[Git][security-tracker-team/security-tracker][master] Process some NFUs

Thu Sep 30 21:32:26 BST 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a3c2a52f by Salvatore Bonaccorso at 2021-09-30T22:31:58+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1092,11 +1092,11 @@ CVE-2021-41327
 CVE-2021-41326 (In MISP before 2.4.148, app/Lib/Export/OpendataExport.php mishandles p ...)
 	NOT-FOR-US: MISP
 CVE-2021-41325 (Broken access control for user creation in Pydio Cells 2.2.9 allows re ...)
-	TODO: check
+	NOT-FOR-US: Pydio Cells
 CVE-2021-41324
 	RESERVED
 CVE-2021-41323 (Directory traversal in the Compress feature in Pydio Cells 2.2.9 allow ...)
-	TODO: check
+	NOT-FOR-US: Pydio Cells
 CVE-2021-41322
 	RESERVED
 CVE-2021-41321
@@ -38411,7 +38411,7 @@ CVE-2021-25965
 CVE-2021-25964
 	RESERVED
 CVE-2021-25963 (In Shuup, versions 1.6.0 through 2.10.8 are vulnerable to reflected Cr ...)
-	TODO: check
+	NOT-FOR-US: Shuup
 CVE-2021-25962 (“Shuup” application in versions 0.4.2 to 2.10.8 is affecte ...)
 	NOT-FOR-US: Shuup
 CVE-2021-25961 (In “SuiteCRM” application, v7.1.7 through v7.10.31 and v7. ...)
@@ -42917,9 +42917,9 @@ CVE-2021-24019
 CVE-2021-24018 (A buffer underwrite vulnerability in the firmware verification routine ...)
 	NOT-FOR-US: FortiOS
 CVE-2021-24017 (An improper authentication in Fortinet FortiManager version 6.4.3 and  ...)
-	TODO: check
+	NOT-FOR-US: Fortiguard
 CVE-2021-24016 (An improper neutralization of formula elements in a csv file in Fortin ...)
-	TODO: check
+	NOT-FOR-US: Fortiguard
 CVE-2021-24015 (An improper neutralization of special elements used in an OS Command v ...)
 	NOT-FOR-US: Fortinet
 CVE-2021-24014 (Multiple instances of improper neutralization of input during web page ...)
@@ -51549,7 +51549,7 @@ CVE-2021-21091 (Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earli
 CVE-2021-21090 (Adobe InCopy version 16.0 (and earlier) is affected by an path travers ...)
 	NOT-FOR-US: Adobe
 CVE-2021-21089 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
-	TODO: check
+	NOT-FOR-US: Acrobat
 CVE-2021-21088
 	RESERVED
 CVE-2021-21087 (Adobe Coldfusion versions 2016 (update 16 and earlier), 2018 (update 1 ...)
@@ -81164,7 +81164,7 @@ CVE-2020-20783
 CVE-2020-20782
 	RESERVED
 CVE-2020-20781 (A stored cross-site scripting (XSS) vulnerability in /ucms/index.php?d ...)
-	TODO: check
+	NOT-FOR-US: UCMS
 CVE-2020-20780
 	RESERVED
 CVE-2020-20779
@@ -82492,13 +82492,13 @@ CVE-2020-20133
 CVE-2020-20132
 	RESERVED
 CVE-2020-20131 (LaraCMS v1.0.1 contains a stored cross-site scripting (XSS) vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: LaraCMS
 CVE-2020-20130
 	RESERVED
 CVE-2020-20129 (LaraCMS v1.0.1 contains a stored cross-site scripting (XSS) vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: LaraCMS
 CVE-2020-20128 (LaraCMS v1.0.1 transmits sensitive information in cleartext which can  ...)
-	TODO: check
+	NOT-FOR-US: LaraCMS
 CVE-2020-20127
 	RESERVED
 CVE-2020-20126



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3c2a52f02110742a253f319fbd38c1bc26cd486

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3c2a52f02110742a253f319fbd38c1bc26cd486
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210930/916197ff/attachment.htm>
