From 6dd2c2fdfa19b0996bb6f9217f55487093d58b95 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Sat, 19 Sep 2020 10:19:00 +0200 Subject: Process some NFUs --- data/CVE/2020.list | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index bd8eeb1152..0e6e784211 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -30070,7 +30070,7 @@ CVE-2020-11863 (libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows den CVE-2020-11862 RESERVED CVE-2020-11861 (Unauthorized escalation of local privileges vulnerability on Micro Foc ...) - TODO: check + NOT-FOR-US: Micro Focus CVE-2020-11860 RESERVED CVE-2020-11859 @@ -38783,7 +38783,7 @@ CVE-2020-8255 CVE-2020-8254 RESERVED CVE-2020-8253 (Improper authentication in Citrix XenMobile Server 10.12 before RP2, C ...) - TODO: check + NOT-FOR-US: Citrix CVE-2020-8252 (The implementation of realpath in libuv < 10.22.1, < 12.18.4, an ...) - libuv1 1.39.0-1 NOTE: https://nodejs.org/en/blog/vulnerability/september-2020-security-releases/#fs-realpath-native-on-may-cause-buffer-overflow-medium-cve-2020-8252 @@ -38799,11 +38799,11 @@ CVE-2020-8249 CVE-2020-8248 RESERVED CVE-2020-8247 (Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and N ...) - TODO: check + NOT-FOR-US: Citrix CVE-2020-8246 (Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and N ...) - TODO: check + NOT-FOR-US: Citrix CVE-2020-8245 (Improper Input Validation on Citrix ADC and Citrix Gateway 13.0 before ...) - TODO: check + NOT-FOR-US: Citrix CVE-2020-8244 (A buffer over-read vulnerability exists in bl <4.0.3, <3.0.1, &l ...) - node-bl 4.0.3-1 (bug #969309) [buster] - node-bl (Minor issue) @@ -38915,7 +38915,7 @@ CVE-2020-8201 (Node.js < 12.18.4 and < 14.11 can be exploited to perform H [stretch] - nodejs (Only affects 12.x and later) NOTE: https://nodejs.org/en/blog/vulnerability/september-2020-security-releases/#http-request-smuggling-due-to-cr-to-hyphen-conversion-high-cve-2020-8201 CVE-2020-8200 (Improper authentication in Citrix StoreFront Server < 1912.0.1000 a ...) - TODO: check + NOT-FOR-US: Citrix CVE-2020-8199 (Improper access control in Citrix ADC Gateway Linux client versions be ...) NOT-FOR-US: Citrix CVE-2020-8198 (Improper input validation in Citrix ADC and Citrix Gateway versions be ...) -- cgit v1.2.3