[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso Fri, 19 Mar 2021 13:23:55 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
3b0a239a by Salvatore Bonaccorso at 2021-03-19T21:22:55+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -580,7 +580,7 @@ CVE-2021-28669
 CVE-2021-28668
        RESERVED
 CVE-2021-28667 (StackStorm before 3.4.1, in some situations, has an infinite 
loop that ...)
-       TODO: check
+       NOT-FOR-US: StackStorm
 CVE-2021-28666
        RESERVED
 CVE-2021-28665
@@ -3210,9 +3210,9 @@ CVE-2021-27522
 CVE-2021-27521
        RESERVED
 CVE-2021-27520 (A cross-site scripting (XSS) issue in FUDForum 3.1.0 allows 
remote att ...)
-       TODO: check
+       NOT-FOR-US: FUDForum
 CVE-2021-27519 (A cross-site scripting (XSS) issue in FUDForum 3.1.0 allows 
remote att ...)
-       TODO: check
+       NOT-FOR-US: FUDForum
 CVE-2021-27518
        RESERVED
 CVE-2021-27517
@@ -3248,7 +3248,7 @@ CVE-2021-27508
 CVE-2021-27507
        RESERVED
 CVE-2021-27506 (In Stormshield Network Security (SNS) 1.0 through 4.2.0, the 
parsing o ...)
-       TODO: check
+       NOT-FOR-US: Stormshield Network Security (SNS)
 CVE-2021-27505
        RESERVED
 CVE-2021-27504
@@ -7588,7 +7588,7 @@ CVE-2021-25766 (In JetBrains YouTrack before 2020.4.4701, 
improper resource acce
 CVE-2021-25765 (In JetBrains YouTrack before 2020.4.4701, CSRF via attachment 
upload w ...)
        NOT-FOR-US: JetBrains TeamCity
 CVE-2021-25764 (In JetBrains PhpStorm before 2020.3, source code could be 
added to deb ...)
-       TODO: check
+       NOT-FOR-US: JetBrains PhpStorm
 CVE-2021-25763 (In JetBrains Ktor before 1.4.2, weak cipher suites were 
enabled by def ...)
        NOT-FOR-US: JetBrains Ktor
 CVE-2021-25762 (In JetBrains Ktor before 1.4.3, HTTP Request Smuggling was 
possible. ...)
@@ -8747,9 +8747,9 @@ CVE-2021-25280
 CVE-2021-25279
        RESERVED
 CVE-2021-25278 (FTAPI 4.0 through 4.10 allows XSS via an SVG document to the 
Backgroun ...)
-       TODO: check
+       NOT-FOR-US: FTAPI
 CVE-2021-25277 (FTAPI 4.0 - 4.10 allows XSS via a crafted filename to the 
alternative  ...)
-       TODO: check
+       NOT-FOR-US: FTAPI
 CVE-2021-25276 (In SolarWinds Serv-U before 15.2.2 Hotfix 1, there is a 
directory cont ...)
        NOT-FOR-US: SolarWinds
 CVE-2021-25275 (SolarWinds Orion Platform before 2020.2.4, as used by various 
SolarWin ...)
@@ -11136,7 +11136,7 @@ CVE-2021-3143
 CVE-2021-3142
        REJECTED
 CVE-2021-3141 (In Unisys Stealth (core) before 6.0.025.0, the Keycloak 
password is st ...)
-       TODO: check
+       NOT-FOR-US: Unisys
 CVE-2021-24121
        RESERVED
 CVE-2021-24120
@@ -16838,7 +16838,7 @@ CVE-2020-36146
 CVE-2020-36145
        RESERVED
 CVE-2020-36144 (Redash 8.0.0 is affected by LDAP Injection. There is an 
authentication ...)
-       TODO: check
+       NOT-FOR-US: Redash
 CVE-2020-36143
        RESERVED
 CVE-2020-36142
@@ -18272,7 +18272,7 @@ CVE-2021-21385
 CVE-2021-21384 (shescape is a simple shell escape package for JavaScript. In 
shescape  ...)
        TODO: check
 CVE-2021-21383 (Wiki.js an open-source wiki app built on Node.js. Wiki.js 
before versi ...)
-       TODO: check
+       NOT-FOR-US: Wiki.js
 CVE-2021-21382
        RESERVED
 CVE-2021-21380
@@ -21606,7 +21606,7 @@ CVE-2021-20079
 CVE-2021-20078
        RESERVED
 CVE-2021-20077 (Nessus Agent versions 7.2.0 through 8.2.2 were found to 
inadvertently  ...)
-       TODO: check
+       NOT-FOR-US: Nessus Agent
 CVE-2021-20076 (Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 
were fou ...)
        NOT-FOR-US: Tenable
 CVE-2021-20075 (Racom's MIDGE Firmware 4.4.40.105 contains an issue that 
allows for pr ...)
@@ -34517,7 +34517,7 @@ CVE-2020-26888
 CVE-2020-26887 (FRITZ!OS before 7.21 on FRITZ!Box devices allows a bypass of a 
DNS Reb ...)
        NOT-FOR-US: Fritz OS
 CVE-2020-26886 (Softaculous before 5.5.7 is affected by a code execution 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Softaculous
 CVE-2020-26885
        RESERVED
 CVE-2020-26884 (RSA Archer 6.8 through 6.8.0.3 and 6.9 contains a URL 
injection vulner ...)
@@ -88962,7 +88962,7 @@ CVE-2020-4637
 CVE-2020-4636 (IBM Resilient OnPrem 38.2 could allow a privileged user to 
inject mali ...)
        NOT-FOR-US: IBM
 CVE-2020-4635 (IBM Resilient SOAR 40 and earlier could disclose sensitive 
information ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2020-4634
        RESERVED
 CVE-2020-4633 (IBM Resilient SOAR V38.0 could allow a remote attacker to 
execute arbi ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b0a239aba79b20e022da87a3b2d569ab486ae06

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b0a239aba79b20e022da87a3b2d569ab486ae06
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to