[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
97146978 by Salvatore Bonaccorso at 2021-06-25T23:39:58+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2021-3622
        RESERVED
 CVE-2021-35501 (PandoraFMS <=7.54 allows Stored XSS by placing a payload in 
the nam ...)
-       TODO: check
+       NOT-FOR-US: PandoraFMS
 CVE-2021-3621
        RESERVED
 CVE-2021-3620
@@ -59,7 +59,7 @@ CVE-2021-35477
 CVE-2021-35476
        RESERVED
 CVE-2021-35475 (SAS Environment Manager 2.5 allows XSS through the Name field 
when cre ...)
-       TODO: check
+       NOT-FOR-US: SAS Environment Manager
 CVE-2021-3618
        RESERVED
 CVE-2021-3617
@@ -970,13 +970,13 @@ CVE-2021-35052
 CVE-2021-35051
        RESERVED
 CVE-2021-35050 (User credentials stored in a recoverable format within Fidelis 
Network ...)
-       TODO: check
+       NOT-FOR-US: Fidelis
 CVE-2021-35049 (Vulnerability in Fidelis Network and Deception CommandPost 
enables aut ...)
-       TODO: check
+       NOT-FOR-US: Fidelis
 CVE-2021-35048 (Vulnerability in Fidelis Network and Deception CommandPost 
enables una ...)
-       TODO: check
+       NOT-FOR-US: Fidelis
 CVE-2021-35047 (Vulnerability in the CommandPost, Collector, and Sensor 
components of  ...)
-       TODO: check
+       NOT-FOR-US: Fidelis
 CVE-2021-35046 (A session fixation vulnerability was discovered in Ice Hrm 
29.0.0 OS w ...)
        NOT-FOR-US: Ice Hrm
 CVE-2021-35045 (Cross site scripting (XSS) vulnerability in Ice Hrm 29.0.0.OS, 
allows  ...)
@@ -3102,7 +3102,7 @@ CVE-2021-34076
 CVE-2021-34075
        RESERVED
 CVE-2021-34074 (PandoraFMS <=7.54 allows arbitrary file upload, it leading 
to remot ...)
-       TODO: check
+       NOT-FOR-US: PandoraFMS
 CVE-2021-34073
        RESERVED
 CVE-2021-34072
@@ -3499,7 +3499,7 @@ CVE-2021-33896 (Dino before 0.1.2 and 0.2.x before 0.2.1 
allows Directory Traver
        NOTE: 
https://github.com/dino/dino/commit/0c8d25b7a3e7a10a506f1e19b868fe9b0c761495 
(master)
        NOTE: 
https://github.com/dino/dino/commit/1eaad1ccfbd00c6e76650535496531c172453994 
(v0.2.1)
 CVE-2021-33895 (ETINET BACKBOX E4.09 and H4.09 mismanages password access 
control. Whe ...)
-       TODO: check
+       NOT-FOR-US: ETINET
 CVE-2021-33894 (In Progress MOVEit Transfer before 2019.0.6 (11.0.6), 2019.1.x 
before  ...)
        NOT-FOR-US: Progress MOVEit
 CVE-2021-33893



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/971469780db0bd6293b848ebbb2b31820c35cc81

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/971469780db0bd6293b848ebbb2b31820c35cc81
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits