[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1a78738b by Salvatore Bonaccorso at 2021-12-23T09:43:39+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -488,7 +488,7 @@ CVE-2021-4145 [NULL pointer dereference in mirror_wait_on_conflicts() in block/m
 	NOTE: Introduced by: https://gitlab.com/qemu-project/qemu/-/commit/d44dae1a7cf782ec9235746ebb0e6c1a20dd7288 (v6.1.0-rc0)
 	NOTE: Fixed by: https://gitlab.com/qemu-project/qemu/-/commit/66fed30c9cd11854fc878a4eceb507e915d7c9cd (v6.2.0-rc0)
 CVE-2021-4144 (TP-Link wifi router TL-WR802N V4(JP), with firmware version prior to 2 ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2021-45451 (In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass ...)
 	- mbedtls <undetermined>
 	TODO: check, seems to only affect 3.x branch
@@ -68853,9 +68853,9 @@ CVE-2021-20052
 CVE-2021-20051
 	RESERVED
 CVE-2021-20050 (An Improper Access Control Vulnerability in the SMA100 series leads to ...)
-	TODO: check
+	NOT-FOR-US: SonicWall
 CVE-2021-20049 (A vulnerability in SonicWall SMA100 password change API allows a remot ...)
-	TODO: check
+	NOT-FOR-US: SonicWall
 CVE-2021-20048
 	RESERVED
 CVE-2021-20047 (SonicWall Global VPN client version 4.10.6 (32-bit and 64-bit) and ear ...)
@@ -96123,7 +96123,7 @@ CVE-2020-20607
 CVE-2020-20606
 	RESERVED
 CVE-2020-20605 (Blog CMS v1.0 contains a cross-site scripting (XSS) vulnerability in t ...)
-	TODO: check
+	NOT-FOR-US: Blog CMS
 CVE-2020-20604
 	RESERVED
 CVE-2020-20603
@@ -96131,9 +96131,9 @@ CVE-2020-20603
 CVE-2020-20602
 	RESERVED
 CVE-2020-20601 (An issue in ThinkCMF X2.2.2 and below allows attackers to execute arbi ...)
-	TODO: check
+	NOT-FOR-US: ThinkCMF
 CVE-2020-20600 (MetInfo 7.0 beta contains a stored cross-site scripting (XSS) vulnerab ...)
-	TODO: check
+	NOT-FOR-US: MetInfo
 CVE-2020-20599
 	RESERVED
 CVE-2020-20598 (A cross-site scripting (XSS) vulnerability in the Editing component of ...)
@@ -96143,11 +96143,11 @@ CVE-2020-20597 (A cross-site scripting (XSS) vulnerability in the potrtalItemNam
 CVE-2020-20596
 	RESERVED
 CVE-2020-20595 (A cross-site request forgery (CSRF) in OPMS v1.3 and below allows atta ...)
-	TODO: check
+	NOT-FOR-US: OPMS
 CVE-2020-20594
 	RESERVED
 CVE-2020-20593 (A cross-site request forgery (CSRF) in Rockoa v1.9.8 allows an authent ...)
-	TODO: check
+	NOT-FOR-US: Rockoa
 CVE-2020-20592
 	RESERVED
 CVE-2020-20591
@@ -96514,9 +96514,9 @@ CVE-2020-20428
 CVE-2020-20427
 	RESERVED
 CVE-2020-20426 (S-CMS Government Station Building System v5.0 contains a cross-site sc ...)
-	TODO: check
+	NOT-FOR-US: S-CMS Government Station Building System
 CVE-2020-20425 (S-CMS Government Station Building System v5.0 contains a cross-site sc ...)
-	TODO: check
+	NOT-FOR-US: S-CMS Government Station Building System
 CVE-2020-20424
 	RESERVED
 CVE-2020-20423



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a78738b0d856ab947b0df0fc19c721f2281245e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a78738b0d856ab947b0df0fc19c721f2281245e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211223/871e1915/attachment.htm>