[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Mon, 30 Aug 2021 01:45:12 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
0668046e by Salvatore Bonaccorso at 2021-08-30T10:44:39+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -281,19 +281,19 @@ CVE-2021-40180
 CVE-2021-40179
        RESERVED
 CVE-2021-40178 (Zoho ManageEngine Log360 before Build 5224 allows stored XSS 
via the L ...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine
 CVE-2021-40177 (Zoho ManageEngine Log360 before Build 5225 allows remote code 
executio ...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine
 CVE-2021-40176 (Zoho ManageEngine Log360 before Build 5225 allows stored XSS. 
...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine
 CVE-2021-40175 (Zoho ManageEngine Log360 before Build 5219 allows unrestricted 
file up ...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine
 CVE-2021-40174 (Zoho ManageEngine Log360 before Build 5224 allows a CSRF 
attack for di ...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine
 CVE-2021-40173 (Zoho ManageEngine Cloud Security Plus before Build 4117 allows 
a CSRF  ...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine
 CVE-2021-40172 (Zoho ManageEngine Log360 before Build 5219 allows a CSRF 
attack on pro ...)
-       TODO: check
+       NOT-FOR-US: Zoho ManageEngine
 CVE-2021-40171
        RESERVED
 CVE-2021-40170
@@ -2250,7 +2250,7 @@ CVE-2021-39272 (Fetchmail before 6.4.22 fails to enforce 
STARTTLS session encryp
        [stretch] - fetchmail <no-dsa> (Minor issue; safe recommendations 
exists, implicit TLS, "ssl" mode exist)
        NOTE: https://www.fetchmail.info/fetchmail-SA-2021-02.txt
 CVE-2021-39271 (OrbiTeam BSCW Classic before 7.4.3 allows authenticated remote 
code ex ...)
-       TODO: check
+       NOT-FOR-US: OrbiTeam BSCW Classic
 CVE-2021-39270 (In Ping Identity RSA SecurID Integration Kit before 3.2, user 
imperson ...)
        NOT-FOR-US: Ping Identity RSA SecurID Integration Kit
 CVE-2021-39269



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0668046eb677836515e67a2f12695207a39b3a48

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0668046eb677836515e67a2f12695207a39b3a48
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to