[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Fri Jan 29 08:23:01 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
30e1cfce by Salvatore Bonaccorso at 2021-01-29T09:22:26+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11,7 +11,7 @@ CVE-2021-3339
 CVE-2021-3338
 	RESERVED
 CVE-2021-3337 (The Hide-Thread-Content plugin through 2021-01-27 for MyBB allows remo ...)
-	TODO: check
+	NOT-FOR-US: MyBB
 CVE-2021-3336 (DoTls13CertificateVerify in tls13.c in wolfSSL through 4.6.0 does not  ...)
 	- wolfssl <unfixed>
 	NOTE: https://github.com/wolfSSL/wolfssl/pull/3676
@@ -24,9 +24,9 @@ CVE-2021-26306 (An issue was discovered in the raw-cpuid crate before 9.0.0 for
 CVE-2021-26305 (An issue was discovered in Deserializer::read_vec in the cdr crate bef ...)
 	TODO: check
 CVE-2021-26304 (PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XS ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul Daily Expense Tracker System
 CVE-2021-26303 (PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XS ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul Daily Expense Tracker System
 CVE-2021-26302
 	RESERVED
 CVE-2021-26301
@@ -2504,7 +2504,7 @@ CVE-2021-3177 (Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in
 	NOTE: https://github.com/python/cpython/commit/d9b8f138b7df3b455b54653ca59f491b4840d6fa (3.7)
 	NOTE: https://github.com/python/cpython/commit/34df10a9a16b38d54421eeeaf73ec89828563be7 (3.6)
 CVE-2021-3176 (The chat window of the Mitel BusinessCTI Enterprise (MBC-E) Client for ...)
-	TODO: check
+	NOT-FOR-US: Mitel
 CVE-2021-3175
 	RESERVED
 CVE-2021-25312 (HTCondor before 8.9.11 allows a user to submit a job as another user o ...)
@@ -2618,7 +2618,7 @@ CVE-2021-3162 (Docker Desktop Community before 2.5.0.0 on macOS mishandles certi
 CVE-2021-3161
 	RESERVED
 CVE-2021-3160 (Deserialization of untrusted data in the login page of ASSUWEB 359.3 b ...)
-	TODO: check
+	NOT-FOR-US: ACA
 CVE-2021-25280
 	RESERVED
 CVE-2021-25279
@@ -10635,7 +10635,7 @@ CVE-2020-36117
 CVE-2020-36116
 	RESERVED
 CVE-2020-36115 (Stored Cross Site Scripting (XSS) vulnerability in EGavilan Media CRUD ...)
-	TODO: check
+	NOT-FOR-US: EGavilan
 CVE-2020-36114
 	RESERVED
 CVE-2020-36113
@@ -11568,7 +11568,7 @@ CVE-2020-35756
 CVE-2020-35755
 	RESERVED
 CVE-2020-35754 (OpenSolution Quick.CMS < 6.7 and Quick.Cart < 6.7 allow an authe ...)
-	TODO: check
+	NOT-FOR-US: OpenSolution Quick.CMS
 CVE-2020-35753 (The job posting recommendation form in Persis Human Resource Managemen ...)
 	NOT-FOR-US: Persis Human Resource Management Portal
 CVE-2020-35752
@@ -14926,7 +14926,7 @@ CVE-2021-20067
 CVE-2021-20066
 	RESERVED
 CVE-2020-35547 (A library index page in NuPoint Messenger in Mitel MiCollab before 9.2 ...)
-	TODO: check
+	NOT-FOR-US: Mitel
 CVE-2020-35546
 	RESERVED
 CVE-2020-35545 (Time-based SQL injection exists in Spotweb 1.4.9 via the query string. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30e1cfcef985d1b23cb149d3a785fbf14485d7a8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30e1cfcef985d1b23cb149d3a785fbf14485d7a8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210129/614184bc/attachment.html>

More information about the debian-security-tracker-commits mailing list