[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Fri Apr 2 09:53:56 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
91e31a28 by Salvatore Bonaccorso at 2021-04-02T10:53:31+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6,7 +6,7 @@ CVE-2021-30004 (In wpa_supplicant and hostapd 2.9, forging attacks may occur bec
 	- wpa <unfixed>
 	NOTE: https://w1.fi/cgit/hostap/commit/?id=a0541334a6394f8237a4393b7372693cd7e96f15
 CVE-2021-30003 (An issue was discovered on Nokia G-120W-F 3FE46606AGAB91 devices. Ther ...)
-	TODO: check
+	NOT-FOR-US: Nokia G-120W-F 3FE46606AGAB91 devices
 CVE-2021-30001
 	RESERVED
 CVE-2021-30000
@@ -2240,9 +2240,9 @@ CVE-2021-28974
 CVE-2021-28973
 	RESERVED
 CVE-2021-28970 (eMPS 9.0.1.923211 on the Central Management of FireEye EX 3500 devices ...)
-	TODO: check
+	NOT-FOR-US: Central Management of FireEye EX 3500 devices
 CVE-2021-28969 (eMPS 9.0.1.923211 on FireEye EX 3500 devices allows remote authenticat ...)
-	TODO: check
+	NOT-FOR-US: Central Management of FireEye EX 3500 devices
 CVE-2021-28968 (An issue was discovered in PunBB before 1.4.6. An XSS vulnerability in ...)
 	NOT-FOR-US: PunBB
 CVE-2021-28967 (The unofficial MATLAB extension before 2.0.1 for Visual Studio Code al ...)
@@ -4386,7 +4386,7 @@ CVE-2021-28049
 CVE-2021-28048
 	RESERVED
 CVE-2021-28047 (Cross-Site Scripting (XSS) in Administrative Reports in Devolutions Re ...)
-	TODO: check
+	NOT-FOR-US: Devolutions Remote Desktop Manager
 CVE-2021-28046
 	RESERVED
 CVE-2021-28045
@@ -14016,15 +14016,15 @@ CVE-2021-23926 (The XML parsers used by XMLBeans up to version 2.6.0 did not set
 	- xmlbeans 3.0.2-1
 	NOTE: https://issues.apache.org/jira/browse/XMLBEANS-517
 CVE-2021-23925 (An issue was discovered in Devolutions Server before 2020.3. There is  ...)
-	TODO: check
+	NOT-FOR-US: Devolutions Server
 CVE-2021-23924 (An issue was discovered in Devolutions Server before 2020.3. There is  ...)
-	TODO: check
+	NOT-FOR-US: Devolutions Server
 CVE-2021-23923 (An issue was discovered in Devolutions Server before 2020.3. There is  ...)
-	TODO: check
+	NOT-FOR-US: Devolutions Server
 CVE-2021-23922 (An issue was discovered in Devolutions Remote Desktop Manager before 2 ...)
-	TODO: check
+	NOT-FOR-US: Devolutions Remote Desktop Manager
 CVE-2021-23921 (An issue was discovered in Devolutions Server before 2020.3. There is  ...)
-	TODO: check
+	NOT-FOR-US: Devolutions Server
 CVE-2020-36191 (JupyterHub 1.1.0 allows CSRF in the admin panel via a request that lac ...)
 	NOT-FOR-US: JupyterHub
 CVE-2020-36190 (RailsAdmin (aka rails_admin) before 1.4.3 and 2.x before 2.0.2 allows  ...)
@@ -20614,7 +20614,7 @@ CVE-2021-21422
 CVE-2021-21421 (node-etsy-client is a NodeJs Etsy ReST API Client. Applications that a ...)
 	TODO: check
 CVE-2021-21420 (vscode-stripe is an extension for Visual Studio Code. A vulnerability  ...)
-	TODO: check
+	NOT-FOR-US: vscode-stripe Visual Studio Code extension
 CVE-2021-21419
 	RESERVED
 CVE-2021-21418 (ps_emailsubscription is a newsletter subscription module for the Prest ...)
@@ -42600,7 +42600,7 @@ CVE-2020-24552 (Atop Technology industrial 3G/4G gateway contains Command Inject
 CVE-2020-24551 (IProom MMC+ Server login page does not validate specific parameters pr ...)
 	NOT-FOR-US: IProom MMC+ Server
 CVE-2020-24550 (An Open Redirect vulnerability in EpiServer Find before 13.2.7 allows  ...)
-	TODO: check
+	NOT-FOR-US: EpiServer Find
 CVE-2020-24549 (openMAINT before 1.1-2.4.2 allows remote authenticated users to run ar ...)
 	NOT-FOR-US: openMAINT
 CVE-2020-24548 (Ericom Access Server 9.2.0 (for AccessNow and Ericom Blaze) allows SSR ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/91e31a28882f6b4bad2cf4160898d5dd36e588a4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/91e31a28882f6b4bad2cf4160898d5dd36e588a4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210402/cbd50a32/attachment.htm>

More information about the debian-security-tracker-commits mailing list