[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Salvatore Bonaccorso carnil at debian.org
Fri Apr 23 10:04:59 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
17772994 by Salvatore Bonaccorso at 2021-04-23T11:04:36+02:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -30029,27 +30029,27 @@ CVE-2021-2159 (Vulnerability in the PeopleSoft Enterprise CS Campus Community pr
 CVE-2021-2158 (Vulnerability in the Hyperion Financial Management product of Oracle H ...)
 	NOT-FOR-US: Oracle
 CVE-2021-2157 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2021-2156 (Vulnerability in the Oracle Customers Online product of Oracle E-Busin ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2021-2155 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2021-2154 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-5.7 <removed>
 CVE-2021-2153 (Vulnerability in the Oracle Internet Expenses product of Oracle E-Busi ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2021-2152 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2021-2151 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2021-2150 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite  ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2021-2149 (Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracl ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2021-2148
 	RESERVED
 CVE-2021-2147 (Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracl ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2021-2146 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <unfixed> (bug #987325)
 	- mysql-5.7 <removed>
@@ -30061,11 +30061,11 @@ CVE-2021-2144 (Vulnerability in the MySQL Server product of Oracle MySQL (compon
 CVE-2021-2143
 	RESERVED
 CVE-2021-2142 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2021-2141 (Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle  ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2021-2140 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2021-2139
 	RESERVED
 CVE-2021-2138 (Vulnerability in the Oracle Cloud Infrastructure Data Science Notebook ...)
@@ -30073,11 +30073,11 @@ CVE-2021-2138 (Vulnerability in the Oracle Cloud Infrastructure Data Science Not
 CVE-2021-2137
 	RESERVED
 CVE-2021-2136 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2021-2135 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2021-2134 (Vulnerability in the Enterprise Manager for Fusion Middleware product  ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2021-2133
 	RESERVED
 CVE-2021-2132
@@ -30240,7 +30240,7 @@ CVE-2021-2055 (Vulnerability in the MySQL Server product of Oracle MySQL (compon
 CVE-2021-2054 (Vulnerability in the RDBMS Sharding component of Oracle Database Serve ...)
 	NOT-FOR-US: Oracle
 CVE-2021-2053 (Vulnerability in the Enterprise Manager Base Platform product of Oracl ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2021-2052 (Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of  ...)
 	NOT-FOR-US: Oracle
 CVE-2021-2051 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...)
@@ -30334,7 +30334,7 @@ CVE-2021-2010 (Vulnerability in the MySQL Client product of Oracle MySQL (compon
 CVE-2021-2009 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <not-affected> (Fixed before initial upload)
 CVE-2021-2008 (Vulnerability in the Enterprise Manager for Fusion Middleware product  ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2021-2007 (Vulnerability in the MySQL Client product of Oracle MySQL (component:  ...)
 	- mysql-8.0 <not-affected> (Fixed before initial upload)
 	- mysql-5.7 <removed> (bug #981194)
@@ -38035,7 +38035,7 @@ CVE-2021-0268 (An Improper Neutralization of CRLF Sequences in HTTP Headers ('HT
 CVE-2021-0267 (An Improper Input Validation vulnerability in the active-lease query p ...)
 	NOT-FOR-US: Juniper
 CVE-2021-0266 (The use of multiple hard-coded cryptographic keys in cSRX Series softw ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2021-0265 (An unvalidated REST API in the AppFormix Agent of Juniper Networks App ...)
 	NOT-FOR-US: Juniper
 CVE-2021-0264 (A vulnerability in the processing of traffic matching a firewall filte ...)
@@ -38065,7 +38065,7 @@ CVE-2021-0253 (NFX Series devices using Juniper Networks Junos OS are susceptibl
 CVE-2021-0252 (NFX Series devices using Juniper Networks Junos OS are susceptible to  ...)
 	NOT-FOR-US: Juniper
 CVE-2021-0251 (A NULL Pointer Dereference vulnerability in the Captive Portal Content ...)
-	TODO: check
+	NOT-FOR-US: Juniper
 CVE-2021-0250 (In segment routing traffic engineering (SRTE) environments where the B ...)
