[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Aug 13 20:26:04 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ca98d61e by Salvatore Bonaccorso at 2021-08-13T21:25:29+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1782,7 +1782,7 @@ CVE-2021-37843 (The resolution SAML SSO apps for Atlassian products allow a remo
 CVE-2021-37842
 	RESERVED
 CVE-2021-37841 (Docker Desktop before 3.6.0 suffers from incorrect access control. If  ...)
-	TODO: check
+	NOT-FOR-US: Docker Desktop on Windows
 CVE-2021-37840 (aaPanel through 6.8.12 allows Cross-Site WebSocket Hijacking (CSWH) in ...)
 	NOT-FOR-US: aaPanel
 CVE-2021-37839
@@ -2316,7 +2316,7 @@ CVE-2021-37603
 CVE-2021-37602
 	RESERVED
 CVE-2021-37599 (The exporter/Login.aspx login form in the Exporter in Nuance Winscribe ...)
-	TODO: check
+	NOT-FOR-US: Nuance
 CVE-2021-3668
 	RESERVED
 CVE-2021-37600 (An integer overflow in util-linux through 2.37.1 can potentially cause ...)
@@ -3624,7 +3624,7 @@ CVE-2021-36984
 CVE-2021-36983 (replay-sorcery-kms in Replay Sorcery 0.6.0 allows a local attacker to  ...)
 	NOT-FOR-US: ReplaySorcery
 CVE-2021-36982 (AIMANAGER before B115 on MONITORAPP Application Insight Web Applicatio ...)
-	TODO: check
+	NOT-FOR-US: MONITORAPP Application Insight Web Application Firewall (AIWAF) devices
 CVE-2021-36981
 	RESERVED
 CVE-2021-3655 (A vulnerability was found in the Linux kernel in versions before v5.14 ...)
@@ -3784,7 +3784,7 @@ CVE-2021-36923
 CVE-2021-36922
 	RESERVED
 CVE-2021-36921 (AIMANAGER before B115 on MONITORAPP Application Insight Web Applicatio ...)
-	TODO: check
+	NOT-FOR-US: MONITORAPP Application Insight Web Application Firewall (AIWAF) devices
 CVE-2021-36920
 	RESERVED
 CVE-2021-36919
@@ -12336,7 +12336,7 @@ CVE-2021-33200 (kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforce
 	NOTE: https://www.openwall.com/lists/oss-security/2021/05/27/1
 	NOTE: Issue introduced due to fixes applied for CVE-2021-29155
 CVE-2021-33199 (In Expression Engine before 6.0.3, addonIcon in Addons/file/mod.file.p ...)
-	TODO: check
+	NOT-FOR-US: Expression Engine
 CVE-2021-33198 (In Go before 1.15.13 and 1.16.x before 1.16.5, there can be a panic fo ...)
 	- golang-1.16 1.16.5-1
 	- golang-1.15 1.15.9-5
@@ -12705,7 +12705,7 @@ CVE-2021-33058
 CVE-2021-33057
 	RESERVED
 CVE-2021-33056 (Belledonne Belle-sip before 4.5.20, as used in Linphone and other prod ...)
-	TODO: check
+	NOT-FOR-US: Belledonne Belle-sip
 CVE-2021-33055
 	RESERVED
 CVE-2021-33054 (SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not valida ...)
@@ -16139,7 +16139,7 @@ CVE-2021-31733
 CVE-2021-31732
 	RESERVED
 CVE-2021-31731 (A directory traversal issue in KiteCMS 1.1.1 allows remote administrat ...)
-	TODO: check
+	NOT-FOR-US: KiteCMS
 CVE-2021-31730
 	RESERVED
 CVE-2021-31729
@@ -26052,15 +26052,15 @@ CVE-2021-27796
 CVE-2021-27795
 	RESERVED
 CVE-2021-27794 (A vulnerability in the authentication mechanism of Brocade Fabric OS v ...)
-	TODO: check
+	NOT-FOR-US: Brocade Fabric OS
 CVE-2021-27793 (ntermittent authorization failure in aaa tacacs+ with Brocade Fabric O ...)
-	TODO: check
+	NOT-FOR-US: Brocade Fabric OS
 CVE-2021-27792 (The command “ipfilter” in Brocade Fabric OS before Brocade ...)
-	TODO: check
+	NOT-FOR-US: Brocade Fabric OS
 CVE-2021-27791 (The function that is used to parse the Authentication header in Brocad ...)
-	TODO: check
+	NOT-FOR-US: Brocade Fabric OS
 CVE-2021-27790 (The command “ipfilter” in Brocade Fabric OS before Brocade ...)
-	TODO: check
+	NOT-FOR-US: Brocade Fabric OS
 CVE-2021-27789
 	RESERVED
 CVE-2021-27788
@@ -71597,7 +71597,7 @@ CVE-2020-21365
 CVE-2020-21364
 	RESERVED
 CVE-2020-21363 (An arbitrary file deletion vulnerability exists within Maccms10. ...)
-	TODO: check
+	NOT-FOR-US: Maccms10
 CVE-2020-21362 (A cross site scripting (XSS) vulnerability in the background search fu ...)
 	NOT-FOR-US: Maccms10
 CVE-2020-21361
@@ -77492,7 +77492,7 @@ CVE-2020-18465
 CVE-2020-18464 (Cross Site Request Forgery (CSRF) vulnerability in AikCms 2.0.0 in vid ...)
 	NOT-FOR-US: AikCms
 CVE-2020-18463 (Cross Site Request Forgery (CSRF) vulnerability exists in v2.0.0 in vi ...)
-	TODO: check
+	NOT-FOR-US: aikcms
 CVE-2020-18462 (File Upload vulnerabilty in AikCms v2.0.0 in poster_edit.php because t ...)
 	NOT-FOR-US: AikCms
 CVE-2020-18461



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ca98d61eae1b528f0a27f32be3484b76ef2cb27b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ca98d61eae1b528f0a27f32be3484b76ef2cb27b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210813/bf7311ef/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list