[Git][security-tracker-team/security-tracker][master] Process some NFUs

Neil Williams (@codehelp) codehelp at debian.org
Thu Feb 3 10:44:07 GMT 2022 


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f87ee0cc by Neil Williams at 2022-02-03T10:43:46+00:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -22856,15 +22856,15 @@ CVE-2021-41843 (An authenticated SQL injection issue in the calendar search func
 CVE-2021-41842 (An issue was discovered in AtaLegacySmm in the kernel 5.0 before 05.08 ...)
 	NOT-FOR-US: Insyde
 CVE-2021-41841 (A vulnerability exists in SMM (System Management Mode) branch that reg ...)
-	TODO: check
+	NOT-FOR-US: Insyde
 CVE-2021-41840 (A vulnerability exists in SMM (System Management Mode) branch that reg ...)
-	TODO: check
+	NOT-FOR-US: Insyde
 CVE-2021-41839 (A vulnerability exists in SMM (System Management Mode) branch that reg ...)
-	TODO: check
+	NOT-FOR-US: Insyde
 CVE-2021-41838 (An unsafe pointer vulnerability exists in SMM (System Management Mode) ...)
-	TODO: check
+	NOT-FOR-US: Insyde
 CVE-2021-41837 (An unsafe pointer vulnerability exists in SMM (System Management Mode) ...)
-	TODO: check
+	NOT-FOR-US: Insyde
 CVE-2021-41833 (Zoho ManageEngine Patch Connect Plus before 90099 is vulnerable to una ...)
 	NOT-FOR-US: Zoho ManageEngine
 CVE-2021-3848 (An arbitrary file creation by privilege escalation vulnerability in Tr ...)
@@ -57745,7 +57745,7 @@ CVE-2021-27973 (SQL injection exists in Piwigo before 11.4.0 via the language pa
 CVE-2021-27972
 	RESERVED
 CVE-2021-27971 (Alps Alpine Touchpad Driver 10.3201.101.215 is vulnerable to DLL Injec ...)
-	TODO: check
+	NOT-FOR-US: Alps Alpine Touchpad Driver
 CVE-2021-27970
 	RESERVED
 CVE-2021-27969 (Dolphin CMS 7.4.2 is vulnerable to stored XSS via the Page Builder "wi ...)
@@ -67994,7 +67994,7 @@ CVE-2021-23762
 CVE-2021-23761
 	RESERVED
 CVE-2021-23760 (The package keyget from 0.0.0 are vulnerable to Prototype Pollution vi ...)
-	TODO: check
+	NOT-FOR-US: Node keyget
 CVE-2021-23759
 	RESERVED
 CVE-2021-23758 (All versions of package ajaxpro.2 are vulnerable to Deserialization of ...)
@@ -68403,7 +68403,7 @@ CVE-2021-23560
 CVE-2021-23559
 	RESERVED
 CVE-2021-23558 (The package bmoor before 0.10.1 are vulnerable to Prototype Pollution  ...)
-	TODO: check
+	NOT-FOR-US: Node bmoor
 CVE-2021-23557
 	RESERVED
 CVE-2021-23556



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f87ee0cc64724edcef124714af250342567587ef

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f87ee0cc64724edcef124714af250342567587ef
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220203/31ba1fba/attachment.htm>

More information about the debian-security-tracker-commits mailing list