[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ded4c424 by Salvatore Bonaccorso at 2021-03-02T21:34:36+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -65,7 +65,7 @@ CVE-2021-27887
 CVE-2021-27886 (rakibtg Docker Dashboard before 2021-02-28 allows command injection in ...)
 	NOT-FOR-US: rakibtg Docker Dashboard
 CVE-2021-27885 (usersettings.php in e107 through 2.3.0 lacks a certain e_TOKEN protect ...)
-	TODO: check
+	NOT-FOR-US: e107
 CVE-2021-27884 (Weak JSON Web Token (JWT) signing secret generation in YMFE YApi throu ...)
 	TODO: check
 CVE-2021-27883
@@ -3037,7 +3037,7 @@ CVE-2021-3386
 CVE-2021-3385
 	RESERVED
 CVE-2021-3384 (A vulnerability in Stormshield Network Security could allow an attacke ...)
-	TODO: check
+	NOT-FOR-US: Stormshield Network Security
 CVE-2021-3383
 	RESERVED
 CVE-2021-3382 (Stack buffer overflow vulnerability in gitea 1.9.0 through 1.13.1 allo ...)
@@ -6073,7 +6073,7 @@ CVE-2021-25332
 CVE-2021-25331
 	RESERVED
 CVE-2021-25330 (Calling of non-existent provider in MobileWips application prior to SM ...)
-	TODO: check
+	NOT-FOR-US: MobileWips application
 CVE-2020-36198
 	RESERVED
 CVE-2020-36197
@@ -12660,11 +12660,11 @@ CVE-2021-22298 (There is a logic vulnerability in Huawei Gauss100 OLTP Product.
 CVE-2021-22297
 	RESERVED
 CVE-2021-22296 (A component of the HarmonyOS 2.0 has a DoS vulnerability. Local attack ...)
-	TODO: check
+	NOT-FOR-US: HarmonyOS
 CVE-2021-22295
 	RESERVED
 CVE-2021-22294 (A component API of the HarmonyOS 2.0 has a permission bypass vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: HarmonyOS
 CVE-2021-22293 (Some Huawei products have an inconsistent interpretation of HTTP reque ...)
 	NOT-FOR-US: Huawei
 CVE-2021-22292 (There is a denial of service (DoS) vulnerability in eCNS280 versions V ...)
@@ -14269,7 +14269,7 @@ CVE-2021-21519
 CVE-2021-21518
 	RESERVED
 CVE-2021-21517 (SRS Policy Manager 6.X is affected by an XML External Entity Injection ...)
-	TODO: check
+	NOT-FOR-US: SRS Policy Manager
 CVE-2021-21516
 	RESERVED
 CVE-2021-21515 (Dell EMC SourceOne, versions 7.2SP10 and prior, contain a Stored Cross ...)
@@ -15899,7 +15899,7 @@ CVE-2021-21330 (aiohttp is an asynchronous HTTP client/server framework for asyn
 CVE-2021-21329
 	RESERVED
 CVE-2021-21328 (Vapor is a web framework for Swift. In Vapor before version 4.40.1, th ...)
-	TODO: check
+	NOT-FOR-US: Vapor
 CVE-2021-21327
 	RESERVED
 CVE-2021-21326



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ded4c424740e71f3de67cfe4106eba51fe30f090

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ded4c424740e71f3de67cfe4106eba51fe30f090
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210302/79b03d2c/attachment.htm>