[Git][security-tracker-team/security-tracker][master] Process some NFUs
Neil Williams (@codehelp)
codehelp at debian.org
Thu Jan 27 11:09:14 GMT 2022
Neil Williams pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c5eb7fa8 by Neil Williams at 2022-01-27T11:08:50+00:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21695,7 +21695,7 @@ CVE-2021-41791 (An issue was discovered in Hyland org.alfresco:share through 7.0
CVE-2021-41790 (An issue was discovered in Hyland org.alfresco:alfresco-content-servic ...)
NOT-FOR-US: Hyland org.alfresco:alfresco-content-services
CVE-2021-41789 (In wifi driver, there is a possible system crash due to a missing vali ...)
- TODO: check
+ NOT-FOR-US: Mediatek devices
CVE-2021-41788 (MediaTek microchips, as used in NETGEAR devices through 2021-12-13 and ...)
NOT-FOR-US: Netgear
CVE-2021-3840 (A dependency confusion vulnerability was reported in the Antilles open ...)
@@ -22146,7 +22146,7 @@ CVE-2021-41600
CVE-2021-41599
RESERVED
CVE-2021-41598 (A UI misrepresentation vulnerability was identified in GitHub Enterpri ...)
- TODO: check
+ NOT-FOR-US: GitHub Enterprise Server
CVE-2021-41597 (SuiteCRM through 7.11.21 is vulnerable to CSRF, with resultant remote ...)
NOT-FOR-US: SuiteCRM
CVE-2021-41596 (SuiteCRM before 7.10.33 and 7.11.22 allows information disclosure via ...)
@@ -23180,7 +23180,7 @@ CVE-2021-41168 (Snudown is a reddit-specific fork of the Sundown Markdown parser
CVE-2021-41167 (modern-async is an open source JavaScript tooling library for asynchro ...)
NOT-FOR-US: modern-async
CVE-2021-41166 (The Nextcloud Android app is the Android client for Nextcloud, a self- ...)
- TODO: check
+ NOT-FOR-US: Nextcloud Android app
CVE-2021-41165 (CKEditor4 is an open source WYSIWYG HTML editor. In affected version a ...)
- ckeditor <unfixed> (bug #999909)
[bullseye] - ckeditor <no-dsa> (Minor issue)
@@ -26824,7 +26824,7 @@ CVE-2021-39661
CVE-2021-39660
RESERVED
CVE-2021-39659 (In sortSimPhoneAccountsForEmergency of CreateConnectionProcessor.java, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-39658
RESERVED
CVE-2021-39657 (In ufshcd_eh_device_reset_handler of ufshcd.c, there is a possible out ...)
@@ -26918,7 +26918,7 @@ CVE-2021-39625 (In showCarrierAppInstallationNotification of EuiccNotificationMa
CVE-2021-39624
RESERVED
CVE-2021-39623 (In doRead of SimpleDecodingSource.cpp, there is a possible out of boun ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2021-39622 (In GBoard, there is a possible way to bypass Factory Reset Protection ...)
NOT-FOR-US: Android
CVE-2021-39621 (In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there ...)
@@ -27704,7 +27704,7 @@ CVE-2021-39308 (The WooCommerce myghpay Payment Gateway WordPess plugin is vulne
CVE-2021-39307 (PDFTron's WebViewer UI 8.0 or below renders dangerous URLs as hyperlin ...)
NOT-FOR-US: PDFTron WebViewer UI
CVE-2021-39306 (A stack buffer overflow was discovered on Realtek RTL8195AM device bef ...)
- TODO: check
+ NOT-FOR-US: Realtek
CVE-2021-39305
RESERVED
CVE-2021-39304 (Proofpoint Enterprise Protection before 8.12.0-2108090000 allows secur ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5eb7fa8e8de1926b0b24b87f2f25b2894dec35a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5eb7fa8e8de1926b0b24b87f2f25b2894dec35a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220127/0f10b80f/attachment.htm>
More information about the debian-security-tracker-commits
mailing list