[Git][security-tracker-team/security-tracker][master] Process NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e78e199c by Salvatore Bonaccorso at 2021-04-16T22:20:14+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4523,13 +4523,13 @@ CVE-2021-29435 (trestle-auth is an authentication plugin for the Trestle admin f
 CVE-2021-29434
 	RESERVED
 CVE-2021-29433 (### Impact Missing input validation of some parameters on the endpoint ...)
-	TODO: check
+	NOT-FOR-US: Matrix Sydent
 CVE-2021-29432 (Sydent is a reference matrix identity server. A malicious user could a ...)
-	TODO: check
+	NOT-FOR-US: Matrix Sydent
 CVE-2021-29431 (Sydent is a reference Matrix identity server. Sydent can be induced to ...)
-	TODO: check
+	NOT-FOR-US: Matrix Sydent
 CVE-2021-29430 (Sydent is a reference Matrix identity server. Sydent does not limit th ...)
-	TODO: check
+	NOT-FOR-US: Matrix Sydent
 CVE-2021-29429 (In Gradle before version 7.0, files created with open permissions in t ...)
 	- gradle <unfixed>
 	NOTE: https://github.com/gradle/gradle/security/advisories/GHSA-fp8h-qmr5-j4c8
@@ -10561,7 +10561,7 @@ CVE-2021-26832 (Cross Site Scripting (XSS) in the "Reset Password" page form of
 CVE-2021-26831
 	RESERVED
 CVE-2021-26830 (SQL Injection in Tribalsystems Zenario CMS 8.8.52729 allows remote att ...)
-	TODO: check
+	NOT-FOR-US: Tribalsystems Zenario CMS
 CVE-2021-26829
 	RESERVED
 CVE-2021-26828
@@ -20479,7 +20479,7 @@ CVE-2021-22541
 CVE-2021-22540
 	RESERVED
 CVE-2021-22539 (An attacker can place a crafted JSON config file into the project fold ...)
-	TODO: check
+	NOT-FOR-US: VScode-bazel
 CVE-2021-22538 (A privilege escalation vulnerability impacting the Google Exposure Not ...)
 	NOT-FOR-US: Google Exposure Notification Verification Server
 CVE-2021-22537
@@ -26446,7 +26446,7 @@ CVE-2021-20493
 CVE-2021-20492
 	RESERVED
 CVE-2021-20491 (IBM Spectrum Protect Server 7.1 and 8.1 is subject to a stack-based bu ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20490
 	RESERVED
 CVE-2021-20489
@@ -82267,7 +82267,7 @@ CVE-2020-9683 (Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 ha
 CVE-2020-9682 (Adobe Creative Cloud Desktop Application versions 5.1 and earlier have ...)
 	NOT-FOR-US: Adobe
 CVE-2020-9681 (Adobe Genuine Service version 6.6 (and earlier) is affected by an Unco ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2020-9680 (Adobe Prelude versions 9.0 and earlier have an out-of-bounds write vul ...)
 	NOT-FOR-US: Adobe
 CVE-2020-9679 (Adobe Prelude versions 9.0 and earlier have an out-of-bounds read vuln ...)
@@ -82293,9 +82293,9 @@ CVE-2020-9670 (Adobe Creative Cloud Desktop Application versions 5.1 and earlier
 CVE-2020-9669 (Adobe Creative Cloud Desktop Application versions 5.1 and earlier have ...)
 	NOT-FOR-US: Adobe
 CVE-2020-9668 (Adobe Genuine Service version 6.6 (and earlier) is affected by an Impr ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2020-9667 (Adobe Genuine Service version 6.6 (and earlier) is affected by an Unco ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2020-9666 (Adobe Campaign Classic before 20.2 have an out-of-bounds read vulnerab ...)
 	NOT-FOR-US: Adobe
 CVE-2020-9665 (Magento versions 1.14.4.5 and earlier, and 1.9.4.5 and earlier have a  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e78e199ccb3c03559cd6d4374f290962cf685ede

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e78e199ccb3c03559cd6d4374f290962cf685ede
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210416/1e98fcd8/attachment-0001.htm>