diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2021-02-23 14:50:53 +0100 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2021-02-23 14:51:34 +0100 |
commit | cb0478b9751b8a4fdae7a95c28d41d4e91f48b1b (patch) | |
tree | 3d9704baeacc471d69cc65b45aa5a6fbe0813735 /data/CVE/2020.list | |
parent | c6e568b55acea85bfb63f7dc4a4e13de07c00b7e (diff) |
NFUs
Diffstat (limited to 'data/CVE/2020.list')
-rw-r--r-- | data/CVE/2020.list | 17 |
1 files changed, 8 insertions, 9 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 41c7f1d1f9..dd8bce4c11 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -15152,9 +15152,8 @@ CVE-2020-24344 (JerryScript through 2.3.0 has a (function({a=arguments}){const a NOTE: https://github.com/jerryscript-project/jerryscript/issues/3976 NOTE: https://github.com/jerryscript-project/jerryscript/commit/841d536fce1ce29267cdf0ea12be4026e1c35d3a CVE-2020-24343 (Artifex MuJS through 1.0.7 has a use-after-free in jsrun.c because of ...) - - mujs <undetermined> + - mujs <not-affected> (Didn't affect any released version of mujs) NOTE: https://github.com/ccxvii/mujs/issues/136 - TODO: check, issue seems to be of disputed validity CVE-2020-24342 (Lua through 5.4.0 allows a stack redzone cross in luaO_pushvfstring be ...) - lua5.4 5.4.1-1 (bug #971012) NOTE: http://lua-users.org/lists/lua-l/2020-07/msg00052.html @@ -15521,7 +15520,7 @@ CVE-2020-24177 CVE-2020-24176 RESERVED CVE-2020-24175 (Buffer overflow in Yz1 0.30 and 0.32, as used in IZArc 4.4, ZipGenius ...) - TODO: check + NOT-FOR-US: IZArc CVE-2020-24174 RESERVED CVE-2020-24173 @@ -18927,7 +18926,7 @@ CVE-2020-22477 CVE-2020-22476 RESERVED CVE-2020-22475 ("Tasks" application version before 9.7.3 is affected by insecure permi ...) - TODO: check + NOT-FOR-US: Tasks app CVE-2020-22474 (In webERP 4.15, the ManualContents.php file allows users to specify th ...) NOT-FOR-US: webERP CVE-2020-22473 @@ -52911,13 +52910,13 @@ CVE-2020-7787 (This affects all versions of package react-adal. It is possible f CVE-2020-7786 (This affects all versions of package macfromip. The injection point is ...) NOT-FOR-US: Node macfromip CVE-2020-7785 (This affects all versions of package node-ps. The injection point is l ...) - TODO: check + NOT-FOR-US: Noed node-ps CVE-2020-7784 (This affects all versions of package ts-process-promises. The injectio ...) - TODO: check + NOT-FOR-US: Node ts-process-promises CVE-2020-7783 RESERVED CVE-2020-7782 (This affects all versions of package spritesheet-js. It depends on a v ...) - TODO: check + NOT-FOR-US: Node spritesheet-js CVE-2020-7781 (This affects the package connection-tester before 0.2.1. The injection ...) NOT-FOR-US: Node connection-tester CVE-2020-7780 (This affects the package com.softwaremill.akka-http-session:core_2.13 ...) @@ -52931,7 +52930,7 @@ CVE-2020-7777 (This affects all versions of package jsen. If an attacker can con CVE-2020-7776 (This affects the package phpoffice/phpspreadsheet from 0.0.0. The libr ...) NOT-FOR-US: phpoffice/phpspreadsheet CVE-2020-7775 (This affects all versions of package freediskspace. The vulnerability ...) - TODO: check + NOT-FOR-US: Node freediskspace CVE-2020-7774 (This affects the package y18n before 3.2.2, 4.0.1 and 5.0.5. PoC by po ...) - node-y18n 4.0.0-3 (bug #976390) [buster] - node-y18n 3.2.1-2+deb10u1 @@ -69976,7 +69975,7 @@ CVE-2020-0238 (In updatePreferenceIntents of AccountTypePreferenceLoader, there CVE-2020-0237 REJECTED CVE-2020-0236 (In A2DP_GetCodecType of a2dp_codec_config, there is a possible out-of- ...) - TODO: check + NOT-FOR-US: Android CVE-2020-0235 (In crus_sp_shared_ioctl we first copy 4 bytes from userdata into "size ...) NOT-FOR-US: Pixel kernel drivers CVE-2020-0234 (In crus_afe_get_param of msm-cirrus-playback.c, there is a possible ou ...) |