[Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs

Neil Williams (@codehelp) Wed, 01 Jun 2022 01:24:28 -0700


Neil Williams pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d5afb2f6 by Neil Williams at 2022-06-01T09:23:57+01:00
Process some NFUs

- - - - -
ca083b92 by Neil Williams at 2022-06-01T09:23:59+01:00
CVE-2021-42195 to 42200 / swftools removed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -45431,17 +45431,23 @@ CVE-2021-42202 (An issue was discovered in swftools 
through 20201222. A NULL poi
 CVE-2021-42201 (An issue was discovered in swftools through 20201222. A 
heap-buffer-ov ...)
        TODO: check
 CVE-2021-42200 (An issue was discovered in swftools through 20201222. A NULL 
pointer d ...)
-       TODO: check
+       - swftools <removed>
+       NOTE: https://github.com/matthiaskramm/swftools/issues/170
 CVE-2021-42199 (An issue was discovered in swftools through 20201222. A heap 
buffer ov ...)
-       TODO: check
+       - swftools <removed>
+       NOTE: https://github.com/matthiaskramm/swftools/issues/173
 CVE-2021-42198 (An issue was discovered in swftools through 20201222. A NULL 
pointer d ...)
-       TODO: check
+       - swftools <removed>
+       NOTE: https://github.com/matthiaskramm/swftools/issues/168
 CVE-2021-42197 (An issue was discovered in swftools through 20201222 through a 
memory  ...)
-       TODO: check
+       - swftools <removed>
+       NOTE: https://github.com/matthiaskramm/swftools/issues/177
 CVE-2021-42196 (An issue was discovered in swftools through 20201222. A NULL 
pointer d ...)
-       TODO: check
+       - swftools <removed>
+       NOTE: https://github.com/matthiaskramm/swftools/issues/172
 CVE-2021-42195 (An issue was discovered in swftools through 20201222. A 
heap-buffer-ov ...)
-       TODO: check
+       - swftools <removed>
+       NOTE: https://github.com/matthiaskramm/swftools/issues/174
 CVE-2021-42194 (The wechat_return function in /controller/Index.php of EyouCms 
V1.5.4- ...)
        NOT-FOR-US: Eyoucms
 CVE-2021-42193
@@ -64899,7 +64905,7 @@ CVE-2021-34362 (A command injection vulnerability has 
been reported to affect QN
 CVE-2021-34361 (A cross-site scripting (XSS) vulnerability has been reported 
to affect ...)
        NOT-FOR-US: QNAP
 CVE-2021-34360 (A cross-site request forgery (CSRF) vulnerability has been 
reported to ...)
-       TODO: check
+       NOT-FOR-US: QNAP
 CVE-2021-34359 (A cross-site scripting (XSS) vulnerability has been reported 
to affect ...)
        NOT-FOR-US: QNAP
 CVE-2021-34358 (We have already fixed this vulnerability in the following 
versions of  ...)
@@ -67806,7 +67812,7 @@ CVE-2021-33188
 CVE-2021-33187
        RESERVED
 CVE-2021-3555 (A Buffer Overflow vulnerability in the RSTP server component of 
Eufy I ...)
-       TODO: check
+       NOT-FOR-US: Eufy 2K Indoor Camera
 CVE-2021-33186 (SerenityOS in test-crypto.cpp contains a stack buffer overflow 
which c ...)
        NOT-FOR-US: SerenityOS
 CVE-2021-33185 (SerenityOS contains a buffer overflow in the set_range test in 
TestBit ...)
@@ -82055,9 +82061,9 @@ CVE-2021-27783 (User generated PPKG file for Bulk 
Enroll may have unencrypted se
 CVE-2021-27782
        RESERVED
 CVE-2021-27781 (The Master operator may be able to embed script tag in HTML 
with alert ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2021-27780 (The software may be vulnerable to both Un-Auth XML interaction 
and una ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2021-27779 (VersionVault Express exposes sensitive information that an 
attacker ca ...)
        NOT-FOR-US: HCL
 CVE-2021-27778 (HCL Traveler is vulnerable to a cross-site scripting (XSS) 
caused by i ...)
@@ -111864,7 +111870,7 @@ CVE-2020-28248 (An integer overflow in the 
PngImg::InitStorage_() function of pn
 CVE-2020-28247 (The lettre library through 0.10.0-alpha for Rust allows 
arbitrary send ...)
        NOT-FOR-US: Node lettre
 CVE-2020-28246 (A Server-Side Template Injection (SSTI) was discovered in 
Form.io 2.0. ...)
-       TODO: check
+       NOT-FOR-US: Form.io
 CVE-2020-28245
        RESERVED
 CVE-2020-28244



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/319de1caf6b84b2c71fc6396c987139109a99ce4...ca083b9281bf89f6449a0c24e850b74fb677b122

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/319de1caf6b84b2c71fc6396c987139109a99ce4...ca083b9281bf89f6449a0c24e850b74fb677b122
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs

Reply via email to