Process NFUs

author: Salvatore Bonaccorso <carnil@debian.org> 2021-04-03 09:29:14 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-04-03 09:29:14 +0200
commit: e297305e6a02bd6ea2c508538d926beef740c408 (patch)
tree: c0e9adffe02bcade473136c5843b3d931c60f696
parent: f7c1220cbd1470ebd874cfe19643898ec1651ba9 (diff)
3 files changed, 145 insertions, 145 deletions
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 14369d6340..78d589cc96 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -1211,13 +1211,13 @@ CVE-2019-20468 (An issue was discovered in SeTracker2 for TK-Star Q90 Junior GPS
 CVE-2019-20467
 	RESERVED
 CVE-2019-20466 (An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2  ...)
-	TODO: check
+	NOT-FOR-US: Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices
 CVE-2019-20465 (An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2  ...)
-	TODO: check
+	NOT-FOR-US: Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices
 CVE-2019-20464 (An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2  ...)
-	TODO: check
+	NOT-FOR-US: Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices
 CVE-2019-20463 (An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2  ...)
-	TODO: check
+	NOT-FOR-US: Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices
 CVE-2019-20462
 	RESERVED
 CVE-2019-20461
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index f8580116ca..8ec71c9ae1 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -2981,7 +2981,7 @@ CVE-2020-29641
 CVE-2020-29640
 	RESERVED
 CVE-2020-29639 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-29638
 	RESERVED
 CVE-2020-29637
@@ -2993,7 +2993,7 @@ CVE-2020-29635
 CVE-2020-29634
 	RESERVED
 CVE-2020-29633 (An authentication issue was addressed with improved state management.  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-29632
 	RESERVED
 CVE-2020-29631
@@ -3009,9 +3009,9 @@ CVE-2020-29627
 CVE-2020-29626
 	RESERVED
 CVE-2020-29625 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-29624 (A memory corruption issue existed in the processing of font files. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-29623 ("Clear History and Website Data" did not clear the history. The issue  ...)
 	{DSA-4877-1}
 	- webkit2gtk 2.30.6-1
@@ -3021,33 +3021,33 @@ CVE-2020-29623 ("Clear History and Website Data" did not clear the history. The
 CVE-2020-29622
 	RESERVED
 CVE-2020-29621 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-29620 (This issue was addressed with improved entitlements. This issue is fix ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-29619 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-29618 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-29617 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-29616 (A memory corruption issue was addressed with improved input validation ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-29615 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-29614 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-29613 (A logic issue was addressed with improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-29612 (An out-of-bounds write issue was addressed with improved bounds checki ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-29611 (An out-of-bounds write issue was addressed with improved bounds checki ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-29610 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-29609
 	RESERVED
 CVE-2020-29608 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-29607 (A file upload restriction bypass vulnerability in Pluck CMS before 4.7 ...)
 	NOT-FOR-US: Pluck CMS
 CVE-2020-35921 (An issue was discovered in the miow crate before 0.3.6 for Rust. It ha ...)
@@ -5987,7 +5987,7 @@ CVE-2020-28348 (HashiCorp Nomad and Nomad Enterprise 0.9.0 up to 0.12.7 client D
 CVE-2020-28347 (tdpServer on TP-Link Archer A7 AC1750 devices before 201029 allows rem ...)
 	NOT-FOR-US: TP-Link
 CVE-2020-28346 (ACRN through 2.2 has a devicemodel/hw/pci/virtio/virtio.c NULL Pointer ...)
-	TODO: check
+	NOT-FOR-US: ACRN
 CVE-2020-28345 (An issue was discovered on LG mobile devices with Android OS 10 softwa ...)
 	NOT-FOR-US: LG mobile devices
 CVE-2020-28344 (An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, ...)
