[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Sep 27 21:42:52 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
891868e7 by Salvatore Bonaccorso at 2021-09-27T22:42:25+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12949,7 +12949,7 @@ CVE-2021-36136
 CVE-2021-36135
 	RESERVED
 CVE-2021-36134 (Out of bounds write vulnerability in the JPEG parsing code of Netop Vi ...)
-	TODO: check
+	NOT-FOR-US: McAfee
 CVE-2021-36133
 	RESERVED
 CVE-2021-36132 (An issue was discovered in the FileImporter extension in MediaWiki thr ...)
@@ -16583,7 +16583,7 @@ CVE-2021-34572 (Enbra EWM 1.7.29 does not check for or detect replay attacks sen
 CVE-2021-34571 (Multiple Wireless M-Bus devices by Enbra use Hard-coded Credentials in ...)
 	NOT-FOR-US: Enbra
 CVE-2021-34570 (Multiple Phoenix Contact PLCnext control devices in versions prior to  ...)
-	TODO: check
+	NOT-FOR-US: Phoenix Contact PLCnext control devices
 CVE-2021-34569
 	RESERVED
 CVE-2021-34568
@@ -16993,19 +16993,19 @@ CVE-2021-34417
 CVE-2021-34416 (The network address administrative settings web portal for the Zoom on ...)
 	TODO: check
 CVE-2021-34415 (The Zone Controller service in the Zoom On-Premise Meeting Connector C ...)
-	TODO: check
+	NOT-FOR-US: Zoom On-Premise Meeting Connector Controller
 CVE-2021-34414 (The network proxy page on the web portal for the Zoom on-premise Meeti ...)
-	TODO: check
+	NOT-FOR-US: Zoom On-Premise Meeting Connector Controller
 CVE-2021-34413 (All versions of the Zoom Plugin for Microsoft Outlook for MacOS before ...)
-	TODO: check
+	NOT-FOR-US: Zoom Plugin for Microsoft Outlook for MacOS
 CVE-2021-34412 (During the installation process for all versions of the Zoom Client fo ...)
 	TODO: check
 CVE-2021-34411 (During the installation process forZoom Rooms for Conference Room for  ...)
 	TODO: check
 CVE-2021-34410 (A user-writable application bundle unpacked during the install for all ...)
-	TODO: check
+	NOT-FOR-US: Zoom Plugin for Microsoft Outlook for Mac
 CVE-2021-34409 (User-writable pre and post-install scripts unpacked during the Zoom Cl ...)
-	TODO: check
+	NOT-FOR-US: Zoom Plugin for Microsoft Outlook for Mac
 CVE-2021-34408 (The Zoom Client for Meetings for Windows in all versions before versio ...)
 	TODO: check
 CVE-2021-34407
@@ -31786,7 +31786,7 @@ CVE-2021-28615 (Adobe After Effects version 18.2 (and earlier) is affected by an
 CVE-2021-28614 (Adobe After Effects version 18.2 (and earlier) is affected by an Our-o ...)
 	NOT-FOR-US: Adobe
 CVE-2021-28613 (Adobe Creative Cloud Desktop Application version 5.4 (and earlier) is  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-28612 (Adobe After Effects version 18.2 (and earlier) is affected by an Our-o ...)
 	NOT-FOR-US: Adobe
 CVE-2021-28611 (Adobe After Effects version 18.2 (and earlier) is affected by an Our-o ...)
@@ -36577,7 +36577,7 @@ CVE-2021-26589
 CVE-2021-26588
 	RESERVED
 CVE-2021-26587 (A potential DOM-based Cross Site Scripting security vulnerability has  ...)
-	TODO: check
+	NOT-FOR-US: HPE StoreOnce
 CVE-2021-26586 (A potential security vulnerability has been identified in the HPE Edge ...)
 	NOT-FOR-US: HPE
 CVE-2021-26585 (A potential vulnerability has been identified in HPE OneView Global Da ...)
@@ -41367,9 +41367,9 @@ CVE-2021-24673
 CVE-2021-24672
 	RESERVED
 CVE-2021-24671 (The MX Time Zone Clocks WordPress plugin before 3.4.1 does not escape  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24670 (The CoolClock WordPress plugin before 4.3.5 does not escape some short ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24669
 	RESERVED
 CVE-2021-24668
@@ -41377,7 +41377,7 @@ CVE-2021-24668
 CVE-2021-24667 (A stored cross-site scripting vulnerability has been discovered in : S ...)
 	NOT-FOR-US: FortiGuard
 CVE-2021-24666 (The Podlove Podcast Publisher WordPress plugin before 3.5.6 contains a ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24665 (The WP Video Lightbox WordPress plugin before 1.9.3 does not escape th ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24664
@@ -41387,11 +41387,11 @@ CVE-2021-24663 (The Simple Schools Staff Directory WordPress plugin through 1.1
 CVE-2021-24662
 	RESERVED
 CVE-2021-24661 (The PostX – Gutenberg Blocks for Post Grid WordPress plugin befo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24660 (The PostX – Gutenberg Blocks for Post Grid WordPress plugin befo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24659 (The PostX – Gutenberg Blocks for Post Grid WordPress plugin befo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24658 (The Erident Custom Login and Dashboard WordPress plugin before 3.5.9 d ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24657 (The Limit Login Attempts WordPress plugin before 4.0.50 does not escap ...)
@@ -41405,7 +41405,7 @@ CVE-2021-24654
 CVE-2021-24653
 	RESERVED
 CVE-2021-24652 (The PostX – Gutenberg Blocks for Post Grid WordPress plugin befo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24651
 	RESERVED
 CVE-2021-24650
@@ -41423,7 +41423,7 @@ CVE-2021-24645
 CVE-2021-24644
 	RESERVED
 CVE-2021-24643 (The WP Map Block WordPress plugin before 1.2.3 does not escape some at ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24642
 	RESERVED
 CVE-2021-24641
@@ -41441,11 +41441,11 @@ CVE-2021-24636 (The Print My Blog WordPress Plugin before 3.4.2 does not enforce
 CVE-2021-24635 (The Visual Link Preview WordPress plugin before 2.2.3 does not enforce ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24634 (The Recipe Card Blocks by WPZOOM WordPress plugin before 2.8.3 does no ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24633 (The Countdown Block WordPress plugin before 1.1.2 does not have author ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24632 (The Recipe Card Blocks by WPZOOM WordPress plugin before 2.8.1 does no ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24631
 	RESERVED
 CVE-2021-24630
@@ -41489,7 +41489,7 @@ CVE-2021-24612
 CVE-2021-24611 (The Keyword Meta WordPress plugin through 3.0 does not sanitise of esc ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24610 (The TranslatePress WordPress plugin before 2.0.9 does not implement a  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24609 (The WP Mapa Politico Espana WordPress plugin before 3.7.0 does not san ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24608
@@ -41571,7 +41571,7 @@ CVE-2021-24571 (The HD Quiz WordPress plugin before 1.8.4 does not escape some o
 CVE-2021-24570
 	RESERVED
 CVE-2021-24569 (The Cookie Notice & Compliance for GDPR / CCPA WordPress plugin be ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24568 (The AddToAny Share Buttons WordPress plugin before 1.7.46 does not san ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24567



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/891868e7ef02f4dba7e26a997a8cbfa3da079690

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/891868e7ef02f4dba7e26a997a8cbfa3da079690
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210927/3fe2af39/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list