From 21e65b511b0d8523617bdba4901ca61d62129b24 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Fri, 27 Nov 2020 05:54:47 +0100 Subject: golang-github-go-ethereum: Replace some NFUs with ITP referenced entry --- data/CVE/list | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index ce05e3fb29..dc5746778e 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -9662,11 +9662,11 @@ CVE-2020-26243 (Nanopb is a small code-size Protocol Buffers implementation. In NOTE: https://github.com/nanopb/nanopb/commit/edf6dcbffee4d614ac0c2c1b258ab95185bdb6e9 (0.4.4) NOTE: https://github.com/nanopb/nanopb/issues/615 CVE-2020-26242 (Go Ethereum, or "Geth", is the official Golang implementation of the E ...) - NOT-FOR-US: Go Ethereum + - golang-github-go-ethereum (bug #890541) CVE-2020-26241 (Go Ethereum, or "Geth", is the official Golang implementation of the E ...) - NOT-FOR-US: Go Ethereum + - golang-github-go-ethereum (bug #890541) CVE-2020-26240 (Go Ethereum, or "Geth", is the official Golang implementation of the E ...) - NOT-FOR-US: Go Ethereum + - golang-github-go-ethereum (bug #890541) CVE-2020-26239 (Scratch Addons is a WebExtension that supports both Chrome and Firefox ...) NOT-FOR-US: Scratch Addons CVE-2020-26238 (Cron-utils is a Java library to parse, validate, migrate crons as well ...) @@ -120988,7 +120988,7 @@ CVE-2018-20423 (Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote CVE-2018-20422 (Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote attac ...) NOT-FOR-US: DiscuzX CVE-2018-20421 (Go Ethereum (aka geth) 1.8.19 allows attackers to cause a denial of se ...) - NOT-FOR-US: Go Ethereum + - golang-github-go-ethereum (bug #890541) CVE-2018-20420 (In webERP 4.15, Z_CreateCompanyTemplateFile.php has Incorrect Access C ...) NOT-FOR-US: webERP CVE-2018-20419 (DouCo DouPHP 1.5 has upload/admin/manager.php?rec=insert CSRF to add a ...) @@ -131877,7 +131877,7 @@ CVE-2018-19186 (The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2 CVE-2018-19185 (An issue has been found in libIEC61850 v1.3. It is a heap-based buffer ...) NOT-FOR-US: libIEC61850 CVE-2018-19184 (cmd/evm/runner.go in Go Ethereum (aka geth) 1.8.17 allows attackers to ...) - NOT-FOR-US: Go Ethereum + - golang-github-go-ethereum (bug #890541) CVE-2018-19183 (ethereumjs-vm 2.4.0 allows attackers to cause a denial of service (vm. ...) NOT-FOR-US: ethereumjs-vm CVE-2018-19182 (Engelsystem before commit hash 2e28336 allows CSRF. ...) @@ -138448,7 +138448,7 @@ CVE-2018-16735 CVE-2018-16734 RESERVED CVE-2018-16733 (In Go Ethereum (aka geth) before 1.8.14, TraceChain in eth/api_tracer. ...) - NOT-FOR-US: Go Ethereum + - golang-github-go-ethereum (bug #890541) CVE-2018-16732 (\upload\plugins\sys\admin\Setting.php in CScms 4.1 allows CSRF via adm ...) NOT-FOR-US: CScms CVE-2018-16731 (CScms 4.1 allows arbitrary file upload by (for example) adding the php ...) @@ -150906,7 +150906,7 @@ CVE-2018-12019 (The signature verification routine in Enigmail before 2.0.7 inte NOTE: https://www.openwall.com/lists/oss-security/2018/06/13/10 NOTE: https://neopg.io/blog/enigmail-signature-spoof/ CVE-2018-12018 (The GetBlockHeadersMsg handler in the LES protocol implementation in G ...) - NOT-FOR-US: Go Ethereum + - golang-github-go-ethereum (bug #890541) CVE-2018-12017 RESERVED CVE-2018-12016 (libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows rem ...) -- cgit v1.2.3