@@ -6856,49 +6856,49 @@ CVE-2020-27954
 CVE-2020-27953
 	RESERVED
 CVE-2020-27952 (An out-of-bounds write was addressed with improved input validation. T ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27951 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27950 (A memory initialization issue was addressed. This issue is fixed in ma ...)
 	NOT-FOR-US: Apple
 CVE-2020-27949 (This issue was addressed with improved checks to prevent unauthorized  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27948 (An out-of-bounds write issue was addressed with improved bounds checki ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27947 (A memory corruption issue was addressed with improved input validation ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27946 (An information disclosure issue was addressed with improved state mana ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27945 (An integer overflow was addressed with improved input validation. This ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27944 (A memory corruption issue existed in the processing of font files. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27943 (A memory corruption issue existed in the processing of font files. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27942
 	RESERVED
 CVE-2020-27941 (A validation issue was addressed with improved logic. This issue is fi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27940
 	RESERVED
 CVE-2020-27939 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27938 (A logic issue was addressed with improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27937 (A logic issue was addressed with improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27936 (An out-of-bounds read issue existed that led to the disclosure of kern ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27935 (Multiple issues were addressed with improved logic. This issue is fixe ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27934
 	RESERVED
 CVE-2020-27933 (A memory corruption issue was addressed with improved input validation ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27932 (A type confusion issue was addressed with improved state handling. Thi ...)
 	NOT-FOR-US: Apple
 CVE-2020-27931 (A memory corruption issue existed in the processing of font files. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27930 (A memory corruption issue was addressed with improved input validation ...)
 	NOT-FOR-US: Apple
 CVE-2020-27929 (A logic issue existed in the handling of Group FaceTime calls. The iss ...)
@@ -6912,17 +6912,17 @@ CVE-2020-27926 (A use after free issue was addressed with improved memory manage
 CVE-2020-27925 (An issue existed in the handling of incoming calls. The issue was addr ...)
 	NOT-FOR-US: Apple
 CVE-2020-27924 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27923 (An out-of-bounds write was addressed with improved input validation. T ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27922 (A logic issue was addressed with improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27921 (A race condition was addressed with improved state handling. This issu ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27920 (A use after free issue was addressed with improved memory management.  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27919 (An out-of-bounds write was addressed with improved input validation. T ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27918 (A use after free issue was addressed with improved memory management.  ...)
 	{DSA-4877-1}
 	- webkit2gtk 2.30.6-1
@@ -6934,9 +6934,9 @@ CVE-2020-27917 (A use after free issue was addressed with improved memory manage
 CVE-2020-27916 (An out-of-bounds write was addressed with improved input validation. T ...)
 	NOT-FOR-US: Apple
 CVE-2020-27915 (A memory corruption issue was addressed with improved input validation ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27914 (A memory corruption issue was addressed with improved input validation ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27913
 	RESERVED
 CVE-2020-27912 (An out-of-bounds write was addressed with improved input validation. T ...)
@@ -6948,9 +6948,9 @@ CVE-2020-27910 (An out-of-bounds read was addressed with improved input validati
 CVE-2020-27909 (An out-of-bounds read was addressed with improved input validation. Th ...)
 	NOT-FOR-US: Apple
 CVE-2020-27908 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27907 (A memory corruption issue was addressed with improved memory handling. ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27906 (Multiple integer overflows were addressed with improved input validati ...)
 	NOT-FOR-US: Apple
 CVE-2020-27905 (A memory corruption issue was addressed with improved state management ...)
@@ -6962,15 +6962,15 @@ CVE-2020-27903 (This issue was addressed by removing the vulnerable code. This i
 CVE-2020-27902 (An authentication issue was addressed with improved state management.  ...)
 	NOT-FOR-US: Apple
 CVE-2020-27901 (A logic issue was addressed with improved restrictions. This issue is  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27900 (An issue existed in the handling of snapshots. The issue was resolved  ...)
 	NOT-FOR-US: Apple
 CVE-2020-27899 (A use after free issue was addressed with improved memory management.  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27898 (A denial of service issue was addressed with improved state handling.  ...)
