NFUs

author: Moritz Muehlenhoff <jmm@debian.org> 2020-12-04 09:46:23 +0100
committer: Moritz Muehlenhoff <jmm@debian.org> 2020-12-04 09:46:23 +0100
commit: d8d3de1e365537b63a194eea2d704b43be55a7b2 (patch)
tree: e75aecb84253577cdba753c7ae74ffa9a0da140e
parent: d3e060b74b83bcff2257796b090c01f402c8c406 (diff)
1 files changed, 16 insertions, 16 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 9d07939320..1847dac9d2 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -8425,7 +8425,7 @@ CVE-2020-27350
 CVE-2020-27349
 	RESERVED
 CVE-2020-27348 (In some conditions, a snap package built by snapcraft includes the cur ...)
-	TODO: check
+	NOT-FOR-US: snapcraft
 CVE-2020-27346
 	REJECTED
 CVE-2020-27345
@@ -39177,7 +39177,7 @@ CVE-2020-13527
 CVE-2020-13526
 	RESERVED
 CVE-2020-13525 (The sort parameter in the download page /sysworkflow/en/neoclassic/rep ...)
-	TODO: check
+	NOT-FOR-US: ProcessMaker
 CVE-2020-13524 (An out-of-bounds memory corruption vulnerability exists in the way Pix ...)
 	NOT-FOR-US: Pixar OpenUSD
 CVE-2020-13523 (An exploitable information disclosure vulnerability exists in SoftPerf ...)
@@ -51896,9 +51896,9 @@ CVE-2020-9117 (HUAWEI nova 4 versions earlier than 10.0.0.165(C01E34R2P4) and Sy
 CVE-2020-9116 (Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection ...)
 	NOT-FOR-US: Huawei
 CVE-2020-9115 (ManageOne versions 6.5.1.1.B010, 6.5.1.1.B020, 6.5.1.1.B030, 6.5.1.1.B ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9114 (FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a pri ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9113 (HUAWEI Mate 20 versions earlier than 10.0.0.188(C00E74R3P8) have a buf ...)
 	NOT-FOR-US: Huawei
 CVE-2020-9112 (Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a priv ...)
@@ -55853,13 +55853,13 @@ CVE-2020-7550 (A CWE-119 Improper Restriction of Operations within the Bounds of
 CVE-2020-7549
 	RESERVED
 CVE-2020-7548 (A CWE-330 - Use of Insufficiently Random Values vulnerability exists i ...)
-	TODO: check
+	NOT-FOR-US: Schneider
 CVE-2020-7547 (A CWE-284: Improper Access Control vulnerability exists in EcoStruxure ...)
-	TODO: check
+	NOT-FOR-US: Schneider
 CVE-2020-7546 (A CWE-79: Improper Neutralization of Input During Web Page Generation  ...)
-	TODO: check
+	NOT-FOR-US: Schneider
 CVE-2020-7545 (A CWE-284:Improper Access Control vulnerability exists in EcoStruxure& ...)
-	TODO: check
+	NOT-FOR-US: Schneider
 CVE-2020-7544 (A CWE-269 Improper Privilege Management vulnerability exists in EcoStr ...)
 	NOT-FOR-US: EcoStruxure Operator Terminal Expert runtime
 CVE-2020-7543
@@ -59828,9 +59828,9 @@ CVE-2020-6020 (Check Point Security Management's Internal CA web management befo
 CVE-2020-6019 (Valve's Game Networking Sockets prior to version v1.2.0 improperly han ...)
 	NOT-FOR-US: Valve's Game Networking Sockets
 CVE-2020-6018 (Valve's Game Networking Sockets prior to version v1.2.0 improperly han ...)
-	TODO: check
+	NOT-FOR-US: Valve's Game Networking Sockets
 CVE-2020-6017 (Valve's Game Networking Sockets prior to version v1.2.0 improperly han ...)
-	TODO: check
+	NOT-FOR-US: Valve's Game Networking Sockets
 CVE-2020-6016 (Valve's Game Networking Sockets prior to version v1.2.0 improperly han ...)
 	NOT-FOR-US: Valve's Game Networking Sockets
 CVE-2020-6015 (Check Point Endpoint Security for Windows before E84.10 can reach deni ...)
@@ -61114,7 +61114,7 @@ CVE-2020-5425 (Single Sign-On for Vmware Tanzu all versions prior to 1.11.3 ,1.1
 CVE-2020-5424
 	REJECTED
 CVE-2020-5423 (CAPI (Cloud Controller) versions prior to 1.101.0 are vulnerable to a  ...)
-	TODO: check
+	NOT-FOR-US: Cloud Foundry
 CVE-2020-5422 (BOSH System Metrics Server releases prior to 0.1.0 exposed the UAA pas ...)
 	NOT-FOR-US: BOSH System Metrics Server
 CVE-2020-5421 (In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5. ...)
@@ -69831,15 +69831,15 @@ CVE-2020-2326
 CVE-2020-2325
 	RESERVED
 CVE-2020-2324 (Jenkins CVS Plugin 2.16 and earlier does not configure its XML parser  ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2020-2323 (Jenkins Chaos Monkey Plugin 0.4 and earlier does not perform permissio ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2020-2322 (Jenkins Chaos Monkey Plugin 0.3 and earlier does not perform permissio ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2020-2321 (A cross-site request forgery (CSRF) vulnerability in Jenkins Shelve Pr ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2020-2320 (Jenkins Plugin Installation Manager Tool 2.1.3 and earlier does not ve ...)
-	TODO: check
+	NOT-FOR-US: Jenkins plugin
 CVE-2020-2319 (Jenkins VMware Lab Manager Slaves Plugin 0.2.8 and earlier stores a pa ...)
 	NOT-FOR-US: Jenkins plugin
 CVE-2020-2318 (Jenkins Mail Commander Plugin for Jenkins-ci Plugin 1.0.0 and earlier  ...)
author	Moritz Muehlenhoff <jmm@debian.org>	2020-12-04 09:46:23 +0100
committer	Moritz Muehlenhoff <jmm@debian.org>	2020-12-04 09:46:23 +0100
commit	d8d3de1e365537b63a194eea2d704b43be55a7b2 (patch)
tree	e75aecb84253577cdba753c7ae74ffa9a0da140e
parent	d3e060b74b83bcff2257796b090c01f402c8c406 (diff)