 	NOT-FOR-US: Juniper
 CVE-2021-0249 (On SRX Series devices configured with UTM services a buffer overflow v ...)
@@ -38765,11 +38765,11 @@ CVE-2020-27739 (A Weak Session Management vulnerability in Citadel WebCit throug
 	[buster] - webcit <ignored> (Minor issue)
 	[stretch] - webcit <ignored> (Minor issue)
 CVE-2020-27738 (A vulnerability has been identified in Nucleus 4 (All versions < V4 ...)
-	TODO: check
+	NOT-FOR-US: Nucleus (Siemens)
 CVE-2020-27737 (A vulnerability has been identified in Nucleus 4 (All versions < V4 ...)
-	TODO: check
+	NOT-FOR-US: Nucleus (Siemens)
 CVE-2020-27736 (A vulnerability has been identified in Nucleus 4 (All versions < V4 ...)
-	TODO: check
+	NOT-FOR-US: Nucleus (Siemens)
 CVE-2020-27735 (An XSS issue was discovered in Wing FTP 6.4.4. An arbitrary IFRAME ele ...)
 	NOT-FOR-US: Wing FTP
 CVE-2018-21269 (checkpath in OpenRC through 0.42.1 might allow local users to take own ...)
@@ -40745,7 +40745,7 @@ CVE-2020-27011
 CVE-2020-27010 (A cross-site scripting (XSS) vulnerability in Trend Micro InterScan We ...)
 	NOT-FOR-US: Trend Micro
 CVE-2020-27009 (A vulnerability has been identified in Nucleus NET (All versions <  ...)
-	TODO: check
+	NOT-FOR-US: Nucleus (Siemens)
 CVE-2020-27008 (A vulnerability has been identified in JT2Go (All versions < V13.1. ...)
 	NOT-FOR-US: JT2Go
 CVE-2020-27007 (A vulnerability has been identified in JT2Go (All versions < V13.1. ...)
@@ -40769,7 +40769,7 @@ CVE-2020-26999 (A vulnerability has been identified in JT2Go (All versions <
 CVE-2020-26998 (A vulnerability has been identified in JT2Go (All versions < V13.1. ...)
 	NOT-FOR-US: JT2Go
 CVE-2020-26997 (A vulnerability has been identified in Solid Edge SE2020 (All versions ...)
-	TODO: check
+	NOT-FOR-US: Solid Edge (Siemens)
 CVE-2020-26996 (A vulnerability has been identified in JT2Go (All versions < V13.1. ...)
 	NOT-FOR-US: JT2Go
 CVE-2020-26995 (A vulnerability has been identified in JT2Go (All versions < V13.1. ...)
@@ -60782,9 +60782,9 @@ CVE-2020-17566
 CVE-2020-17565
 	RESERVED
 CVE-2020-17564 (Path Traversal in FeiFeiCMS v4.0 allows remote attackers to delete arb ...)
-	TODO: check
+	NOT-FOR-US: FeiFeiCMS
 CVE-2020-17563 (Path Traversal in FeiFeiCMS v4.0 allows remote attackers to delete arb ...)
-	TODO: check
+	NOT-FOR-US: FeiFeiCMS
 CVE-2020-17562
 	RESERVED
 CVE-2020-17561
@@ -64888,7 +64888,7 @@ CVE-2020-15797 (A vulnerability has been identified in DCA Vantage Analyzer (All
 CVE-2020-15796 (A vulnerability has been identified in SIMATIC ET 200SP Open Controlle ...)
 	NOT-FOR-US: Siemens
 CVE-2020-15795 (A vulnerability has been identified in Nucleus NET (All versions <  ...)
-	TODO: check
+	NOT-FOR-US: Nucleus (Siemens)
 CVE-2020-15794 (A vulnerability has been identified in Desigo Insight (All versions).  ...)
 	NOT-FOR-US: Desigo Insight
 CVE-2020-15793 (A vulnerability has been identified in Desigo Insight (All versions).  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17772994202e123b0a59f6cb42bd603107783ec6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17772994202e123b0a59f6cb42bd603107783ec6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210423/d441e160/attachment.htm>

More information about the debian-security-tracker-commits mailing list