[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
25707ed3 by Salvatore Bonaccorso at 2021-12-23T15:03:53+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5411,7 +5411,7 @@ CVE-2021-43849
 CVE-2021-43848
        RESERVED
 CVE-2021-43847 (HumHub is an open-source social network kit written in PHP. 
Prior to H ...)
-       TODO: check
+       NOT-FOR-US: HumHub Social Network Kit Enterprise
 CVE-2021-43846 (`solidus_frontend` is the cart and storefront for the Solidus 
e-commer ...)
        TODO: check
 CVE-2021-43845
@@ -5427,7 +5427,7 @@ CVE-2021-43841
 CVE-2021-43840 (message_bus is a messaging bus for Ruby processes and web 
clients. In  ...)
        TODO: check
 CVE-2021-43839 (Cronos is a commercial implementation of a blockchain. In 
Cronos nodes ...)
-       TODO: check
+       NOT-FOR-US: Cronos
 CVE-2021-43838 (jsx-slack is a library for building JSON objects for Slack 
Block Kit s ...)
        TODO: check
 CVE-2021-43837 (vault-cli is a configurable command-line interface tool (and 
python li ...)
@@ -5514,7 +5514,7 @@ CVE-2021-43803 (Next.js is a React framework. In versions 
of Next.js prior to 12
 CVE-2021-43802 (Etherpad is a real-time collaborative editor. In versions 
prior to 1.8 ...)
        TODO: check
 CVE-2021-43801 (Mercurius is a GraphQL adapter for Fastify. Any users from 
Mercurius@8 ...)
-       TODO: check
+       NOT-FOR-US: Mercurius
 CVE-2021-43800 (Wiki.js is a wiki app built on Node.js. Prior to version 
2.5.254, dire ...)
        NOT-FOR-US: Wiki.js
 CVE-2021-43799
@@ -9248,7 +9248,7 @@ CVE-2021-43053
 CVE-2021-43052
        RESERVED
 CVE-2021-43051 (The Spotfire Server component of TIBCO Software Inc.'s TIBCO 
Spotfire  ...)
-       TODO: check
+       NOT-FOR-US: Spotfire Server component of TIBCO
 CVE-2021-43050
        RESERVED
 CVE-2021-43049
@@ -22245,7 +22245,7 @@ CVE-2021-38184
 CVE-2021-38183 (SAP NetWeaver - versions 700, 701, 702, 730, does not 
sufficiently enc ...)
        NOT-FOR-US: SAP
 CVE-2021-38182 (Due to insufficient input validation of Kyma, authenticated 
users can  ...)
-       TODO: check
+       NOT-FOR-US: Kyma
 CVE-2021-38181 (SAP NetWeaver AS ABAP and ABAP Platform - versions 700, 701, 
702, 730, ...)
        NOT-FOR-US: SAP
 CVE-2021-38180 (SAP Business One - version 10.0, allows an attacker to inject 
formulas ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/25707ed36752dec1a20243cab66767da5deaf3b7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/25707ed36752dec1a20243cab66767da5deaf3b7
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits