From c39bc5c85206dcfc5911d32dc4550acc6de00259 Mon Sep 17 00:00:00 2001
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Mon, 29 Nov 2021 15:09:03 +0100
Subject: NFUs

---
 data/CVE/list.2021 | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index df53fd88b2..2b3f5c89b4 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -1079,7 +1079,7 @@ CVE-2021-43787
 CVE-2021-43786
 	RESERVED
 CVE-2021-43785 (@joeattardi/emoji-button is a Vanilla JavaScript emoji picker componen ...)
-	TODO: check
+	NOT-FOR-US: @joeattardi/emoji-button
 CVE-2021-43784
 	RESERVED
 CVE-2021-43783
@@ -3402,7 +3402,7 @@ CVE-2021-42787
 CVE-2021-42786
 	RESERVED
 CVE-2021-42785 (Buffer Overflow vulnerability in tvnviewer.exe of TightVNC Viewer allo ...)
-	TODO: check
+	NOT-FOR-US: TightVNC Viewer
 CVE-2021-42784 (OS Command Injection vulnerability in debug_fcgi of D-Link DWR-932C E1 ...)
 	NOT-FOR-US: D-Link
 CVE-2021-42783 (Missing Authentication for Critical Function vulnerability in debug_po ...)
@@ -20444,7 +20444,7 @@ CVE-2021-35535 (Insecure Boot Image vulnerability in Hitachi Energy Relion Relio
 CVE-2021-35534 (Insufficient security control vulnerability in internal database acces ...)
 	NOT-FOR-US: Hitachi
 CVE-2021-35533 (Improper Input Validation vulnerability in the APDU parser in the Bidi ...)
-	TODO: check
+	NOT-FOR-US: Hitachi
 CVE-2021-35532
 	RESERVED
 CVE-2021-35531
@@ -28747,7 +28747,7 @@ CVE-2021-3536 (A flaw was found in Wildfly in versions before 23.0.2.Final while
 CVE-2021-3535 (Rapid7 Nexpose is vulnerable to a non-persistent cross-site scripting  ...)
 	NOT-FOR-US: Rapid7
 CVE-2021-32061 (S3Scanner before 2.0.2 allows Directory Traversal via a crafted bucket ...)
-	TODO: check
+	NOT-FOR-US: S3Scanner
 CVE-2021-32060
 	RESERVED
 CVE-2021-32059
@@ -28799,7 +28799,7 @@ CVE-2021-32039
 CVE-2021-32038
 	RESERVED
 CVE-2021-32037 (An authorized user may trigger an invariant which may result in denial ...)
-	TODO: check
+	- mongodb <removed>
 CVE-2021-32036
 	RESERVED
 CVE-2021-32035
@@ -48998,7 +48998,7 @@ CVE-2021-23734
 CVE-2021-23733
 	RESERVED
 CVE-2021-23732 (This affects all versions of package docker-cli-js. If the command par ...)
-	TODO: check
+	NOT-FOR-US: Node docker-cli-js
 CVE-2021-23731
 	RESERVED
 CVE-2021-23730
@@ -49116,7 +49116,7 @@ CVE-2021-23675
 CVE-2021-23674
 	RESERVED
 CVE-2021-23673 (This affects all versions of package pekeupload. If an attacker induce ...)
-	TODO: check
+	NOT-FOR-US: Node pekeupload
 CVE-2021-23672
 	RESERVED
 CVE-2021-23671
@@ -49154,7 +49154,7 @@ CVE-2021-23656
 CVE-2021-23655
 	RESERVED
 CVE-2021-23654 (This affects all versions of package html-to-csv. When there is a form ...)
-	TODO: check
+	NOT-FOR-US: html-to-csv
 CVE-2021-23653
 	RESERVED
 CVE-2021-23652
@@ -55824,13 +55824,13 @@ CVE-2021-20850 (PowerCMS XMLRPC API of PowerCMS 5.19 and earlier, PowerCMS 4.49
 CVE-2021-20849
 	RESERVED
 CVE-2021-20848 (Cross-site scripting vulnerability in rwtxt versions prior to v1.8.6 a ...)
-	TODO: check
+	NOT-FOR-US: rwtxt
 CVE-2021-20847
 	RESERVED
 CVE-2021-20846 (Cross-site request forgery (CSRF) vulnerability in Push Notifications  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-20845 (Cross-site request forgery (CSRF) vulnerability in Unlimited Sitemap G ...)
-	TODO: check
+	NOT-FOR-US: Unlimited Sitemap Generator
 CVE-2021-20844 (Improper neutralization of HTTP request headers for scripting syntax v ...)
 	NOT-FOR-US: RTX830
 CVE-2021-20843 (Cross-site script inclusion vulnerability in the Web GUI of RTX830 Rev ...)
-- 
cgit v1.2.3