[Git][security-tracker-team/security-tracker][master] automatic update

Fri Dec 10 08:10:20 GMT 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
66a20405 by security tracker role at 2021-12-10T08:10:12+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,85 @@
+CVE-2022-21812
+	RESERVED
+CVE-2022-21804
+	RESERVED
+CVE-2022-21794
+	RESERVED
+CVE-2022-21793
+	RESERVED
+CVE-2022-21239
+	RESERVED
+CVE-2022-21229
+	RESERVED
+CVE-2022-21226
+	RESERVED
+CVE-2022-21206
+	RESERVED
+CVE-2022-21188
+	RESERVED
+CVE-2022-21185
+	RESERVED
+CVE-2022-21175
+	RESERVED
+CVE-2022-21171
+	RESERVED
+CVE-2022-21163
+	RESERVED
+CVE-2022-21162
+	RESERVED
+CVE-2022-21161
+	RESERVED
+CVE-2022-21156
+	RESERVED
+CVE-2022-21152
+	RESERVED
+CVE-2022-21150
+	RESERVED
+CVE-2022-21148
+	RESERVED
+CVE-2022-21135
+	RESERVED
+CVE-2021-44789
+	RESERVED
+CVE-2021-44788
+	RESERVED
+CVE-2021-44787
+	RESERVED
+CVE-2021-44786
+	RESERVED
+CVE-2021-44785
+	RESERVED
+CVE-2021-44784
+	RESERVED
+CVE-2021-44783
+	RESERVED
+CVE-2021-44782
+	RESERVED
+CVE-2021-44781
+	RESERVED
+CVE-2021-44780
+	RESERVED
+CVE-2021-44764
+	RESERVED
+CVE-2021-4089
+	RESERVED
+CVE-2021-37408
+	RESERVED
+CVE-2021-31565
+	RESERVED
+CVE-2021-26261
+	RESERVED
+CVE-2021-26255
+	RESERVED
+CVE-2021-23189
+	RESERVED
+CVE-2021-23175
+	RESERVED
+CVE-2021-23171
+	RESERVED
+CVE-2021-23170
+	RESERVED
+CVE-2021-23148
+	RESERVED
 CVE-2021-44759
 	RESERVED
 CVE-2021-4088
@@ -713,8 +795,8 @@ CVE-2021-44516
 	RESERVED
 CVE-2021-44515
 	RESERVED
-CVE-2021-44514
-	RESERVED
+CVE-2021-44514 (ManageEngine's OpUtils 12.5.556 and prior allow access to a few audit  ...)
+	TODO: check
 CVE-2021-44513 (Insecure creation of temporary directories in tmate-ssh-server 2.3.0 a ...)
 	- tmate-ssh-server <unfixed> (bug #1001225)
 	NOTE: Fixed by: https://github.com/tmate-io/tmate-ssh-server/commit/1c020d1f5ca462f5b150b46a027aaa1bbe3c9596
@@ -1079,8 +1161,8 @@ CVE-2021-44354
 	RESERVED
 CVE-2021-4034
 	RESERVED
-CVE-2021-4033
-	RESERVED
+CVE-2021-4033 (kimai2 is vulnerable to Cross-Site Request Forgery (CSRF) ...)
+	TODO: check
 CVE-2019-25053
 	RESERVED
 CVE-2021-44353
@@ -2131,8 +2213,8 @@ CVE-2021-43984
 	RESERVED
 CVE-2021-43983
 	RESERVED
-CVE-2021-43982
-	RESERVED
+CVE-2021-43982 (Delta Electronics CNCSoft Versions 1.01.30 and prior are vulnerable to ...)
+	TODO: check
 CVE-2021-43981
 	RESERVED
 CVE-2021-43980
@@ -2718,10 +2800,10 @@ CVE-2021-43805 (Solidus is a free, open-source ecommerce platform built on Rails
 	NOT-FOR-US: Solidus
 CVE-2021-43804
 	RESERVED
-CVE-2021-43803
-	RESERVED
-CVE-2021-43802
-	RESERVED
+CVE-2021-43803 (Next.js is a React framework. In versions of Next.js prior to 12.0.5 o ...)
+	TODO: check
+CVE-2021-43802 (Etherpad is a real-time collaborative editor. In versions prior to 1.8 ...)
+	TODO: check
 CVE-2021-43801
 	RESERVED
 CVE-2021-43800 (Wiki.js is a wiki app built on Node.js. Prior to version 2.5.254, dire ...)
@@ -7074,7 +7156,7 @@ CVE-2021-42773 (Broadcom Emulex HBA Manager/One Command Manager versions before
 CVE-2021-42772 (Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.4 ...)
 	NOT-FOR-US: Broadcom Emulex HBA Manager/One Command Manager
 CVE-2021-42771 (Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary  ...)
-	{DLA-2790-1}
+	{DSA-5018-1 DLA-2790-1}
 	- python-babel 2.8.0+dfsg.1-7 (bug #987824)
 	NOTE: https://www.tenable.com/security/research/tra-2021-14
 	NOTE: https://github.com/python-babel/babel/pull/782
@@ -20269,8 +20351,8 @@ CVE-2021-37863
 	RESERVED
 CVE-2021-37862
 	RESERVED
-CVE-2021-37861
-	RESERVED
+CVE-2021-37861 (Mattermost 6.0.2 and earlier fails to sufficiently sanitize user's pas ...)
+	TODO: check
 CVE-2021-37860 (Mattermost 5.38 and earlier fails to sufficiently sanitize clipboard c ...)
 	- mattermost-server <itp> (bug #823556)
 CVE-2021-37859 (Fixed a bypass for a reflected cross-site scripting vulnerability affe ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/66a2040563840c6af7044c4a570e877e98dc8ed0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/66a2040563840c6af7044c4a570e877e98dc8ed0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211210/20104f8b/attachment.htm>
