[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Mar 25 20:36:56 GMT 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a719912e by Salvatore Bonaccorso at 2022-03-25T21:36:30+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -20388,7 +20388,7 @@ CVE-2021-45106 (A vulnerability has been identified in SICAM TOOLBOX II (All ver
 CVE-2021-44463 (Missing DLLs, if replaced by an insider, could allow an attacker to ac ...)
 	NOT-FOR-US: Emerson
 CVE-2021-44462 (This vulnerability can be exploited by parsing maliciously crafted pro ...)
-	TODO: check
+	NOT-FOR-US: Horner Automation Cscape EnvisionRV
 CVE-2021-4137
 	RESERVED
 CVE-2021-4136 (vim is vulnerable to Heap-based Buffer Overflow ...)
@@ -20705,7 +20705,7 @@ CVE-2021-45045
 CVE-2021-45044
 	RESERVED
 CVE-2021-44768 (Delta Electronics CNCSoft (Version 1.01.30) and prior) is vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics
 CVE-2021-44544 (DIAEnergie Version 1.7.5 and prior is vulnerable to multiple cross-sit ...)
 	NOT-FOR-US: DIAEnergie
 CVE-2021-44471 (DIAEnergie Version 1.7.5 and prior is vulnerable to stored cross-site  ...)
@@ -21855,7 +21855,7 @@ CVE-2021-44753
 CVE-2021-44752
 	RESERVED
 CVE-2021-44751 (A vulnerability affecting F-Secure SAFE browser was discovered. A mali ...)
-	TODO: check
+	NOT-FOR-US: F-Secure
 CVE-2021-44750 (An arbitrary code execution vulnerability was found in the F-Secure Su ...)
 	NOT-FOR-US: F-Secure
 CVE-2021-44749 (A vulnerability affecting F-Secure SAFE browser protection was discove ...)
@@ -22603,7 +22603,7 @@ CVE-2021-44523 (A vulnerability has been identified in SiPass integrated V2.76 (
 CVE-2021-44522 (A vulnerability has been identified in SiPass integrated V2.76 (All ve ...)
 	NOT-FOR-US: SiPass
 CVE-2021-44477 (GE Gas Power ToolBoxST Version v04.07.05C suffers from an XML external ...)
-	TODO: check
+	NOT-FOR-US: GE Gas Power ToolBoxST
 CVE-2021-4048 (An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, an ...)
 	- lapack 3.10.0-2 (bug #1001902)
 	[bullseye] - lapack <no-dsa> (Minor issue)
@@ -26172,7 +26172,7 @@ CVE-2021-43661
 CVE-2021-43660
 	RESERVED
 CVE-2021-43659 (In halo 1.4.14, the function point of uploading the avatar, any file c ...)
-	TODO: check
+	NOT-FOR-US: Halo
 CVE-2021-43658
 	RESERVED
 CVE-2021-43657
@@ -28709,9 +28709,9 @@ CVE-2021-43093
 CVE-2021-43092
 	RESERVED
 CVE-2021-43091 (An SQL Injection vlnerability exits in Yeswiki doryphore 20211012 via  ...)
-	TODO: check
+	NOT-FOR-US: Yeswiki doryphore
 CVE-2021-43090 (An XML External Entity (XXE) vulnerability exists in all versions of s ...)
-	TODO: check
+	NOT-FOR-US: soa-model
 CVE-2021-43089
 	RESERVED
 CVE-2021-43088
@@ -34250,7 +34250,7 @@ CVE-2021-41315 (The Device42 Remote Collector before 17.05.01 does not sanitize
 CVE-2021-3815 (utils.js is vulnerable to Improperly Controlled Modification of Object ...)
 	NOT-FOR-US: fabiocaccamo/utils.js
 CVE-2021-3814 (It was found that 3scale's APIdocs does not validate the access token, ...)
-	TODO: check
+	NOT-FOR-US: Red Hat 3scale API Management
 CVE-2021-3813 (Improper Privilege Management in GitHub repository chatwoot/chatwoot p ...)
 	NOT-FOR-US: chatwoot
 CVE-2021-41314 (Certain NETGEAR smart switches are affected by a \n injection in the w ...)
@@ -49307,7 +49307,7 @@ CVE-2021-35256
 CVE-2021-35255
 	RESERVED
 CVE-2021-35254 (SolarWinds received a report of a vulnerability related to an input th ...)
-	TODO: check
+	NOT-FOR-US: SolarWinds
 CVE-2021-35253
 	RESERVED
 CVE-2021-35252
@@ -82094,7 +82094,7 @@ CVE-2021-22102
 CVE-2021-22101 (Cloud Controller versions prior to 1.118.0 are vulnerable to unauthent ...)
 	NOT-FOR-US: Cloud Foundry Cloud Controller
 CVE-2021-22100 (In cloud foundry CAPI versions prior to 1.122, a denial-of-service att ...)
-	TODO: check
+	NOT-FOR-US: cloud foundry CAPI
 CVE-2021-22099
 	RESERVED
 CVE-2021-22098 (UAA server versions prior to 75.4.0 are vulnerable to an open redirect ...)
@@ -114586,7 +114586,7 @@ CVE-2020-21556
 CVE-2020-21555
 	RESERVED
 CVE-2020-21554 (A File Deletion vulnerability exists in TinyShop 3.1.1 in the back_lis ...)
-	TODO: check
+	NOT-FOR-US: TinyShop
 CVE-2020-21553
 	RESERVED
 CVE-2020-21552



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a719912e5bcfda1fd4ce00651ed2e993e772d131

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a719912e5bcfda1fd4ce00651ed2e993e772d131
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220325/752815e7/attachment.htm>

More information about the debian-security-tracker-commits mailing list