 	NOT-FOR-US: Apple
 CVE-2020-27897 (An out-of-bounds write issue was addressed with improved bounds checki ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27896 (A path handling issue was addressed with improved validation. This iss ...)
 	NOT-FOR-US: Apple
 CVE-2020-27895 (An information disclosure issue existed in the transition of program s ...)
@@ -6978,7 +6978,7 @@ CVE-2020-27895 (An information disclosure issue existed in the transition of pro
 CVE-2020-27894 (The issue was addressed with additional user controls. This issue is f ...)
 	NOT-FOR-US: Apple
 CVE-2020-27893 (An issue existed in screen sharing. This issue was addressed with impr ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-27892 (The Zigbee protocol implementation on Texas Instruments CC2538 devices ...)
 	NOT-FOR-US: Texas Instruments CC2538 devices
 CVE-2020-27891 (The Zigbee protocol implementation on Texas Instruments CC2538 devices ...)
@@ -24928,13 +24928,13 @@ CVE-2020-19621
 CVE-2020-19620
 	RESERVED
 CVE-2020-19619 (Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the signatur ...)
-	TODO: check
+	NOT-FOR-US: mblog
 CVE-2020-19618 (Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the post con ...)
-	TODO: check
+	NOT-FOR-US: mblog
 CVE-2020-19617 (Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the nickname ...)
-	TODO: check
+	NOT-FOR-US: mblog
 CVE-2020-19616 (Cross Site Scripting (XSS) vulnerability in mblog 3.5 via the post hea ...)
-	TODO: check
+	NOT-FOR-US: mblog
 CVE-2020-19615
 	RESERVED
 CVE-2020-19614
@@ -43030,13 +43030,13 @@ CVE-2020-11927
 CVE-2020-11926
 	RESERVED
 CVE-2020-11925 (An issue was discovered in Luvion Grand Elite 3 Connect through 2020-0 ...)
-	TODO: check
+	NOT-FOR-US: Luvion Grand Elite 3 Connect
 CVE-2020-11924 (An issue was discovered in WiZ Colors A60 1.14.0. Wi-Fi credentials ar ...)
-	TODO: check
+	NOT-FOR-US: WiZ Colors A60
 CVE-2020-11923 (An issue was discovered in WiZ Colors A60 1.14.0. API credentials are  ...)
-	TODO: check
+	NOT-FOR-US: WiZ Colors A60
 CVE-2020-11922 (An issue was discovered in WiZ Colors A60 1.14.0. The device sends unn ...)
-	TODO: check
+	NOT-FOR-US: WiZ Colors A60
 CVE-2020-11921
 	RESERVED
 CVE-2020-11920 (An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3. ...)
@@ -47948,7 +47948,7 @@ CVE-2020-9997 (An information disclosure issue was addressed with improved state
 CVE-2020-9996 (A use after free issue was addressed with improved memory management.  ...)
 	NOT-FOR-US: Apple
 CVE-2020-9995 (An issue existed in the parsing of URLs. This issue was addressed with ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9994 (A path handling issue was addressed with improved validation. This iss ...)
 	NOT-FOR-US: Apple
 CVE-2020-9993 (The issue was addressed with improved UI handling. This issue is fixed ...)
@@ -47988,13 +47988,13 @@ CVE-2020-9980 (An out-of-bounds write issue was addressed with improved bounds c
 CVE-2020-9979 (A trust issue was addressed by removing a legacy API. This issue is fi ...)
 	NOT-FOR-US: Apple
 CVE-2020-9978 (This issue was addressed with improved setting propagation. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9977 (A validation issue existed in the entitlement verification. This issue ...)
 	NOT-FOR-US: Apple
 CVE-2020-9976 (A logic issue was addressed with improved state management. This issue ...)
