From a6d9298866487dddb1361f2e625816c792b0251b Mon Sep 17 00:00:00 2001
From: Neil Williams <codehelp@debian.org>
Date: Tue, 25 Jan 2022 14:10:09 +0000
Subject: Process some NFUs

---
 data/CVE/list.2021 | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 65a1bbb3c1..85d7a6f6b1 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -56288,7 +56288,7 @@ CVE-2021-23576
 CVE-2021-23575
 	RESERVED
 CVE-2021-23574 (All versions of package js-data are vulnerable to Prototype Pollution  ...)
-	TODO: check
+	NOT-FOR-US: Node js-data
 CVE-2021-23573
 	RESERVED
 CVE-2021-23572
@@ -56300,7 +56300,7 @@ CVE-2021-23570
 CVE-2021-23569
 	RESERVED
 CVE-2021-23568 (The package extend2 before 1.0.1 are vulnerable to Prototype Pollution ...)
-	TODO: check
+	NOT-FOR-US: extend2 (fork of node-extend which is not affected)
 CVE-2021-23567 (The package colors after 1.4.0 are vulnerable to Denial of Service (Do ...)
 	TODO: check
 CVE-2021-23566 (The package nanoid before 3.1.31 are vulnerable to Information Exposur ...)
-- 
cgit v1.2.3