automatic update

author: security tracker role <sectracker@soriano.debian.org> 2020-09-25 08:10:19 +0000
committer: security tracker role <sectracker@soriano.debian.org> 2020-09-25 08:10:19 +0000
commit: 8887a61aecf361bcb54bb8686a2400cdd7bfbac5 (patch)
tree: c455ce8cce3f82db3e634538fac34ef57e48914c
parent: 3071383dd33aa240576e2fc8756d726dea7cd8d3 (diff)
5 files changed, 126 insertions, 87 deletions
diff --git a/data/CVE/2016.list b/data/CVE/2016.list
index 556f1cb8a5..b84df5bc97 100644
--- a/data/CVE/2016.list
+++ b/data/CVE/2016.list
@@ -1,3 +1,5 @@
+CVE-2016-11086 (lib/oauth/consumer.rb in the oauth-ruby gem through 0.5.4 for Ruby doe ...)
+	TODO: check
 CVE-2016-11085 (php/qmn_options_questions_tab.php in the quiz-master-next plugin befor ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2016-11084 (An issue was discovered in Mattermost Server before 2.1.0. It allows X ...)
diff --git a/data/CVE/2017.list b/data/CVE/2017.list
index 91e7b195e8..b2dfe16c83 100644
--- a/data/CVE/2017.list
+++ b/data/CVE/2017.list
@@ -4226,8 +4226,8 @@ CVE-2017-17479 (In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered
 	NOTE: Debian packaging does not build JPWL, has BUILD_JPWL:BOOL=OFF
 CVE-2017-17478 (An XSS issue was discovered in Designer Studio in Pegasystems Pega Pla ...)
 	NOT-FOR-US: Pegasystems Pega Platform
-CVE-2017-17477
-	RESERVED
+CVE-2017-17477 (Pexip Infinity before 17 allows an unauthenticated remote attacker to  ...)
+	TODO: check
 CVE-2017-17475 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a deni ...)
 	NOT-FOR-US: TG Soft Vir.IT eXplorer Lite
 CVE-2017-17474 (TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a deni ...)
diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index 9623b86360..291a98912a 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -28494,8 +28494,8 @@ CVE-2018-10587 (NetGain Enterprise Manager (EM) is affected by OS Command Inject
 	NOT-FOR-US: NetGain Enterprise Manager
 CVE-2018-10586 (NetGain Enterprise Manager (EM) is affected by multiple Stored Cross-S ...)
 	NOT-FOR-US: NetGain Enterprise Manager
-CVE-2018-10585
-	RESERVED
+CVE-2018-10585 (Pexip Infinity before 18 allows remote Denial of Service (XML parsing) ...)
+	TODO: check
 CVE-2018-10584
 	RESERVED
 CVE-2018-10583 (An information disclosure vulnerability occurs when LibreOffice 6.0.3  ...)
@@ -28895,8 +28895,8 @@ CVE-2018-10472 (An issue was discovered in Xen through 4.10.x allowing x86 HVM g
 	- xen 4.8.3+xsa262+shim4.10.0+comet3-1+deb9u6
 	[wheezy] - xen <not-affected> (No QMP support in wheezy)
 	NOTE: https://xenbits.xen.org/xsa/advisory-258.html
-CVE-2018-10432
-	RESERVED
+CVE-2018-10432 (Pexip Infinity before 18 allows Remote Denial of Service (TLS handshak ...)
+	TODO: check
 CVE-2018-10431 (D-Link DIR-615 2.5.17 devices allow Remote Code Execution via shell me ...)
 	NOT-FOR-US: D-Link
 CVE-2018-10430 (An issue was discovered in DiliCMS (aka DiligentCMS) 2.4.0. There is a ...)
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 6df6b37f86..b34f33127c 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -24503,8 +24503,8 @@ CVE-2019-11558
 	RESERVED
 CVE-2019-11557 (The WebDorado Contact Form Builder plugin before 1.0.69 for WordPress  ...)
 	NOT-FOR-US: WebDorado Contact Form Builder plugi for WordPress
-CVE-2019-11556
-	RESERVED
+CVE-2019-11556 (Pagure before 5.6 allows XSS via the templates/blame.html blame view. ...)
+	TODO: check
 CVE-2019-11554 (The Audible application through 2.34.0 for Android has Missing SSL Cer ...)
 	NOT-FOR-US: Audible application for Android
 CVE-2019-11553 (In Code42 for Enterprise through 6.8.4, an administrator without web r ...)
@@ -37166,10 +37166,10 @@ CVE-2019-7180
 	RESERVED
 CVE-2019-7179
 	RESERVED
-CVE-2019-7178
-	RESERVED
-CVE-2019-7177
-	RESERVED
+CVE-2019-7178 (Pexip Infinity before 20.1 allows privilege escalation by restoring a  ...)
+	TODO: check
+CVE-2019-7177 (Pexip Infinity before 20.1 allows Code Injection onto nodes via an adm ...)
+	TODO: check
 CVE-2019-7176 (An issue was discovered in GitLab Community and Enterprise Edition 8.x ...)
 	- gitlab 11.5.10+dfsg-1 (bug #921059)
 	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index fe7d30c104..7747e6a3cf 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -1,3 +1,39 @@
+CVE-2020-26115 (cPanel before 90.0.10 allows self XSS via the Cron Editor interface (S ...)
+	TODO: check
+CVE-2020-26114 (cPanel before 90.0.10 allows self XSS via the Cron Jobs interface (SEC ...)
+	TODO: check
+CVE-2020-26113 (cPanel before 90.0.10 allows self XSS via WHM Manage API Tokens interf ...)
+	TODO: check
+CVE-2020-26112 (The email quota cache in cPanel before 90.0.10 allows overwriting of f ...)
+	TODO: check
+CVE-2020-26111 (cPanel before 90.0.10 allows self XSS via the WHM Edit DNS Zone interf ...)
+	TODO: check
+CVE-2020-26110 (cPanel before 88.0.13 allows self XSS via DNS Zone Manager DNSSEC inte ...)
+	TODO: check
+CVE-2020-26109 (cPanel before 88.0.13 allows bypass of a protection mechanism that att ...)
+	TODO: check
+CVE-2020-26108 (cPanel before 88.0.13 mishandles file-extension dispatching, leading t ...)
+	TODO: check
+CVE-2020-26107 (cPanel before 88.0.3, upon an upgrade, establishes predictable PowerDN ...)
+	TODO: check
+CVE-2020-26106 (cPanel before 88.0.3 has weak permissions (world readable) for the pro ...)
+	TODO: check
+CVE-2020-26105 (In cPanel before 88.0.3, insecure chkservd test credentials are used o ...)
+	TODO: check
+CVE-2020-26104 (In cPanel before 88.0.3, an insecure SRS secret is used on a templated ...)
+	TODO: check
+CVE-2020-26103 (In cPanel before 88.0.3, an insecure site password is used for Mailman ...)
+	TODO: check
+CVE-2020-26102 (In cPanel before 88.0.3, an insecure auth policy API key is used by Do ...)
+	TODO: check
+CVE-2020-26101 (In cPanel before 88.0.3, insecure RNDC credentials are used for BIND o ...)
+	TODO: check
+CVE-2020-26100 (chsh in cPanel before 88.0.3 allows a Jailshell escape (SEC-497). ...)
+	TODO: check
+CVE-2020-26099 (cPanel before 88.0.3 allows attackers to bypass the SMTP greylisting p ...)
+	TODO: check
+CVE-2020-26098 (cPanel before 88.0.3 mishandles the Exim filter path, leading to remot ...)
+	TODO: check
 CVE-2020-26097
 	RESERVED
 CVE-2020-26096
@@ -745,12 +781,12 @@ CVE-2020-25751 (The paGO Commerce plugin 2.5.9.0 for Joomla! allows SQL Injectio
 	NOT-FOR-US: paGO Commerce plugin for Joomla!
