[Git][security-tracker-team/security-tracker][master] Process some NFUs

Neil Williams (@codehelp) codehelp at debian.org
Wed Apr 13 09:02:58 BST 2022 


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7d0adab1 by Neil Williams at 2022-04-13T09:02:29+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -41654,9 +41654,9 @@ CVE-2021-39797 (In several functions of of LauncherApps.java, there is a possibl
 CVE-2021-39796 (In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there  ...)
 	TODO: check
 CVE-2021-39795 (In multiple locations of MediaProvider.java , there is a possible way  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2021-39794 (In broadcastPortInfo of AdbService.java, there is a possible way for a ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2021-39793 (In kbase_jd_user_buf_pin_pages of mali_kbase_mem.c, there is a possibl ...)
 	NOT-FOR-US: Pixel
 CVE-2021-39792 (In usb_gadget_giveback_request of core.c, there is a possible use afte ...)
@@ -48019,11 +48019,11 @@ CVE-2021-37295
 CVE-2021-37294
 	RESERVED
 CVE-2021-37293 (A Directory Traversal vulnerability exists in KevinLAB Inc Building En ...)
-	TODO: check
+	NOT-FOR-US: KevinLAB
 CVE-2021-37292 (An Access Control vulnerability exists in KevinLAB Inc Building Energy ...)
-	TODO: check
+	NOT-FOR-US: KevinLAB
 CVE-2021-37291 (An SQL Injection vulnerability exists in KevinLAB Inc Building Energy  ...)
-	TODO: check
+	NOT-FOR-US: KevinLAB
 CVE-2021-37290
 	RESERVED
 CVE-2021-37289
@@ -50372,19 +50372,19 @@ CVE-2021-36295 (Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain a
 CVE-2021-36294 (Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an auth ...)
 	NOT-FOR-US: Dell
 CVE-2021-36293 (Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2021-36292
 	RESERVED
 CVE-2021-36291
 	RESERVED
 CVE-2021-36290 (Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2021-36289 (Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain a sensi ...)
 	NOT-FOR-US: Dell
 CVE-2021-36288 (Dell VNX2 for File version 8.1.21.266 and earlier, contain a path trav ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2021-36287 (Dell VNX2 for file version 8.1.21.266 and earlier, contain an unauthen ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2021-36286 (Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions  ...)
 	NOT-FOR-US: Dell SupportAssist Client Consumer
 CVE-2021-36285 (Dell BIOS contains an Improper Restriction of Excessive Authentication ...)
@@ -50584,7 +50584,7 @@ CVE-2021-36204
 CVE-2021-36203
 	RESERVED
 CVE-2021-36202 (Server-Side Request Forgery (SSRF) vulnerability in Johnson Controls M ...)
-	TODO: check
+	NOT-FOR-US: Johnson Controls Metasys
 CVE-2021-36201
 	RESERVED
 CVE-2021-36200
@@ -55242,7 +55242,7 @@ CVE-2021-34252
 CVE-2021-34251
 	RESERVED
 CVE-2021-34250 (An issue was discovered in baijiacms v4. There is a CSRF vulnerability ...)
-	TODO: check
+	NOT-FOR-US: baijiacms
 CVE-2021-34249
 	RESERVED
 CVE-2021-34248
@@ -59386,7 +59386,7 @@ CVE-2021-32595 (Multiple uncontrolled resource consumption vulnerabilities in th
 CVE-2021-32594 (An unrestricted file upload vulnerability in the web interface of Fort ...)
 	NOT-FOR-US: FortiPortal
 CVE-2021-32593 (A use of a broken or risky cryptographic algorithm vulnerability [CWE- ...)
-	TODO: check
+	NOT-FOR-US: FortiWAN
 CVE-2021-32592 (An unsafe search path vulnerability in FortiClientWindows 7.0.0, 6.4.6 ...)
 	NOT-FOR-US: FortiGuard
 CVE-2021-32591 (A missing cryptographic steps vulnerability in the function that encry ...)
@@ -59402,7 +59402,7 @@ CVE-2021-32587 (An improper access control vulnerability in FortiManager and For
 CVE-2021-32586 (An improper input validation vulnerability in the web server CGI facil ...)
 	NOT-FOR-US: FortiGuard
 CVE-2021-32585 (An improper neutralization of input during web page generation vulnera ...)
-	TODO: check
+	NOT-FOR-US: FortiWAN
 CVE-2021-32584
 	RESERVED
 CVE-2021-32583



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d0adab1d54f5036ccecd3f60fbca82f417231e6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d0adab1d54f5036ccecd3f60fbca82f417231e6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220413/1fde40a5/attachment.htm>

More information about the debian-security-tracker-commits mailing list