[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat May 29 10:06:42 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
79a9fcfa by Salvatore Bonaccorso at 2021-05-29T11:05:05+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -111,25 +111,25 @@ CVE-2020-36377
CVE-2020-36376
RESERVED
CVE-2020-36375 (Stack overflow vulnerability in parse_equality Cesanta MJS 1.20.1, all ...)
- TODO: check
+ NOT-FOR-US: Cesanta MJS
CVE-2020-36374 (Stack overflow vulnerability in parse_comparison Cesanta MJS 1.20.1, a ...)
- TODO: check
+ NOT-FOR-US: Cesanta MJS
CVE-2020-36373 (Stack overflow vulnerability in parse_shifts Cesanta MJS 1.20.1, allow ...)
- TODO: check
+ NOT-FOR-US: Cesanta MJS
CVE-2020-36372 (Stack overflow vulnerability in parse_plus_minus Cesanta MJS 1.20.1, a ...)
- TODO: check
+ NOT-FOR-US: Cesanta MJS
CVE-2020-36371 (Stack overflow vulnerability in parse_mul_div_rem Cesanta MJS 1.20.1, ...)
- TODO: check
+ NOT-FOR-US: Cesanta MJS
CVE-2020-36370 (Stack overflow vulnerability in parse_unary Cesanta MJS 1.20.1, allows ...)
- TODO: check
+ NOT-FOR-US: Cesanta MJS
CVE-2020-36369 (Stack overflow vulnerability in parse_statement_list Cesanta MJS 1.20. ...)
- TODO: check
+ NOT-FOR-US: Cesanta MJS
CVE-2020-36368 (Stack overflow vulnerability in parse_statement Cesanta MJS 1.20.1, al ...)
- TODO: check
+ NOT-FOR-US: Cesanta MJS
CVE-2020-36367 (Stack overflow vulnerability in parse_block Cesanta MJS 1.20.1, allows ...)
- TODO: check
+ NOT-FOR-US: Cesanta MJS
CVE-2020-36366 (Stack overflow vulnerability in parse_value Cesanta MJS 1.20.1, allows ...)
- TODO: check
+ NOT-FOR-US: Cesanta MJS
CVE-2021-3569
RESERVED
CVE-2021-3568
@@ -2535,11 +2535,11 @@ CVE-2021-32623
CVE-2021-32622 (Matrix-React-SDK is a react-based SDK for inserting a Matrix chat/voip ...)
NOT-FOR-US: Matrix-React-SDK
CVE-2021-32621 (### Impact A user without Script or Programming right is able to execu ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2021-32620 (### Impact A user disabled on a wiki using email verification for regi ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2021-32619 (Deno is a runtime for JavaScript and TypeScript that uses V8 and is bu ...)
- TODO: check
+ NOT-FOR-US: Deno
CVE-2021-32618 (The Python "Flask-Security-Too" package is used for adding security fe ...)
NOT-FOR-US: Flask-Security-Too
CVE-2021-32617 (Exiv2 is a command-line utility and C++ library for reading, writing, ...)
@@ -2550,7 +2550,7 @@ CVE-2021-32617 (Exiv2 is a command-line utility and C++ library for reading, wri
NOTE: https://github.com/Exiv2/exiv2/security/advisories/GHSA-w8mv-g8qq-36mj
NOTE: https://github.com/Exiv2/exiv2/pull/1657
CVE-2021-32616 (1CDN is open-source file sharing software. In 1CDN before commit f88a2 ...)
- TODO: check
+ NOT-FOR-US: 1CDN
CVE-2021-3549 (An out of bounds flaw was found in GNU binutils objdump utility versio ...)
- binutils <unfixed> (unimportant)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=27294
@@ -47386,9 +47386,9 @@ CVE-2020-26644
CVE-2020-26643
RESERVED
CVE-2020-26642 (A cross-site scripting (XSS) vulnerability has been discovered in the ...)
- TODO: check
+ NOT-FOR-US: SeaCMS
CVE-2020-26641 (A Cross Site Request Forgery (CSRF) vulnerability was discovered in iC ...)
- TODO: check
+ NOT-FOR-US: iCMS
CVE-2020-26640
RESERVED
CVE-2020-26639
@@ -64985,7 +64985,7 @@ CVE-2020-18394
CVE-2020-18393
RESERVED
CVE-2020-18392 (Stack overflow vulnerability in parse_array Cesanta MJS 1.20.1, allows ...)
- TODO: check
+ NOT-FOR-US: Cesanta MJS
CVE-2020-18391
RESERVED
CVE-2020-18390
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/79a9fcfac2742633b0903f8421d62c68c4de952f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/79a9fcfac2742633b0903f8421d62c68c4de952f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210529/5988e2f5/attachment.htm>
More information about the debian-security-tracker-commits
mailing list