From 193b43c66a2d17159f1eda5dbcc8b7db067792ac Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Tue, 2 Mar 2021 21:34:36 +0100 Subject: Process some NFUs --- data/CVE/2021.list | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 1a7363c478..6355f954f0 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -65,7 +65,7 @@ CVE-2021-27887 CVE-2021-27886 (rakibtg Docker Dashboard before 2021-02-28 allows command injection in ...) NOT-FOR-US: rakibtg Docker Dashboard CVE-2021-27885 (usersettings.php in e107 through 2.3.0 lacks a certain e_TOKEN protect ...) - TODO: check + NOT-FOR-US: e107 CVE-2021-27884 (Weak JSON Web Token (JWT) signing secret generation in YMFE YApi throu ...) TODO: check CVE-2021-27883 @@ -2974,7 +2974,7 @@ CVE-2021-3386 CVE-2021-3385 RESERVED CVE-2021-3384 (A vulnerability in Stormshield Network Security could allow an attacke ...) - TODO: check + NOT-FOR-US: Stormshield Network Security CVE-2021-3383 RESERVED CVE-2021-3382 (Stack buffer overflow vulnerability in gitea 1.9.0 through 1.13.1 allo ...) @@ -5859,7 +5859,7 @@ CVE-2021-25332 CVE-2021-25331 RESERVED CVE-2021-25330 (Calling of non-existent provider in MobileWips application prior to SM ...) - TODO: check + NOT-FOR-US: MobileWips application CVE-2021-3184 (MISP 2.4.136 has XSS via a crafted URL to the app/View/Elements/global ...) NOT-FOR-US: MISP CVE-2021-3183 (Files.com Fat Client 3.3.6 allows authentication bypass because the cl ...) @@ -12299,11 +12299,11 @@ CVE-2021-22298 (There is a logic vulnerability in Huawei Gauss100 OLTP Product. CVE-2021-22297 RESERVED CVE-2021-22296 (A component of the HarmonyOS 2.0 has a DoS vulnerability. Local attack ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22295 RESERVED CVE-2021-22294 (A component API of the HarmonyOS 2.0 has a permission bypass vulnerabi ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22293 (Some Huawei products have an inconsistent interpretation of HTTP reque ...) NOT-FOR-US: Huawei CVE-2021-22292 (There is a denial of service (DoS) vulnerability in eCNS280 versions V ...) @@ -13906,7 +13906,7 @@ CVE-2021-21519 CVE-2021-21518 RESERVED CVE-2021-21517 (SRS Policy Manager 6.X is affected by an XML External Entity Injection ...) - TODO: check + NOT-FOR-US: SRS Policy Manager CVE-2021-21516 RESERVED CVE-2021-21515 (Dell EMC SourceOne, versions 7.2SP10 and prior, contain a Stored Cross ...) @@ -14305,7 +14305,7 @@ CVE-2021-21330 (aiohttp is an asynchronous HTTP client/server framework for asyn CVE-2021-21329 RESERVED CVE-2021-21328 (Vapor is a web framework for Swift. In Vapor before version 4.40.1, th ...) - TODO: check + NOT-FOR-US: Vapor CVE-2021-21327 RESERVED CVE-2021-21326 -- cgit v1.2.3