Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
30e1cfce by Salvatore Bonaccorso at 2021-01-29T09:22:26+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11,7 +11,7 @@ CVE-2021-3339
CVE-2021-3338
RESERVED
CVE-2021-3337 (The Hide-Thread-Content plugin through 2021-01-27 for MyBB
allows remo ...)
- TODO: check
+ NOT-FOR-US: MyBB
CVE-2021-3336 (DoTls13CertificateVerify in tls13.c in wolfSSL through 4.6.0
does not ...)
- wolfssl <unfixed>
NOTE: https://github.com/wolfSSL/wolfssl/pull/3676
@@ -24,9 +24,9 @@ CVE-2021-26306 (An issue was discovered in the raw-cpuid
crate before 9.0.0 for
CVE-2021-26305 (An issue was discovered in Deserializer::read_vec in the cdr
crate bef ...)
TODO: check
CVE-2021-26304 (PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to
stored XS ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Daily Expense Tracker System
CVE-2021-26303 (PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to
stored XS ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul Daily Expense Tracker System
CVE-2021-26302
RESERVED
CVE-2021-26301
@@ -2504,7 +2504,7 @@ CVE-2021-3177 (Python 3.x through 3.9.1 has a buffer
overflow in PyCArg_repr in
NOTE:
https://github.com/python/cpython/commit/d9b8f138b7df3b455b54653ca59f491b4840d6fa
(3.7)
NOTE:
https://github.com/python/cpython/commit/34df10a9a16b38d54421eeeaf73ec89828563be7
(3.6)
CVE-2021-3176 (The chat window of the Mitel BusinessCTI Enterprise (MBC-E)
Client for ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2021-3175
RESERVED
CVE-2021-25312 (HTCondor before 8.9.11 allows a user to submit a job as
another user o ...)
@@ -2618,7 +2618,7 @@ CVE-2021-3162 (Docker Desktop Community before 2.5.0.0 on
macOS mishandles certi
CVE-2021-3161
RESERVED
CVE-2021-3160 (Deserialization of untrusted data in the login page of ASSUWEB
359.3 b ...)
- TODO: check
+ NOT-FOR-US: ACA
CVE-2021-25280
RESERVED
CVE-2021-25279
@@ -10635,7 +10635,7 @@ CVE-2020-36117
CVE-2020-36116
RESERVED
CVE-2020-36115 (Stored Cross Site Scripting (XSS) vulnerability in EGavilan
Media CRUD ...)
- TODO: check
+ NOT-FOR-US: EGavilan
CVE-2020-36114
RESERVED
CVE-2020-36113
@@ -11568,7 +11568,7 @@ CVE-2020-35756
CVE-2020-35755
RESERVED
CVE-2020-35754 (OpenSolution Quick.CMS < 6.7 and Quick.Cart < 6.7 allow
an authe ...)
- TODO: check
+ NOT-FOR-US: OpenSolution Quick.CMS
CVE-2020-35753 (The job posting recommendation form in Persis Human Resource
Managemen ...)
NOT-FOR-US: Persis Human Resource Management Portal
CVE-2020-35752
@@ -14926,7 +14926,7 @@ CVE-2021-20067
CVE-2021-20066
RESERVED
CVE-2020-35547 (A library index page in NuPoint Messenger in Mitel MiCollab
before 9.2 ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2020-35546
RESERVED
CVE-2020-35545 (Time-based SQL injection exists in Spotweb 1.4.9 via the query
string. ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30e1cfcef985d1b23cb149d3a785fbf14485d7a8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30e1cfcef985d1b23cb149d3a785fbf14485d7a8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
