[Git][security-tracker-team/security-tracker][master] Process some NFUs

Neil Williams (@codehelp) codehelp at debian.org
Fri Mar 25 09:31:16 GMT 2022 


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
80ae626b by Neil Williams at 2022-03-25T09:30:51+00:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -26100,7 +26100,7 @@ CVE-2021-43652
 CVE-2021-43651
 	RESERVED
 CVE-2021-43650 (WebRun 3.6.0.42 is vulnerable to SQL Injection via the P_0 parameter u ...)
-	TODO: check
+	NOT-FOR-US: WebRun - Windows only
 CVE-2021-43649
 	RESERVED
 CVE-2021-43648
@@ -28635,7 +28635,7 @@ CVE-2021-43086 (ARM astcenc 3.2.0 is vulnerable to Buffer Overflow. When the com
 CVE-2021-43085 (An Insecure Permissions vulnerability exists in the OpenSSL Project 3. ...)
 	TODO: check
 CVE-2021-43084 (An SQL Injection vulnerability exists in Dreamer CMS 4.0.0 via the tab ...)
-	TODO: check
+	NOT-FOR-US: Dreamer CMS
 CVE-2021-3916 (bookstack is vulnerable to Improper Limitation of a Pathname to a Rest ...)
 	NOT-FOR-US: bookstack
 CVE-2015-10001 (The WP-Stats WordPress plugin before 2.52 does not have CSRF check whe ...)
@@ -32017,7 +32017,7 @@ CVE-2021-42196
 CVE-2021-42195
 	RESERVED
 CVE-2021-42194 (The wechat_return function in /controller/Index.php of EyouCms V1.5.4- ...)
-	TODO: check
+	NOT-FOR-US: Eyoucms
 CVE-2021-42193
 	RESERVED
 CVE-2021-42192
@@ -38703,7 +38703,7 @@ CVE-2021-39493
 CVE-2021-39492
 	RESERVED
 CVE-2021-39491 (A Cross Site Scripting (XSS) vulnerability exists in Yogesh Ojha reNgi ...)
-	TODO: check
+	NOT-FOR-US: reNgine
 CVE-2021-39490
 	RESERVED
 CVE-2021-39489
@@ -128076,7 +128076,7 @@ CVE-2020-15389 (jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-f
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1261
 	NOTE: https://github.com/uclouvain/openjpeg/commit/e8e258ab049240c2dd1f1051b4e773b21e2d3dc0 (v2.4.0)
 CVE-2020-15388 (A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0 ...)
-	TODO: check
+	NOT-FOR-US: Brocade
 CVE-2020-15387 (The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7. ...)
 	NOT-FOR-US: Brocade
 CVE-2020-15386 (Brocade Fabric OS prior to v9.0.1a and 8.2.3a and after v9.0.0 and 8.2 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80ae626b4db15bc6411395c9f1035d4cd2f02a71

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80ae626b4db15bc6411395c9f1035d4cd2f02a71
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220325/95a7e3a9/attachment.htm>

More information about the debian-security-tracker-commits mailing list