 	NOT-FOR-US: Apple
 CVE-2020-9975 (A use after free issue was addressed with improved memory management.  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9974 (A logic issue was addressed with improved state management. This issue ...)
 	NOT-FOR-US: Apple
 CVE-2020-9973 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
@@ -48002,7 +48002,7 @@ CVE-2020-9973 (An out-of-bounds read was addressed with improved bounds checking
 CVE-2020-9972 (A buffer overflow issue was addressed with improved memory handling. T ...)
 	NOT-FOR-US: Apple
 CVE-2020-9971 (A logic issue was addressed with improved validation. This issue is fi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9970
 	RESERVED
 CVE-2020-9969 (An access issue was addressed with additional sandbox restrictions. Th ...)
@@ -48010,7 +48010,7 @@ CVE-2020-9969 (An access issue was addressed with additional sandbox restriction
 CVE-2020-9968 (A logic issue was addressed with improved restrictions. This issue is  ...)
 	NOT-FOR-US: Apple
 CVE-2020-9967 (Multiple memory corruption issues were addressed with improved input v ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9966 (An out-of-bounds read was addressed with improved input validation. Th ...)
 	NOT-FOR-US: Apple
 CVE-2020-9965 (An out-of-bounds read was addressed with improved input validation. Th ...)
@@ -48020,11 +48020,11 @@ CVE-2020-9964 (A memory initialization issue was addressed with improved memory
 CVE-2020-9963 (The issue was addressed with improved handling of icon caches. This is ...)
 	NOT-FOR-US: Apple
 CVE-2020-9962 (A buffer overflow was addressed with improved size validation. This is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9961 (An out-of-bounds read was addressed with improved input validation. Th ...)
 	NOT-FOR-US: Apple
 CVE-2020-9960 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9959 (A lock screen issue allowed access to messages on a locked device. Thi ...)
 	NOT-FOR-US: Apple
 CVE-2020-9958 (An out-of-bounds write issue was addressed with improved bounds checki ...)
@@ -48032,9 +48032,9 @@ CVE-2020-9958 (An out-of-bounds write issue was addressed with improved bounds c
 CVE-2020-9957
 	RESERVED
 CVE-2020-9956 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9955 (An out-of-bounds write issue was addressed with improved bounds checki ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9954 (A buffer overflow issue was addressed with improved memory handling. T ...)
 	NOT-FOR-US: Apple
 CVE-2020-9953
@@ -48103,7 +48103,7 @@ CVE-2020-9932 (A memory corruption issue was addressed with improved validation.
 CVE-2020-9931 (A denial of service issue was addressed with improved input validation ...)
 	NOT-FOR-US: Apple
 CVE-2020-9930 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9929 (A memory corruption issue was addressed with improved memory handling. ...)
 	NOT-FOR-US: Apple
 CVE-2020-9928 (Multiple memory corruption issues were addressed with improved memory  ...)
@@ -48111,7 +48111,7 @@ CVE-2020-9928 (Multiple memory corruption issues were addressed with improved me
 CVE-2020-9927 (A memory corruption issue was addressed with improved input validation ...)
 	NOT-FOR-US: Apple
 CVE-2020-9926 (A use after free issue was addressed with improved memory management.  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-9925 (A logic issue was addressed with improved state management. This issue ...)
 	{DSA-4739-1}
 	- webkit2gtk 2.28.4-1
@@ -48529,7 +48529,7 @@ CVE-2020-10017 (An out-of-bounds write was addressed with improved input validat
 CVE-2020-10016 (A memory corruption issue was addressed with improved state management ...)
 	NOT-FOR-US: Apple
 CVE-2020-10015 (An out-of-bounds write issue was addressed with improved bounds checki ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-10014 (A parsing issue in the handling of directory paths was addressed with  ...)
 	NOT-FOR-US: Apple
 CVE-2020-10013 (A logic issue was addressed with improved state management. This issue ...)
