[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Tue, 01 Jun 2021 13:31:08 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
22e08550 by Salvatore Bonaccorso at 2021-06-01T22:30:39+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11137,7 +11137,7 @@ CVE-2021-3461
        RESERVED
        NOT-FOR-US: Keycloak
 CVE-2021-29092 (Unrestricted upload of file with dangerous type vulnerability 
in file  ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2021-29091
        RESERVED
 CVE-2021-29090
@@ -11145,7 +11145,7 @@ CVE-2021-29090
 CVE-2021-29089
        RESERVED
 CVE-2021-29088 (Improper limitation of a pathname to a restricted directory 
('Path Tra ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2021-29087
        RESERVED
 CVE-2021-29086
@@ -14197,7 +14197,7 @@ CVE-2021-27830
 CVE-2021-27829
        RESERVED
 CVE-2021-27828 (SQL injection in In4Suite ERP 3.2.74.1370 allows attackers to 
modify o ...)
-       TODO: check
+       NOT-FOR-US: In4Suite ERP
 CVE-2021-27827
        RESERVED
 CVE-2021-27826
@@ -18669,7 +18669,7 @@ CVE-2021-25934 (In OpenNMS Horizon, versions 
opennms-18.0.0-1 through opennms-27
 CVE-2021-25933 (In OpenNMS Horizon, versions opennms-1-0-stable through 
opennms-27.1.0 ...)
        NOT-FOR-US: OpenNMS
 CVE-2021-25932 (In OpenNMS Horizon, versions opennms-1-0-stable through 
opennms-27.1.0 ...)
-       TODO: check
+       NOT-FOR-US: OpenNMS
 CVE-2021-25931 (In OpenNMS Horizon, versions opennms-1-0-stable through 
opennms-27.1.0 ...)
        NOT-FOR-US: OpenNMS
 CVE-2021-25930 (In OpenNMS Horizon, versions opennms-1-0-stable through 
opennms-27.1.0 ...)
@@ -22415,21 +22415,21 @@ CVE-2021-24337
 CVE-2021-24336
        RESERVED
 CVE-2021-24335 (The Car Repair Services &amp; Auto Mechanic WordPress theme 
before 4.0 ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2021-24334 (The Instant Images &#8211; One Click Unsplash Uploads 
WordPress plugin ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24333 (The Content Copy Protection &amp; Prevent Image Save WordPress 
plugin  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24332 (The Autoptimize WordPress plugin before 2.8.4 was missing 
proper escap ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24331 (The Smooth Scroll Page Up/Down Buttons WordPress plugin before 
1.4 did ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24330 (The Funnel Builder by CartFlows &#8211; Create High Converting 
Sales F ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24329 (The WP Super Cache WordPress plugin before 1.7.3 did not 
properly sani ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24328 (The WP Login Security and History WordPress plugin through 1.0 
did not ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24327 (The SEO Redirection Plugin &#8211; 301 Redirect Manager 
WordPress plug ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24326 (The tab parameter of the settings page of the All 404 Redirect 
to Home ...)
@@ -22441,33 +22441,33 @@ CVE-2021-24324 (The 404 SEO Redirection WordPress 
plugin through 1.3 is lacking
 CVE-2021-24323 (When taxes are enabled, the "Additional tax classes" field was 
not pro ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24322 (The Database Backup for WordPress plugin before 2.4 did not 
escape the ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24321 (The Bello - Directory &amp; Listing WordPress theme before 
1.6.0 did n ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2021-24320 (The Bello - Directory &amp; Listing WordPress theme before 
1.6.0 did n ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2021-24319 (The Bello - Directory &amp; Listing WordPress theme before 
1.6.0 did n ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2021-24318 (The Listeo WordPress theme before 1.6.11 did not ensure that 
the Post/ ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2021-24317 (The Listeo WordPress theme before 1.6.11 did not properly 
sanitise som ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2021-24316 (The search feature of the Mediumish WordPress theme through 
1.0.47 doe ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2021-24315 (The GiveWP &#8211; Donation Plugin and Fundraising Platform 
WordPress  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24314 (The Goto WordPress theme before 2.1 did not sanitise, validate 
of esca ...)
        NOT-FOR-US: WordPress theme
 CVE-2021-24313 (The WP Prayer WordPress plugin before 1.6.2 provides the 
functionality ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24312 (The parameters $cache_path, $wp_cache_debug_ip, 
$wp_super_cache_front_ ...)
        TODO: check
 CVE-2021-24311 (The wp_ajax_upload-remote-file AJAX action of the External 
Media WordP ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24310 (The Photo Gallery by 10Web - Mobile-Friendly Image Gallery 
WordPress p ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24309 (The "Schedule Name" input in the Weekly Schedule WordPress 
plugin befo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24308 (The 'State' field of the Edit profile page of the LMS by 
LifterLMS &#8 ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24307 (The All in One SEO &#8211; Best WordPress SEO Plugin &#8211; 
Easily Im ...)
@@ -47360,7 +47360,7 @@ CVE-2020-26695
 CVE-2020-26694
        RESERVED
 CVE-2020-26693 (A stored cross-site scripting (XSS) vulnerability was 
discovered in pf ...)
-       TODO: check
+       NOT-FOR-US: pfSense
 CVE-2020-26692
        RESERVED
 CVE-2020-26691
@@ -47410,11 +47410,11 @@ CVE-2020-26672 (Testimonial Rotator Wordpress Plugin 
3.0.2 is affected by Cross
 CVE-2020-26671
        RESERVED
 CVE-2020-26670 (A vulnerability has been discovered in BigTree CMS 4.4.10 and 
earlier  ...)
-       TODO: check
+       NOT-FOR-US: BigTree CMS
 CVE-2020-26669 (A stored cross-site scripting (XSS) vulnerability was 
discovered in Bi ...)
-       TODO: check
+       NOT-FOR-US: BigTree CMS
 CVE-2020-26668 (A SQL injection vulnerability was discovered in 
/core/feeds/custom.php ...)
-       TODO: check
+       NOT-FOR-US: BigTree CMS
 CVE-2020-26667
        RESERVED
 CVE-2020-26666



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/22e085502a4773f2f9e55d5f0c8fcf01a5e0fa69

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/22e085502a4773f2f9e55d5f0c8fcf01a5e0fa69
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to