[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Jul 10 14:04:52 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
469c5fc1 by Salvatore Bonaccorso at 2021-07-10T15:04:10+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2021-36371 (Emissary-Ingress (formerly Ambassador API Gateway) through 1.13.9 allo ...)
-	TODO: check
+	NOT-FOR-US: Emissary-Ingress (formerly Ambassador API Gateway)
 CVE-2021-36370
 	RESERVED
 CVE-2021-36369
@@ -2277,13 +2277,13 @@ CVE-2021-35363
 CVE-2021-35362
 	RESERVED
 CVE-2021-35361 (A reflected cross site scripting (XSS) vulnerability in dotAdmin/#/c/l ...)
-	TODO: check
+	NOT-FOR-US: dotCMS
 CVE-2021-35360 (A reflected cross site scripting (XSS) vulnerability in dotAdmin/#/c/c ...)
-	TODO: check
+	NOT-FOR-US: dotCMS
 CVE-2021-35359
 	RESERVED
 CVE-2021-35358 (A stored cross site scripting (XSS) vulnerability in dotAdmin/#/c/c_Im ...)
-	TODO: check
+	NOT-FOR-US: dotCMS
 CVE-2021-35357
 	RESERVED
 CVE-2021-35356
@@ -35393,13 +35393,13 @@ CVE-2020-35989
 CVE-2020-35988
 	RESERVED
 CVE-2020-35987 (A stored cross site scripting (XSS) vulnerability in the 'Entities Lis ...)
-	TODO: check
+	NOT-FOR-US: Rukovoditel
 CVE-2020-35986 (A stored cross site scripting (XSS) vulnerability in the 'Users Access ...)
-	TODO: check
+	NOT-FOR-US: Rukovoditel
 CVE-2020-35985 (A stored cross site scripting (XSS) vulnerability in the 'Global Lists ...)
-	TODO: check
+	NOT-FOR-US: Rukovoditel
 CVE-2020-35984 (A stored cross site scripting (XSS) vulnerability in the 'Users Alerts ...)
-	TODO: check
+	NOT-FOR-US: Rukovoditel
 CVE-2020-35983
 	RESERVED
 CVE-2020-35982 (An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is an i ...)
@@ -40482,7 +40482,7 @@ CVE-2021-20026 (A vulnerability in the SonicWall NSM On-Prem product allows an a
 CVE-2021-20025 (SonicWall Email Security Virtual Appliance version 10.0.9 and earlier  ...)
 	NOT-FOR-US: SonicWall
 CVE-2021-20024 (Multiple Out-of-Bound read vulnerability in SonicWall Switch when hand ...)
-	TODO: check
+	NOT-FOR-US: SonicWall
 CVE-2021-20023 (SonicWall Email Security version 10.0.9.x contains a vulnerability tha ...)
 	NOT-FOR-US: SonicWall
 CVE-2021-20022 (SonicWall Email Security version 10.0.9.x contains a vulnerability tha ...)
@@ -55586,15 +55586,15 @@ CVE-2020-25881
 CVE-2020-25880
 	RESERVED
 CVE-2020-25879 (A stored cross site scripting (XSS) vulnerability in the 'Manage Users ...)
-	TODO: check
+	NOT-FOR-US: Codoforum
 CVE-2020-25878 (A stored cross site scripting (XSS) vulnerability in the 'Admin-Tools' ...)
-	TODO: check
+	NOT-FOR-US: BlackCat CMS
 CVE-2020-25877 (A stored cross site scripting (XSS) vulnerability in the 'Add Page' fe ...)
-	TODO: check
+	NOT-FOR-US: BlackCat CMS
 CVE-2020-25876 (A stored cross site scripting (XSS) vulnerability in the 'Pages' featu ...)
-	TODO: check
+	NOT-FOR-US: Codoforum
 CVE-2020-25875 (A stored cross site scripting (XSS) vulnerability in the 'Smileys' fea ...)
-	TODO: check
+	NOT-FOR-US: Codoforum
 CVE-2020-25874
 	RESERVED
 CVE-2020-25873
@@ -56948,13 +56948,13 @@ CVE-2020-25396
 CVE-2020-25395
 	RESERVED
 CVE-2020-25394 (A stored cross site scripting (XSS) vulnerability in moziloCMS 2.0 all ...)
-	TODO: check
+	NOT-FOR-US: moziloCMS
 CVE-2020-25393
 	RESERVED
 CVE-2020-25392 (A cross site scripting (XSS) vulnerability in CSZ CMS 1.2.9 allows att ...)
-	TODO: check
+	NOT-FOR-US: CSZ CMS
 CVE-2020-25391 (A cross site scripting vulnerability in CSZ CMS 1.2.9 allows attackers ...)
-	TODO: check
+	NOT-FOR-US: CSZ CMS
 CVE-2020-25390
 	RESERVED
 CVE-2020-25389



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/469c5fc1047711998b3e613215ca7f35ca2ee09d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/469c5fc1047711998b3e613215ca7f35ca2ee09d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210710/575a9888/attachment.htm>

More information about the debian-security-tracker-commits mailing list