NFUs

3 files changed, 15 insertions, 15 deletions

diff --git a/data/CVE/list.2008 b/data/CVE/list.2008
index a5bc41ea0d..3dad705c6b 100644
--- a/data/CVE/list.2008
+++ b/data/CVE/list.2008
@@ -9469,7 +9469,7 @@ CVE-2008-3281 (libxml2 2.6.32 and earlier does not properly detect recursion dur
 	- libxml2 2.6.32.dfsg-3 (medium)
 	- chromium-browser 5.0.375.29~r46008-1
 CVE-2008-3280 (It was found that various OpenID Providers (OPs) had TLS Server Certif ...)
-	TODO: check
+	NOT-FOR-US: Historic OpenID issues
 CVE-2008-3279 (Untrusted search path vulnerability in libbrlttybba.so in brltty 3.7.2 ...)
 	- brltty <not-affected> (RedHat-specific)
 CVE-2008-3278 (frysk packages through 2008-08-05 as shipped in Red Hat Enterprise Lin ...)
diff --git a/data/CVE/list.2020 b/data/CVE/list.2020
index e3b7896d99..2511bc46d6 100644
--- a/data/CVE/list.2020
+++ b/data/CVE/list.2020
@@ -9002,7 +9002,7 @@ CVE-2020-27211 (Nordic Semiconductor nRF52840 devices through 2020-10-19 have im
 CVE-2020-27210
 	RESERVED
 CVE-2020-27209 (The ECDSA operation of the micro-ecc library 1.0 is vulnerable to simp ...)
-	TODO: check
+	NOT-FOR-US: micro-ecc
 CVE-2020-27208 (The flash read-out protection (RDP) level is not enforced during the d ...)
 	NOT-FOR-US: SoloKeys Solo
 CVE-2020-27207 (Zetetic SQLCipher 4.x before 4.4.1 has a use-after-free, related to sq ...)
@@ -15616,9 +15616,9 @@ CVE-2020-24398
 CVE-2020-24397 (An issue was discovered in the client side of Zoho ManageEngine Deskto ...)
 	NOT-FOR-US: Zoho ManageEngine Desktop Central
 CVE-2020-24396 (homee Brain Cube v2 (2.28.2 and 2.28.4) devices have sensitive SSH key ...)
-	TODO: check
+	NOT-FOR-US: homee Brain Cube
 CVE-2020-24395 (The USB firmware update script of homee Brain Cube v2 (2.28.2 and 2.28 ...)
-	TODO: check
+	NOT-FOR-US: homee Brain Cube
 CVE-2020-24394 (In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) ca ...)
 	- linux 5.7.6-1 (bug #962254)
 	[buster] - linux 4.19.131-1
@@ -16980,9 +16980,9 @@ CVE-2020-23768 (An information disclosure vulnerability was discovered in alipay
 CVE-2020-23767
 	RESERVED
 CVE-2020-23766 (An arbitrary file deletion vulnerability was discovered on htmly v2.7. ...)
-	TODO: check
+	NOT-FOR-US: htmly
 CVE-2020-23765 (A file upload vulnerability was discovered in the file path /bl-plugin ...)
-	TODO: check
+	NOT-FOR-US: Bludit
 CVE-2020-23764
 	RESERVED
 CVE-2020-23763 (SQL injection in admin.php in Online Book Store 1.0 allows remote atta ...)
@@ -43083,7 +43083,7 @@ CVE-2020-12062 (** DISPUTED ** The scp client in OpenSSH 8.2 incorrectly sends d
 	NOTE: Negligible security impact, a malicious peer can achieve no more than already
 	NOTE: able o achieve within the scp protocol.
 CVE-2020-12061 (An issue was discovered in Nitrokey FIDO U2F firmware through 1.1. Com ...)
-	TODO: check
+	NOT-FOR-US: Nitrokey firmware
 CVE-2020-12060
 	RESERVED
 CVE-2020-12059 (An issue was discovered in Ceph through 13.2.9. A POST request with an ...)
