[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Aug 13 14:11:00 BST 2021



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
467f281f by Salvatore Bonaccorso at 2021-08-13T15:10:24+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15,7 +15,7 @@ CVE-2021-38608
 CVE-2021-38607
 	RESERVED
 CVE-2021-38606 (reNgine through 0.5 relies on a predictable directory name. ...)
-	TODO: check
+	NOT-FOR-US: reNgine
 CVE-2021-38605
 	RESERVED
 CVE-2021-38604 (In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/s ...)
@@ -29,7 +29,7 @@ CVE-2021-38601
 CVE-2021-38600
 	RESERVED
 CVE-2021-38599 (WAL-G before 1.1, when a non-libsodium build (e.g., one of the officia ...)
-	TODO: check
+	NOT-FOR-US: WAL-G
 CVE-2021-38598
 	RESERVED
 CVE-2021-38597 (wolfSSL before 4.8.1 incorrectly skips OCSP verification in certain si ...)
@@ -534,7 +534,7 @@ CVE-2021-38368
 CVE-2021-38367
 	RESERVED
 CVE-2021-38366 (Sitecore through 10.1, when Update Center is enabled, allows remote au ...)
-	TODO: check
+	NOT-FOR-US: Sitecore
 CVE-2021-38365 (Winner (aka ToneWinner) desktop speakers through 2021-08-09 allow remo ...)
 	NOT-FOR-US: Winner (aka ToneWinner) desktop speakers
 CVE-2021-3698
@@ -1257,11 +1257,11 @@ CVE-2021-3682 (A flaw was found in the USB redirector device emulation of QEMU i
 	NOTE: Introduced by: https://gitlab.com/qemu-project/qemu/-/commit/b2d1fe67d09d2b6c7da647fbcea6ca0148c206d3 (v1.4.0-rc0)
 	NOTE: Fixed by: https://gitlab.com/qemu-project/qemu/-/commit/5e796671e6b8d5de4b0b423dce1b3eba144a92c9 (v6.1.0-rc2)
 CVE-2021-38088 (Acronis Cyber Protect 15 for Windows prior to build 27009 allowed loca ...)
-	TODO: check
+	NOT-FOR-US: Acronis Cyber Protect
 CVE-2021-38087 (Reflected cross-site scripting (XSS) was possible on the login page in ...)
-	TODO: check
+	NOT-FOR-US: Acronis Cyber Protect
 CVE-2021-38086 (Acronis Cyber Protect 15 for Windows prior to build 27009 and Acronis  ...)
-	TODO: check
+	NOT-FOR-US: Acronis Cyber Protect
 CVE-2021-38085 (The Canon TR150 print driver through 3.71.2.10 is vulnerable to a priv ...)
 	NOT-FOR-US: Canon
 CVE-2021-38084 (An issue was discovered in the POP3 component of Courier Mail Server b ...)
@@ -3701,7 +3701,7 @@ CVE-2021-36960
 CVE-2021-36959
 	RESERVED
 CVE-2021-36958 (Windows Print Spooler Remote Code Execution Vulnerability This CVE ID  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-36957
 	RESERVED
 CVE-2021-36956
@@ -3717,43 +3717,43 @@ CVE-2021-36952
 CVE-2021-36951
 	RESERVED
 CVE-2021-36950 (Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-36949 (Microsoft Azure Active Directory Connect Authentication Bypass Vulnera ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-36948 (Windows Update Medic Service Elevation of Privilege Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-36947 (Windows Print Spooler Remote Code Execution Vulnerability This CVE ID  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-36946 (Microsoft Dynamics Business Central Cross-site Scripting Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-36945 (Windows 10 Update Assistant Elevation of Privilege Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-36944
 	RESERVED
 CVE-2021-36943 (Azure CycleCloud Elevation of Privilege Vulnerability This CVE ID is u ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-36942 (Windows LSA Spoofing Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-36941 (Microsoft Word Remote Code Execution Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-36940 (Microsoft SharePoint Server Spoofing Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-36939
 	RESERVED
 CVE-2021-36938 (Windows Cryptographic Primitives Library Information Disclosure Vulner ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-36937 (Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-36936 (Windows Print Spooler Remote Code Execution Vulnerability This CVE ID  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-36935
 	RESERVED
 CVE-2021-36934 (Windows Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-36933 (Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vuln ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-36932 (Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vuln ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-36931
 	RESERVED
 CVE-2021-36930
@@ -3763,9 +3763,9 @@ CVE-2021-36929
 CVE-2021-36928
 	RESERVED
 CVE-2021-36927 (Windows Digital TV Tuner device registration application Elevation of  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-36926 (Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vuln ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-36925
 	RESERVED
 CVE-2021-36924
@@ -6076,7 +6076,7 @@ CVE-2021-35957 (Stormshield Endpoint Security Evolution 2.0.0 through 2.0.2 does
 CVE-2021-35956 (Stored cross-site scripting (XSS) in the embedded webserver of AKCP se ...)
