diff options
author | Neil Williams <codehelp@debian.org> | 2022-01-25 10:53:43 +0000 |
---|---|---|
committer | Neil Williams <codehelp@debian.org> | 2022-01-25 10:53:43 +0000 |
commit | 6693da9d46d56683e837894c62d86e7dc8504a6e (patch) | |
tree | b976551a3f9513e569e2320e4ff9c911e50a9499 | |
parent | 20596f05df521d9c4625508c48b784bcea49a591 (diff) |
Process some NFUs
-rw-r--r-- | data/CVE/2021.list | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list index bc066e4812..fffbc10bff 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -2186,7 +2186,7 @@ CVE-2021-4173 (vim is vulnerable to Use After Free ...) NOTE: Introduced after: https://github.com/vim/vim/commit/04b12697838b232b8b17c553ccc74cf1f1bdb81c (v8.2.0695) NOTE: Fixed by: https://github.com/vim/vim/commit/9c23f9bb5fe435b28245ba8ac65aa0ca6b902c04 (v8.2.3902) CVE-2021-4172 (Cross-site Scripting (XSS) - Stored in GitHub repository star7th/showd ...) - TODO: check + NOT-FOR-US: showdoc CVE-2021-4171 (calibre-web is vulnerable to Business Logic Errors ...) NOT-FOR-US: calibre-web CVE-2021-45679 (Certain NETGEAR devices are affected by privilege escalation. This aff ...) @@ -4580,7 +4580,7 @@ CVE-2021-23148 CVE-2021-44759 RESERVED CVE-2021-4088 (SQL injection vulnerability in Data Loss Protection (DLP) ePO extensio ...) - TODO: check + NOT-FOR-US: mcafee CVE-2021-4087 RESERVED CVE-2021-4086 @@ -58541,7 +58541,8 @@ CVE-2021-22567 (Bidirectional Unicode text can be interpreted and compiled diffe CVE-2021-22566 (An incorrect setting of UXN bits within mmu_flags_to_s1_pte_attr lead ...) TODO: check CVE-2021-22565 (An attacker could prematurely expire a verification code, making it un ...) - TODO: check + NOT-FOR-US: Google reference COVID19 exposure verification component + NOTE: https://github.com/google/exposure-notifications-verification-server CVE-2021-22564 (For certain valid JPEG XL images with a size slightly larger than an i ...) - jpeg-xl <not-affected> (Fixed with initial upload to Debian) NOTE: https://github.com/libjxl/libjxl/issues/708 @@ -64683,7 +64684,7 @@ CVE-2021-20159 (Trendnet AC2600 TEW-827DRU version 2.08B01 is vulnerable to comm CVE-2021-20158 (Trendnet AC2600 TEW-827DRU version 2.08B01 contains an authentication ...) NOT-FOR-US: Trendnet CVE-2021-20157 (It is possible for an unauthenticated, malicious user to force the dev ...) - TODO: check + NOT-FOR-US: Trendnet CVE-2021-20156 (Trendnet AC2600 TEW-827DRU version 2.08B01 contains an improper access ...) NOT-FOR-US: Trendnet CVE-2021-20155 (Trendnet AC2600 TEW-827DRU version 2.08B01 makes use of hardcoded cred ...) |