[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat May 22 09:31:03 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1876a6b9 by Salvatore Bonaccorso at 2021-05-22T10:30:30+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,19 +1,19 @@
 CVE-2021-33514 (Certain NETGEAR devices are affected by command injection by an unauth ...)
 	NOT-FOR-US: Netgear
 CVE-2021-33513 (Plone through 5.2.4 allows XSS via the inline_diff methods in Products ...)
-	TODO: check
+	NOT-FOR-US: Plone
 CVE-2021-33512 (Plone through 5.2.4 allows stored XSS attacks (by a Contributor) by up ...)
-	TODO: check
+	NOT-FOR-US: Plone
 CVE-2021-33511 (Plone though 5.2.4 allows SSRF via the lxml parser. This affects Diazo ...)
-	TODO: check
+	NOT-FOR-US: Plone
 CVE-2021-33510 (Plone through 5.2.4 allows remote authenticated managers to conduct SS ...)
-	TODO: check
+	NOT-FOR-US: Plone
 CVE-2021-33509 (Plone through 5.2.4 allows remote authenticated managers to perform di ...)
-	TODO: check
+	NOT-FOR-US: Plone
 CVE-2021-33508 (Plone through 5.2.4 allows XSS via a full name that is mishandled duri ...)
-	TODO: check
+	NOT-FOR-US: Plone
 CVE-2021-33507 (Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService b ...)
-	TODO: check
+	NOT-FOR-US: Zope Products.CMFCore (as used in Plone)
 CVE-2021-33506
 	RESERVED
 CVE-2021-33505
@@ -9617,7 +9617,7 @@ CVE-2021-29417 (gitjacker before 0.1.0 allows remote attackers to execute arbitr
 CVE-2021-29416 (An issue was discovered in PortSwigger Burp Suite before 2021.2. Durin ...)
 	NOT-FOR-US: Burp Suite (different from src:burp)
 CVE-2021-29415 (The elliptic curve cryptography (ECC) hardware accelerator, part of th ...)
-	TODO: check
+	NOT-FOR-US: NordicSemiconductor nRF52840
 CVE-2021-29414 (STMicroelectronics STM32L4 devices through 2021-03-29 have incorrect p ...)
 	NOT-FOR-US: STMicroelectronics STM32L4 devices
 CVE-2021-29413
@@ -27769,7 +27769,7 @@ CVE-2021-21554
 CVE-2021-21553
 	RESERVED
 CVE-2021-21552 (Dell Wyse Windows Embedded System versions WIE10 LTSC 2019 and earlier ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2021-21551 (Dell dbutil_2_3.sys driver contains an insufficient access control vul ...)
 	NOT-FOR-US: Dell
 CVE-2021-21550 (Dell EMC PowerScale OneFS 8.1.0-9.1.0 contain an improper neutralizati ...)
@@ -38601,33 +38601,33 @@ CVE-2021-1562
 CVE-2021-1561
 	RESERVED
 CVE-2021-1560 (Multiple vulnerabilities in Cisco DNA Spaces Connector could allow an  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-1559 (Multiple vulnerabilities in Cisco DNA Spaces Connector could allow an  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-1558 (Multiple vulnerabilities in Cisco DNA Spaces Connector could allow an  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-1557 (Multiple vulnerabilities in Cisco DNA Spaces Connector could allow an  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-1556
 	RESERVED
 CVE-2021-1555 (Multiple vulnerabilities in the web-based management interface of cert ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-1554 (Multiple vulnerabilities in the web-based management interface of cert ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-1553 (Multiple vulnerabilities in the web-based management interface of cert ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-1552 (Multiple vulnerabilities in the web-based management interface of cert ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-1551 (Multiple vulnerabilities in the web-based management interface of cert ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-1550 (Multiple vulnerabilities in the web-based management interface of cert ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-1549 (Multiple vulnerabilities in the web-based management interface of cert ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-1548 (Multiple vulnerabilities in the web-based management interface of cert ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-1547 (Multiple vulnerabilities in the web-based management interface of cert ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-1546
 	RESERVED
 CVE-2021-1545
@@ -38659,7 +38659,7 @@ CVE-2021-1533
 CVE-2021-1532 (A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence ...)
 	NOT-FOR-US: Cisco
 CVE-2021-1531 (A vulnerability in the web UI of Cisco Modeling Labs could allow an au ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-1530 (A vulnerability in the web-based management interface of Cisco BroadWo ...)
 	NOT-FOR-US: Cisco
 CVE-2021-1529
@@ -38747,7 +38747,7 @@ CVE-2021-1489 (A vulnerability in filesystem usage management for Cisco Firepowe
 CVE-2021-1488 (A vulnerability in the upgrade process of Cisco Adaptive Security Appl ...)
 	NOT-FOR-US: Cisco
 CVE-2021-1487 (A vulnerability in the web-based management interface of Cisco Prime I ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-1486 (A vulnerability in Cisco SD-WAN vManage Software could allow an unauth ...)
 	NOT-FOR-US: Cisco
 CVE-2021-1485 (A vulnerability in the CLI of Cisco IOS XR Software could allow an aut ...)
@@ -39011,7 +39011,7 @@ CVE-2021-1360 (Multiple vulnerabilities in the web-based management interface of
 CVE-2021-1359
 	RESERVED
 CVE-2021-1358 (A vulnerability in the web-based management interface of Cisco Finesse ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-1357 (Multiple vulnerabilities in Cisco Unified Communications Manager IM &a ...)
 	NOT-FOR-US: Cisco
 CVE-2021-1356 (Multiple vulnerabilities in the web UI of Cisco IOS XE Software could  ...)
@@ -39115,7 +39115,7 @@ CVE-2021-1308 (Multiple vulnerabilities exist in the Link Layer Discovery Protoc
 CVE-2021-1307 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
 	NOT-FOR-US: Cisco
 CVE-2021-1306 (A vulnerability in the restricted shell of Cisco Evolved Programmable  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-1305 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
 	NOT-FOR-US: Cisco
 CVE-2021-1304 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
@@ -39219,7 +39219,7 @@ CVE-2021-1256 (A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD
 CVE-2021-1255 (Multiple vulnerabilities in the REST API endpoint of Cisco Data Center ...)
 	NOT-FOR-US: Cisco
 CVE-2021-1254 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-1253 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
 	NOT-FOR-US: Cisco
 CVE-2021-1252 (A vulnerability in the Excel XLM macro parsing module in Clam AntiViru ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1876a6b964f51bd0abd63b590c0b59a00a63962b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1876a6b964f51bd0abd63b590c0b59a00a63962b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210522/6763bd95/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list