[Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs

Neil Williams (@codehelp) codehelp at debian.org
Wed Jun 1 09:24:18 BST 2022 


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d5afb2f6 by Neil Williams at 2022-06-01T09:23:57+01:00
Process some NFUs

- - - - -
ca083b92 by Neil Williams at 2022-06-01T09:23:59+01:00
CVE-2021-42195 to 42200 / swftools removed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -45431,17 +45431,23 @@ CVE-2021-42202 (An issue was discovered in swftools through 20201222. A NULL poi
 CVE-2021-42201 (An issue was discovered in swftools through 20201222. A heap-buffer-ov ...)
 	TODO: check
 CVE-2021-42200 (An issue was discovered in swftools through 20201222. A NULL pointer d ...)
-	TODO: check
+	- swftools <removed>
+	NOTE: https://github.com/matthiaskramm/swftools/issues/170
 CVE-2021-42199 (An issue was discovered in swftools through 20201222. A heap buffer ov ...)
-	TODO: check
+	- swftools <removed>
+	NOTE: https://github.com/matthiaskramm/swftools/issues/173
 CVE-2021-42198 (An issue was discovered in swftools through 20201222. A NULL pointer d ...)
-	TODO: check
+	- swftools <removed>
+	NOTE: https://github.com/matthiaskramm/swftools/issues/168
 CVE-2021-42197 (An issue was discovered in swftools through 20201222 through a memory  ...)
-	TODO: check
+	- swftools <removed>
+	NOTE: https://github.com/matthiaskramm/swftools/issues/177
 CVE-2021-42196 (An issue was discovered in swftools through 20201222. A NULL pointer d ...)
-	TODO: check
+	- swftools <removed>
+	NOTE: https://github.com/matthiaskramm/swftools/issues/172
 CVE-2021-42195 (An issue was discovered in swftools through 20201222. A heap-buffer-ov ...)
-	TODO: check
+	- swftools <removed>
+	NOTE: https://github.com/matthiaskramm/swftools/issues/174
 CVE-2021-42194 (The wechat_return function in /controller/Index.php of EyouCms V1.5.4- ...)
 	NOT-FOR-US: Eyoucms
 CVE-2021-42193
@@ -64899,7 +64905,7 @@ CVE-2021-34362 (A command injection vulnerability has been reported to affect QN
 CVE-2021-34361 (A cross-site scripting (XSS) vulnerability has been reported to affect ...)
 	NOT-FOR-US: QNAP
 CVE-2021-34360 (A cross-site request forgery (CSRF) vulnerability has been reported to ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2021-34359 (A cross-site scripting (XSS) vulnerability has been reported to affect ...)
 	NOT-FOR-US: QNAP
 CVE-2021-34358 (We have already fixed this vulnerability in the following versions of  ...)
@@ -67806,7 +67812,7 @@ CVE-2021-33188
 CVE-2021-33187
 	RESERVED
 CVE-2021-3555 (A Buffer Overflow vulnerability in the RSTP server component of Eufy I ...)
-	TODO: check
+	NOT-FOR-US: Eufy 2K Indoor Camera
 CVE-2021-33186 (SerenityOS in test-crypto.cpp contains a stack buffer overflow which c ...)
 	NOT-FOR-US: SerenityOS
 CVE-2021-33185 (SerenityOS contains a buffer overflow in the set_range test in TestBit ...)
@@ -82055,9 +82061,9 @@ CVE-2021-27783 (User generated PPKG file for Bulk Enroll may have unencrypted se
 CVE-2021-27782
 	RESERVED
 CVE-2021-27781 (The Master operator may be able to embed script tag in HTML with alert ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2021-27780 (The software may be vulnerable to both Un-Auth XML interaction and una ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2021-27779 (VersionVault Express exposes sensitive information that an attacker ca ...)
 	NOT-FOR-US: HCL
 CVE-2021-27778 (HCL Traveler is vulnerable to a cross-site scripting (XSS) caused by i ...)
@@ -111864,7 +111870,7 @@ CVE-2020-28248 (An integer overflow in the PngImg::InitStorage_() function of pn
 CVE-2020-28247 (The lettre library through 0.10.0-alpha for Rust allows arbitrary send ...)
 	NOT-FOR-US: Node lettre
 CVE-2020-28246 (A Server-Side Template Injection (SSTI) was discovered in Form.io 2.0. ...)
-	TODO: check
+	NOT-FOR-US: Form.io
 CVE-2020-28245
 	RESERVED
 CVE-2020-28244



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/319de1caf6b84b2c71fc6396c987139109a99ce4...ca083b9281bf89f6449a0c24e850b74fb677b122

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/319de1caf6b84b2c71fc6396c987139109a99ce4...ca083b9281bf89f6449a0c24e850b74fb677b122
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220601/4e4558b8/attachment.htm>

More information about the debian-security-tracker-commits mailing list