[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jun 1 21:30:59 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
22e08550 by Salvatore Bonaccorso at 2021-06-01T22:30:39+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11137,7 +11137,7 @@ CVE-2021-3461
 	RESERVED
 	NOT-FOR-US: Keycloak
 CVE-2021-29092 (Unrestricted upload of file with dangerous type vulnerability in file  ...)
-	TODO: check
+	NOT-FOR-US: Synology
 CVE-2021-29091
 	RESERVED
 CVE-2021-29090
@@ -11145,7 +11145,7 @@ CVE-2021-29090
 CVE-2021-29089
 	RESERVED
 CVE-2021-29088 (Improper limitation of a pathname to a restricted directory ('Path Tra ...)
-	TODO: check
+	NOT-FOR-US: Synology
 CVE-2021-29087
 	RESERVED
 CVE-2021-29086
@@ -14197,7 +14197,7 @@ CVE-2021-27830
 CVE-2021-27829
 	RESERVED
 CVE-2021-27828 (SQL injection in In4Suite ERP 3.2.74.1370 allows attackers to modify o ...)
-	TODO: check
+	NOT-FOR-US: In4Suite ERP
 CVE-2021-27827
 	RESERVED
 CVE-2021-27826
@@ -18669,7 +18669,7 @@ CVE-2021-25934 (In OpenNMS Horizon, versions opennms-18.0.0-1 through opennms-27
 CVE-2021-25933 (In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0 ...)
 	NOT-FOR-US: OpenNMS
 CVE-2021-25932 (In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0 ...)
-	TODO: check
+	NOT-FOR-US: OpenNMS
 CVE-2021-25931 (In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0 ...)
 	NOT-FOR-US: OpenNMS
 CVE-2021-25930 (In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0 ...)
@@ -22415,21 +22415,21 @@ CVE-2021-24337
 CVE-2021-24336
 	RESERVED
 CVE-2021-24335 (The Car Repair Services & Auto Mechanic WordPress theme before 4.0 ...)
-	TODO: check
+	NOT-FOR-US: WordPress theme
 CVE-2021-24334 (The Instant Images – One Click Unsplash Uploads WordPress plugin ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24333 (The Content Copy Protection & Prevent Image Save WordPress plugin  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24332 (The Autoptimize WordPress plugin before 2.8.4 was missing proper escap ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24331 (The Smooth Scroll Page Up/Down Buttons WordPress plugin before 1.4 did ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24330 (The Funnel Builder by CartFlows – Create High Converting Sales F ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24329 (The WP Super Cache WordPress plugin before 1.7.3 did not properly sani ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24328 (The WP Login Security and History WordPress plugin through 1.0 did not ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24327 (The SEO Redirection Plugin – 301 Redirect Manager WordPress plug ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24326 (The tab parameter of the settings page of the All 404 Redirect to Home ...)
@@ -22441,33 +22441,33 @@ CVE-2021-24324 (The 404 SEO Redirection WordPress plugin through 1.3 is lacking
 CVE-2021-24323 (When taxes are enabled, the "Additional tax classes" field was not pro ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24322 (The Database Backup for WordPress plugin before 2.4 did not escape the ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24321 (The Bello - Directory & Listing WordPress theme before 1.6.0 did n ...)
-	TODO: check
+	NOT-FOR-US: WordPress theme
 CVE-2021-24320 (The Bello - Directory & Listing WordPress theme before 1.6.0 did n ...)
-	TODO: check
+	NOT-FOR-US: WordPress theme
 CVE-2021-24319 (The Bello - Directory & Listing WordPress theme before 1.6.0 did n ...)
-	TODO: check
+	NOT-FOR-US: WordPress theme
 CVE-2021-24318 (The Listeo WordPress theme before 1.6.11 did not ensure that the Post/ ...)
-	TODO: check
+	NOT-FOR-US: WordPress theme
 CVE-2021-24317 (The Listeo WordPress theme before 1.6.11 did not properly sanitise som ...)
-	TODO: check
+	NOT-FOR-US: WordPress theme
 CVE-2021-24316 (The search feature of the Mediumish WordPress theme through 1.0.47 doe ...)
-	TODO: check
+	NOT-FOR-US: WordPress theme
 CVE-2021-24315 (The GiveWP – Donation Plugin and Fundraising Platform WordPress  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24314 (The Goto WordPress theme before 2.1 did not sanitise, validate of esca ...)
 	NOT-FOR-US: WordPress theme
 CVE-2021-24313 (The WP Prayer WordPress plugin before 1.6.2 provides the functionality ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24312 (The parameters $cache_path, $wp_cache_debug_ip, $wp_super_cache_front_ ...)
 	TODO: check
 CVE-2021-24311 (The wp_ajax_upload-remote-file AJAX action of the External Media WordP ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24310 (The Photo Gallery by 10Web - Mobile-Friendly Image Gallery WordPress p ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24309 (The "Schedule Name" input in the Weekly Schedule WordPress plugin befo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24308 (The 'State' field of the Edit profile page of the LMS by LifterLMS &#8 ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24307 (The All in One SEO – Best WordPress SEO Plugin – Easily Im ...)
@@ -47360,7 +47360,7 @@ CVE-2020-26695
 CVE-2020-26694
 	RESERVED
 CVE-2020-26693 (A stored cross-site scripting (XSS) vulnerability was discovered in pf ...)
-	TODO: check
+	NOT-FOR-US: pfSense
 CVE-2020-26692
 	RESERVED
 CVE-2020-26691
@@ -47410,11 +47410,11 @@ CVE-2020-26672 (Testimonial Rotator Wordpress Plugin 3.0.2 is affected by Cross
 CVE-2020-26671
 	RESERVED
 CVE-2020-26670 (A vulnerability has been discovered in BigTree CMS 4.4.10 and earlier  ...)
-	TODO: check
+	NOT-FOR-US: BigTree CMS
 CVE-2020-26669 (A stored cross-site scripting (XSS) vulnerability was discovered in Bi ...)
-	TODO: check
+	NOT-FOR-US: BigTree CMS
 CVE-2020-26668 (A SQL injection vulnerability was discovered in /core/feeds/custom.php ...)
-	TODO: check
+	NOT-FOR-US: BigTree CMS
 CVE-2020-26667
 	RESERVED
 CVE-2020-26666



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/22e085502a4773f2f9e55d5f0c8fcf01a5e0fa69

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/22e085502a4773f2f9e55d5f0c8fcf01a5e0fa69
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210601/07b5c644/attachment.htm>

More information about the debian-security-tracker-commits mailing list