 CVE-2020-25750 (** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in DotPlant2 b ...)
 	NOT-FOR-US: DotPlant2
-CVE-2020-25749
-	RESERVED
-CVE-2020-25748
-	RESERVED
-CVE-2020-25747
-	RESERVED
+CVE-2020-25749 (The Telnet service of Rubetek cameras RV-3406, RV-3409, and RV-3411 ca ...)
+	TODO: check
+CVE-2020-25748 (A Cleartext Transmission issue was discovered on Rubetek RV-3406, RV-3 ...)
+	TODO: check
+CVE-2020-25747 (The Telnet service of Rubetek RV-3406, RV-3409, and RV-3411 cameras (f ...)
+	TODO: check
 CVE-2020-25746
 	RESERVED
 CVE-2020-25745
@@ -802,8 +838,8 @@ CVE-2020-25728 (The Reset Password add-on before 1.2.0 for Alfresco has a broken
 	NOT-FOR-US: Reset Password add-on for Alfresco
 CVE-2020-25727 (The Reset Password add-on before 1.2.0 for Alfresco suffers from CMIS- ...)
 	NOT-FOR-US: Reset Password add-on for Alfresco
-CVE-2020-25726
-	RESERVED
+CVE-2020-25726 (A Directory Traversal issue was discovered on Hak5 WiFi Pineapple Mark ...)
+	TODO: check
 CVE-2020-25725
 	RESERVED
 CVE-2020-25724
@@ -1021,8 +1057,7 @@ CVE-2020-25627
 	RESERVED
 CVE-2020-25626
 	RESERVED
-CVE-2020-25625 [usb: hcd-ohci: infinite loop issue while processing transfer descriptors]
-	RESERVED
+CVE-2020-25625 (hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list ha ...)
 	- qemu <unfixed> (bug #970542)
 	[buster] - qemu <postponed> (Can be fixed along in next qemu DSA)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg05905.html
@@ -1859,8 +1894,8 @@ CVE-2020-25225
 	RESERVED
 CVE-2020-25224
 	RESERVED
-CVE-2020-25223
-	RESERVED
+CVE-2020-25223 (A remote code execution vulnerability exists in the WebAdmin of Sophos ...)
+	TODO: check
 CVE-2020-25222
 	RESERVED
 CVE-2020-25221 (get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5 ...)
@@ -1910,8 +1945,8 @@ CVE-2020-25205
 	RESERVED
 CVE-2020-25204
 	RESERVED
-CVE-2020-25203
-	RESERVED
+CVE-2020-25203 (The Framer Preview application 12 for Android exposes com.framer.viewe ...)
+	TODO: check
 CVE-2020-25576 (An issue was discovered in the rand_core crate before 0.4.2 for Rust.  ...)
 	- rust-rand-core 0.5.0-1 (bug #969911; low)
 	[buster] - rust-rand-core <no-dsa> (Minor issue)
@@ -2166,15 +2201,13 @@ CVE-2020-25087 (Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in
 	NOT-FOR-US: Ecommerce-CodeIgniter-Bootstrap
 CVE-2020-25086 (Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in applic ...)
 	NOT-FOR-US: Ecommerce-CodeIgniter-Bootstrap
-CVE-2020-25085 [sdhci: out-of-bounds access issue while doing multi block SDMA]
-	RESERVED
+CVE-2020-25085 (QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue  ...)
 	- qemu <unfixed> (bug #970540)
 	[buster] - qemu <postponed> (Can be fixed along in next qemu DSA)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg00733.html
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-09/msg01439.html
 	NOTE: https://www.openwall.com/lists/oss-security/2020/09/16/6
-CVE-2020-25084 [usb: use-after-free issue while setting up packet]
-	RESERVED
+CVE-2020-25084 (QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_p ...)
 	- qemu <unfixed> (bug #970539)
 	[buster] - qemu <postponed> (Can be fixed along in next qemu DSA)
 	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2020-08/msg08050.html
@@ -2203,7 +2236,7 @@ CVE-2020-25074
 	RESERVED
 CVE-2020-25072
 	RESERVED
-CVE-2020-25071 (Nifty Project Management Web Application 2020-08-26 allows XSS, via Ad ...)
+CVE-2020-25071 (** DISPUTED ** Nifty Project Management Web Application 2020-08-26 all ...)
 	NOT-FOR-US: Nifty Project Management Web Application
 CVE-2020-25070 (USVN (aka User-friendly SVN) before 1.0.10 allows CSRF, related to the ...)
 	NOT-FOR-US: User-friendly SVN
@@ -2957,8 +2990,8 @@ CVE-2020-24720
 	RESERVED
 CVE-2020-24719
 	RESERVED
-CVE-2020-24718
-	RESERVED
+CVE-2020-24718 (bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE th ...)
+	TODO: check
 CVE-2020-24717 (OpenZFS before 2.0.0-rc1, when used on FreeBSD, misinterprets group pe ...)
 	NOT-FOR-US: OpenZFS
 CVE-2020-24716 (OpenZFS before 2.0.0-rc1, when used on FreeBSD, allows execute permiss ...)
@@ -3018,8 +3051,8 @@ CVE-2020-24694
 	RESERVED
 CVE-2020-24693
 	RESERVED
-CVE-2020-24692
-	RESERVED
+CVE-2020-24692 (The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 co ...)
+	TODO: check
 CVE-2020-24691
 	RESERVED
 CVE-2020-24690
@@ -3174,8 +3207,8 @@ CVE-2020-24623 (A potential security vulnerability has been identified in Hewlet
 	NOT-FOR-US: Hewlett Packard Enterprise Universal API Framework
 CVE-2020-24622 (In Sonatype Nexus Repository 3.26.1, an S3 secret key can be exposed b ...)
 	NOT-FOR-US: Sonatype
-CVE-2020-24621
-	RESERVED
+CVE-2020-24621 (A remote code execution (RCE) vulnerability was discovered in the html ...)
+	TODO: check
 CVE-2020-24620
 	RESERVED
 CVE-2020-24619 (In mainwindow.cpp in Shotcut before 20.09.13, the upgrade check misuse ...)
@@ -3191,8 +3224,8 @@ CVE-2020-24616 (FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the in
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/2814
 	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
 	NOTE: but still an issue when Default Typing is enabled.
-CVE-2020-24615
-	RESERVED
+CVE-2020-24615 (Pexip Infinity before 24.1 has Improper Input Validation, leading to t ...)
+	TODO: check
 CVE-2020-24613 (wolfSSL before 4.5.0 mishandles TLS 1.3 server data in the WAIT_CERT_C ...)
 	- wolfssl 4.5.0+dfsg-1 (bug #969663)
 	NOTE: https://research.nccgroup.com/2020/08/24/technical-advisory-wolfssl-tls-1-3-client-man-in-the-middle-attack/
@@ -3230,14 +3263,14 @@ CVE-2020-24597
 	RESERVED
 CVE-2020-24596
 	RESERVED
-CVE-2020-24595
-	RESERVED
-CVE-2020-24594
-	RESERVED
-CVE-2020-24593
-	RESERVED
-CVE-2020-24592
-	RESERVED
+CVE-2020-24595 (Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker ...)
+	TODO: check
+CVE-2020-24594 (Mitel MiCloud Management Portal before 6.1 SP5 could allow an unauthen ...)
+	TODO: check
+CVE-2020-24593 (Mitel MiCloud Management Portal before 6.1 SP5 could allow a remote at ...)
+	TODO: check
+CVE-2020-24592 (Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker ...)
+	TODO: check
 CVE-2020-24591 (The Management Console in certain WSO2 products allows XXE attacks dur ...)