@@ -48543,7 +48543,7 @@ CVE-2020-10010 (A path handling issue was addressed with improved validation. Th
 CVE-2020-10009 (A logic issue was addressed with improved state management. This issue ...)
 	NOT-FOR-US: Apple
 CVE-2020-10008 (A logic issue was addressed with improved restrictions. This issue is  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-10007 (A logic issue was addressed with improved state management. This issue ...)
 	NOT-FOR-US: Apple
 CVE-2020-10006 (This issue was addressed with improved entitlements. This issue is fix ...)
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index b0e81673cd..6164527da6 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -246,7 +246,7 @@ CVE-2021-30003 (An issue was discovered on Nokia G-120W-F 3FE46606AGAB91 devices
 CVE-2021-30001
 	RESERVED
 CVE-2021-30000 (An issue was discovered in LATRIX 0.6.0. SQL injection in the txtacces ...)
-	TODO: check
+	NOT-FOR-US: LATRIX
 CVE-2021-29999
 	RESERVED
 CVE-2021-29998
@@ -377,9 +377,9 @@ CVE-2021-3481 [Out of bounds read in function QRadialFetchSimd from crafted svg
 CVE-2021-29943
 	RESERVED
 CVE-2021-29942 (An issue was discovered in the reorder crate through 2021-02-24 for Ru ...)
-	TODO: check
+	NOT-FOR-US: reorder crate
 CVE-2021-29941 (An issue was discovered in the reorder crate through 2021-02-24 for Ru ...)
-	TODO: check
+	NOT-FOR-US: reorder crate
 CVE-2021-29940 (An issue was discovered in the through crate through 2021-02-18 for Ru ...)
 	TODO: check
 CVE-2021-29939 (An issue was discovered in the stackvector crate through 2021-02-19 fo ...)
@@ -960,9 +960,9 @@ CVE-2021-29654
 CVE-2021-29653
 	RESERVED
 CVE-2021-29652 (Pomerium from version 0.10.0-0.13.3 has an Open Redirect in the user s ...)
-	TODO: check
+	NOT-FOR-US: Pomerium
 CVE-2021-29651 (Pomerium before 0.13.4 has an Open Redirect (issue 1 of 2). ...)
-	TODO: check
+	NOT-FOR-US: Pomerium
 CVE-2021-29650 (An issue was discovered in the Linux kernel before 5.11.11. The netfil ...)
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/175e476b8cdf2a4de7432583b49c871345e4f8a1
@@ -1489,7 +1489,7 @@ CVE-2021-29419
 CVE-2021-29418 (The netmask package before 2.0.1 for Node.js mishandles certain unexpe ...)
 	TODO: check
 CVE-2021-29417 (gitjacker before 0.1.0 allows remote attackers to execute arbitrary co ...)
-	TODO: check
+	NOT-FOR-US: gitjacker
 CVE-2021-29416 (An issue was discovered in PortSwigger Burp Suite before 2021.2. Durin ...)
 	NOT-FOR-US: Burp Suite (different from src:burp)
 CVE-2021-29415
@@ -2540,7 +2540,7 @@ CVE-2021-28942
 CVE-2021-28941
 	RESERVED
 CVE-2021-28940 (Because of a incorrect escaped exec command in MagpieRSS in 0.72 in th ...)
-	TODO: check
+	NOT-FOR-US: MagpieRSS
 CVE-2021-28939
 	RESERVED
 CVE-2021-28938
@@ -4315,9 +4315,9 @@ CVE-2021-28126 (index.jsp in TranzWare e-Commerce Payment Gateway (TWEC PG) befo
 CVE-2021-28125
 	RESERVED
 CVE-2021-28124 (A man-in-the-middle vulnerability in Cohesity DataPlatform support cha ...)
-	TODO: check
+	NOT-FOR-US: Cohesity DataPlatform support channel
 CVE-2021-28123 (Undocumented Default Cryptographic Key Vulnerability in Cohesity DataP ...)
