[Git][security-tracker-team/security-tracker][master] Progress some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Dec 26 20:15:27 GMT 2021



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0d2e052e by Salvatore Bonaccorso at 2021-12-26T21:14:45+01:00
Progress some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -383,11 +383,11 @@ CVE-2021-45493 (Certain NETGEAR devices are affected by disclosure of administra
 CVE-2021-4170
 	RESERVED
 CVE-2021-4169 (livehelperchat is vulnerable to Improper Neutralization of Input Durin ...)
-	TODO: check
+	NOT-FOR-US: livehelperchat
 CVE-2021-45492
 	RESERVED
 CVE-2021-4168 (showdoc is vulnerable to Cross-Site Request Forgery (CSRF) ...)
-	TODO: check
+	NOT-FOR-US: showdoc
 CVE-2021-45491
 	RESERVED
 CVE-2021-45490
@@ -448,7 +448,7 @@ CVE-2021-4164
 CVE-2021-4163
 	RESERVED
 CVE-2021-4162 (archivy is vulnerable to Cross-Site Request Forgery (CSRF) ...)
-	TODO: check
+	NOT-FOR-US: archivy
 CVE-2021-45474 (In MediaWiki through 1.37, the Special:ImportFile URI (aka FileImporte ...)
 	NOT-FOR-US: FileImporter MediaWiki extension
 	NOTE: https://gerrit.wikimedia.org/r/q/Id1c8910aeac5b452fbabeddab70360765518223e
@@ -3658,7 +3658,7 @@ CVE-2021-44600 (The password parameter on Simple Online Mens Salon Management Sy
 CVE-2021-44599 (The id parameter from Online Enrollment Management System 1.0 system a ...)
 	NOT-FOR-US: Online Enrollment Management System
 CVE-2021-44598 (Attendance Management System 1.0 is affected by a Cross Site Scripting ...)
-	TODO: check
+	NOT-FOR-US: Attendance Management System
 CVE-2021-44597
 	RESERVED
 CVE-2021-44596
@@ -5159,7 +5159,7 @@ CVE-2021-3993 (showdoc is vulnerable to Cross-Site Request Forgery (CSRF) ...)
 CVE-2021-3992 (kimai2 is vulnerable to Improper Access Control ...)
 	NOT-FOR-US: kimai2
 CVE-2021-44078 (An issue was discovered in split_region in uc.c in Unicorn Engine befo ...)
-	TODO: check
+	NOT-FOR-US: Unicorn Engine
 CVE-2021-44077 (Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP  ...)
 	NOT-FOR-US: Zoho ManageEngine
 CVE-2021-3991
@@ -5324,7 +5324,7 @@ CVE-2021-44019 (An unnecessary privilege vulnerability in Trend Micro Worry-Free
 CVE-2021-3978
 	RESERVED
 CVE-2021-3977 (invoiceninja is vulnerable to Improper Neutralization of Input During  ...)
-	TODO: check
+	NOT-FOR-US: invoiceninja
 CVE-2021-44018
 	RESERVED
 CVE-2021-44017 (A vulnerability has been identified in JT2Go (All versions < V13.2. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d2e052efcbe1f72829fa700ef33112100b2055c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d2e052efcbe1f72829fa700ef33112100b2055c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211226/18c147b1/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list