 	NOT-FOR-US: AKCP sensorProbe
 CVE-2021-35955 (Contao >=4.0.0 allows backend XSS via HTML attributes to an HTML fi ...)
-	TODO: check
+	NOT-FOR-US: Contao CMS
 CVE-2021-35954
 	RESERVED
 CVE-2021-35953
@@ -9271,21 +9271,21 @@ CVE-2021-34538
 CVE-2019-25046 (The Web Client in Cerberus FTP Server Enterprise before 10.0.19 and 11 ...)
 	NOT-FOR-US: Cerberus FTP Server Enterprise
 CVE-2021-34537 (Windows Bluetooth Driver Elevation of Privilege Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-34536 (Storage Spaces Controller Elevation of Privilege Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-34535 (Remote Desktop Client Remote Code Execution Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-34534 (Windows MSHTML Platform Remote Code Execution Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-34533 (Windows Graphics Component Font Parsing Remote Code Execution Vulnerab ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-34532 (ASP.NET Core and Visual Studio Information Disclosure Vulnerability ...)
 	TODO: check
 CVE-2021-34531
 	RESERVED
 CVE-2021-34530 (Windows Graphics Component Remote Code Execution Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-34529 (Visual Studio Code Remote Code Execution Vulnerability This CVE ID is  ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-34528 (Visual Studio Code Remote Code Execution Vulnerability This CVE ID is  ...)
@@ -9297,7 +9297,7 @@ CVE-2021-34526
 CVE-2021-34525 (Windows DNS Server Remote Code Execution Vulnerability This CVE ID is  ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-34524 (Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-34523 (Microsoft Exchange Server Elevation of Privilege Vulnerability This CV ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-34522 (Microsoft Defender Remote Code Execution Vulnerability This CVE ID is  ...)
@@ -9371,25 +9371,25 @@ CVE-2021-34489 (DirectWrite Remote Code Execution Vulnerability ...)
 CVE-2021-34488 (Windows Console Driver Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-34487 (Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-34486 (Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-34485 (.NET Core and Visual Studio Information Disclosure Vulnerability ...)
 	TODO: check
 CVE-2021-34484 (Windows User Profile Service Elevation of Privilege Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-34483 (Windows Print Spooler Elevation of Privilege Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-34482
 	RESERVED
 CVE-2021-34481 (Windows Print Spooler Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-34480 (Scripting Engine Memory Corruption Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-34479 (Microsoft Visual Studio Spoofing Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-34478 (Microsoft Office Remote Code Execution Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-34477 (Visual Studio Code .NET Runtime Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-34476 (Bowser.sys Denial of Service Vulnerability ...)
@@ -9403,7 +9403,7 @@ CVE-2021-34473 (Microsoft Exchange Server Remote Code Execution Vulnerability Th
 CVE-2021-34472
 	RESERVED
 CVE-2021-34471 (Microsoft Windows Defender Elevation of Privilege Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-34470 (Microsoft Exchange Server Elevation of Privilege Vulnerability This CV ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-34469 (Microsoft Office Security Feature Bypass Vulnerability ...)
@@ -11035,7 +11035,7 @@ CVE-2021-33764 (Windows Key Distribution Center Information Disclosure Vulnerabi
 CVE-2021-33763 (Windows Remote Access Connection Manager Information Disclosure Vulner ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-33762 (Azure CycleCloud Elevation of Privilege Vulnerability This CVE ID is u ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-33761 (Windows Remote Access Connection Manager Elevation of Privilege Vulner ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-33760 (Media Foundation Information Disclosure Vulnerability ...)
@@ -12723,7 +12723,7 @@ CVE-2021-33045
 CVE-2021-33044
 	RESERVED
 CVE-2020-36363 (Amazon AWS CloudFront TLSv1.2_2019 allows TLS_ECDHE_RSA_WITH_AES_128_C ...)
-	TODO: check
+	NOT-FOR-US: Amazon AWS CloudFront
 CVE-2021-3554
 	RESERVED
 CVE-2021-3553
@@ -16187,7 +16187,7 @@ CVE-2021-31700
 CVE-2021-31699
 	RESERVED
 CVE-2021-31698 (Quectel EG25-G devices through 202006130814 allow executing arbitrary  ...)
-	TODO: check
+	NOT-FOR-US: Quectel EG25-G devices
 CVE-2021-31697
 	RESERVED
 CVE-2021-31696
@@ -22193,7 +22193,7 @@ CVE-2021-29379 (** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered on D-Lin
 CVE-2021-29378
 	RESERVED
 CVE-2021-29377 (Pear Admin Think through 2.1.2 has an arbitrary file upload vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: Pear Admin Think
 CVE-2021-29376 (ircII before 20210314 allows remote attackers to cause a denial of ser ...)
