[Git][security-tracker-team/security-tracker][master] Process some NFUs

Neil Williams (@codehelp) codehelp at debian.org
Mon Nov 1 14:15:22 GMT 2021 


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8b1746cb by Neil Williams at 2021-11-01T14:15:04+00:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -19316,7 +19316,7 @@ CVE-2021-3620
 CVE-2021-35500
 	RESERVED
 CVE-2021-35499 (The Web Reporting component of TIBCO Software Inc.'s TIBCO Nimbus cont ...)
-	TODO: check
+	NOT-FOR-US: TIBCO
 CVE-2021-35498 (The TIBCO EBX Web Server component of TIBCO Software Inc.'s TIBCO EBX, ...)
 	NOT-FOR-US: TIBCO
 CVE-2021-35497 (The FTL Server (tibftlserver) and Docker images containing tibftlserve ...)
@@ -49032,15 +49032,16 @@ CVE-2021-23454
 CVE-2021-23453
 	RESERVED
 CVE-2021-23452 (This affects all versions of package x-assign. The global proto object ...)
-	TODO: check
+	NOT-FOR-US:  x-assign JS
 CVE-2021-23451
 	RESERVED
 CVE-2021-23450
 	RESERVED
 CVE-2021-23449 (This affects the package vm2 before 3.9.4 via a Prototype Pollution at ...)
-	TODO: check
+	NOT-FOR-US: vm2 JS
+	NOTE: https://github.com/patriksimek/vm2
 CVE-2021-23448 (All versions of package config-handler are vulnerable to Prototype Pol ...)
-	TODO: check
+	NOT-FOR-US: config-handler JS
 CVE-2021-23447 (This affects the package teddy before 0.5.9. A type confusion vulnerab ...)
 	NOT-FOR-US: teddy templating engine
 CVE-2021-23446 (The package handsontable before 10.0.0; the package handsontable from  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b1746cb0d0f8bbb0d0c05300918d98b34fcaa22

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b1746cb0d0f8bbb0d0c05300918d98b34fcaa22
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211101/f9cdfc9d/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list