[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Fri, 06 Aug 2021 01:17:33 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9abaabcf by Salvatore Bonaccorso at 2021-08-06T10:17:12+02:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -613,7 +613,7 @@ CVE-2021-37861
 CVE-2021-37860
        RESERVED
 CVE-2021-37859 (Fixed a bypass for a reflected cross-site scripting 
vulnerability affe ...)
-       TODO: check
+       NOT-FOR-US: Mattermost
 CVE-2021-37858
        RESERVED
 CVE-2021-37857
@@ -1100,7 +1100,7 @@ CVE-2021-37634
 CVE-2021-37633
        RESERVED
 CVE-2021-37632 (SuperMartijn642's Config Lib is a library used by a number of 
mods for ...)
-       TODO: check
+       NOT-FOR-US: SuperMartijn642's Config Lib (lib for Minecraft)
 CVE-2021-37631
        RESERVED
 CVE-2021-37630
@@ -1136,7 +1136,7 @@ CVE-2021-37616
 CVE-2021-37615
        RESERVED
 CVE-2021-37614 (In certain Progress MOVEit Transfer versions before 2021.0.3 
(aka 13.0 ...)
-       TODO: check
+       NOT-FOR-US: MOVEit Transfer
 CVE-2021-37613
        RESERVED
 CVE-2021-37612
@@ -6306,13 +6306,13 @@ CVE-2021-35329
 CVE-2021-35328
        RESERVED
 CVE-2021-35327 (A vulnerability in TOTOLINK A720R A720R_Firmware 
v4.1.5cu.470_B2020091 ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK A720R A720R_Firmware
 CVE-2021-35326 (A vulnerability in TOTOLINK A720R router with firmware 
v4.1.5cu.470_B2 ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK A720R router firmware
 CVE-2021-35325 (A stack overflow in the checkLoginUser function of TOTOLINK 
A720R A720 ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK A720R A720R_Firmware
 CVE-2021-35324 (A vulnerability in the Form_Login function of TOTOLINK A720R 
A720R_Fir ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK A720R A720R_Firmware
 CVE-2021-35323
        RESERVED
 CVE-2021-35322
@@ -6346,9 +6346,9 @@ CVE-2021-35309
 CVE-2021-35308
        RESERVED
 CVE-2021-35307 (An issue was discovered in Bento4 through v1.6.0-636. A NULL 
pointer d ...)
-       TODO: check
+       NOT-FOR-US: Bento4
 CVE-2021-35306 (An issue was discovered in Bento4 through v1.6.0-636. A NULL 
pointer d ...)
-       TODO: check
+       NOT-FOR-US: Bento4
 CVE-2021-35305
        RESERVED
 CVE-2021-35304
@@ -7830,9 +7830,9 @@ CVE-2021-34641
 CVE-2021-34640
        RESERVED
 CVE-2021-34639 (Authenticated File Upload in WordPress Download Manager <= 
3.1.24 a ...)
-       TODO: check
+       NOT-FOR-US: WordPress Download Manager
 CVE-2021-34638 (Authenticated Directory Traversal in WordPress Download 
Manager <=  ...)
-       TODO: check
+       NOT-FOR-US: WordPress Download Manager
 CVE-2021-34637 (The Post Index WordPress plugin is vulnerable to Cross-Site 
Request Fo ...)
        NOT-FOR-US:  WordPress plugin
 CVE-2021-34636
@@ -7840,13 +7840,13 @@ CVE-2021-34636
 CVE-2021-34635 (The Poll Maker WordPress plugin is vulnerable to Reflected 
Cross-Site  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-34634 (The Nifty Newsletters WordPress plugin is vulnerable to 
Cross-Site Req ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-34633 (The Youtube Feeder WordPress plugin is vulnerable to 
Cross-Site Reques ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-34632 (The SEO Backlinks WordPress plugin is vulnerable to Cross-Site 
Request ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-34631 (The NewsPlugin WordPress plugin is vulnerable to Cross-Site 
Request Fo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-34630 (In the Pro and Enterprise versions of GTranslate < 2.8.65, 
the gtra ...)
        NOT-FOR-US: GTranslate (Pro and Enterprise versions)
 CVE-2021-34629 (The SendGrid WordPress plugin is vulnerable to authorization 
bypass vi ...)
@@ -8462,7 +8462,7 @@ CVE-2021-34373 (Trusty trusted Linux kernel (TLK) 
contains a vulnerability in th
 CVE-2021-34372 (Trusty (the trusted OS produced by NVIDIA for Jetson devices) 
driver c ...)
        NOT-FOR-US: Trusty
 CVE-2021-34371 (Neo4j through 3.4.18 (with the shell server enabled) exposes 
an RMI se ...)
-       TODO: check
+       NOT-FOR-US: Neo4j
 CVE-2021-34370 (Accela Civic Platform through 20.1 allows 
ssoAdapter/logoutAction.do s ...)
        NOT-FOR-US: Accela Civic Platform
 CVE-2021-34369 (portlets/contact/ref/refContactDetail.do in Accela Civic 
Platform thro ...)
@@ -10242,9 +10242,9 @@ CVE-2021-33599
 CVE-2021-33598
        RESERVED
 CVE-2021-33597 (A Denial-of-Service (DoS) vulnerability was discovered in 
F-Secure Atl ...)
-       TODO: check
+       NOT-FOR-US: F-Secure
 CVE-2021-33596 (Showing the legitimate URL in the address bar while loading 
the conten ...)
-       TODO: check
+       NOT-FOR-US: F-Secure
 CVE-2021-33595
        RESERVED
 CVE-2021-33594



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9abaabcfa4cd33cc5ca8cae73cf7283ec455660d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9abaabcfa4cd33cc5ca8cae73cf7283ec455660d
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to