[Git][security-tracker-team/security-tracker][master] Process NFUs

Mon, 20 Jun 2022 13:09:05 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
158daa36 by Salvatore Bonaccorso at 2022-06-20T22:08:29+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -53728,7 +53728,7 @@ CVE-2021-40942
 CVE-2021-40941
        RESERVED
 CVE-2021-40940 (Monstra 3.0.4 does not filter the case of php, which leads to 
an unres ...)
-       TODO: check
+       NOT-FOR-US: Monstra CMS
 CVE-2021-40939
        RESERVED
 CVE-2021-40938
@@ -54422,7 +54422,7 @@ CVE-2021-40662 (A Cross-Site Request Forgery (CSRF) in 
Chamilo LMS 1.11.14 allow
 CVE-2021-40661
        RESERVED
 CVE-2021-40660 (An issue was discovered in Delight Nashorn Sandbox 0.2.0. 
There is an  ...)
-       TODO: check
+       NOT-FOR-US: Delight Nashorn Sandbox
 CVE-2021-40659
        RESERVED
 CVE-2021-40658 (Textpattern 4.8.7 is affected by a HTML injection 
vulnerability throug ...)
@@ -54448,9 +54448,9 @@ CVE-2021-40652
 CVE-2021-40651 (OS4Ed OpenSIS Community 8.0 is vulnerable to a local file 
inclusion vu ...)
        NOT-FOR-US: OS4Ed OpenSIS Community
 CVE-2021-40650 (In Connx Version 6.2.0.1269 (20210623), a cookie can be issued 
by the  ...)
-       TODO: check
+       NOT-FOR-US: Connx
 CVE-2021-40649 (In Connx Version 6.2.0.1269 (20210623), a cookie can be issued 
by the  ...)
-       TODO: check
+       NOT-FOR-US: Connx
 CVE-2021-40648
        RESERVED
 CVE-2021-40647
@@ -54544,7 +54544,7 @@ CVE-2021-40606
 CVE-2021-40605
        RESERVED
 CVE-2021-40604 (A Server-Side Request Forgery (SSRF) vulnerability in IPS 
Community Su ...)
-       TODO: check
+       NOT-FOR-US: IPS Community Suite
 CVE-2021-40603
        RESERVED
 CVE-2021-40602
@@ -56535,7 +56535,7 @@ CVE-2021-39822
 CVE-2021-39821 (Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and 
earlier) a ...)
        NOT-FOR-US: Adobe
 CVE-2021-39820 (Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and 
earlier) i ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2021-39819 (Adobe InCopy version 11.1 (and earlier) is affected by a 
memory corrup ...)
        NOT-FOR-US: Adobe
 CVE-2021-39818 (Adobe InCopy version 11.1 (and earlier) is affected by a 
memory corrup ...)
@@ -61685,7 +61685,7 @@ CVE-2021-3677 (A flaw was found in postgresql. A 
purpose-crafted query can read
 CVE-2021-3676
        REJECTED
 CVE-2021-3675 (Improper Input Validation vulnerability in synaTEE.signed.dll 
of Synap ...)
-       TODO: check
+       NOT-FOR-US: Synaptics Fingerprint Driver
 CVE-2021-37843 (The resolution SAML SSO apps for Atlassian products allow a 
remote att ...)
        NOT-FOR-US: resolution SAML SSO apps for Atlassian products
 CVE-2021-37842 (metakv in Couchbase Server 7.0.0 uses Cleartext for Storage of 
Sensiti ...)
@@ -63257,7 +63257,7 @@ CVE-2021-37184 (A vulnerability has been identified in 
Industrial Edge Managemen
 CVE-2021-37183 (A vulnerability has been identified in SINEMA Remote Connect 
Server (A ...)
        NOT-FOR-US: Siemens
 CVE-2021-37182 (A vulnerability has been identified in SCALANCE XM408-4C (All 
versions ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2021-37181 (A vulnerability has been identified in Cerberus DMS V4.0 (All 
versions ...)
        NOT-FOR-US: Siemens
 CVE-2021-37180 (A vulnerability has been identified in Solid Edge SE2021 (All 
Versions ...)
@@ -63917,7 +63917,7 @@ CVE-2021-36903
 CVE-2021-36902
        RESERVED
 CVE-2021-36901 (Unauthenticated Stored Cross-Site Scripting (XSS) 
vulnerability in Phi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-36900
        RESERVED
 CVE-2021-36899
@@ -63937,7 +63937,7 @@ CVE-2021-36893 (Authenticated (author or higher user 
role) Stored Cross-Site Scr
 CVE-2021-36892
        RESERVED
 CVE-2021-36891 (Cross-Site Request Forgery (CSRF) vulnerability in Photo 
Gallery by Su ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-36890 (Cross-Site Request Forgery (CSRF) vulnerability in Social 
Share Button ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-36889 (Multiple Stored Authenticated Cross-Site Scripting (XSS) 
vulnerabiliti ...)
@@ -64065,7 +64065,7 @@ CVE-2021-36829
 CVE-2021-36828 (Authenticated (admin+) Stored Cross-Site Scripting (XSS) in WP 
Mainten ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-36827 (Authenticated (admin or higher user role) Stored Cross-Site 
Scripting  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-36826 (Authenticated (subscriber or higher user role if allowed to 
access pro ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-36825
@@ -68230,7 +68230,7 @@ CVE-2021-35131
 CVE-2021-35130 (Memory corruption in graphics support layer due to use after 
free cond ...)
        TODO: check
 CVE-2021-35129 (Memory corruption in BT controller due to improper length 
check while  ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2021-35128
        RESERVED
 CVE-2021-35127



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/158daa362c26f7ec72320648ec930df39d115bd9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/158daa362c26f7ec72320648ec930df39d115bd9
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to