[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Wed, 08 Dec 2021 00:35:02 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ccb459a2 by Salvatore Bonaccorso at 2021-12-08T09:34:18+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -23,9 +23,9 @@ CVE-2021-44728
 CVE-2021-44727
        RESERVED
 CVE-2021-44726 (KNIME Server before 4.13.4 allows XSS via the old WebPortal 
login page ...)
-       TODO: check
+       NOT-FOR-US: KNIME Server
 CVE-2021-44725 (KNIME Server before 4.13.4 allows directory traversal in a 
request for ...)
-       TODO: check
+       NOT-FOR-US: KNIME Server
 CVE-2021-44724
        RESERVED
 CVE-2021-44723
@@ -1551,7 +1551,7 @@ CVE-2021-44150 (The client in tusdotnet through 2.5.0 
relies on SHA-1 to prevent
 CVE-2021-44149 (An issue was discovered in Trusted Firmware OP-TEE Trusted OS 
through  ...)
        TODO: check
 CVE-2021-44148 (GL.iNet GL-AR150 2.x before 3.x devices, configured as 
repeaters, allo ...)
-       TODO: check
+       NOT-FOR-US: GL.iNet
 CVE-2021-44147 (An XML External Entity issue in Claris FileMaker Pro and 
Server (inclu ...)
        NOT-FOR-US: Claris
 CVE-2021-44146
@@ -3741,9 +3741,9 @@ CVE-2021-43640
 CVE-2021-43639
        RESERVED
 CVE-2021-43638 (Amazon Amazon WorkSpaces agent is affected by Integer 
Overflow. IOCTL  ...)
-       TODO: check
+       NOT-FOR-US: Amazon
 CVE-2021-43637 (Amazon WorkSpaces agent is affected by Buffer Overflow. IOCTL 
Handler  ...)
-       TODO: check
+       NOT-FOR-US: Amazon
 CVE-2021-43636
        RESERVED
 CVE-2021-43635
@@ -6418,19 +6418,19 @@ CVE-2021-43008
 CVE-2021-43007
        RESERVED
 CVE-2021-43006 (AmZetta Amzetta zPortal DVM Tools is affected by Integer 
Overflow. IOC ...)
-       TODO: check
+       NOT-FOR-US: AmZetta Amzetta zPortal DVM Tools
 CVE-2021-43005
        RESERVED
 CVE-2021-43004
        RESERVED
 CVE-2021-43003 (Amzetta zPortal Windows zClient is affected by Integer 
Overflow. IOCTL ...)
-       TODO: check
+       NOT-FOR-US: Amzetta
 CVE-2021-43002 (Amzetta zPortal DVM Tools is affected by Buffer Overflow. 
IOCTL Handle ...)
-       TODO: check
+       NOT-FOR-US: Amzetta
 CVE-2021-43001
        RESERVED
 CVE-2021-43000 (Amzetta zPortal Windows zClient is affected by Buffer 
Overflow. IOCTL  ...)
-       TODO: check
+       NOT-FOR-US: Amzetta
 CVE-2021-42999
        RESERVED
 CVE-2021-42998
@@ -6444,19 +6444,19 @@ CVE-2021-42995
 CVE-2021-42994 (Donglify is affected by Buffer Overflow. IOCTL Handler 
0x22001B in the ...)
        TODO: check
 CVE-2021-42993 (FlexiHub For Windows is affected by Integer Overflow. IOCTL 
Handler 0x ...)
-       TODO: check
+       NOT-FOR-US: FlexiHub For Windows
 CVE-2021-42992
        RESERVED
 CVE-2021-42991
        RESERVED
 CVE-2021-42990 (FlexiHub For Windows is affected by Buffer Overflow. IOCTL 
Handler 0x2 ...)
-       TODO: check
+       NOT-FOR-US: FlexiHub For Windows
 CVE-2021-42989
        RESERVED
 CVE-2021-42988 (Eltima USB Network Gate is affected by Buffer Overflow. IOCTL 
Handler  ...)
-       TODO: check
+       NOT-FOR-US: Eltima USB Network Gate
 CVE-2021-42987 (Eltima USB Network Gate is affected by Integer Overflow. IOCTL 
Handler ...)
-       TODO: check
+       NOT-FOR-US: Eltima USB Network Gate
 CVE-2021-42986 (NoMachine Enterprise Client is affected by Integer Overflow. 
IOCTL Han ...)
        TODO: check
 CVE-2021-42985
@@ -7141,21 +7141,21 @@ CVE-2021-42690
 CVE-2021-42689
        RESERVED
 CVE-2021-42688 (An Integer Overflow vulnerability exists in Accops HyWorks 
Windows Cli ...)
