[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Apr 15 21:51:25 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
be682058 by Salvatore Bonaccorso at 2021-04-15T22:50:49+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -347,7 +347,7 @@ CVE-2021-31231
 CVE-2021-31230
 	RESERVED
 CVE-2021-31229 (An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ...)
-	TODO: check
+	NOT-FOR-US: ezXML
 CVE-2021-31228
 	RESERVED
 CVE-2021-31227
@@ -4241,7 +4241,7 @@ CVE-2021-29450
 CVE-2021-29449 (Pi-hole is a Linux network-level advertisement and Internet tracker bl ...)
 	NOT-FOR-US: Pi-hole
 CVE-2021-29448 (Pi-hole is a Linux network-level advertisement and Internet tracker bl ...)
-	TODO: check
+	NOT-FOR-US: Pi-hole
 CVE-2021-29447
 	RESERVED
 CVE-2021-29446
@@ -6289,9 +6289,9 @@ CVE-2021-28551
 CVE-2021-28550
 	RESERVED
 CVE-2021-28549 (Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earlier) a ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-28548 (Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earlier) a ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-28547
 	RESERVED
 CVE-2021-28546 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
@@ -6932,7 +6932,7 @@ CVE-2021-28244
 CVE-2021-28243
 	RESERVED
 CVE-2021-28242 (SQL Injection in the "evoadm.php" component of b2evolution v7.2.2-stab ...)
-	TODO: check
+	NOT-FOR-US: b2evolution CMS
 CVE-2021-28241
 	RESERVED
 CVE-2021-28240
@@ -7981,7 +7981,7 @@ CVE-2021-27853
 CVE-2021-27852
 	RESERVED
 CVE-2021-27850 (A critical unauthenticated remote code execution vulnerability was fou ...)
-	TODO: check
+	NOT-FOR-US: Apache Tapestry
 CVE-2021-27849
 	RESERVED
 CVE-2021-27848
@@ -8371,9 +8371,9 @@ CVE-2021-27675
 CVE-2021-27674
 	RESERVED
 CVE-2021-27673 (Cross Site Scripting (XSS) in the "admin_boxes.ajax.php" component of  ...)
-	TODO: check
+	NOT-FOR-US: Tribal Systems Zenario CMS
 CVE-2021-27672 (SQL Injection in the "admin_boxes.ajax.php" component of Tribal System ...)
-	TODO: check
+	NOT-FOR-US: Tribal Systems Zenario CMS
 CVE-2021-27671 (An issue was discovered in the comrak crate before 0.9.1 for Rust. XSS ...)
 	NOT-FOR-US: comrak rust crate
 CVE-2021-27670 (Appspace 6.2.4 allows SSRF via the api/v1/core/proxy/jsonprequest url  ...)
@@ -8639,9 +8639,9 @@ CVE-2021-27547
 CVE-2021-27546
 	RESERVED
 CVE-2021-27545 (SQL Injection in the "add-services.php" component of PHPGurukul Beauty ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul Beauty Parlour Management System
 CVE-2021-27544 (Cross Site Scripting (XSS) in the "add-services.php" component of PHPG ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul Beauty Parlour Management System
 CVE-2021-27543
 	RESERVED
 CVE-2021-27542
@@ -9579,7 +9579,7 @@ CVE-2021-27131
 CVE-2021-27130 (Online Reviewer System 1.0 contains a SQL injection vulnerability thro ...)
 	NOT-FOR-US: Online Reviewer System
 CVE-2021-27129 (CASAP Automated Enrollment System version 1.0 contains a cross-site sc ...)
-	TODO: check
+	NOT-FOR-US: CASAP Automated Enrollment System
 CVE-2021-27128
 	RESERVED
 CVE-2021-27127
@@ -10871,7 +10871,7 @@ CVE-2021-26584
 CVE-2021-26583
 	RESERVED
 CVE-2021-26582 (A security vulnerability in HPE IceWall SSO Domain Gateway Option (Dgf ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2021-26581 (A potential security vulnerability has been identified in HPE Superdom ...)
 	NOT-FOR-US: HPE
 CVE-2021-26580 (A potential security vulnerability has been identified in HPE iLO Ampl ...)
@@ -12729,7 +12729,7 @@ CVE-2021-3245
 CVE-2021-3244
 	RESERVED
 CVE-2021-3243 (Wfilter ICF 5.0.117 contains a cross-site scripting (XSS) vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: Wfilter ICF
 CVE-2021-3242
 	RESERVED
 CVE-2021-3241
@@ -17272,13 +17272,13 @@ CVE-2021-23889 (Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrato
 CVE-2021-23888 (Unvalidated client-side URL redirect vulnerability in McAfee ePolicy O ...)
 	NOT-FOR-US: McAfee
 CVE-2021-23887 (Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2021-23886 (Denial of Service vulnerability in McAfee Data Loss Prevention (DLP) E ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2021-23885 (Privilege escalation vulnerability in McAfee Web Gateway (MWG) prior t ...)
 	NOT-FOR-US: McAfee
 CVE-2021-23884 (Cleartext Transmission of Sensitive Information vulnerability in the e ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2021-23883 (A Null Pointer Dereference vulnerability in McAfee Endpoint Security ( ...)
 	NOT-FOR-US: McAfee
 CVE-2021-23882 (Improper Access Control vulnerability in McAfee Endpoint Security (ENS ...)
@@ -24925,17 +24925,17 @@ CVE-2021-21098
 CVE-2021-21097
 	RESERVED
 CVE-2021-21096 (Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) ar ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-21095 (Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) ar ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-21094 (Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) ar ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-21093 (Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) ar ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-21092 (Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) ar ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-21091 (Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) ar ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-21090
 	RESERVED
 CVE-2021-21089
@@ -24943,7 +24943,7 @@ CVE-2021-21089
 CVE-2021-21088
 	RESERVED
 CVE-2021-21087 (Adobe Coldfusion versions 2016 (update 16 and earlier) and 2018 (updat ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-21086
 	RESERVED
 CVE-2021-21085 (Adobe Connect version 11.0.7 (and earlier) is affected by an Input Val ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/be682058de923e847a56d484e4c6d9f6b64b6302

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/be682058de923e847a56d484e4c6d9f6b64b6302
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210415/972fa63d/attachment.htm>

More information about the debian-security-tracker-commits mailing list