a specially crafted container image m ...) - TODO: check + NOT-FOR-US: Anchore Engine CVE-2020-11074 RESERVED CVE-2020-11073 (In Autoswitch Python Virtualenv before version 0.16.0, a user who ente ...) @@ -5980,7 +5980,7 @@ CVE-2020-11060 (In GLPI before 9.4.6, an attacker can execute system commands by NOTE: https://github.com/glpi-project/glpi/commit/ad748d59c94da177a3ed25111c453902396f320c NOTE: Only supported behind an authenticated HTTP zone CVE-2020-11059 (In AEgir greater than or equal to 21.7.0 and less than 21.10.1, aegir ...) - TODO: check + NOT-FOR-US: AEgir CVE-2020-11058 (In FreeRDP after 1.1 and before 2.0.0, a stream out-of-bounds seek in ...) - freerdp2 2.1.1+dfsg1-1 [buster] - freerdp2 (Minor issue) @@ -13451,7 +13451,7 @@ CVE-2020-7814 CVE-2020-7813 (Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 and prio ...) NOT-FOR-US: Kaoni CVE-2020-7812 (Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 and prio ...) - TODO: check + NOT-FOR-US: Kaoni ezHTTPTrans CVE-2020-7811 RESERVED CVE-2020-7810 @@ -21790,27 +21790,27 @@ CVE-2020-4025 CVE-2020-4024 RESERVED CVE-2020-4023 (The review coverage resource in Atlassian Fisheye and Crucible before ...) - TODO: check + NOT-FOR-US: Atlassian Fisheye and Crucible CVE-2020-4022 RESERVED CVE-2020-4021 (Affected versions are: Before 8.5.5, and from 8.6.0 before 8.8.1 of At ...) - TODO: check + NOT-FOR-US: Atlassian CVE-2020-4020 (The file downloading functionality in the Atlassian Companion App befo ...) - TODO: check + NOT-FOR-US: Atlassian CVE-2020-4019 (The file editing functionality in the Atlassian Companion App before v ...) - TODO: check + NOT-FOR-US: Atlassian CVE-2020-4018 (The setup resources in Atlassian Fisheye and Crucible before version 4 ...) - TODO: check + NOT-FOR-US: Atlassian CVE-2020-4017 (The /rest/jira-ril/1.0/jira-rest/applinks resource in the crucible-jir ...) - TODO: check + NOT-FOR-US: Atlassian CVE-2020-4016 (The /plugins/servlet/jira-blockers/ resource in the crucible-jira-ril ...) - TODO: check + NOT-FOR-US: Atlassian CVE-2020-4015 (The /json/fe/activeUserFinder.do resource in Altassian Fisheye and Cru ...) - TODO: check + NOT-FOR-US: Atlassian CVE-2020-4014 (The /profile/deleteWatch.do resource in Atlassian Fisheye and Crucible ...) - TODO: check + NOT-FOR-US: Atlassian CVE-2020-4013 (The review resource in Atlassian Fisheye and Crucible before version 4 ...) - TODO: check + NOT-FOR-US: Atlassian CVE-2020-4012 RESERVED CVE-2020-4011 -- cgit v1.2.3