[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Salvatore Bonaccorso (@carnil) Tue, 21 Dec 2021 00:24:42 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
c90855d4 by Salvatore Bonaccorso at 2021-12-21T09:24:04+01:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4867,7 +4867,7 @@ CVE-2021-43844 (MSEdgeRedirect is a tool to redirect 
news, search, widgets, weat
 CVE-2021-43843 (jsx-slack is a package for building JSON objects for Slack 
block kit s ...)
        TODO: check
 CVE-2021-43842 (Wiki.js is a wiki app built on Node.js. Wiki.js versions 
2.5.257 and e ...)
-       TODO: check
+       NOT-FOR-US: Wiki.js
 CVE-2021-43841
        RESERVED
 CVE-2021-43840 (message_bus is a messaging bus for Ruby processes and web 
clients. In  ...)
@@ -5857,7 +5857,7 @@ CVE-2021-43765
 CVE-2021-43764
        RESERVED
 CVE-2021-43763 (Adobe Dimension versions 3.4.3 (and earlier) are affected by 
an out-of ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2021-43762
        RESERVED
 CVE-2021-43761
@@ -5883,15 +5883,15 @@ CVE-2021-43752
 CVE-2021-43751
        RESERVED
 CVE-2021-43750 (Adobe Premiere Rush versions 1.5.16 (and earlier) are affected 
by a Nu ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2021-43749 (Adobe Premiere Rush versions 1.5.16 (and earlier) are affected 
by a Nu ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2021-43748 (Adobe Premiere Rush versions 1.5.16 (and earlier) are affected 
by a Nu ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2021-43747 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected 
by a memo ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2021-43746 (Adobe Premiere Rush versions 1.5.16 (and earlier) allows 
access to an  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2021-3961 (snipe-it is vulnerable to Improper Neutralization of Input 
During Web  ...)
        NOT-FOR-US: snipe-it
 CVE-2022-21216
@@ -6763,13 +6763,13 @@ CVE-2021-43443
 CVE-2021-43442
        RESERVED
 CVE-2021-43441 (An HTML Injection Vulnerability in iOrder 1.0 allows the 
remote attack ...)
-       TODO: check
+       NOT-FOR-US: iOrder
 CVE-2021-43440 (Multiple Stored XSS Vulnerabilities in the Source Code of 
iOrder 1.0 a ...)
        NOT-FOR-US: iOrder
 CVE-2021-43439 (RCE in Add Review Function in iResturant 1.0 Allows remote 
attacker to ...)
-       TODO: check
+       NOT-FOR-US: iResturant
 CVE-2021-43438 (Stored XSS in Signup Form in iResturant 1.0 Allows Remote 
Attacker to  ...)
-       TODO: check
+       NOT-FOR-US: iResturant
 CVE-2021-43437 (In sourcecodetester Engineers Online Portal as of 10-21-21, an 
attacke ...)
        TODO: check
 CVE-2021-43436
@@ -8775,25 +8775,25 @@ CVE-2021-43032 (In XenForo through 2.2.7, a threat 
actor with access to the admi
 CVE-2021-43031
        RESERVED
 CVE-2021-43030 (Adobe Premiere Rush versions 1.5.16 (and earlier) allows 
access to an  ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2021-43029 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected 
by a memo ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2021-43028 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected 
by a memo ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2021-43027
        RESERVED
 CVE-2021-43026 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected 
by a memo ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2021-43025 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected 
by a memo ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2021-43024 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected 
by a memo ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2021-43023 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected 
by a memo ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2021-43022 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected 
by a memo ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2021-43021 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected 
by a memo ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2021-43020
        RESERVED
 CVE-2021-43019 (Adobe Creative Cloud version 5.5 (and earlier) are affected by 
a privi ...)
@@ -9260,7 +9260,7 @@ CVE-2021-42810
 CVE-2021-42809 (Improper Access Control of Dynamically-Managed Code Resources 
(DLL) in ...)
        TODO: check
 CVE-2021-42808 (Improper Access Control in Thales Sentinel Protection 
Installer could  ...)
-       TODO: check
+       NOT-FOR-US: Thales Sentinel Protection Installer
 CVE-2021-42807
        RESERVED
 CVE-2021-42806
@@ -12403,7 +12403,7 @@ CVE-2021-3862
 CVE-2021-3861
        RESERVED
 CVE-2021-3860 (JFrog Artifactory before 7.25.4 (Enterprise+ deployments only), 
is vul ...)
