[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
carnil at debian.org
Fri Apr 30 21:37:27 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b36cc3f0 by Salvatore Bonaccorso at 2021-04-30T22:37:01+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1579,9 +1579,9 @@ CVE-2021-31234
CVE-2021-31233
RESERVED
CVE-2021-31232 (The Alertmanager in CNCF Cortex before 1.8.1 has a local file disclosu ...)
- TODO: check
+ NOT-FOR-US: CNCF Cortex
CVE-2021-31231 (The Alertmanager in Grafana Enterprise Metrics before 1.2.1 and Metric ...)
- TODO: check
+ NOT-FOR-US: Grafana Enterprise Metrics and Metrics Enterprise
CVE-2021-31230
RESERVED
CVE-2021-31229 (An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ...)
@@ -6737,7 +6737,7 @@ CVE-2021-28961 (applications/luci-app-ddns/luasrc/model/cbi/ddns/detail.lua in t
CVE-2021-28960
RESERVED
CVE-2021-28959 (Zoho ManageEngine Eventlog Analyzer through 12147 is vulnerable to una ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-28958
RESERVED
CVE-2021-28956 (** UNSUPPORTED WHEN ASSIGNED ** The unofficial vscode-sass-lint (aka S ...)
@@ -23784,13 +23784,13 @@ CVE-2021-21539
CVE-2021-21538
RESERVED
CVE-2021-21537 (Dell Hybrid Client versions prior to 1.5 contain an information exposu ...)
- TODO: check
+ NOT-FOR-US: Dell Hybrid Client
CVE-2021-21536 (Dell Hybrid Client versions prior to 1.5 contain an information exposu ...)
- TODO: check
+ NOT-FOR-US: Dell Hybrid Client
CVE-2021-21535 (Dell Hybrid Client versions prior to 1.5 contain a missing authenticat ...)
- TODO: check
+ NOT-FOR-US: Dell Hybrid Client
CVE-2021-21534 (Dell Hybrid Client versions prior to 1.5 contain an information exposu ...)
- TODO: check
+ NOT-FOR-US: Dell Hybrid Client
CVE-2021-21533 (Wyse Management Suite versions up to 3.2 contains a vulnerability wher ...)
NOT-FOR-US: Wyse Management Suite
CVE-2021-21532 (Dell Wyse ThinOS 8.6 MR9 contains remediation for an improper manageme ...)
@@ -40541,7 +40541,7 @@ CVE-2020-27521
CVE-2020-27520
RESERVED
CVE-2020-27519 (Pritunl Client v1.2.2550.20 contains a local privilege escalation vuln ...)
- TODO: check
+ NOT-FOR-US: Pritunl Client
CVE-2020-27518
RESERVED
CVE-2020-27517
@@ -46729,7 +46729,7 @@ CVE-2020-24920
CVE-2020-24919
RESERVED
CVE-2020-24918 (A buffer overflow in the RTSP service of the Ambarella Oryx RTSP Serve ...)
- TODO: check
+ NOT-FOR-US: Ambarella
CVE-2020-24917 (osTicket before 1.14.3 allows XSS via a crafted filename to DraftAjaxA ...)
NOT-FOR-US: osTicket
CVE-2020-24916 (CGI implementation in Yaws web server versions 1.81 to 2.0.7 is vulner ...)
@@ -60651,7 +60651,7 @@ CVE-2020-18072
CVE-2020-18071
RESERVED
CVE-2020-18070 (Path Traversal in iCMS v7.0.13 allows remote attackers to delete folde ...)
- TODO: check
+ NOT-FOR-US: iCMS
CVE-2020-18069
RESERVED
CVE-2020-18068
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b36cc3f02ee47abec994dd6a88d82d22aaeaf42c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b36cc3f02ee47abec994dd6a88d82d22aaeaf42c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210430/100723bb/attachment.htm>
More information about the debian-security-tracker-commits
mailing list