[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Dec 8 20:24:42 GMT 2021



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f17e2be8 by Salvatore Bonaccorso at 2021-12-08T21:24:17+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -384,9 +384,9 @@ CVE-2021-44559
 CVE-2021-44558
 	RESERVED
 CVE-2021-44557 (National Library of the Netherlands multiNER <= c0440948057afc6e3d6 ...)
-	TODO: check
+	NOT-FOR-US: National Library of the Netherlands multiNER
 CVE-2021-44556 (National Library of the Netherlands digger < 6697d1269d981e35e11f24 ...)
-	TODO: check
+	NOT-FOR-US: National Library of the Netherlands digger
 CVE-2021-44555
 	RESERVED
 CVE-2021-44554
@@ -6213,15 +6213,15 @@ CVE-2021-43069
 CVE-2021-43068
 	RESERVED
 CVE-2021-43067 (A exposure of sensitive information to an unauthorized actor in Fortin ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2021-43066
 	RESERVED
 CVE-2021-43065
 	RESERVED
 CVE-2021-43064 (A url redirection to untrusted site ('open redirect') in Fortinet Fort ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2021-43063 (A improper neutralization of input during web page generation ('cross- ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2021-43062
 	RESERVED
 CVE-2022-20621
@@ -6458,35 +6458,35 @@ CVE-2021-42988 (Eltima USB Network Gate is affected by Buffer Overflow. IOCTL Ha
 CVE-2021-42987 (Eltima USB Network Gate is affected by Integer Overflow. IOCTL Handler ...)
 	NOT-FOR-US: Eltima USB Network Gate
 CVE-2021-42986 (NoMachine Enterprise Client is affected by Integer Overflow. IOCTL Han ...)
-	TODO: check
+	NOT-FOR-US: NoMachine
 CVE-2021-42985
 	RESERVED
 CVE-2021-42984
 	RESERVED
 CVE-2021-42983 (NoMachine Enterprise Client is affected by Buffer Overflow. IOCTL Hand ...)
-	TODO: check
+	NOT-FOR-US: NoMachine
 CVE-2021-42982
 	RESERVED
 CVE-2021-42981
 	RESERVED
 CVE-2021-42980 (NoMachine Cloud Server is affected by Buffer Overflow. IOCTL Handler 0 ...)
-	TODO: check
+	NOT-FOR-US: NoMachine
 CVE-2021-42979 (NoMachine Cloud Server is affected by Integer Overflow. IOCTL Handler  ...)
-	TODO: check
+	NOT-FOR-US: NoMachine
 CVE-2021-42978
 	RESERVED
 CVE-2021-42977 (NoMachine Enterprise Desktop is affected by Integer Overflow. IOCTL Ha ...)
-	TODO: check
+	NOT-FOR-US: NoMachine
 CVE-2021-42976 (NoMachine Enterprise Desktop is affected by Buffer Overflow. IOCTL Han ...)
-	TODO: check
+	NOT-FOR-US: NoMachine
 CVE-2021-42975
 	RESERVED
 CVE-2021-42974
 	RESERVED
 CVE-2021-42973 (NoMachine Server is affected by Integer Overflow. IOCTL Handler 0x2200 ...)
-	TODO: check
+	NOT-FOR-US: NoMachine
 CVE-2021-42972 (NoMachine Server is affected by Buffer Overflow. IOCTL Handler 0x22001 ...)
-	TODO: check
+	NOT-FOR-US: NoMachine
 CVE-2021-42971
 	RESERVED
 CVE-2021-42970
@@ -6943,13 +6943,13 @@ CVE-2021-42762 (BubblewrapLauncher.cpp in WebKitGTK and WPE WebKit before 2.34.1
 CVE-2021-42761
 	RESERVED
 CVE-2021-42760 (A improper neutralization of special elements used in an sql command ( ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2021-42759
 	RESERVED
 CVE-2021-42758 (An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 a ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2021-42757 (A buffer overflow [CWE-121] in the TFTP client library of FortiOS befo ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2021-42756
 	RESERVED
 CVE-2021-42755
@@ -6959,7 +6959,7 @@ CVE-2021-42754 (An improper control of generation of code vulnerability [CWE-94]
 CVE-2021-42753
 	RESERVED
 CVE-2021-42752 (A improper neutralization of input during web page generation ('cross- ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2021-42751
 	RESERVED
 CVE-2021-42750
@@ -11308,7 +11308,7 @@ CVE-2021-41452
 CVE-2021-41451
 	RESERVED
 CVE-2021-41450 (An HTTP request smuggling attack in TP-Link AX10v1 before v1_211117 al ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2021-41449
 	RESERVED
 CVE-2021-41448
@@ -12256,7 +12256,7 @@ CVE-2021-41065
 CVE-2021-41064
 	RESERVED
 CVE-2021-41063 (SQL injection vulnerability was discovered in Aanderaa GeoView Webserv ...)
