[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Fri, 15 Oct 2021 01:02:58 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
785fab01 by Salvatore Bonaccorso at 2021-10-15T10:02:25+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -53933,7 +53933,7 @@ CVE-2021-20833 (The SNKRDUNK Market Place App for iOS 
versions prior to 2.2.0 do
 CVE-2021-20832 (InBody App for iOS versions prior to 2.3.30 and InBody App for 
Android ...)
        NOT-FOR-US: InBody App
 CVE-2021-20831 (Cross-site request forgery (CSRF) vulnerability in OG Tags 
versions pr ...)
-       TODO: check
+       NOT-FOR-US: OG Tags (WordPress plugin)
 CVE-2021-20830
        RESERVED
 CVE-2021-20829 (Cross-site scripting vulnerability due to the inadequate tag 
sanitizat ...)
@@ -54400,7 +54400,7 @@ CVE-2021-20601
 CVE-2021-20600 (Uncontrolled resource consumption in MELSEC iQ-R series C 
Controller M ...)
        NOT-FOR-US: Mitsubishi
 CVE-2021-20599 (Authorization bypass through user-controlled key vulnerability 
in MELS ...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi
 CVE-2021-20598 (Overly Restrictive Account Lockout Mechanism vulnerability in 
Mitsubis ...)
        NOT-FOR-US: Mitsubishi
 CVE-2021-20597 (Insufficiently Protected Credentials vulnerability in 
Mitsubishi Elect ...)
@@ -84689,27 +84689,27 @@ CVE-2020-19966
 CVE-2020-19965
        RESERVED
 CVE-2020-19964 (A Cross Site Request Forgery (CSRF) vulnerability was 
discovered in PH ...)
-       TODO: check
+       NOT-FOR-US: PHPMyWind
 CVE-2020-19963
        RESERVED
 CVE-2020-19962 (A stored cross-site scripting (XSS) vulnerability in the 
getClientIp f ...)
-       TODO: check
+       NOT-FOR-US: Chaoji CMS
 CVE-2020-19961 (A SQL injection vulnerability has been discovered in zz cms 
version 20 ...)
-       TODO: check
+       NOT-FOR-US: zz cms
 CVE-2020-19960 (A SQL injection vulnerability has been discovered in zz cms 
version 20 ...)
-       TODO: check
+       NOT-FOR-US: zz cms
 CVE-2020-19959 (A SQL injection vulnerability has been discovered in zz cms 
version 20 ...)
-       TODO: check
+       NOT-FOR-US: zz cms
 CVE-2020-19958
        RESERVED
 CVE-2020-19957 (A SQL injection vulnerability has been discovered in zz cms 
version 20 ...)
-       TODO: check
+       NOT-FOR-US: zz cms
 CVE-2020-19956
        RESERVED
 CVE-2020-19955
        RESERVED
 CVE-2020-19954 (An XML External Entity (XXE) vulnerability was discovered in 
/api/noti ...)
-       TODO: check
+       NOT-FOR-US: S-CMS
 CVE-2020-19953
        RESERVED
 CVE-2020-19952



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/785fab01f3ec9a4c407971282797f0cc5ed91a1d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/785fab01f3ec9a4c407971282797f0cc5ed91a1d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to