 	NOT-FOR-US: WSO2
 CVE-2020-24590 (The Management Console in WSO2 API Manager through 3.1.0 and API Micro ...)
@@ -4828,8 +4861,8 @@ CVE-2020-23839 (A Reflected Cross-Site Scripting (XSS) vulnerability in GetSimpl
 	NOT-FOR-US: GetSimple CMS
 CVE-2020-23838
 	RESERVED
-CVE-2020-23837
-	RESERVED
+CVE-2020-23837 (A Cross-Site Request Forgery (CSRF) vulnerability in the Multi User pl ...)
+	TODO: check
 CVE-2020-23836 (A Cross-Site Request Forgery (CSRF) vulnerability in edit_user.php in  ...)
 	NOT-FOR-US: OSWAPP Warehouse Inventory System
 CVE-2020-23835 (A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php  ...)
@@ -17821,8 +17854,8 @@ CVE-2020-17367 (Firejail through 0.9.62 does not honor the -- end-of-options ind
 CVE-2020-17366 (An issue was discovered in NLnet Labs Routinator 0.1.0 through 0.7.1.  ...)
 	- routinator <itp> (bug #929024)
 	NOTE: https://github.com/NLnetLabs/routinator/issues/319
-CVE-2020-17365
-	RESERVED
+CVE-2020-17365 (Improper directory permissions in the Hotspot Shield VPN client softwa ...)
+	TODO: check
 CVE-2020-17364 (USVN (aka User-friendly SVN) before 1.0.9 allows XSS via SVN logs. ...)
 	NOT-FOR-US: User-friendly SVN
 CVE-2020-17363
@@ -21050,10 +21083,10 @@ CVE-2020-XXXX [mpv insecure lua loadpath]
 	[buster] - mpv <no-dsa> (Minor issue)
 	[stretch] - mpv <no-dsa> (Minor issue)
 	NOTE: https://github.com/mpv-player/mpv/commit/cce7062a8a6b6a3b3666aea3ff86db879cba67b6
-CVE-2020-15851
-	RESERVED
-CVE-2020-15850
-	RESERVED
+CVE-2020-15851 (Lack of access control in Nakivo Backup &amp; Replication Transporter  ...)
+	TODO: check
+CVE-2020-15850 (Insecure permissions in Nakivo Backup &amp; Replication Director versi ...)
+	TODO: check
 CVE-2020-15849
 	RESERVED
 CVE-2020-15848
@@ -21066,8 +21099,8 @@ CVE-2020-15845
 	RESERVED
 CVE-2020-15844
 	RESERVED
-CVE-2020-15843
-	RESERVED
+CVE-2020-15843 (ActFax Version 7.10 Build 0335 (2020-05-25) is susceptible to a privil ...)
+	TODO: check
 CVE-2020-15842 (Liferay Portal before 7.3.0, and Liferay DXP 7.0 before fix pack 90, 7 ...)
 	NOT-FOR-US: Liferay
 CVE-2020-15841 (Liferay Portal before 7.3.0, and Liferay DXP 7.0 before fix pack 89, 7 ...)
@@ -21940,8 +21973,8 @@ CVE-2020-15523 (In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8
 	- python2.7 <not-affected> (Python on Windows)
 CVE-2020-15522
 	RESERVED
-CVE-2020-15521
-	RESERVED
+CVE-2020-15521 (Zoho ManageEngine Applications Manager before 14 build 14730 has no pr ...)
+	TODO: check
 CVE-2020-15520
 	RESERVED
 CVE-2020-15519
@@ -22236,8 +22269,8 @@ CVE-2020-15395 (In MediaInfoLib in MediaArea MediaInfo 20.03, there is a stack-b
 	[stretch] - libmediainfo <no-dsa> (Minor issue)
 	[jessie] - libmediainfo <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/mediainfo/bugs/1127/
-CVE-2020-15394
-	RESERVED
+CVE-2020-15394 (The REST API in Zoho ManageEngine Applications Manager before build 14 ...)
