[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) Sat, 20 Nov 2021 01:05:58 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
294d4c52 by Salvatore Bonaccorso at 2021-11-20T10:05:23+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4067,7 +4067,7 @@ CVE-2021-43204
 CVE-2021-3921 (firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) 
...)
        NOT-FOR-US: firefly-iii
 CVE-2021-3920 (grav-plugin-admin is vulnerable to Improper Neutralization of 
Input Du ...)
-       TODO: check
+       NOT-FOR-US: Grav CMS
 CVE-2021-3919
        RESERVED
 CVE-2021-43203 (In JetBrains Ktor before 1.6.4, nonce verification during the 
OAuth2 a ...)
@@ -9802,7 +9802,7 @@ CVE-2021-41282
 CVE-2021-41281
        RESERVED
 CVE-2021-41280 (Sharetribe Go is a source available marketplace software. In 
affected  ...)
-       TODO: check
+       NOT-FOR-US: Sharetribe Go
 CVE-2021-41279
        RESERVED
 CVE-2021-41278 (Functions SDK for EdgeX is meant to provide all the plumbing 
necessary ...)
@@ -14828,7 +14828,7 @@ CVE-2021-39200 (WordPress is a free and open-source 
content management system wr
 CVE-2021-39199 (remark-html is an open source nodejs library which compiles 
Markdown t ...)
        NOT-FOR-US: Node remark-html
 CVE-2021-39198 (OroCRM is an open source Client Relationship Management (CRM) 
applicat ...)
-       TODO: check
+       NOT-FOR-US: OroCRM
 CVE-2021-39197 (better_errors is an open source replacement for the standard 
Rails err ...)
        - ruby-better-errors <itp> (bug #739168)
 CVE-2021-39196 (pcapture is an open source dumpcap web service interface . In 
affected ...)
@@ -15967,7 +15967,7 @@ CVE-2021-38683
 CVE-2021-38682
        RESERVED
 CVE-2021-38681 (A reflected cross-site scripting (XSS) vulnerability has been 
reported ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2021-38680
        RESERVED
 CVE-2021-38679
@@ -21695,13 +21695,13 @@ CVE-2021-36324 (Dell BIOS contains an improper input 
validation vulnerability. A
 CVE-2021-36323 (Dell BIOS contains an improper input validation vulnerability. 
A local ...)
        NOT-FOR-US: Dell
 CVE-2021-36322 (Dell Networking X-Series firmware versions prior to 3.0.1.8 
contain a  ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2021-36321 (Dell Networking X-Series firmware versions prior to 3.0.1.8 
contain an ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2021-36320 (Dell Networking X-Series firmware versions prior to 3.0.1.8 
contain an ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2021-36319 (Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x 
contain  ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2021-36318
        RESERVED
 CVE-2021-36317
@@ -21719,15 +21719,15 @@ CVE-2021-36312
 CVE-2021-36311
        RESERVED
 CVE-2021-36310 (Dell Networking OS10, versions 10.4.3.x, 10.5.0.x, 10.5.1.x 
&amp; 10.5 ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2021-36309 (Dell Enterprise SONiC OS, versions 3.3.0 and earlier, contains 
a sensi ...)
        NOT-FOR-US: Dell
 CVE-2021-36308 (Networking OS10, versions prior to October 2021 with Smart 
Fabric Serv ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2021-36307 (Networking OS10, versions prior to October 2021 with RESTCONF 
API enab ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2021-36306 (Networking OS10, versions prior to October 2021 with RESTCONF 
API enab ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2021-36305 (Dell PowerScale OneFS contains an Unsynchronized Access to 
Shared Data ...)
        NOT-FOR-US: Dell
 CVE-2021-36304
@@ -26352,7 +26352,7 @@ CVE-2021-34360
 CVE-2021-34359
        RESERVED
 CVE-2021-34358 (We have already fixed this vulnerability in the following 
versions of  ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2021-34357 (A cross-site scripting (XSS) vulnerability has been reported 
to affect ...)
        NOT-FOR-US: QNAP
 CVE-2021-34356 (A cross-site scripting (XSS) vulnerability has been reported 
to affect ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/294d4c5291f2ef87733b9e4424d5253ed18743c0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/294d4c5291f2ef87733b9e4424d5253ed18743c0
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to