Process NFUs

author: Salvatore Bonaccorso <carnil@debian.org> 2021-04-03 09:29:14 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-04-03 09:29:14 +0200
commit: e297305e6a02bd6ea2c508538d926beef740c408 (patch)
tree: c0e9adffe02bcade473136c5843b3d931c60f696 /data/CVE/2021.list
parent: f7c1220cbd1470ebd874cfe19643898ec1651ba9 (diff)
1 files changed, 71 insertions, 71 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index b0e81673cd..6164527da6 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -246,7 +246,7 @@ CVE-2021-30003 (An issue was discovered on Nokia G-120W-F 3FE46606AGAB91 devices
 CVE-2021-30001
 	RESERVED
 CVE-2021-30000 (An issue was discovered in LATRIX 0.6.0. SQL injection in the txtacces ...)
-	TODO: check
+	NOT-FOR-US: LATRIX
 CVE-2021-29999
 	RESERVED
 CVE-2021-29998
@@ -377,9 +377,9 @@ CVE-2021-3481 [Out of bounds read in function QRadialFetchSimd from crafted svg
 CVE-2021-29943
 	RESERVED
 CVE-2021-29942 (An issue was discovered in the reorder crate through 2021-02-24 for Ru ...)
-	TODO: check
+	NOT-FOR-US: reorder crate
 CVE-2021-29941 (An issue was discovered in the reorder crate through 2021-02-24 for Ru ...)
-	TODO: check
+	NOT-FOR-US: reorder crate
 CVE-2021-29940 (An issue was discovered in the through crate through 2021-02-18 for Ru ...)
 	TODO: check
 CVE-2021-29939 (An issue was discovered in the stackvector crate through 2021-02-19 fo ...)
@@ -960,9 +960,9 @@ CVE-2021-29654
 CVE-2021-29653
 	RESERVED
 CVE-2021-29652 (Pomerium from version 0.10.0-0.13.3 has an Open Redirect in the user s ...)
-	TODO: check
+	NOT-FOR-US: Pomerium
 CVE-2021-29651 (Pomerium before 0.13.4 has an Open Redirect (issue 1 of 2). ...)
-	TODO: check
+	NOT-FOR-US: Pomerium
 CVE-2021-29650 (An issue was discovered in the Linux kernel before 5.11.11. The netfil ...)
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/175e476b8cdf2a4de7432583b49c871345e4f8a1
@@ -1489,7 +1489,7 @@ CVE-2021-29419
 CVE-2021-29418 (The netmask package before 2.0.1 for Node.js mishandles certain unexpe ...)
 	TODO: check
 CVE-2021-29417 (gitjacker before 0.1.0 allows remote attackers to execute arbitrary co ...)
-	TODO: check
+	NOT-FOR-US: gitjacker
 CVE-2021-29416 (An issue was discovered in PortSwigger Burp Suite before 2021.2. Durin ...)
 	NOT-FOR-US: Burp Suite (different from src:burp)
 CVE-2021-29415
@@ -2540,7 +2540,7 @@ CVE-2021-28942
 CVE-2021-28941
 	RESERVED
 CVE-2021-28940 (Because of a incorrect escaped exec command in MagpieRSS in 0.72 in th ...)
-	TODO: check
+	NOT-FOR-US: MagpieRSS
 CVE-2021-28939
 	RESERVED
 CVE-2021-28938
@@ -4315,9 +4315,9 @@ CVE-2021-28126 (index.jsp in TranzWare e-Commerce Payment Gateway (TWEC PG) befo
 CVE-2021-28125
 	RESERVED
 CVE-2021-28124 (A man-in-the-middle vulnerability in Cohesity DataPlatform support cha ...)
-	TODO: check
+	NOT-FOR-US: Cohesity DataPlatform support channel
 CVE-2021-28123 (Undocumented Default Cryptographic Key Vulnerability in Cohesity DataP ...)
-	TODO: check
+	NOT-FOR-US: Cohesity DataPlatform
 CVE-2021-28122 (A request-validation issue was discovered in Open5GS 2.1.3 through 2.2 ...)
 	NOT-FOR-US: Open5GS
 CVE-2021-28121
@@ -6327,7 +6327,7 @@ CVE-2021-27222 (In the "Time in Status" app before 4.13.0 for Jira, remote authe
 CVE-2021-27221 (** DISPUTED ** MikroTik RouterOS 6.47.9 allows remote authenticated ft ...)
 	NOT-FOR-US: MikroTik RouterOS
 CVE-2021-27220 (An issue was discovered in PRTG Network Monitor before 21.1.66.1623. B ...)
-	TODO: check
+	NOT-FOR-US: PRTG Network Monitor
 CVE-2021-27217 (An issue was discovered in the _send_secure_msg() function of Yubico y ...)
 	NOT-FOR-US: YubiHSM 2 SDK
 CVE-2021-27216
@@ -9384,7 +9384,7 @@ CVE-2021-25926
 CVE-2021-25925
 	RESERVED
 CVE-2021-25924 (In GoCD, versions 19.6.0 to 21.1.0 are vulnerable to Cross-Site Reques ...)
-	TODO: check
+	NOT-FOR-US: GoCD
 CVE-2021-25923
 	RESERVED
 CVE-2021-25922 (In OpenEMR, versions 4.2.0 to 6.0.0 are vulnerable to Reflected Cross- ...)
@@ -16139,7 +16139,7 @@ CVE-2021-22867
 CVE-2021-22866
 	RESERVED
 CVE-2021-22865 (An improper access control vulnerability was identified in GitHub Ente ...)
-	TODO: check
+	NOT-FOR-US: GitHub Enterprise Server
 CVE-2021-22864 (A remote code execution vulnerability was identified in GitHub Enterpr ...)
