[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Nov 2 08:14:17 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
91b6c8fc by Salvatore Bonaccorso at 2021-11-02T09:13:52+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -323,7 +323,7 @@ CVE-2021-43060
CVE-2021-43059
RESERVED
CVE-2021-43058 (An open redirect vulnerability exists in Replicated Classic versions p ...)
- TODO: check
+ NOT-FOR-US: Replicated
CVE-2021-3914
RESERVED
CVE-2021-43057 (An issue was discovered in the Linux kernel before 5.14.8. A use-after ...)
@@ -5516,7 +5516,7 @@ CVE-2021-41312
CVE-2021-41311
RESERVED
CVE-2021-41310 (Affected versions of Atlassian Jira Server and Data Center allow anony ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2021-41309
RESERVED
CVE-2021-41308 (Affected versions of Atlassian Jira Server and Data Center allow authe ...)
@@ -5798,7 +5798,7 @@ CVE-2021-41189 (DSpace is an open source turnkey repository application. In vers
CVE-2021-41188 (Shopware is open source e-commerce software. Versions prior to 5.7.6 c ...)
NOT-FOR-US: Shopware
CVE-2021-41187 (DHIS 2 is an information system for data capture, management, validati ...)
- TODO: check
+ NOT-FOR-US: DHIS
CVE-2021-41186 (Fluentd collects events from various data sources and writes them to f ...)
- fluentd <itp> (bug #926692)
CVE-2021-41185 (Mycodo is an environmental monitoring and regulation system. An exploi ...)
@@ -10086,7 +10086,7 @@ CVE-2021-39348 (The LearnPress WordPress plugin is vulnerable to Stored Cross-Si
CVE-2021-39347 (The Stripe for WooCommerce WordPress plugin is missing a capability ch ...)
NOT-FOR-US: WordPress plugin
CVE-2021-39346 (The Google Maps Easy WordPress plugin is vulnerable to Stored Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-39345 (The HAL WordPress plugin is vulnerable to Stored Cross-Site Scripting ...)
NOT-FOR-US: WordPress plugin
CVE-2021-39344 (The KJM Admin Notices WordPress plugin is vulnerable to Stored Cross-S ...)
@@ -10096,9 +10096,9 @@ CVE-2021-39343 (The MPL-Publisher WordPress plugin is vulnerable to Stored Cross
CVE-2021-39342 (The Credova_Financial WordPress plugin discloses a site's associated C ...)
NOT-FOR-US: WordPress plugin
CVE-2021-39341 (The OptinMonster WordPress plugin is vulnerable to sensitive informati ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-39340 (The Notification WordPress plugin is vulnerable to Stored Cross-Site S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-39339 (The Telefication WordPress plugin is vulnerable to Open Proxy and Serv ...)
NOT-FOR-US: WordPress plugin
CVE-2021-39338 (The MyBB Cross-Poster WordPress plugin is vulnerable to Stored Cross-S ...)
@@ -10112,7 +10112,7 @@ CVE-2021-39335 (The WpGenius Job Listing WordPress plugin is vulnerable to Store
CVE-2021-39334 (The Job Board Vanila WordPress plugin is vulnerable to Stored Cross-Si ...)
NOT-FOR-US: WordPress plugin
CVE-2021-39333 (The Hashthemes Demo Importer Plugin <= 1.1.1 for WordPress containe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-39332 (The Business Manager WordPress plugin is vulnerable to Stored Cross-Si ...)
NOT-FOR-US: WordPress plugin
CVE-2021-39331
@@ -12532,7 +12532,7 @@ CVE-2021-38358 (The MoolaMojo WordPress plugin is vulnerable to Reflected Cross-
CVE-2021-38357 (The SMS OVH WordPress plugin is vulnerable to Reflected Cross-Site Scr ...)
NOT-FOR-US: WordPress plugin
CVE-2021-38356 (The NextScripts: Social Networks Auto-Poster <= 4.3.20 WordPress pl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38355 (The Bug Library WordPress plugin is vulnerable to Reflected Cross-Site ...)
NOT-FOR-US: WordPress plugin
CVE-2021-38354 (The GNU-Mailman Integration WordPress plugin is vulnerable to Reflecte ...)
@@ -23814,7 +23814,7 @@ CVE-2021-33595 (A address bar spoofing vulnerability was discovered in Safe Brow
CVE-2021-33594 (An address bar spoofing vulnerability was discovered in Safe Browser f ...)
NOT-FOR-US: Safe Browser for Android
CVE-2021-33593 (Whale browser for iOS before 1.14.0 has an inconsistent user interface ...)
- TODO: check
+ NOT-FOR-US: Whale browser for iOS
CVE-2021-33592 (NAVER Toolbar before 4.0.30.323 allows remote attackers to execute arb ...)
NOT-FOR-US: NAVER Toolbar
CVE-2021-33591 (An exposed remote debugging port in Naver Comic Viewer prior to 1.0.15 ...)
@@ -28337,9 +28337,9 @@ CVE-2021-31851
CVE-2021-31850
RESERVED
CVE-2021-31849 (SQL injection vulnerability in McAfee Data Loss Prevention (DLP) ePO e ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2021-31848 (Cross site scripting (XSS) vulnerability in McAfee Data Loss Preventio ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2021-31847 (Improper access control vulnerability in the repair process for McAfee ...)
NOT-FOR-US: McAfee
CVE-2021-31846
@@ -58828,7 +58828,7 @@ CVE-2021-20138
CVE-2021-20137
RESERVED
CVE-2021-20136 (ManageEngine Log360 Builds < 5235 are affected by an improper acces ...)
- TODO: check
+ NOT-FOR-US: ManageEngine
CVE-2021-20135
RESERVED
CVE-2021-20134
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/91b6c8fcc170e07b3c7981b0c827d79e1acb6942
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/91b6c8fcc170e07b3c7981b0c827d79e1acb6942
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211102/fbec4c24/attachment.htm>
More information about the debian-security-tracker-commits
mailing list