[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
618b61a4 by Salvatore Bonaccorso at 2021-12-14T21:43:09+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2321,11 +2321,11 @@ CVE-2021-4026 (bookstack is vulnerable to Improper 
Access Control ...)
 CVE-2021-4025
        RESERVED
 CVE-2021-44235 (Two methods of a utility class in SAP NetWeaver AS ABAP - 
versions 700 ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-44234
        RESERVED
 CVE-2021-44233 (SAP GRC Access Control - versions V1100_700, V1100_731, 
V1200_750, doe ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-44232 (SAF-T Framework Transaction SAFTN_G allows an attacker to 
exploit insu ...)
        TODO: check
 CVE-2021-44231 (Internally used text extraction reports allow an attacker to 
inject co ...)
@@ -10979,25 +10979,25 @@ CVE-2021-42072 (An issue was discovered in Barrier 
before 2.4.0. The barriers co
 CVE-2021-42071 (In Visual Tools DVR VX16 4.2.28.0, an unauthenticated attacker 
can ach ...)
        NOT-FOR-US: Visual Tools DVR VX16
 CVE-2021-42070 (When a user opens manipulated Jupiter Tessellation (.jt) file 
received ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-42069 (When a user opens manipulated Tagged Image File Format (.tif) 
file rec ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-42068 (When a user opens a manipulated GIF (.gif) file received from 
untruste ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-42067
        RESERVED
 CVE-2021-42066 (SAP Business One - version 10.0, allows an admin user to view 
DB passw ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-42065
        RESERVED
 CVE-2021-42064 (If configured to use an Oracle database and if a query is 
created usin ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-42063 (A security vulnerability has been discovered in the SAP 
Knowledge Ware ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-42062 (SAP ERP HCM Portugal does not perform necessary authorization 
checks f ...)
        NOT-FOR-US: SAP
 CVE-2021-42061 (SAP BusinessObjects Business Intelligence Platform (Web 
Intelligence)  ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-3868
        RESERVED
 CVE-2021-3867
@@ -18557,7 +18557,7 @@ CVE-2021-38952
 CVE-2021-38951 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is 
vulnerable  ...)
        NOT-FOR-US: IBM
 CVE-2021-38950 (IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a 
privilege esc ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-38949 (IBM MQ 7.5, 8.0, 9.0 LTS, 9.1 CD, and 9.1 LTS stores user 
credentials  ...)
        NOT-FOR-US: IBM
 CVE-2021-38948 (IBM InfoSphere Information Server 11.7 is vulnerable to an XML 
Externa ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/618b61a46da551e000a7df232eada39e74ce85cc

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/618b61a46da551e000a7df232eada39e74ce85cc
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits