[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Jan 28 20:20:14 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0d191180 by Salvatore Bonaccorso at 2021-01-28T21:19:57+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -61,7 +61,7 @@ CVE-2021-26278
 CVE-2021-26277
 	RESERVED
 CVE-2021-26276 (** DISPUTED ** scripts/cli.js in the GoDaddy node-config-shield (aka C ...)
-	TODO: check
+	NOT-FOR-US: GoDaddy node-config-shield
 CVE-2021-26275
 	RESERVED
 CVE-2020-36240
@@ -1724,7 +1724,7 @@ CVE-2021-25649
 CVE-2021-25648
 	RESERVED
 CVE-2021-25647 (Mobile application "Testes de Codigo" v11.3 and prior allows stored XS ...)
-	TODO: check
+	NOT-FOR-US: Mobile application "Testes de Codigo"
 CVE-2021-25646
 	RESERVED
 CVE-2019-25014
@@ -7569,9 +7569,9 @@ CVE-2021-22877
 CVE-2021-22876
 	RESERVED
 CVE-2021-22875 (Revive Adserver before 5.1.1 is vulnerable to a reflected XSS vulnerab ...)
-	TODO: check
+	NOT-FOR-US: Revive Adserver
 CVE-2021-22874 (Revive Adserver before 5.1.1 is vulnerable to a reflected XSS vulnerab ...)
-	TODO: check
+	NOT-FOR-US: Revive Adserver
 CVE-2021-22873 (Revive Adserver before 5.1.0 is vulnerable to open redirects via the ` ...)
 	NOT-FOR-US: Revive Adserver
 CVE-2021-22872 (Revive Adserver before 5.1.0 is vulnerable to a reflected cross-site s ...)
@@ -13738,11 +13738,11 @@ CVE-2021-20624
 CVE-2021-20623
 	RESERVED
 CVE-2021-20622 (Cross-site scripting vulnerability in Aterm WG2600HP firmware Ver1.0.2 ...)
-	TODO: check
+	NOT-FOR-US: Aterm WG2600HP firmware
 CVE-2021-20621 (Cross-site request forgery (CSRF) vulnerability in Aterm WG2600HP firm ...)
-	TODO: check
+	NOT-FOR-US: Aterm WG2600HP firmware
 CVE-2021-20620 (Cross-site scripting vulnerability in Aterm WF800HP firmware Ver1.0.9  ...)
-	TODO: check
+	NOT-FOR-US: Aterm WF800HP firmware
 CVE-2021-20619 (Cross-site scripting vulnerability in GROWI (v4.2 Series) versions pri ...)
 	NOT-FOR-US: GROWI
 CVE-2021-20618 (Privilege chaining vulnerability in acmailer ver. 4.0.2 and earlier, a ...)
@@ -16012,7 +16012,7 @@ CVE-2020-35126 (** DISPUTED ** Typesetter CMS 5.x through 5.1 allows admins to c
 CVE-2020-35125
 	RESERVED
 CVE-2020-35124 (A cross-site scripting (XSS) vulnerability in the assets component of  ...)
-	TODO: check
+	NOT-FOR-US: Mautic
 CVE-2020-35123 (In Zimbra Collaboration Suite Network Edition versions < 9.0.0 P10  ...)
 	NOT-FOR-US: Zimbra Collaboration Suite (ZCS)
 CVE-2020-35122 (An issue was discovered in the Keysight Database Connector plugin befo ...)
@@ -34732,11 +34732,11 @@ CVE-2020-23778
 CVE-2020-23777
 	RESERVED
 CVE-2020-23776 (A SSRF vulnerability exists in Winmail 6.5 in app.php in the key param ...)
-	TODO: check
+	NOT-FOR-US: Winmail
 CVE-2020-23775
 	RESERVED
 CVE-2020-23774 (A reflected XSS vulnerability exists in tohtml/convert.php of Winmail  ...)
-	TODO: check
+	NOT-FOR-US: Winmail
 CVE-2020-23773
 	RESERVED
 CVE-2020-23772
@@ -81401,7 +81401,7 @@ CVE-2020-4890
 CVE-2020-4889 (IBM Spectrum Scale 5.0.0 through 5.0.5.4 and 5.1.0 could allow a local ...)
 	NOT-FOR-US: IBM
 CVE-2020-4888 (IBM QRadar SIEM 7.4.0 to 7.4.2 Patch 1 and 7.3.0 to 7.3.3 Patch 7 coul ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4887 (IBM AIX 7.1, 7.2 and AIX VIOS 3.1 could allow a local user to exploit  ...)
 	NOT-FOR-US: IBM
 CVE-2020-4886 (IBM InfoSphere Information Server 11.7 stores sensitive information in ...)
@@ -81816,7 +81816,7 @@ CVE-2020-4684
 CVE-2020-4683
 	RESERVED
 CVE-2020-4682 (IBM MQ 7.5, 8.0, 9.0, 9.1, 9.2 LTS, and 9.2 CD could allow a remote at ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2020-4681 (IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This ...)
 	NOT-FOR-US: IBM
 CVE-2020-4680 (IBM Security Guardium 11.2 is vulnerable to cross-site scripting. This ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d1911802f52b2b552fa14f6b7927d963f7bd245

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d1911802f52b2b552fa14f6b7927d963f7bd245
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210128/4d97ff6c/attachment.html>

More information about the debian-security-tracker-commits mailing list