[Git][security-tracker-team/security-tracker][master] Process NFUs

Neil Williams (@codehelp) codehelp at debian.org
Fri Feb 11 13:40:31 GMT 2022 


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
432f481a by Neil Williams at 2022-02-11T13:40:10+00:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -24131,7 +24131,7 @@ CVE-2021-42009 (An authenticated Apache Traffic Control Traffic Ops user with Po
 CVE-2021-3862 (icecoder is vulnerable to Improper Neutralization of Input During Web  ...)
 	NOT-FOR-US: icecoder
 CVE-2021-3861 (The RNDIS USB device class includes a buffer overflow vulnerability. Z ...)
-	TODO: check
+	NOT-FOR-US: zephyr-rtos
 CVE-2021-3860 (JFrog Artifactory before 7.25.4 (Enterprise+ deployments only), is vul ...)
 	NOT-FOR-US: JFrog Artifactory
 CVE-2021-3859
@@ -24780,7 +24780,7 @@ CVE-2021-3836 (dbeaver is vulnerable to Improper Restriction of XML External Ent
 	- dbeaver <itp> (bug #680987)
 	NOTE: https://github.com/dbeaver/dbeaver/commit/4debf8f25184b7283681ed3fb5e9e887d9d4fe22
 CVE-2021-3835 (Buffer overflow in usb device class. Zephyr versions >= v2.6.0 cont ...)
-	TODO: check
+	NOT-FOR-US: zephyr-rtos
 CVE-2021-3834 (Integria IMS in its 5.0.92 version does not filter correctly some fiel ...)
 	NOT-FOR-US: Integria IMS
 CVE-2021-3833 (Integria IMS login check uses a loose comparator ("==") to compare the ...)
@@ -25790,7 +25790,7 @@ CVE-2021-3815 (utils.js is vulnerable to Improperly Controlled Modification of O
 CVE-2021-3814
 	RESERVED
 CVE-2021-3813 (Improper Privilege Management in GitHub repository chatwoot/chatwoot p ...)
-	TODO: check
+	NOT-FOR-US: chatwoot
 CVE-2021-41314 (Certain NETGEAR smart switches are affected by a \n injection in the w ...)
 	NOT-FOR-US: NETGEAR
 CVE-2021-41313 (Affected versions of Atlassian Jira Server and Data Center allow authe ...)
@@ -62500,7 +62500,7 @@ CVE-2021-26677 (A local authenticated escalation of privilege vulnerability was
 CVE-2021-3399
 	RESERVED
 CVE-2021-3398 (Stormshield Network Security (SNS) 3.x has an Integer Overflow in the  ...)
-	TODO: check
+	NOT-FOR-US: Stormshield Network Security (SNS)
 CVE-2021-3397
 	RESERVED
 CVE-2021-3396 (OpenNMS Meridian 2016, 2017, 2018 before 2018.1.25, 2019 before 2019.1 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/432f481a32afb67b1891c99d8bd6f5cb91078c2e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/432f481a32afb67b1891c99d8bd6f5cb91078c2e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220211/c5bec26f/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list