[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso Wed, 06 Jan 2021 12:18:34 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
97a25c68 by Salvatore Bonaccorso at 2021-01-06T21:18:01+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,21 +7,21 @@ CVE-2021-22696
 CVE-2020-36177 (RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has 
an out-o ...)
        TODO: check
 CVE-2020-36176 (The iThemes Security (formerly Better WP Security) plugin 
before 7.7.0 ...)
-       TODO: check
+       NOT-FOR-US: iThemes Security (formerly Better WP Security) plugin for 
WordPress
 CVE-2020-36175 (The Ninja Forms plugin before 3.4.27.1 for WordPress allows 
attackers  ...)
-       TODO: check
+       NOT-FOR-US: Ninja Forms plugin for WordPress
 CVE-2020-36174 (The Ninja Forms plugin before 3.4.27.1 for WordPress allows 
CSRF via s ...)
-       TODO: check
+       NOT-FOR-US: Ninja Forms plugin for WordPress
 CVE-2020-36173 (The Ninja Forms plugin before 3.4.28 for WordPress lacks 
escaping for  ...)
-       TODO: check
+       NOT-FOR-US: Ninja Forms plugin for WordPress
 CVE-2020-36172 (The Advanced Custom Fields plugin before 5.8.12 for WordPress 
mishandl ...)
-       TODO: check
+       NOT-FOR-US: Advanced Custom Fields plugin for WordPress
 CVE-2020-36171 (The Elementor Website Builder plugin before 3.0.14 for 
WordPress does  ...)
-       TODO: check
+       NOT-FOR-US: Elementor Website Builder plugin for WordPress
 CVE-2020-36170 (The Ultimate Member plugin before 2.1.13 for WordPress 
mishandles hidd ...)
-       TODO: check
+       NOT-FOR-US: Ultimate Member plugin for WordPress
 CVE-2012-10001 (The Limit Login Attempts plugin before 1.7.1 for WordPress 
does not cl ...)
-       TODO: check
+       NOT-FOR-US: Limit Login Attempts plugin for WordPress
 CVE-2021-3027
        RESERVED
 CVE-2021-3026 (Invision Community IPS Community Suite before 4.5.4.2 allows 
XSS durin ...)
@@ -74188,7 +74188,7 @@ CVE-2020-4338 (IBM MQ 9.1.4 could allow a local 
attacker to obtain sensitive inf
 CVE-2020-4337 (IBM API Connect 2018.4.1.0 through 2018.4.1.12 could allow an 
attacker ...)
        NOT-FOR-US: IBM
 CVE-2020-4336 (IBM WebSphere eXtreme Scale 8.6.1 stores sensitive information 
in URL  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2020-4335
        RESERVED
 CVE-2020-4334



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97a25c68b944a96917c0eba438fb90bb1341385c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97a25c68b944a96917c0eba438fb90bb1341385c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to