[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d7d978a8 by Salvatore Bonaccorso at 2021-04-02T23:03:54+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -977,9 +977,9 @@ CVE-2020-36286 (The membersOf JQL search function in Jira Server and Data Center
 CVE-2021-29663 (CourseMS (aka Course Registration Management System) 2.1 is affected b ...)
 	NOT-FOR-US: CourseMS (aka Course Registration Management System)
 CVE-2021-29661 (Softing AG OPC Toolbox through 4.10.1.13035 allows /en/diag_values.htm ...)
-	TODO: check
+	NOT-FOR-US: Softing AG OPC Toolbox
 CVE-2021-29660 (A Cross-Site Request Forgery (CSRF) vulnerability in en/cfg_setpwd.htm ...)
-	TODO: check
+	NOT-FOR-US: Softing AG OPC Toolbox
 CVE-2021-29659
 	RESERVED
 CVE-2021-29658 (The unofficial vscode-rufo extension before 0.0.4 for Visual Studio Co ...)
@@ -2406,9 +2406,9 @@ CVE-2021-29014
 CVE-2021-29013
 	RESERVED
 CVE-2021-29012 (DMA Softlab Radius Manager 4.4.0 assigns the same session cookie to ev ...)
-	TODO: check
+	NOT-FOR-US: DMA Softlab Radius Manager
 CVE-2021-29011 (DMA Softlab Radius Manager 4.4.0 is affected by Cross Site Scripting ( ...)
-	TODO: check
+	NOT-FOR-US: DMA Softlab Radius Manager
 CVE-2021-29010 (A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows remote at ...)
 	NOT-FOR-US: SEO Panel
 CVE-2021-29009 (A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows remote at ...)
@@ -4425,7 +4425,7 @@ CVE-2021-28115 (The OUGC Feedback plugin before 1.8.23 for MyBB allows XSS via t
 CVE-2021-28114
 	RESERVED
 CVE-2021-28113 (A command injection vulnerability in the cookieDomain and relayDomain  ...)
-	TODO: check
+	NOT-FOR-US: Okta Access Gateway
 CVE-2021-28112
 	RESERVED
 CVE-2021-28111
@@ -8122,7 +8122,7 @@ CVE-2021-3376
 CVE-2021-3375 (ActivePresenter 6.1.6 is affected by a memory corruption vulnerability ...)
 	NOT-FOR-US: ActivePresenter
 CVE-2021-3374 (Directory traversal in RStudio Shiny Server before 1.5.16 allows attac ...)
-	TODO: check
+	NOT-FOR-US: RStudio Shiny Server
 CVE-2021-3373
 	RESERVED
 CVE-2021-3372
@@ -9948,9 +9948,9 @@ CVE-2021-25896
 CVE-2021-25895
 	RESERVED
 CVE-2021-25894 (Magnolia CMS contains a stored cross-site scripting (XSS) vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: Magnolia CMS
 CVE-2021-25893 (Magnolia CMS From 6.1.3 to 6.2.3 contains a stored cross-site scriptin ...)
-	TODO: check
+	NOT-FOR-US: Magnolia CMS
 CVE-2021-25892
 	RESERVED
 CVE-2021-25891



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7d978a8482fa4e256f6a9b9d73367dd88765b04

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7d978a8482fa4e256f6a9b9d73367dd88765b04
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210402/cef06869/attachment.htm>