[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso Wed, 21 Apr 2021 21:17:52 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
c41404ea by Salvatore Bonaccorso at 2021-04-22T06:16:40+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -434,11 +434,11 @@ CVE-2021-31331
 CVE-2021-31330
        RESERVED
 CVE-2021-31329 (Cross Site Scripting (XSS) in Remote Clinic v2.0 via the 
"Chat" and "P ...)
-       TODO: check
+       NOT-FOR-US: Remote Clinic
 CVE-2021-31328
        RESERVED
 CVE-2021-31327 (Stored XSS in Remote Clinic v2.0 in /medicines due to Medicine 
Name Fi ...)
-       TODO: check
+       NOT-FOR-US: Remote Clinic
 CVE-2021-31326
        RESERVED
 CVE-2021-31325
@@ -3056,7 +3056,7 @@ CVE-2021-30141 (** DISPUTED ** 
Module/Settings/UserExport.php in Friendica throu
 CVE-2021-30140 (LiquidFiles 3.4.15 has stored XSS through the "send email" 
functionali ...)
        NOT-FOR-US: LiquidFiles
 CVE-2021-30139 (In Alpine Linux apk-tools before 2.12.5, the tarball parser 
allows a b ...)
-       TODO: check
+       NOT-FOR-US: Alpine Linux apk-tools
 CVE-2021-30138
        REJECTED
 CVE-2021-30137
@@ -4583,7 +4583,7 @@ CVE-2021-29457 (Exiv2 is a command-line utility and C++ 
library for reading, wri
        NOTE: https://github.com/Exiv2/exiv2/issues/1529
        NOTE: https://github.com/Exiv2/exiv2/pull/1534
 CVE-2021-29456 (Authelia is an open-source authentication and authorization 
server pro ...)
-       TODO: check
+       NOT-FOR-US: Authelia
 CVE-2021-29455 (Grassroot Platform is an application to make it faster, 
cheaper and ea ...)
        NOT-FOR-US: Grassroot Platform
 CVE-2021-29454
@@ -28654,7 +28654,7 @@ CVE-2020-35316
 CVE-2020-35315
        RESERVED
 CVE-2020-35314 (An OS command injection vulnerability in the 
installUpdateThemePluginA ...)
-       TODO: check
+       NOT-FOR-US: WonderCMS
 CVE-2020-35313 (A server-side request forgery (SSRF) vulnerability in the 
addCustomThe ...)
        NOT-FOR-US: WonderCMS
 CVE-2020-35312
@@ -32598,7 +32598,7 @@ CVE-2020-28984 
(prive/formulaires/configurer_preferences.php in SPIP before 3.2.
 CVE-2020-28975 (** DISPUTED ** svm_predict_values in svm.cpp in Libsvm v324, 
as used i ...)
        NOTE: disputed libsvm non issue
 CVE-2020-28973 (The ABUS Secvest wireless alarm system FUAA50000 (v3.01.17) 
fails to p ...)
-       TODO: check
+       NOT-FOR-US: ABUS Secvest wireless alarm system FUAA50000
 CVE-2020-28972 (In SaltStack Salt before 3002.5, authentication to VMware 
vcenter, vsp ...)
        - salt 3002.5+dfsg1-1 (bug #983632)
        NOTE: 
https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
@@ -47928,7 +47928,7 @@ CVE-2020-23914 (An issue was discovered in cpp-peglib 
through v0.1.12. A NULL po
 CVE-2020-23913
        RESERVED
 CVE-2020-23912 (An issue was discovered in Bento4 through v1.6.0-637. A NULL 
pointer d ...)
-       TODO: check
+       NOT-FOR-US: Bento4
 CVE-2020-23911
        RESERVED
 CVE-2020-23910



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c41404ea61f01dc1f223e5d77123c02a1f7fe050

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c41404ea61f01dc1f223e5d77123c02a1f7fe050
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to