[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Mar 2 08:56:19 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
37690bb6 by Salvatore Bonaccorso at 2021-03-02T09:55:50+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2021-27904 (An issue was discovered in app/Model/SharingGroupServer.php in MISP 2. ...)
-	TODO: check
+	NOT-FOR-US: MISP
 CVE-2021-27903
 	RESERVED
 CVE-2021-27902
@@ -31,11 +31,11 @@ CVE-2021-27890
 CVE-2021-27889
 	RESERVED
 CVE-2021-27888 (ZendTo before 6.06-4 Beta allows XSS during the display of a drop-off  ...)
-	TODO: check
+	NOT-FOR-US: ZendTo
 CVE-2021-27887
 	RESERVED
 CVE-2021-27886 (rakibtg Docker Dashboard before 2021-02-28 allows command injection in ...)
-	TODO: check
+	NOT-FOR-US: rakibtg Docker Dashboard
 CVE-2021-27885
 	RESERVED
 CVE-2021-27884 (Weak JSON Web Token (JWT) signing secret generation in YMFE YApi throu ...)
@@ -51,11 +51,11 @@ CVE-2021-27880
 CVE-2021-27879
 	RESERVED
 CVE-2021-27878 (An issue was discovered in Veritas Backup Exec before 21.2. The commun ...)
-	TODO: check
+	NOT-FOR-US: Veritas
 CVE-2021-27877 (An issue was discovered in Veritas Backup Exec before 21.2. It support ...)
-	TODO: check
+	NOT-FOR-US: Veritas
 CVE-2021-27876 (An issue was discovered in Veritas Backup Exec before 21.2. The commun ...)
-	TODO: check
+	NOT-FOR-US: Veritas
 CVE-2021-3419 [net: rtl8139: stack-based buffer overflow induced by infinite recursion issue]
 	RESERVED
 	- qemu <unfixed>
@@ -368,9 +368,9 @@ CVE-2021-27733
 CVE-2021-27732
 	RESERVED
 CVE-2021-27731 (Accellion FTA 9_12_432 and earlier is affected by stored XSS via a cra ...)
-	TODO: check
+	NOT-FOR-US: Accellion FTA
 CVE-2021-27730 (Accellion FTA 9_12_432 and earlier is affected by argument injection v ...)
-	TODO: check
+	NOT-FOR-US: Accellion FTA
 CVE-2021-27729
 	RESERVED
 CVE-2021-27728
@@ -1251,9 +1251,9 @@ CVE-2021-27320
 CVE-2021-27319
 	RESERVED
 CVE-2021-27318 (Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Ap ...)
-	TODO: check
+	NOT-FOR-US: Doctor Appointment System
 CVE-2021-27317 (Cross Site Scripting (XSS) vulnerability in contactus.php in Doctor Ap ...)
-	TODO: check
+	NOT-FOR-US: Doctor Appointment System
 CVE-2021-27316
 	RESERVED
 CVE-2021-27315
@@ -2632,11 +2632,11 @@ CVE-2021-26706
 CVE-2021-26705
 	RESERVED
 CVE-2021-26704 (EPrints 3.4.2 allows remote attackers to execute arbitrary commands vi ...)
-	TODO: check
+	NOT-FOR-US: EPrints
 CVE-2021-26703 (EPrints 3.4.2 allows remote attackers to read arbitrary files and poss ...)
-	TODO: check
+	NOT-FOR-US: EPrints
 CVE-2021-26702 (EPrints 3.4.2 exposes a reflected XSS opportunity in the dataset param ...)
-	TODO: check
+	NOT-FOR-US: EPrints
 CVE-2021-26701 (.NET Core Remote Code Execution Vulnerability This CVE ID is unique fr ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-26700 (Visual Studio Code npm-script Extension Remote Code Execution Vulnerab ...)
@@ -3233,9 +3233,9 @@ CVE-2021-26478
 CVE-2021-26477
 	RESERVED
 CVE-2021-26476 (EPrints 3.4.2 allows remote attackers to execute OS commands via craft ...)
-	TODO: check
+	NOT-FOR-US: EPrints
 CVE-2021-26475 (EPrints 3.4.2 exposes a reflected XSS opportunity in the via a cgi/cal ...)
-	TODO: check
+	NOT-FOR-US: EPrints
 CVE-2021-26474
 	RESERVED
 CVE-2021-26473
@@ -3598,7 +3598,7 @@ CVE-2021-3347 (An issue was discovered in the Linux kernel through 5.10.11. PI f
 CVE-2021-3343
 	RESERVED
 CVE-2021-3342 (EPrints 3.4.2 allows remote attackers to read arbitrary files and poss ...)
-	TODO: check
+	NOT-FOR-US: EPrints
 CVE-2021-3341 (A path traversal vulnerability in the DxWebEngine component of DH2i Dx ...)
 	NOT-FOR-US: DH2i DxEnterprise and DxOdyssey for Windows
 CVE-2021-3340 (A cross-site scripting (XSS) vulnerability in many forms of Wikindx be ...)
@@ -3652,7 +3652,7 @@ CVE-2021-26295
 CVE-2021-3333 (Opmantek Open-AudIT 4.0.1 is affected by cross-site scripting (XSS). W ...)
 	NOT-FOR-US: Open-AudIT
 CVE-2021-3332 (WPS Hide Login 1.6.1 allows remote attackers to bypass a protection me ...)
-	TODO: check
+	NOT-FOR-US: WPS Hide Logi
 CVE-2021-3331 (WinSCP before 5.17.10 allows remote attackers to execute arbitrary pro ...)
 	NOT-FOR-US: WinSCP
 CVE-2021-3330
@@ -6148,13 +6148,13 @@ CVE-2021-25311 (condor_credd in HTCondor before 8.9.11 allows Directory Traversa
 CVE-2021-25310 (** UNSUPPORTED WHEN ASSIGNED ** The administration web interface on Be ...)
 	NOT-FOR-US: Belkin Linksys WRT160NL devices
 CVE-2021-25309 (The telnet administrator service running on port 650 on Gigaset DX600A ...)
-	TODO: check
+	NOT-FOR-US: Gigaset devices
 CVE-2021-25308
 	RESERVED
 CVE-2021-25307
 	RESERVED
 CVE-2021-25306 (A buffer overflow vulnerability in the AT command interface of Gigaset ...)
-	TODO: check
+	NOT-FOR-US: Gigaset devices
 CVE-2021-3174
 	RESERVED
 CVE-2021-25305



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37690bb61b9855484c5f95dcd173368592935a13

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37690bb61b9855484c5f95dcd173368592935a13
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210302/d5f43c75/attachment.htm>

More information about the debian-security-tracker-commits mailing list