[Git][security-tracker-team/security-tracker][master] Process NFUs

Neil Williams (@codehelp) codehelp at debian.org
Thu Sep 16 10:02:35 BST 2021 


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fff34399 by Neil Williams at 2021-09-16T10:02:12+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4372,7 +4372,7 @@ CVE-2021-39309
 CVE-2021-39308
 	RESERVED
 CVE-2021-39307 (PDFTron’s WebViewer UI 8.0 or below renders dangerous URLs as hy ...)
-	TODO: check
+	NOT-FOR-US: PDFTron WebViewer UI
 CVE-2021-39306
 	RESERVED
 CVE-2021-39305
@@ -4783,7 +4783,7 @@ CVE-2021-39191 (mod_auth_openidc is an authentication/authorization module for t
 CVE-2021-39190
 	RESERVED
 CVE-2021-39189 (Pimcore is an open source data & experience management platform. I ...)
-	TODO: check
+	NOT-FOR-US: Pimcore
 CVE-2021-39188
 	RESERVED
 CVE-2021-39187 (Parse Server is an open source backend that can be deployed to any inf ...)
@@ -7729,7 +7729,7 @@ CVE-2021-37911 (The management interface of BenQ smart wireless conference proje
 CVE-2021-37910
 	RESERVED
 CVE-2021-37909 (WriteRegistry function in TSSServiSign component does not filter and v ...)
-	TODO: check
+	NOT-FOR-US: TSSServiSignAdapter Windows
 CVE-2021-37908
 	RESERVED
 CVE-2021-37907
@@ -19000,9 +19000,9 @@ CVE-2021-33047
 CVE-2021-33046
 	RESERVED
 CVE-2021-33045 (The identity authentication bypass vulnerability found in some Dahua p ...)
-	TODO: check
+	NOT-FOR-US: Dahua
 CVE-2021-33044 (The identity authentication bypass vulnerability found in some Dahua p ...)
-	TODO: check
+	NOT-FOR-US: Dahua
 CVE-2020-36363 (Amazon AWS CloudFront TLSv1.2_2019 allows TLS_ECDHE_RSA_WITH_AES_128_C ...)
 	NOT-FOR-US: Amazon AWS CloudFront
 CVE-2021-3554
@@ -78353,7 +78353,7 @@ CVE-2020-21323
 CVE-2020-21322 (An arbitrary file upload vulnerability in Feehi CMS v2.0.8 and below a ...)
 	NOT-FOR-US: Feehi CMS
 CVE-2020-21321 (emlog v6.0 contains a Cross-Site Request Forgery (CSRF) via /admin/lin ...)
-	TODO: check
+	NOT-FOR-US: emlog CMS
 CVE-2020-21320
 	RESERVED
 CVE-2020-21319



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fff343994e2a44bded81c33bd6e82e4c2e762ee2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fff343994e2a44bded81c33bd6e82e4c2e762ee2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210916/15f3fcaf/attachment.htm>

More information about the debian-security-tracker-commits mailing list