[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Mar 17 08:21:03 GMT 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6e135ea6 by Salvatore Bonaccorso at 2022-03-17T09:20:35+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1548,7 +1548,7 @@ CVE-2022-26661 (An XXE issue was discovered in Tryton Application Platform (Serv
 	NOTE: https://bugs.tryton.org/issue11219
 	NOTE: https://discuss.tryton.org/t/security-release-for-issue11219-and-issue11244/5059
 CVE-2022-26660 (RunAsSpc 4.0 uses a universal and recoverable encryption key. In posse ...)
-	TODO: check
+	NOT-FOR-US: RunAsSpc
 CVE-2022-26659
 	RESERVED
 CVE-2022-26658
@@ -1804,7 +1804,7 @@ CVE-2022-26536
 CVE-2022-26535
 	RESERVED
 CVE-2022-26534 (FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where  ...)
-	TODO: check
+	NOT-FOR-US: FISCO-BCOS
 CVE-2022-26533 (Alist v2.1.0 and below was discovered to contain a cross-site scriptin ...)
 	NOT-FOR-US: Alist
 CVE-2022-25960
@@ -2500,7 +2500,7 @@ CVE-2022-26305
 CVE-2022-26301
 	RESERVED
 CVE-2022-26300 (EOS v2.1.0 was discovered to contain a heap-buffer-overflow via the fu ...)
-	TODO: check
+	NOT-FOR-US: EOS
 CVE-2022-26299
 	RESERVED
 CVE-2022-26298
@@ -2510,11 +2510,11 @@ CVE-2022-26297
 CVE-2022-26296
 	RESERVED
 CVE-2022-26295 (A stored cross-site scripting (XSS) vulnerability in /ptms/?page=user  ...)
-	TODO: check
+	NOT-FOR-US: Online Project Time Management System
 CVE-2022-26294
 	RESERVED
 CVE-2022-26293 (Online Project Time Management System v1.0 was discovered to contain a ...)
-	TODO: check
+	NOT-FOR-US: Online Project Time Management System
 CVE-2022-26292
 	RESERVED
 CVE-2022-26291
@@ -8795,13 +8795,13 @@ CVE-2022-24077
 CVE-2022-24076
 	RESERVED
 CVE-2022-24075 (Whale browser before 3.12.129.18 allowed extensions to replace JavaScr ...)
-	TODO: check
+	NOT-FOR-US: Whale browser
 CVE-2022-24074 (Whale Bridge, a default extension in Whale browser before 3.12.129.18, ...)
-	TODO: check
+	NOT-FOR-US: Whale Bridge
 CVE-2022-24073 (The Web Request API in Whale browser before 3.12.129.18 allowed to den ...)
-	TODO: check
+	NOT-FOR-US: Whale browser
 CVE-2022-24072 (The devtools API in Whale browser before 3.12.129.18 allowed extension ...)
-	TODO: check
+	NOT-FOR-US: Whale browser
 CVE-2022-24071 (A Built-in extension in Whale browser before 3.12.129.46 allows attack ...)
 	NOT-FOR-US: Whale browser
 CVE-2022-24070
@@ -15834,7 +15834,7 @@ CVE-2022-22275
 CVE-2022-22274
 	RESERVED
 CVE-2022-22273 (** UNSUPPORTED WHEN ASSIGNED ** Improper neutralization of Special Ele ...)
-	TODO: check
+	NOT-FOR-US: Sonicwall
 CVE-2022-22272 (Improper authorization in TelephonyManager prior to SMR Jan-2022 Relea ...)
 	NOT-FOR-US: Samsung
 CVE-2022-22271 (A missing input validation before memory copy in TIMA trustlet prior t ...)
@@ -27889,11 +27889,11 @@ CVE-2021-42732
 CVE-2021-42731 (Adobe InDesign versions 16.4 (and earlier) are affected by a Buffer Ov ...)
 	NOT-FOR-US: Adobe
 CVE-2021-42730 (Adobe Bridge version 11.1.1 (and earlier) is affected by a memory corr ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-42729 (Adobe Bridge version 11.1.1 (and earlier) is affected by a memory corr ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-42728 (Adobe Bridge 11.1.1 (and earlier) is affected by a stack overflow vuln ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-42727 (Adobe Bridge 11.1.1 (and earlier) is affected by a stack overflow vuln ...)
 	NOT-FOR-US: Adobe
 CVE-2021-42726 (Adobe Bridge version 11.1.1 (and earlier) is affected by a memory corr ...)
@@ -27901,17 +27901,17 @@ CVE-2021-42726 (Adobe Bridge version 11.1.1 (and earlier) is affected by a memor
 CVE-2021-42725 (Adobe Bridge version 11.1.1 (and earlier) is affected by a memory corr ...)
 	NOT-FOR-US: Adobe
 CVE-2021-42724 (Adobe Bridge version 11.1.1 (and earlier) is affected by a memory corr ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-42723 (Adobe Bridge version 11.1.1 (and earlier) is affected by an out-of-bou ...)
 	NOT-FOR-US: Adobe
 CVE-2021-42722 (Adobe Bridge version 11.1.1 (and earlier) is affected by an out-of-bou ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-42721 (Acrobat Bridge versions 11.1.1 and earlier are affected by a use-after ...)
 	NOT-FOR-US: Adobe
 CVE-2021-42720 (Adobe Bridge version 11.1.1 (and earlier) is affected by an out-of-bou ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-42719 (Adobe Bridge version 11.1.1 (and earlier) is affected by an out-of-bou ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-42718
 	RESERVED
 CVE-2021-3894 [sctp: local DoS: unprivileged user can cause BUG()]
@@ -28307,7 +28307,7 @@ CVE-2022-0001 (Non-transparent sharing of branch predictor selectors between con
 CVE-2021-42553
 	RESERVED
 CVE-2021-42552 (Cross-site Scripting (XSS) vulnerability in ArchivistaBox webclient al ...)
-	TODO: check
+	NOT-FOR-US: ArchivistaBox
 CVE-2021-42551 (Cross-site Scripting (XSS) vulnerability in the search functionality o ...)
 	NOT-FOR-US: AlCoda NetBiblio WebOPAC
 CVE-2021-42549 (Insufficient Input Validation in the search functionality of Wordpress ...)
@@ -28343,7 +28343,7 @@ CVE-2021-42535
 CVE-2021-42534 (The affected product’s web application does not properly neutral ...)
 	NOT-FOR-US: Trane
 CVE-2021-42533 (Adobe Bridge version 11.1.1 (and earlier) is affected by a double free ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-42532
 	RESERVED
 CVE-2021-42531
@@ -28355,9 +28355,9 @@ CVE-2021-42529
 CVE-2021-42528
 	RESERVED
 CVE-2021-42527 (Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affect ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-42526 (Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affect ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-42525 (Acrobat Animate versions 21.0.9 (and earlier)is affected by an out-of- ...)
 	NOT-FOR-US: Adobe
 CVE-2021-42524 (Adobe Animate version 21.0.9 (and earlier) are affected by an out-of-b ...)
@@ -30206,9 +30206,9 @@ CVE-2021-42266 (Adobe Animate version 21.0.9 (and earlier) is affected by a memo
 CVE-2021-42265
 	RESERVED
 CVE-2021-42264 (Adobe Premiere Pro 15.4.1 (and earlier) is affected by a Null pointer  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-42263 (Adobe Premiere Pro 15.4.1 (and earlier) is affected by a Null pointer  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-3882 (LedgerSMB does not set the 'Secure' attribute on the session authoriza ...)
 	- ledgersmb <not-affected> (Vulnerable code introduced later)
 	NOTE: https://huntr.dev/bounties/7061d97a-98a5-495a-8ba0-3a4c66091e9d/
@@ -30909,7 +30909,7 @@ CVE-2021-41989
 CVE-2021-41988
 	RESERVED
 CVE-2021-41987 (In the SCEP Server of RouterOS in certain Mikrotik products, an attack ...)
-	TODO: check
+	NOT-FOR-US: Mikrotik
 CVE-2021-41986
 	RESERVED
 CVE-2021-41985
@@ -33879,45 +33879,45 @@ CVE-2021-40797 (An issue was discovered in the routes middleware in OpenStack Ne
 	NOTE: neutron-api in Debian is served over UWSGI, cf. https://bugs.debian.org/994202
 	NOTE: and so serves the requests and stops the process.
 CVE-2021-40796 (Adobe Premiere Pro 15.4.1 (and earlier) is affected by a Null pointer  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40795
 	RESERVED
 CVE-2021-40794 (Adobe Premiere Pro version 15.4.1 (and earlier) is affected by a memor ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40793 (Adobe Premiere Pro version 15.4.1 (and earlier) is affected by a memor ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40792 (Adobe Premiere Pro version 15.4.1 (and earlier) is affected by a memor ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40791
 	RESERVED
 CVE-2021-40790
 	RESERVED
 CVE-2021-40789 (Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affect ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40788 (Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affect ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40787 (Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affect ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40786 (Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affect ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40785 (Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affect ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40784 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memo ...)
 	NOT-FOR-US: Adobe
 CVE-2021-40783 (Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memo ...)
 	NOT-FOR-US: Adobe
 CVE-2021-40782 (Adobe Media Encoder 15.4.1 (and earlier) is affected by a Null pointer ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40781 (Adobe Media Encoder 15.4.1 (and earlier) is affected by a Null pointer ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40780 (Adobe Media Encoder version 15.4.1 (and earlier) is affected by a memo ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40779 (Adobe Media Encoder version 15.4.1 (and earlier) is affected by a memo ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40778 (Adobe Media Encoder 15.4.1 (and earlier) is affected by a Null pointer ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40777 (Adobe Media Encoder version 15.4.1 (and earlier) is affected by a memo ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40776
 	RESERVED
 CVE-2021-40775 (Adobe Prelude version 10.1 (and earlier) is affected by a memory corru ...)
@@ -33933,21 +33933,21 @@ CVE-2021-40771 (Adobe Prelude version 10.1 (and earlier) is affected by a memory
 CVE-2021-40770 (Adobe Prelude version 10.1 (and earlier) is affected by a memory corru ...)
 	NOT-FOR-US: Adobe
 CVE-2021-40769 (Adobe Character Animator version 4.4 (and earlier versions) are affect ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40768 (Adobe Character Animator version 4.4 (and earlier) is affected by a Nu ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40767 (Adobe Character Animator version 4.4 (and earlier) is affected by an A ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40766 (Adobe Character Animator version 4.4 (and earlier versions) are affect ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40765 (Adobe Character Animator version 4.4 (and earlier) is affected by a me ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40764 (Adobe Character Animator version 4.4 (and earlier) is affected by a me ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40763 (Adobe Character Animator version 4.4 (and earlier) is affected by a me ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40762 (Adobe Character Animator version 4.4 (and earlier) is affected by a Nu ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40761 (Adobe After Effects version 18.4.1 (and earlier) is affected by a Null ...)
 	NOT-FOR-US: Adobe
 CVE-2021-40760 (Adobe After Effects version 18.4.1 (and earlier) is affected by a memo ...)
@@ -33971,7 +33971,7 @@ CVE-2021-40752 (Adobe After Effects version 18.4 (and earlier) is affected by a
 CVE-2021-40751 (Adobe After Effects version 18.4 (and earlier) is affected by a memory ...)
 	NOT-FOR-US: Adobe
 CVE-2021-40750 (Adobe Bridge version 11.1.1 (and earlier) is affected by a Null pointe ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40749
 	RESERVED
 CVE-2021-40748
@@ -33987,23 +33987,23 @@ CVE-2021-40744
 CVE-2021-40743
 	RESERVED
 CVE-2021-40742 (Adobe Audition version 14.4 (and earlier) is affected by a Null pointe ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40741 (Adobe Audition version 14.4 (and earlier) is affected by an Access of  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40740 (Adobe Audition version 14.4 (and earlier) is affected by a memory corr ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40739 (Adobe Audition version 14.4 (and earlier) is affected by a memory corr ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40738 (Adobe Audition version 14.4 (and earlier) is affected by a memory corr ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40737 (Adobe Audition version 14.4 (and earlier) is affected by a Null pointe ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40736 (Adobe Audition version 14.4 (and earlier) is affected by a memory corr ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40735 (Adobe Audition version 14.4 (and earlier) is affected by a memory corr ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40734 (Adobe Audition version 14.4 (and earlier) is affected by a memory corr ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2021-40733 (Adobe Animate version 21.0.9 (and earlier) is affected by a memory cor ...)
 	NOT-FOR-US: Adobe
 CVE-2021-40732 (XMP Toolkit version 2020.1 (and earlier) is affected by a null pointer ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e135ea6197281f663c34432f791515ecccd6d62

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e135ea6197281f663c34432f791515ecccd6d62
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220317/ac98c4e3/attachment.htm>

More information about the debian-security-tracker-commits mailing list