[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Feb 9 20:03:46 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ae83b332 by Salvatore Bonaccorso at 2021-02-09T21:03:21+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2021-26918 (The ProBot bot through 2021-02-08 for Discord might allow attackers to ...)
-	TODO: check
+	NOT-FOR-US: ProBot bot
 CVE-2021-26917 (** DISPUTED ** PyBitmessage through 0.6.3.2 allows attackers to write  ...)
-	TODO: check
+	NOT-FOR-US: PyBitmessage
 CVE-2021-26916 (In nopCommerce 4.30, a Reflected XSS issue in the Discount Coupon comp ...)
 	NOT-FOR-US: nopCommerce
 CVE-2021-26915 (NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthent ...)
@@ -1620,7 +1620,7 @@ CVE-2021-3295
 CVE-2021-3294 (CASAP Automated Enrollment System 1.0 is affected by cross-site script ...)
 	NOT-FOR-US: CASAP Automated Enrollment System
 CVE-2021-3293 (emlog v5.3.1 has full path disclosure vulnerability in t/index.php, wh ...)
-	TODO: check
+	NOT-FOR-US: emlog
 CVE-2021-3292
 	RESERVED
 CVE-2021-3291 (Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by insp ...)
@@ -1688,11 +1688,11 @@ CVE-2021-26224
 CVE-2021-26223
 	RESERVED
 CVE-2021-26222 (The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB ...)
-	TODO: check
+	NOT-FOR-US: ezXML
 CVE-2021-26221 (The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB ...)
-	TODO: check
+	NOT-FOR-US: ezXML
 CVE-2021-26220 (The ezxml_toxml function in ezxml 0.8.6 and earlier is vulnerable to O ...)
-	TODO: check
+	NOT-FOR-US: ezXML
 CVE-2021-26219
 	RESERVED
 CVE-2021-26218



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ae83b332d78707da65ef6ef9045c53fd263fd36f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ae83b332d78707da65ef6ef9045c53fd263fd36f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210209/2b52e240/attachment.html>

More information about the debian-security-tracker-commits mailing list