[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue, 02 Mar 2021 12:35:15 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ded4c424 by Salvatore Bonaccorso at 2021-03-02T21:34:36+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -65,7 +65,7 @@ CVE-2021-27887
 CVE-2021-27886 (rakibtg Docker Dashboard before 2021-02-28 allows command 
injection in ...)
        NOT-FOR-US: rakibtg Docker Dashboard
 CVE-2021-27885 (usersettings.php in e107 through 2.3.0 lacks a certain e_TOKEN 
protect ...)
-       TODO: check
+       NOT-FOR-US: e107
 CVE-2021-27884 (Weak JSON Web Token (JWT) signing secret generation in YMFE 
YApi throu ...)
        TODO: check
 CVE-2021-27883
@@ -3037,7 +3037,7 @@ CVE-2021-3386
 CVE-2021-3385
        RESERVED
 CVE-2021-3384 (A vulnerability in Stormshield Network Security could allow an 
attacke ...)
-       TODO: check
+       NOT-FOR-US: Stormshield Network Security
 CVE-2021-3383
        RESERVED
 CVE-2021-3382 (Stack buffer overflow vulnerability in gitea 1.9.0 through 
1.13.1 allo ...)
@@ -6073,7 +6073,7 @@ CVE-2021-25332
 CVE-2021-25331
        RESERVED
 CVE-2021-25330 (Calling of non-existent provider in MobileWips application 
prior to SM ...)
-       TODO: check
+       NOT-FOR-US: MobileWips application
 CVE-2020-36198
        RESERVED
 CVE-2020-36197
@@ -12660,11 +12660,11 @@ CVE-2021-22298 (There is a logic vulnerability in 
Huawei Gauss100 OLTP Product.
 CVE-2021-22297
        RESERVED
 CVE-2021-22296 (A component of the HarmonyOS 2.0 has a DoS vulnerability. 
Local attack ...)
-       TODO: check
+       NOT-FOR-US: HarmonyOS
 CVE-2021-22295
        RESERVED
 CVE-2021-22294 (A component API of the HarmonyOS 2.0 has a permission bypass 
vulnerabi ...)
-       TODO: check
+       NOT-FOR-US: HarmonyOS
 CVE-2021-22293 (Some Huawei products have an inconsistent interpretation of 
HTTP reque ...)
        NOT-FOR-US: Huawei
 CVE-2021-22292 (There is a denial of service (DoS) vulnerability in eCNS280 
versions V ...)
@@ -14269,7 +14269,7 @@ CVE-2021-21519
 CVE-2021-21518
        RESERVED
 CVE-2021-21517 (SRS Policy Manager 6.X is affected by an XML External Entity 
Injection ...)
-       TODO: check
+       NOT-FOR-US: SRS Policy Manager
 CVE-2021-21516
        RESERVED
 CVE-2021-21515 (Dell EMC SourceOne, versions 7.2SP10 and prior, contain a 
Stored Cross ...)
@@ -15899,7 +15899,7 @@ CVE-2021-21330 (aiohttp is an asynchronous HTTP 
client/server framework for asyn
 CVE-2021-21329
        RESERVED
 CVE-2021-21328 (Vapor is a web framework for Swift. In Vapor before version 
4.40.1, th ...)
-       TODO: check
+       NOT-FOR-US: Vapor
 CVE-2021-21327
        RESERVED
 CVE-2021-21326



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ded4c424740e71f3de67cfe4106eba51fe30f090

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ded4c424740e71f3de67cfe4106eba51fe30f090
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to