[Git][security-tracker-team/security-tracker][master] Process NFUs

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f94c2ac3 by Salvatore Bonaccorso at 2021-03-09T21:38:24+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1156,23 +1156,23 @@ CVE-2021-27594
 CVE-2021-27593
 	RESERVED
 CVE-2021-27592 (When a user opens manipulated Universal 3D (.U3D) files received from  ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2021-27591 (When a user opens manipulated Portable Document Format (.PDF) format f ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2021-27590 (When a user opens manipulated Tag Image File Format (.TIFF) format fil ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2021-27589 (When a user opens manipulated Scalable Vector Graphics (.SVG) format f ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2021-27588 (When a user opens manipulated HPGL format files received from untruste ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2021-27587 (When a user opens manipulated Jupiter Tessellation (.JT) format files  ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2021-27586 (When a user opens manipulated Interchange File Format (.IFF) format fi ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2021-27585 (When a user opens manipulated Computer Graphics Metafile (.CGM) format ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2021-27584 (When a user opens manipulated PhotoShop Document (.PSD) format files r ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2021-27583 (** UNSUPPORTED WHEN ASSIGNED ** In Directus 8.x through 8.8.1, an atta ...)
 	NOT-FOR-US: Directus
 CVE-2021-27582 (org/mitre/oauth2/web/OAuthConfirmationController.java in the OpenID Co ...)
@@ -15547,7 +15547,7 @@ CVE-2019-25001 (An issue was discovered in the serde_cbor crate before 0.10.2 fo
 CVE-2018-25001 (An issue was discovered in the libpulse-binding crate before 2.5.0 for ...)
 	NOT-FOR-US: libpulse-binding rust crate
 CVE-2021-21493 (When a user opens manipulated Graphics Interchange Format (.GIF) forma ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2021-21492
 	RESERVED
 CVE-2021-21491
@@ -15559,21 +15559,21 @@ CVE-2021-21489
 CVE-2021-21488 (Knowledge Management versions 7.01, 7.02, 7.30, 7.31, 7.40, 7.50 allow ...)
 	TODO: check
 CVE-2021-21487 (SAP Payment Engine version 500, does not perform necessary authorizati ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2021-21486 (SAP Enterprise Financial Services versions, 101, 102, 103, 104, 105, 6 ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2021-21485
 	RESERVED
 CVE-2021-21484 (LDAP authentication in SAP HANA Database version 2.0 can be bypassed i ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2021-21483
 	RESERVED
 CVE-2021-21482
 	RESERVED
 CVE-2021-21481 (The MigrationService, which is part of SAP NetWeaver versions 7.10, 7. ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2021-21480 (SAP MII allows users to create dashboards and save them as JSP through ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2021-21479 (In SCIMono before 0.0.19, it is possible for an attacker to inject and ...)
 	NOT-FOR-US: SAP
 CVE-2021-21478 (SAP Web Dynpro ABAP allow an attacker to redirect users to a malicious ...)
@@ -18783,7 +18783,7 @@ CVE-2021-20343
 CVE-2021-20342
 	RESERVED
 CVE-2021-20341 (IBM Cloud Pak for Multicloud Management Monitoring 2.2 returns potenti ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2021-20340 (IBM Engineering products are vulnerable to cross-site scripting. This  ...)
 	NOT-FOR-US: IBM
 CVE-2021-20339



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f94c2ac3777de6ac84a35ba72cab3cb57626d868

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f94c2ac3777de6ac84a35ba72cab3cb57626d868
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210309/9542722c/attachment-0001.htm>