[Git][security-tracker-team/security-tracker][master] Process some NFUs

Wed Oct 13 21:41:34 BST 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d55f793c by Salvatore Bonaccorso at 2021-10-13T22:41:06+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -466,9 +466,9 @@ CVE-2021-42226
 CVE-2021-42225
 	RESERVED
 CVE-2021-42224 (SQL Injection vulnerability exists in IFSC Code Finder Project 1.0 via ...)
-	TODO: check
+	NOT-FOR-US: IFSC Code Finder Project
 CVE-2021-42223 (Cross Site Scripting (XSS).vulnerability exists in Online DJ Booking M ...)
-	TODO: check
+	NOT-FOR-US: Online DJ Booking Management System
 CVE-2021-42222
 	RESERVED
 CVE-2021-42221
@@ -2926,7 +2926,7 @@ CVE-2021-41141
 CVE-2021-41140
 	RESERVED
 CVE-2021-41139 (Anuko Time Tracker is an open source, web-based time tracking applicat ...)
-	TODO: check
+	NOT-FOR-US: Anuko Time Tracker
 CVE-2021-41138 (Frontier is Substrate's Ethereum compatibility layer. In the newly int ...)
 	TODO: check
 CVE-2021-41137 (Minio is a Kubernetes native application for cloud storage. All users  ...)
@@ -3605,9 +3605,9 @@ CVE-2021-40845 (The web part of Zenitel AlphaCom XE Audio Server through 11.2.3.
 CVE-2021-40844
 	RESERVED
 CVE-2021-40843 (Proofpoint Insider Threat Management Server contains an unsafe deseria ...)
-	TODO: check
+	NOT-FOR-US: Proofpoint
 CVE-2021-40842 (Proofpoint Insider Threat Management Server contains a SQL injection v ...)
-	TODO: check
+	NOT-FOR-US: Proofpoint
 CVE-2021-40841
 	RESERVED
 CVE-2021-40840
@@ -3877,7 +3877,7 @@ CVE-2021-40734
 CVE-2021-40733
 	RESERVED
 CVE-2021-40732 (XMP Toolkit version 2020.1 (and earlier) is affected by a null pointer ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40731
 	RESERVED
 CVE-2021-40730
@@ -7155,7 +7155,7 @@ CVE-2021-39306
 CVE-2021-39305
 	RESERVED
 CVE-2021-39304 (Proofpoint Enterprise Protection before 8.12.0-2108090000 allows secur ...)
-	TODO: check
+	NOT-FOR-US: Proofpoint
 CVE-2021-3730 (firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) ...)
 	NOT-FOR-US: firefly-iii
 CVE-2021-3729 (firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) ...)
@@ -17828,7 +17828,7 @@ CVE-2020-36388 (In CiviCRM before 5.21.3 and 5.22.x through 5.24.x before 5.24.3
 CVE-2013-20002 (Elemin allows remote attackers to upload and execute arbitrary PHP cod ...)
 	NOT-FOR-US: Elemin
 CVE-2021-34814 (Proofpoint Spam Engine before 8.12.0-2106240000 has a Security Control ...)
-	TODO: check
+	NOT-FOR-US: Proofpoint
 CVE-2021-34813 (Matrix libolm before 3.2.3 allows a malicious Matrix homeserver to cra ...)
 	[experimental] - olm 3.2.3~dfsg-1
 	- olm <unfixed> (bug #989997)
@@ -20659,7 +20659,7 @@ CVE-2021-33611
 CVE-2021-33610
 	RESERVED
 CVE-2021-33609 (Missing check in DataCommunicator class in com.vaadin:vaadin-server ve ...)
-	TODO: check
+	NOT-FOR-US: Vaadin
 CVE-2021-33608
 	RESERVED
 CVE-2021-33607



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d55f793cb5679a9b155d9343a5c7d8639f6b1246

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d55f793cb5679a9b155d9343a5c7d8639f6b1246
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211013/4d1d1f8e/attachment.htm>
