[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Feb 18 09:25:13 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fcab3ed7 by Salvatore Bonaccorso at 2021-02-18T10:24:54+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,7 +7,7 @@ CVE-2021-27376 (An issue was discovered in the nb-connect crate before 1.0.3 for
 CVE-2021-27375 (Traefik 2.4.3 allows the loading of IFRAME elements from other domains ...)
 	TODO: check
 CVE-2021-27374 (VertiGIS WebOffice 10.7 SP1 before patch20210202 and 10.8 SP1 before p ...)
-	TODO: check
+	NOT-FOR-US: VertiGIS WebOffice
 CVE-2021-27373
 	RESERVED
 CVE-2021-27372
@@ -525,7 +525,7 @@ CVE-2021-27126
 CVE-2021-27125
 	RESERVED
 CVE-2021-27124 (SQL injection in the expertise parameter in search_result.php in Docto ...)
-	TODO: check
+	NOT-FOR-US: Doctor Appointment System
 CVE-2021-27123
 	RESERVED
 CVE-2021-27122
@@ -1542,7 +1542,7 @@ CVE-2021-3398
 CVE-2021-3397
 	RESERVED
 CVE-2021-3396 (OpenNMS Meridian 2016, 2017, 2018 before 2018.1.25, 2019 before 2019.1 ...)
-	TODO: check
+	NOT-FOR-US: OpenNMS
 CVE-2021-26676 (gdhcp in ConnMan before 1.39 could be used by network-adjacent attacke ...)
 	{DSA-4847-1 DLA-2552-1}
 	- connman 1.36-2.1
@@ -33614,7 +33614,7 @@ CVE-2020-25607
 CVE-2020-25606 (The AWV component of Mitel MiCollab before 9.2 could allow an attacker ...)
 	NOT-FOR-US: Mitel
 CVE-2020-25605 (Cleartext transmission of sensitive information in Agora Video SDK pri ...)
-	TODO: check
+	NOT-FOR-US: Agora Video SDK
 CVE-2020-25604 (An issue was discovered in Xen through 4.14.x. There is a race conditi ...)
 	{DSA-4769-1}
 	- xen 4.14.0+80-gd101b417b7-1
@@ -62040,7 +62040,7 @@ CVE-2020-12880 (An issue was discovered in Pulse Policy Secure (PPS) and Pulse C
 CVE-2020-12879
 	RESERVED
 CVE-2020-12878 (Digi ConnectPort X2e before 3.2.30.6 allows an attacker to escalate pr ...)
-	TODO: check
+	NOT-FOR-US: Digi ConnectPort X2e
 CVE-2020-12877 (Veritas APTARE versions prior to 10.4 allowed sensitive information to ...)
 	NOT-FOR-US: Veritas
 CVE-2020-12876 (Veritas APTARE versions prior to 10.4 allowed remote users to access s ...)
@@ -72877,7 +72877,7 @@ CVE-2020-9308 (archive_read_support_format_rar5.c in libarchive before 3.4.2 att
 CVE-2020-9307 (Hirschmann OS2, RSP, and RSPE devices before HiOS 08.3.00 allow a deni ...)
 	NOT-FOR-US: Hirschmann OS2, RSP, and RSPE devices
 CVE-2020-9306 (Tesla SolarCity Solar Monitoring Gateway through 5.46.43 has a "Use of ...)
-	TODO: check
+	NOT-FOR-US: Tesla SolarCity Solar Monitoring Gateway
 CVE-2020-9305
 	RESERVED
 CVE-2020-9304
@@ -76620,7 +76620,7 @@ CVE-2020-7850
 CVE-2020-7849 (A vulnerability of uPrism.io CURIX(Video conferecing solution) could a ...)
 	TODO: check
 CVE-2020-7848 (The EFM ipTIME C200 IP Camera is affected by a Command Injection vulne ...)
-	TODO: check
+	NOT-FOR-US: EFM ipTIME C200 IP Camera
 CVE-2020-7847
 	RESERVED
 CVE-2020-7846



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fcab3ed706d9ba08fb117030875ebaa66d96b75b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fcab3ed706d9ba08fb117030875ebaa66d96b75b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210218/17941f45/attachment.html>

More information about the debian-security-tracker-commits mailing list