[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Mon, 15 Nov 2021 12:26:46 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
13eed94a by Salvatore Bonaccorso at 2021-11-15T21:26:08+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -645,7 +645,7 @@ CVE-2021-43497
 CVE-2021-43496 (Clustering master branch as of commit 
53e663e259bcfc8cdecb56c0bb255bd7 ...)
        NOT-FOR-US: Clustering
 CVE-2021-43495 (AlquistManager branch as of commit 
280d99f43b11378212652e75f6f3159cde9 ...)
-       TODO: check
+       NOT-FOR-US: AlquistManager
 CVE-2021-43494 (OpenCV-REST-API master branch as of commit 
69be158c05d4dd5a4aff38fdc68 ...)
        NOT-FOR-US: OpenCV-REST-API
 CVE-2021-43493 (ServerManagement master branch as of commit 
49491cc6f94980e6be7791d17b ...)
@@ -3147,9 +3147,9 @@ CVE-2021-42841
 CVE-2021-42840 (SuiteCRM before 7.11.19 allows remote code execution via the 
system se ...)
        NOT-FOR-US: SuiteCRM
 CVE-2021-42839 (Grand Vice info Co. webopac7 file upload function fails to 
filter spec ...)
-       TODO: check
+       NOT-FOR-US: Grand Vice info Co. webopac7 file upload function
 CVE-2021-42838 (Grand Vice info Co. webopac7 book search field parameter does 
not prop ...)
-       TODO: check
+       NOT-FOR-US: Grand Vice info Co. webopac7 book search field parameter
 CVE-2021-42837 (An issue was discovered in Talend Data Catalog before 
7.3-20210930. Af ...)
        NOT-FOR-US: Talend Data Catalog
 CVE-2021-42836 (GJSON before 1.9.3 allows a ReDoS (regular expression denial 
of servic ...)
@@ -3471,13 +3471,13 @@ CVE-2021-42708
 CVE-2021-42707
        RESERVED
 CVE-2021-42706 (This vulnerability could allow an attacker to disclose 
information and ...)
-       TODO: check
+       NOT-FOR-US: Advantech
 CVE-2021-42705
        RESERVED
 CVE-2021-42704
        RESERVED
 CVE-2021-42703 (This vulnerability could allow an attacker to send malicious 
Javascrip ...)
-       TODO: check
+       NOT-FOR-US: Advantech
 CVE-2021-42702
        RESERVED
 CVE-2021-42701 (An attacker could prepare a specially crafted project file 
that, if op ...)
@@ -3723,7 +3723,7 @@ CVE-2021-42582
 CVE-2021-42581
        RESERVED
 CVE-2021-42580 (Sourcecodester Online Learning System 2.0 is vunlerable to sql 
injecti ...)
-       TODO: check
+       NOT-FOR-US: Sourcecodester
 CVE-2021-42579
        RESERVED
 CVE-2021-42578
@@ -6473,9 +6473,9 @@ CVE-2021-41953
 CVE-2021-41952
        RESERVED
 CVE-2021-41951 (ResourceSpace before 9.6 rev 18290 is affected by a reflected 
Cross-Si ...)
-       TODO: check
+       NOT-FOR-US: ResourceSpace
 CVE-2021-41950 (A directory traversal issue in ResourceSpace 9.6 before 9.6 
rev 18277  ...)
-       TODO: check
+       NOT-FOR-US: ResourceSpace
 CVE-2021-41949
        RESERVED
 CVE-2021-41948
@@ -6939,7 +6939,7 @@ CVE-2021-3832 (Integria IMS in its 5.0.92 version is 
vulnerable to a Remote Code
 CVE-2021-3831
        RESERVED
 CVE-2021-41765 (A SQL injection issue in 
pages/edit_fields/9_ajax/add_keyword.php of R ...)
-       TODO: check
+       NOT-FOR-US: ResourceSpace
 CVE-2021-41764 (A cross-site request forgery (CSRF) vulnerability exists in 
Streama up ...)
        NOT-FOR-US: Streama
 CVE-2021-41763
@@ -8003,7 +8003,7 @@ CVE-2021-41291 (ECOA BAS controller suffers from a path 
traversal content disclo
 CVE-2021-41290 (ECOA BAS controller suffers from an arbitrary file write and 
path trav ...)
        NOT-FOR-US: ECOA BAS controller
 CVE-2021-41289 (ASUS P453UJ contains the Improper Restriction of Operations 
within the ...)
-       TODO: check
+       NOT-FOR-US: ASUS
 CVE-2021-41288 (Zoho ManageEngine OpManager version 125466 and below is 
vulnerable to  ...)
        NOT-FOR-US: Zoho ManageEngine
 CVE-2021-41287
@@ -23072,9 +23072,9 @@ CVE-2021-34994
 CVE-2021-34993
        RESERVED
 CVE-2021-34992 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
-       TODO: check
+       NOT-FOR-US: Orckestra C1 CMS
 CVE-2021-34991 (This vulnerability allows network-adjacent attackers to 
execute arbitr ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2021-34990
        RESERVED
 CVE-2021-34989



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13eed94a65e97765bc5ae0481e86357e93dc06e8

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13eed94a65e97765bc5ae0481e86357e93dc06e8
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to