Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
16e39334 by Salvatore Bonaccorso at 2021-11-30T21:21:05+01:00
Process more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -593,7 +593,7 @@ CVE-2022-21744
CVE-2022-21743
RESERVED
CVE-2021-44230 (PortSwigger Burp Suite Enterprise Edition before 2021.11 on
Windows ha ...)
- TODO: check
+ NOT-FOR-US: Burp Suite (different from src:burp)
CVE-2021-44229
RESERVED
CVE-2021-44228
@@ -1218,7 +1218,7 @@ CVE-2021-44026 (Roundcube before 1.3.17 and 1.4.x before
1.4.12 is prone to a po
NOTE:
https://github.com/roundcube/roundcubemail/commit/c8947ecb762d9e89c2091bda28d49002817263f1
(1.4.12)
NOTE:
https://github.com/roundcube/roundcubemail/commit/ee809bde2dcaa04857a919397808a7296681dcfa
(1.3.17)
CVE-2021-43998 (HashiCorp Vault and Vault Enterprise 0.11.0 up to 1.7.5 and
1.8.4 temp ...)
- TODO: check
+ NOT-FOR-US: HashiCorp Vault
CVE-2021-43997 (Amazon FreeRTOS 10.2.0 through 10.4.5 on the ARMv7-M and
ARMv8-M MPU p ...)
NOT-FOR-US: Amazon FreeRTOS
CVE-2021-43996 (The Ignition component before 1.16.15, and 2.0.x before 2.0.6,
for Lar ...)
@@ -3842,7 +3842,7 @@ CVE-2021-43321
CVE-2021-43320
RESERVED
CVE-2021-43319 (Zoho ManageEngine Network Configuration Manager before 125488
is vulne ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-43318
RESERVED
CVE-2021-43317
@@ -3908,11 +3908,11 @@ CVE-2021-23214
NOTE:
https://www.postgresql.org/about/news/postgresql-141-135-129-1114-1019-and-9624-released-2349/
NOTE:
https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=046c2c846b741a12e7fd61d8d86bf324a20e3dfc
(REL9_6_24)
CVE-2021-43296 (Zoho ManageEngine SupportCenter Plus before 11016 is
vulnerable to an ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-43295 (Zoho ManageEngine SupportCenter Plus before 11016 is
vulnerable to Ref ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-43294 (Zoho ManageEngine SupportCenter Plus before 11016 is
vulnerable to Ref ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-43293 (Sonatype Nexus Repository Manager 3.x before 3.36.0 allows a
remote au ...)
NOT-FOR-US: Sonatype
CVE-2021-43292
@@ -3932,11 +3932,11 @@ CVE-2021-43286
CVE-2021-43285
RESERVED
CVE-2021-43284 (An issue was discovered on Victure WR1200 devices through
1.0.3. The r ...)
- TODO: check
+ NOT-FOR-US: Victure WR1200 devices
CVE-2021-43283 (An issue was discovered on Victure WR1200 devices through
1.0.3. A com ...)
- TODO: check
+ NOT-FOR-US: Victure WR1200 devices
CVE-2021-43282 (An issue was discovered on Victure WR1200 devices through
1.0.3. The d ...)
- TODO: check
+ NOT-FOR-US: Victure WR1200 devices
CVE-2021-43281 (MyBB before 1.8.29 allows Remote Code Injection by an admin
with the " ...)
NOT-FOR-US: MyBB
CVE-2021-43280 (A stack-based buffer overflow vulnerability exists in the DWF
file rea ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16e393344e004f8c9573f07548cb8c611731242f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16e393344e004f8c9573f07548cb8c611731242f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
