[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Dec 2 08:26:33 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
27c0b19d by Salvatore Bonaccorso at 2021-12-02T09:25:59+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2002,11 +2002,11 @@ CVE-2021-43796
 CVE-2021-43795
 	RESERVED
 CVE-2021-43794 (Discourse is an open source discussion platform. In affected versions  ...)
-	TODO: check
+	NOT-FOR-US: Discourse
 CVE-2021-43793 (Discourse is an open source discussion platform. In affected versions  ...)
-	TODO: check
+	NOT-FOR-US: Discourse
 CVE-2021-43792 (Discourse is an open source discussion platform. In affected versions  ...)
-	TODO: check
+	NOT-FOR-US: Discourse
 CVE-2021-43791 (Zulip is an open source group chat application that combines real-time ...)
 	TODO: check
 CVE-2021-43790 (Lucet is a native WebAssembly compiler and runtime. There is a bug in  ...)
@@ -5405,7 +5405,7 @@ CVE-2021-43139
 CVE-2021-43138
 	RESERVED
 CVE-2021-43137 (Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulne ...)
-	TODO: check
+	NOT-FOR-US: hostel management system
 CVE-2021-43136 (An authentication bypass issue in FormaLMS <= 2.4.4 allows an attac ...)
 	NOT-FOR-US: FormaLMS
 CVE-2021-43135
@@ -6249,7 +6249,7 @@ CVE-2021-42778
 CVE-2021-42777
 	RESERVED
 CVE-2021-42776 (CloverDX Server before 5.11.2 and and 5.12.x before 5.12.1 allows XXE  ...)
-	TODO: check
+	NOT-FOR-US: CloverDX Server
 CVE-2021-42775 (Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.4 ...)
 	NOT-FOR-US: Broadcom Emulex HBA Manager/One Command Manager
 CVE-2021-42774 (Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.4 ...)
@@ -30190,25 +30190,25 @@ CVE-2021-33276
 CVE-2021-33275
 	RESERVED
 CVE-2021-33274 (D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_201 ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2021-33273
 	RESERVED
 CVE-2021-33272
 	RESERVED
 CVE-2021-33271 (D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_201 ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2021-33270 (D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_201 ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2021-33269 (D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_201 ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2021-33268 (D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_201 ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2021-33267 (D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_201 ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2021-33266 (D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_201 ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2021-33265 (D-Link DIR-809 devices with firmware through DIR-809Ax_FW1.12WWB03_201 ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2021-33264
 	RESERVED
 CVE-2021-33263
@@ -118325,7 +118325,7 @@ CVE-2020-10629 (WebAccess/NMS (versions prior to 3.0.2) does not sanitize XML in
 CVE-2020-10628 (ControlEdge PLC (R130.2, R140, R150, and R151) and RTU (R101, R110, R1 ...)
 	NOT-FOR-US: ControlEdge PLC
 CVE-2020-10627 (Insulet Omnipod Insulin Management System insulin pump product ID 1919 ...)
-	TODO: check
+	NOT-FOR-US: Insulet Omnipod Insulin Management System
 CVE-2020-10626 (In Fazecast jSerialComm, Version 2.2.2 and prior, an uncontrolled sear ...)
 	NOT-FOR-US: Fazecast jSerialComm
 CVE-2020-10625 (WebAccess/NMS (versions prior to 3.0.2) allows an unauthenticated remo ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27c0b19d1cb387c0cf71e62941445ce476fd5b9b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27c0b19d1cb387c0cf71e62941445ce476fd5b9b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211202/1452a036/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list