From 20513fbdbbfc76ea21c60d34fb04a66ad7f0a83b Mon Sep 17 00:00:00 2001 From: Moritz Muehlenhoff Date: Mon, 15 Nov 2021 18:24:35 +0100 Subject: NFUs new gitlab issue --- data/CVE/2002.list | 2 +- data/CVE/2021.list | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/data/CVE/2002.list b/data/CVE/2002.list index e11b76ab2a..d32b288e4d 100644 --- a/data/CVE/2002.list +++ b/data/CVE/2002.list @@ -1,5 +1,5 @@ CVE-2002-20001 (The Diffie-Hellman Key Agreement Protocol allows remote attackers (fro ...) - TODO: check + NOT-FOR-US: Diffie Hellmann kex protocol issue CVE-2002-2447 RESERVED CVE-2002-2446 (GE Healthcare Millennium MG, NC, and MyoSIGHT has a password of insite ...) diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 71ada7f8d8..82df769e8e 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -249,7 +249,7 @@ CVE-2021-43622 CVE-2021-43621 RESERVED CVE-2021-43620 (An issue was discovered in the fruity crate through 0.2.0 for Rust. Se ...) - TODO: check + NOT-FOR-US: Rust crate fruity CVE-2021-43619 RESERVED CVE-2021-43618 (GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an m ...) @@ -10259,7 +10259,7 @@ CVE-2021-3729 (firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) .. CVE-2021-3728 (firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) ...) NOT-FOR-US: firefly-iii CVE-2021-39303 (The server in Jamf Pro before 10.32.0 has a vulnerability affecting in ...) - TODO: check + NOT-FOR-US: Jamf Pro CVE-2021-39302 (MISP 2.4.148, in certain configurations, allows SQL injection via the ...) NOT-FOR-US: MISP CVE-2021-39301 @@ -31871,7 +31871,7 @@ CVE-2021-30323 CVE-2021-30322 RESERVED CVE-2021-30321 (Possible buffer overflow due to lack of parameter length check during ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2021-30320 RESERVED CVE-2021-30319 @@ -31981,7 +31981,7 @@ CVE-2021-30268 CVE-2021-30267 RESERVED CVE-2021-30266 (Possible use after free due to improper memory validation when initial ...) - TODO: check + NOT-FOR-US: Qualcomm components for Android CVE-2021-30265 (Possible memory corruption due to improper validation of memory addres ...) NOT-FOR-US: Qualcomm components for Android CVE-2021-30264 (Possible use after free due improper validation of reference from call ...) @@ -50860,7 +50860,7 @@ CVE-2021-22262 (Missing access control in GitLab version 13.10 and above with Ji CVE-2021-22261 (A stored Cross-Site Scripting vulnerability in the Jira integration in ...) - gitlab CVE-2021-22260 (A stored Cross-Site Scripting vulnerability in the DataDog integration ...) - TODO: check + - gitlab CVE-2021-22259 (A potential DOS vulnerability was discovered in GitLab EE starting wit ...) - gitlab (Specific to EE) CVE-2021-22258 (The project import/export feature in GitLab 8.9 and greater could be u ...) @@ -57871,7 +57871,7 @@ CVE-2021-1914 (Loop with unreachable exit condition may occur due to improper ha CVE-2021-1913 (Possible integer overflow due to improper length check while updating ...) NOT-FOR-US: Qualcomm components for Android CVE-2021-1912 (Possible integer overflow can occur due to improper length check while ...) - TODO: check + NOT-FOR-US: Qualcomm components for Android CVE-2021-1911 RESERVED CVE-2021-1910 (Double free in video due to lack of input buffer length check in Snapd ...) -- cgit v1.2.3