[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Neil Williams (@codehelp)]

Neil Williams pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5d09405a by Neil Williams at 2022-05-16T09:31:11+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -16933,9 +16933,9 @@ CVE-2022-24833 (PrivateBin is minimalist, open source 
online pastebin clone wher
 CVE-2022-24832 (GoCD is an open source a continuous delivery server. The 
bundled gocd- ...)
        NOT-FOR-US: GoCD
 CVE-2022-24831 (OpenClinica is an open source software for Electronic Data 
Capture (ED ...)
-       TODO: check
+       NOT-FOR-US: OpenClinica
 CVE-2022-24830 (OpenClinica is an open source software for Electronic Data 
Capture (ED ...)
-       TODO: check
+       NOT-FOR-US: OpenClinica
 CVE-2022-24829 (Garden is an automation platform for Kubernetes development 
and testin ...)
        NOT-FOR-US: Garden
 CVE-2022-24828 (Composer is a dependency manager for the PHP programming 
language. Int ...)
@@ -38333,11 +38333,11 @@ CVE-2021-42971
 CVE-2021-42970 (Cross Site Scripting (XSS) vulnerability exists in cxuucms v3 
via the  ...)
        NOT-FOR-US: cxuucms
 CVE-2021-42969 (Certain Anaconda3 2021.05 are affected by OS command 
injection. When a ...)
-       TODO: check
+       NOT-FOR-US: Anaconda Python
 CVE-2021-42968
        RESERVED
 CVE-2021-42967 (Unrestricted file upload in 
/novel-admin/src/main/java/com/java2nb/com ...)
-       TODO: check
+       NOT-FOR-US: Novel-plus
 CVE-2021-42966
        RESERVED
 CVE-2021-42965
@@ -42060,7 +42060,7 @@ CVE-2021-41967
 CVE-2021-41966
        RESERVED
 CVE-2021-41965 (A SQL injection vulnerability exists in ChurchCRM version 
2.0.0 to 4.4 ...)
-       TODO: check
+       NOT-FOR-US: ChurchCRM
 CVE-2021-41964
        RESERVED
 CVE-2021-41963
@@ -60272,9 +60272,9 @@ CVE-2021-34608
 CVE-2021-34607
        RESERVED
 CVE-2021-34606 (A vulnerability exists in XINJE XD/E Series PLC Program Tool 
in versio ...)
-       TODO: check
+       NOT-FOR-US: XINJE PLC Program Tool
 CVE-2021-34605 (A zip slip vulnerability in XINJE XD/E Series PLC Program Tool 
up to v ...)
-       TODO: check
+       NOT-FOR-US: XINJE PLC Program Tool
 CVE-2021-34604
        RESERVED
 CVE-2021-34603
@@ -64196,7 +64196,7 @@ CVE-2021-33011 (All versions of the afffected 
TOYOPUC-PC10 Series,TOYOPUC-Plus S
 CVE-2021-33010 (An exception is thrown from a function in AVEVA System 
Platform versio ...)
        NOT-FOR-US: AVEVA
 CVE-2021-33009 (mySCADA myPRO versions prior to 8.20.0 allows an 
unauthenticated remot ...)
-       TODO: check
+       NOT-FOR-US: mySCADA myPRO
 CVE-2021-33008 (AVEVA System Platform versions 2017 through 2020 R2 P01 does 
not perfo ...)
        NOT-FOR-US: AVEVA
 CVE-2021-33007 (A heap-based buffer overflow in Delta Electronics TPEditor: 
v1.98.06 a ...)
@@ -64204,7 +64204,7 @@ CVE-2021-33007 (A heap-based buffer overflow in Delta 
Electronics TPEditor: v1.9
 CVE-2021-33006
        RESERVED
 CVE-2021-33005 (mySCADA myPRO versions prior to 8.20.0 allows an 
unauthenticated remot ...)
-       TODO: check
+       NOT-FOR-US: mySCADA myPRO
 CVE-2021-33004 (The affected product is vulnerable to memory corruption 
condition due  ...)
        NOT-FOR-US: WebAccess HMI Designer
 CVE-2021-33003 (Delta Electronics DIAEnergie Version 1.7.5 and prior may allow 
an atta ...)
@@ -78629,7 +78629,7 @@ CVE-2021-27507
 CVE-2021-27506 (The ClamAV Engine (version 0.103.1 and below) component 
embedded in St ...)
