diff options
| author | Neil Williams <codehelp@debian.org> | 2022-01-25 10:53:43 +0000 |
|---|---|---|
| committer | Neil Williams <codehelp@debian.org> | 2022-01-25 10:53:43 +0000 |
| commit | e0e885a3755a7c26ed45c6ef33e564b68f606cba (patch) | |
| tree | 69e6e74851452b53b87b299b806d9b3e86002427 | |
| parent | 436698e3448f955650db5a8e52db8287262969ce (diff) | |
Process some NFUs
| -rw-r--r-- | data/CVE/list.2021 | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index bc066e4812..fffbc10bff 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -2186,7 +2186,7 @@ CVE-2021-4173 (vim is vulnerable to Use After Free ...) NOTE: Introduced after: https://github.com/vim/vim/commit/04b12697838b232b8b17c553ccc74cf1f1bdb81c (v8.2.0695) NOTE: Fixed by: https://github.com/vim/vim/commit/9c23f9bb5fe435b28245ba8ac65aa0ca6b902c04 (v8.2.3902) CVE-2021-4172 (Cross-site Scripting (XSS) - Stored in GitHub repository star7th/showd ...) - TODO: check + NOT-FOR-US: showdoc CVE-2021-4171 (calibre-web is vulnerable to Business Logic Errors ...) NOT-FOR-US: calibre-web CVE-2021-45679 (Certain NETGEAR devices are affected by privilege escalation. This aff ...) @@ -4580,7 +4580,7 @@ CVE-2021-23148 CVE-2021-44759 RESERVED CVE-2021-4088 (SQL injection vulnerability in Data Loss Protection (DLP) ePO extensio ...) - TODO: check + NOT-FOR-US: mcafee CVE-2021-4087 RESERVED CVE-2021-4086 @@ -58541,7 +58541,8 @@ CVE-2021-22567 (Bidirectional Unicode text can be interpreted and compiled diffe CVE-2021-22566 (An incorrect setting of UXN bits within mmu_flags_to_s1_pte_attr lead ...) TODO: check CVE-2021-22565 (An attacker could prematurely expire a verification code, making it un ...) - TODO: check + NOT-FOR-US: Google reference COVID19 exposure verification component + NOTE: https://github.com/google/exposure-notifications-verification-server CVE-2021-22564 (For certain valid JPEG XL images with a size slightly larger than an i ...) - jpeg-xl <not-affected> (Fixed with initial upload to Debian) NOTE: https://github.com/libjxl/libjxl/issues/708 @@ -64683,7 +64684,7 @@ CVE-2021-20159 (Trendnet AC2600 TEW-827DRU version 2.08B01 is vulnerable to comm CVE-2021-20158 (Trendnet AC2600 TEW-827DRU version 2.08B01 contains an authentication ...) NOT-FOR-US: Trendnet CVE-2021-20157 (It is possible for an unauthenticated, malicious user to force the dev ...) - TODO: check + NOT-FOR-US: Trendnet CVE-2021-20156 (Trendnet AC2600 TEW-827DRU version 2.08B01 contains an improper access ...) NOT-FOR-US: Trendnet CVE-2021-20155 (Trendnet AC2600 TEW-827DRU version 2.08B01 makes use of hardcoded cred ...) |