[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Apr 29 09:34:49 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
524f25aa by Salvatore Bonaccorso at 2021-04-29T10:34:03+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -306,7 +306,7 @@ CVE-2020-13672 [SA-CORE-2021-002]
 	- drupal7 <removed>
 	NOTE: https://www.drupal.org/sa-core-2021-002
 CVE-2021-31776 (Aviatrix VPN Client before 2.14.14 on Windows has an unquoted search p ...)
-	TODO: check
+	NOT-FOR-US: Aviatrix VPN Client
 CVE-2021-31775
 	RESERVED
 CVE-2021-31774
@@ -15801,9 +15801,9 @@ CVE-2021-25167
 CVE-2021-25166
 	RESERVED
 CVE-2021-25165 (A remote XML external entity vulnerability was discovered in Aruba Air ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2021-25164 (A remote XML external entity vulnerability was discovered in Aruba Air ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2021-25163
 	RESERVED
 CVE-2021-25162 (A remote execution of arbitrary commands vulnerability was discovered  ...)
@@ -15827,7 +15827,7 @@ CVE-2021-25154 (A remote escalation of privilege vulnerability was discovered in
 CVE-2021-25153 (A remote SQL injection vulnerability was discovered in Aruba AirWave M ...)
 	NOT-FOR-US: Aruba
 CVE-2021-25152 (A remote insecure deserialization vulnerability was discovered in Arub ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2021-25151 (A remote insecure deserialization vulnerability was discovered in Arub ...)
 	NOT-FOR-US: Aruba
 CVE-2021-25150 (A remote execution of arbitrary commands vulnerability was discovered  ...)
@@ -51028,9 +51028,9 @@ CVE-2020-22792
 CVE-2020-22791
 	RESERVED
 CVE-2020-22790 (Authenticated Stored XSS in FME Server versions 2019.2 and 2020.0 Beta ...)
-	TODO: check
+	NOT-FOR-US: FME Server
 CVE-2020-22789 (Unauthenticated Stored XSS in FME Server versions 2019.2 and 2020.0 Be ...)
-	TODO: check
+	NOT-FOR-US: FME Server
 CVE-2020-22788
 	RESERVED
 CVE-2020-22787
@@ -90058,7 +90058,7 @@ CVE-2020-7039 (tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, m
 CVE-2020-7038 (A vulnerability was discovered in Management component of Avaya Equino ...)
 	TODO: check
 CVE-2020-7037 (An XML External Entities (XXE) vulnerability in Media Server component ...)
-	TODO: check
+	NOT-FOR-US: Avaya Equinox Conferencing
 CVE-2020-7036 (An XML External Entities (XXE)vulnerability in Callback Assist could a ...)
 	NOT-FOR-US: Callback Assist
 CVE-2020-7035 (An XML External Entities (XXE)vulnerability in the web-based user inte ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/524f25aa4facc7b03f5c07e7cb6421c75dac8d06

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/524f25aa4facc7b03f5c07e7cb6421c75dac8d06
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210429/996b76d4/attachment.htm>

More information about the debian-security-tracker-commits mailing list