[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Mon, 23 Aug 2021 01:42:15 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
238644b7 by Salvatore Bonaccorso at 2021-08-23T10:41:22+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -495,9 +495,9 @@ CVE-2021-39370
 CVE-2021-39369
        RESERVED
 CVE-2021-39368 (Canon Oce Print Exec Workgroup 1.3.2 allows XSS via the lang 
parameter ...)
-       TODO: check
+       NOT-FOR-US: Canon Oce Print Exec Workgroup
 CVE-2021-39367 (Canon Oce Print Exec Workgroup 1.3.2 allows Host header 
injection. ...)
-       TODO: check
+       NOT-FOR-US: Canon Oce Print Exec Workgroup
 CVE-2021-39366
        RESERVED
 CVE-2021-39365 (In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS 
certifi ...)
@@ -704,11 +704,11 @@ CVE-2021-3719
 CVE-2021-3718
        RESERVED
 CVE-2021-39291 (Certain NetModule devices allow credentials via GET parameters 
to CLI- ...)
-       TODO: check
+       NOT-FOR-US: NetModule devices
 CVE-2021-39290 (Certain NetModule devices allow Limited Session Fixation via 
PHPSESSID ...)
-       TODO: check
+       NOT-FOR-US: NetModule devices
 CVE-2021-39289 (Certain NetModule devices have Insecure Password Handling 
(cleartext o ...)
-       TODO: check
+       NOT-FOR-US: NetModule devices
 CVE-2021-39288
        RESERVED
 CVE-2021-39287
@@ -818,11 +818,11 @@ CVE-2021-3715
 CVE-2021-3714
        RESERVED
 CVE-2021-39245 (Hardcoded .htaccess Credentials for getlogs.cgi exist on Altus 
Nexto,  ...)
-       TODO: check
+       NOT-FOR-US: Altus
 CVE-2021-39244 (Authenticated Semi-Blind Command Injection (via Parameter 
Injection) e ...)
-       TODO: check
+       NOT-FOR-US: Altus
 CVE-2021-39243 (Cross-Site Request Forgery (CSRF) exists on Altus Nexto, Nexto 
Xpress, ...)
-       TODO: check
+       NOT-FOR-US: Altus
 CVE-2021-39242 (An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 
before 2.3.1 ...)
        {DSA-4960-1}
        - haproxy 2.2.16-1
@@ -60160,17 +60160,17 @@ CVE-2020-27468
 CVE-2020-27467
        RESERVED
 CVE-2020-27466 (An arbitrary file write vulnerability in 
lib/AjaxHandlers/ajaxEditTemp ...)
-       TODO: check
+       NOT-FOR-US: rConfig
 CVE-2020-27465
        RESERVED
 CVE-2020-27464 (An insecure update feature in the /updater.php component of 
rConfig 3. ...)
-       TODO: check
+       NOT-FOR-US: rConfig
 CVE-2020-27463
        RESERVED
 CVE-2020-27462
        RESERVED
 CVE-2020-27461 (A remote code execution vulnerability in SEOPanel 4.6.0 has 
been fixed ...)
-       TODO: check
+       NOT-FOR-US: SEOPanel
 CVE-2020-27460
        RESERVED
 CVE-2020-27459 (Chronoforeum 2.0.11 allows Stored XSS vulnerabilities when 
inserting a ...)
@@ -65260,7 +65260,7 @@ CVE-2020-25361
 CVE-2020-25360
        RESERVED
 CVE-2020-25359 (An arbitrary file deletion vulnerability in rConfig 3.9.5 has 
been fix ...)
-       TODO: check
+       NOT-FOR-US: rConfig
 CVE-2020-25358
        RESERVED
 CVE-2020-25357
@@ -65272,11 +65272,11 @@ CVE-2020-25355
 CVE-2020-25354
        RESERVED
 CVE-2020-25353 (A server-side request forgery (SSRF) vulnerability in rConfig 
3.9.5 ha ...)
-       TODO: check
+       NOT-FOR-US: rConfig
 CVE-2020-25352 (A stored cross-site scripting (XSS) vulnerability in the 
/devices.php  ...)
-       TODO: check
+       NOT-FOR-US: rConfig
 CVE-2020-25351 (An information disclosure vulnerability in rConfig 3.9.5 has 
been fixe ...)
-       TODO: check
+       NOT-FOR-US: rConfig
 CVE-2020-25350
        RESERVED
 CVE-2020-25349
@@ -79005,9 +79005,9 @@ CVE-2020-18888 (Arbitrary File Deletion vulnerability 
in puppyCMS v5.1 allows re
 CVE-2020-18887
        RESERVED
 CVE-2020-18886 (Unrestricted File Upload in PHPMyWind v5.6 allows remote 
attackers to  ...)
-       TODO: check
+       NOT-FOR-US: PHPMyWind
 CVE-2020-18885 (Command Injection in PHPMyWind v5.6 allows remote attackers to 
execute ...)
-       TODO: check
+       NOT-FOR-US: PHPMyWind
 CVE-2020-18884
        RESERVED
 CVE-2020-18883
@@ -79019,11 +79019,11 @@ CVE-2020-18881
 CVE-2020-18880
        RESERVED
 CVE-2020-18879 (Unrestricted File Upload in Bludit v3.8.1 allows remote 
attackers to e ...)
-       TODO: check
+       NOT-FOR-US: Bludit
 CVE-2020-18878 (Directory Traversal in Skycaiji v1.3 allows remote attackers 
to obtain ...)
-       TODO: check
+       NOT-FOR-US: Skycaiji
 CVE-2020-18877 (SQL Injection in Wuzhi CMS v4.1.0 allows remote attackers to 
obtain se ...)
-       TODO: check
+       NOT-FOR-US: Wuzhi CMS
 CVE-2020-18876
        RESERVED
 CVE-2020-18875 (Incorrect Access Control in DotCMS versions before 5.1 allows 
remote a ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/238644b7e18ad6ee8135b4ef9e42524082aa250f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/238644b7e18ad6ee8135b4ef9e42524082aa250f
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to