[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Tue, 25 May 2021 13:20:09 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
e3b599d8 by Salvatore Bonaccorso at 2021-05-25T22:19:06+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -294,7 +294,7 @@ CVE-2021-33427
 CVE-2021-33426
        RESERVED
 CVE-2021-33425 (A stored cross-site scripting (XSS) vulnerability was 
discovered in th ...)
-       TODO: check
+       NOT-FOR-US: OpenWRT LuCI
 CVE-2021-33424
        RESERVED
 CVE-2021-33423
@@ -7742,25 +7742,25 @@ CVE-2021-30197
 CVE-2021-30196
        RESERVED
 CVE-2021-30195 (CODESYS V2 runtime system before 2.4.7.55 has Improper Input 
Validatio ...)
-       TODO: check
+       NOT-FOR-US: CODESYS
 CVE-2021-30194 (CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds 
Read. ...)
-       TODO: check
+       NOT-FOR-US: CODESYS
 CVE-2021-30193 (CODESYS V2 Web-Server before 1.1.9.20 has an Out-of-bounds 
Write. ...)
-       TODO: check
+       NOT-FOR-US: CODESYS
 CVE-2021-30192 (CODESYS V2 Web-Server before 1.1.9.20 has an Improperly 
Implemented Se ...)
-       TODO: check
+       NOT-FOR-US: CODESYS
 CVE-2021-30191 (CODESYS V2 Web-Server before 1.1.9.20 has a a Buffer Copy 
without Chec ...)
-       TODO: check
+       NOT-FOR-US: CODESYS
 CVE-2021-30190 (CODESYS V2 Web-Server before 1.1.9.20 has Improper Access 
Control. ...)
-       TODO: check
+       NOT-FOR-US: CODESYS
 CVE-2021-30189 (CODESYS V2 Web-Server before 1.1.9.20 has a Stack-based Buffer 
Overflo ...)
-       TODO: check
+       NOT-FOR-US: CODESYS
 CVE-2021-30188 (CODESYS V2 runtime system SP before 2.4.7.55 has a Stack-based 
Buffer  ...)
-       TODO: check
+       NOT-FOR-US: CODESYS
 CVE-2021-30187 (CODESYS V2 runtime system SP before 2.4.7.55 has Improper 
Neutralizati ...)
-       TODO: check
+       NOT-FOR-US: CODESYS
 CVE-2021-30186 (CODESYS V2 runtime system SP before 2.4.7.55 has a Heap-based 
Buffer O ...)
-       TODO: check
+       NOT-FOR-US: CODESYS
 CVE-2021-30185 (CERN Indico before 2.3.4 can use an attacker-supplied Host 
header in a ...)
        NOT-FOR-US: CERN Indico
 CVE-2021-30184 (GNU Chess 6.2.7 allows attackers to execute arbitrary code via 
crafted ...)
@@ -10214,27 +10214,27 @@ CVE-2021-29213
 CVE-2021-29212
        RESERVED
 CVE-2021-29211 (A remote xss vulnerability was discovered in HPE Integrated 
Lights-Out ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2021-29210 (A remote dom xss, crlf injection vulnerability was discovered 
in HPE I ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2021-29209 (A remote dom xss, crlf injection vulnerability was discovered 
in HPE I ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2021-29208 (A remote dom xss, crlf injection vulnerability was discovered 
in HPE I ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2021-29207 (A remote xss vulnerability was discovered in HPE Integrated 
Lights-Out ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2021-29206 (A remote xss vulnerability was discovered in HPE Integrated 
Lights-Out ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2021-29205 (A remote xss vulnerability was discovered in HPE Integrated 
Lights-Out ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2021-29204 (A remote xss vulnerability was discovered in HPE Integrated 
Lights-Out ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2021-29203 (A security vulnerability has been identified in the HPE 
Edgeline Infra ...)
        NOT-FOR-US: HPE
 CVE-2021-29202 (A local buffer overflow vulnerability was discovered in HPE 
Integrated ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2021-29201 (A remote xss vulnerability was discovered in HPE Integrated 
Lights-Out ...)
