[Git][security-tracker-team/security-tracker][master] Process some NFUs

Fri, 02 Apr 2021 14:04:34 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d7d978a8 by Salvatore Bonaccorso at 2021-04-02T23:03:54+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -977,9 +977,9 @@ CVE-2020-36286 (The membersOf JQL search function in Jira 
Server and Data Center
 CVE-2021-29663 (CourseMS (aka Course Registration Management System) 2.1 is 
affected b ...)
        NOT-FOR-US: CourseMS (aka Course Registration Management System)
 CVE-2021-29661 (Softing AG OPC Toolbox through 4.10.1.13035 allows 
/en/diag_values.htm ...)
-       TODO: check
+       NOT-FOR-US: Softing AG OPC Toolbox
 CVE-2021-29660 (A Cross-Site Request Forgery (CSRF) vulnerability in 
en/cfg_setpwd.htm ...)
-       TODO: check
+       NOT-FOR-US: Softing AG OPC Toolbox
 CVE-2021-29659
        RESERVED
 CVE-2021-29658 (The unofficial vscode-rufo extension before 0.0.4 for Visual 
Studio Co ...)
@@ -2406,9 +2406,9 @@ CVE-2021-29014
 CVE-2021-29013
        RESERVED
 CVE-2021-29012 (DMA Softlab Radius Manager 4.4.0 assigns the same session 
cookie to ev ...)
-       TODO: check
+       NOT-FOR-US: DMA Softlab Radius Manager
 CVE-2021-29011 (DMA Softlab Radius Manager 4.4.0 is affected by Cross Site 
Scripting ( ...)
-       TODO: check
+       NOT-FOR-US: DMA Softlab Radius Manager
 CVE-2021-29010 (A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows 
remote at ...)
        NOT-FOR-US: SEO Panel
 CVE-2021-29009 (A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows 
remote at ...)
@@ -4425,7 +4425,7 @@ CVE-2021-28115 (The OUGC Feedback plugin before 1.8.23 
for MyBB allows XSS via t
 CVE-2021-28114
        RESERVED
 CVE-2021-28113 (A command injection vulnerability in the cookieDomain and 
relayDomain  ...)
-       TODO: check
+       NOT-FOR-US: Okta Access Gateway
 CVE-2021-28112
        RESERVED
 CVE-2021-28111
@@ -8122,7 +8122,7 @@ CVE-2021-3376
 CVE-2021-3375 (ActivePresenter 6.1.6 is affected by a memory corruption 
vulnerability ...)
        NOT-FOR-US: ActivePresenter
 CVE-2021-3374 (Directory traversal in RStudio Shiny Server before 1.5.16 
allows attac ...)
-       TODO: check
+       NOT-FOR-US: RStudio Shiny Server
 CVE-2021-3373
        RESERVED
 CVE-2021-3372
@@ -9948,9 +9948,9 @@ CVE-2021-25896
 CVE-2021-25895
        RESERVED
 CVE-2021-25894 (Magnolia CMS contains a stored cross-site scripting (XSS) 
vulnerabilit ...)
-       TODO: check
+       NOT-FOR-US: Magnolia CMS
 CVE-2021-25893 (Magnolia CMS From 6.1.3 to 6.2.3 contains a stored cross-site 
scriptin ...)
-       TODO: check
+       NOT-FOR-US: Magnolia CMS
 CVE-2021-25892
        RESERVED
 CVE-2021-25891



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7d978a8482fa4e256f6a9b9d73367dd88765b04

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7d978a8482fa4e256f6a9b9d73367dd88765b04
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to