[Git][security-tracker-team/security-tracker][master] Process more NFUs

Tue Nov 30 20:21:29 GMT 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
16e39334 by Salvatore Bonaccorso at 2021-11-30T21:21:05+01:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -593,7 +593,7 @@ CVE-2022-21744
 CVE-2022-21743
 	RESERVED
 CVE-2021-44230 (PortSwigger Burp Suite Enterprise Edition before 2021.11 on Windows ha ...)
-	TODO: check
+	NOT-FOR-US: Burp Suite (different from src:burp)
 CVE-2021-44229
 	RESERVED
 CVE-2021-44228
@@ -1218,7 +1218,7 @@ CVE-2021-44026 (Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a po
 	NOTE: https://github.com/roundcube/roundcubemail/commit/c8947ecb762d9e89c2091bda28d49002817263f1 (1.4.12)
 	NOTE: https://github.com/roundcube/roundcubemail/commit/ee809bde2dcaa04857a919397808a7296681dcfa (1.3.17)
 CVE-2021-43998 (HashiCorp Vault and Vault Enterprise 0.11.0 up to 1.7.5 and 1.8.4 temp ...)
-	TODO: check
+	NOT-FOR-US: HashiCorp Vault
 CVE-2021-43997 (Amazon FreeRTOS 10.2.0 through 10.4.5 on the ARMv7-M and ARMv8-M MPU p ...)
 	NOT-FOR-US: Amazon FreeRTOS
 CVE-2021-43996 (The Ignition component before 1.16.15, and 2.0.x before 2.0.6, for Lar ...)
@@ -3842,7 +3842,7 @@ CVE-2021-43321
 CVE-2021-43320
 	RESERVED
 CVE-2021-43319 (Zoho ManageEngine Network Configuration Manager before 125488 is vulne ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine
 CVE-2021-43318
 	RESERVED
 CVE-2021-43317
@@ -3908,11 +3908,11 @@ CVE-2021-23214
 	NOTE: https://www.postgresql.org/about/news/postgresql-141-135-129-1114-1019-and-9624-released-2349/
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=046c2c846b741a12e7fd61d8d86bf324a20e3dfc (REL9_6_24)
 CVE-2021-43296 (Zoho ManageEngine SupportCenter Plus before 11016 is vulnerable to an  ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine
 CVE-2021-43295 (Zoho ManageEngine SupportCenter Plus before 11016 is vulnerable to Ref ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine
 CVE-2021-43294 (Zoho ManageEngine SupportCenter Plus before 11016 is vulnerable to Ref ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine
 CVE-2021-43293 (Sonatype Nexus Repository Manager 3.x before 3.36.0 allows a remote au ...)
 	NOT-FOR-US: Sonatype
 CVE-2021-43292
@@ -3932,11 +3932,11 @@ CVE-2021-43286
 CVE-2021-43285
 	RESERVED
 CVE-2021-43284 (An issue was discovered on Victure WR1200 devices through 1.0.3. The r ...)
-	TODO: check
+	NOT-FOR-US: Victure WR1200 devices
 CVE-2021-43283 (An issue was discovered on Victure WR1200 devices through 1.0.3. A com ...)
-	TODO: check
+	NOT-FOR-US: Victure WR1200 devices
 CVE-2021-43282 (An issue was discovered on Victure WR1200 devices through 1.0.3. The d ...)
-	TODO: check
+	NOT-FOR-US: Victure WR1200 devices
 CVE-2021-43281 (MyBB before 1.8.29 allows Remote Code Injection by an admin with the " ...)
 	NOT-FOR-US: MyBB
 CVE-2021-43280 (A stack-based buffer overflow vulnerability exists in the DWF file rea ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16e393344e004f8c9573f07548cb8c611731242f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16e393344e004f8c9573f07548cb8c611731242f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211130/68eeed16/attachment-0001.htm>
