[Git][security-tracker-team/security-tracker][master] Progress some NFUs

Sun, 26 Dec 2021 12:15:35 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
0d2e052e by Salvatore Bonaccorso at 2021-12-26T21:14:45+01:00
Progress some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -383,11 +383,11 @@ CVE-2021-45493 (Certain NETGEAR devices are affected by 
disclosure of administra
 CVE-2021-4170
        RESERVED
 CVE-2021-4169 (livehelperchat is vulnerable to Improper Neutralization of 
Input Durin ...)
-       TODO: check
+       NOT-FOR-US: livehelperchat
 CVE-2021-45492
        RESERVED
 CVE-2021-4168 (showdoc is vulnerable to Cross-Site Request Forgery (CSRF) ...)
-       TODO: check
+       NOT-FOR-US: showdoc
 CVE-2021-45491
        RESERVED
 CVE-2021-45490
@@ -448,7 +448,7 @@ CVE-2021-4164
 CVE-2021-4163
        RESERVED
 CVE-2021-4162 (archivy is vulnerable to Cross-Site Request Forgery (CSRF) ...)
-       TODO: check
+       NOT-FOR-US: archivy
 CVE-2021-45474 (In MediaWiki through 1.37, the Special:ImportFile URI (aka 
FileImporte ...)
        NOT-FOR-US: FileImporter MediaWiki extension
        NOTE: 
https://gerrit.wikimedia.org/r/q/Id1c8910aeac5b452fbabeddab70360765518223e
@@ -3658,7 +3658,7 @@ CVE-2021-44600 (The password parameter on Simple Online 
Mens Salon Management Sy
 CVE-2021-44599 (The id parameter from Online Enrollment Management System 1.0 
system a ...)
        NOT-FOR-US: Online Enrollment Management System
 CVE-2021-44598 (Attendance Management System 1.0 is affected by a Cross Site 
Scripting ...)
-       TODO: check
+       NOT-FOR-US: Attendance Management System
 CVE-2021-44597
        RESERVED
 CVE-2021-44596
@@ -5159,7 +5159,7 @@ CVE-2021-3993 (showdoc is vulnerable to Cross-Site 
Request Forgery (CSRF) ...)
 CVE-2021-3992 (kimai2 is vulnerable to Improper Access Control ...)
        NOT-FOR-US: kimai2
 CVE-2021-44078 (An issue was discovered in split_region in uc.c in Unicorn 
Engine befo ...)
-       TODO: check
+       NOT-FOR-US: Unicorn Engine
 CVE-2021-44077 (Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk 
Plus MSP  ...)
        NOT-FOR-US: Zoho ManageEngine
 CVE-2021-3991
@@ -5324,7 +5324,7 @@ CVE-2021-44019 (An unnecessary privilege vulnerability in 
Trend Micro Worry-Free
 CVE-2021-3978
        RESERVED
 CVE-2021-3977 (invoiceninja is vulnerable to Improper Neutralization of Input 
During  ...)
-       TODO: check
+       NOT-FOR-US: invoiceninja
 CVE-2021-44018
        RESERVED
 CVE-2021-44017 (A vulnerability has been identified in JT2Go (All versions 
< V13.2. ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d2e052efcbe1f72829fa700ef33112100b2055c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0d2e052efcbe1f72829fa700ef33112100b2055c
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to