[Git][security-tracker-team/security-tracker][master] Process NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
0d191180 by Salvatore Bonaccorso at 2021-01-28T21:19:57+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -61,7 +61,7 @@ CVE-2021-26278
 CVE-2021-26277
        RESERVED
 CVE-2021-26276 (** DISPUTED ** scripts/cli.js in the GoDaddy 
node-config-shield (aka C ...)
-       TODO: check
+       NOT-FOR-US: GoDaddy node-config-shield
 CVE-2021-26275
        RESERVED
 CVE-2020-36240
@@ -1724,7 +1724,7 @@ CVE-2021-25649
 CVE-2021-25648
        RESERVED
 CVE-2021-25647 (Mobile application "Testes de Codigo" v11.3 and prior allows 
stored XS ...)
-       TODO: check
+       NOT-FOR-US: Mobile application "Testes de Codigo"
 CVE-2021-25646
        RESERVED
 CVE-2019-25014
@@ -7569,9 +7569,9 @@ CVE-2021-22877
 CVE-2021-22876
        RESERVED
 CVE-2021-22875 (Revive Adserver before 5.1.1 is vulnerable to a reflected XSS 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: Revive Adserver
 CVE-2021-22874 (Revive Adserver before 5.1.1 is vulnerable to a reflected XSS 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: Revive Adserver
 CVE-2021-22873 (Revive Adserver before 5.1.0 is vulnerable to open redirects 
via the ` ...)
        NOT-FOR-US: Revive Adserver
 CVE-2021-22872 (Revive Adserver before 5.1.0 is vulnerable to a reflected 
cross-site s ...)
@@ -13738,11 +13738,11 @@ CVE-2021-20624
 CVE-2021-20623
        RESERVED
 CVE-2021-20622 (Cross-site scripting vulnerability in Aterm WG2600HP firmware 
Ver1.0.2 ...)
-       TODO: check
+       NOT-FOR-US: Aterm WG2600HP firmware
 CVE-2021-20621 (Cross-site request forgery (CSRF) vulnerability in Aterm 
WG2600HP firm ...)
-       TODO: check
+       NOT-FOR-US: Aterm WG2600HP firmware
 CVE-2021-20620 (Cross-site scripting vulnerability in Aterm WF800HP firmware 
Ver1.0.9  ...)
-       TODO: check
+       NOT-FOR-US: Aterm WF800HP firmware
 CVE-2021-20619 (Cross-site scripting vulnerability in GROWI (v4.2 Series) 
versions pri ...)
        NOT-FOR-US: GROWI
 CVE-2021-20618 (Privilege chaining vulnerability in acmailer ver. 4.0.2 and 
earlier, a ...)
@@ -16012,7 +16012,7 @@ CVE-2020-35126 (** DISPUTED ** Typesetter CMS 5.x 
through 5.1 allows admins to c
 CVE-2020-35125
        RESERVED
 CVE-2020-35124 (A cross-site scripting (XSS) vulnerability in the assets 
component of  ...)
-       TODO: check
+       NOT-FOR-US: Mautic
 CVE-2020-35123 (In Zimbra Collaboration Suite Network Edition versions < 
9.0.0 P10  ...)
        NOT-FOR-US: Zimbra Collaboration Suite (ZCS)
 CVE-2020-35122 (An issue was discovered in the Keysight Database Connector 
plugin befo ...)
@@ -34732,11 +34732,11 @@ CVE-2020-23778
 CVE-2020-23777
        RESERVED
 CVE-2020-23776 (A SSRF vulnerability exists in Winmail 6.5 in app.php in the 
key param ...)
-       TODO: check
+       NOT-FOR-US: Winmail
 CVE-2020-23775
        RESERVED
 CVE-2020-23774 (A reflected XSS vulnerability exists in tohtml/convert.php of 
Winmail  ...)
-       TODO: check
+       NOT-FOR-US: Winmail
 CVE-2020-23773
        RESERVED
 CVE-2020-23772
@@ -81401,7 +81401,7 @@ CVE-2020-4890
 CVE-2020-4889 (IBM Spectrum Scale 5.0.0 through 5.0.5.4 and 5.1.0 could allow 
a local ...)
        NOT-FOR-US: IBM
 CVE-2020-4888 (IBM QRadar SIEM 7.4.0 to 7.4.2 Patch 1 and 7.3.0 to 7.3.3 Patch 
7 coul ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2020-4887 (IBM AIX 7.1, 7.2 and AIX VIOS 3.1 could allow a local user to 
exploit  ...)
        NOT-FOR-US: IBM
 CVE-2020-4886 (IBM InfoSphere Information Server 11.7 stores sensitive 
information in ...)
@@ -81816,7 +81816,7 @@ CVE-2020-4684
 CVE-2020-4683
        RESERVED
 CVE-2020-4682 (IBM MQ 7.5, 8.0, 9.0, 9.1, 9.2 LTS, and 9.2 CD could allow a 
remote at ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2020-4681 (IBM Security Guardium 11.2 is vulnerable to cross-site 
scripting. This ...)
        NOT-FOR-US: IBM
 CVE-2020-4680 (IBM Security Guardium 11.2 is vulnerable to cross-site 
scripting. This ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d1911802f52b2b552fa14f6b7927d963f7bd245

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d1911802f52b2b552fa14f6b7927d963f7bd245
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits