[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Aug 20 19:53:03 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8333a438 by Salvatore Bonaccorso at 2021-08-20T20:52:09+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3828,9 +3828,9 @@ CVE-2021-37600 (An integer overflow in util-linux through 2.37.1 can potentially
 	NOTE: https://github.com/karelzak/util-linux/issues/1395
 	NOTE: https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
 CVE-2021-37598 (WP Cerber before 8.9.3 allows bypass of /wp-json access control via a  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-37597 (WP Cerber before 8.9.3 allows MFA bypass via wordpress_logged_in_[hash ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-37596 (Telegram Web K Alpha 0.6.1 allows XSS via a document name. ...)
 	NOT-FOR-US: Telegram Web K Alpha
 CVE-2021-37595 (In FreeRDP before 2.4.0 on Windows, wf_cliprdr_server_file_contents_re ...)
@@ -25874,7 +25874,7 @@ CVE-2021-28492 (Unisys Stealth (core) 5.x before 5.0.048.0, 5.1.x before 5.1.017
 CVE-2021-28491
 	RESERVED
 CVE-2021-28490 (In OWASP CSRFGuard through 3.1.0, CSRF can occur because the CSRF cook ...)
-	TODO: check
+	NOT-FOR-US: OWASP CSRFGuard
 CVE-2021-28489
 	RESERVED
 CVE-2021-28488
@@ -27098,7 +27098,7 @@ CVE-2021-28004
 CVE-2021-28003
 	RESERVED
 CVE-2021-28002 (A persistent cross-site scripting vulnerability was discovered in the  ...)
-	TODO: check
+	NOT-FOR-US: Textpattern CMS
 CVE-2021-28001 (A cross-site scripting vulnerability was discovered in the Comments pa ...)
 	NOT-FOR-US: Textpattern CMS
 CVE-2021-28000 (A persistent cross-site scripting vulnerability was discovered in Loca ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8333a4386294b6b0963a2ba9d8bdd36a62835e55

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8333a4386294b6b0963a2ba9d8bdd36a62835e55
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210820/a183ab84/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list