 	NOT-FOR-US: GitHub Enterprise
 CVE-2021-22863 (An improper access control vulnerability was identified in the GitHub  ...)
@@ -17503,7 +17503,7 @@ CVE-2021-22197 (An issue has been discovered in GitLab CE/EE affecting all versi
 CVE-2021-22196 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
 	TODO: check
 CVE-2021-22195 (Client side code execution in gitlab-vscode-extension v3.15.0 and earl ...)
-	TODO: check
+	NOT-FOR-US: gitlab-vscode-extension
 CVE-2021-22194 (In all versions of GitLab starting from 13.7, marshalled session keys  ...)
 	- gitlab <unfixed>
 CVE-2021-22193 (An issue has been discovered in GitLab affecting all versions starting ...)
@@ -23807,7 +23807,7 @@ CVE-2021-1881
 CVE-2021-1880
 	RESERVED
 CVE-2021-1879 (This issue was addressed by improved management of object lifetimes. T ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1878
 	RESERVED
 CVE-2021-1877
@@ -23939,7 +23939,7 @@ CVE-2021-1820
 CVE-2021-1819
 	RESERVED
 CVE-2021-1818 (A logic issue was addressed with improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1817
 	RESERVED
 CVE-2021-1816
@@ -23963,15 +23963,15 @@ CVE-2021-1808
 CVE-2021-1807
 	RESERVED
 CVE-2021-1806 (A race condition was addressed with additional validation. This issue  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1805 (An out-of-bounds write was addressed with improved input validation. T ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1804
 	RESERVED
 CVE-2021-1803 (The issue was addressed with improved permissions logic. This issue is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1802 (A logic issue was addressed with improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1801 (This issue was addressed with improved iframe sandbox enforcement. Thi ...)
 	{DSA-4877-1}
 	- webkit2gtk 2.30.6-1
@@ -23989,21 +23989,21 @@ CVE-2021-1799 (A port redirection issue was addressed with additional port valid
 CVE-2021-1798
 	RESERVED
 CVE-2021-1797 (The issue was addressed with improved permissions logic. This issue is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1796 (An out-of-bounds write was addressed with improved input validation. T ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1795 (An out-of-bounds write was addressed with improved input validation. T ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1794 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1793 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1792 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1791 (An out-of-bounds read issue existed that led to the disclosure of kern ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1790 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1789 (A type confusion issue was addressed with improved state handling. Thi ...)
 	{DSA-4877-1}
 	- webkit2gtk 2.30.6-1
@@ -24016,49 +24016,49 @@ CVE-2021-1788 (A use after free issue was addressed with improved memory managem
 	- wpewebkit <unfixed>
 	NOTE: https://webkitgtk.org/security/WSA-2021-0003.html
 CVE-2021-1787 (Multiple issues were addressed with improved logic. This issue is fixe ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1786 (A logic issue was addressed with improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1785 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1784
 	RESERVED
 CVE-2021-1783 (An access issue was addressed with improved memory management. This is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1782 (A race condition was addressed with improved locking. This issue is fi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1781 (A privacy issue existed in the handling of Contact cards. This was add ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1780 (A memory initialization issue was addressed with improved memory handl ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1779 (A logic error in kext loading was addressed with improved state handli ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1778 (An out-of-bounds read issue existed in the curl. This issue was addres ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1777 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1776 (An out-of-bounds write issue was addressed with improved bounds checki ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1775 (This issue was addressed by removing the vulnerable code. This issue i ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1774 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1773 (A logic issue was addressed with improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1772 (A stack overflow was addressed with improved input validation. This is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1771 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1770
 	RESERVED
 CVE-2021-1769 (A logic issue was addressed with improved validation. This issue is fi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1768 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1767 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1766 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1765 (This issue was addressed with improved iframe sandbox enforcement. Thi ...)
 	{DSA-4877-1}
 	- webkit2gtk 2.30.6-1
@@ -24066,63 +24066,63 @@ CVE-2021-1765 (This issue was addressed with improved iframe sandbox enforcement
 	- wpewebkit 2.30.6-1
 	NOTE: https://webkitgtk.org/security/WSA-2021-0002.html
 CVE-2021-1764 (A use after free issue was addressed with improved memory management.  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1763 (A buffer overflow was addressed with improved bounds checking. This is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1762
 	RESERVED
 CVE-2021-1761 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1760 (A memory corruption issue was addressed with improved state management ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1759 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1758 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1757 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1756 (A lock screen issue allowed access to contacts on a locked device. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1755 (A lock screen issue allowed access to contacts on a locked device. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1754 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1753 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1752
 	RESERVED
 CVE-2021-1751 (A logic issue was addressed with improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1750 (Multiple issues were addressed with improved logic. This issue is fixe ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1749
 	RESERVED
 CVE-2021-1748 (A validation issue was addressed with improved input sanitization. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1747 (An out-of-bounds write was addressed with improved input validation. T ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1746 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1745 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1744 (An out-of-bounds write was addressed with improved input validation. T ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1743 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1742 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1741 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1740
 	RESERVED
 CVE-2021-1739
 	RESERVED
 CVE-2021-1738 (An out-of-bounds write was addressed with improved input validation. T ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1737 (An out-of-bounds write was addressed with improved input validation. T ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1736 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-1735
 	RESERVED
 CVE-2021-1734 (Windows Remote Procedure Call Information Disclosure Vulnerability ...)
author	Salvatore Bonaccorso <carnil@debian.org>	2021-04-03 09:29:14 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-04-03 09:29:14 +0200
commit	e297305e6a02bd6ea2c508538d926beef740c408 (patch)
tree	c0e9adffe02bcade473136c5843b3d931c60f696 /data/CVE/2021.list
parent	f7c1220cbd1470ebd874cfe19643898ec1651ba9 (diff)