[Git][security-tracker-team/security-tracker][master] Process more NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Mar 3 20:40:13 GMT 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d51bf0b6 by Salvatore Bonaccorso at 2022-03-03T21:39:50+01:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -24806,7 +24806,7 @@ CVE-2021-42952 (Zepl Notebooks before 2021-10-25 are affected by a sandbox escap
 CVE-2021-42951 (A Remote Code Execution (RCE) vulnerability exists in Algorithmia MSOL ...)
 	NOT-FOR-US: Algorithmia MSOL
 CVE-2021-42950 (Remote Code Execution (RCE) vulnerability exists in Zepl Notebooks all ...)
-	TODO: check
+	NOT-FOR-US: Zepl
 CVE-2021-42949
 	RESERVED
 CVE-2021-42948
@@ -30755,13 +30755,13 @@ CVE-2021-41005
 CVE-2021-41004
 	RESERVED
 CVE-2021-41003 (Multiple unauthenticated command injection vulnerabilities were discov ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2021-41002 (Multiple authenticated remote path traversal vulnerabilities were disc ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2021-41001 (An authenticated remote code execution vulnerability was discovered in ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2021-41000 (Multiple authenticated remote code execution vulnerabilities were disc ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2021-40999 (A remote arbitrary command execution vulnerability was discovered in A ...)
 	NOT-FOR-US: Aruba
 CVE-2021-40998 (A remote arbitrary command execution vulnerability was discovered in A ...)
@@ -31631,11 +31631,11 @@ CVE-2021-40639 (Improper access control in Jfinal CMS 5.1.0 allows attackers to
 CVE-2021-40638
 	RESERVED
 CVE-2021-40637 (OS4ED openSIS 8.0 is affected by cross-site scripting (XSS) in EmailCh ...)
-	TODO: check
+	NOT-FOR-US: openSIS
 CVE-2021-40636 (OS4ED openSIS 8.0 is affected by SQL Injection in CheckDuplicateName.p ...)
-	TODO: check
+	NOT-FOR-US: openSIS
 CVE-2021-40635 (OS4ED openSIS 8.0 is affected by SQL injection in ChooseCpSearch.php,  ...)
-	TODO: check
+	NOT-FOR-US: openSIS
 CVE-2021-40634
 	RESERVED
 CVE-2021-40633
@@ -37476,19 +37476,19 @@ CVE-2021-38271
 CVE-2021-38270
 	RESERVED
 CVE-2021-38269 (Liferay Portal through v7.4.0 and Liferay DXP through v7.1 were discov ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2021-38268 (The Dynamic Data Mapping module in Liferay Portal through v7.3.6 and L ...)
 	NOT-FOR-US: Liferay
 CVE-2021-38267 (Liferay Portal through v7.3.6 and Liferay DXP through v7.3 were discov ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2021-38266 (Liferay Portal through v7.2.1 and Liferay DXP through v7.2 does not co ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2021-38265 (Liferay Portal v7.3.6 and below and Liferay DXP v7.3 and below were di ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2021-38264 (Liferay Portal v7.4.1 and below was discovered to contain a cross-site ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2021-38263 (Liferay Portal v7.3.2 and below and Liferay DXP v7.0 and below were di ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2021-38262
 	RESERVED
 CVE-2021-38261
@@ -66791,7 +66791,7 @@ CVE-2021-26619 (An path traversal vulnerability leading to delete arbitrary file
 CVE-2021-26618 (An improper input validation leading to arbitrary file creation was di ...)
 	NOT-FOR-US: ToWord of ToOffice
 CVE-2021-26617 (This issues due to insufficient verification of the various input valu ...)
-	TODO: check
+	NOT-FOR-US: Gabia Firstmall
 CVE-2021-26616 (An OS command injection was found in SecuwaySSL, when special characte ...)
 	NOT-FOR-US: SecuwaySSL client for MacOS
 CVE-2021-26615 (ARK library allows attackers to execute remote code via the parameter( ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d51bf0b6771bb7e38f8dee9ffca41b9f8ce65418

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d51bf0b6771bb7e38f8dee9ffca41b9f8ce65418
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220303/6c65b0a3/attachment.htm>

More information about the debian-security-tracker-commits mailing list