From c8b6d4e164eb3b46cde6f9abcd30d3930c1c220f Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Tue, 16 Nov 2021 21:25:21 +0100 Subject: Process some NFUs --- data/CVE/2021.list | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 933168f997..4f86b50055 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -69,7 +69,7 @@ CVE-2021-3960 CVE-2021-3959 RESERVED CVE-2021-3958 (Due to improper sanitization iPack SCADA Automation software suffers f ...) - TODO: check + NOT-FOR-US: iPack SCADA Automation CVE-2021-43745 RESERVED CVE-2021-43744 @@ -1659,11 +1659,11 @@ CVE-2021-43050 CVE-2021-43049 RESERVED CVE-2021-43048 (The Interior Server and Gateway Server components of TIBCO Software In ...) - TODO: check + NOT-FOR-US: TIBCO CVE-2021-43047 (The Interior Server and Gateway Server components of TIBCO Software In ...) - TODO: check + NOT-FOR-US: TIBCO CVE-2021-43046 (The Interior Server and Gateway Server components of TIBCO Software In ...) - TODO: check + NOT-FOR-US: TIBCO CVE-2021-43056 (An issue was discovered in the Linux kernel for powerpc before 5.14.15 ...) - linux 5.14.16-1 [buster] - linux (Vulnerable code introduced later) @@ -5779,7 +5779,7 @@ CVE-2021-41259 (Nim is a systems programming language with a focus on efficiency [stretch] - nim (Minor issue) NOTE: https://github.com/nim-lang/security/security/advisories/GHSA-3gg2-rw3q-qwgc CVE-2021-41258 (Kirby is an open source file structured CMS. In affected versions Kirb ...) - TODO: check + NOT-FOR-US: Kirby CVE-2021-41257 RESERVED CVE-2021-41256 @@ -5794,7 +5794,7 @@ CVE-2021-41253 (Zydis is an x86/x86-64 disassembler library. Users of Zydis vers NOTE: Fixed by: https://github.com/zyantific/zydis/commit/55dd08c210722aed81b38132f5fd4a04ec1943b5 (master) NOTE: Fixed by: https://github.com/zyantific/zydis/commit/330b259583ade789886ce11af2ebcd030097dcbf (v3.2.1) CVE-2021-41252 (Kirby is an open source file structured CMS ### Impact Kirby's writer ...) - TODO: check + NOT-FOR-US: Kirby CVE-2021-41251 (@sap-cloud-sdk/core contains the core functionality of the SAP Cloud S ...) NOT-FOR-US: SAP CVE-2021-41250 (Python discord bot is the community bot for the Python Discord communi ...) @@ -32161,7 +32161,7 @@ CVE-2021-30218 (samurai 1.2 has a NULL pointer dereference in writefile() in uti CVE-2021-30217 RESERVED CVE-2021-30216 (Zoho Web mail version NA is affected by an incorrect access control vu ...) - TODO: check + NOT-FOR-US: Zoho Web mail CVE-2021-30215 RESERVED CVE-2021-30214 (Knowage Suite 7.3 is vulnerable to Stored Client-Side Template Injecti ...) @@ -42482,13 +42482,13 @@ CVE-2021-25987 CVE-2021-25986 RESERVED CVE-2021-25985 (In Factor (App Framework & Headless CMS) v1.0.4 to v1.8.30, improp ...) - TODO: check + NOT-FOR-US: Factor (App Framework & Headless CMS) CVE-2021-25984 (In Factor (App Framework & Headless CMS) forum plugin, versions v1 ...) - TODO: check + NOT-FOR-US: Factor (App Framework & Headless CMS) CVE-2021-25983 (In Factor (App Framework & Headless CMS) forum plugin, versions v1 ...) - TODO: check + NOT-FOR-US: Factor (App Framework & Headless CMS) CVE-2021-25982 (In Factor (App Framework & Headless CMS) forum plugin, versions 1. ...) - TODO: check + NOT-FOR-US: Factor (App Framework & Headless CMS) CVE-2021-25981 RESERVED CVE-2021-25980 (In Talkyard, versions v0.04.01 through v0.6.74-WIP-63220cb, v0.2020.22 ...) @@ -42500,7 +42500,7 @@ CVE-2021-25978 (Apostrophe CMS versions between 2.63.0 to 3.3.1 are vulnerable t CVE-2021-25977 (In PiranhaCMS, versions 7.0.0 to 9.1.1 are vulnerable to stored XSS du ...) NOT-FOR-US: PiranhaCMS CVE-2021-25976 (In PiranhaCMS, versions 4.0.0-alpha1 to 9.2.0 are vulnerable to cross- ...) - TODO: check + NOT-FOR-US: PiranhaCMS CVE-2021-25975 (In publify, versions v8.0 to v9.2.4 are vulnerable to stored XSS as a ...) NOT-FOR-US: Publify CVE-2021-25974 (In Publify, versions v8.0 to v9.2.4 are vulnerable to stored XSS. A us ...) @@ -42522,7 +42522,7 @@ CVE-2021-25967 CVE-2021-25966 (In “Orchard core CMS” application, versions 1.0.0-beta1-33 ...) NOT-FOR-US: Orchard CMS CVE-2021-25965 (In Calibre-web, versions 0.6.0 to 0.6.13 are vulnerable to Cross-Site ...) - TODO: check + NOT-FOR-US: Calibre web CVE-2021-25964 (In “Calibre-web” application, v0.6.0 to v0.6.12, are vulne ...) NOT-FOR-US: Calibre web CVE-2021-25963 (In Shuup, versions 1.6.0 through 2.10.8 are vulnerable to reflected Cr ...) -- cgit v1.2.3