[Git][security-tracker-team/security-tracker][master] Process several NFUs

Salvatore Bonaccorso carnil at debian.org
Thu Apr 1 22:00:49 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f05fb0c6 by Salvatore Bonaccorso at 2021-04-01T23:00:24+02:00
Process several NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1878,7 +1878,7 @@ CVE-2021-29085
 CVE-2021-29084
 	RESERVED
 CVE-2021-29083 (Improper neutralization of special elements used in an OS command in S ...)
-	TODO: check
+	NOT-FOR-US: Synology
 CVE-2021-3460
 	RESERVED
 CVE-2021-3459
@@ -3062,9 +3062,9 @@ CVE-2021-28548
 CVE-2021-28547
 	RESERVED
 CVE-2021-28546 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-28545 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-28544
 	RESERVED
 CVE-2021-28543 (Varnish varnish-modules before 0.17.1 allows remote attackers to cause ...)
@@ -5157,7 +5157,7 @@ CVE-2021-27655
 CVE-2021-27654
 	RESERVED
 CVE-2021-27653 (Misconfiguration of the Pega Chat Access Group portal in Pega platform ...)
-	TODO: check
+	NOT-FOR-US: Pega
 CVE-2021-27652
 	RESERVED
 CVE-2021-27651
@@ -7284,7 +7284,7 @@ CVE-2021-26720 (avahi-daemon-check-dns.sh in the Debian avahi package through 0.
 CVE-2021-26719 (A directory traversal issue was discovered in Gradle gradle-enterprise ...)
 	NOT-FOR-US: gradle-enterprise-test-distribution-agent
 CVE-2021-26718 (KIS for macOS in some use cases was vulnerable to AV bypass that poten ...)
-	TODO: check
+	NOT-FOR-US: KIS for macOS
 CVE-2021-26717 (An issue was discovered in Sangoma Asterisk 16.x before 16.16.1, 17.x  ...)
 	- asterisk 1:16.16.1~dfsg-1 (bug #983157)
 	[buster] - asterisk <not-affected> (Introduced in 16.15.0)
@@ -7615,9 +7615,9 @@ CVE-2021-26583
 CVE-2021-26582
 	RESERVED
 CVE-2021-26581 (A potential security vulnerability has been identified in HPE Superdom ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2021-26580 (A potential security vulnerability has been identified in HPE iLO Ampl ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2021-26579 (A security vulnerability in HPE Unified Data Management (UDM) could al ...)
 	NOT-FOR-US: HPE
 CVE-2021-26578 (A potential security vulnerability has been identified in HPE Network  ...)
@@ -8914,7 +8914,7 @@ CVE-2021-26074
 CVE-2021-26073
 	RESERVED
 CVE-2021-26072 (The WidgetConnector plugin in Confluence Server and Confluence Data Ce ...)
-	TODO: check
+	NOT-FOR-US: Atlassian
 CVE-2021-26071 (The SetFeatureEnabled.jspa resource in Jira Server and Data Center bef ...)
 	NOT-FOR-US: Atlassian
 CVE-2021-26070 (Affected versions of Atlassian Jira Server and Data Center allow remot ...)
@@ -18080,7 +18080,7 @@ CVE-2021-21984
 CVE-2021-21983 (Arbitrary file write vulnerability in vRealize Operations Manager API  ...)
 	NOT-FOR-US: vRealize Operations Manager API (Vmware)
 CVE-2021-21982 (VMware Carbon Black Cloud Workload appliance 1.0.0 and 1.01 has an aut ...)
-	TODO: check
+	NOT-FOR-US: VMware Carbon Black Cloud Workload appliance
 CVE-2021-21981
 	RESERVED
 CVE-2021-21980
@@ -20488,7 +20488,7 @@ CVE-2021-21420
 CVE-2021-21419
 	RESERVED
 CVE-2021-21418 (ps_emailsubscription is a newsletter subscription module for the Prest ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop
 CVE-2021-21417
 	RESERVED
 CVE-2021-21416
@@ -23958,7 +23958,7 @@ CVE-2021-20080
 CVE-2021-20079
 	RESERVED
 CVE-2021-20078 (Manage Engine OpManager builds below 125346 are vulnerable to a remote ...)
-	TODO: check
+	NOT-FOR-US: Manage Engine OpManager
 CVE-2021-20077 (Nessus Agent versions 7.2.0 through 8.2.2 were found to inadvertently  ...)
 	NOT-FOR-US: Nessus Agent
 CVE-2021-20076 (Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were fou ...)
@@ -24759,7 +24759,7 @@ CVE-2020-35310
 CVE-2020-35309 (Bakeshop Online Ordering System in PHP/MySQLi 1.0 is affected by cross ...)
 	NOT-FOR-US: Bakeshop Online Ordering System in PHP/MySQLi
 CVE-2020-35308 (CONQUEST DICOM SERVER before 1.5.0 has a code execution vulnerability  ...)
-	TODO: check
+	NOT-FOR-US: CONQUEST DICOM SERVER
 CVE-2020-35307
 	RESERVED
 CVE-2020-35306
@@ -52401,15 +52401,15 @@ CVE-2020-19645
 CVE-2020-19644
 	RESERVED
 CVE-2020-19643 (Cross Site Scripting (XSS) vulnerability in INSMA Wifi Mini Spy 1080P  ...)
-	TODO: check
+	NOT-FOR-US: INSMA Wifi Mini Spy 1080P HD Security IP Camera
 CVE-2020-19642 (An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Ca ...)
-	TODO: check
+	NOT-FOR-US: INSMA Wifi Mini Spy 1080P HD Security IP Camera
 CVE-2020-19641 (An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Ca ...)
-	TODO: check
+	NOT-FOR-US: INSMA Wifi Mini Spy 1080P HD Security IP Camera
 CVE-2020-19640 (An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Ca ...)
-	TODO: check
+	NOT-FOR-US: INSMA Wifi Mini Spy 1080P HD Security IP Camera
 CVE-2020-19639 (Cross Site Request Forgery (CSRF) vulnerability in INSMA Wifi Mini Spy ...)
-	TODO: check
+	NOT-FOR-US: INSMA Wifi Mini Spy 1080P HD Security IP Camera
 CVE-2020-19638
 	RESERVED
 CVE-2020-19637
@@ -79775,13 +79775,13 @@ CVE-2020-9151
 CVE-2020-9150
 	RESERVED
 CVE-2020-9149 (An application error verification vulnerability exists in a component  ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9148 (An application bypass mechanism vulnerability exists in a component in ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9147 (A memory buffer error vulnerability exists in a component interface of ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9146 (A memory buffer error vulnerability exists in a component interface of ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9145 (There is an Out-of-bounds Write vulnerability in some Huawei smartphon ...)
 	NOT-FOR-US: Huawei
 CVE-2020-9144 (There is a heap overflow vulnerability in some Huawei smartphone, atta ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f05fb0c6849ea891941c3d7c501598aa919f0bec

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f05fb0c6849ea891941c3d7c501598aa919f0bec
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210401/46a669dc/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list