[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jul 26 21:22:53 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6d6ef59b by Salvatore Bonaccorso at 2021-07-26T22:22:26+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,7 +7,7 @@ CVE-2021-37536
 CVE-2021-37535
 	RESERVED
 CVE-2021-37534 (app/View/GalaxyClusters/add.ctp in MISP 2.4.146 allows Stored XSS when ...)
-	TODO: check
+	NOT-FOR-US: MISP
 CVE-2021-37533
 	RESERVED
 CVE-2021-37532
@@ -119,17 +119,17 @@ CVE-2021-37480
 CVE-2021-37479
 	RESERVED
 CVE-2021-37478 (In NavigateCMS version 2.9.4 and below, function `block` is vulnerable ...)
-	TODO: check
+	NOT-FOR-US: NavigateCMS
 CVE-2021-37477 (In NavigateCMS version 2.9.4 and below, function in `structure.php` is ...)
-	TODO: check
+	NOT-FOR-US: NavigateCMS
 CVE-2021-37476 (In NavigateCMS version 2.9.4 and below, function in `product.php` is v ...)
-	TODO: check
+	NOT-FOR-US: NavigateCMS
 CVE-2021-37475 (In NavigateCMS version 2.9.4 and below, function in `templates.php` is ...)
-	TODO: check
+	NOT-FOR-US: NavigateCMS
 CVE-2021-37474
 	RESERVED
 CVE-2021-37473 (In NavigateCMS version 2.9.4 and below, function in `product.php` is v ...)
-	TODO: check
+	NOT-FOR-US: NavigateCMS
 CVE-2021-37472
 	RESERVED
 CVE-2021-37471
@@ -296,11 +296,11 @@ CVE-2021-37396
 CVE-2021-37395
 	RESERVED
 CVE-2021-37394 (In RPCMS v1.8 and below, attackers can interact with API and change va ...)
-	TODO: check
+	NOT-FOR-US: RPCMS
 CVE-2021-37393 (In RPCMS v1.8 and below, the "nickname" variable is not properly sanit ...)
-	TODO: check
+	NOT-FOR-US: RPCMS
 CVE-2021-37392 (In RPCMS v1.8 and below, the "nickname" variable is not properly sanit ...)
-	TODO: check
+	NOT-FOR-US: RPCMS
 CVE-2021-37391
 	RESERVED
 CVE-2021-37390
@@ -5568,7 +5568,7 @@ CVE-2021-35032
 CVE-2021-35031
 	RESERVED
 CVE-2021-35030 (A vulnerability was found in the CGI program in Zyxel GS1900-8 firmwar ...)
-	TODO: check
+	NOT-FOR-US: Zyxel
 CVE-2021-35029 (An authentication bypasss vulnerability in the web-based management in ...)
 	NOT-FOR-US: Zyxel
 CVE-2021-35028
@@ -10727,7 +10727,7 @@ CVE-2021-32792 (mod_auth_openidc is an authentication/authorization module for t
 CVE-2021-32791 (mod_auth_openidc is an authentication/authorization module for the Apa ...)
 	TODO: check
 CVE-2021-32790 (Woocommerce is an open source eCommerce plugin for WordPress. An SQL i ...)
-	TODO: check
+	NOT-FOR-US: Woocommerce
 CVE-2021-32789 (woocommerce-gutenberg-products-block is a feature plugin for WooCommer ...)
 	TODO: check
 CVE-2021-32788



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6d6ef59b4ed6d949ad470e8d752f998b2c9dbeff

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6d6ef59b4ed6d949ad470e8d752f998b2c9dbeff
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210726/2c841dd8/attachment.htm>

More information about the debian-security-tracker-commits mailing list