[Git][security-tracker-team/security-tracker][master] Process NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ca98d61e by Salvatore Bonaccorso at 2021-08-13T21:25:29+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1782,7 +1782,7 @@ CVE-2021-37843 (The resolution SAML SSO apps for 
Atlassian products allow a remo
 CVE-2021-37842
        RESERVED
 CVE-2021-37841 (Docker Desktop before 3.6.0 suffers from incorrect access 
control. If  ...)
-       TODO: check
+       NOT-FOR-US: Docker Desktop on Windows
 CVE-2021-37840 (aaPanel through 6.8.12 allows Cross-Site WebSocket Hijacking 
(CSWH) in ...)
        NOT-FOR-US: aaPanel
 CVE-2021-37839
@@ -2316,7 +2316,7 @@ CVE-2021-37603
 CVE-2021-37602
        RESERVED
 CVE-2021-37599 (The exporter/Login.aspx login form in the Exporter in Nuance 
Winscribe ...)
-       TODO: check
+       NOT-FOR-US: Nuance
 CVE-2021-3668
        RESERVED
 CVE-2021-37600 (An integer overflow in util-linux through 2.37.1 can 
potentially cause ...)
@@ -3624,7 +3624,7 @@ CVE-2021-36984
 CVE-2021-36983 (replay-sorcery-kms in Replay Sorcery 0.6.0 allows a local 
attacker to  ...)
        NOT-FOR-US: ReplaySorcery
 CVE-2021-36982 (AIMANAGER before B115 on MONITORAPP Application Insight Web 
Applicatio ...)
-       TODO: check
+       NOT-FOR-US: MONITORAPP Application Insight Web Application Firewall 
(AIWAF) devices
 CVE-2021-36981
        RESERVED
 CVE-2021-3655 (A vulnerability was found in the Linux kernel in versions 
before v5.14 ...)
@@ -3784,7 +3784,7 @@ CVE-2021-36923
 CVE-2021-36922
        RESERVED
 CVE-2021-36921 (AIMANAGER before B115 on MONITORAPP Application Insight Web 
Applicatio ...)
-       TODO: check
+       NOT-FOR-US: MONITORAPP Application Insight Web Application Firewall 
(AIWAF) devices
 CVE-2021-36920
        RESERVED
 CVE-2021-36919
@@ -12336,7 +12336,7 @@ CVE-2021-33200 (kernel/bpf/verifier.c in the Linux 
kernel through 5.12.7 enforce
        NOTE: https://www.openwall.com/lists/oss-security/2021/05/27/1
        NOTE: Issue introduced due to fixes applied for CVE-2021-29155
 CVE-2021-33199 (In Expression Engine before 6.0.3, addonIcon in 
Addons/file/mod.file.p ...)
-       TODO: check
+       NOT-FOR-US: Expression Engine
 CVE-2021-33198 (In Go before 1.15.13 and 1.16.x before 1.16.5, there can be a 
panic fo ...)
        - golang-1.16 1.16.5-1
        - golang-1.15 1.15.9-5
@@ -12705,7 +12705,7 @@ CVE-2021-33058
 CVE-2021-33057
        RESERVED
 CVE-2021-33056 (Belledonne Belle-sip before 4.5.20, as used in Linphone and 
other prod ...)
-       TODO: check
+       NOT-FOR-US: Belledonne Belle-sip
 CVE-2021-33055
        RESERVED
 CVE-2021-33054 (SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does 
not valida ...)
@@ -16139,7 +16139,7 @@ CVE-2021-31733
 CVE-2021-31732
        RESERVED
 CVE-2021-31731 (A directory traversal issue in KiteCMS 1.1.1 allows remote 
administrat ...)
-       TODO: check
+       NOT-FOR-US: KiteCMS
 CVE-2021-31730
        RESERVED
 CVE-2021-31729
@@ -26052,15 +26052,15 @@ CVE-2021-27796
 CVE-2021-27795
        RESERVED
 CVE-2021-27794 (A vulnerability in the authentication mechanism of Brocade 
Fabric OS v ...)
-       TODO: check
+       NOT-FOR-US: Brocade Fabric OS
 CVE-2021-27793 (ntermittent authorization failure in aaa tacacs+ with Brocade 
Fabric O ...)
-       TODO: check
+       NOT-FOR-US: Brocade Fabric OS
 CVE-2021-27792 (The command “ipfilter” in Brocade Fabric OS before 
Brocade ...)
-       TODO: check
+       NOT-FOR-US: Brocade Fabric OS
 CVE-2021-27791 (The function that is used to parse the Authentication header 
in Brocad ...)
-       TODO: check
+       NOT-FOR-US: Brocade Fabric OS
 CVE-2021-27790 (The command “ipfilter” in Brocade Fabric OS before 
Brocade ...)
-       TODO: check
+       NOT-FOR-US: Brocade Fabric OS
 CVE-2021-27789
        RESERVED
 CVE-2021-27788
@@ -71597,7 +71597,7 @@ CVE-2020-21365
 CVE-2020-21364
        RESERVED
 CVE-2020-21363 (An arbitrary file deletion vulnerability exists within 
Maccms10. ...)
-       TODO: check
+       NOT-FOR-US: Maccms10
 CVE-2020-21362 (A cross site scripting (XSS) vulnerability in the background 
search fu ...)
        NOT-FOR-US: Maccms10
 CVE-2020-21361
@@ -77492,7 +77492,7 @@ CVE-2020-18465
 CVE-2020-18464 (Cross Site Request Forgery (CSRF) vulnerability in AikCms 
2.0.0 in vid ...)
        NOT-FOR-US: AikCms
 CVE-2020-18463 (Cross Site Request Forgery (CSRF) vulnerability exists in 
v2.0.0 in vi ...)
-       TODO: check
+       NOT-FOR-US: aikcms
 CVE-2020-18462 (File Upload vulnerabilty in AikCms v2.0.0 in poster_edit.php 
because t ...)
        NOT-FOR-US: AikCms
 CVE-2020-18461



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ca98d61eae1b528f0a27f32be3484b76ef2cb27b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ca98d61eae1b528f0a27f32be3484b76ef2cb27b
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits