Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b36cc3f0 by Salvatore Bonaccorso at 2021-04-30T22:37:01+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1579,9 +1579,9 @@ CVE-2021-31234
CVE-2021-31233
RESERVED
CVE-2021-31232 (The Alertmanager in CNCF Cortex before 1.8.1 has a local file
disclosu ...)
- TODO: check
+ NOT-FOR-US: CNCF Cortex
CVE-2021-31231 (The Alertmanager in Grafana Enterprise Metrics before 1.2.1
and Metric ...)
- TODO: check
+ NOT-FOR-US: Grafana Enterprise Metrics and Metrics Enterprise
CVE-2021-31230
RESERVED
CVE-2021-31229 (An issue was discovered in libezxml.a in ezXML 0.8.6. The
function ezx ...)
@@ -6737,7 +6737,7 @@ CVE-2021-28961
(applications/luci-app-ddns/luasrc/model/cbi/ddns/detail.lua in t
CVE-2021-28960
RESERVED
CVE-2021-28959 (Zoho ManageEngine Eventlog Analyzer through 12147 is
vulnerable to una ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-28958
RESERVED
CVE-2021-28956 (** UNSUPPORTED WHEN ASSIGNED ** The unofficial
vscode-sass-lint (aka S ...)
@@ -23784,13 +23784,13 @@ CVE-2021-21539
CVE-2021-21538
RESERVED
CVE-2021-21537 (Dell Hybrid Client versions prior to 1.5 contain an
information exposu ...)
- TODO: check
+ NOT-FOR-US: Dell Hybrid Client
CVE-2021-21536 (Dell Hybrid Client versions prior to 1.5 contain an
information exposu ...)
- TODO: check
+ NOT-FOR-US: Dell Hybrid Client
CVE-2021-21535 (Dell Hybrid Client versions prior to 1.5 contain a missing
authenticat ...)
- TODO: check
+ NOT-FOR-US: Dell Hybrid Client
CVE-2021-21534 (Dell Hybrid Client versions prior to 1.5 contain an
information exposu ...)
- TODO: check
+ NOT-FOR-US: Dell Hybrid Client
CVE-2021-21533 (Wyse Management Suite versions up to 3.2 contains a
vulnerability wher ...)
NOT-FOR-US: Wyse Management Suite
CVE-2021-21532 (Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper
manageme ...)
@@ -40541,7 +40541,7 @@ CVE-2020-27521
CVE-2020-27520
RESERVED
CVE-2020-27519 (Pritunl Client v1.2.2550.20 contains a local privilege
escalation vuln ...)
- TODO: check
+ NOT-FOR-US: Pritunl Client
CVE-2020-27518
RESERVED
CVE-2020-27517
@@ -46729,7 +46729,7 @@ CVE-2020-24920
CVE-2020-24919
RESERVED
CVE-2020-24918 (A buffer overflow in the RTSP service of the Ambarella Oryx
RTSP Serve ...)
- TODO: check
+ NOT-FOR-US: Ambarella
CVE-2020-24917 (osTicket before 1.14.3 allows XSS via a crafted filename to
DraftAjaxA ...)
NOT-FOR-US: osTicket
CVE-2020-24916 (CGI implementation in Yaws web server versions 1.81 to 2.0.7
is vulner ...)
@@ -60651,7 +60651,7 @@ CVE-2020-18072
CVE-2020-18071
RESERVED
CVE-2020-18070 (Path Traversal in iCMS v7.0.13 allows remote attackers to
delete folde ...)
- TODO: check
+ NOT-FOR-US: iCMS
CVE-2020-18069
RESERVED
CVE-2020-18068
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b36cc3f02ee47abec994dd6a88d82d22aaeaf42c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b36cc3f02ee47abec994dd6a88d82d22aaeaf42c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
