[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Sat Apr 24 09:41:23 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e291a48c by Salvatore Bonaccorso at 2021-04-24T10:31:06+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2021-31791 (In Hardware Sentry KM before 10.0.01 for BMC PATROL, a cleartext passw ...)
-	TODO: check
+	NOT-FOR-US: Sentry KM
 CVE-2021-31790
 	RESERVED
 CVE-2021-31789
@@ -21,7 +21,7 @@ CVE-2021-31782
 CVE-2021-31781
 	RESERVED
 CVE-2021-31780 (In app/Model/MispObject.php in MISP 2.4.141, an incorrect sharing grou ...)
-	TODO: check
+	NOT-FOR-US: MISP
 CVE-2021-31779
 	RESERVED
 CVE-2021-31778
@@ -425,9 +425,9 @@ CVE-2021-31586
 CVE-2021-31585
 	RESERVED
 CVE-2021-31584 (Sipwise C5 NGCP CSC through CE_m39.3.1 allows call/click2dial CSRF att ...)
-	TODO: check
+	NOT-FOR-US: Sipwise
 CVE-2021-31583 (Sipwise C5 NGCP CSC through CE_m39.3.1 has multiple authenticated stor ...)
-	TODO: check
+	NOT-FOR-US: Sipwise
 CVE-2021-31582
 	RESERVED
 CVE-2021-31581
@@ -5854,7 +5854,7 @@ CVE-2021-29160
 CVE-2021-29159
 	RESERVED
 CVE-2021-29158 (Sonatype Nexus Repository Manager 3 Pro up to and including 3.30.0 has ...)
-	TODO: check
+	NOT-FOR-US: Sonatype Nexus Repository Manager
 CVE-2021-29157
 	RESERVED
 CVE-2021-29156 (ForgeRock OpenAM before 13.5.1 allows LDAP injection via the Webfinger ...)
@@ -13782,9 +13782,9 @@ CVE-2021-3199 (Directory traversal with remote code execution can occur in /uplo
 CVE-2021-3198
 	RESERVED
 CVE-2021-25899 (An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0 ...)
-	TODO: check
+	NOT-FOR-US: Void Aural Rec Monitor
 CVE-2021-25898 (An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0 ...)
-	TODO: check
+	NOT-FOR-US: Void Aural Rec Monitor
 CVE-2021-25897
 	RESERVED
 CVE-2021-25896
@@ -14868,7 +14868,7 @@ CVE-2021-25384
 CVE-2021-25383
 	RESERVED
 CVE-2021-25382 (An improper authorization of using debugging command in Secure Folder  ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2021-25381 (Using unsafe PendingIntent in Samsung Account in versions 10.8.0.4 in  ...)
 	NOT-FOR-US: Samsung
 CVE-2021-25380 (Improper handling of exceptional conditions in Bixby prior to version  ...)
@@ -61204,7 +61204,7 @@ CVE-2020-17544
 CVE-2020-17543
 	RESERVED
 CVE-2020-17542 (Cross Site Scripting (XSS) in dotCMS v5.1.5 allows remote attackers to ...)
-	TODO: check
+	NOT-FOR-US: dotCMS
 CVE-2020-17541
 	RESERVED
 CVE-2020-17540



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e291a48c08b5b58fcc72af6bd93874c1d79636eb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e291a48c08b5b58fcc72af6bd93874c1d79636eb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210424/15551f30/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list