[Git][security-tracker-team/security-tracker][master] Process some NFUs

Neil Williams (@codehelp) Fri, 03 Sep 2021 05:31:46 -0700


Neil Williams pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d6427dbe by Neil Williams at 2021-09-03T13:31:15+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -348,7 +348,8 @@ CVE-2021-3759 [ unaccounted ipc objects in Linux kernel 
lead to breaking memcg l
 CVE-2021-3758 (bookstack is vulnerable to Server-Side Request Forgery (SSRF) 
...)
        NOT-FOR-US: bookstack
 CVE-2021-3757 (immer is vulnerable to Improperly Controlled Modification of 
Object Pr ...)
-       TODO: check
+       NOT-FOR-US: Node immer
+       NOTE: https://github.com/immerjs/immer
 CVE-2021-40331
        RESERVED
 CVE-2021-3756
@@ -40790,7 +40791,7 @@ CVE-2021-23438 (This affects the package mpath before 
0.8.4. A type confusion vu
 CVE-2021-23437
        RESERVED
 CVE-2021-23436 (This affects the package immer before 9.0.6. A type confusion 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: Node immer
 CVE-2021-23435
        RESERVED
 CVE-2021-23434 (This affects the package object-path before 0.11.6. A type 
confusion v ...)
@@ -42938,7 +42939,7 @@ CVE-2021-22527
 CVE-2021-22526
        RESERVED
 CVE-2021-22525 (This release addresses a potential information leakage 
vulnerability i ...)
-       TODO: check
+       NOT-FOR-US: Microfocus
 CVE-2021-22524
        RESERVED
 CVE-2021-22523 (XML External Entity vulnerability in Micro Focus Verastream 
Host Integ ...)
@@ -47982,7 +47983,7 @@ CVE-2021-21088
 CVE-2021-21087 (Adobe Coldfusion versions 2016 (update 16 and earlier), 2018 
(update 1 ...)
        NOT-FOR-US: Adobe
 CVE-2021-21086 (Acrobat Reader DC versions versions 2020.013.20074 (and 
earlier), 2020 ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2021-21085 (Adobe Connect version 11.0.7 (and earlier) is affected by an 
Input Val ...)
        NOT-FOR-US: Adobe
 CVE-2021-21084 (AEM's Cloud Service offering, as well as versions 6.5.7.0 (and 
below), ...)
@@ -83003,7 +83004,8 @@ CVE-2020-18050
 CVE-2020-18049
        RESERVED
 CVE-2020-18048 (An issue in craigms/main.php of CraigMS 1.0 allows attackers 
to execut ...)
-       TODO: check
+       NOT-FOR-US: CraigMS
+       NOTE: https://github.com/bertanddip/CraigMS
 CVE-2020-18047
        RESERVED
 CVE-2020-18046



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d6427dbe0a70321fb368c8a38f8173714131a308

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d6427dbe0a70321fb368c8a38f8173714131a308
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to