[Git][security-tracker-team/security-tracker][master] Process NFUs

Tue, 09 Mar 2021 12:39:05 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f94c2ac3 by Salvatore Bonaccorso at 2021-03-09T21:38:24+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1156,23 +1156,23 @@ CVE-2021-27594
 CVE-2021-27593
        RESERVED
 CVE-2021-27592 (When a user opens manipulated Universal 3D (.U3D) files 
received from  ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-27591 (When a user opens manipulated Portable Document Format (.PDF) 
format f ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-27590 (When a user opens manipulated Tag Image File Format (.TIFF) 
format fil ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-27589 (When a user opens manipulated Scalable Vector Graphics (.SVG) 
format f ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-27588 (When a user opens manipulated HPGL format files received from 
untruste ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-27587 (When a user opens manipulated Jupiter Tessellation (.JT) 
format files  ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-27586 (When a user opens manipulated Interchange File Format (.IFF) 
format fi ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-27585 (When a user opens manipulated Computer Graphics Metafile 
(.CGM) format ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-27584 (When a user opens manipulated PhotoShop Document (.PSD) format 
files r ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-27583 (** UNSUPPORTED WHEN ASSIGNED ** In Directus 8.x through 8.8.1, 
an atta ...)
        NOT-FOR-US: Directus
 CVE-2021-27582 (org/mitre/oauth2/web/OAuthConfirmationController.java in the 
OpenID Co ...)
@@ -15547,7 +15547,7 @@ CVE-2019-25001 (An issue was discovered in the 
serde_cbor crate before 0.10.2 fo
 CVE-2018-25001 (An issue was discovered in the libpulse-binding crate before 
2.5.0 for ...)
        NOT-FOR-US: libpulse-binding rust crate
 CVE-2021-21493 (When a user opens manipulated Graphics Interchange Format 
(.GIF) forma ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-21492
        RESERVED
 CVE-2021-21491
@@ -15559,21 +15559,21 @@ CVE-2021-21489
 CVE-2021-21488 (Knowledge Management versions 7.01, 7.02, 7.30, 7.31, 7.40, 
7.50 allow ...)
        TODO: check
 CVE-2021-21487 (SAP Payment Engine version 500, does not perform necessary 
authorizati ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-21486 (SAP Enterprise Financial Services versions, 101, 102, 103, 
104, 105, 6 ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-21485
        RESERVED
 CVE-2021-21484 (LDAP authentication in SAP HANA Database version 2.0 can be 
bypassed i ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-21483
        RESERVED
 CVE-2021-21482
        RESERVED
 CVE-2021-21481 (The MigrationService, which is part of SAP NetWeaver versions 
7.10, 7. ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-21480 (SAP MII allows users to create dashboards and save them as JSP 
through ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-21479 (In SCIMono before 0.0.19, it is possible for an attacker to 
inject and ...)
        NOT-FOR-US: SAP
 CVE-2021-21478 (SAP Web Dynpro ABAP allow an attacker to redirect users to a 
malicious ...)
@@ -18783,7 +18783,7 @@ CVE-2021-20343
 CVE-2021-20342
        RESERVED
 CVE-2021-20341 (IBM Cloud Pak for Multicloud Management Monitoring 2.2 returns 
potenti ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-20340 (IBM Engineering products are vulnerable to cross-site 
scripting. This  ...)
        NOT-FOR-US: IBM
 CVE-2021-20339



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f94c2ac3777de6ac84a35ba72cab3cb57626d868

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f94c2ac3777de6ac84a35ba72cab3cb57626d868
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to