[Git][security-tracker-team/security-tracker][master] Process some NFUs
Neil Williams (@codehelp)
codehelp at debian.org
Thu Sep 9 13:13:03 BST 2021
Neil Williams pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5147f475 by Neil Williams at 2021-09-09T13:12:45+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -692,7 +692,7 @@ CVE-2021-40506
CVE-2021-40505
RESERVED
CVE-2021-3766 (objection.js is vulnerable to Improperly Controlled Modification of Ob ...)
- TODO: check
+ NOT-FOR-US: Node objection.js
CVE-2021-3765
RESERVED
CVE-2021-40504
@@ -18319,7 +18319,7 @@ CVE-2021-32835 (Eclipse Keti is a service that was designed to protect RESTfuls
CVE-2021-32834 (Eclipse Keti is a service that was designed to protect RESTfuls API us ...)
NOT-FOR-US: Eclipse Keti
CVE-2021-32833 (Emby Server is a personal media server with apps on many devices. In E ...)
- TODO: check
+ NOT-FOR-US: Emby Server
CVE-2021-32832 (Rocket.Chat is an open-source fully customizable communications platfo ...)
NOT-FOR-US: Rocket.Chat
CVE-2021-32831 (Total.js framework (npm package total.js) is a framework for Node.js p ...)
@@ -41642,7 +41642,7 @@ CVE-2021-23406 (This affects the package pac-resolver before 5.0.0. This can occ
CVE-2021-23405 (This affects the package pimcore/pimcore before 10.0.7. This issue exi ...)
NOT-FOR-US: Pimcore
CVE-2021-23404 (This affects all versions of package sqlite-web. The SQL dashboard are ...)
- TODO: check
+ NOT-FOR-US: sqlite-web
CVE-2021-23403 (All versions of package ts-nodash are vulnerable to Prototype Pollutio ...)
NOT-FOR-US: Node ts-nodash
CVE-2021-23402 (All versions of package record-like-deep-assign are vulnerable to Prot ...)
@@ -53787,7 +53787,7 @@ CVE-2021-1930 (Possible out of bounds read due to incorrect validation of incomi
CVE-2021-1929 (Lack of strict validation of bootmode can lead to information disclosu ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2021-1928 (Buffer over read could occur due to incorrect check of buffer size whi ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2021-1927 (Possible use after free due to lack of null check while memory is bein ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2021-1926
@@ -53797,7 +53797,7 @@ CVE-2021-1925 (Possible denial of service scenario due to improper handling of g
CVE-2021-1924
RESERVED
CVE-2021-1923 (Incorrect pointer argument passed to trusted application TA could resu ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2021-1922
RESERVED
CVE-2021-1921
@@ -65831,7 +65831,7 @@ CVE-2020-26302
CVE-2020-26301
RESERVED
CVE-2020-26300 (systeminformation is an npm package that provides system and OS inform ...)
- TODO: check
+ NOT-FOR-US: Node systeminformation
CVE-2020-26299 (ftp-srv is an open-source FTP server designed to be simple yet configu ...)
NOT-FOR-US: Node ftp-srv
CVE-2020-26298 (Redcarpet is a Ruby library for Markdown processing. In Redcarpet befo ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5147f47534492456077c8aa5fb9536f5746c2a86
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5147f47534492456077c8aa5fb9536f5746c2a86
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210909/aefc7751/attachment.htm>
More information about the debian-security-tracker-commits
mailing list