[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Neil Williams (@codehelp)]

Neil Williams pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
dc2da96b by Neil Williams at 2022-05-27T11:15:03+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -41320,7 +41320,7 @@ CVE-2021-42861
 CVE-2021-42860 (A stack buffer overflow exists in Mini-XML v3.2. When 
inputting an unf ...)
        TODO: check
 CVE-2021-42859 (A memory leak issue was discovered in Mini-XML v3.2 that could 
cause a ...)
-       TODO: check
+       - mxml
 CVE-2021-42858
        RESERVED
 CVE-2021-42857 (It was discovered that the SteelCentral AppInternals Dynamic 
Sampling  ...)
@@ -41783,7 +41783,7 @@ CVE-2021-42694 (** DISPUTED ** An issue was discovered 
in the character definiti
 CVE-2021-42693
        RESERVED
 CVE-2021-42692 (There is a stack-overflow vulnerability in tinytoml v0.4 that 
can caus ...)
-       TODO: check
+       NOT-FOR-US: mayah/tinytoml
 CVE-2021-42691
        RESERVED
 CVE-2021-42690
@@ -49053,7 +49053,7 @@ CVE-2021-40319
 CVE-2021-40318
        RESERVED
 CVE-2021-40317 (Piwigo 11.5.0 is affected by a SQL injection vulnerability via 
admin.p ...)
-       TODO: check
+       - piwigo <removed>
 CVE-2021-40316
        RESERVED
 CVE-2021-40315
@@ -66976,11 +66976,11 @@ CVE-2021-33018 (The use of a broken or risky 
cryptographic algorithm in Philips
 CVE-2021-33017 (The standard access path of the IntelliBridge EC 40 and 60 Hub 
(C.00.0 ...)
        NOT-FOR-US: Philips
 CVE-2021-33016 (An attacker can gain full access (read/write/delete) to 
sensitive fold ...)
-       TODO: check
+       NOT-FOR-US: Kuka
 CVE-2021-33015 (Cscape (All Versions prior to 9.90 SP5) lacks proper 
validation of use ...)
        NOT-FOR-US: Cscape
 CVE-2021-33014 (An attacker can gain VxWorks Shell after login due to 
hard-coded crede ...)
-       TODO: check
+       NOT-FOR-US: Kuka
 CVE-2021-33013 (mySCADA myPRO versions prior to 8.20.0 does not restrict 
unauthorized  ...)
        NOT-FOR-US: mySCADA myPRO
 CVE-2021-33012 (Rockwell Automation MicroLogix 1100, all versions, allows a 
remote, un ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dc2da96b1974599f1937f53a7e7297b329469a62

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dc2da96b1974599f1937f53a7e7297b329469a62
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits