Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5dd0b8b2 by Salvatore Bonaccorso at 2021-11-13T21:20:05+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -277,7 +277,7 @@ CVE-2021-43522
CVE-2021-3939
RESERVED
CVE-2021-3938 (snipe-it is vulnerable to Improper Neutralization of Input
During Web ...)
- TODO: check
+ NOT-FOR-US: snipe-it
CVE-2021-3937
RESERVED
CVE-2021-3936
@@ -544,7 +544,7 @@ CVE-2021-43402
CVE-2021-43401
RESERVED
CVE-2021-3931 (snipe-it is vulnerable to Cross-Site Request Forgery (CSRF) ...)
- TODO: check
+ NOT-FOR-US: snipe-it
CVE-2021-3930 [off-by-one error in mode_sense_page() in hw/scsi/scsi-disk.c]
RESERVED
- qemu <unfixed>
@@ -1997,7 +1997,7 @@ CVE-2021-43205
CVE-2021-43204
RESERVED
CVE-2021-3921 (firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
...)
- TODO: check
+ NOT-FOR-US: firefly-iii
CVE-2021-3920
RESERVED
CVE-2021-3919
@@ -2265,7 +2265,7 @@ CVE-2021-43082 (Buffer Copy without Checking Size of
Input ('Classic Buffer Over
NOTE: CVE description is wrong, this doesn't affect 8.1, only
9.x/master:
NOTE: Introduced with
https://github.com/apache/trafficserver/commit/5e2385b666b4176be0f64fbadfbfae42094db396
(9.1.0-rc0)
CVE-2021-3915 (bookstack is vulnerable to Unrestricted Upload of File with
Dangerous ...)
- TODO: check
+ NOT-FOR-US: bookstack
CVE-2020-36505 (The Delete All Comments Easily WordPress plugin through 1.3 is
lacking ...)
NOT-FOR-US: WordPress plugin
CVE-2020-36504 (The WP-Pro-Quiz WordPress plugin through 0.37 does not have
CSRF check ...)
@@ -6870,7 +6870,7 @@ CVE-2021-41655
CVE-2021-41654
RESERVED
CVE-2021-41653 (The PING function on the TP-Link TL-WR840N EU v5 router with
firmware ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2021-41652
RESERVED
CVE-2021-41651 (A blind SQL injection vulnerability exists in the Raymart DG /
Ahmed H ...)
@@ -9498,9 +9498,9 @@ CVE-2021-40526 (Incorrect calculation of buffer size
vulnerability in Peleton TT
CVE-2021-40525
RESERVED
CVE-2021-3776 (showdoc is vulnerable to Cross-Site Request Forgery (CSRF) ...)
- TODO: check
+ NOT-FOR-US: showdoc
CVE-2021-3775 (showdoc is vulnerable to Cross-Site Request Forgery (CSRF) ...)
- TODO: check
+ NOT-FOR-US: showdoc
CVE-2021-3774 (Meross Smart Wi-Fi 2 Way Wall Switch (MSS550X), on its 3.1.3
version a ...)
NOT-FOR-US: Meross Smart Wi-Fi 2 Way Wall Switch
CVE-2021-3773
@@ -15423,7 +15423,7 @@ CVE-2021-3685
CVE-2021-3684
RESERVED
CVE-2021-3683 (showdoc is vulnerable to Cross-Site Request Forgery (CSRF) ...)
- TODO: check
+ NOT-FOR-US: showdoc
CVE-2021-38113 (In addBouquet in js/bqe.js in OpenWebif (aka
e2openplugin-OpenWebif) t ...)
NOT-FOR-US: OpenWebif (aka e2openplugin-OpenWebif)
CVE-2021-38112 (In the Amazon AWS WorkSpaces client 3.0.10 through 3.1.8 on
Windows, a ...)
@@ -87680,7 +87680,7 @@ CVE-2020-21143
CVE-2020-21142 (Cross Site Scripting (XSS) vulnerabilty in IPFire 2.23 via the
IPfire ...)
NOT-FOR-US: IPFire
CVE-2020-21141 (iCMS v7.0.15 was discovered to contain a Cross-Site Request
Forgery (C ...)
- TODO: check
+ NOT-FOR-US: iCMS
CVE-2020-21140
RESERVED
CVE-2020-21139 (EC Cloud E-Commerce System v1.3 was discovered to contain a
Cross-Site ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5dd0b8b211eecc2c4fa51ad500919f60c81fccc0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5dd0b8b211eecc2c4fa51ad500919f60c81fccc0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
