[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Jul 7 21:27:23 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5c4780d0 by Salvatore Bonaccorso at 2021-07-07T22:26:55+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15209,7 +15209,7 @@ CVE-2021-29761
 CVE-2021-29760
 	RESERVED
 CVE-2021-29759 (IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, and 1.3  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-29758
 	RESERVED
 CVE-2021-29757
@@ -38589,7 +38589,7 @@ CVE-2021-20476
 CVE-2021-20475
 	RESERVED
 CVE-2021-20474 (IBM Guardium Data Encryption (GDE) 3.0.0.2 and 4.0.0.4 does not perfor ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20473
 	RESERVED
 CVE-2021-20472
@@ -38703,11 +38703,11 @@ CVE-2021-20419 (IBM Security Guardium 11.2 uses weaker than expected cryptograph
 CVE-2021-20418
 	RESERVED
 CVE-2021-20417 (IBM Guardium Data Encryption (GDE) 4.0.0.4 could allow a remote attack ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20416 (IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 could allow a r ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20415 (IBM Guardium Data Encryption (GDE) 4.0.0.4 uses an inadequate account  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20414
 	RESERVED
 CVE-2021-20413 (IBM Guardium Data Encryption (GDE) 4.0.0.4 could allow a remote attack ...)
@@ -38779,9 +38779,9 @@ CVE-2021-20381
 CVE-2021-20380 (IBM QRadar Advisor With Watson App 1.1 through 2.5 as used on IBM QRad ...)
 	NOT-FOR-US: IBM
 CVE-2021-20379 (IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 uses weaker tha ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20378 (IBM Guardium Data Encryption (GDE) 3.0.0.2 and 4.0.0.4 does not invali ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20377
 	RESERVED
 CVE-2021-20376
@@ -59474,23 +59474,23 @@ CVE-2020-24151
 CVE-2020-24150
 	RESERVED
 CVE-2020-24149 (Server-side request forgery (SSRF) in the Podcast Importer SecondLine  ...)
-	TODO: check
+	NOT-FOR-US: Podcast Importer SecondLine (podcast-importer-secondline) plugin for WordPress
 CVE-2020-24148 (Server-side request forgery (SSRF) in the Import XML and RSS Feeds (im ...)
-	TODO: check
+	NOT-FOR-US: Import XML and RSS Feeds (import-xml-feed) plugin for WordPress
 CVE-2020-24147 (Server-side request forgery (SSR) vulnerability in the WP Smart Import ...)
-	TODO: check
+	NOT-FOR-US: WP Smart Import (wp-smart-import) plugin for WordPress
 CVE-2020-24146 (Directory traversal in the CM Download Manager (aka cm-download-manage ...)
-	TODO: check
+	NOT-FOR-US: CM Download Manager (aka cm-download- manager) plugin for WordPress
 CVE-2020-24145 (Cross Site Scripting (XSS) vulnerability in the CM Download Manager (a ...)
-	TODO: check
+	NOT-FOR-US: CM Download Manager (aka cm-download-manager) plugin for WordPress
 CVE-2020-24144 (Directory traversal in the Media File Organizer (aka media-file-organi ...)
-	TODO: check
+	NOT-FOR-US: Media File Organizer (aka media-file- organizer) plugin for WordPress
 CVE-2020-24143 (Directory traversal in the Video Downloader for TikTok (aka downloader ...)
-	TODO: check
+	NOT-FOR-US: Video Downloader for TikTok (aka downloader-tiktok) plugin for WordPress
 CVE-2020-24142 (Server-side request forgery in the Video Downloader for TikTok (aka do ...)
-	TODO: check
+	NOT-FOR-US: Video Downloader for TikTok (aka downloader-tiktok) plugin for WordPress
 CVE-2020-24141 (Server-side request forgery in the WP-DownloadManager plugin 1.68.4 fo ...)
-	TODO: check
+	NOT-FOR-US: WP-DownloadManager plugin for WordPress
 CVE-2020-24140 (Server-side request forgery in Wcms 0.3.2 let an attacker send crafted ...)
 	NOT-FOR-US: wmcs
 CVE-2020-24139 (Server-side request forgery in Wcms 0.3.2 lets an attacker send crafte ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c4780d075754c2f601f5b2c5eff7bf6aac0a547

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c4780d075754c2f601f5b2c5eff7bf6aac0a547
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210707/bd88b5b5/attachment.htm>

More information about the debian-security-tracker-commits mailing list