[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Oct 12 21:20:03 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4b4d70b9 by Salvatore Bonaccorso at 2021-10-12T22:19:40+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4390,17 +4390,17 @@ CVE-2021-40502
CVE-2021-40501
RESERVED
CVE-2021-40500 (SAP BusinessObjects Business Intelligence Platform (Crystal Reports) - ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-40499 (Client-side printing services SAP Cloud Print Manager and SAPSprint fo ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-40498 (A vulnerability has been identified in SAP SuccessFactors Mobile Appli ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-40497 (SAP BusinessObjects Analysis (edition for OLAP) - versions 420, 430, a ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-40496 (SAP Internet Communication framework (ICM) - versions 700, 701, 702, 7 ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-40495 (There are multiple Denial-of Service vulnerabilities in SAP NetWeaver ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-40494 (A Hardcoded JWT Secret Key in metadata.py in AdaptiveScale LXDUI throu ...)
NOT-FOR-US: AdaptiveScale LXDUI
CVE-2021-40493
@@ -8125,7 +8125,7 @@ CVE-2021-38917
CVE-2021-38916
RESERVED
CVE-2021-38915 (IBM Data Risk Manager 2.0.6 stores user credentials in plain clear tex ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2021-38914
RESERVED
CVE-2021-38913
@@ -8231,7 +8231,7 @@ CVE-2021-38864 (IBM Security Verify Bridge 1.0.5.0 could allow a user to obtain
CVE-2021-38863 (IBM Security Verify Bridge 1.0.5.0 stores user credentials in plain cl ...)
NOT-FOR-US: IBM
CVE-2021-38862 (IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptogra ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2021-38861
RESERVED
CVE-2021-38860
@@ -9875,17 +9875,17 @@ CVE-2021-38185 (GNU cpio through 2.13 allows attackers to execute arbitrary code
CVE-2021-38184
RESERVED
CVE-2021-38183 (SAP NetWeaver - versions 700, 701, 702, 730, does not sufficiently enc ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-38182
RESERVED
CVE-2021-38181 (SAP NetWeaver AS ABAP and ABAP Platform - versions 700, 701, 702, 730, ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-38180 (SAP Business One - version 10.0, allows an attacker to inject formulas ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-38179 (Debug function of Admin UI of SAP Business One Integration is enabled ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-38178 (The software logistics system of SAP NetWeaver AS ABAP and ABAP Platfo ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2021-38177 (SAP CommonCryptoLib version 8.5.38 or lower is vulnerable to null poin ...)
NOT-FOR-US: SAP
CVE-2021-38176 (Due to improper input sanitization, an authenticated user with certain ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4b4d70b9e46c6ac440099b223df47c0eaf8b2189
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4b4d70b9e46c6ac440099b223df47c0eaf8b2189
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211012/c6874abb/attachment.htm>
More information about the debian-security-tracker-commits
mailing list