[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
11b03ace by Salvatore Bonaccorso at 2021-01-11T09:44:26+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2021-3120
 CVE-2021-3119
 	RESERVED
 CVE-2021-3118 (** UNSUPPORTED WHEN ASSIGNED ** EVOLUCARE ECSIMAGING (aka ECS Imaging) ...)
-	TODO: check
+	NOT-FOR-US: EVOLUCARE ECSIMAGING (aka ECS Imaging)
 CVE-2021-3117
 	RESERVED
 CVE-2021-3116 (before_upstream_connection in AuthPlugin in http/proxy/auth.py in prox ...)
@@ -5913,23 +5913,23 @@ CVE-2020-35728 (FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the in
 	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
 	NOTE: but still an issue when Default Typing is enabled.
 CVE-2020-35727 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy Authorit ...)
-	TODO: check
+	NOT-FOR-US: Quest Policy Authority
 CVE-2020-35726 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy Authorit ...)
-	TODO: check
+	NOT-FOR-US: Quest Policy Authority
 CVE-2020-35725 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy Authorit ...)
-	TODO: check
+	NOT-FOR-US: Quest Policy Authority
 CVE-2020-35724 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy Authorit ...)
-	TODO: check
+	NOT-FOR-US: Quest Policy Authority
 CVE-2020-35723 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy Authorit ...)
-	TODO: check
+	NOT-FOR-US: Quest Policy Authority
 CVE-2020-35722 (** UNSUPPORTED WHEN ASSIGNED ** CSRF in Web Compliance Manager in Ques ...)
-	TODO: check
+	NOT-FOR-US: Quest Policy Authority
 CVE-2020-35721 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy Authorit ...)
-	TODO: check
+	NOT-FOR-US: Quest Policy Authority
 CVE-2020-35720 (** UNSUPPORTED WHEN ASSIGNED ** Stored XSS in Quest Policy Authority 8 ...)
-	TODO: check
+	NOT-FOR-US: Quest Policy Authority
 CVE-2020-35719 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy Authorit ...)
-	TODO: check
+	NOT-FOR-US: Quest Policy Authority
 CVE-2020-35718
 	RESERVED
 CVE-2020-35717 (zonote through 0.4.0 allows XSS via a crafted note, with resultant Rem ...)
@@ -9979,13 +9979,13 @@ CVE-2020-35208 (** DISPUTED ** An issue was discovered in the LogMein LastPass P
 CVE-2020-35207 (** DISPUTED ** An issue was discovered in the LogMein LastPass Passwor ...)
 	NOT-FOR-US: LogMein LastPass Password Manager (aka com.lastpass.ilastpass) app for iOS
 CVE-2020-35206 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Web Compliance Manage ...)
-	TODO: check
+	NOT-FOR-US: Quest Policy Authority
 CVE-2020-35205 (** UNSUPPORTED WHEN ASSIGNED ** Server Side Request Forgery (SSRF) in  ...)
-	TODO: check
+	NOT-FOR-US: Quest Policy Authority
 CVE-2020-35204 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Quest Policy Authorit ...)
-	TODO: check
+	NOT-FOR-US: Quest Policy Authority
 CVE-2020-35203 (** UNSUPPORTED WHEN ASSIGNED ** Reflected XSS in Web Compliance Manage ...)
-	TODO: check
+	NOT-FOR-US: Quest Policy Authority
 CVE-2020-35202 (Ignite Realtime Openfire 4.6.0 has plugins/dbaccess/db-access.jsp sql  ...)
 	NOT-FOR-US: Ignite Realtime Openfire
 CVE-2020-35201 (Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp users Stored XS ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11b03ace6576155cf83ce6596944e14c9d0c8435

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/11b03ace6576155cf83ce6596944e14c9d0c8435
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210111/b6907cc9/attachment.html>