[Git][security-tracker-team/security-tracker][master] Process some NFUs

Neil Williams (@codehelp) codehelp at debian.org
Fri May 27 11:15:29 BST 2022 


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dc2da96b by Neil Williams at 2022-05-27T11:15:03+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -41320,7 +41320,7 @@ CVE-2021-42861
 CVE-2021-42860 (A stack buffer overflow exists in Mini-XML v3.2. When inputting an unf ...)
 	TODO: check
 CVE-2021-42859 (A memory leak issue was discovered in Mini-XML v3.2 that could cause a ...)
-	TODO: check
+	- mxml
 CVE-2021-42858
 	RESERVED
 CVE-2021-42857 (It was discovered that the SteelCentral AppInternals Dynamic Sampling  ...)
@@ -41783,7 +41783,7 @@ CVE-2021-42694 (** DISPUTED ** An issue was discovered in the character definiti
 CVE-2021-42693
 	RESERVED
 CVE-2021-42692 (There is a stack-overflow vulnerability in tinytoml v0.4 that can caus ...)
-	TODO: check
+	NOT-FOR-US: mayah/tinytoml
 CVE-2021-42691
 	RESERVED
 CVE-2021-42690
@@ -49053,7 +49053,7 @@ CVE-2021-40319
 CVE-2021-40318
 	RESERVED
 CVE-2021-40317 (Piwigo 11.5.0 is affected by a SQL injection vulnerability via admin.p ...)
-	TODO: check
+	- piwigo <removed>
 CVE-2021-40316
 	RESERVED
 CVE-2021-40315
@@ -66976,11 +66976,11 @@ CVE-2021-33018 (The use of a broken or risky cryptographic algorithm in Philips
 CVE-2021-33017 (The standard access path of the IntelliBridge EC 40 and 60 Hub (C.00.0 ...)
 	NOT-FOR-US: Philips
 CVE-2021-33016 (An attacker can gain full access (read/write/delete) to sensitive fold ...)
-	TODO: check
+	NOT-FOR-US: Kuka
 CVE-2021-33015 (Cscape (All Versions prior to 9.90 SP5) lacks proper validation of use ...)
 	NOT-FOR-US: Cscape
 CVE-2021-33014 (An attacker can gain VxWorks Shell after login due to hard-coded crede ...)
-	TODO: check
+	NOT-FOR-US: Kuka
 CVE-2021-33013 (mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized  ...)
 	NOT-FOR-US: mySCADA myPRO
 CVE-2021-33012 (Rockwell Automation MicroLogix 1100, all versions, allows a remote, un ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dc2da96b1974599f1937f53a7e7297b329469a62

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dc2da96b1974599f1937f53a7e7297b329469a62
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220527/b73690fa/attachment.htm>

More information about the debian-security-tracker-commits mailing list