[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
carnil at debian.org
Fri Mar 19 20:23:46 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3b0a239a by Salvatore Bonaccorso at 2021-03-19T21:22:55+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -580,7 +580,7 @@ CVE-2021-28669
CVE-2021-28668
RESERVED
CVE-2021-28667 (StackStorm before 3.4.1, in some situations, has an infinite loop that ...)
- TODO: check
+ NOT-FOR-US: StackStorm
CVE-2021-28666
RESERVED
CVE-2021-28665
@@ -3210,9 +3210,9 @@ CVE-2021-27522
CVE-2021-27521
RESERVED
CVE-2021-27520 (A cross-site scripting (XSS) issue in FUDForum 3.1.0 allows remote att ...)
- TODO: check
+ NOT-FOR-US: FUDForum
CVE-2021-27519 (A cross-site scripting (XSS) issue in FUDForum 3.1.0 allows remote att ...)
- TODO: check
+ NOT-FOR-US: FUDForum
CVE-2021-27518
RESERVED
CVE-2021-27517
@@ -3248,7 +3248,7 @@ CVE-2021-27508
CVE-2021-27507
RESERVED
CVE-2021-27506 (In Stormshield Network Security (SNS) 1.0 through 4.2.0, the parsing o ...)
- TODO: check
+ NOT-FOR-US: Stormshield Network Security (SNS)
CVE-2021-27505
RESERVED
CVE-2021-27504
@@ -7588,7 +7588,7 @@ CVE-2021-25766 (In JetBrains YouTrack before 2020.4.4701, improper resource acce
CVE-2021-25765 (In JetBrains YouTrack before 2020.4.4701, CSRF via attachment upload w ...)
NOT-FOR-US: JetBrains TeamCity
CVE-2021-25764 (In JetBrains PhpStorm before 2020.3, source code could be added to deb ...)
- TODO: check
+ NOT-FOR-US: JetBrains PhpStorm
CVE-2021-25763 (In JetBrains Ktor before 1.4.2, weak cipher suites were enabled by def ...)
NOT-FOR-US: JetBrains Ktor
CVE-2021-25762 (In JetBrains Ktor before 1.4.3, HTTP Request Smuggling was possible. ...)
@@ -8747,9 +8747,9 @@ CVE-2021-25280
CVE-2021-25279
RESERVED
CVE-2021-25278 (FTAPI 4.0 through 4.10 allows XSS via an SVG document to the Backgroun ...)
- TODO: check
+ NOT-FOR-US: FTAPI
CVE-2021-25277 (FTAPI 4.0 - 4.10 allows XSS via a crafted filename to the alternative ...)
- TODO: check
+ NOT-FOR-US: FTAPI
CVE-2021-25276 (In SolarWinds Serv-U before 15.2.2 Hotfix 1, there is a directory cont ...)
NOT-FOR-US: SolarWinds
CVE-2021-25275 (SolarWinds Orion Platform before 2020.2.4, as used by various SolarWin ...)
@@ -11136,7 +11136,7 @@ CVE-2021-3143
CVE-2021-3142
REJECTED
CVE-2021-3141 (In Unisys Stealth (core) before 6.0.025.0, the Keycloak password is st ...)
- TODO: check
+ NOT-FOR-US: Unisys
CVE-2021-24121
RESERVED
CVE-2021-24120
@@ -16838,7 +16838,7 @@ CVE-2020-36146
CVE-2020-36145
RESERVED
CVE-2020-36144 (Redash 8.0.0 is affected by LDAP Injection. There is an authentication ...)
- TODO: check
+ NOT-FOR-US: Redash
CVE-2020-36143
RESERVED
CVE-2020-36142
@@ -18272,7 +18272,7 @@ CVE-2021-21385
CVE-2021-21384 (shescape is a simple shell escape package for JavaScript. In shescape ...)
TODO: check
CVE-2021-21383 (Wiki.js an open-source wiki app built on Node.js. Wiki.js before versi ...)
- TODO: check
+ NOT-FOR-US: Wiki.js
CVE-2021-21382
RESERVED
CVE-2021-21380
@@ -21606,7 +21606,7 @@ CVE-2021-20079
CVE-2021-20078
RESERVED
CVE-2021-20077 (Nessus Agent versions 7.2.0 through 8.2.2 were found to inadvertently ...)
- TODO: check
+ NOT-FOR-US: Nessus Agent
CVE-2021-20076 (Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were fou ...)
NOT-FOR-US: Tenable
CVE-2021-20075 (Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for pr ...)
@@ -34517,7 +34517,7 @@ CVE-2020-26888
CVE-2020-26887 (FRITZ!OS before 7.21 on FRITZ!Box devices allows a bypass of a DNS Reb ...)
NOT-FOR-US: Fritz OS
CVE-2020-26886 (Softaculous before 5.5.7 is affected by a code execution vulnerability ...)
- TODO: check
+ NOT-FOR-US: Softaculous
CVE-2020-26885
RESERVED
CVE-2020-26884 (RSA Archer 6.8 through 6.8.0.3 and 6.9 contains a URL injection vulner ...)
@@ -88962,7 +88962,7 @@ CVE-2020-4637
CVE-2020-4636 (IBM Resilient OnPrem 38.2 could allow a privileged user to inject mali ...)
NOT-FOR-US: IBM
CVE-2020-4635 (IBM Resilient SOAR 40 and earlier could disclose sensitive information ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2020-4634
RESERVED
CVE-2020-4633 (IBM Resilient SOAR V38.0 could allow a remote attacker to execute arbi ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b0a239aba79b20e022da87a3b2d569ab486ae06
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b0a239aba79b20e022da87a3b2d569ab486ae06
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210319/06cab5e2/attachment.htm>
More information about the debian-security-tracker-commits
mailing list