[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue Sep 28 09:21:48 BST 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d3a95c91 by Salvatore Bonaccorso at 2021-09-28T10:21:28+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1438,7 +1438,7 @@ CVE-2021-41097 (aurelia-path is part of the Aurelia platform and contains utilit
 CVE-2021-41096 (Rucky is a USB HID Rubber Ducky Launch Pad for Android. Versions 2.2 a ...)
 	TODO: check
 CVE-2021-41095 (Discourse is an open source discussion platform. There is a cross-site ...)
-	TODO: check
+	NOT-FOR-US: Discourse
 CVE-2021-41094
 	RESERVED
 CVE-2021-41093
@@ -10355,7 +10355,7 @@ CVE-2021-37276
 CVE-2021-37275
 	RESERVED
 CVE-2021-37274 (Kingdee KIS Professional Edition has a privilege escalation vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: Kingdee KIS Professional Edition
 CVE-2021-37273
 	RESERVED
 CVE-2021-37272
@@ -10363,7 +10363,7 @@ CVE-2021-37272
 CVE-2021-37271
 	RESERVED
 CVE-2021-37270 (There is an unauthorized access vulnerability in the CMS Enterprise We ...)
-	TODO: check
+	NOT-FOR-US: CMS Enterprise Website Construction System
 CVE-2021-37269
 	RESERVED
 CVE-2021-37268
@@ -12761,9 +12761,9 @@ CVE-2021-36221 (Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition
 CVE-2021-36220
 	RESERVED
 CVE-2021-36219 (An issue was discovered in SKALE sgxwallet 1.58.3. The provided input  ...)
-	TODO: check
+	NOT-FOR-US: SKALE sgxwallet
 CVE-2021-36218 (An issue was discovered in SKALE sgxwallet 1.58.3. sgx_disp_ippsAES_GC ...)
-	TODO: check
+	NOT-FOR-US: SKALE sgxwallet
 CVE-2021-36217
 	REJECTED
 CVE-2021-36216 (LINE for Windows 6.2.1.2289 and before allows arbitrary code execution ...)
@@ -71930,7 +71930,7 @@ CVE-2020-24932
 CVE-2020-24931
 	RESERVED
 CVE-2020-24930 (Beijing Wuzhi Internet Technology Co., Ltd. Wuzhi CMS 4.0.1 is an open ...)
-	TODO: check
+	NOT-FOR-US: Wuzhi CMS
 CVE-2020-24929
 	RESERVED
 CVE-2020-24928 (managers/socketManager.ts in PreMiD through 2.1.3 has a locally hosted ...)
@@ -81146,17 +81146,17 @@ CVE-2020-20698 (A remote code execution (RCE) vulnerability in /1.com.php of S-C
 CVE-2020-20697
 	RESERVED
 CVE-2020-20696 (A cross-site scripting (XSS) vulnerability in /admin/content/post of G ...)
-	TODO: check
+	NOT-FOR-US: GilaCMS
 CVE-2020-20695 (A stored cross-site scripting (XSS) vulnerability in GilaCMS v1.11.4 a ...)
-	TODO: check
+	NOT-FOR-US: GilaCMS
 CVE-2020-20694
 	RESERVED
 CVE-2020-20693 (A Cross-Site Request Forgery (CSRF) in GilaCMS v1.11.4 allows authenti ...)
-	TODO: check
+	NOT-FOR-US: GilaCMS
 CVE-2020-20692 (GilaCMS v1.11.4 was discovered to contain a SQL injection vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: GilaCMS
 CVE-2020-20691 (An issue in Monstra CMS v3.0.4 allows attackers to execute arbitrary w ...)
-	TODO: check
+	NOT-FOR-US: Monstra CMS
 CVE-2020-20690
 	RESERVED
 CVE-2020-20689



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d3a95c91e5b9843ca3724e77e8c7599268b28875

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d3a95c91e5b9843ca3724e77e8c7599268b28875
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210928/7302e28a/attachment.htm>
