[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Wed Feb 17 09:14:24 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
75a6c828 by Salvatore Bonaccorso at 2021-02-17T10:13:53+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -324,7 +324,7 @@ CVE-2021-27205 (Telegram before 7.4 (212543) Stable on macOS stores the local co
 CVE-2021-27204 (Telegram before 7.4 (212543) Stable on macOS stores the local passcode ...)
 	NOT-FOR-US: Telegram for MacOS
 CVE-2021-27203 (In Dekart Private Disk 2.15, invalid use of the Type3 user buffer for  ...)
-	TODO: check
+	NOT-FOR-US: Dekart Private Disk
 CVE-2021-27202
 	RESERVED
 CVE-2021-XXXX [several security fixes: PHP injections, XSS and secrets stored in session file]
@@ -534,13 +534,13 @@ CVE-2021-3405
 	- libebml <unfixed> (bug #982597)
 	NOTE: https://github.com/Matroska-Org/libebml/issues/74
 CVE-2021-27104 (Accellion FTA 9_12_370 and earlier is affected by OS command execution ...)
-	TODO: check
+	NOT-FOR-US: Accellion FTA
 CVE-2021-27103 (Accellion FTA 9_12_411 and earlier is affected by SSRF via a crafted P ...)
-	TODO: check
+	NOT-FOR-US: Accellion FTA
 CVE-2021-27102 (Accellion FTA 9_12_411 and earlier is affected by OS command execution ...)
-	TODO: check
+	NOT-FOR-US: Accellion FTA
 CVE-2021-27101 (Accellion FTA 9_12_370 and earlier is affected by SQL injection via a  ...)
-	TODO: check
+	NOT-FOR-US: Accellion FTA
 CVE-2021-27100
 	RESERVED
 CVE-2021-27099
@@ -16254,11 +16254,11 @@ CVE-2021-20657
 CVE-2021-20656
 	RESERVED
 CVE-2021-20655 (FileZen (V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2) allows a remote attack ...)
-	TODO: check
+	NOT-FOR-US: FileZen
 CVE-2021-20654 (Wekan, open source kanban board system, between version 3.12 and 4.11, ...)
 	NOT-FOR-US: Wekan
 CVE-2021-20653 (Calsos CSDJ (CSDJ-B 01.08.00 and earlier, CSDJ-H 01.08.00 and earlier, ...)
-	TODO: check
+	NOT-FOR-US: Calsos CSDJ
 CVE-2021-20652 (Cross-site request forgery (CSRF) vulnerability in Name Directory 1.17 ...)
 	NOT-FOR-US: Name Directory
 CVE-2021-20651 (Directory traversal vulnerability in ELECOM File Manager all versions  ...)
@@ -17623,23 +17623,23 @@ CVE-2021-20077
 CVE-2021-20076
 	RESERVED
 CVE-2021-20075 (Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for pr ...)
-	TODO: check
+	NOT-FOR-US: Racom's MIDGE Firmware
 CVE-2021-20074 (Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows users  ...)
-	TODO: check
+	NOT-FOR-US: Racom's MIDGE Firmware
 CVE-2021-20073 (Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for cr ...)
-	TODO: check
+	NOT-FOR-US: Racom's MIDGE Firmware
 CVE-2021-20072 (Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attack ...)
-	TODO: check
+	NOT-FOR-US: Racom's MIDGE Firmware
 CVE-2021-20071 (Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attack ...)
-	TODO: check
+	NOT-FOR-US: Racom's MIDGE Firmware
 CVE-2021-20070 (Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attack ...)
-	TODO: check
+	NOT-FOR-US: Racom's MIDGE Firmware
 CVE-2021-20069 (Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attack ...)
-	TODO: check
+	NOT-FOR-US: Racom's MIDGE Firmware
 CVE-2021-20068 (Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attack ...)
-	TODO: check
+	NOT-FOR-US: Racom's MIDGE Firmware
 CVE-2021-20067 (Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attack ...)
-	TODO: check
+	NOT-FOR-US: Racom's MIDGE Firmware
 CVE-2021-20066 (JSDom improperly allows the loading of local resources, which allows f ...)
 	TODO: check
 CVE-2020-35547 (A library index page in NuPoint Messenger in Mitel MiCollab before 9.2 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75a6c828409c689317205335544f2b1c331f9563

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75a6c828409c689317205335544f2b1c331f9563
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210217/d5407b3c/attachment.html>

More information about the debian-security-tracker-commits mailing list