[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue May 9 12:03:27 BST 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
13a20789 by Moritz Muehlenhoff at 2023-05-09T13:03:05+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1648,7 +1648,7 @@ CVE-2023-30846 (typed-rest-client is a library for Node Rest and Http Clients wi
 CVE-2023-30845 (ESPv2 is a service proxy that provides API management capabilities usi ...)
 	NOT-FOR-US: ESPv2
 CVE-2023-30844 (Mutagen provides real-time file synchronization and flexible network f ...)
-	TODO: check
+	NOT-FOR-US: mutagen.io (different from src:mutagen)
 CVE-2023-30843 (Payload is a free and open source headless content management system.  ...)
 	NOT-FOR-US: Payload
 CVE-2023-30842
@@ -113833,7 +113833,7 @@ CVE-2021-44285
 CVE-2021-44284
 	RESERVED
 CVE-2021-44283 (A buffer overflow in the component /Enclave.cpp of Electronics and Tel ...)
-	TODO: check
+	NOT-FOR-US: ShieldStore
 CVE-2021-44282
 	RESERVED
 CVE-2021-44281
@@ -161373,7 +161373,7 @@ CVE-2021-27282
 CVE-2021-27281
 	RESERVED
 CVE-2021-27280 (OS Command injection vulnerability in mblog 3.5.0 allows attackers to  ...)
-	TODO: check
+	NOT-FOR-US: mblog
 CVE-2021-27279 (MyBB before 1.8.25 allows stored XSS via nested [email] tags with MyCo ...)
 	NOT-FOR-US: MyBB
 CVE-2021-27278 (This vulnerability allows local attackers to escalate privileges on af ...)
@@ -207696,7 +207696,7 @@ CVE-2020-21040
 CVE-2020-21039
 	RESERVED
 CVE-2020-21038 (Open redirect vulnerability in typecho 1.1-17.10.30-release via the re ...)
-	TODO: check
+	NOT-FOR-US: typecho
 CVE-2020-21037
 	RESERVED
 CVE-2020-21036
@@ -210567,7 +210567,7 @@ CVE-2020-19662
 CVE-2020-19661
 	RESERVED
 CVE-2020-19660 (Cross Site Scripting (XSS) pandao editor.md 1.5.0 allows attackers to  ...)
-	TODO: check
+	NOT-FOR-US: pandao editor.md
 CVE-2020-19659
 	RESERVED
 CVE-2020-19658
@@ -213452,7 +213452,7 @@ CVE-2020-18284
 CVE-2020-18283
 	RESERVED
 CVE-2020-18282 (Cross-site scripting (XSS) vulnerability in NoneCms 1.3.0 allows remot ...)
-	TODO: check
+	NOT-FOR-US: NoneCms
 CVE-2020-18281
 	RESERVED
 CVE-2020-18280
@@ -213758,9 +213758,9 @@ CVE-2020-18134
 CVE-2020-18133
 	RESERVED
 CVE-2020-18132 (Cross Site Scripting (XSS) vulnerability in MIPCMS 3.6.0 allows attack ...)
-	TODO: check
+	NOT-FOR-US: MIPCMS
 CVE-2020-18131 (Cross Site Request Forgery (CSRF) vulnerability in Bluethrust Clan Scr ...)
-	TODO: check
+	NOT-FOR-US: Bluethrust Clan Scripts
 CVE-2020-18130
 	RESERVED
 CVE-2020-18129 (A CSRF vulnerability in Eyoucms v1.2.7 allows an attacker to add an ad ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13a20789b1a45f63bb70881c28282f4f103c337a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13a20789b1a45f63bb70881c28282f4f103c337a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230509/04fd4292/attachment.htm>

More information about the debian-security-tracker-commits mailing list