[Git][security-tracker-team/security-tracker][master] Process some NFUs

Neil Williams (@codehelp) codehelp at debian.org
Sat Jun 11 12:57:53 BST 2022 


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
21dfe9df by Neil Williams at 2022-06-11T12:57:38+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3098,7 +3098,7 @@ CVE-2020-36525 (A vulnerability classified as problematic has been found in Link
 CVE-2020-36524 (A vulnerability was found in Refined Toolkit. It has been rated as pro ...)
 	NOT-FOR-US: Atlassian
 CVE-2020-36523 (A vulnerability was found in PlantUML 6.43. It has been declared as pr ...)
-	TODO: check
+	NOT-FOR-US: Atlassian PlantUML plugin
 CVE-2022-31749
 	RESERVED
 CVE-2022-31748
@@ -59539,7 +59539,7 @@ CVE-2021-37591
 CVE-2021-37590
 	RESERVED
 CVE-2021-37589 (Virtua Cobranca before 12R allows SQL Injection on the login page. ...)
-	TODO: check
+	NOT-FOR-US: Virtua Cobranca
 CVE-2021-37588 (In Charm 0.43, any two users can collude to achieve the ability to dec ...)
 	NOT-FOR-US: Charm
 CVE-2021-37587 (In Charm 0.43, any single user can decrypt DAC-MACS or MA-ABE-YJ14 dat ...)
@@ -67825,13 +67825,13 @@ CVE-2021-34085 (Read access violation in the III_dequantize_sample function in m
 	NOTE: Vulnerable code removed in https://sourceforge.net/p/mp3gain/code/ci/aea83203960fc6d3237b1ae38e8434ec8681b21a/ (v1.6.0)
 	NOTE: https://drive.google.com/drive/folders/1epm65c4_iC0zE5V_leoet4Jyk1Prz2p5?usp=sharing
 CVE-2021-34084 (OS command injection vulnerability in Turistforeningen node-s3-uploade ...)
-	TODO: check
+	NOT-FOR-US: Node s3-uploader
 CVE-2021-34083 (Google-it is a Node.js package which allows its users to send search q ...)
-	TODO: check
+	NOT-FOR-US: Node google-it
 CVE-2021-34082 (OS Command Injection vulnerability in allenhwkim proctree through 0.1. ...)
-	TODO: check
+	NOT-FOR-US: Node proctree
 CVE-2021-34081 (OS Command Injection vulnerability in bbultman gitsome through 0.2.3 a ...)
-	TODO: check
+	NOT-FOR-US: Node bbultman gitsome
 CVE-2021-34080 (OS Command Injection vulnerability in es128 ssl-utils 1.0.0 for Node.j ...)
 	TODO: check
 CVE-2021-34079 (OS Command injection vulnerability in Mintzo Docker-Tester through 1.2 ...)
@@ -69885,7 +69885,7 @@ CVE-2021-33256 (** DISPUTED ** A CSV injection vulnerability on the login panel
 CVE-2021-33255
 	RESERVED
 CVE-2021-33254 (An issue was discovered in src/http/httpLib.c in EmbedThis Appweb Comm ...)
-	TODO: check
+	NOT-FOR-US: AppWeb HTTP server
 CVE-2021-33253
 	RESERVED
 CVE-2021-33252



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21dfe9df1ad9609fcd63c757b67d8a12d224fc16

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21dfe9df1ad9609fcd63c757b67d8a12d224fc16
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220611/a0f562ba/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list