[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Aug 12 10:11:43 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6bc7c9a1 by Salvatore Bonaccorso at 2021-08-12T11:11:09+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -57,15 +57,15 @@ CVE-2021-38569 (An issue was discovered in Foxit Reader and PhantomPDF before 10
 CVE-2021-38568 (An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4.  ...)
 	NOT-FOR-US: Foxit Reader
 CVE-2021-38567 (An issue was discovered in Foxit PDF Editor before 11.0.1 and PDF Read ...)
-	TODO: check
+	NOT-FOR-US: Foxit
 CVE-2021-38566 (An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Edit ...)
-	TODO: check
+	NOT-FOR-US: Foxit
 CVE-2021-38565 (An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Edit ...)
-	TODO: check
+	NOT-FOR-US: Foxit
 CVE-2021-38564 (An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Edit ...)
-	TODO: check
+	NOT-FOR-US: Foxit
 CVE-2021-38563 (An issue was discovered in Foxit PDF Reader before 11.0.1 and PDF Edit ...)
-	TODO: check
+	NOT-FOR-US: Foxit
 CVE-2021-3703
 	RESERVED
 CVE-2021-3702
@@ -2193,9 +2193,9 @@ CVE-2021-37629
 CVE-2021-37628
 	RESERVED
 CVE-2021-37627 (Contao is an open source CMS that allows creation of websites and scal ...)
-	TODO: check
+	NOT-FOR-US: Contao CMS
 CVE-2021-37626 (Contao is an open source CMS that allows you to create websites and sc ...)
-	TODO: check
+	NOT-FOR-US: Contao CMS
 CVE-2021-37625 (Skytable is an open source NoSQL database. In versions prior to 0.6.4  ...)
 	NOT-FOR-US: Skytable
 CVE-2021-37624
@@ -62434,19 +62434,19 @@ CVE-2020-25568
 CVE-2020-25567
 	RESERVED
 CVE-2020-25566 (In SapphireIMS 5.0, it is possible to take over an account by sending  ...)
-	TODO: check
+	NOT-FOR-US: SapphireIMS
 CVE-2020-25565 (In SapphireIMS 5.0, it is possible to use the hardcoded credential in  ...)
-	TODO: check
+	NOT-FOR-US: SapphireIMS
 CVE-2020-25564 (In SapphireIMS 5.0, it is possible to create local administrator on an ...)
-	TODO: check
+	NOT-FOR-US: SapphireIMS
 CVE-2020-25563 (In SapphireIMS 5.0, it is possible to create local administrator on an ...)
-	TODO: check
+	NOT-FOR-US: SapphireIMS
 CVE-2020-25562 (In SapphireIMS 5.0, there is no CSRF token present in the entire appli ...)
-	TODO: check
+	NOT-FOR-US: SapphireIMS
 CVE-2020-25561 (SapphireIMS 5 utilized default sapphire:ims credentials to connect the ...)
-	TODO: check
+	NOT-FOR-US: SapphireIMS
 CVE-2020-25560 (In SapphireIMS 5.0, it is possible to use the hardcoded credential in  ...)
-	TODO: check
+	NOT-FOR-US: SapphireIMS
 CVE-2020-25559 (gnuplot 5.5 is affected by double free when executing print_set_output ...)
 	- gnuplot <unfixed> (unimportant)
 	NOTE: https://sourceforge.net/p/gnuplot/bugs/2312/
@@ -71536,13 +71536,13 @@ CVE-2020-21364
 CVE-2020-21363 (An arbitrary file deletion vulnerability exists within Maccms10. ...)
 	TODO: check
 CVE-2020-21362 (A cross site scripting (XSS) vulnerability in the background search fu ...)
-	TODO: check
+	NOT-FOR-US: Maccms10
 CVE-2020-21361
 	RESERVED
 CVE-2020-21360
 	RESERVED
 CVE-2020-21359 (An arbitrary file upload vulnerability in the Template Upload function ...)
-	TODO: check
+	NOT-FOR-US: Maccms10
 CVE-2020-21358 (A cross site request forgery (CSRF) in Wage-CMS 1.5.x-dev allows attac ...)
 	NOT-FOR-US: Wage-CMS
 CVE-2020-21357 (A stored cross site scripting (XSS) vulnerability in /admin.php?mod=us ...)
@@ -239610,13 +239610,13 @@ CVE-2017-16634 (In Joomla! before 3.8.2, a bug allowed third parties to bypass a
 CVE-2017-16633 (In Joomla! before 3.8.2, a logic bug in com_fields exposed read-only i ...)
 	NOT-FOR-US: Joomla!
 CVE-2017-16632 (In SapphireIMS 4097_1, the password in the database is stored in Base6 ...)
-	TODO: check
+	NOT-FOR-US: SapphireIMS
 CVE-2017-16631 (In SapphireIMS 4097_1, a guest user is able to change the password of  ...)
-	TODO: check
+	NOT-FOR-US: SapphireIMS
 CVE-2017-16630 (In SapphireIMS 4097_1, a guest user can create a local administrator a ...)
-	TODO: check
+	NOT-FOR-US: SapphireIMS
 CVE-2017-16629 (In SapphireIMS 4097_1, it is possible to guess the registered/active u ...)
-	TODO: check
+	NOT-FOR-US: SapphireIMS
 CVE-2017-16628
 	RESERVED
 CVE-2017-16627



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6bc7c9a13fa85b1f6bfec462f7ca8584fa35a0eb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6bc7c9a13fa85b1f6bfec462f7ca8584fa35a0eb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210812/9e1c56d1/attachment.htm>

More information about the debian-security-tracker-commits mailing list