-	TODO: check
+	NOT-FOR-US: Cohesity DataPlatform
 CVE-2021-28122 (A request-validation issue was discovered in Open5GS 2.1.3 through 2.2 ...)
 	NOT-FOR-US: Open5GS
 CVE-2021-28121
@@ -6327,7 +6327,7 @@ CVE-2021-27222 (In the "Time in Status" app before 4.13.0 for Jira, remote authe
 CVE-2021-27221 (** DISPUTED ** MikroTik RouterOS 6.47.9 allows remote authenticated ft ...)
 	NOT-FOR-US: MikroTik RouterOS
 CVE-2021-27220 (An issue was discovered in PRTG Network Monitor before 21.1.66.1623. B ...)
-	TODO: check
+	NOT-FOR-US: PRTG Network Monitor
 CVE-2021-27217 (An issue was discovered in the _send_secure_msg() function of Yubico y ...)
 	NOT-FOR-US: YubiHSM 2 SDK
 CVE-2021-27216
@@ -9384,7 +9384,7 @@ CVE-2021-25926
 CVE-2021-25925
 	RESERVED
 CVE-2021-25924 (In GoCD, versions 19.6.0 to 21.1.0 are vulnerable to Cross-Site Reques ...)
-	TODO: check
+	NOT-FOR-US: GoCD
 CVE-2021-25923
 	RESERVED
 CVE-2021-25922 (In OpenEMR, versions 4.2.0 to 6.0.0 are vulnerable to Reflected Cross- ...)
@@ -16139,7 +16139,7 @@ CVE-2021-22867
 CVE-2021-22866
 	RESERVED
 CVE-2021-22865 (An improper access control vulnerability was identified in GitHub Ente ...)
-	TODO: check
+	NOT-FOR-US: GitHub Enterprise Server
 CVE-2021-22864 (A remote code execution vulnerability was identified in GitHub Enterpr ...)
 	NOT-FOR-US: GitHub Enterprise
 CVE-2021-22863 (An improper access control vulnerability was identified in the GitHub  ...)
@@ -17503,7 +17503,7 @@ CVE-2021-22197 (An issue has been discovered in GitLab CE/EE affecting all versi
 CVE-2021-22196 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
 	TODO: check
 CVE-2021-22195 (Client side code execution in gitlab-vscode-extension v3.15.0 and earl ...)
-	TODO: check
+	NOT-FOR-US: gitlab-vscode-extension
 CVE-2021-22194 (In all versions of GitLab starting from 13.7, marshalled session keys  ...)
 	- gitlab <unfixed>
 CVE-2021-22193 (An issue has been discovered in GitLab affecting all versions starting ...)
@@ -23807,7 +23807,7 @@ CVE-2021-1881
 CVE-2021-1880
 	RESERVED
 CVE-2021-1879 (This issue was addressed by improved management of object lifetimes. T ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1878
 	RESERVED
 CVE-2021-1877
@@ -23939,7 +23939,7 @@ CVE-2021-1820
 CVE-2021-1819
 	RESERVED
 CVE-2021-1818 (A logic issue was addressed with improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1817
 	RESERVED
 CVE-2021-1816
@@ -23963,15 +23963,15 @@ CVE-2021-1808
 CVE-2021-1807
 	RESERVED
 CVE-2021-1806 (A race condition was addressed with additional validation. This issue  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1805 (An out-of-bounds write was addressed with improved input validation. T ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1804
 	RESERVED
 CVE-2021-1803 (The issue was addressed with improved permissions logic. This issue is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1802 (A logic issue was addressed with improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1801 (This issue was addressed with improved iframe sandbox enforcement. Thi ...)
