[Git][security-tracker-team/security-tracker][master] Process several NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed May 19 21:31:37 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e5a0e5ee by Salvatore Bonaccorso at 2021-05-19T22:31:05+02:00
Process several NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -38,9 +38,9 @@ CVE-2021-33191
 CVE-2021-33190
 	RESERVED
 CVE-2020-36365 (Smartstore (aka SmartStoreNET) before 4.1.0 allows CommonController.Cl ...)
-	TODO: check
+	NOT-FOR-US: Smartstore (aka SmartStoreNET)
 CVE-2020-36364 (An issue was discovered in Smartstore (aka SmartStoreNET) before 4.1.0 ...)
-	TODO: check
+	NOT-FOR-US: Smartstore (aka SmartStoreNET)
 CVE-2021-XXXX [(remote) code execution via ESC G Q]
 	- rxvt-unicode <unfixed> (bug #988763)
 	NOTE: https://www.openwall.com/lists/oss-security/2021/05/17/1
@@ -2850,7 +2850,7 @@ CVE-2021-31932
 CVE-2021-31931
 	RESERVED
 CVE-2021-31930 (Persistent cross-site scripting (XSS) in the web interface of Concerto ...)
-	TODO: check
+	NOT-FOR-US: Concerto
 CVE-2021-31929
 	RESERVED
 CVE-2021-31928
@@ -4723,7 +4723,7 @@ CVE-2021-31160
 CVE-2021-31159
 	RESERVED
 CVE-2021-31158 (In the Query Engine in Couchbase Server 6.5.x and 6.6.x through 6.6.1, ...)
-	TODO: check
+	NOT-FOR-US: Couchbase Server
 CVE-2021-31157
 	RESERVED
 CVE-2021-31156
@@ -12423,9 +12423,9 @@ CVE-2021-27927 (In Zabbix from 4.0.x before 4.0.28rc1, 5.0.0alpha1 before 5.0.10
 CVE-2021-27926
 	RESERVED
 CVE-2021-27925 (An issue was discovered in Couchbase Server 6.5.x and 6.6.x through 6. ...)
-	TODO: check
+	NOT-FOR-US: Couchbase Server
 CVE-2021-27924 (An issue was discovered in Couchbase Server 6.x through 6.6.1. The Cou ...)
-	TODO: check
+	NOT-FOR-US: Couchbase Server
 CVE-2021-27923 (Pillow before 8.1.1 allows attackers to cause a denial of service (mem ...)
 	- pillow 8.1.2-1
 	[buster] - pillow <ignored> (Minor issue)
@@ -18034,7 +18034,7 @@ CVE-2021-3186 (A Stored Cross-site scripting (XSS) vulnerability in /main.html W
 CVE-2021-25645 (An issue was discovered in Couchbase Server before 6.0.5, 6.1.x throug ...)
 	NOT-FOR-US: Couchbase Server
 CVE-2021-25644 (An issue was discovered in Couchbase Server 5.x and 6.x through 6.6.1  ...)
-	TODO: check
+	NOT-FOR-US: Couchbase Server
 CVE-2021-25643
 	RESERVED
 CVE-2020-36200 (TinyCheck before commits 9fd360d and ea53de8 allowed an authenticated  ...)
@@ -26684,9 +26684,9 @@ CVE-2021-21735
 CVE-2021-21734
 	RESERVED
 CVE-2021-21733 (The management system of ZXCDN is impacted by the information leak vul ...)
-	TODO: check
+	NOT-FOR-US: ZXCDN
 CVE-2021-21732 (A mobile phone of ZTE is impacted by improper access control vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: ZTE
 CVE-2021-21731 (A CSRF vulnerability exists in the management page of a ZTE product.Th ...)
 	NOT-FOR-US: ZTE
 CVE-2021-21730 (A ZTE product is impacted by improper access control vulnerability. Th ...)
@@ -59701,11 +59701,11 @@ CVE-2020-20268
 CVE-2020-20267 (Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corr ...)
 	NOT-FOR-US: Mikrotik RouterOs
 CVE-2020-20266 (Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corr ...)
-	TODO: check
+	NOT-FOR-US: Mikrotik RouterOs
 CVE-2020-20265 (Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corr ...)
 	NOT-FOR-US: Mikrotik RouterOs
 CVE-2020-20264 (Mikrotik RouterOs before 6.47 (stable tree) in the /ram/pckg/advanced- ...)
-	TODO: check
+	NOT-FOR-US: Mikrotik RouterOs
 CVE-2020-20263
 	RESERVED
 CVE-2020-20262
@@ -218836,15 +218836,15 @@ CVE-2017-17680 (In ImageMagick 7.0.7-12 Q16, a memory leak vulnerability was fou
 CVE-2017-17679
 	RESERVED
 CVE-2017-17678 (BMC Remedy Mid Tier 9.1SP3 is affected by cross-site scripting (XSS).  ...)
-	TODO: check
+	NOT-FOR-US: BMC
 CVE-2017-17677 (BMC Remedy 9.1SP3 is affected by authenticated code execution. Authent ...)
-	TODO: check
+	NOT-FOR-US: BMC
 CVE-2017-17676
 	RESERVED
 CVE-2017-17675 (BMC Remedy Mid Tier 9.1SP3 is affected by log hijacking. Remote loggin ...)
-	TODO: check
+	NOT-FOR-US: BMC
 CVE-2017-17674 (BMC Remedy Mid Tier 9.1SP3 is affected by remote and local file inclus ...)
-	TODO: check
+	NOT-FOR-US: BMC
 CVE-2017-17673
 	RESERVED
 CVE-2017-17672 (In vBulletin through 5.3.x, there is an unauthenticated deserializatio ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5a0e5ee6911fd07b7685579c8297e67e892a964

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e5a0e5ee6911fd07b7685579c8297e67e892a964
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210519/5f20a1c3/attachment.htm>

More information about the debian-security-tracker-commits mailing list