[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b62426e0 by Salvatore Bonaccorso at 2021-02-24T09:30:40+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4182,7 +4182,7 @@ CVE-2021-3254
 CVE-2021-3253
 	RESERVED
 CVE-2021-3252 (KACO New Energy XP100U Up to XP-JAVA 2.0 is affected by incorrect acce ...)
-	TODO: check
+	NOT-FOR-US: KACO New Energy XP100U Up to XP-JAVA
 CVE-2021-3251
 	RESERVED
 CVE-2021-3250
@@ -10731,7 +10731,7 @@ CVE-2021-22883
 	[stretch] - nodejs <ignored> (Nodejs in stretch not covered by security support)
 	NOTE: https://nodejs.org/en/blog/vulnerability/february-2021-security-releases/
 CVE-2021-22882 (UniFi Protect before v1.17.1 allows an attacker to use spoofed cameras ...)
-	TODO: check
+	NOT-FOR-US: UniFi Protect
 CVE-2021-22881 (The Host Authorization middleware in Action Pack before 6.1.2.1, 6.0.3 ...)
 	- rails 2:6.0.3.5+dfsg-1
 	[stretch] - rails <not-affected> (host_authorization.rb added later)
@@ -11357,7 +11357,7 @@ CVE-2021-22653 (Multiple out-of-bounds write issues have been identified in the
 CVE-2021-22652 (Access to the Advantech iView versions prior to v5.7.03.6112 configura ...)
 	NOT-FOR-US: Advantech iView
 CVE-2021-22651 (When loading a specially crafted file, Luxion KeyShot versions prior t ...)
-	TODO: check
+	NOT-FOR-US: Luxion
 CVE-2021-22650
 	RESERVED
 CVE-2021-22649 (Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions  ...)
@@ -16953,19 +16953,19 @@ CVE-2021-20664
 CVE-2021-20663
 	RESERVED
 CVE-2021-20662 (Missing authentication for critical function in SolarView Compact SV-C ...)
-	TODO: check
+	NOT-FOR-US: SolarView Compact
 CVE-2021-20661 (Directory traversal vulnerability in SolarView Compact SV-CPT-MC310 pr ...)
-	TODO: check
+	NOT-FOR-US: SolarView Compact
 CVE-2021-20660 (Cross-site scripting vulnerability in SolarView Compact SV-CPT-MC310 p ...)
-	TODO: check
+	NOT-FOR-US: SolarView Compact
 CVE-2021-20659 (SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an authenticate ...)
-	TODO: check
+	NOT-FOR-US: SolarView Compact
 CVE-2021-20658 (SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to  ...)
-	TODO: check
+	NOT-FOR-US: SolarView Compact
 CVE-2021-20657 (Improper access control vulnerability in SolarView Compact SV-CPT-MC31 ...)
-	TODO: check
+	NOT-FOR-US: SolarView Compact
 CVE-2021-20656 (Exposure of information through directory listing in SolarView Compact ...)
-	TODO: check
+	NOT-FOR-US: SolarView Compact
 CVE-2021-20655 (FileZen (V3.0.0 to V4.2.7 and V5.0.0 to V5.0.2) allows a remote attack ...)
 	NOT-FOR-US: FileZen
 CVE-2021-20654 (Wekan, open source kanban board system, between version 3.12 and 4.11, ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b62426e0b866f2056a1e5f57ee27727417e90087

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b62426e0b866f2056a1e5f57ee27727417e90087
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210224/d97e185f/attachment.htm>