-       TODO: check
+       NOT-FOR-US: Accops HyWorks Windows Client
 CVE-2021-42687 (A Buffer Overflow vulnerability exists in Accops HyWorks 
Windows Clien ...)
-       TODO: check
+       NOT-FOR-US: Accops HyWorks Windows Client
 CVE-2021-42686 (An Integer Overflow exists in Accops HyWorks Windows Client 
prior to v ...)
-       TODO: check
+       NOT-FOR-US: Accops HyWorks Windows Client
 CVE-2021-42685 (An Integer Overflow vulnerability exists in Accops HyWorks DVM 
Tools p ...)
-       TODO: check
+       NOT-FOR-US: Accops HyWorks DVM Tools
 CVE-2021-42684
        RESERVED
 CVE-2021-42683 (A Buffer Overflow vulnerability exists in Accops HyWorks 
Windows Clien ...)
-       TODO: check
+       NOT-FOR-US: Accops HyWorks Windows Client
 CVE-2021-42682 (An Integer Overflow vulnerability exists in Accops HyWorks DVM 
Tools p ...)
-       TODO: check
+       NOT-FOR-US: Accops HyWorks DVM Tools
 CVE-2021-42681 (A Buffer Overflow vulnerability exists in Accops HyWorks DVM 
Tools pri ...)
-       TODO: check
+       NOT-FOR-US: Accops HyWorks DVM Tools
 CVE-2021-42680
        RESERVED
 CVE-2021-42679
@@ -7388,7 +7388,7 @@ CVE-2021-42569
 CVE-2021-42568 (Sonatype Nexus Repository Manager 3.x through 3.35.0 allows 
attackers  ...)
        NOT-FOR-US: Sonatype
 CVE-2021-42567 (Apereo CAS through 6.4.1 allows XSS via POST requests sent to 
the REST ...)
-       TODO: check
+       NOT-FOR-US: Apereo CAS
 CVE-2021-42566 (myfactory.FMS before 7.1-912 allows XSS via the Error 
parameter. ...)
        NOT-FOR-US: myfactory.FMS
 CVE-2021-42565 (myfactory.FMS before 7.1-912 allows XSS via the UID parameter. 
...)
@@ -11595,11 +11595,11 @@ CVE-2021-41313 (Affected versions of Atlassian Jira 
Server and Data Center allow
 CVE-2021-41312 (Affected versions of Atlassian Jira Server and Data Center 
allow a rem ...)
        NOT-FOR-US: Atlassian
 CVE-2021-41311 (Affected versions of Atlassian Jira Server and Data Center 
allow attac ...)
-       TODO: check
+       NOT-FOR-US: Atlassian
 CVE-2021-41310 (Affected versions of Atlassian Jira Server and Data Center 
allow anony ...)
        NOT-FOR-US: Atlassian
 CVE-2021-41309 (Affected versions of Atlassian Jira Server and Data Center 
allow a use ...)
-       TODO: check
+       NOT-FOR-US: Atlassian
 CVE-2021-41308 (Affected versions of Atlassian Jira Server and Data Center 
allow authe ...)
        NOT-FOR-US: Atlassian
 CVE-2021-41307 (Affected versions of Atlassian Jira Server and Data Center 
allow unaut ...)
@@ -14128,7 +14128,7 @@ CVE-2021-40290
 CVE-2021-40289
        RESERVED
 CVE-2021-40288 (A denial-of-service attack in WPA2, and WPA3-SAE 
authentication method ...)
-       TODO: check
+       NOT-FOR-US: TP-Link
 CVE-2021-40287
        RESERVED
 CVE-2021-40286
@@ -17780,7 +17780,7 @@ CVE-2021-38761
 CVE-2021-38760
        RESERVED
 CVE-2021-38759 (Raspberry Pi OS through 5.10 has the raspberry default 
password for th ...)
-       TODO: check
+       NOT-FOR-US: Raspberry Pi OS
 CVE-2021-38758 (Directory traversal vulnerability in Online Catering 
Reservation Syste ...)
        NOT-FOR-US: Directory traversal in Online Catering Reservation System
 CVE-2021-38757 (Persistent cross-site scripting (XSS) in Hospital Management 
System ta ...)
@@ -77675,7 +77675,7 @@ CVE-2020-27358 (An issue was discovered in REDCap 
8.11.6 through 9.x before 10.
 CVE-2020-27357
        RESERVED
 CVE-2020-27356 (The debug-meta-data plugin 1.1.2 for WordPress allows XSS. ...)
-       TODO: check
+       NOT-FOR-US: debug-meta-data plugin for WordPress
 CVE-2020-27355
        RESERVED
 CVE-2020-27354



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ccb459a216cc68dd8dffef64ae0817ed4fe0576e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ccb459a216cc68dd8dffef64ae0817ed4fe0576e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to