[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
97a25c68 by Salvatore Bonaccorso at 2021-01-06T21:18:01+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,21 +7,21 @@ CVE-2021-22696
 CVE-2020-36177 (RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-o ...)
 	TODO: check
 CVE-2020-36176 (The iThemes Security (formerly Better WP Security) plugin before 7.7.0 ...)
-	TODO: check
+	NOT-FOR-US: iThemes Security (formerly Better WP Security) plugin for WordPress
 CVE-2020-36175 (The Ninja Forms plugin before 3.4.27.1 for WordPress allows attackers  ...)
-	TODO: check
+	NOT-FOR-US: Ninja Forms plugin for WordPress
 CVE-2020-36174 (The Ninja Forms plugin before 3.4.27.1 for WordPress allows CSRF via s ...)
-	TODO: check
+	NOT-FOR-US: Ninja Forms plugin for WordPress
 CVE-2020-36173 (The Ninja Forms plugin before 3.4.28 for WordPress lacks escaping for  ...)
-	TODO: check
+	NOT-FOR-US: Ninja Forms plugin for WordPress
 CVE-2020-36172 (The Advanced Custom Fields plugin before 5.8.12 for WordPress mishandl ...)
-	TODO: check
+	NOT-FOR-US: Advanced Custom Fields plugin for WordPress
 CVE-2020-36171 (The Elementor Website Builder plugin before 3.0.14 for WordPress does  ...)
-	TODO: check
+	NOT-FOR-US: Elementor Website Builder plugin for WordPress
 CVE-2020-36170 (The Ultimate Member plugin before 2.1.13 for WordPress mishandles hidd ...)
-	TODO: check
+	NOT-FOR-US: Ultimate Member plugin for WordPress
 CVE-2012-10001 (The Limit Login Attempts plugin before 1.7.1 for WordPress does not cl ...)
-	TODO: check
+	NOT-FOR-US: Limit Login Attempts plugin for WordPress
 CVE-2021-3027
 	RESERVED
 CVE-2021-3026 (Invision Community IPS Community Suite before 4.5.4.2 allows XSS durin ...)
@@ -74188,7 +74188,7 @@ CVE-2020-4338 (IBM MQ 9.1.4 could allow a local attacker to obtain sensitive inf
 CVE-2020-4337 (IBM API Connect 2018.4.1.0 through 2018.4.1.12 could allow an attacker ...)
 	NOT-FOR-US: IBM
 CVE-2020-4336 (IBM WebSphere eXtreme Scale 8.6.1 stores sensitive information in URL  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4335
 	RESERVED
 CVE-2020-4334



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97a25c68b944a96917c0eba438fb90bb1341385c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97a25c68b944a96917c0eba438fb90bb1341385c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210106/a2569b47/attachment.html>