[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Thu, 09 Dec 2021 00:31:01 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
a4c266a8 by Salvatore Bonaccorso at 2021-12-09T09:30:31+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6857,7 +6857,7 @@ CVE-2021-42836 (GJSON before 1.9.3 allows a ReDoS 
(regular expression denial of
        NOTE: https://github.com/tidwall/gjson/issues/236
        NOTE: https://github.com/tidwall/gjson/issues/237
 CVE-2021-42835 (An issue was discovered in Plex Media Server through 
1.24.4.5081-e362d ...)
-       TODO: check
+       NOT-FOR-US: Plex Media Server
 CVE-2021-42834
        RESERVED
 CVE-2021-42833
@@ -9755,7 +9755,7 @@ CVE-2021-42112 (The "File upload question" functionality 
in LimeSurvey 3.x-LTS t
 CVE-2021-42111 (An issue was discovered in the RCDevs OpenOTP app 1.4.13 and 
1.4.14 fo ...)
        NOT-FOR-US: RCDevs OpenOTP app
 CVE-2021-42110 (An issue was discovered in Allegro Windows (formerly Popsy 
Windows) be ...)
-       TODO: check
+       NOT-FOR-US: Allegro Windows
 CVE-2021-3874 (bookstack is vulnerable to Improper Limitation of a Pathname to 
a Rest ...)
        NOT-FOR-US: bookstack
 CVE-2021-3873
@@ -12419,7 +12419,7 @@ CVE-2021-41027 (A stack-based buffer overflow in 
Fortinet FortiWeb version 6.4.1
 CVE-2021-41026
        RESERVED
 CVE-2021-41025 (Multiple vulnerabilities in the authentication mechanism of 
confd in F ...)
-       TODO: check
+       NOT-FOR-US: FortiGuard
 CVE-2021-41024 (A relative path traversal [CWE-23] vulnerabiltiy in FortiOS 
versions 7 ...)
        NOT-FOR-US: FortiGuard
 CVE-2021-41023 (A unprotected storage of credentials in Fortinet FortiSIEM 
Windows Age ...)
@@ -12435,7 +12435,7 @@ CVE-2021-41019 (An improper validation of certificate 
with host mismatch [CWE-29
 CVE-2021-41018
        RESERVED
 CVE-2021-41017 (Multiple heap-based buffer overflow vulnerabilities in some 
web API co ...)
-       TODO: check
+       NOT-FOR-US: FortiGuard
 CVE-2021-41016
        RESERVED
 CVE-2021-41015 (A improper neutralization of input during web page generation 
('cross- ...)
@@ -12796,9 +12796,9 @@ CVE-2021-40863
 CVE-2021-40862 (HashiCorp Terraform Enterprise up to v202108-1 contained an 
API endpoi ...)
        NOT-FOR-US: HashiCorp Terraform Enterprise
 CVE-2021-40861 (A SQL Injection in the custom filter query component in 
Genesys intell ...)
-       TODO: check
+       NOT-FOR-US: Genesys
 CVE-2021-40860 (A SQL Injection in the custom filter query component in 
Genesys intell ...)
-       TODO: check
+       NOT-FOR-US: Genesys
 CVE-2021-40859 (Backdoors were discovered in Auerswald COMpact 5500R 7.8A and 
8.0B dev ...)
        NOT-FOR-US: Auerswald
 CVE-2021-40858
@@ -24051,7 +24051,7 @@ CVE-2021-36197
 CVE-2021-36196
        RESERVED
 CVE-2021-36195 (Multiple command injection vulnerabilities in the command line 
interpr ...)
-       TODO: check
+       NOT-FOR-US: FortiGuard
 CVE-2021-36194
        RESERVED
 CVE-2021-36193
@@ -24095,7 +24095,7 @@ CVE-2021-36175 (An improper neutralization of input 
vulnerability [CWE-79] in Fo
 CVE-2021-36174 (A memory allocation with excessive size value vulnerability in 
the lic ...)
        NOT-FOR-US: Fortiguard
 CVE-2021-36173 (A heap-based buffer overflow in the firmware signature 
verification fu ...)
-       TODO: check
+       NOT-FOR-US: FortiGuard
 CVE-2021-36172 (An improper restriction of XML external entity reference 
vulnerability ...)
        NOT-FOR-US: Fortiguard
 CVE-2021-36171
@@ -59095,7 +59095,7 @@ CVE-2021-21959
 CVE-2021-21958
        RESERVED
 CVE-2021-21957 (A privilege escalation vulnerability exists in the Remote 
Server funct ...)
-       TODO: check
+       NOT-FOR-US: Dream Report ODS Remote Connector
 CVE-2021-21956
        RESERVED
 CVE-2021-21955
@@ -59107,9 +59107,9 @@ CVE-2021-21953
 CVE-2021-21952
        RESERVED
 CVE-2021-21951 (An out-of-bounds write vulnerability exists in the 
CMD_DEVICE_GET_SERV ...)
-       TODO: check
+       NOT-FOR-US: Anker Eufy Homebase
 CVE-2021-21950 (An out-of-bounds write vulnerability exists in the 
CMD_DEVICE_GET_SERV ...)
-       TODO: check
+       NOT-FOR-US: Anker Eufy Homebase
 CVE-2021-21949
        RESERVED
 CVE-2021-21948
@@ -77670,7 +77670,7 @@ CVE-2020-27418
 CVE-2020-27417
        RESERVED
 CVE-2020-27416 (Mahavitaran android application 7.50 and prior are affected by 
account ...)
-       TODO: check
+       NOT-FOR-US: Mahavitaran android application
 CVE-2020-27415
        RESERVED
 CVE-2020-27414 (Mahavitaran android application 7.50 and prior transmit 
sensitive info ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a4c266a85e99ace2cac059a166bba4ccd7701d5d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a4c266a85e99ace2cac059a166bba4ccd7701d5d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to