[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jun 25 22:40:28 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
97146978 by Salvatore Bonaccorso at 2021-06-25T23:39:58+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2021-3622
RESERVED
CVE-2021-35501 (PandoraFMS <=7.54 allows Stored XSS by placing a payload in the nam ...)
- TODO: check
+ NOT-FOR-US: PandoraFMS
CVE-2021-3621
RESERVED
CVE-2021-3620
@@ -59,7 +59,7 @@ CVE-2021-35477
CVE-2021-35476
RESERVED
CVE-2021-35475 (SAS Environment Manager 2.5 allows XSS through the Name field when cre ...)
- TODO: check
+ NOT-FOR-US: SAS Environment Manager
CVE-2021-3618
RESERVED
CVE-2021-3617
@@ -970,13 +970,13 @@ CVE-2021-35052
CVE-2021-35051
RESERVED
CVE-2021-35050 (User credentials stored in a recoverable format within Fidelis Network ...)
- TODO: check
+ NOT-FOR-US: Fidelis
CVE-2021-35049 (Vulnerability in Fidelis Network and Deception CommandPost enables aut ...)
- TODO: check
+ NOT-FOR-US: Fidelis
CVE-2021-35048 (Vulnerability in Fidelis Network and Deception CommandPost enables una ...)
- TODO: check
+ NOT-FOR-US: Fidelis
CVE-2021-35047 (Vulnerability in the CommandPost, Collector, and Sensor components of ...)
- TODO: check
+ NOT-FOR-US: Fidelis
CVE-2021-35046 (A session fixation vulnerability was discovered in Ice Hrm 29.0.0 OS w ...)
NOT-FOR-US: Ice Hrm
CVE-2021-35045 (Cross site scripting (XSS) vulnerability in Ice Hrm 29.0.0.OS, allows ...)
@@ -3102,7 +3102,7 @@ CVE-2021-34076
CVE-2021-34075
RESERVED
CVE-2021-34074 (PandoraFMS <=7.54 allows arbitrary file upload, it leading to remot ...)
- TODO: check
+ NOT-FOR-US: PandoraFMS
CVE-2021-34073
RESERVED
CVE-2021-34072
@@ -3499,7 +3499,7 @@ CVE-2021-33896 (Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traver
NOTE: https://github.com/dino/dino/commit/0c8d25b7a3e7a10a506f1e19b868fe9b0c761495 (master)
NOTE: https://github.com/dino/dino/commit/1eaad1ccfbd00c6e76650535496531c172453994 (v0.2.1)
CVE-2021-33895 (ETINET BACKBOX E4.09 and H4.09 mismanages password access control. Whe ...)
- TODO: check
+ NOT-FOR-US: ETINET
CVE-2021-33894 (In Progress MOVEit Transfer before 2019.0.6 (11.0.6), 2019.1.x before ...)
NOT-FOR-US: Progress MOVEit
CVE-2021-33893
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/971469780db0bd6293b848ebbb2b31820c35cc81
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/971469780db0bd6293b848ebbb2b31820c35cc81
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210625/96e16f61/attachment.htm>
More information about the debian-security-tracker-commits
mailing list