[Git][security-tracker-team/security-tracker][master] Process some NFUs
Neil Williams (@codehelp)
codehelp at debian.org
Mon Jul 4 12:20:40 BST 2022
Neil Williams pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b41af301 by Neil Williams at 2022-07-04T12:20:16+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -77544,7 +77544,7 @@ CVE-2021-32430
CVE-2021-32429
RESERVED
CVE-2021-32428 (SQL Injection vulnerability in viaviwebtech Android EBook App (Books A ...)
- TODO: check
+ NOT-FOR-US: viaviwebtech Android eBook app
CVE-2021-32427
RESERVED
CVE-2021-32426 (In TrendNet TW100-S4W1CA 2.3.32, it is possible to inject arbitrary Ja ...)
@@ -88845,17 +88845,17 @@ CVE-2021-28153 (An issue was discovered in GNOME GLib before 2.66.8. When g_file
[buster] - glib2.0 2.58.3-2+deb10u3
NOTE: https://gitlab.gnome.org/GNOME/glib/-/issues/2325
CVE-2021-3435 (Information leakage in le_ecred_conn_req(). Zephyr versions >= v2.4 ...)
- TODO: check
+ NOT-FOR-US: zephyr-rtos
CVE-2021-3434 (Stack based buffer overflow in le_ecred_conn_req(). Zephyr versions &g ...)
- TODO: check
+ NOT-FOR-US: zephyr-rtos
CVE-2021-3433 (Invalid channel map in CONNECT_IND results to Deadlock. Zephyr version ...)
- TODO: check
+ NOT-FOR-US: zephyr-rtos
CVE-2021-3432 (Invalid interval in CONNECT_IND leads to Division by Zero. Zephyr vers ...)
- TODO: check
+ NOT-FOR-US: zephyr-rtos
CVE-2021-3431 (Assertion reachable with repeated LL_FEATURE_REQ. Zephyr versions > ...)
- TODO: check
+ NOT-FOR-US: zephyr-rtos
CVE-2021-3430 (Assertion reachable with repeated LL_CONNECTION_PARAM_REQ. Zephyr vers ...)
- TODO: check
+ NOT-FOR-US: zephyr-rtos
CVE-2021-3429
RESERVED
{DLA-2601-1}
@@ -92496,17 +92496,17 @@ CVE-2021-26640
CVE-2021-26639
RESERVED
CVE-2021-26638 (Improper Authentication vulnerability in S&D smarthome(smartcare) ...)
- TODO: check
+ NOT-FOR-US: SmartHome Android app
CVE-2021-26637 (There is no account authentication and permission check logic in the f ...)
- TODO: check
+ NOT-FOR-US: SiHAS devices
CVE-2021-26636 (Stored XSS and SQL injection vulnerability in MaxBoard could lead to o ...)
- TODO: check
+ NOT-FOR-US: Maxboard
CVE-2021-26635 (In the code that verifies the file size in the ark library, it is poss ...)
- TODO: check
+ NOT-FOR-US: bandisoft ark library
CVE-2021-26634 (SQL injection and file upload attacks are possible due to insufficient ...)
- TODO: check
+ NOT-FOR-US: Maxboard
CVE-2021-26633 (SQL injection and Local File Inclusion (LFI) vulnerabilities in MaxBoa ...)
- TODO: check
+ NOT-FOR-US: Maxboard
CVE-2021-26632
RESERVED
CVE-2021-26631 (Improper input validation vulnerability in Mangboard commerce package ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b41af3010e1b54b6b59f65e6a210dfea3959446c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b41af3010e1b54b6b59f65e6a210dfea3959446c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220704/f2632b20/attachment.htm>
More information about the debian-security-tracker-commits
mailing list