[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Oct 21 21:55:38 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
39275650 by Salvatore Bonaccorso at 2021-10-21T22:55:15+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3503,11 +3503,11 @@ CVE-2021-41794 (ogs_fqdn_parse in Open5GS 1.0.0 through 2.3.3 inappropriately tr
 CVE-2021-41793
 	RESERVED
 CVE-2021-41792 (An issue was discovered in Hyland org.alfresco:alfresco-content-servic ...)
-	TODO: check
+	NOT-FOR-US: Hyland org.alfresco:alfresco-content-services
 CVE-2021-41791 (An issue was discovered in Hyland org.alfresco:share through 7.0.0.2 a ...)
-	TODO: check
+	NOT-FOR-US: Hyland org.alfresco:share and Hyland org.alfresco:community-share
 CVE-2021-41790 (An issue was discovered in Hyland org.alfresco:alfresco-content-servic ...)
-	TODO: check
+	NOT-FOR-US: Hyland org.alfresco:alfresco-content-services
 CVE-2021-41789
 	RESERVED
 CVE-2021-41788
@@ -18344,7 +18344,7 @@ CVE-2021-35513 (Mermaid before 8.11.0 allows XSS when the antiscript feature is
 	NOTE: https://github.com/mermaid-js/mermaid/issues/2122
 	NOTE: https://github.com/mermaid-js/mermaid/pull/2123
 CVE-2021-35512 (An SSRF issue was discovered in Zoho ManageEngine Applications Manager ...)
-	TODO: check
+	NOT-FOR-US: Zoho ManageEngine
 CVE-2021-35511
 	RESERVED
 CVE-2021-35510
@@ -19015,13 +19015,13 @@ CVE-2021-35230
 CVE-2021-35229
 	RESERVED
 CVE-2021-35228 (This vulnerability occurred due to missing input sanitization for one  ...)
-	TODO: check
+	NOT-FOR-US: Solarwinds
 CVE-2021-35227 (The HTTP interface was enabled for RabbitMQ Plugin in ARM 2020.2.6 and ...)
-	TODO: check
+	NOT-FOR-US: Solarwinds
 CVE-2021-35226
 	RESERVED
 CVE-2021-35225 (Each authenticated Orion Platform user in a MSP (Managed Service Provi ...)
-	TODO: check
+	NOT-FOR-US: Solarwinds
 CVE-2021-35224
 	RESERVED
 CVE-2021-35223 (The Serv-U File Server allows for events such as user login failures t ...)
@@ -19997,7 +19997,7 @@ CVE-2021-34791
 CVE-2021-34790
 	RESERVED
 CVE-2021-34789 (A vulnerability in the web-based management interface of Cisco Tetrati ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-34788 (A vulnerability in the shared library loading mechanism of Cisco AnyCo ...)
 	NOT-FOR-US: Cisco
 CVE-2021-34787
@@ -20055,7 +20055,7 @@ CVE-2021-34762
 CVE-2021-34761
 	RESERVED
 CVE-2021-34760 (A vulnerability in the web-based management interface of Cisco TelePre ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-34759 (A vulnerability in the web-based management interface of Cisco Identit ...)
 	NOT-FOR-US: Cisco
 CVE-2021-34758 (A vulnerability in the memory management of Cisco TelePresence Collabo ...)
@@ -20089,7 +20089,7 @@ CVE-2021-34745 (A vulnerability in the AppDynamics .NET Agent for Windows could
 CVE-2021-34744 (Multiple vulnerabilities in Cisco Business 220 Series Smart Switches f ...)
 	NOT-FOR-US: Cisco
 CVE-2021-34743 (A vulnerability in the application integration feature of Cisco Webex  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-34742 (A vulnerability in the web-based management interface of Cisco Vision  ...)
 	NOT-FOR-US: Cisco
 CVE-2021-34741
@@ -20099,11 +20099,11 @@ CVE-2021-34740 (A vulnerability in the WLAN Control Protocol (WCP) implementatio
 CVE-2021-34739
 	RESERVED
 CVE-2021-34738 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-34737 (A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco ...)
 	NOT-FOR-US: Cisco
 CVE-2021-34736 (A vulnerability in the web-based management interface of Cisco Integra ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-34735 (Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone  ...)
 	NOT-FOR-US: Cisco
 CVE-2021-34734 (A vulnerability in the Link Layer Discovery Protocol (LLDP) implementa ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/39275650e5164bb3f1bb3390ce3debd12934557a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/39275650e5164bb3f1bb3390ce3debd12934557a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211021/7d29ce96/attachment.htm>

More information about the debian-security-tracker-commits mailing list