[Git][security-tracker-team/security-tracker][master] Process some NFUs

Mon Aug 16 21:16:25 BST 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6c5efd19 by Salvatore Bonaccorso at 2021-08-16T22:14:58+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -703,21 +703,21 @@ CVE-2021-38760
 CVE-2021-38759
 	RESERVED
 CVE-2021-38758 (Directory traversal in Online Catering Reservation System due to lack  ...)
-	TODO: check
+	NOT-FOR-US: Directory traversal in Online Catering Reservation System
 CVE-2021-38757 (Persistent cross-site scripting (XSS) in Hospital Management System ta ...)
-	TODO: check
+	NOT-FOR-US: Hospital Management System
 CVE-2021-38756 (Persistent cross-site scripting (XSS) in Hospital Management System ta ...)
-	TODO: check
+	NOT-FOR-US: Hospital Management System
 CVE-2021-38755 (Unauthenticated doctor entry deletion in Hospital Management System in ...)
-	TODO: check
+	NOT-FOR-US: Hospital Management System
 CVE-2021-38754 (SQL Injection vulnerability in Hospital Management System due to lack  ...)
-	TODO: check
+	NOT-FOR-US: Hospital Management System
 CVE-2021-38753 (An unrestricted file upload on Simple Image Gallery Web App can be exp ...)
-	TODO: check
+	NOT-FOR-US: Simple Image Gallery Web App
 CVE-2021-38752 (A cross-site scripting (XSS) vulnerability in Online Catering Reservat ...)
-	TODO: check
+	NOT-FOR-US: Online Catering Reservation System
 CVE-2021-38751 (A HTTP Host header attack exists in ExponentCMS 2.6 and below in /expo ...)
-	TODO: check
+	NOT-FOR-US: ExponentCMS
 CVE-2021-38750
 	RESERVED
 CVE-2021-38749
@@ -1024,9 +1024,9 @@ CVE-2021-38610
 CVE-2021-38609
 	RESERVED
 CVE-2021-38608 (Incorrect Access Control in Tranquil WAPT Enterprise - before 1.8.2.73 ...)
-	TODO: check
+	NOT-FOR-US: Tranquil WAPT Enterprise
 CVE-2021-38607 (Crocoblock JetEngine before 2.6.1 allows XSS by remote authenticated u ...)
-	TODO: check
+	NOT-FOR-US: Crocoblock JetEngine
 CVE-2021-38606 (reNgine through 0.5 relies on a predictable directory name. ...)
 	NOT-FOR-US: reNgine
 CVE-2021-38605
@@ -1663,7 +1663,7 @@ CVE-2021-38317
 CVE-2021-38316
 	RESERVED
 CVE-2021-38315 (The SP Project & Document Manager WordPress plugin is vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-38314
 	RESERVED
 CVE-2021-38313



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c5efd1926d5424a7bd947b0432227cce60a67f6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c5efd1926d5424a7bd947b0432227cce60a67f6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210816/56587486/attachment.htm>
