Neil Williams pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7c8bddb9 by Neil Williams at 2022-03-14T09:10:55+00:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -20708,7 +20708,7 @@ CVE-2021-44423 (An out-of-bounds read vulnerability
exists when reading a BMP fi
CVE-2021-44422 (An Improper Input Validation Vulnerability exists when reading
a BMP f ...)
NOT-FOR-US: Open Design Alliance Drawings SDK
CVE-2021-44421 (The pointer-validation logic in util/mem_util.rs in Occlum
before 0.26 ...)
- TODO: check
+ NOT-FOR-US: Occlum
CVE-2021-44420 (In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before
3.2.10, ...)
- python-django 2:3.2.10-1
[bullseye] - python-django 2:2.2.25-1~deb11u1
@@ -21329,9 +21329,9 @@ CVE-2021-44218
CVE-2021-44217 (In Ericsson CodeChecker through 6.18.0, a Stored Cross-site
scripting ...)
NOT-FOR-US: Ericsson
CVE-2021-44216 (Northern.tech CFEngine Enterprise before 3.15.5 and 3.18.x
before 3.18 ...)
- TODO: check
+ NOT-FOR-US: Northern.tech
CVE-2021-44215 (Northern.tech CFEngine Enterprise 3.15.4 before 3.15.5 has
Insecure Pe ...)
- TODO: check
+ NOT-FOR-US: Northern.tech
CVE-2021-44214
RESERVED
CVE-2021-44213
@@ -22443,7 +22443,7 @@ CVE-2021-43956
CVE-2021-43955
RESERVED
CVE-2021-43954 (The DefaultRepositoryAdminService class in Fisheye and
Crucible before ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2021-43953 (Affected versions of Atlassian Jira Server and Data Center
allow unaut ...)
NOT-FOR-US: Atlassian
CVE-2021-43952 (Affected versions of Atlassian Jira Server and Data Center
allow unaut ...)
@@ -27104,7 +27104,7 @@ CVE-2021-42858
CVE-2021-42857 (It was discovered that the SteelCentral AppInternals Dynamic
Sampling ...)
NOT-FOR-US: SteelCentral AppInternals Dynamic Sampling Agent's (DSA)
AgentDaServlet
CVE-2021-42856 (It was discovered that the /DsaDataTest endpoint is
susceptible to Cro ...)
- TODO: check
+ NOT-FOR-US: SteelCentral AppInternals Dynamic Sampling Agent (DSA)
CVE-2021-42855 (It was discovered that the SteelCentral AppInternals Dynamic
Sampling ...)
NOT-FOR-US: SteelCentral AppInternals Dynamic Sampling Agent (DSA)
CVE-2021-42854 (It was discovered that the SteelCentral AppInternals Dynamic
Sampling ...)
@@ -43403,7 +43403,7 @@ CVE-2021-36779 (A Improper Access Control vulnerability
inf SUSE Longhorn allows
CVE-2021-36778
RESERVED
CVE-2021-36777 (A Reliance on Untrusted Inputs in a Security Decision
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: OpenSuSE infrastructure
CVE-2021-36776
RESERVED
CVE-2021-36775
@@ -50296,9 +50296,9 @@ CVE-2021-33854
CVE-2021-33853
RESERVED
CVE-2021-33852 (A cross-site scripting (XSS) attack can cause arbitrary code
(JavaScri ...)
- TODO: check
+ NOT-FOR-US: post-duplicator-image plugin for WordPress
CVE-2021-33851 (A cross-site scripting (XSS) attack can cause arbitrary code
(JavaScri ...)
- TODO: check
+ NOT-FOR-US: customize-login-image plugin for WordPress
CVE-2021-33850 (There is a Cross-Site Scripting vulnerability in Microsoft
Clarity ver ...)
NOT-FOR-US: Microsoft
CVE-2021-33849 (A Cross-Site Scripting (XSS) attack can cause arbitrary code
(JavaScri ...)
@@ -50809,7 +50809,7 @@ CVE-2021-33660 (SAP 3D Visual Enterprise Viewer,
version - 9, allows a user to o
CVE-2021-33659 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to
open ma ...)
NOT-FOR-US: SAP
CVE-2021-33658 (atune before 0.3-0.8 log in as a local user and run the curl
command t ...)
- TODO: check
+ NOT-FOR-US: A-Tune OS tuning engine
CVE-2021-33657
RESERVED
CVE-2021-33656
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c8bddb99ea73fcd85a49326104015e5f4fbaa1f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c8bddb99ea73fcd85a49326104015e5f4fbaa1f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