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index e8330a67c4..56d5db4baa 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -1869,7 +1869,7 @@ CVE-2021-32634 (Emissary is a distributed, peer-to-peer, data-driven workflow fr
 CVE-2021-32633 (Zope is an open-source web application server. In Zope versions prior  ...)
 	TODO: check
 CVE-2021-32632 (Pajbot is a Twitch chat bot. Pajbot versions prior to 1.52 are vulnera ...)
-	TODO: check
+	NOT-FOR-US: Pajbot
 CVE-2021-32631
 	RESERVED
 CVE-2021-32630 (Admidio is a free, open source user management system for websites of  ...)
@@ -1897,7 +1897,7 @@ CVE-2021-32620
 CVE-2021-32619
 	RESERVED
 CVE-2021-32618 (The Python "Flask-Security-Too" package is used for adding security fe ...)
-	TODO: check
+	NOT-FOR-US: Flask-Security-Too
 CVE-2021-32617 (Exiv2 is a command-line utility and C++ library for reading, writing,  ...)
 	- exiv2 <unfixed> (bug #988731)
 	[bullseye] - exiv2 <no-dsa> (Minor issue)
@@ -8702,7 +8702,7 @@ CVE-2021-29625 (Adminer is open-source database management software. A cross-sit
 	NOTE: https://github.com/vrana/adminer/security/advisories/GHSA-2v82-5746-vwqc
 	NOTE: https://github.com/vrana/adminer/commit/4043092ec2c0de2258d60a99d0c5958637d051a7
 CVE-2021-29624 (fastify-csrf is an open-source plugin helps developers protect their F ...)
-	TODO: check
+	NOT-FOR-US: fastify-csrf
 CVE-2021-29623 (Exiv2 is a C++ library and a command-line utility to read, write, dele ...)
 	- exiv2 <unfixed> (bug #988481)
 	[bullseye] - exiv2 <no-dsa> (Minor issue)
@@ -13790,11 +13790,11 @@ CVE-2021-27436 (WebAccess/SCADA Versions 9.0 and prior is vulnerable to cross-si
 CVE-2021-27435
 	RESERVED
 CVE-2021-27434 (Products with Unified Automation .NET based OPC UA Client/Server SDK B ...)
-	TODO: check
+	NOT-FOR-US: Unified Automation .NET
 CVE-2021-27433
 	RESERVED
 CVE-2021-27432 (OPC Foundation UA .NET Standard versions prior to 1.4.365.48 and OPC U ...)
-	TODO: check
+	NOT-FOR-US: OPC Foundation UA .NET
 CVE-2021-27431
 	RESERVED
 CVE-2021-27430
@@ -23130,7 +23130,7 @@ CVE-2021-23388
 CVE-2021-23387
 	RESERVED
 CVE-2021-23386 (This affects the package dns-packet before 5.2.2. It creates buffers w ...)
-	TODO: check
+	NOT-FOR-US: Node dns-packet
 CVE-2021-23385
 	RESERVED
 CVE-2021-23384 (The package koa-remove-trailing-slashes before 2.0.2 are vulnerable to ...)
@@ -29336,7 +29336,7 @@ CVE-2021-20591
 CVE-2021-20590 (Improper authentication vulnerability in GOT2000 series GT27 model all ...)
 	NOT-FOR-US: Mitsubishi
 CVE-2021-20589 (Buffer access with incorrect length value vulnerability in GOT2000 ser ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi
 CVE-2021-20588 (Improper handling of length parameter inconsistency vulnerability in M ...)
 	NOT-FOR-US: Mitsubishi
 CVE-2021-20587 (Heap-based buffer overflow vulnerability in Mitsubishi Electric FA Eng ...)
@@ -29852,7 +29852,7 @@ CVE-2021-20333
 CVE-2021-20332
 	RESERVED
 CVE-2021-20331 (Specific versions of the MongoDB C# Driver may erroneously publish eve ...)
-	TODO: check
+	NOT-FOR-US: MongoDB C# Driver
 CVE-2021-20330
 	RESERVED
 CVE-2021-20329