[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso carnil at debian.org
Tue Apr 20 07:49:14 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d5477185 by Salvatore Bonaccorso at 2021-04-20T08:48:53+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4532,7 +4532,7 @@ CVE-2021-29457 (Exiv2 is a command-line utility and C++ library for reading, wri
 CVE-2021-29456
 	RESERVED
 CVE-2021-29455 (Grassroot Platform is an application to make it faster, cheaper and ea ...)
-	TODO: check
+	NOT-FOR-US: Grassroot Platform
 CVE-2021-29454
 	RESERVED
 CVE-2021-29453 (matrix-media-repo is an open-source multi-domain media repository for  ...)
@@ -4578,7 +4578,7 @@ CVE-2021-29436 (Anuko Time Tracker is an open source, web-based time tracking ap
 CVE-2021-29435 (trestle-auth is an authentication plugin for the Trestle admin framewo ...)
 	NOT-FOR-US: trestle-auth
 CVE-2021-29434 (Wagtail is a Django content management system. In affected versions of ...)
-	TODO: check
+	NOT-FOR-US: wagtail
 CVE-2021-29433 (### Impact Missing input validation of some parameters on the endpoint ...)
 	NOT-FOR-US: Matrix Sydent
 CVE-2021-29432 (Sydent is a reference matrix identity server. A malicious user could a ...)
@@ -4698,7 +4698,7 @@ CVE-2021-29401
 CVE-2021-29400
 	RESERVED
 CVE-2021-29399 (XMB is vulnerable to cross-site scripting (XSS) due to inadequate filt ...)
-	TODO: check
+	NOT-FOR-US: XMB
 CVE-2021-29398
 	RESERVED
 CVE-2021-29397
@@ -10115,15 +10115,15 @@ CVE-2021-27033
 CVE-2021-27032
 	RESERVED
 CVE-2021-27031 (A user may be tricked into opening a malicious FBX file which may expl ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2021-27030 (A user may be tricked into opening a malicious FBX file which may expl ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2021-27029 (The user may be tricked into opening a malicious FBX file which may ex ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2021-27028 (A Memory Corruption Vulnerability in Autodesk FBX Review version 1.4.0 ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2021-27027 (A Out-Of-Bounds Read/Write Vulnerability in Autodesk FBX Review versio ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2021-27026
 	RESERVED
 CVE-2021-27025
@@ -21749,7 +21749,7 @@ CVE-2021-21983 (Arbitrary file write vulnerability in vRealize Operations Manage
 CVE-2021-21982 (VMware Carbon Black Cloud Workload appliance 1.0.0 and 1.01 has an aut ...)
 	NOT-FOR-US: VMware Carbon Black Cloud Workload appliance
 CVE-2021-21981 (VMware NSX-T contains a privilege escalation vulnerability due to an i ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2021-21980
 	RESERVED
 CVE-2021-21979 (In Bitnami Containers, all Laravel container versions prior to: 6.20.0 ...)
@@ -25349,7 +25349,7 @@ CVE-2021-21072 (Adobe Animate version 21.0.3 (and earlier) is affected by an Out
 CVE-2021-21071 (Adobe Animate version 21.0.3 (and earlier) is affected by a Memory Cor ...)
 	NOT-FOR-US: Adobe
 CVE-2021-21070 (Adobe Robohelp version 2020.0.3 (and earlier) is affected by an uncont ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-21069 (Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is  ...)
 	NOT-FOR-US: Adobe
 CVE-2021-21068 (Adobe Creative Cloud Desktop Application version 5.3 (and earlier) is  ...)
@@ -25556,13 +25556,13 @@ CVE-2021-20994
 CVE-2021-20993
 	RESERVED
 CVE-2021-20992 (In Fibaro Home Center 2 and Lite devices in all versions provide a web ...)
-	TODO: check
+	NOT-FOR-US: Fibaro Home Center
 CVE-2021-20991 (In Fibaro Home Center 2 and Lite devices with firmware version 4.540 a ...)
-	TODO: check
+	NOT-FOR-US: Fibaro Home Center
 CVE-2021-20990 (In Fibaro Home Center 2 and Lite devices with firmware version 4.600 a ...)
-	TODO: check
+	NOT-FOR-US: Fibaro Home Center
 CVE-2021-20989 (Fibaro Home Center 2 and Lite devices with firmware version 4.600 and  ...)
-	TODO: check
+	NOT-FOR-US: Fibaro Home Center
 CVE-2021-20988
 	RESERVED
 CVE-2021-20987 (A denial of service and memory corruption vulnerability was found in H ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d5477185718bd186f0dab6a57ebb05c3a76e3a8d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d5477185718bd186f0dab6a57ebb05c3a76e3a8d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210420/52b3c0d0/attachment.htm>

More information about the debian-security-tracker-commits mailing list