Neil Williams pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c5eb7fa8 by Neil Williams at 2022-01-27T11:08:50+00:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21695,7 +21695,7 @@ CVE-2021-41791 (An issue was discovered in Hyland
org.alfresco:share through 7.0
CVE-2021-41790 (An issue was discovered in Hyland
org.alfresco:alfresco-content-servic ...)
NOT-FOR-US: Hyland org.alfresco:alfresco-content-services
CVE-2021-41789 (In wifi driver, there is a possible system crash due to a
missing vali ...)
- TODO: check
+ NOT-FOR-US: Mediatek devices
CVE-2021-41788 (MediaTek microchips, as used in NETGEAR devices through
2021-12-13 and ...)
NOT-FOR-US: Netgear
CVE-2021-3840 (A dependency confusion vulnerability was reported in the
Antilles open ...)
@@ -22146,7 +22146,7 @@ CVE-2021-41600
CVE-2021-41599
RESERVED
CVE-2021-41598 (A UI misrepresentation vulnerability was identified in GitHub
Enterpri ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2021-41597 (SuiteCRM through 7.11.21 is vulnerable to CSRF, with resultant
remote ...)
NOT-FOR-US: SuiteCRM
CVE-2021-41596 (SuiteCRM before 7.10.33 and 7.11.22 allows information
disclosure via ...)
@@ -23180,7 +23180,7 @@ CVE-2021-41168 (Snudown is a reddit-specific fork of
the Sundown Markdown parser
CVE-2021-41167 (modern-async is an open source JavaScript tooling library for
asynchro ...)
NOT-FOR-US: modern-async
CVE-2021-41166 (The Nextcloud Android app is the Android client for Nextcloud,
a self- ...)
- TODO: check
+ NOT-FOR-US: Nextcloud Android app
CVE-2021-41165 (CKEditor4 is an open source WYSIWYG HTML editor. In affected
version a ...)
- ckeditor <unfixed> (bug #999909)
[bullseye] - ckeditor <no-dsa> (Minor issue)
@@ -26824,7 +26824,7 @@ CVE-2021-39661
CVE-2021-39660
RESERVED
CVE-2021-39659 (In sortSimPhoneAccountsForEmergency of
CreateConnectionProcessor.java, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-39658
RESERVED
CVE-2021-39657 (In ufshcd_eh_device_reset_handler of ufshcd.c, there is a
possible out ...)
@@ -26918,7 +26918,7 @@ CVE-2021-39625 (In
showCarrierAppInstallationNotification of EuiccNotificationMa
CVE-2021-39624
RESERVED
CVE-2021-39623 (In doRead of SimpleDecodingSource.cpp, there is a possible out
of boun ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-39622 (In GBoard, there is a possible way to bypass Factory Reset
Protection ...)
NOT-FOR-US: Android
CVE-2021-39621 (In sendLegacyVoicemailNotification of
LegacyModeSmsHandler.java, there ...)
@@ -27704,7 +27704,7 @@ CVE-2021-39308 (The WooCommerce myghpay Payment Gateway
WordPess plugin is vulne
CVE-2021-39307 (PDFTron's WebViewer UI 8.0 or below renders dangerous URLs as
hyperlin ...)
NOT-FOR-US: PDFTron WebViewer UI
CVE-2021-39306 (A stack buffer overflow was discovered on Realtek RTL8195AM
device bef ...)
- TODO: check
+ NOT-FOR-US: Realtek
CVE-2021-39305
RESERVED
CVE-2021-39304 (Proofpoint Enterprise Protection before 8.12.0-2108090000
allows secur ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5eb7fa8e8de1926b0b24b87f2f25b2894dec35a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5eb7fa8e8de1926b0b24b87f2f25b2894dec35a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