-       TODO: check
+       NOT-FOR-US: HPE
 CVE-2021-29200 (Apache OFBiz has unsafe deserialization prior to 17.12.07 
version An u ...)
        NOT-FOR-US: Apache OFBiz
 CVE-2021-29199
@@ -13545,11 +13545,11 @@ CVE-2021-27825
 CVE-2021-27824
        RESERVED
 CVE-2021-27823 (An information disclosure vulnerability was discovered in 
/index.class ...)
-       TODO: check
+       NOT-FOR-US: NetWave
 CVE-2021-27822
        RESERVED
 CVE-2021-27821 (The Web Interface for OpenWRT LuCI version 19.07 and lower has 
been di ...)
-       TODO: check
+       NOT-FOR-US: OpenWRT LuCI
 CVE-2021-27820
        RESERVED
 CVE-2021-27819
@@ -18004,9 +18004,9 @@ CVE-2021-25937
 CVE-2021-25936
        RESERVED
 CVE-2021-25935 (In OpenNMS Horizon, versions opennms-17.0.0-1 through 
opennms-27.1.0-1 ...)
-       TODO: check
+       NOT-FOR-US: OpenNMS
 CVE-2021-25934 (In OpenNMS Horizon, versions opennms-18.0.0-1 through 
opennms-27.1.0-1 ...)
-       TODO: check
+       NOT-FOR-US: OpenNMS
 CVE-2021-25933 (In OpenNMS Horizon, versions opennms-1-0-stable through 
opennms-27.1.0 ...)
        NOT-FOR-US: OpenNMS
 CVE-2021-25932
@@ -27718,13 +27718,13 @@ CVE-2021-21662
 CVE-2021-21661
        RESERVED
 CVE-2021-21660 (Jenkins Markdown Formatter Plugin 0.1.0 and earlier does not 
sanitize  ...)
-       TODO: check
+       NOT-FOR-US: Jenkins plugin
 CVE-2021-21659 (Jenkins URLTrigger Plugin 0.48 and earlier does not configure 
its XML  ...)
-       TODO: check
+       NOT-FOR-US: Jenkins plugin
 CVE-2021-21658 (Jenkins Nuget Plugin 1.0 and earlier does not configure its 
XML parser ...)
-       TODO: check
+       NOT-FOR-US: Jenkins plugin
 CVE-2021-21657 (Jenkins Filesystem Trigger Plugin 0.40 and earlier does not 
configure  ...)
-       TODO: check
+       NOT-FOR-US: Jenkins plugin
 CVE-2021-21656 (Jenkins Xcode integration Plugin 2.0.14 and earlier does not 
configure ...)
        NOT-FOR-US: Jenkins plugin
 CVE-2021-21655 (A cross-site request forgery (CSRF) vulnerability in Jenkins 
P4 Plugin ...)
@@ -88548,11 +88548,11 @@ CVE-2020-9454 (A CSRF vulnerability in the 
RegistrationMagic plugin through 4.6.
 CVE-2020-9453 (In Epson iProjection v2.30, the driver file EMP_MPAU.sys allows 
local  ...)
        NOT-FOR-US: Epson
 CVE-2020-9452 (An issue was discovered in Acronis True Image 2020 24.5.22510. 
anti_ra ...)
-       TODO: check
+       NOT-FOR-US: Acronis
 CVE-2020-9451 (An issue was discovered in Acronis True Image 2020 24.5.22510. 
anti_ra ...)
-       TODO: check
+       NOT-FOR-US: Acronis
 CVE-2020-9450 (An issue was discovered in Acronis True Image 2020 24.5.22510. 
anti_ra ...)
-       TODO: check
+       NOT-FOR-US: Acronis
 CVE-2020-9449 (An insecure random number generation vulnerability in BlaB! AX, 
BlaB!  ...)
        NOT-FOR-US: BlaB!
 CVE-2020-9448



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3b599d8374ab6918a76d755fab6a9519f81fafa

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3b599d8374ab6918a76d755fab6a9519f81fafa
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to