[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Oct 1 21:21:10 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9bd1ee3f by Salvatore Bonaccorso at 2021-10-01T22:20:44+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2021-41847
CVE-2021-41846
RESERVED
CVE-2021-41845 (A SQL injection issue was discovered in ThycoticCentrify Secret Server ...)
- TODO: check
+ NOT-FOR-US: ThycoticCentrify Secret Server
CVE-2021-41844
RESERVED
CVE-2021-41843
@@ -455,11 +455,11 @@ CVE-2021-41651
CVE-2021-41650
RESERVED
CVE-2021-41649 (An un-authenticated SQL Injection exists in PuneethReddyHC online-shop ...)
- TODO: check
+ NOT-FOR-US: PuneethReddyHC online-shopping-system
CVE-2021-41648 (An un-authenticated SQL Injection exists in PuneethReddyHC online-shop ...)
- TODO: check
+ NOT-FOR-US: PuneethReddyHC online-shopping-system
CVE-2021-41647 (An un-authenticated error-based and time-based blind SQL injection vul ...)
- TODO: check
+ NOT-FOR-US: Kaushik Jadhav Online Food Ordering Web App
CVE-2021-41646
RESERVED
CVE-2021-41645
@@ -654,7 +654,7 @@ CVE-2021-41562
CVE-2021-41561
RESERVED
CVE-2021-3825 (On 2.1.15 version and below of Lider module in LiderAhenk software is ...)
- TODO: check
+ NOT-FOR-US: LiderAhenk
CVE-2021-3824 (OpenVPN Access Server 2.9.0 through 2.9.4 allow remote attackers to in ...)
NOT-FOR-US: OpenVPN Access Server
CVE-2021-3823
@@ -859,19 +859,19 @@ CVE-2021-41469
CVE-2021-41468
RESERVED
CVE-2021-41467 (Cross-site scripting (XSS) vulnerability in application/controllers/dr ...)
- TODO: check
+ NOT-FOR-US: JustWriting
CVE-2021-41466
RESERVED
CVE-2021-41465 (Cross-site scripting (XSS) vulnerability in concrete/elements/collecti ...)
- TODO: check
+ NOT-FOR-US: concrete5-legacy
CVE-2021-41464 (Cross-site scripting (XSS) vulnerability in concrete/elements/collecti ...)
- TODO: check
+ NOT-FOR-US: concrete5-legacy
CVE-2021-41463 (Cross-site scripting (XSS) vulnerability in toos/permissions/dialogs/a ...)
- TODO: check
+ NOT-FOR-US: concrete5-legacy
CVE-2021-41462 (Cross-site scripting (XSS) vulnerability in concrete/elements/collecti ...)
- TODO: check
+ NOT-FOR-US: concrete5-legacy
CVE-2021-41461 (Cross-site scripting (XSS) vulnerability in concrete/elements/collecti ...)
- TODO: check
+ NOT-FOR-US: concrete5-legacy
CVE-2021-41460
RESERVED
CVE-2021-41459 (There is a stack buffer overflow in MP4Box v1.0.1 at src/filters/dmx_n ...)
@@ -1616,7 +1616,7 @@ CVE-2021-41112
CVE-2021-41111
RESERVED
CVE-2021-41110 (cwlviewer is a web application to view and share Common Workflow Langu ...)
- TODO: check
+ NOT-FOR-US: cwlviewer
CVE-2021-41109 (Parse Server is an open source backend that can be deployed to any inf ...)
NOT-FOR-US: Parse Server
CVE-2021-41108
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9bd1ee3f3661e06336c7e206674831bc28da72b2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9bd1ee3f3661e06336c7e206674831bc28da72b2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211001/ab4eee5a/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list