[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) Sat, 22 May 2021 01:31:15 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
1876a6b9 by Salvatore Bonaccorso at 2021-05-22T10:30:30+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,19 +1,19 @@
 CVE-2021-33514 (Certain NETGEAR devices are affected by command injection by 
an unauth ...)
        NOT-FOR-US: Netgear
 CVE-2021-33513 (Plone through 5.2.4 allows XSS via the inline_diff methods in 
Products ...)
-       TODO: check
+       NOT-FOR-US: Plone
 CVE-2021-33512 (Plone through 5.2.4 allows stored XSS attacks (by a 
Contributor) by up ...)
-       TODO: check
+       NOT-FOR-US: Plone
 CVE-2021-33511 (Plone though 5.2.4 allows SSRF via the lxml parser. This 
affects Diazo ...)
-       TODO: check
+       NOT-FOR-US: Plone
 CVE-2021-33510 (Plone through 5.2.4 allows remote authenticated managers to 
conduct SS ...)
-       TODO: check
+       NOT-FOR-US: Plone
 CVE-2021-33509 (Plone through 5.2.4 allows remote authenticated managers to 
perform di ...)
-       TODO: check
+       NOT-FOR-US: Plone
 CVE-2021-33508 (Plone through 5.2.4 allows XSS via a full name that is 
mishandled duri ...)
-       TODO: check
+       NOT-FOR-US: Plone
 CVE-2021-33507 (Zope Products.CMFCore before 2.5.1 and 
Products.PluggableAuthService b ...)
-       TODO: check
+       NOT-FOR-US: Zope Products.CMFCore (as used in Plone)
 CVE-2021-33506
        RESERVED
 CVE-2021-33505
@@ -9617,7 +9617,7 @@ CVE-2021-29417 (gitjacker before 0.1.0 allows remote 
attackers to execute arbitr
 CVE-2021-29416 (An issue was discovered in PortSwigger Burp Suite before 
2021.2. Durin ...)
        NOT-FOR-US: Burp Suite (different from src:burp)
 CVE-2021-29415 (The elliptic curve cryptography (ECC) hardware accelerator, 
part of th ...)
-       TODO: check
+       NOT-FOR-US: NordicSemiconductor nRF52840
 CVE-2021-29414 (STMicroelectronics STM32L4 devices through 2021-03-29 have 
incorrect p ...)
        NOT-FOR-US: STMicroelectronics STM32L4 devices
 CVE-2021-29413
@@ -27769,7 +27769,7 @@ CVE-2021-21554
 CVE-2021-21553
        RESERVED
 CVE-2021-21552 (Dell Wyse Windows Embedded System versions WIE10 LTSC 2019 and 
earlier ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2021-21551 (Dell dbutil_2_3.sys driver contains an insufficient access 
control vul ...)
        NOT-FOR-US: Dell
 CVE-2021-21550 (Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper 
neutralizati ...)
@@ -38601,33 +38601,33 @@ CVE-2021-1562
 CVE-2021-1561
        RESERVED
 CVE-2021-1560 (Multiple vulnerabilities in Cisco DNA Spaces Connector could 
allow an  ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1559 (Multiple vulnerabilities in Cisco DNA Spaces Connector could 
allow an  ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1558 (Multiple vulnerabilities in Cisco DNA Spaces Connector could 
allow an  ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1557 (Multiple vulnerabilities in Cisco DNA Spaces Connector could 
allow an  ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1556
        RESERVED
 CVE-2021-1555 (Multiple vulnerabilities in the web-based management interface 
of cert ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1554 (Multiple vulnerabilities in the web-based management interface 
of cert ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1553 (Multiple vulnerabilities in the web-based management interface 
of cert ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1552 (Multiple vulnerabilities in the web-based management interface 
of cert ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1551 (Multiple vulnerabilities in the web-based management interface 
of cert ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1550 (Multiple vulnerabilities in the web-based management interface 
of cert ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1549 (Multiple vulnerabilities in the web-based management interface 
of cert ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1548 (Multiple vulnerabilities in the web-based management interface 
of cert ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1547 (Multiple vulnerabilities in the web-based management interface 
of cert ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1546
        RESERVED
 CVE-2021-1545
@@ -38659,7 +38659,7 @@ CVE-2021-1533
 CVE-2021-1532 (A vulnerability in the video endpoint API (xAPI) of Cisco 
TelePresence ...)
        NOT-FOR-US: Cisco
 CVE-2021-1531 (A vulnerability in the web UI of Cisco Modeling Labs could 
allow an au ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1530 (A vulnerability in the web-based management interface of Cisco 
BroadWo ...)
        NOT-FOR-US: Cisco
 CVE-2021-1529
@@ -38747,7 +38747,7 @@ CVE-2021-1489 (A vulnerability in filesystem usage 
management for Cisco Firepowe
 CVE-2021-1488 (A vulnerability in the upgrade process of Cisco Adaptive 
Security Appl ...)
        NOT-FOR-US: Cisco
 CVE-2021-1487 (A vulnerability in the web-based management interface of Cisco 
Prime I ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1486 (A vulnerability in Cisco SD-WAN vManage Software could allow an 
unauth ...)
        NOT-FOR-US: Cisco
 CVE-2021-1485 (A vulnerability in the CLI of Cisco IOS XR Software could allow 
an aut ...)
@@ -39011,7 +39011,7 @@ CVE-2021-1360 (Multiple vulnerabilities in the 
web-based management interface of
 CVE-2021-1359
        RESERVED
 CVE-2021-1358 (A vulnerability in the web-based management interface of Cisco 
Finesse ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1357 (Multiple vulnerabilities in Cisco Unified Communications 
Manager IM &a ...)
        NOT-FOR-US: Cisco
 CVE-2021-1356 (Multiple vulnerabilities in the web UI of Cisco IOS XE Software 
could  ...)
@@ -39115,7 +39115,7 @@ CVE-2021-1308 (Multiple vulnerabilities exist in the 
Link Layer Discovery Protoc
 CVE-2021-1307 (Multiple vulnerabilities in the web-based management interface 
of Cisc ...)
        NOT-FOR-US: Cisco
 CVE-2021-1306 (A vulnerability in the restricted shell of Cisco Evolved 
Programmable  ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1305 (Multiple vulnerabilities in the web-based management interface 
of Cisc ...)
        NOT-FOR-US: Cisco
 CVE-2021-1304 (Multiple vulnerabilities in the web-based management interface 
of Cisc ...)
@@ -39219,7 +39219,7 @@ CVE-2021-1256 (A vulnerability in the CLI of Cisco 
Firepower Threat Defense (FTD
 CVE-2021-1255 (Multiple vulnerabilities in the REST API endpoint of Cisco Data 
Center ...)
        NOT-FOR-US: Cisco
 CVE-2021-1254 (Multiple vulnerabilities in the web-based management interface 
of Cisc ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2021-1253 (Multiple vulnerabilities in the web-based management interface 
of Cisc ...)
        NOT-FOR-US: Cisco
 CVE-2021-1252 (A vulnerability in the Excel XLM macro parsing module in Clam 
AntiViru ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1876a6b964f51bd0abd63b590c0b59a00a63962b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1876a6b964f51bd0abd63b590c0b59a00a63962b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to