-	TODO: check
+	NOT-FOR-US: Aanderaa GeoView Webservice
 CVE-2021-41062
 	RESERVED
 CVE-2021-41061 (In RIOT-OS 2021.01, nonce reuse in 802.15.4 encryption in the ieee8201 ...)
@@ -12329,25 +12329,25 @@ CVE-2021-41032
 CVE-2021-41031
 	RESERVED
 CVE-2021-41030 (An authentication bypass by capture-replay vulnerability [CWE-294] in  ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2021-41029 (A improper neutralization of input during web page generation ('cross- ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2021-41028
 	RESERVED
 CVE-2021-41027 (A stack-based buffer overflow in Fortinet FortiWeb version 6.4.1 and 6 ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2021-41026
 	RESERVED
 CVE-2021-41025
 	RESERVED
 CVE-2021-41024 (A relative path traversal [CWE-23] vulnerabiltiy in FortiOS versions 7 ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2021-41023 (A unprotected storage of credentials in Fortinet FortiSIEM Windows Age ...)
 	NOT-FOR-US: Fortiguard
 CVE-2021-41022 (A improper privilege management in Fortinet FortiSIEM Windows Agent ve ...)
 	NOT-FOR-US: Fortiguard
 CVE-2021-41021 (A privilege escalation vulnerability in FortiNAC versions 8.8.8 and be ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2021-41020
 	RESERVED
 CVE-2021-41019 (An improper validation of certificate with host mismatch [CWE-297] vul ...)
@@ -12359,11 +12359,11 @@ CVE-2021-41017
 CVE-2021-41016
 	RESERVED
 CVE-2021-41015 (A improper neutralization of input during web page generation ('cross- ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2021-41014 (A uncontrolled resource consumption in Fortinet FortiWeb version 6.4.1 ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2021-41013 (An improper access control vulnerability [CWE-284] in FortiWeb version ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2021-41012
 	RESERVED
 CVE-2021-41011 (LINE client for iOS before 11.15.0 might expose authentication informa ...)
@@ -21912,7 +21912,7 @@ CVE-2021-37099 (There is a Path Traversal vulnerability in Huawei Smartphone.Suc
 CVE-2021-37098
 	RESERVED
 CVE-2021-37097 (There is a Code Injection vulnerability in Huawei Smartphone.Successfu ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-37096 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...)
 	NOT-FOR-US: Huawei
 CVE-2021-37095 (There is a Integer Overflow or Wraparound vulnerability in Huawei Smar ...)
@@ -21920,9 +21920,9 @@ CVE-2021-37095 (There is a Integer Overflow or Wraparound vulnerability in Huawe
 CVE-2021-37094 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...)
 	NOT-FOR-US: Huawei
 CVE-2021-37093 (There is a Improper Access Control vulnerability in Huawei Smartphone. ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-37092 (There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Succe ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-37091 (There is a Permissions,Privileges,and Access Controls vulnerability in ...)
 	NOT-FOR-US: Huawei
 CVE-2021-37090 (There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Succe ...)
@@ -21956,9 +21956,9 @@ CVE-2021-37077 (There is a NULL Pointer Dereference vulnerability in Huawei Smar
 CVE-2021-37076 (There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Succe ...)
 	NOT-FOR-US: Huawei
 CVE-2021-37075 (There is a Credentials Management Errors vulnerability in Huawei Smart ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-37074 (There is a Race Condition vulnerability in Huawei Smartphone.Successfu ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-37073 (There is a Race Condition vulnerability in Huawei Smartphone.Successfu ...)
 	NOT-FOR-US: Huawei
 CVE-2021-37072 (There is a Incorrect Calculation of Buffer Size vulnerability in Huawe ...)
@@ -21968,7 +21968,7 @@ CVE-2021-37071 (There is a Business Logic Errors vulnerability in Huawei Smartph
 CVE-2021-37070 (There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Succe ...)
