[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso Thu, 04 Mar 2021 12:24:37 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
8c99b474 by Salvatore Bonaccorso at 2021-03-04T21:21:25+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4437,11 +4437,11 @@ CVE-2021-26031
 CVE-2021-26030
        RESERVED
 CVE-2021-26029 (An issue was discovered in Joomla! 1.6.0 through 3.9.24. 
Inadequate fi ...)
-       TODO: check
+       NOT-FOR-US: Joomla!
 CVE-2021-26028 (An issue was discovered in Joomla! 3.0.0 through 3.9.24. 
Extracting an ...)
-       TODO: check
+       NOT-FOR-US: Joomla!
 CVE-2021-26027 (An issue was discovered in Joomla! 3.0.0 through 3.9.24. 
Incorrect ACL ...)
-       TODO: check
+       NOT-FOR-US: Joomla!
 CVE-2021-3287
        RESERVED
 CVE-2021-26026 (PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 
has a Use ...)
@@ -10932,19 +10932,19 @@ CVE-2021-23134
 CVE-2021-23133
        RESERVED
 CVE-2021-23132 (An issue was discovered in Joomla! 3.0.0 through 3.9.24. 
com_media all ...)
-       TODO: check
+       NOT-FOR-US: Joomla!
 CVE-2021-23131 (An issue was discovered in Joomla! 3.2.0 through 3.9.24. 
Missing input ...)
-       TODO: check
+       NOT-FOR-US: Joomla!
 CVE-2021-23130 (An issue was discovered in Joomla! 2.5.0 through 3.9.24. 
Missing filte ...)
-       TODO: check
+       NOT-FOR-US: Joomla!
 CVE-2021-23129 (An issue was discovered in Joomla! 2.5.0 through 3.9.24. 
Missing filte ...)
-       TODO: check
+       NOT-FOR-US: Joomla!
 CVE-2021-23128 (An issue was discovered in Joomla! 3.2.0 through 3.9.24. The 
core ship ...)
-       TODO: check
+       NOT-FOR-US: Joomla!
 CVE-2021-23127 (An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage 
of an i ...)
-       TODO: check
+       NOT-FOR-US: Joomla!
 CVE-2021-23126 (An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage 
of the  ...)
-       TODO: check
+       NOT-FOR-US: Joomla!
 CVE-2021-23125 (An issue was discovered in Joomla! 3.1.0 through 3.9.23. The 
lack of e ...)
        NOT-FOR-US: Joomla!
 CVE-2021-23124 (An issue was discovered in Joomla! 3.9.0 through 3.9.23. The 
lack of e ...)
@@ -13140,7 +13140,7 @@ CVE-2021-22130
 CVE-2021-22129
        RESERVED
 CVE-2021-22128 (An improper access control vulnerability in FortiProxy SSL VPN 
portal  ...)
-       TODO: check
+       NOT-FOR-US: FortiProxy SSL VPN portal
 CVE-2021-22127
        RESERVED
 CVE-2021-22126
@@ -18373,9 +18373,9 @@ CVE-2021-20353 (IBM WebSphere Application Server 7.0, 
8.0, 8.5, and 9.0 is vulne
 CVE-2021-20352
        RESERVED
 CVE-2021-20351 (IBM Engineering products are vulnerable to cross-site 
scripting. This  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-20350 (IBM Engineering products are vulnerable to cross-site 
scripting. This  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-20349
        RESERVED
 CVE-2021-20348
@@ -18395,7 +18395,7 @@ CVE-2021-20342
 CVE-2021-20341
        RESERVED
 CVE-2021-20340 (IBM Engineering products are vulnerable to cross-site 
scripting. This  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-20339
        RESERVED
 CVE-2021-20338
@@ -19918,11 +19918,11 @@ CVE-2020-35331
 CVE-2020-35330
        RESERVED
 CVE-2020-35329 (Courier Management System 1.0 1.0 is affected by SQL Injection 
via 'MU ...)
-       TODO: check
+       NOT-FOR-US: Courier Management System
 CVE-2020-35328 (Courier Management System 1.0 - 'First Name' Stored XSS ...)
-       TODO: check
+       NOT-FOR-US: Courier Management System
 CVE-2020-35327 (SQL injection vulnerability was discovered in Courier 
Management Syste ...)
-       TODO: check
+       NOT-FOR-US: Courier Management System
 CVE-2020-35326
        RESERVED
 CVE-2020-35325
@@ -25651,7 +25651,7 @@ CVE-2020-28599 (A stack-based buffer overflow 
vulnerability exists in the import
 CVE-2020-28598
        RESERVED
 CVE-2020-28597 (A predictable seed vulnerability exists in the password reset 
function ...)
-       TODO: check
+       NOT-FOR-US: Epignosis EfrontPro
 CVE-2020-28596 (A stack-based buffer overflow vulnerability exists in the 
Objparser::o ...)
        NOT-FOR-US: PrusaSlicer
 CVE-2020-28595 (An out-of-bounds write vulnerability exists in the Obj.cpp 
load_obj()  ...)
@@ -38644,7 +38644,7 @@ CVE-2020-24038
 CVE-2020-24037
        RESERVED
 CVE-2020-24036 (PHP object injection in the Ajax endpoint of the backend in 
ForkCMS be ...)
-       TODO: check
+       NOT-FOR-US: ForkCMS
 CVE-2020-24035
        RESERVED
 CVE-2020-24034 (Sagemcom F@ST 5280 routers using firmware version 1.150.61 
have insecu ...)
@@ -55348,9 +55348,9 @@ CVE-2020-15940
 CVE-2020-15939
        RESERVED
 CVE-2020-15938 (When traffic other than HTTP/S (eg: SSH traffic, etc...) 
traverses the ...)
-       TODO: check
+       NOT-FOR-US: FortiGate FortiGuard
 CVE-2020-15937 (An improper neutralization of input vulnerability in FortiGate 
version ...)
-       TODO: check
+       NOT-FOR-US: FortiGate FortiGuard
 CVE-2020-15936
        RESERVED
 CVE-2020-15935
@@ -85752,7 +85752,7 @@ CVE-2020-4977
 CVE-2020-4976
        RESERVED
 CVE-2020-4975 (IBM Engineering products are vulnerable to cross-site 
scripting. This  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2020-4974
        RESERVED
 CVE-2020-4973
@@ -85970,13 +85970,13 @@ CVE-2020-4868
 CVE-2020-4867
        RESERVED
 CVE-2020-4866 (IBM Engineering products are vulnerable to cross-site 
scripting. This  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2020-4865 (IBM Jazz Foundation products is vulnerable to cross-site 
scripting. Th ...)
        NOT-FOR-US: IBM
 CVE-2020-4864 (IBM Resilient SOAR V38.0 could allow an attacker on the 
internal net w ...)
        NOT-FOR-US: IBM
 CVE-2020-4863 (IBM Engineering products are vulnerable to stored cross-site 
scripting ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2020-4862
        RESERVED
 CVE-2020-4861
@@ -85988,9 +85988,9 @@ CVE-2020-4859
 CVE-2020-4858
        RESERVED
 CVE-2020-4857 (IBM Engineering products are vulnerable to stored cross-site 
scripting ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2020-4856 (IBM Engineering products are vulnerable to stored cross-site 
scripting ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2020-4855 (IBM Jazz Foundation products is vulnerable to cross-site 
scripting. Th ...)
        NOT-FOR-US: IBM
 CVE-2020-4854 (IBM Spectrum Protect Plus 10.1.0 thorugh 10.1.6 contains 
hard-coded cr ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c99b474b4c57bd22ba4aa8d9f3036f0589564be

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c99b474b4c57bd22ba4aa8d9f3036f0589564be
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to