Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f94c2ac3 by Salvatore Bonaccorso at 2021-03-09T21:38:24+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1156,23 +1156,23 @@ CVE-2021-27594
CVE-2021-27593
RESERVED
CVE-2021-27592 (When a user opens manipulated Universal 3D (.U3D) files
received from ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-27591 (When a user opens manipulated Portable Document Format (.PDF)
format f ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-27590 (When a user opens manipulated Tag Image File Format (.TIFF)
format fil ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-27589 (When a user opens manipulated Scalable Vector Graphics (.SVG)
format f ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-27588 (When a user opens manipulated HPGL format files received from
untruste ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-27587 (When a user opens manipulated Jupiter Tessellation (.JT)
format files ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-27586 (When a user opens manipulated Interchange File Format (.IFF)
format fi ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-27585 (When a user opens manipulated Computer Graphics Metafile
(.CGM) format ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-27584 (When a user opens manipulated PhotoShop Document (.PSD) format
files r ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-27583 (** UNSUPPORTED WHEN ASSIGNED ** In Directus 8.x through 8.8.1,
an atta ...)
NOT-FOR-US: Directus
CVE-2021-27582 (org/mitre/oauth2/web/OAuthConfirmationController.java in the
OpenID Co ...)
@@ -15547,7 +15547,7 @@ CVE-2019-25001 (An issue was discovered in the
serde_cbor crate before 0.10.2 fo
CVE-2018-25001 (An issue was discovered in the libpulse-binding crate before
2.5.0 for ...)
NOT-FOR-US: libpulse-binding rust crate
CVE-2021-21493 (When a user opens manipulated Graphics Interchange Format
(.GIF) forma ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-21492
RESERVED
CVE-2021-21491
@@ -15559,21 +15559,21 @@ CVE-2021-21489
CVE-2021-21488 (Knowledge Management versions 7.01, 7.02, 7.30, 7.31, 7.40,
7.50 allow ...)
TODO: check
CVE-2021-21487 (SAP Payment Engine version 500, does not perform necessary
authorizati ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-21486 (SAP Enterprise Financial Services versions, 101, 102, 103,
104, 105, 6 ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-21485
RESERVED
CVE-2021-21484 (LDAP authentication in SAP HANA Database version 2.0 can be
bypassed i ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-21483
RESERVED
CVE-2021-21482
RESERVED
CVE-2021-21481 (The MigrationService, which is part of SAP NetWeaver versions
7.10, 7. ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-21480 (SAP MII allows users to create dashboards and save them as JSP
through ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-21479 (In SCIMono before 0.0.19, it is possible for an attacker to
inject and ...)
NOT-FOR-US: SAP
CVE-2021-21478 (SAP Web Dynpro ABAP allow an attacker to redirect users to a
malicious ...)
@@ -18783,7 +18783,7 @@ CVE-2021-20343
CVE-2021-20342
RESERVED
CVE-2021-20341 (IBM Cloud Pak for Multicloud Management Monitoring 2.2 returns
potenti ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2021-20340 (IBM Engineering products are vulnerable to cross-site
scripting. This ...)
NOT-FOR-US: IBM
CVE-2021-20339
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f94c2ac3777de6ac84a35ba72cab3cb57626d868
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f94c2ac3777de6ac84a35ba72cab3cb57626d868
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