 	NOT-FOR-US: Huawei
 CVE-2021-37069 (There is a Race Condition vulnerability in Huawei Smartphone.Successfu ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-37068 (There is a Resource Management Errors vulnerability in Huawei Smartpho ...)
 	NOT-FOR-US: Huawei
 CVE-2021-37067 (There is a Exposure of Sensitive Information to an Unauthorized Actor  ...)
@@ -21988,7 +21988,7 @@ CVE-2021-37061 (There is a Uncontrolled Resource Consumption vulnerability in Hu
 CVE-2021-37060 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...)
 	NOT-FOR-US: Huawei
 CVE-2021-37059 (There is a Weaknesses Introduced During Design ...)
-	TODO: check
+	NOT-FOR-US: HarmonyOS
 CVE-2021-37058 (There is a Permissions,Privileges,and Access Controls vulnerability in ...)
 	NOT-FOR-US: Huawei
 CVE-2021-37057 (There is a Improper Validation of Array Index vulnerability in Huawei  ...)
@@ -21998,17 +21998,17 @@ CVE-2021-37056 (There is an Improper permission control vulnerability in Huawei
 CVE-2021-37055 (There is a Logic bypass vulnerability in Huawei Smartphone.Successful  ...)
 	NOT-FOR-US: Huawei
 CVE-2021-37054 (There is an Identity spoofing and authentication bypass vulnerability  ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-37053 (There is a Service logic vulnerability in Huawei Smartphone.Successful ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-37052 (There is an Exception log vulnerability in Huawei Smartphone.Successfu ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-37051 (There is an Out-of-bounds read vulnerability in Huawei Smartphone.Succ ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-37050 (There is a Missing sensitive data encryption vulnerability in Huawei S ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-37049 (There is a Heap-based buffer overflow vulnerability in Huawei Smartpho ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-37048 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...)
 	NOT-FOR-US: Huawei
 CVE-2021-37047 (There is an Input verification vulnerability in Huawei Smartphone.Succ ...)
@@ -22016,9 +22016,9 @@ CVE-2021-37047 (There is an Input verification vulnerability in Huawei Smartphon
 CVE-2021-37046 (There is a Memory leak vulnerability with the codec detection module i ...)
 	NOT-FOR-US: Huawei
 CVE-2021-37045 (There is an UAF vulnerability in Huawei Smartphone.Successful exploita ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-37044 (There is a Permission control vulnerability in Huawei Smartphone.Succe ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-37043 (There is a Stack-based Buffer Overflow vulnerability in Huawei Smartph ...)
 	NOT-FOR-US: Huawei
 CVE-2021-37042 (There is an Improper verification vulnerability in Huawei Smartphone.S ...)
@@ -22026,13 +22026,13 @@ CVE-2021-37042 (There is an Improper verification vulnerability in Huawei Smartp
 CVE-2021-37041 (There is an Improper verification vulnerability in Huawei Smartphone.S ...)
 	NOT-FOR-US: Huawei
 CVE-2021-37040 (There is a Parameter injection vulnerability in Huawei Smartphone.Succ ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-37039 (There is an Input verification vulnerability in Huawei Smartphone.Succ ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-37038 (There is an Improper access control vulnerability in Huawei Smartphone ...)
 	NOT-FOR-US: Huawei
 CVE-2021-37037 (There is an Invalid address access vulnerability in Huawei Smartphone. ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-37036 (There is an information leakage vulnerability in FusionCompute 6.5.1,  ...)
 	NOT-FOR-US: Huawei
 CVE-2021-37035 (There is a Remote DoS vulnerability in Huawei Smartphone.Successful ex ...)
@@ -22730,7 +22730,7 @@ CVE-2021-36762 (An issue was discovered in HCC Embedded InterNiche NicheStack th
 CVE-2021-36761
 	RESERVED
 CVE-2021-36760 (In accountrecoveryendpoint/recoverpassword.do in WSO2 Identity Server  ...)
-	TODO: check
+	NOT-FOR-US: WSO2
 CVE-2021-36759
 	RESERVED
 CVE-2021-3651
@@ -23985,13 +23985,13 @@ CVE-2021-36193
 CVE-2021-36192 (An exposure of sensitive information to an unauthorized actor [CWE-200 ...)
 	NOT-FOR-US: Fortiguard
 CVE-2021-36191 (A url redirection to untrusted site ('open redirect') in Fortinet Fort ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2021-36190 (A unintended proxy or intermediary ('confused deputy') in Fortinet For ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2021-36189
 	RESERVED
 CVE-2021-36188 (A improper neutralization of input during web page generation ('cross- ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2021-36187 (A uncontrolled resource consumption in Fortinet FortiWeb version 6.4.0 ...)
 	NOT-FOR-US: Fortiguard
 CVE-2021-36186 (A stack-based buffer overflow in Fortinet FortiWeb version 6.4.0, vers ...)
@@ -24007,7 +24007,7 @@ CVE-2021-36182 (A Improper neutralization of special elements used in a command
 CVE-2021-36181 (A concurrent execution using shared resource with improper Synchroniza ...)
 	NOT-FOR-US: Fortiguard
 CVE-2021-36180 (Multiple improper neutralization of special elements used in a command ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2021-36179 (A stack-based buffer overflow in Fortinet FortiWeb version 6.3.14 and  ...)
 	NOT-FOR-US: FortiGuard
 CVE-2021-36178 (A insufficiently protected credentials in Fortinet FortiSDNConnector v ...)
@@ -27946,9 +27946,9 @@ CVE-2021-34546 (An unauthenticated attacker with physical access to a computer w
 CVE-2021-34545
 	RESERVED
 CVE-2021-34544 (An issue was discovered in Solar-Log 500 before 2.8.2 Build 52 23.04.2 ...)
-	TODO: check
+	NOT-FOR-US: Solar-Log
 CVE-2021-34543 (The web administration server in Solar-Log 500 before 2.8.2 Build 52 d ...)
-	TODO: check
+	NOT-FOR-US: Solar-Log
 CVE-2021-34542
 	RESERVED
 CVE-2021-34541
@@ -32693,7 +32693,7 @@ CVE-2021-32593
 CVE-2021-32592 (An unsafe search path vulnerability in FortiClientWindows 7.0.0, 6.4.6 ...)
 	NOT-FOR-US: FortiGuard
 CVE-2021-32591 (A missing cryptographic steps vulnerability in the function that encry ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2021-32590 (Multiple improper neutralization of special elements used in an SQL co ...)
 	NOT-FOR-US: FortiPortal
 CVE-2021-32589
@@ -34675,7 +34675,7 @@ CVE-2021-31852 (A Reflected Cross-Site Scripting vulnerability in McAfee Policy
 CVE-2021-31851 (A Reflected Cross-Site Scripting vulnerability in McAfee Policy Audito ...)
 	NOT-FOR-US: McAfee
 CVE-2021-31850 (A denial-of-service vulnerability in Database Security (DBS) prior to  ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2021-31849 (SQL injection vulnerability in McAfee Data Loss Prevention (DLP) ePO e ...)
 	NOT-FOR-US: McAfee
 CVE-2021-31848 (Cross site scripting (XSS) vulnerability in McAfee Data Loss Preventio ...)
@@ -48133,7 +48133,7 @@ CVE-2021-3372
 CVE-2021-3371
 	RESERVED
 CVE-2021-3370 (DouPHP v1.6 was discovered to contain a cross-site scripting (XSS) vul ...)
-	TODO: check
+	NOT-FOR-US: DouPHP
 CVE-2021-3369
 	RESERVED
 CVE-2021-3368
@@ -49307,11 +49307,11 @@ CVE-2021-26112
 CVE-2021-26111 (A missing release of memory after effective lifetime vulnerability in  ...)
 	NOT-FOR-US: Fortiguard
 CVE-2021-26110 (An improper access control vulnerability [CWE-284] in FortiOS autod da ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2021-26109 (An integer overflow or wraparound vulnerability in the memory allocato ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2021-26108 (A use of hard-coded cryptographic key vulnerability in the SSLVPN of F ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2021-26107 (An improper access control vulnerability [CWE-284] in FortiManager ver ...)
 	NOT-FOR-US: Fortiguard
 CVE-2021-26106 (An improper neutralization of special elements used in an OS Command v ...)
