[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff Mon, 08 Feb 2021 09:59:58 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
9e6c75bd by Moritz Muehlenhoff at 2021-02-08T18:59:17+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10504,7 +10504,7 @@ CVE-2021-22163
 CVE-2021-22162
        RESERVED
 CVE-2021-22161 (In OpenWrt 19.07.x before 19.07.7, when IPv6 is used, a 
routing loop c ...)
-       TODO: check
+       NOT-FOR-US: OpenWrt
 CVE-2021-22160
        RESERVED
 CVE-2020-36159 (Veritas Desktop and Laptop Option (DLO) before 9.5 disclosed 
operation ...)
@@ -13117,7 +13117,7 @@ CVE-2020-35669 (An issue was discovered in the http 
package through 0.12.2 for D
 CVE-2020-35668 (RedisGraph 2.x through 2.2.11 has a NULL Pointer Dereference 
that lead ...)
        NOT-FOR-US: RedisGraph
 CVE-2020-35667 (JetBrains TeamCity Plugin before 2020.2.85695 SSRF. 
Vulnerability that ...)
-       TODO: check
+       NOT-FOR-US: JetBrains TeamCity
 CVE-2020-35666 (Steedos Platform through 1.21.24 allows NoSQL injection 
because the /a ...)
        NOT-FOR-US: Steedos Platform
 CVE-2020-35665 (An unauthenticated command-execution vulnerability exists in 
TerraMast ...)
@@ -15093,7 +15093,7 @@ CVE-2021-20654
 CVE-2021-20653
        RESERVED
 CVE-2021-20652 (Cross-site request forgery (CSRF) vulnerability in Name 
Directory 1.17 ...)
-       TODO: check
+       NOT-FOR-US: Name Directory
 CVE-2021-20651
        RESERVED
 CVE-2021-20650
@@ -17473,7 +17473,7 @@ CVE-2020-35147
 CVE-2020-35146
        RESERVED
 CVE-2020-35145 (Acronis True Image for Windows prior to 2021 Update 3 allowed 
local pr ...)
-       TODO: check
+       NOT-FOR-US: Acronis
 CVE-2020-35144
        REJECTED
 CVE-2020-35143
@@ -24938,51 +24938,51 @@ CVE-2021-0367
 CVE-2021-0366
        RESERVED
 CVE-2021-0365 (In display driver, there is a possible memory corruption due to 
a use  ...)
-       TODO: check
+       NOT-FOR-US: Mediatek components for Android
 CVE-2021-0364 (In mobile_log_d, there is a possible command injection due to 
improper ...)
-       TODO: check
+       NOT-FOR-US: Mediatek components for Android
 CVE-2021-0363 (In mobile_log_d, there is a possible command injection due to a 
missin ...)
-       TODO: check
+       NOT-FOR-US: Mediatek components for Android
 CVE-2021-0362 (In aee, there is a possible memory corruption due to a stack 
buffer ov ...)
-       TODO: check
+       NOT-FOR-US: Mediatek components for Android
 CVE-2021-0361 (In kisd, there is a possible out of bounds read due to improper 
input  ...)
-       TODO: check
+       NOT-FOR-US: Mediatek components for Android
 CVE-2021-0360 (In netdiag, there is a possible out of bounds write due to an 
incorrec ...)
-       TODO: check
+       NOT-FOR-US: Mediatek components for Android
 CVE-2021-0359 (In netdiag, there is a possible out of bounds write due to a 
missing b ...)
-       TODO: check
+       NOT-FOR-US: Mediatek components for Android
 CVE-2021-0358 (In netdiag, there is a possible command injection due to 
improper inpu ...)
-       TODO: check
+       NOT-FOR-US: Mediatek components for Android
 CVE-2021-0357 (In netdiag, there is a possible out of bounds write due to a 
missing b ...)
-       TODO: check
+       NOT-FOR-US: Mediatek components for Android
 CVE-2021-0356 (In netdiag, there is a possible command injection due to 
improper inpu ...)
-       TODO: check
+       NOT-FOR-US: Mediatek components for Android
 CVE-2021-0355 (In kisd, there is a possible out of bounds write due to an 
integer ove ...)
-       TODO: check
+       NOT-FOR-US: Mediatek components for Android
 CVE-2021-0354 (In ged, there is a possible out of bounds write due to an 
integer over ...)
-       TODO: check
+       NOT-FOR-US: Mediatek components for Android
 CVE-2021-0353 (In kisd, there is a possible memory corruption due to a heap 
buffer ov ...)
-       TODO: check
+       NOT-FOR-US: Mediatek components for Android
 CVE-2021-0352 (In RT regmap driver, there is a possible memory corruption due 
to type ...)
-       TODO: check
+       NOT-FOR-US: Mediatek components for Android
 CVE-2021-0351 (In wlan driver, there is a possible system crash due to a 
missing boun ...)
-       TODO: check
+       NOT-FOR-US: Mediatek components for Android
 CVE-2021-0350 (In ged, there is a possible system crash due to an improper 
input vali ...)
-       TODO: check
+       NOT-FOR-US: Mediatek components for Android
 CVE-2021-0349 (In display driver, there is a possible memory corruption due to 
a use  ...)
-       TODO: check
+       NOT-FOR-US: Mediatek components for Android
 CVE-2021-0348 (In vpu, there is a possible out of bounds write due to a 
missing bound ...)
-       TODO: check
+       NOT-FOR-US: Mediatek components for Android
 CVE-2021-0347 (In ccu, there is a possible out of bounds read due to a missing 
bounds ...)
-       TODO: check
+       NOT-FOR-US: Mediatek components for Android
 CVE-2021-0346 (In vpu, there is a possible out of bounds write due to an 
incorrect bo ...)
-       TODO: check
+       NOT-FOR-US: Mediatek components for Android
 CVE-2021-0345 (In mobile_log_d, there is a possible escalation of privilege 
due to im ...)
-       TODO: check
+       NOT-FOR-US: Mediatek components for Android
 CVE-2021-0344 (In mtkpower, there is a possible memory corruption due to a 
missing bo ...)
-       TODO: check
+       NOT-FOR-US: Mediatek components for Android
 CVE-2021-0343 (In kisd, there is a possible out of bounds write due to a 
missing boun ...)
-       TODO: check
+       NOT-FOR-US: Mediatek components for Android
 CVE-2021-0342 (In tun_get_user of tun.c, there is possible memory corruption 
due to a ...)
        - linux 5.7.6-1
        [buster] - linux 4.19.131-1
@@ -28298,11 +28298,11 @@ CVE-2020-27251 (A heap overflow vulnerability exists 
within FactoryTalk Linx Ver
 CVE-2020-27250
        RESERVED
 CVE-2020-27249 (A specially crafted document can cause the document parser to 
copy dat ...)
-       TODO: check
+       NOT-FOR-US: SoftMaker
 CVE-2020-27248 (A specially crafted document can cause the document parser to 
copy dat ...)
-       TODO: check
+       NOT-FOR-US: SoftMaker
 CVE-2020-27247 (A specially crafted document can cause the document parser to 
copy dat ...)
-       TODO: check
+       NOT-FOR-US: SoftMaker
 CVE-2020-27246
        RESERVED
 CVE-2020-27245
@@ -58069,6 +58069,7 @@ CVE-2020-13925 (Similar to CVE-2020-1956, Kylin has one 
more restful API which c
        NOT-FOR-US: Apache Kylin (different from Kylin desktop environment)
 CVE-2020-13924
        RESERVED
+       NOT-FOR-US: Apache Ambari
 CVE-2020-13923 (IDOR vulnerability in the order processing feature from 
ecommerce comp ...)
        NOT-FOR-US: Apache OFBiz
 CVE-2020-13922 (Versions of Apache DolphinScheduler prior to 1.3.2 allowed an 
ordinary ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e6c75bdf6e29344be27a92d9e1cfb7e1ae1fc2a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e6c75bdf6e29344be27a92d9e1cfb7e1ae1fc2a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to