[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Aug 20 21:58:59 BST 2021



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
467d219b by Moritz Muehlenhoff at 2021-08-20T22:58:40+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -113,7 +113,7 @@ CVE-2021-3729
 CVE-2021-3728
 	RESERVED
 CVE-2020-36474 (SafeCurl before 0.9.2 has a DNS rebinding vulnerability. ...)
-	TODO: check
+	NOT-FOR-US: SafeCurl
 CVE-2021-39303
 	RESERVED
 CVE-2021-39302 (MISP 2.4.148, in certain configurations, allows SQL injection via the  ...)
@@ -5857,7 +5857,7 @@ CVE-2021-3650
 CVE-2021-3649 (chatwoot is vulnerable to Inefficient Regular Expression Complexity ...)
 	NOT-FOR-US: chatwoot
 CVE-2021-36748 (A SQL Injection issue in the list controller of the Prestahome Blog (a ...)
-	TODO: check
+	NOT-FOR-US: Prestahome Blog
 CVE-2021-36747 (Blackboard Learn through 9.1 allows XSS by an authenticated user via t ...)
 	NOT-FOR-US: Blackboard Learn
 CVE-2021-36746 (Blackboard Learn through 9.1 allows XSS by an authenticated user via t ...)
@@ -7585,29 +7585,29 @@ CVE-2021-36018
 CVE-2021-36017
 	RESERVED
 CVE-2021-36016 (Adobe Media Encoder version 15.2 (and earlier) is affected by an Out-o ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-36015 (Adobe Media Encoder version 15.2 (and earlier) is affected by a memory ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-36014 (Adobe Media Encoder version 15.2 (and earlier) is affected by an unini ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-36013
 	RESERVED
 CVE-2021-36012
 	RESERVED
 CVE-2021-36011 (Adobe Illustrator version 25.2.3 (and earlier) is affected by a potent ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-36010 (Adobe Illustrator version 25.2.3 (and earlier) is affected by an out-o ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-36009 (Adobe Illustrator version 25.2.3 (and earlier) is affected by an memor ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-36008 (Adobe Illustrator version 25.2.3 (and earlier) is affected by an Use-a ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-36007 (Adobe Prelude version 10.0 (and earlier) are affected by an uninitiali ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-36006 (Adobe Photoshop versions 21.2.9 (and earlier) and 22.4.2 (and earlier) ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-36005 (Adobe Photoshop versions 21.2.9 (and earlier) and 22.4.2 (and earlier) ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-36004 (Adobe InDesign version 16.0 (and earlier) is affected by an Out-of-bou ...)
 	NOT-FOR-US: Adobe
 CVE-2021-36003
@@ -7615,15 +7615,15 @@ CVE-2021-36003
 CVE-2021-36002
 	RESERVED
 CVE-2021-36001 (Adobe Character Animator version 4.2 (and earlier) is affected by an o ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-36000 (Adobe Character Animator version 4.2 (and earlier) is affected by a me ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-35999 (Adobe Prelude version 10.0 (and earlier) is affected by a memory corru ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-35998
 	RESERVED
 CVE-2021-35997 (Adobe Premiere Pro version 15.2 (and earlier) is affected by a memory  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-35996
 	RESERVED
 CVE-2021-35995
@@ -7633,29 +7633,29 @@ CVE-2021-35994
 CVE-2021-35993
 	RESERVED
 CVE-2021-35992 (Adobe Bridge version 11.0.2 (and earlier) is affected by an Out-of-bou ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-35991 (Adobe Bridge version 11.0.2 (and earlier) is affected by an uninitiali ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-35990 (Adobe Bridge version 11.0.2 (and earlier) is affected by an Out-of-bou ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-35989 (Adobe Bridge version 11.0.2 (and earlier) is affected by an Out-of-bou ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-35988 (Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.3000 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-35987 (Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.3000 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-35986 (Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.3000 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-35985 (Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.3000 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-35984 (Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.3000 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-35983 (Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.3000 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-35982
 	RESERVED
 CVE-2021-35981 (Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.3000 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-35980
 	RESERVED
 CVE-2021-35979
@@ -8595,7 +8595,7 @@ CVE-2021-35531
 CVE-2021-35530
 	RESERVED
 CVE-2021-35529 (Insufficiently Protected Credentials vulnerability in client environme ...)
-	TODO: check
+	NOT-FOR-US: Hitachi
 CVE-2021-35528
 	RESERVED
 CVE-2021-35527 (Password autocomplete vulnerability in the web application password fi ...)
@@ -11126,7 +11126,7 @@ CVE-2021-34435
 CVE-2021-34434
 	RESERVED
 CVE-2021-34433 (In Eclipse Californium version 2.0.0 to 2.6.4 and 3.0.0-M1 to 3.0.0-M3 ...)
-	TODO: check
+	NOT-FOR-US: Eclipse Californium
 CVE-2021-34432 (In Eclipse Mosquitto versions 2.07 and earlier, the server will crash  ...)
 	- mosquitto 2.0.8-1
 	[buster] - mosquitto <ignored> (Vulnerable code is not accessible in version 1.x)
@@ -11600,7 +11600,7 @@ CVE-2021-34230
 CVE-2021-34229
 	RESERVED
 CVE-2021-34228 (Cross-site scripting in parent_control.htm in TOTOLINK A3002R version  ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2021-34227
 	RESERVED
 CVE-2021-34226
@@ -11610,23 +11610,23 @@ CVE-2021-34225
 CVE-2021-34224
 	RESERVED
 CVE-2021-34223 (Cross-site scripting in urlfilter.htm in TOTOLINK A3002R version V1.1. ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2021-34222
 	RESERVED
 CVE-2021-34221
 	RESERVED
 CVE-2021-34220 (Cross-site scripting in tr069config.htm in TOTOLINK A3002R version V1. ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2021-34219
 	RESERVED
 CVE-2021-34218 (Directory Indexing in Login Portal of Login Portal of TOTOLINK-A702R-V ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2021-34217
 	RESERVED
 CVE-2021-34216
 	RESERVED
 CVE-2021-34215 (Cross-site scripting in tcpipwan.htm in TOTOLINK A3002R version V1.1.1 ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2021-34214
 	RESERVED
 CVE-2021-34213
@@ -11642,7 +11642,7 @@ CVE-2021-34209
 CVE-2021-34208
 	RESERVED
 CVE-2021-34207 (Cross-site scripting in ddns.htm in TOTOLINK A3002R version V1.1.1-B20 ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2021-34206
 	RESERVED
 CVE-2021-34205
@@ -25675,25 +25675,25 @@ CVE-2021-3445 (A flaw was found in libdnf's signature verification functionality
 CVE-2021-28644
 	RESERVED
 CVE-2021-28643 (Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.3000 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-28642 (Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.3000 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-28641 (Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.3000 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-28640 (Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.3000 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-28639 (Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.3000 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-28638 (Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.3000 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-28637 (Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.3000 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-28636 (Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.3000 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-28635 (Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.3000 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-28634 (Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.3000 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-28633
 	RESERVED
 CVE-2021-28632
@@ -25713,7 +25713,7 @@ CVE-2021-28626
 CVE-2021-28625
 	RESERVED
 CVE-2021-28624 (Adobe Bridge version 11.0.2 (and earlier) are affected by a Heap-based ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-28623 (Adobe Premiere Elements version 5.2 (and earlier) is affected by an in ...)
 	NOT-FOR-US: Adobe
 CVE-2021-28622
@@ -25771,19 +25771,19 @@ CVE-2021-28597 (Adobe Photoshop Elements version 5.2 (and earlier) is affected b
 CVE-2021-28596
 	RESERVED
 CVE-2021-28595 (Adobe Dimension version 3.4 (and earlier) is affected by an Uncontroll ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-28594
 	RESERVED
 CVE-2021-28593 (Adobe Illustrator version 25.2.3 (and earlier) is affected by a Use Af ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-28592 (Adobe Illustrator version 25.2.3 (and earlier) is affected by an Out-o ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-28591 (Adobe Illustrator version 25.2.3 (and earlier) is affected by an Out-o ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-28590 (Adobe Media Encoder version 15.2 (and earlier) is affected by an Out-o ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-28589 (Adobe Media Encoder version 15.2 (and earlier) is affected by an Out-o ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-28588 (Adobe RoboHelp Server version 2019.0.9 (and earlier) is affected by a  ...)
 	NOT-FOR-US: Adobe
 CVE-2021-28587 (After Effects versions 18.0 (and earlier) are affected by an out-of-bo ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/467d219bc58adfbc80f926fac5eb21b25b7699bf

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/467d219bc58adfbc80f926fac5eb21b25b7699bf
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210820/ff86fb23/attachment.htm>


More information about the debian-security-tracker-commits mailing list