 	{DSA-4877-1}
 	- webkit2gtk 2.30.6-1
@@ -23989,21 +23989,21 @@ CVE-2021-1799 (A port redirection issue was addressed with additional port valid
 CVE-2021-1798
 	RESERVED
 CVE-2021-1797 (The issue was addressed with improved permissions logic. This issue is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1796 (An out-of-bounds write was addressed with improved input validation. T ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1795 (An out-of-bounds write was addressed with improved input validation. T ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1794 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1793 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1792 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1791 (An out-of-bounds read issue existed that led to the disclosure of kern ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1790 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1789 (A type confusion issue was addressed with improved state handling. Thi ...)
 	{DSA-4877-1}
 	- webkit2gtk 2.30.6-1
@@ -24016,49 +24016,49 @@ CVE-2021-1788 (A use after free issue was addressed with improved memory managem
 	- wpewebkit <unfixed>
 	NOTE: https://webkitgtk.org/security/WSA-2021-0003.html
 CVE-2021-1787 (Multiple issues were addressed with improved logic. This issue is fixe ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1786 (A logic issue was addressed with improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1785 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1784
 	RESERVED
 CVE-2021-1783 (An access issue was addressed with improved memory management. This is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1782 (A race condition was addressed with improved locking. This issue is fi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1781 (A privacy issue existed in the handling of Contact cards. This was add ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1780 (A memory initialization issue was addressed with improved memory handl ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1779 (A logic error in kext loading was addressed with improved state handli ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1778 (An out-of-bounds read issue existed in the curl. This issue was addres ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1777 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1776 (An out-of-bounds write issue was addressed with improved bounds checki ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1775 (This issue was addressed by removing the vulnerable code. This issue i ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1774 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1773 (A logic issue was addressed with improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1772 (A stack overflow was addressed with improved input validation. This is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1771 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1770
 	RESERVED
 CVE-2021-1769 (A logic issue was addressed with improved validation. This issue is fi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1768 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1767 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1766 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1765 (This issue was addressed with improved iframe sandbox enforcement. Thi ...)
 	{DSA-4877-1}
 	- webkit2gtk 2.30.6-1
@@ -24066,63 +24066,63 @@ CVE-2021-1765 (This issue was addressed with improved iframe sandbox enforcement
 	- wpewebkit 2.30.6-1
 	NOTE: https://webkitgtk.org/security/WSA-2021-0002.html
 CVE-2021-1764 (A use after free issue was addressed with improved memory management.  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1763 (A buffer overflow was addressed with improved bounds checking. This is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1762
 	RESERVED
 CVE-2021-1761 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1760 (A memory corruption issue was addressed with improved state management ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1759 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1758 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1757 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1756 (A lock screen issue allowed access to contacts on a locked device. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1755 (A lock screen issue allowed access to contacts on a locked device. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1754 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1753 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1752
 	RESERVED
 CVE-2021-1751 (A logic issue was addressed with improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1750 (Multiple issues were addressed with improved logic. This issue is fixe ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1749
 	RESERVED
 CVE-2021-1748 (A validation issue was addressed with improved input sanitization. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1747 (An out-of-bounds write was addressed with improved input validation. T ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1746 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1745 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1744 (An out-of-bounds write was addressed with improved input validation. T ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1743 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1742 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1741 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1740
 	RESERVED
 CVE-2021-1739
 	RESERVED
 CVE-2021-1738 (An out-of-bounds write was addressed with improved input validation. T ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1737 (An out-of-bounds write was addressed with improved input validation. T ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1736 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1735
 	RESERVED
 CVE-2021-1734 (Windows Remote Procedure Call Information Disclosure Vulnerability ...)
author	Salvatore Bonaccorso <carnil@debian.org>	2021-04-03 09:29:14 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-04-03 09:29:14 +0200
commit	e297305e6a02bd6ea2c508538d926beef740c408 (patch)
tree	c0e9adffe02bcade473136c5843b3d931c60f696
parent	f7c1220cbd1470ebd874cfe19643898ec1651ba9 (diff)