[Git][security-tracker-team/security-tracker][master] Process some NFUs and mark CVE-2021-3382{7,8} as ownload <removed>
Neil Williams (@codehelp)
codehelp at debian.org
Thu Jan 27 10:39:47 GMT 2022
Neil Williams pushed to branch master at Debian Security Tracker / security-tracker
Commits:
57b57c44 by Neil Williams at 2022-01-27T10:39:06+00:00
Process some NFUs and mark CVE-2021-3382{7,8} as ownload <removed>
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -31375,9 +31375,9 @@ CVE-2021-37943
CVE-2021-37942
RESERVED
CVE-2021-37941 (A local privilege escalation issue was found with the APM Java agent, ...)
- TODO: check
+ NOT-FOR-US: Elastic APM Java agent
CVE-2021-37940 (An information disclosure via GET request server-side request forgery ...)
- TODO: check
+ NOT-FOR-US: Workplace Search GHES integration
CVE-2021-37939 (It was discovered that Kibana’s JIRA connector & IBM Resilie ...)
NOT-FOR-US: IBM
CVE-2021-37938 (It was discovered that on Windows operating systems specifically, Kiba ...)
@@ -34088,11 +34088,11 @@ CVE-2021-36783
CVE-2021-36782
RESERVED
CVE-2021-36781 (A Incorrect Default Permissions vulnerability in the parsec package of ...)
- TODO: check
+ NOT-FOR-US: Parsec
CVE-2021-36780 (A Improper Access Control vulnerability in longhorn of SUSE Longhorn a ...)
- TODO: check
+ NOT-FOR-US: Longhorn
CVE-2021-36779 (A Improper Access Control vulnerability inf SUSE Longhorn allows any w ...)
- TODO: check
+ NOT-FOR-US: Longhorn
CVE-2021-36778
RESERVED
CVE-2021-36777
@@ -35610,7 +35610,7 @@ CVE-2021-36135
CVE-2021-36134 (Out of bounds write vulnerability in the JPEG parsing code of Netop Vi ...)
NOT-FOR-US: McAfee
CVE-2021-36133 (The OPTEE-OS CSU driver for NXP i.MX SoC devices lacks security access ...)
- TODO: check
+ NOT-FOR-US: OP-TEE
CVE-2021-36132 (An issue was discovered in the FileImporter extension in MediaWiki thr ...)
NOT-FOR-US: FileImport MediaWiki extension
NOTE: https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/M7MVMBYMLNIVLHCWL2KKZGH36HYN4YON/
@@ -41038,9 +41038,9 @@ CVE-2021-33829 (A cross-site scripting (XSS) vulnerability in the HTML Data Proc
NOTE: https://ckeditor.com/blog/ckeditor-4.16.1-with-accessibility-enhancements/#improvements-for-comments-in-html-parser
NOTE: https://github.com/ckeditor/ckeditor4/commit/3e426ce34f7fc7bf784624358831ef9e189bb6ed
CVE-2021-33828 (The files_antivirus component before 1.0.0 for ownCloud mishandles the ...)
- TODO: check
+ - owncloud <removed>
CVE-2021-33827 (The files_antivirus component before 1.0.0 for ownCloud allows OS Comm ...)
- TODO: check
+ - owncloud <removed>
CVE-2021-33826
RESERVED
CVE-2021-33825
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57b57c44fdba5a6d65db72fbe1369bad96dae2b8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57b57c44fdba5a6d65db72fbe1369bad96dae2b8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220127/b6ea2b0b/attachment.htm>
More information about the debian-security-tracker-commits
mailing list