[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Dec 14 20:45:00 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
618b61a4 by Salvatore Bonaccorso at 2021-12-14T21:43:09+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2321,11 +2321,11 @@ CVE-2021-4026 (bookstack is vulnerable to Improper Access Control ...)
CVE-2021-4025
RESERVED
CVE-2021-44235 (Two methods of a utility class in SAP NetWeaver AS ABAP - versions 700 ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-44234
RESERVED
CVE-2021-44233 (SAP GRC Access Control - versions V1100_700, V1100_731, V1200_750, doe ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-44232 (SAF-T Framework Transaction SAFTN_G allows an attacker to exploit insu ...)
TODO: check
CVE-2021-44231 (Internally used text extraction reports allow an attacker to inject co ...)
@@ -10979,25 +10979,25 @@ CVE-2021-42072 (An issue was discovered in Barrier before 2.4.0. The barriers co
CVE-2021-42071 (In Visual Tools DVR VX16 4.2.28.0, an unauthenticated attacker can ach ...)
NOT-FOR-US: Visual Tools DVR VX16
CVE-2021-42070 (When a user opens manipulated Jupiter Tessellation (.jt) file received ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-42069 (When a user opens manipulated Tagged Image File Format (.tif) file rec ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-42068 (When a user opens a manipulated GIF (.gif) file received from untruste ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-42067
RESERVED
CVE-2021-42066 (SAP Business One - version 10.0, allows an admin user to view DB passw ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-42065
RESERVED
CVE-2021-42064 (If configured to use an Oracle database and if a query is created usin ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-42063 (A security vulnerability has been discovered in the SAP Knowledge Ware ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-42062 (SAP ERP HCM Portugal does not perform necessary authorization checks f ...)
NOT-FOR-US: SAP
CVE-2021-42061 (SAP BusinessObjects Business Intelligence Platform (Web Intelligence) ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-3868
RESERVED
CVE-2021-3867
@@ -18557,7 +18557,7 @@ CVE-2021-38952
CVE-2021-38951 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable ...)
NOT-FOR-US: IBM
CVE-2021-38950 (IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege esc ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2021-38949 (IBM MQ 7.5, 8.0, 9.0 LTS, 9.1 CD, and 9.1 LTS stores user credentials ...)
NOT-FOR-US: IBM
CVE-2021-38948 (IBM InfoSphere Information Server 11.7 is vulnerable to an XML Externa ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/618b61a46da551e000a7df232eada39e74ce85cc
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/618b61a46da551e000a7df232eada39e74ce85cc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211214/300ddfc0/attachment.htm>
More information about the debian-security-tracker-commits
mailing list