 	- ircii-pana <removed>
 	- ircii 20210314-1 (bug #986214)
@@ -23343,7 +23343,7 @@ CVE-2021-28892
 CVE-2021-28891
 	RESERVED
 CVE-2021-28890 (J2eeFAST 2.2.1 allows remote attackers to perform SQL injection via th ...)
-	TODO: check
+	NOT-FOR-US: J2eeFAST
 CVE-2021-28889
 	RESERVED
 CVE-2021-28888
@@ -29238,25 +29238,25 @@ CVE-2021-26435
 CVE-2021-26434
 	RESERVED
 CVE-2021-26433 (Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vuln ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-26432 (Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulne ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-26431 (Windows Recovery Environment Agent Elevation of Privilege Vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-26430 (Azure Sphere Denial of Service Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-26429 (Azure Sphere Elevation of Privilege Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-26428 (Azure Sphere Information Disclosure Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-26427
 	RESERVED
 CVE-2021-26426 (Windows User Account Profile Picture Elevation of Privilege Vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-26425 (Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-26424 (Windows TCP/IP Remote Code Execution Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2021-26423 (.NET Core and Visual Studio Denial of Service Vulnerability ...)
 	TODO: check
 CVE-2021-26422 (Skype for Business and Lync Remote Code Execution Vulnerability ...)
@@ -39458,7 +39458,7 @@ CVE-2021-22100
 CVE-2021-22099
 	RESERVED
 CVE-2021-22098 (UAA server versions prior to 75.4.0 are vulnerable to an open redirect ...)
-	TODO: check
+	NOT-FOR-US: UAA server
 CVE-2021-22097
 	RESERVED
 CVE-2021-22096
@@ -44595,7 +44595,7 @@ CVE-2021-20511 (IBM Security Verify Access Docker 10.0.0 could allow a remote at
 CVE-2021-20510 (IBM Security Verify Access Docker 10.0.0 stores user credentials in pl ...)
 	NOT-FOR-US: IBM
 CVE-2021-20509 (IBM Maximo Asset Management 7.6.0 and 7.6.1 is potentially vulnerable  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20508
 	RESERVED
 CVE-2021-20507 (IBM Jazz Foundation and IBM Engineering products are vulnerable to cro ...)
@@ -52633,23 +52633,23 @@ CVE-2021-1116
 CVE-2021-1115
 	RESERVED
 CVE-2021-1114 (NVIDIA Linux kernel distributions contain a vulnerability in the kerne ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2021-1113 (NVIDIA camera firmware contains a vulnerability where an unauthorized  ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2021-1112 (NVIDIA Linux kernel distributions contain a vulnerability in nvmap, wh ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2021-1111 (Bootloader contains a vulnerability in the NV3P server where any user  ...)
 	TODO: check
 CVE-2021-1110 (NVIDIA Linux kernel distributions on Jetson Xavier contain a vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2021-1109 (NVIDIA camera firmware contains a multistep, timing-related vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2021-1108 (NVIDIA Linux kernel distributions contain a vulnerability in FuSa Capt ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2021-1107 (NVIDIA Linux kernel distributions contain a vulnerability in nvmap NVM ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2021-1106 (NVIDIA Linux kernel distributions contain a vulnerability in nvmap, wh ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2021-1105
 	RESERVED
 CVE-2021-1104
@@ -55307,7 +55307,7 @@ CVE-2020-28167
 CVE-2020-28166
 	RESERVED
 CVE-2020-28165 (The EasyCorp ZenTao PMS 12.4.2 application suffers from an arbitrary f ...)
-	TODO: check
+	NOT-FOR-US: EasyCorp ZenTao PMS
 CVE-2020-28164
 	RESERVED
 CVE-2020-28163
@@ -64781,7 +64781,7 @@ CVE-2020-24578 (An issue was discovered on D-Link DSL-2888A devices with firmwar
 CVE-2020-24577 (An issue was discovered on D-Link DSL-2888A devices with firmware prio ...)
 	NOT-FOR-US: D-Link
 CVE-2020-24576 (Netskope Client through 77 allows low-privileged users to elevate thei ...)
-	TODO: check
+	NOT-FOR-US: Netskope Client
 CVE-2020-24575
 	RESERVED
 CVE-2020-24574 (The client (aka GalaxyClientService.exe) in GOG GALAXY through 2.0.20  ...)
@@ -72330,11 +72330,11 @@ CVE-2020-20992
 CVE-2020-20991
 	RESERVED
 CVE-2020-20990 (A cross site scripting (XSS) vulnerability in the /segments/edit.php c ...)
