[Git][security-tracker-team/security-tracker][master] Process NFUs

Fri, 05 Nov 2021 13:20:24 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
cf0c385a by Salvatore Bonaccorso at 2021-11-05T21:19:47+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,13 +5,13 @@ CVE-2021-43408
 CVE-2021-43407
        RESERVED
 CVE-2021-43406 (An issue was discovered in FusionPBX before 4.5.30. The 
fax_post_size  ...)
-       TODO: check
+       NOT-FOR-US: FusionPBX
 CVE-2021-43405 (An issue was discovered in FusionPBX before 4.5.30. The 
fax_extension  ...)
-       TODO: check
+       NOT-FOR-US: FusionPBX
 CVE-2021-43404 (An issue was discovered in FusionPBX before 4.5.30. The FAX 
file name  ...)
-       TODO: check
+       NOT-FOR-US: FusionPBX
 CVE-2021-43403 (An issue was discovered in FusionPBX before 4.5.30. The 
log_viewer.php ...)
-       TODO: check
+       NOT-FOR-US: FusionPBX
 CVE-2021-43402
        RESERVED
 CVE-2021-43401
@@ -244,7 +244,7 @@ CVE-2021-43298
 CVE-2021-43297
        RESERVED
 CVE-2021-3924 (grav is vulnerable to Improper Limitation of a Pathname to a 
Restricte ...)
-       TODO: check
+       NOT-FOR-US: Grav CMS
 CVE-2021-23222
        RESERVED
 CVE-2021-23214
@@ -1693,7 +1693,7 @@ CVE-2021-43085
 CVE-2021-43084
        RESERVED
 CVE-2021-3916 (bookstack is vulnerable to Improper Limitation of a Pathname to 
a Rest ...)
-       TODO: check
+       NOT-FOR-US: bookstack
 CVE-2015-10001 (The WP-Stats WordPress plugin before 2.52 does not have CSRF 
check whe ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-43083
@@ -2281,7 +2281,7 @@ CVE-2021-42839
 CVE-2021-42838
        RESERVED
 CVE-2021-42837 (An issue was discovered in Talend Data Catalog before 
7.3-20210930. Af ...)
-       TODO: check
+       NOT-FOR-US: Talend Data Catalog
 CVE-2021-42836 (GJSON before 1.9.3 allows a ReDoS (regular expression denial 
of servic ...)
        - golang-github-tidwall-gjson <unfixed>
        NOTE: 
https://github.com/tidwall/gjson/commit/590010fdac311cc8990ef5c97448d4fec8f29944
@@ -2605,13 +2605,13 @@ CVE-2021-42703
 CVE-2021-42702
        RESERVED
 CVE-2021-42701 (An attacker could prepare a specially crafted project file 
that, if op ...)
-       TODO: check
+       NOT-FOR-US: AzeoTech
 CVE-2021-42700
        RESERVED
 CVE-2021-42699 (The affected product is vulnerable to cookie information being 
transmi ...)
-       TODO: check
+       NOT-FOR-US: AzeoTech
 CVE-2021-42698 (Project files are stored memory objects in the form of binary 
serializ ...)
-       TODO: check
+       NOT-FOR-US: AzeoTech
 CVE-2021-42697 (Akka HTTP 10.1.x and 10.2.x before 10.2.7 can encounter stack 
exhausti ...)
        NOT-FOR-US: Akka HTTP
 CVE-2021-42696
@@ -2665,25 +2665,25 @@ CVE-2021-42673
 CVE-2021-42672
        RESERVED
 CVE-2021-42671 (An incorrect access control vulnerability exists in 
Sourcecodester Eng ...)
-       TODO: check
+       NOT-FOR-US: Sourcecodester
 CVE-2021-42670 (A SQL injection vulnerability exists in Sourcecodester 
Engineers Onlin ...)
-       TODO: check
+       NOT-FOR-US: Sourcecodester
 CVE-2021-42669 (A file upload vulnerability exists in Sourcecodester Engineers 
Online  ...)
-       TODO: check
+       NOT-FOR-US: Sourcecodester
 CVE-2021-42668 (A SQL Injection vulnerability exists in Sourcecodester 
Engineers Onlin ...)
-       TODO: check
+       NOT-FOR-US: Sourcecodester
 CVE-2021-42667 (A SQL Injection vulnerability exists in Sourcecodester Online 
Event Bo ...)
-       TODO: check
+       NOT-FOR-US: Sourcecodester
 CVE-2021-42666 (A SQL Injection vulnerability exists in Sourcecodester 
Engineers Onlin ...)
-       TODO: check
+       NOT-FOR-US: Sourcecodester
 CVE-2021-42665 (An SQL Injection vulnerability exists in Sourcecodester 
Engineers Onli ...)
-       TODO: check
+       NOT-FOR-US: Sourcecodester
 CVE-2021-42664 (A Stored Cross Site Scripting (XSS) Vulneraibiilty exists in 
Sourcecod ...)
-       TODO: check
+       NOT-FOR-US: Sourcecodester
 CVE-2021-42663 (An HTML injection vulnerability exists in Sourcecodester 
Online Event  ...)
-       TODO: check
+       NOT-FOR-US: Sourcecodester
 CVE-2021-42662 (A Stored Cross Site Scripting (XSS) vulnerability exists in 
Sourcecode ...)
-       TODO: check
+       NOT-FOR-US: Sourcecodester
 CVE-2021-42661
        RESERVED
 CVE-2021-42660
@@ -2945,7 +2945,7 @@ CVE-2021-42545
 CVE-2021-42544
        RESERVED
 CVE-2021-42543 (The affected application uses specific functions that could be 
abused  ...)
-       TODO: check
+       NOT-FOR-US: AzeoTech
 CVE-2021-42542 (The affected product is vulnerable to directory traversal due 
to misha ...)
        NOT-FOR-US: Emerson
 CVE-2021-42541
@@ -4834,7 +4834,7 @@ CVE-2021-42239
 CVE-2021-42238
        RESERVED
 CVE-2021-42237 (Sitecore XP 7.5 Initial Release to Sitecore XP 8.2 Update-7 is 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: Sitecore
 CVE-2021-42236
        RESERVED
 CVE-2021-42235



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cf0c385a26fcb899cf796314bdcdebf3e5d65f2d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cf0c385a26fcb899cf796314bdcdebf3e5d65f2d
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to