[Git][security-tracker-team/security-tracker][master] Process some NFUs

Thu, 31 Mar 2022 01:23:56 -0700 


Neil Williams pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
2c6872d2 by Neil Williams at 2022-03-31T09:23:22+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -54426,7 +54426,7 @@ CVE-2021-33582 (Cyrus IMAP before 3.4.2 allows remote 
attackers to cause a denia
        NOTE: 
https://github.com/cyrusimap/cyrus-imapd/commit/f63695609c88a3f76129499bb49fb82e8155fb32
 (master)
        NOTE: 
https://github.com/cyrusimap/cyrus-imapd/commit/833c22bd7de5bbb591c2cb3705c9983b6d2b1fee
 (master)
 CVE-2021-33581 (MashZone NextGen through 10.7 GA has an SSRF vulnerability 
that allows ...)
-       TODO: check
+       NOT-FOR-US: Software AG MashZone
 CVE-2021-33580 (User controlled `request.getHeader("Referer")`, 
`request.getRequestURL ...)
        NOT-FOR-US: Apache Roller
 CVE-2021-33586 (InspIRCd 3.8.0 through 3.9.x before 3.10.0 allows any user 
(able to co ...)
@@ -54596,7 +54596,7 @@ CVE-2021-3564 (A flaw double-free memory corruption in 
the Linux kernel HCI devi
 CVE-2021-33524
        RESERVED
 CVE-2021-33523 (MashZone NextGen through 10.7 GA allows a remote authenticated 
user, w ...)
-       TODO: check
+       NOT-FOR-US: Software AG MashZone
 CVE-2021-33522
        RESERVED
 CVE-2021-33521
@@ -55324,7 +55324,7 @@ CVE-2021-33210 (An issue was discovered in Fimer Aurora 
Vision before 2.97.10. A
 CVE-2021-33209 (An issue was discovered in Fimer Aurora Vision before 2.97.10. 
The res ...)
        NOT-FOR-US: Fimer Aurora
 CVE-2021-33208 (The "Register an Ehcache Configuration File" admin feature in 
MashZone ...)
-       TODO: check
+       NOT-FOR-US: Software AG MashZone
 CVE-2021-33207
        RESERVED
 CVE-2021-33206
@@ -193226,7 +193226,7 @@ CVE-2019-12268
 CVE-2019-12267
        RESERVED
 CVE-2019-12266 (Stack-based Buffer Overflow vulnerability in Wyze Cam Pan v2, 
Cam v2,  ...)
-       TODO: check
+       NOT-FOR-US: Wyze Cam
 CVE-2019-12265 (Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a 
Memory Le ...)
        NOT-FOR-US: Wind River VxWorks
 CVE-2019-12264 (Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has 
Incorrect  ...)
@@ -201978,7 +201978,7 @@ CVE-2019-9566 (FlarumChina v0.1.0-beta.7C has SQL 
injection via a /?q= request.
 CVE-2019-9565 (Druide Antidote RX, HD, 8 before 8.05.2287, 9 before 9.5.3937 
and 10 b ...)
        NOT-FOR-US: Druide Antidote
 CVE-2019-9564 (A vulnerability in the authentication logic of Wyze Cam Pan v2, 
Cam v2 ...)
-       TODO: check
+       NOT-FOR-US: Wyze Cam
 CVE-2019-9563 (In BlueMind 3.5.x before 3.5.11 Hotfix 7 and 4.x before 
4.0-beta3, the ...)
        NOT-FOR-US: BlueMind
 CVE-2019-9562



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c6872d22db04f7d6f2deb12e09040f1babb77c5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c6872d22db04f7d6f2deb12e09040f1babb77c5
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to