+	TODO: check
 CVE-2020-15393 (In the Linux kernel through 5.7.6, usbtest_disconnect in drivers/usb/m ...)
 	{DLA-2323-1}
 	- linux 5.7.10-1
@@ -22720,6 +22753,7 @@ CVE-2020-15171 (In XWiki before versions 11.10.5 or 12.2.1, any user with SCRIPT
 CVE-2020-15170 (apollo-adminservice before version 1.7.1 does not implement access con ...)
 	NOT-FOR-US: apollo-adminservice
 CVE-2020-15169 (In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potentia ...)
+	{DSA-4766-1}
 	- rails 2:6.0.3.3+dfsg-1 (bug #970040)
 	NOTE: https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionview/CVE-2020-15169.yml
 	NOTE: https://groups.google.com/g/rubyonrails-security/c/b-C9kSGXYrc?pli=1
@@ -22747,12 +22781,12 @@ CVE-2020-15164 (in Scratch Login (MediaWiki extension) before version 1.1, any a
 	NOT-FOR-US: Scrach Login MediaWiki extension
 CVE-2020-15163 (Python TUF (The Update Framework) reference implementation before vers ...)
 	- python-tuf <itp> (bug #934151)
-CVE-2020-15162
-	RESERVED
-CVE-2020-15161
-	RESERVED
-CVE-2020-15160
-	RESERVED
+CVE-2020-15162 (In PrestaShop from version 1.5.0.0 and before version 1.7.6.8, users a ...)
+	TODO: check
+CVE-2020-15161 (In PrestaShop from version 1.6.0.4 and before version 1.7.6.8 an attac ...)
+	TODO: check
+CVE-2020-15160 (PrestaShop from version 1.7.5.0 and before version 1.7.6.8 is vulnerab ...)
+	TODO: check
 CVE-2020-15159 (baserCMS 4.3.6 and earlier is affected by Cross Site Scripting (XSS) a ...)
 	NOT-FOR-US: baserCMS
 CVE-2020-15158 (In libIEC61850 before version 1.4.3, when a message with COTP message  ...)
@@ -25614,8 +25648,8 @@ CVE-2020-13993 (An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0.
 	NOT-FOR-US: Mods for HESK
 CVE-2020-13992 (An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. A Sto ...)
 	NOT-FOR-US: Mods for HESK
-CVE-2020-13991
-	RESERVED
+CVE-2020-13991 (vm/opcodes.c in JerryScript 2.2.0 allows attackers to hijack the flow  ...)
+	TODO: check
 CVE-2020-13990
 	RESERVED
 CVE-2020-13989
@@ -27069,8 +27103,8 @@ CVE-2020-13389 (An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD0
 	NOT-FOR-US: Tenda devices
 CVE-2020-13388 (An exploitable vulnerability exists in the configuration-loading funct ...)
 	NOT-FOR-US: jw.util
-CVE-2020-13387
-	RESERVED
+CVE-2020-13387 (Pexip Infinity before 23.4 has a lack of input validation, leading to  ...)
+	TODO: check
 CVE-2020-13386 (In SmartDraw 2020 27.0.0.0, the installer gives inherited write permis ...)
 	NOT-FOR-US: SmartDraw
 CVE-2020-13385
@@ -28404,8 +28438,8 @@ CVE-2020-12825 (libcroco through 0.6.13 has excessive recursion in cr_parser_par
 	[stretch] - libcroco <ignored> (Minor issue)
 	[jessie] - libcroco <ignored> (Minor issue)
 	NOTE: https://gitlab.gnome.org/GNOME/libcroco/-/issues/8
-CVE-2020-12824
-	RESERVED
+CVE-2020-12824 (Pexip Infinity 23.x before 23.3 has improper input validation, leading ...)
+	TODO: check
 CVE-2020-12823 (OpenConnect 8.09 has a buffer overflow, causing a denial of service (a ...)
 	{DLA-2212-1}
 	- openconnect 8.10-1 (unimportant; bug #960620)
@@ -30981,8 +31015,8 @@ CVE-2020-11807 (Because of Unrestricted Upload of a File with a Dangerous Type,
 	NOT-FOR-US: Sourcefabric Newscoop
 CVE-2020-11806 (In MailStore Outlook Add-in (and Email Archive Outlook Add-in) through ...)
 	NOT-FOR-US: MailStore Outlook Add-in
-CVE-2020-11805
-	RESERVED
+CVE-2020-11805 (Pexip Reverse Proxy and TURN Server before 6.1.0 has Incorrect UDP Acc ...)
+	TODO: check
 CVE-2020-11804 (An issue was discovered in Titan SpamTitan 7.07. Due to improper sanit ...)
 	NOT-FOR-US: Titan SpamTitan
 CVE-2020-11803 (An issue was discovered in Titan SpamTitan 7.07. Improper sanitization ...)
@@ -39385,18 +39419,18 @@ CVE-2020-8350
 	RESERVED
 CVE-2020-8349
 	RESERVED
-CVE-2020-8348
-	RESERVED
-CVE-2020-8347
-	RESERVED
+CVE-2020-8348 (A DOM-based cross-site scripting (XSS) vulnerability was reported in L ...)
+	TODO: check
+CVE-2020-8347 (A reflective cross-site scripting (XSS) vulnerability was reported in  ...)
+	TODO: check
 CVE-2020-8346 (A denial of service vulnerability was reported in the Lenovo Vantage c ...)
 	NOT-FOR-US: Lenovo
 CVE-2020-8345
 	RESERVED
 CVE-2020-8344
-	RESERVED
+	REJECTED
 CVE-2020-8343
-	RESERVED
+	REJECTED
 CVE-2020-8342 (A race condition vulnerability was reported in Lenovo System Update pr ...)
 	NOT-FOR-US: Lenovo
 CVE-2020-8341 (In Lenovo systems, SMM BIOS Write Protection is used to prevent writes ...)
@@ -39415,8 +39449,8 @@ CVE-2020-8335 (The BIOS tamper detection mechanism was not triggered in Lenovo T
 	NOT-FOR-US: Lenovo
 CVE-2020-8334 (The BIOS tamper detection mechanism was not triggered in Lenovo ThinkP ...)
 	NOT-FOR-US: Lenovo
-CVE-2020-8333
-	RESERVED
+CVE-2020-8333 (A potential vulnerability in the SMI callback function used in the EEP ...)
+	TODO: check
 CVE-2020-8332
 	RESERVED
 CVE-2020-8331
@@ -39426,13 +39460,13 @@ CVE-2020-8330 (A denial of service vulnerability was reported in the firmware pr
 CVE-2020-8329 (A denial of service vulnerability was reported in the firmware prior t ...)
 	NOT-FOR-US: Lenovo
 CVE-2020-8328
-	RESERVED
+	REJECTED
 CVE-2020-8327 (A privilege escalation vulnerability was reported in LenovoBatteryGaug ...)
 	NOT-FOR-US: Lenovo
 CVE-2020-8326 (An unquoted service path vulnerability was reported in Lenovo Drivers  ...)
 	NOT-FOR-US: Lenovo
 CVE-2020-8325
-	RESERVED
+	REJECTED
 CVE-2020-8324 (A vulnerability was reported in LenovoAppScenarioPluginSystem for Leno ...)
 	NOT-FOR-US: Lenovo
 CVE-2020-8323 (A potential vulnerability in the SMI callback function used in the Leg ...)
@@ -39812,12 +39846,14 @@ CVE-2020-8169
 CVE-2020-8168 (We have recently released new version of AirMax AirOS firmware v6.3.0  ...)
 	NOT-FOR-US: AirMax AirOS
 CVE-2020-8167 (A CSRF vulnerability exists in rails &lt;= 6.0.3 rails-ujs module that ...)
+	{DSA-4766-1}
 	- rails 2:5.2.4.3+dfsg-1
 	[stretch] - rails <not-affected> (Vulnerable code introduced later)
 	[jessie] - rails <not-affected> (Vulnerable code introduced later)
 	NOTE: https://weblog.rubyonrails.org/2020/5/18/Rails-5-2-4-3-and-6-0-3-1-have-been-released
 	NOTE: https://github.com/rails/rails/commit/fbc7bec074b5ef9ae22f79ca5d9bafec7b276dd3 (5.2)
 CVE-2020-8166 (A CSRF forgery vulnerability exists in rails &lt; 5.2.5, rails &lt; 6. ...)
+	{DSA-4766-1}
 	- rails 2:5.2.4.3+dfsg-1
 	[stretch] - rails <not-affected> (Vulnerable code introduced later)
 	[jessie] - rails <not-affected> (Vulnerable code introduced later)
@@ -39825,14 +39861,14 @@ CVE-2020-8166 (A CSRF forgery vulnerability exists in rails &lt; 5.2.5, rails &l
 	NOTE: https://github.com/rails/rails/commit/d124f19287f4892c72ca54da728a781591c6fca1 (5.2)
 	NOTE: per-form CSRF token introduced in 5.x: https://github.com/rails/rails/commit/3e98819e20bc113343d4d4c0df614865ad5a9d3a
 CVE-2020-8165 (A deserialization of untrusted data vulnernerability exists in rails & ...)
-	{DLA-2282-1 DLA-2251-1}
+	{DSA-4766-1 DLA-2282-1 DLA-2251-1}
 	- rails 2:5.2.4.3+dfsg-1
 	NOTE: https://weblog.rubyonrails.org/2020/5/18/Rails-5-2-4-3-and-6-0-3-1-have-been-released
 	NOTE: https://github.com/rails/rails/commit/f7e077f85e61fc0b7381963eda0ceb0e457546b5 (MemCache backend) (5.2)
 	NOTE: https://github.com/rails/rails/commit/467e3399c9007996c03ffe3212689d48dd25ae99 (Redis backend) (5.2)
 	NOTE: Redis backend introduced in 5.2: https://github.com/rails/rails/commit/9f8ec3535247ac41a9c92e84ddc7a3b771bc318b
 CVE-2020-8164 (A deserialization of untrusted data vulnerability exists in rails &lt; ...)
-	{DLA-2282-1 DLA-2251-1}
+	{DSA-4766-1 DLA-2282-1 DLA-2251-1}
 	[experimental] - rails 2:6.0.3.1+dfsg-1
 	- rails 2:5.2.4.3+dfsg-1
 	NOTE: https://weblog.rubyonrails.org/2020/5/18/Rails-5-2-4-3-and-6-0-3-1-have-been-released
@@ -39850,6 +39886,7 @@ CVE-2020-8163 (The is a code injection vulnerability in versions of Rails prior
 	NOTE: https://github.com/rails/rails/commit/0ecaaf76d1b79cf2717cdac754e55b4114ad6599 (4-2-stable)
 	NOTE: For rails 5.0 the issue is fixed in >= 5.0.1
 CVE-2020-8162 (A client side enforcement of server side security vulnerability exists ...)
+	{DSA-4766-1}
 	- rails 2:5.2.4.3+dfsg-1
 	[stretch] - rails <not-affected> (Vulnerable code introduced later)
 	[jessie] - rails <not-affected> (Vulnerable code introduced later)
author	security tracker role <sectracker@soriano.debian.org>	2020-09-25 08:10:19 +0000
committer	security tracker role <sectracker@soriano.debian.org>	2020-09-25 08:10:19 +0000
commit	8887a61aecf361bcb54bb8686a2400cdd7bfbac5 (patch)
tree	c455ce8cce3f82db3e634538fac34ef57e48914c
parent	3071383dd33aa240576e2fc8756d726dea7cd8d3 (diff)