[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5c4780d0 by Salvatore Bonaccorso at 2021-07-07T22:26:55+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15209,7 +15209,7 @@ CVE-2021-29761
 CVE-2021-29760
        RESERVED
 CVE-2021-29759 (IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, 
and 1.3  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-29758
        RESERVED
 CVE-2021-29757
@@ -38589,7 +38589,7 @@ CVE-2021-20476
 CVE-2021-20475
        RESERVED
 CVE-2021-20474 (IBM Guardium Data Encryption (GDE) 3.0.0.2 and 4.0.0.4 does 
not perfor ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-20473
        RESERVED
 CVE-2021-20472
@@ -38703,11 +38703,11 @@ CVE-2021-20419 (IBM Security Guardium 11.2 uses 
weaker than expected cryptograph
 CVE-2021-20418
        RESERVED
 CVE-2021-20417 (IBM Guardium Data Encryption (GDE) 4.0.0.4 could allow a 
remote attack ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-20416 (IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 could 
allow a r ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-20415 (IBM Guardium Data Encryption (GDE) 4.0.0.4 uses an inadequate 
account  ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-20414
        RESERVED
 CVE-2021-20413 (IBM Guardium Data Encryption (GDE) 4.0.0.4 could allow a 
remote attack ...)
@@ -38779,9 +38779,9 @@ CVE-2021-20381
 CVE-2021-20380 (IBM QRadar Advisor With Watson App 1.1 through 2.5 as used on 
IBM QRad ...)
        NOT-FOR-US: IBM
 CVE-2021-20379 (IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 uses 
weaker tha ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-20378 (IBM Guardium Data Encryption (GDE) 3.0.0.2 and 4.0.0.4 does 
not invali ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-20377
        RESERVED
 CVE-2021-20376
@@ -59474,23 +59474,23 @@ CVE-2020-24151
 CVE-2020-24150
        RESERVED
 CVE-2020-24149 (Server-side request forgery (SSRF) in the Podcast Importer 
SecondLine  ...)
-       TODO: check
+       NOT-FOR-US: Podcast Importer SecondLine (podcast-importer-secondline) 
plugin for WordPress
 CVE-2020-24148 (Server-side request forgery (SSRF) in the Import XML and RSS 
Feeds (im ...)
-       TODO: check
+       NOT-FOR-US: Import XML and RSS Feeds (import-xml-feed) plugin for 
WordPress
 CVE-2020-24147 (Server-side request forgery (SSR) vulnerability in the WP 
Smart Import ...)
-       TODO: check
+       NOT-FOR-US: WP Smart Import (wp-smart-import) plugin for WordPress
 CVE-2020-24146 (Directory traversal in the CM Download Manager (aka 
cm-download-manage ...)
-       TODO: check
+       NOT-FOR-US: CM Download Manager (aka cm-download- manager) plugin for 
WordPress
 CVE-2020-24145 (Cross Site Scripting (XSS) vulnerability in the CM Download 
Manager (a ...)
-       TODO: check
+       NOT-FOR-US: CM Download Manager (aka cm-download-manager) plugin for 
WordPress
 CVE-2020-24144 (Directory traversal in the Media File Organizer (aka 
media-file-organi ...)
-       TODO: check
+       NOT-FOR-US: Media File Organizer (aka media-file- organizer) plugin for 
WordPress
 CVE-2020-24143 (Directory traversal in the Video Downloader for TikTok (aka 
downloader ...)
-       TODO: check
+       NOT-FOR-US: Video Downloader for TikTok (aka downloader-tiktok) plugin 
for WordPress
 CVE-2020-24142 (Server-side request forgery in the Video Downloader for TikTok 
(aka do ...)
-       TODO: check
+       NOT-FOR-US: Video Downloader for TikTok (aka downloader-tiktok) plugin 
for WordPress
 CVE-2020-24141 (Server-side request forgery in the WP-DownloadManager plugin 
1.68.4 fo ...)
-       TODO: check
+       NOT-FOR-US: WP-DownloadManager plugin for WordPress
 CVE-2020-24140 (Server-side request forgery in Wcms 0.3.2 let an attacker send 
crafted ...)
        NOT-FOR-US: wmcs
 CVE-2020-24139 (Server-side request forgery in Wcms 0.3.2 lets an attacker 
send crafte ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c4780d075754c2f601f5b2c5eff7bf6aac0a547

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c4780d075754c2f601f5b2c5eff7bf6aac0a547
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits