[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Aug 11 21:45:41 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4c7017cc by Salvatore Bonaccorso at 2021-08-11T22:45:17+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -25,19 +25,19 @@ CVE-2021-38551
 CVE-2021-38550
 	RESERVED
 CVE-2021-38549 (MIRACASE MHUB500 USB splitters through 2021-08-09, in certain specific ...)
-	TODO: check
+	NOT-FOR-US: MIRACASE MHUB500 USB splitters
 CVE-2021-38548 (JBL Go 2 devices through 2021-08-09 allow remote attackers to recover  ...)
 	TODO: check
 CVE-2021-38547 (Logitech Z120 and S120 speakers through 2021-08-09 allow remote attack ...)
-	TODO: check
+	NOT-FOR-US: Logitech
 CVE-2021-38546 (CREATIVE Pebble devices through 2021-08-09 allow remote attackers to r ...)
-	TODO: check
+	NOT-FOR-US: CREATIVE Pebble devices
 CVE-2021-38545 (Raspberry Pi 3 B+ and 4 B devices through 2021-08-09, in certain speci ...)
 	TODO: check
 CVE-2021-38544 (Sony SRS-XB33 and SRS-XB43 devices through 2021-08-09 allow remote att ...)
-	TODO: check
+	NOT-FOR-US: Sony SRS-XB33 and SRS-XB43 devices
 CVE-2021-38543 (TP-Link UE330 USB splitter devices through 2021-08-09, in certain spec ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2021-38542
 	RESERVED
 CVE-2021-38541
@@ -1144,7 +1144,7 @@ CVE-2021-38087
 CVE-2021-38086
 	RESERVED
 CVE-2021-38085 (The Canon TR150 print driver through 3.71.2.10 is vulnerable to a priv ...)
-	TODO: check
+	NOT-FOR-US: Canon
 CVE-2021-38084 (An issue was discovered in the POP3 component of Courier Mail Server b ...)
 	- courier <unfixed> (bug #989375)
 	[bullseye] - courier <no-dsa> (Minor issue)
@@ -8878,7 +8878,7 @@ CVE-2021-34642
 CVE-2021-34641
 	RESERVED
 CVE-2021-34640 (The Securimage-WP-Fixed WordPress plugin is vulnerable to Reflected Cr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-34639 (Authenticated File Upload in WordPress Download Manager <= 3.1.24 a ...)
 	NOT-FOR-US: WordPress Download Manager
 CVE-2021-34638 (Authenticated Directory Traversal in WordPress Download Manager <=  ...)
@@ -11303,9 +11303,9 @@ CVE-2021-33597 (A Denial-of-Service (DoS) vulnerability was discovered in F-Secu
 CVE-2021-33596 (Showing the legitimate URL in the address bar while loading the conten ...)
 	NOT-FOR-US: F-Secure
 CVE-2021-33595 (A address bar spoofing vulnerability was discovered in Safe Browser fo ...)
-	TODO: check
+	NOT-FOR-US: Safe Browser for iOS
 CVE-2021-33594 (An address bar spoofing vulnerability was discovered in Safe Browser f ...)
-	TODO: check
+	NOT-FOR-US: Safe Browser for Android
 CVE-2021-33593
 	RESERVED
 CVE-2021-33592 (NAVER Toolbar before 4.0.30.323 allows remote attackers to execute arb ...)
@@ -12819,7 +12819,7 @@ CVE-2021-32949
 CVE-2021-32948 (An out-of-bounds write issue exists in the DWG file-reading procedure  ...)
 	NOT-FOR-US: Open Design Alliance
 CVE-2021-32947 (FATEK Automation FvDesigner, Versions 1.5.88 and prior is vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: FATEK Automation FvDesigner
 CVE-2021-32946 (An improper check for unusual or exceptional conditions issue exists w ...)
 	NOT-FOR-US: Open Design Alliance
 CVE-2021-32945
@@ -12835,7 +12835,7 @@ CVE-2021-32941
 CVE-2021-32940 (An out-of-bounds read issue exists in the DWG file-recovering procedur ...)
 	NOT-FOR-US: Open Design Alliance
 CVE-2021-32939 (FATEK Automation FvDesigner, Versions 1.5.88 and prior is vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: FATEK Automation FvDesigner
 CVE-2021-32938 (Drawings SDK (All versions prior to 2022.4) are vulnerable to an out-o ...)
 	NOT-FOR-US: Open Design Alliance
 CVE-2021-32937
@@ -12851,7 +12851,7 @@ CVE-2021-32933
 CVE-2021-32932 (The affected product is vulnerable to a SQL injection, which may allow ...)
 	NOT-FOR-US: Advantech
 CVE-2021-32931 (An uninitialized pointer in FATEK Automation FvDesigner, Versions 1.5. ...)
-	TODO: check
+	NOT-FOR-US: FATEK Automation FvDesigner
 CVE-2021-32930 (The affected product’s configuration is vulnerable due to missin ...)
 	NOT-FOR-US: Advantech
 CVE-2021-32929
@@ -36829,17 +36829,17 @@ CVE-2021-3052
 CVE-2021-3051
 	RESERVED
 CVE-2021-3050 (An OS command injection vulnerability in the Palo Alto Networks PAN-OS ...)
-	TODO: check
+	NOT-FOR-US: Palo Alto Networks PAN-OS
 CVE-2021-3049
 	RESERVED
 CVE-2021-3048 (Certain invalid URL entries contained in an External Dynamic List (EDL ...)
-	TODO: check
+	NOT-FOR-US: Palo Alto Networks
 CVE-2021-3047 (A cryptographically weak pseudo-random number generator (PRNG) is used ...)
-	TODO: check
+	NOT-FOR-US: Palo Alto Networks
 CVE-2021-3046 (An improper authentication vulnerability exists in Palo Alto Networks  ...)
-	TODO: check
+	NOT-FOR-US: Palo Alto Networks
 CVE-2021-3045 (An OS command argument injection vulnerability in the Palo Alto Networ ...)
-	TODO: check
+	NOT-FOR-US: Palo Alto Networks
 CVE-2021-3044 (An improper authorization vulnerability in Palo Alto Networks Cortex X ...)
 	NOT-FOR-US: Palo Alto Networks
 CVE-2021-3043 (A reflected cross-site scripting (XSS) vulnerability exists in the Pri ...)
@@ -56759,7 +56759,7 @@ CVE-2021-0198
 CVE-2021-0197
 	RESERVED
 CVE-2021-0196 (Improper access control in kernel mode driver for some Intel(R) NUC 9  ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2021-0195
 	RESERVED
 CVE-2021-0194
@@ -56831,7 +56831,7 @@ CVE-2021-0162
 CVE-2021-0161
 	RESERVED
 CVE-2021-0160 (Uncontrolled search path in some Intel(R) NUC Pro Chassis Element Aver ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2021-0159
 	RESERVED
 CVE-2021-0158
@@ -56998,7 +56998,7 @@ CVE-2021-0085
 CVE-2021-0084 (Improper input validation in the Intel(R) Ethernet Controllers X722 an ...)
 	TODO: check
 CVE-2021-0083 (Improper input validation in some Intel(R) Optane(TM) PMem versions be ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2021-0082
 	RESERVED
 CVE-2021-0081



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4c7017cc3856ce3670abe0a588fa18afc93d0ede

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4c7017cc3856ce3670abe0a588fa18afc93d0ede
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210811/2a80d646/attachment.htm>

More information about the debian-security-tracker-commits mailing list