-	TODO: check
+	NOT-FOR-US: DomainMOD
 CVE-2020-20989 (A cross-site request forgery (CSRF) in /admin/maintenance/ of Domainmo ...)
-	TODO: check
+	NOT-FOR-US: DomainMOD
 CVE-2020-20988 (A cross site scripting (XSS) vulnerability in the /domains/cost-by-own ...)
-	TODO: check
+	NOT-FOR-US: DomainMOD
 CVE-2020-20987
 	RESERVED
 CVE-2020-20986
@@ -72348,19 +72348,19 @@ CVE-2020-20983
 CVE-2020-20982
 	RESERVED
 CVE-2020-20981 (A SQL injection in the /admin/?n=logs&c=index&a=dolist compone ...)
-	TODO: check
+	NOT-FOR-US: Metinfo
 CVE-2020-20980
 	RESERVED
 CVE-2020-20979 (An arbitrary file upload vulnerability in the move_uploaded_file() fun ...)
-	TODO: check
+	NOT-FOR-US: LJCMS
 CVE-2020-20978
 	RESERVED
 CVE-2020-20977 (A stored cross site scripting (XSS) vulnerability in index.php/legend/ ...)
-	TODO: check
+	NOT-FOR-US: UK CMS
 CVE-2020-20976
 	RESERVED
 CVE-2020-20975 (In \lib\admin\action\dataaction.class.php in Gxlcms v1.1, SQL Injectio ...)
-	TODO: check
+	NOT-FOR-US: Gxlcms
 CVE-2020-20974
 	RESERVED
 CVE-2020-20973
@@ -77472,45 +77472,45 @@ CVE-2020-18466
 CVE-2020-18465
 	RESERVED
 CVE-2020-18464 (Cross Site Request Forgery (CSRF) vulnerability in AikCms 2.0.0 in vid ...)
-	TODO: check
+	NOT-FOR-US: AikCms
 CVE-2020-18463 (Cross Site Request Forgery (CSRF) vulnerability exists in v2.0.0 in vi ...)
 	TODO: check
 CVE-2020-18462 (File Upload vulnerabilty in AikCms v2.0.0 in poster_edit.php because t ...)
-	TODO: check
+	NOT-FOR-US: AikCms
 CVE-2020-18461
 	RESERVED
 CVE-2020-18460 (Cross Site Request Forgery (CSRF) vulnerability exists in 711cms v1.0. ...)
-	TODO: check
+	NOT-FOR-US: 711cms
 CVE-2020-18459
 	RESERVED
 CVE-2020-18458 (Cross Site Request Forgery (CSRF) vulnerability exists in DamiCMS v6.0 ...)
-	TODO: check
+	NOT-FOR-US: DamiCMS
 CVE-2020-18457 (Cross Site Request Forgery (CSRF) vulnerability exists in bycms v1.3.0 ...)
-	TODO: check
+	NOT-FOR-US: bycms
 CVE-2020-18456 (Cross Site Scripting (XSS) vulnerability exists in PbootCMS v1.3.7 via ...)
-	TODO: check
+	NOT-FOR-US: PbootCMS
 CVE-2020-18455 (Cross Site Scripting (XSS) vulnerability exists in bycms v3.0.4 via th ...)
-	TODO: check
+	NOT-FOR-US: bycms
 CVE-2020-18454 (Cross Site Request Forgery (CSRF) vulnerability in bycms v1.3 via admi ...)
-	TODO: check
+	NOT-FOR-US: bycms
 CVE-2020-18453
 	RESERVED
 CVE-2020-18452
 	RESERVED
 CVE-2020-18451 (Cross Site Scripting (XSS) vulnerability exists in DamiCMS v6.0.6 via  ...)
-	TODO: check
+	NOT-FOR-US: DamiCMS
 CVE-2020-18450
 	RESERVED
 CVE-2020-18449 (Cross Site Scripting (XSS) vulnerability exists in UKCMS v1.1.10 via d ...)
-	TODO: check
+	NOT-FOR-US: UKCMS
 CVE-2020-18448
 	RESERVED
 CVE-2020-18447
 	RESERVED
 CVE-2020-18446 (Cross Site Scripting (XSS) vulnerability exists in YUNUCMS 1.1.9 via t ...)
-	TODO: check
+	NOT-FOR-US: YUNUCMS
 CVE-2020-18445 (Cross Site Scripting (XSS) vulnerability exists in YUNUCMS 1.1.9 via t ...)
-	TODO: check
+	NOT-FOR-US: YUNUCMS
 CVE-2020-18444
 	RESERVED
 CVE-2020-18443



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/467f281f27c8db766fbb0e1a77e53440c08c44dd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/467f281f27c8db766fbb0e1a77e53440c08c44dd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210813/2f527946/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list