        NOT-FOR-US: Stormshield Network Security (SNS)
 CVE-2021-27505 (mySCADA myPRO versions prior to 8.20.0 does not restrict 
unauthorized  ...)
-       TODO: check
+       NOT-FOR-US: mySCADA myPRO
 CVE-2021-27504
        RESERVED
 CVE-2021-27503 (Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed 
mylife Cloud: ...)
@@ -78639,11 +78639,11 @@ CVE-2021-27502
 CVE-2021-27501 (Philips Vue PACS versions 12.2.x.x and prior does not follow 
certain c ...)
        NOT-FOR-US: Philips Vue PACS
 CVE-2021-27500 (A specifically crafted packet sent by an attacker to 
EIPStackGroup OpE ...)
-       TODO: check
+       NOT-FOR-US: EIP Stack Group OpENer
 CVE-2021-27499 (Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed 
mylife Cloud: ...)
        NOT-FOR-US: Ypsomed
 CVE-2021-27498 (A specifically crafted packet sent by an attacker to 
EIPStackGroup OpE ...)
-       TODO: check
+       NOT-FOR-US: EIP Stack Group OpENer
 CVE-2021-27497 (Philips Vue PACS versions 12.2.x.x and prior does not use or 
incorrect ...)
        NOT-FOR-US: Philips Vue PACS
 CVE-2021-27496 (Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, 
Step3dRead, ...)
@@ -78675,7 +78675,7 @@ CVE-2021-27484
 CVE-2021-27483 (ZOLL Defibrillator Dashboard, v prior to 2.2,The affected 
products con ...)
        NOT-FOR-US: ZOLL Defibrillator Dashboard
 CVE-2021-27482 (A specifically crafted packet sent by an attacker to 
EIPStackGroup OpE ...)
-       TODO: check
+       NOT-FOR-US: EIP Stack Group OpENer
 CVE-2021-27481 (ZOLL Defibrillator Dashboard, v prior to 2.2, The affected 
products ut ...)
        NOT-FOR-US: ZOLL Defibrillator Dashboard
 CVE-2021-27480 (Delta Industrial Automation COMMGR Versions 1.12 and prior are 
vulnera ...)
@@ -78683,7 +78683,7 @@ CVE-2021-27480 (Delta Industrial Automation COMMGR 
Versions 1.12 and prior are v
 CVE-2021-27479 (ZOLL Defibrillator Dashboard, v prior to 2.2,The affected 
product&#821 ...)
        NOT-FOR-US: ZOLL Defibrillator Dashboard
 CVE-2021-27478 (A specifically crafted packet sent by an attacker to 
EIPStackGroup OpE ...)
-       TODO: check
+       NOT-FOR-US: EIP Stack Group OpENer
 CVE-2021-27477 (When JTEKT Corporation TOYOPUC PLC versions PC10G-CPU, 
2PORT-EFR, Plus ...)
        NOT-FOR-US: JTEKT
 CVE-2021-27476 (A vulnerability exists in the SaveConfigFile function of the 
RACompare ...)
@@ -91252,7 +91252,7 @@ CVE-2021-22277 (Improper Input Validation vulnerability 
in ABB 800xA, Control So
 CVE-2021-22276 (The vulnerability allows a successful attacker to bypass the 
integrity ...)
        NOT-FOR-US: ABB
 CVE-2021-22275 (Buffer Overflow vulnerability in B&R Automation Runtime 
webserver  ...)
-       TODO: check
+       NOT-FOR-US: B&R Automation Runtime
 CVE-2021-22274
        RESERVED
 CVE-2021-22273
@@ -121125,7 +121125,7 @@ CVE-2020-22985 (Cross-Site Scripting (XSS) 
vulnerability in MicroStrategy Web SD
 CVE-2020-22984 (Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web 
SDK 10.1 ...)
        NOT-FOR-US: Microstrategy Web
 CVE-2020-22983 (A Server-Side Request Forgery (SSRF) vulnerability exists in 
MicroStra ...)
-       TODO: check
+       NOT-FOR-US: Microstrategy Web
 CVE-2020-22982
        RESERVED
 CVE-2020-22981



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d09405a330c30cd890f6162a8a707351125d03c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d09405a330c30cd890f6162a8a707351125d03c
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits