[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Neil Williams (@codehelp)]

Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2c6872d2 by Neil Williams at 2022-03-31T09:23:22+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -54426,7 +54426,7 @@ CVE-2021-33582 (Cyrus IMAP before 3.4.2 allows remote attackers to cause a denia
 	NOTE: https://github.com/cyrusimap/cyrus-imapd/commit/f63695609c88a3f76129499bb49fb82e8155fb32 (master)
 	NOTE: https://github.com/cyrusimap/cyrus-imapd/commit/833c22bd7de5bbb591c2cb3705c9983b6d2b1fee (master)
 CVE-2021-33581 (MashZone NextGen through 10.7 GA has an SSRF vulnerability that allows ...)
-	TODO: check
+	NOT-FOR-US: Software AG MashZone
 CVE-2021-33580 (User controlled `request.getHeader("Referer")`, `request.getRequestURL ...)
 	NOT-FOR-US: Apache Roller
 CVE-2021-33586 (InspIRCd 3.8.0 through 3.9.x before 3.10.0 allows any user (able to co ...)
@@ -54596,7 +54596,7 @@ CVE-2021-3564 (A flaw double-free memory corruption in the Linux kernel HCI devi
 CVE-2021-33524
 	RESERVED
 CVE-2021-33523 (MashZone NextGen through 10.7 GA allows a remote authenticated user, w ...)
-	TODO: check
+	NOT-FOR-US: Software AG MashZone
 CVE-2021-33522
 	RESERVED
 CVE-2021-33521
@@ -55324,7 +55324,7 @@ CVE-2021-33210 (An issue was discovered in Fimer Aurora Vision before 2.97.10. A
 CVE-2021-33209 (An issue was discovered in Fimer Aurora Vision before 2.97.10. The res ...)
 	NOT-FOR-US: Fimer Aurora
 CVE-2021-33208 (The "Register an Ehcache Configuration File" admin feature in MashZone ...)
-	TODO: check
+	NOT-FOR-US: Software AG MashZone
 CVE-2021-33207
 	RESERVED
 CVE-2021-33206
@@ -193226,7 +193226,7 @@ CVE-2019-12268
 CVE-2019-12267
 	RESERVED
 CVE-2019-12266 (Stack-based Buffer Overflow vulnerability in Wyze Cam Pan v2, Cam v2,  ...)
-	TODO: check
+	NOT-FOR-US: Wyze Cam
 CVE-2019-12265 (Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Le ...)
 	NOT-FOR-US: Wind River VxWorks
 CVE-2019-12264 (Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect  ...)
@@ -201978,7 +201978,7 @@ CVE-2019-9566 (FlarumChina v0.1.0-beta.7C has SQL injection via a /?q= request.
 CVE-2019-9565 (Druide Antidote RX, HD, 8 before 8.05.2287, 9 before 9.5.3937 and 10 b ...)
 	NOT-FOR-US: Druide Antidote
 CVE-2019-9564 (A vulnerability in the authentication logic of Wyze Cam Pan v2, Cam v2 ...)
-	TODO: check
+	NOT-FOR-US: Wyze Cam
 CVE-2019-9563 (In BlueMind 3.5.x before 3.5.11 Hotfix 7 and 4.x before 4.0-beta3, the ...)
 	NOT-FOR-US: BlueMind
 CVE-2019-9562



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c6872d22db04f7d6f2deb12e09040f1babb77c5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c6872d22db04f7d6f2deb12e09040f1babb77c5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220331/926c1748/attachment.htm>