[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
47f3a73a by Salvatore Bonaccorso at 2021-01-21T21:27:04+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1104,7 +1104,7 @@ CVE-2021-3154
 CVE-2021-3153
 	RESERVED
 CVE-2021-3152 (Home Assistant before 2021.1.3 allows attackers to obtain sensitive in ...)
-	TODO: check
+	NOT-FOR-US: Home Assistant
 CVE-2021-3151
 	RESERVED
 CVE-2021-3150
@@ -8323,7 +8323,7 @@ CVE-2021-21725
 CVE-2021-21724
 	RESERVED
 CVE-2021-21723 (Some ZTE products have a DoS vulnerability. Due to the improper handli ...)
-	TODO: check
+	NOT-FOR-US: ZTE
 CVE-2021-21722 (A ZTE Smart STB is impacted by an information leak vulnerability. The  ...)
 	NOT-FOR-US: ZTE
 CVE-2021-21721
@@ -10479,7 +10479,7 @@ CVE-2021-21255
 CVE-2021-21254
 	RESERVED
 CVE-2021-21253 (OnlineVotingSystem is an open source project hosted on GitHub. OnlineV ...)
-	TODO: check
+	NOT-FOR-US: OnlineVotingSystem
 CVE-2021-21252 (The jQuery Validation Plugin provides drop-in validation for your exis ...)
 	- phpmyadmin <unfixed>
 	NOTE: https://github.com/jquery-validation/jquery-validation/security/advisories/GHSA-jxwx-85vp-gvwm
@@ -13854,9 +13854,9 @@ CVE-2020-35312
 CVE-2020-35311
 	RESERVED
 CVE-2020-35310 (Composr CMS 10.0.34 is affected by cross-site scripting (XSS) which al ...)
-	TODO: check
+	NOT-FOR-US: Composr CMS
 CVE-2020-35309 (Bakeshop Online Ordering System in PHP/MySQLi 1.0 is affected by cross ...)
-	TODO: check
+	NOT-FOR-US: Bakeshop Online Ordering System in PHP/MySQLi
 CVE-2020-35308
 	RESERVED
 CVE-2020-35307
@@ -17106,7 +17106,7 @@ CVE-2020-29243 (dhowden tag before 2020-11-19 allows "panic: runtime error: inde
 CVE-2020-29242 (dhowden tag before 2020-11-19 allows "panic: runtime error: index out  ...)
 	NOT-FOR-US: dhowden tag
 CVE-2020-29241 (Online News Portal using PHP/MySQLi 1.0 is affected by cross-site scri ...)
-	TODO: check
+	NOT-FOR-US: Online News Portal using PHP/MySQLi
 CVE-2020-29240 (Lepton-CMS 4.7.0 is affected by cross-site scripting (XSS). An attacke ...)
 	NOT-FOR-US: Lepton-CMS
 CVE-2020-29239 (Online Birth Certificate System Project V 1.0 is affected by cross-sit ...)
@@ -32317,7 +32317,7 @@ CVE-2020-24087
 CVE-2020-24086
 	RESERVED
 CVE-2020-24085 (A cross-site scripting (XSS) vulnerability exists in MISP v2.4.128 in  ...)
-	TODO: check
+	NOT-FOR-US: MISP
 CVE-2020-24084
 	RESERVED
 CVE-2020-24083
@@ -35204,7 +35204,7 @@ CVE-2020-22645
 CVE-2020-22644
 	RESERVED
 CVE-2020-22643 (Feehi CMS 2.1.0 is affected by an arbitrary file upload vulnerability, ...)
-	TODO: check
+	NOT-FOR-US: Feehi CMS
 CVE-2020-22642
 	RESERVED
 CVE-2020-22641
@@ -52153,7 +52153,7 @@ CVE-2020-14758 (Vulnerability in the Oracle Solaris product of Oracle Systems (c
 CVE-2020-14757 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
 	NOT-FOR-US: Oracle
 CVE-2020-14756 (Vulnerability in the Oracle Coherence product of Oracle Fusion Middlew ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2020-14755
 	RESERVED
 CVE-2020-14754 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/47f3a73a35eff9c04a0c0c28514a8397f7e0481e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/47f3a73a35eff9c04a0c0c28514a8397f7e0481e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210121/f116c77b/attachment.html>