[Git][security-tracker-team/security-tracker][master] Process NFUs

Tue, 22 Jun 2021 13:28:06 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1dbda634 by Salvatore Bonaccorso at 2021-06-22T22:27:33+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -357,9 +357,9 @@ CVE-2021-35048
 CVE-2021-35047
        RESERVED
 CVE-2021-35046 (A session fixation vulnerability was discovered in Ice Hrm 
29.0.0 OS w ...)
-       TODO: check
+       NOT-FOR-US: Ice Hrm
 CVE-2021-35045 (Cross site scripting (XSS) vulnerability in Ice Hrm 29.0.0.OS, 
allows  ...)
-       TODO: check
+       NOT-FOR-US: Ice Hrm
 CVE-2021-35044
        RESERVED
 CVE-2021-35043
@@ -2131,9 +2131,9 @@ CVE-2021-34246
 CVE-2021-34245
        RESERVED
 CVE-2021-34244 (A cross site request forgery (CSRF) vulnerability was 
discovered in Ic ...)
-       TODO: check
+       NOT-FOR-US: Ice Hrm
 CVE-2021-34243 (A stored cross site scripting (XSS) vulnerability was 
discovered in Ic ...)
-       TODO: check
+       NOT-FOR-US: Ice Hrm
 CVE-2021-34242
        RESERVED
 CVE-2021-34241
@@ -25806,7 +25806,7 @@ CVE-2021-24385
 CVE-2021-24384
        RESERVED
 CVE-2021-24383 (The WP Google Maps WordPress plugin before 8.1.12 did not 
sanitise, va ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24382 (The Smart Slider 3 Free and pro WordPress plugins before 
3.5.0.9 did n ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24381
@@ -25814,43 +25814,43 @@ CVE-2021-24381
 CVE-2021-24380
        RESERVED
 CVE-2021-24379 (The Comments Like Dislike WordPress plugin before 1.1.4 allows 
users t ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24378 (The Autoptimize WordPress plugin before 2.7.8 does not check 
for malic ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24377 (The Autoptimize WordPress plugin before 2.7.8 attempts to 
remove poten ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24376 (The Autoptimize WordPress plugin before 2.7.8 attempts to 
delete malic ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24375
        RESERVED
 CVE-2021-24374 (The Jetpack Carousel module of the JetPack WordPress plugin 
before 9.8 ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24373 (The WP Hardening – Fix Your WordPress Security WordPress 
plugin  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24372 (The WP Hardening – Fix Your WordPress Security WordPress 
plugin  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24371
        RESERVED
 CVE-2021-24370 (The Fancy Product Designer WordPress plugin before 4.6.9 
allows unauth ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24369 (In the GetPaid WordPress plugin before 2.3.4, users with the 
contribut ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24368 (The Quiz And Survey Master – Best Quiz, Exam and Survey 
Plugin W ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24367 (The WP Config File Editor WordPress plugin through 1.7.1 was 
affected  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24366 (The Admin Columns Free WordPress plugin before 4.3 and Admin 
Columns P ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24365
        RESERVED
 CVE-2021-24364 (The Jannah WordPress theme before 5.4.4 did not properly 
sanitize the  ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2021-24363
        RESERVED
 CVE-2021-24362
        RESERVED
 CVE-2021-24361 (In the Location Manager WordPress plugin before 2.1.0.10, the 
AJAX act ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24360 (The Yes/No Chart WordPress plugin before 1.0.12 did not 
sanitise its s ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24359 (The Plus Addons for Elementor Page Builder WordPress plugin 
before 4.1 ...)
@@ -25894,9 +25894,9 @@ CVE-2021-24341 (When deleting a date in the Xllentech 
English Islamic Calendar W
 CVE-2021-24340 (The WP Statistics WordPress plugin before 13.0.8 relied on 
using the W ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24339 (The Pods – Custom Content Types and Fields WordPress 
plugin befo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24338 (The Pods – Custom Content Types and Fields WordPress 
plugin befo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-24337 (The id GET parameter of one of the Video Embed WordPress 
plugin throug ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24336 (The FlightLog WordPress plugin through 3.0.2 does not 
sanitise, valida ...)
@@ -28597,7 +28597,7 @@ CVE-2021-3046
 CVE-2021-3045
        RESERVED
 CVE-2021-3044 (An improper authorization vulnerability in Palo Alto Networks 
Cortex X ...)
-       TODO: check
+       NOT-FOR-US: Palo Alto Networks
 CVE-2021-3043
        RESERVED
 CVE-2021-3042
@@ -30363,7 +30363,7 @@ CVE-2021-22384
 CVE-2021-22383 (There is an out-of-bounds read vulnerability in eCNS280_TD 
V100R005C10 ...)
        TODO: check
 CVE-2021-22382 (Huawei LTE USB Dongle products have an improper permission 
assignment  ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2021-22381
        RESERVED
 CVE-2021-22380
@@ -30443,7 +30443,7 @@ CVE-2021-22344
 CVE-2021-22343
        RESERVED
 CVE-2021-22342 (There is an information leak vulnerability in Huawei products. 
A modul ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2021-22341
        RESERVED
 CVE-2021-22340
@@ -35602,13 +35602,13 @@ CVE-2021-20746
 CVE-2021-20745
        RESERVED
 CVE-2021-20744 (Cross-site scripting vulnerability in EC-CUBE Category 
contents plugin ...)
-       TODO: check
+       NOT-FOR-US: EC-CUBE Category contents plugin
 CVE-2021-20743 (Cross-site scripting vulnerability in EC-CUBE Email 
newsletters manage ...)
-       TODO: check
+       NOT-FOR-US: EC-CUBE Email newsletters management plugin
 CVE-2021-20742 (Cross-site scripting vulnerability in EC-CUBE Business form 
output plu ...)
-       TODO: check
+       NOT-FOR-US: EC-CUBE Business form output plugin
 CVE-2021-20741 (Cross-site scripting vulnerability in Hitachi Application 
Server Help  ...)
-       TODO: check
+       NOT-FOR-US: Hitachi
 CVE-2021-20740
        RESERVED
 CVE-2021-20739
@@ -35620,9 +35620,9 @@ CVE-2021-20737 (Improper authentication vulnerability 
in GROWI versions prior to
 CVE-2021-20736 (NoSQL injection vulnerability in GROWI versions prior to 
v4.2.20 allow ...)
        TODO: check
 CVE-2021-20735 (Cross-site scripting vulnerability in ETUNA EC-CUBE plugins 
(Delivery  ...)
-       TODO: check
+       NOT-FOR-US: ETUNA EC-CUBE plugins
 CVE-2021-20734 (Cross-site scripting vulnerability in Welcart e-Commerce 
versions prio ...)
-       TODO: check
+       NOT-FOR-US: Welcart e-Commerce
 CVE-2021-20733 (Improper authorization in handler for custom URL scheme 
vulnerability  ...)
        TODO: check
 CVE-2021-20732 (The ATOM (ATOM - Smart life App for Android versions prior to 
1.8.1 an ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1dbda634526b63f6749346b1bdb5f74eb90f6435

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1dbda634526b63f6749346b1bdb5f74eb90f6435
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to