@@ -49321,7 +49321,7 @@ CVE-2021-26105
 CVE-2021-26104
 	RESERVED
 CVE-2021-26103 (An insufficient verification of data authenticity vulnerability (CWE-3 ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2021-26102
 	RESERVED
 CVE-2021-26101
@@ -50871,41 +50871,41 @@ CVE-2021-25529
 CVE-2021-25528
 	RESERVED
 CVE-2021-25527 (Improper export of Android application components vulnerability in Sam ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2021-25526 (Intent redirection vulnerability in Samsung Blockchain Wallet prior to ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2021-25525 (Improper check or handling of exception conditions vulnerability in Sa ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2021-25524 (Insecure storage of device information in Contacts prior to version 12 ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2021-25523 (Insecure storage of device information in Samsung Dialer prior to vers ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2021-25522 (Insecure storage of sensitive information vulnerability in Smart Captu ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2021-25521 (Insecure caller check in sharevia deeplink logic prior to Samsung Inte ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2021-25520 (Insecure caller check and input validation vulnerabilities in SearchKe ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2021-25519 (An improper access control vulnerability in CPLC prior to SMR Dec-2021 ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2021-25518 (An improper boundary check in secure_log of LDFW and BL31 prior to SMR ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2021-25517 (An improper input validation vulnerability in LDFW prior to SMR Dec-20 ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2021-25516 (An improper check or handling of exceptional conditions in Exynos base ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2021-25515 (An improper usage of implicit intent in SemRewardManager prior to SMR  ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2021-25514 (An improper intent redirection handling in Tags prior to SMR Dec-2021  ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2021-25513 (An improper privilege management vulnerability in Apps Edge applicatio ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2021-25512 (An improper validation vulnerability in telephony prior to SMR Dec-202 ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2021-25511 (An improper validation vulnerability in FilterProvider prior to SMR De ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2021-25510 (An improper validation vulnerability in FilterProvider prior to SMR De ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2021-25509 (A missing input validation in Samsung Flow Windows application prior t ...)
 	NOT-FOR-US: Samsung
 CVE-2021-25508 (Improper privilege management vulnerability in API Key used in SmartTh ...)
@@ -65767,25 +65767,25 @@ CVE-2021-20049
 CVE-2021-20048
 	RESERVED
 CVE-2021-20047 (SonicWall Global VPN client version 4.10.6 (32-bit and 64-bit) and ear ...)
-	TODO: check
+	NOT-FOR-US: SonicWall
 CVE-2021-20046
 	RESERVED
 CVE-2021-20045 (A buffer overflow vulnerability in SMA100 sonicfiles RAC_COPY_TO (RacN ...)
-	TODO: check
+	NOT-FOR-US: SonicWall
 CVE-2021-20044 (A post-authentication remote command injection vulnerability in SonicW ...)
-	TODO: check
+	NOT-FOR-US: SonicWall
 CVE-2021-20043 (A Heap-based buffer overflow vulnerability in SonicWall SMA100 getBook ...)
-	TODO: check
+	NOT-FOR-US: SonicWall
 CVE-2021-20042 (An unauthenticated remote attacker can use SMA 100 as an unintended pr ...)
-	TODO: check
+	NOT-FOR-US: SonicWall
 CVE-2021-20041 (An unauthenticated and remote adversary can consume all of the device' ...)
-	TODO: check
+	NOT-FOR-US: SonicWall
 CVE-2021-20040 (A relative path traversal vulnerability in the SMA100 upload funtion a ...)
-	TODO: check
+	NOT-FOR-US: SonicWall
 CVE-2021-20039 (Improper neutralization of special elements in the SMA100 management i ...)
-	TODO: check
+	NOT-FOR-US: SonicWall
 CVE-2021-20038 (A Stack-based buffer overflow vulnerability in SMA100 Apache httpd ser ...)
-	TODO: check
+	NOT-FOR-US: SonicWall
 CVE-2021-20037 (SonicWall Global VPN Client 4.10.5 installer (32-bit and 64-bit) incor ...)
 	NOT-FOR-US: SonicWall
 CVE-2021-20036
@@ -89131,7 +89131,7 @@ CVE-2020-22423
 CVE-2020-22422
 	RESERVED
 CVE-2020-22421 (74CMS v6.0.4 was discovered to contain a cross-site scripting (XSS) vu ...)
-	TODO: check
+	NOT-FOR-US: 74CMS
 CVE-2020-22420
 	RESERVED
 CVE-2020-22419



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f17e2be8beee10a00eedcad504c65da791c6c175

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f17e2be8beee10a00eedcad504c65da791c6c175
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211208/a012b63a/attachment.htm>


More information about the debian-security-tracker-commits mailing list