[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Apr 22 05:17:43 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c41404ea by Salvatore Bonaccorso at 2021-04-22T06:16:40+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -434,11 +434,11 @@ CVE-2021-31331
 CVE-2021-31330
 	RESERVED
 CVE-2021-31329 (Cross Site Scripting (XSS) in Remote Clinic v2.0 via the "Chat" and "P ...)
-	TODO: check
+	NOT-FOR-US: Remote Clinic
 CVE-2021-31328
 	RESERVED
 CVE-2021-31327 (Stored XSS in Remote Clinic v2.0 in /medicines due to Medicine Name Fi ...)
-	TODO: check
+	NOT-FOR-US: Remote Clinic
 CVE-2021-31326
 	RESERVED
 CVE-2021-31325
@@ -3056,7 +3056,7 @@ CVE-2021-30141 (** DISPUTED ** Module/Settings/UserExport.php in Friendica throu
 CVE-2021-30140 (LiquidFiles 3.4.15 has stored XSS through the "send email" functionali ...)
 	NOT-FOR-US: LiquidFiles
 CVE-2021-30139 (In Alpine Linux apk-tools before 2.12.5, the tarball parser allows a b ...)
-	TODO: check
+	NOT-FOR-US: Alpine Linux apk-tools
 CVE-2021-30138
 	REJECTED
 CVE-2021-30137
@@ -4583,7 +4583,7 @@ CVE-2021-29457 (Exiv2 is a command-line utility and C++ library for reading, wri
 	NOTE: https://github.com/Exiv2/exiv2/issues/1529
 	NOTE: https://github.com/Exiv2/exiv2/pull/1534
 CVE-2021-29456 (Authelia is an open-source authentication and authorization server pro ...)
-	TODO: check
+	NOT-FOR-US: Authelia
 CVE-2021-29455 (Grassroot Platform is an application to make it faster, cheaper and ea ...)
 	NOT-FOR-US: Grassroot Platform
 CVE-2021-29454
@@ -28654,7 +28654,7 @@ CVE-2020-35316
 CVE-2020-35315
 	RESERVED
 CVE-2020-35314 (An OS command injection vulnerability in the installUpdateThemePluginA ...)
-	TODO: check
+	NOT-FOR-US: WonderCMS
 CVE-2020-35313 (A server-side request forgery (SSRF) vulnerability in the addCustomThe ...)
 	NOT-FOR-US: WonderCMS
 CVE-2020-35312
@@ -32598,7 +32598,7 @@ CVE-2020-28984 (prive/formulaires/configurer_preferences.php in SPIP before 3.2.
 CVE-2020-28975 (** DISPUTED ** svm_predict_values in svm.cpp in Libsvm v324, as used i ...)
 	NOTE: disputed libsvm non issue
 CVE-2020-28973 (The ABUS Secvest wireless alarm system FUAA50000 (v3.01.17) fails to p ...)
-	TODO: check
+	NOT-FOR-US: ABUS Secvest wireless alarm system FUAA50000
 CVE-2020-28972 (In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsp ...)
 	- salt 3002.5+dfsg1-1 (bug #983632)
 	NOTE: https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
@@ -47928,7 +47928,7 @@ CVE-2020-23914 (An issue was discovered in cpp-peglib through v0.1.12. A NULL po
 CVE-2020-23913
 	RESERVED
 CVE-2020-23912 (An issue was discovered in Bento4 through v1.6.0-637. A NULL pointer d ...)
-	TODO: check
+	NOT-FOR-US: Bento4
 CVE-2020-23911
 	RESERVED
 CVE-2020-23910



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c41404ea61f01dc1f223e5d77123c02a1f7fe050

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c41404ea61f01dc1f223e5d77123c02a1f7fe050
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210422/44c87bef/attachment.htm>

More information about the debian-security-tracker-commits mailing list