[Git][security-tracker-team/security-tracker][master] Progress some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Dec 26 20:15:27 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0d2e052e by Salvatore Bonaccorso at 2021-12-26T21:14:45+01:00
Progress some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -383,11 +383,11 @@ CVE-2021-45493 (Certain NETGEAR devices are affected by disclosure of administra
CVE-2021-4170
RESERVED
CVE-2021-4169 (livehelperchat is vulnerable to Improper Neutralization of Input Durin ...)
- TODO: check
+ NOT-FOR-US: livehelperchat
CVE-2021-45492
RESERVED
CVE-2021-4168 (showdoc is vulnerable to Cross-Site Request Forgery (CSRF) ...)
- TODO: check
+ NOT-FOR-US: showdoc
CVE-2021-45491
RESERVED
CVE-2021-45490
@@ -448,7 +448,7 @@ CVE-2021-4164
CVE-2021-4163
RESERVED
CVE-2021-4162 (archivy is vulnerable to Cross-Site Request Forgery (CSRF) ...)
- TODO: check
+ NOT-FOR-US: archivy
CVE-2021-45474 (In MediaWiki through 1.37, the Special:ImportFile URI (aka FileImporte ...)
NOT-FOR-US: FileImporter MediaWiki extension
NOTE: https://gerrit.wikimedia.org/r/q/Id1c8910aeac5b452fbabeddab70360765518223e
@@ -3658,7 +3658,7 @@ CVE-2021-44600 (The password parameter on Simple Online Mens Salon Management Sy
CVE-2021-44599 (The id parameter from Online Enrollment Management System 1.0 system a ...)
NOT-FOR-US: Online Enrollment Management System
CVE-2021-44598 (Attendance Management System 1.0 is affected by a Cross Site Scripting ...)
- TODO: check
+ NOT-FOR-US: Attendance Management System
CVE-2021-44597
RESERVED
CVE-2021-44596
@@ -5159,7 +5159,7 @@ CVE-2021-3993 (showdoc is vulnerable to Cross-Site Request Forgery (CSRF) ...)
CVE-2021-3992 (kimai2 is vulnerable to Improper Access Control ...)
NOT-FOR-US: kimai2
CVE-2021-44078 (An issue was discovered in split_region in uc.c in Unicorn Engine befo ...)
- TODO: check
+ NOT-FOR-US: Unicorn Engine
CVE-2021-44077 (Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP ...)
NOT-FOR-US: Zoho ManageEngine
CVE-2021-3991
@@ -5324,7 +5324,7 @@ CVE-2021-44019 (An unnecessary privilege vulnerability in Trend Micro Worry-Free
CVE-2021-3978
RESERVED
CVE-2021-3977 (invoiceninja is vulnerable to Improper Neutralization of Input During ...)
- TODO: check
+ NOT-FOR-US: invoiceninja
CVE-2021-44018
RESERVED
CVE-2021-44017 (A vulnerability has been identified in JT2Go (All versions < V13.2. ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d2e052efcbe1f72829fa700ef33112100b2055c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d2e052efcbe1f72829fa700ef33112100b2055c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211226/18c147b1/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list