Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1a78738b by Salvatore Bonaccorso at 2021-12-23T09:43:39+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -488,7 +488,7 @@ CVE-2021-4145 [NULL pointer dereference in
mirror_wait_on_conflicts() in block/m
NOTE: Introduced by:
https://gitlab.com/qemu-project/qemu/-/commit/d44dae1a7cf782ec9235746ebb0e6c1a20dd7288
(v6.1.0-rc0)
NOTE: Fixed by:
https://gitlab.com/qemu-project/qemu/-/commit/66fed30c9cd11854fc878a4eceb507e915d7c9cd
(v6.2.0-rc0)
CVE-2021-4144 (TP-Link wifi router TL-WR802N V4(JP), with firmware version
prior to 2 ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2021-45451 (In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows
policy bypass ...)
- mbedtls <undetermined>
TODO: check, seems to only affect 3.x branch
@@ -68853,9 +68853,9 @@ CVE-2021-20052
CVE-2021-20051
RESERVED
CVE-2021-20050 (An Improper Access Control Vulnerability in the SMA100 series
leads to ...)
- TODO: check
+ NOT-FOR-US: SonicWall
CVE-2021-20049 (A vulnerability in SonicWall SMA100 password change API allows
a remot ...)
- TODO: check
+ NOT-FOR-US: SonicWall
CVE-2021-20048
RESERVED
CVE-2021-20047 (SonicWall Global VPN client version 4.10.6 (32-bit and 64-bit)
and ear ...)
@@ -96123,7 +96123,7 @@ CVE-2020-20607
CVE-2020-20606
RESERVED
CVE-2020-20605 (Blog CMS v1.0 contains a cross-site scripting (XSS)
vulnerability in t ...)
- TODO: check
+ NOT-FOR-US: Blog CMS
CVE-2020-20604
RESERVED
CVE-2020-20603
@@ -96131,9 +96131,9 @@ CVE-2020-20603
CVE-2020-20602
RESERVED
CVE-2020-20601 (An issue in ThinkCMF X2.2.2 and below allows attackers to
execute arbi ...)
- TODO: check
+ NOT-FOR-US: ThinkCMF
CVE-2020-20600 (MetInfo 7.0 beta contains a stored cross-site scripting (XSS)
vulnerab ...)
- TODO: check
+ NOT-FOR-US: MetInfo
CVE-2020-20599
RESERVED
CVE-2020-20598 (A cross-site scripting (XSS) vulnerability in the Editing
component of ...)
@@ -96143,11 +96143,11 @@ CVE-2020-20597 (A cross-site scripting (XSS)
vulnerability in the potrtalItemNam
CVE-2020-20596
RESERVED
CVE-2020-20595 (A cross-site request forgery (CSRF) in OPMS v1.3 and below
allows atta ...)
- TODO: check
+ NOT-FOR-US: OPMS
CVE-2020-20594
RESERVED
CVE-2020-20593 (A cross-site request forgery (CSRF) in Rockoa v1.9.8 allows an
authent ...)
- TODO: check
+ NOT-FOR-US: Rockoa
CVE-2020-20592
RESERVED
CVE-2020-20591
@@ -96514,9 +96514,9 @@ CVE-2020-20428
CVE-2020-20427
RESERVED
CVE-2020-20426 (S-CMS Government Station Building System v5.0 contains a
cross-site sc ...)
- TODO: check
+ NOT-FOR-US: S-CMS Government Station Building System
CVE-2020-20425 (S-CMS Government Station Building System v5.0 contains a
cross-site sc ...)
- TODO: check
+ NOT-FOR-US: S-CMS Government Station Building System
CVE-2020-20424
RESERVED
CVE-2020-20423
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a78738b0d856ab947b0df0fc19c721f2281245e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a78738b0d856ab947b0df0fc19c721f2281245e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
