[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Nov 13 20:20:34 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5dd0b8b2 by Salvatore Bonaccorso at 2021-11-13T21:20:05+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -277,7 +277,7 @@ CVE-2021-43522
CVE-2021-3939
RESERVED
CVE-2021-3938 (snipe-it is vulnerable to Improper Neutralization of Input During Web ...)
- TODO: check
+ NOT-FOR-US: snipe-it
CVE-2021-3937
RESERVED
CVE-2021-3936
@@ -544,7 +544,7 @@ CVE-2021-43402
CVE-2021-43401
RESERVED
CVE-2021-3931 (snipe-it is vulnerable to Cross-Site Request Forgery (CSRF) ...)
- TODO: check
+ NOT-FOR-US: snipe-it
CVE-2021-3930 [off-by-one error in mode_sense_page() in hw/scsi/scsi-disk.c]
RESERVED
- qemu <unfixed>
@@ -1997,7 +1997,7 @@ CVE-2021-43205
CVE-2021-43204
RESERVED
CVE-2021-3921 (firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) ...)
- TODO: check
+ NOT-FOR-US: firefly-iii
CVE-2021-3920
RESERVED
CVE-2021-3919
@@ -2265,7 +2265,7 @@ CVE-2021-43082 (Buffer Copy without Checking Size of Input ('Classic Buffer Over
NOTE: CVE description is wrong, this doesn't affect 8.1, only 9.x/master:
NOTE: Introduced with https://github.com/apache/trafficserver/commit/5e2385b666b4176be0f64fbadfbfae42094db396 (9.1.0-rc0)
CVE-2021-3915 (bookstack is vulnerable to Unrestricted Upload of File with Dangerous ...)
- TODO: check
+ NOT-FOR-US: bookstack
CVE-2020-36505 (The Delete All Comments Easily WordPress plugin through 1.3 is lacking ...)
NOT-FOR-US: WordPress plugin
CVE-2020-36504 (The WP-Pro-Quiz WordPress plugin through 0.37 does not have CSRF check ...)
@@ -6870,7 +6870,7 @@ CVE-2021-41655
CVE-2021-41654
RESERVED
CVE-2021-41653 (The PING function on the TP-Link TL-WR840N EU v5 router with firmware ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2021-41652
RESERVED
CVE-2021-41651 (A blind SQL injection vulnerability exists in the Raymart DG / Ahmed H ...)
@@ -9498,9 +9498,9 @@ CVE-2021-40526 (Incorrect calculation of buffer size vulnerability in Peleton TT
CVE-2021-40525
RESERVED
CVE-2021-3776 (showdoc is vulnerable to Cross-Site Request Forgery (CSRF) ...)
- TODO: check
+ NOT-FOR-US: showdoc
CVE-2021-3775 (showdoc is vulnerable to Cross-Site Request Forgery (CSRF) ...)
- TODO: check
+ NOT-FOR-US: showdoc
CVE-2021-3774 (Meross Smart Wi-Fi 2 Way Wall Switch (MSS550X), on its 3.1.3 version a ...)
NOT-FOR-US: Meross Smart Wi-Fi 2 Way Wall Switch
CVE-2021-3773
@@ -15423,7 +15423,7 @@ CVE-2021-3685
CVE-2021-3684
RESERVED
CVE-2021-3683 (showdoc is vulnerable to Cross-Site Request Forgery (CSRF) ...)
- TODO: check
+ NOT-FOR-US: showdoc
CVE-2021-38113 (In addBouquet in js/bqe.js in OpenWebif (aka e2openplugin-OpenWebif) t ...)
NOT-FOR-US: OpenWebif (aka e2openplugin-OpenWebif)
CVE-2021-38112 (In the Amazon AWS WorkSpaces client 3.0.10 through 3.1.8 on Windows, a ...)
@@ -87680,7 +87680,7 @@ CVE-2020-21143
CVE-2020-21142 (Cross Site Scripting (XSS) vulnerabilty in IPFire 2.23 via the IPfire ...)
NOT-FOR-US: IPFire
CVE-2020-21141 (iCMS v7.0.15 was discovered to contain a Cross-Site Request Forgery (C ...)
- TODO: check
+ NOT-FOR-US: iCMS
CVE-2020-21140
RESERVED
CVE-2020-21139 (EC Cloud E-Commerce System v1.3 was discovered to contain a Cross-Site ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5dd0b8b211eecc2c4fa51ad500919f60c81fccc0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5dd0b8b211eecc2c4fa51ad500919f60c81fccc0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211113/fe819f9d/attachment.htm>
More information about the debian-security-tracker-commits
mailing list