-       TODO: check
+       NOT-FOR-US: JFrog Artifactory
 CVE-2021-3859
        RESERVED
 CVE-2021-42008 (The decode_data function in drivers/net/hamradio/6pack.c in 
the Linux  ...)
@@ -15376,9 +15376,9 @@ CVE-2021-40786
 CVE-2021-40785
        RESERVED
 CVE-2021-40784 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected 
by a memo ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2021-40783 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected 
by a memo ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2021-40782
        RESERVED
 CVE-2021-40781
@@ -21083,11 +21083,11 @@ CVE-2021-38423
 CVE-2021-38422 (Delta Electronics DIALink versions 1.2.4.0 and prior stores 
sensitive  ...)
        NOT-FOR-US: Delta Electronics DIALink
 CVE-2021-38421 (Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior 
to v4.0. ...)
-       TODO: check
+       NOT-FOR-US: Fuji Electric
 CVE-2021-38420 (Delta Electronics DIALink versions 1.2.4.0 and prior default 
permissio ...)
        NOT-FOR-US: Delta Electronics DIALink
 CVE-2021-38419 (Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior 
to v4.0. ...)
-       TODO: check
+       NOT-FOR-US: Fuji Electric
 CVE-2021-38418 (Delta Electronics DIALink versions 1.2.4.0 and prior runs by 
default o ...)
        NOT-FOR-US: Delta Electronics DIALink
 CVE-2021-38417
@@ -21095,11 +21095,11 @@ CVE-2021-38417
 CVE-2021-38416 (Delta Electronics DIALink versions 1.2.4.0 and prior 
insecurely loads  ...)
        NOT-FOR-US: Delta Electronics DIALink
 CVE-2021-38415 (Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior 
to v4.0. ...)
-       TODO: check
+       NOT-FOR-US: Fuji Electric
 CVE-2021-38414
        RESERVED
 CVE-2021-38413 (Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior 
to v4.0. ...)
-       TODO: check
+       NOT-FOR-US: Fuji Electric
 CVE-2021-38412 (Properly formatted POST requests to multiple resources on the 
HTTP and ...)
        NOT-FOR-US: Digi PortServer TS
 CVE-2021-38411 (Delta Electronics DIALink versions 1.2.4.0 and prior is 
vulnerable to  ...)
@@ -21107,7 +21107,7 @@ CVE-2021-38411 (Delta Electronics DIALink versions 
1.2.4.0 and prior is vulnerab
 CVE-2021-38410
        RESERVED
 CVE-2021-38409 (Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior 
to v4.0. ...)
-       TODO: check
+       NOT-FOR-US: Fuji Electric
 CVE-2021-38408 (A stack-based buffer overflow vulnerability in Advantech 
WebAccess Ver ...)
        NOT-FOR-US: Advantech WebAccess
 CVE-2021-38407 (Delta Electronics DIALink versions 1.2.4.0 and prior is 
vulnerable to  ...)
@@ -21123,7 +21123,7 @@ CVE-2021-38403 (Delta Electronics DIALink versions 
1.2.4.0 and prior is vulnerab
 CVE-2021-38402 (Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks 
proper va ...)
        NOT-FOR-US: Delta Electronic
 CVE-2021-38401 (Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior 
to v4.0. ...)
-       TODO: check
+       NOT-FOR-US: Fuji Electric
 CVE-2021-38400 (An attacker with physical access to Boston Scientific Zoom 
Latitude Mo ...)
        NOT-FOR-US: Boston Scientific Zoom Latitude Model 3120
 CVE-2021-38399
@@ -24817,7 +24817,7 @@ CVE-2021-36889 (Multiple Stored Authenticated 
Cross-Site Scripting (XSS) vulnera
 CVE-2021-36888 (Unauthenticated Arbitrary Options Update vulnerability leading 
to full ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-36887 (Cross-Site Request Forgery (CSRF) vulnerability leading to 
Cross-Site  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-36886
        RESERVED
 CVE-2021-36885
@@ -61287,9 +61287,9 @@ CVE-2021-22059
 CVE-2021-22058
        RESERVED
 CVE-2021-22057 (VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 
contain an aut ...)
-       TODO: check
+       NOT-FOR-US: VMware
 CVE-2021-22056 (VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 and 
Identity M ...)
-       TODO: check
+       NOT-FOR-US: VMware
 CVE-2021-22055
        RESERVED
 CVE-2021-22054 (VMware Workspace ONE UEM console 20.0.8 prior to 20.0.8.37, 
20.11.0 pr ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c90855d4f7caaba318ac892b0a7ff812748933eb

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c90855d4f7caaba318ac892b0a7ff812748933eb
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Reply via email to