[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon Nov 29 14:09:24 GMT 2021
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dbe066bd by Moritz Muehlenhoff at 2021-11-29T15:09:03+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1391,7 +1391,7 @@ CVE-2021-43787
CVE-2021-43786
RESERVED
CVE-2021-43785 (@joeattardi/emoji-button is a Vanilla JavaScript emoji picker componen ...)
- TODO: check
+ NOT-FOR-US: @joeattardi/emoji-button
CVE-2021-43784
RESERVED
CVE-2021-43783
@@ -5590,7 +5590,7 @@ CVE-2021-42787
CVE-2021-42786
RESERVED
CVE-2021-42785 (Buffer Overflow vulnerability in tvnviewer.exe of TightVNC Viewer allo ...)
- TODO: check
+ NOT-FOR-US: TightVNC Viewer
CVE-2021-42784 (OS Command Injection vulnerability in debug_fcgi of D-Link DWR-932C E1 ...)
NOT-FOR-US: D-Link
CVE-2021-42783 (Missing Authentication for Critical Function vulnerability in debug_po ...)
@@ -24190,7 +24190,7 @@ CVE-2021-35535 (Insecure Boot Image vulnerability in Hitachi Energy Relion Relio
CVE-2021-35534 (Insufficient security control vulnerability in internal database acces ...)
NOT-FOR-US: Hitachi
CVE-2021-35533 (Improper Input Validation vulnerability in the APDU parser in the Bidi ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2021-35532
RESERVED
CVE-2021-35531
@@ -32608,7 +32608,7 @@ CVE-2021-3536 (A flaw was found in Wildfly in versions before 23.0.2.Final while
CVE-2021-3535 (Rapid7 Nexpose is vulnerable to a non-persistent cross-site scripting ...)
NOT-FOR-US: Rapid7
CVE-2021-32061 (S3Scanner before 2.0.2 allows Directory Traversal via a crafted bucket ...)
- TODO: check
+ NOT-FOR-US: S3Scanner
CVE-2021-32060
RESERVED
CVE-2021-32059
@@ -32660,7 +32660,7 @@ CVE-2021-32039
CVE-2021-32038
RESERVED
CVE-2021-32037 (An authorized user may trigger an invariant which may result in denial ...)
- TODO: check
+ - mongodb <removed>
CVE-2021-32036
RESERVED
CVE-2021-32035
@@ -53549,7 +53549,7 @@ CVE-2021-23734
CVE-2021-23733
RESERVED
CVE-2021-23732 (This affects all versions of package docker-cli-js. If the command par ...)
- TODO: check
+ NOT-FOR-US: Node docker-cli-js
CVE-2021-23731
RESERVED
CVE-2021-23730
@@ -53667,7 +53667,7 @@ CVE-2021-23675
CVE-2021-23674
RESERVED
CVE-2021-23673 (This affects all versions of package pekeupload. If an attacker induce ...)
- TODO: check
+ NOT-FOR-US: Node pekeupload
CVE-2021-23672
RESERVED
CVE-2021-23671
@@ -53705,7 +53705,7 @@ CVE-2021-23656
CVE-2021-23655
RESERVED
CVE-2021-23654 (This affects all versions of package html-to-csv. When there is a form ...)
- TODO: check
+ NOT-FOR-US: html-to-csv
CVE-2021-23653
RESERVED
CVE-2021-23652
@@ -61959,13 +61959,13 @@ CVE-2021-20850 (PowerCMS XMLRPC API of PowerCMS 5.19 and earlier, PowerCMS 4.49
CVE-2021-20849
RESERVED
CVE-2021-20848 (Cross-site scripting vulnerability in rwtxt versions prior to v1.8.6 a ...)
- TODO: check
+ NOT-FOR-US: rwtxt
CVE-2021-20847
RESERVED
CVE-2021-20846 (Cross-site request forgery (CSRF) vulnerability in Push Notifications ...)
NOT-FOR-US: WordPress plugin
CVE-2021-20845 (Cross-site request forgery (CSRF) vulnerability in Unlimited Sitemap G ...)
- TODO: check
+ NOT-FOR-US: Unlimited Sitemap Generator
CVE-2021-20844 (Improper neutralization of HTTP request headers for scripting syntax v ...)
NOT-FOR-US: RTX830
CVE-2021-20843 (Cross-site script inclusion vulnerability in the Web GUI of RTX830 Rev ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dbe066bd061a424620950bb766f049d5dd6f4a6d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dbe066bd061a424620950bb766f049d5dd6f4a6d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211129/6a8c811b/attachment.htm>
More information about the debian-security-tracker-commits
mailing list