[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Aug 30 09:45:02 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0668046e by Salvatore Bonaccorso at 2021-08-30T10:44:39+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -281,19 +281,19 @@ CVE-2021-40180
CVE-2021-40179
RESERVED
CVE-2021-40178 (Zoho ManageEngine Log360 before Build 5224 allows stored XSS via the L ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-40177 (Zoho ManageEngine Log360 before Build 5225 allows remote code executio ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-40176 (Zoho ManageEngine Log360 before Build 5225 allows stored XSS. ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-40175 (Zoho ManageEngine Log360 before Build 5219 allows unrestricted file up ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-40174 (Zoho ManageEngine Log360 before Build 5224 allows a CSRF attack for di ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-40173 (Zoho ManageEngine Cloud Security Plus before Build 4117 allows a CSRF ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-40172 (Zoho ManageEngine Log360 before Build 5219 allows a CSRF attack on pro ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-40171
RESERVED
CVE-2021-40170
@@ -2250,7 +2250,7 @@ CVE-2021-39272 (Fetchmail before 6.4.22 fails to enforce STARTTLS session encryp
[stretch] - fetchmail <no-dsa> (Minor issue; safe recommendations exists, implicit TLS, "ssl" mode exist)
NOTE: https://www.fetchmail.info/fetchmail-SA-2021-02.txt
CVE-2021-39271 (OrbiTeam BSCW Classic before 7.4.3 allows authenticated remote code ex ...)
- TODO: check
+ NOT-FOR-US: OrbiTeam BSCW Classic
CVE-2021-39270 (In Ping Identity RSA SecurID Integration Kit before 3.2, user imperson ...)
NOT-FOR-US: Ping Identity RSA SecurID Integration Kit
CVE-2021-39269
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0668046eb677836515e67a2f12695207a39b3a48
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0668046eb677836515e67a2f12695207a39b3a48
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210830/6b49d06c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list