[Git][security-tracker-team/security-tracker][master] NFUs (concludes external check)

Moritz Muehlenhoff (@jmm) Wed, 13 Oct 2021 02:12:34 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d1616418 by Moritz Muehlenhoff at 2021-10-13T11:12:04+02:00
NFUs (concludes external check)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -375,7 +375,7 @@ CVE-2021-42259
 CVE-2021-42258
        RESERVED
 CVE-2021-42257 (check_smart before 6.9.1 allows unintended drive access by an 
unprivil ...)
-       TODO: check
+       NOT-FOR-US: check_smart Icinga plugin
 CVE-2021-42256
        RESERVED
 CVE-2021-3878
@@ -620,7 +620,7 @@ CVE-2021-42141
 CVE-2021-42140
        RESERVED
 CVE-2021-42139 (Deno before 0.107.0 allows Code Injection via an untrusted 
YAML file i ...)
-       TODO: check
+       NOT-FOR-US: Deno
 CVE-2021-42138
        RESERVED
 CVE-2021-42137 (An issue was discovered in Zammad before 5.0.1. In some cases, 
there i ...)
@@ -2433,7 +2433,7 @@ CVE-2021-41357 (Win32k Elevation of Privilege 
Vulnerability This CVE ID is uniqu
 CVE-2021-41356
        RESERVED
 CVE-2021-41355 (.NET Core and Visual Studio Information Disclosure 
Vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Microsoft .NET
 CVE-2021-41354 (Microsoft Dynamics 365 (on-premises) Cross-site Scripting 
Vulnerabilit ...)
        NOT-FOR-US: Microsoft
 CVE-2021-41353 (Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability 
...)
@@ -2950,7 +2950,7 @@ CVE-2021-41119
 CVE-2021-41118 (The DynamicPageList3 extension is a reporting tool for 
MediaWiki, list ...)
        NOT-FOR-US: DynamicPageList3 MediaWiki Extension
 CVE-2021-41117 (keypair is a a RSA PEM key generator written in javascript. 
keypair im ...)
-       TODO: check
+       NOT-FOR-US: keypair
 CVE-2021-41116 (Composer is an open source dependency manager for the PHP 
language. In ...)
        - composer <not-affected> (Only affects Windows)
        NOTE: 
https://github.com/composer/composer/security/advisories/GHSA-frqg-7g38-6gcf
@@ -16268,13 +16268,13 @@ CVE-2021-35499
 CVE-2021-35498
        RESERVED
 CVE-2021-35497 (The FTL Server (tibftlserver) and Docker images containing 
tibftlserve ...)
-       TODO: check
+       NOT-FOR-US: TIBCO
 CVE-2021-35496 (The XMLA Connections component of TIBCO Software Inc.'s TIBCO 
JasperRe ...)
-       TODO: check
+       NOT-FOR-US: TIBCO
 CVE-2021-35495 (The Scheduler Connection component of TIBCO Software Inc.'s 
TIBCO Jasp ...)
-       TODO: check
+       NOT-FOR-US: TIBCO
 CVE-2021-35494 (The Rest API component of TIBCO Software Inc.'s TIBCO 
JasperReports Se ...)
-       TODO: check
+       NOT-FOR-US: TIBCO
 CVE-2021-35493 (The WebFOCUS Reporting Server and WebFOCUS Client components 
of TIBCO  ...)
        NOT-FOR-US: WebFOCUS
 CVE-2021-3619 (Rapid7 Velociraptor 0.5.9 and prior is vulnerable to a 
post-authentica ...)
@@ -19892,7 +19892,7 @@ CVE-2021-33905
 CVE-2021-33904 (** DISPUTED ** In Accela Civic Platform through 21.1, the 
security/hos ...)
        NOT-FOR-US: Accela Civic Platform
 CVE-2021-33903 (In LCOS 10.40 to 10.42.0473-RU3 with SNMPv3 enabled on LANCOM 
devices, ...)
-       TODO: check
+       NOT-FOR-US: LANCOM
 CVE-2021-33902
        RESERVED
 CVE-2021-33901
@@ -20018,7 +20018,7 @@ CVE-2021-33851
 CVE-2021-33850
        RESERVED
 CVE-2021-33849 (A Cross-Site Scripting (XSS) attack can cause arbitrary code 
(JavaScri ...)
-       TODO: check
+       NOT-FOR-US: Zoho
 CVE-2021-3581 (Buffer Access with Incorrect Length Value in zephyr. Zephyr 
versions & ...)
        NOT-FOR-US: Zephyr, different from src:zephyr
 CVE-2021-3580 (A flaw was found in the way nettle's RSA decryption functions 
handled  ...)
@@ -24783,11 +24783,11 @@ CVE-2021-31990
 CVE-2021-31989 (A user with permission to log on to the machine hosting the 
AXIS Devic ...)
        NOT-FOR-US: AXIS
 CVE-2021-31988 (A user controlled parameter related to SMTP test functionality 
is not  ...)
-       TODO: check
+       NOT-FOR-US: AXIS
 CVE-2021-31987 (A user controlled parameter related to SMTP test functionality 
is not  ...)
-       TODO: check
+       NOT-FOR-US: AXIS
 CVE-2021-31986 (User controlled parameters related to SMTP notifications are 
not corre ...)
-       TODO: check
+       NOT-FOR-US: AXIS
 CVE-2021-31985 (Microsoft Defender Remote Code Execution Vulnerability ...)
        NOT-FOR-US: Microsoft
 CVE-2021-31984 (Power BI Remote Code Execution Vulnerability ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d1616418133fef562ba5f7bf327b99aad3be24ca

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d1616418133fef562ba5f7bf327b99aad3be24ca
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs (concludes external check)

Reply via email to