[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Fri Jan 15 08:10:24 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c2753ae8 by security tracker role at 2021-01-15T08:10:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,75 @@
+CVE-2021-3158
+ RESERVED
+CVE-2021-3157
+ RESERVED
+CVE-2021-3156
+ RESERVED
+CVE-2021-3155
+ RESERVED
+CVE-2021-3154
+ RESERVED
+CVE-2021-3153
+ RESERVED
+CVE-2021-3152
+ RESERVED
+CVE-2021-3151
+ RESERVED
+CVE-2021-3150
+ RESERVED
+CVE-2021-3149
+ RESERVED
+CVE-2021-3148
+ RESERVED
+CVE-2021-3147
+ RESERVED
+CVE-2021-25196
+ RESERVED
+CVE-2021-25195
+ RESERVED
+CVE-2021-25194
+ RESERVED
+CVE-2021-25193
+ RESERVED
+CVE-2021-25192
+ RESERVED
+CVE-2021-25191
+ RESERVED
+CVE-2021-25190
+ RESERVED
+CVE-2021-25189
+ RESERVED
+CVE-2021-25188
+ RESERVED
+CVE-2021-25187
+ RESERVED
+CVE-2021-25186
+ RESERVED
+CVE-2021-25185
+ RESERVED
+CVE-2021-25184
+ RESERVED
+CVE-2021-25183
+ RESERVED
+CVE-2021-25182
+ RESERVED
+CVE-2021-25181
+ RESERVED
+CVE-2021-25180
+ RESERVED
+CVE-2021-25179
+ RESERVED
+CVE-2021-25178
+ RESERVED
+CVE-2021-25177
+ RESERVED
+CVE-2021-25176
+ RESERVED
+CVE-2021-25175
+ RESERVED
+CVE-2021-25174
+ RESERVED
+CVE-2021-25173
+ RESERVED
CVE-2021-25172
RESERVED
CVE-2021-25171
@@ -2100,8 +2172,7 @@ CVE-2021-24123
RESERVED
CVE-2021-24122 (When serving resources from a network location using the NTFS file sys ...)
TODO: check
-CVE-2021-21261 [Flatpak sandbox escape via spawn portal]
- RESERVED
+CVE-2021-21261 (Flatpak is a system for building, distributing, and running sandboxed ...)
{DSA-4830-1}
- flatpak 1.8.5-1
NOTE: https://github.com/flatpak/flatpak/security/advisories/GHSA-4ppf-fxf6-vxg2
@@ -2740,14 +2811,14 @@ CVE-2021-23840
RESERVED
CVE-2021-23839
RESERVED
-CVE-2021-23838
- RESERVED
-CVE-2021-23837
- RESERVED
-CVE-2021-23836
- RESERVED
-CVE-2021-23835
- RESERVED
+CVE-2021-23838 (An issue was discovered in flatCore before 2.0.0 build 139. A reflecte ...)
+ TODO: check
+CVE-2021-23837 (An issue was discovered in flatCore before 2.0.0 build 139. A time-bas ...)
+ TODO: check
+CVE-2021-23836 (An issue was discovered in flatCore before 2.0.0 build 139. A stored X ...)
+ TODO: check
+CVE-2021-23835 (An issue was discovered in flatCore before 2.0.0 build 139. A local fi ...)
+ TODO: check
CVE-2021-3125
RESERVED
CVE-2021-3124
@@ -6305,8 +6376,8 @@ CVE-2021-22134
RESERVED
CVE-2021-22133
RESERVED
-CVE-2021-22132
- RESERVED
+CVE-2021-22132 (Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosu ...)
+ TODO: check
CVE-2021-22131
RESERVED
CVE-2021-22130
@@ -9675,10 +9746,10 @@ CVE-2020-35584 (In Solstice Pod before 3.0.3, the web services allow users to co
NOT-FOR-US: Solstice Pod
CVE-2020-35583
RESERVED
-CVE-2020-35582
- RESERVED
-CVE-2020-35581
- RESERVED
+CVE-2020-35582 (A stored cross-site scripting (XSS) issue in Envira Gallery Lite befor ...)
+ TODO: check
+CVE-2020-35581 (A stored cross-site scripting (XSS) issue in Envira Gallery Lite befor ...)
+ TODO: check
CVE-2020-35580
RESERVED
CVE-2020-35579 (tindy2013 subconverter 0.6.4 has a /sub?target=%TARGET%&url=%URL%& ...)
@@ -14981,12 +15052,12 @@ CVE-2020-29497 (Dell Wyse Management Suite versions prior to 3.1 contain a store
NOT-FOR-US: Dell Wyse Management Suite
CVE-2020-29496 (Dell Wyse Management Suite versions prior to 3.1 contain a stored cros ...)
NOT-FOR-US: Dell Wyse Management Suite
-CVE-2020-29495
- RESERVED
-CVE-2020-29494
- RESERVED
-CVE-2020-29493
- RESERVED
+CVE-2020-29495 (DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Comma ...)
+ TODO: check
+CVE-2020-29494 (Dell EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a Path Trav ...)
+ TODO: check
+CVE-2020-29493 (DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a SQL Injec ...)
+ TODO: check
CVE-2020-29492 (Dell Wyse ThinOS 8.6 and prior versions contain an insecure default co ...)
NOT-FOR-US: Dell Wyse ThinOS
CVE-2020-29491 (Dell Wyse ThinOS 8.6 and prior versions contain an insecure default co ...)
@@ -23711,10 +23782,10 @@ CVE-2020-27222
RESERVED
CVE-2020-27221
RESERVED
-CVE-2020-27220
- RESERVED
-CVE-2020-27219
- RESERVED
+CVE-2020-27220 (The Eclipse Hono AMQP and MQTT protocol adapters do not check whether ...)
+ TODO: check
+CVE-2020-27219 (In all version of Eclipse Hawkbit prior to 0.3.0M7, the HTTP 404 (Not ...)
+ TODO: check
CVE-2020-27218 (In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 ...)
- jetty9 9.4.35-1 (bug #976211)
[stretch] - jetty9 <no-dsa> (Minor issue)
@@ -47362,10 +47433,10 @@ CVE-2020-16048
RESERVED
CVE-2020-16047
RESERVED
-CVE-2020-16046
- RESERVED
-CVE-2020-16045
- RESERVED
+CVE-2020-16046 (Script injection in iOSWeb in Google Chrome on iOS prior to 84.0.4147. ...)
+ TODO: check
+CVE-2020-16045 (Use after Free in Payments in Google Chrome on Android prior to 87.0.4 ...)
+ TODO: check
CVE-2020-16044
RESERVED
{DSA-4827-1 DLA-2521-1}
@@ -73665,8 +73736,8 @@ CVE-2020-6573 (Use after free in video in Google Chrome on Android prior to 85.0
{DSA-4824-1}
- chromium 87.0.4280.88-0.1
[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6572
- RESERVED
+CVE-2020-6572 (Use after free in Media in Google Chrome prior to 81.0.4044.92 allowed ...)
+ TODO: check
CVE-2020-6571 (Insufficient data validation in Omnibox in Google Chrome prior to 85.0 ...)
{DSA-4824-1}
- chromium 87.0.4280.88-0.1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c2753ae89af676b8a592549a1bf4b84d9a27d9bb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c2753ae89af676b8a592549a1bf4b84d9a27d9bb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210115/ab71abe4/attachment.html>
More information about the debian-security-tracker-commits
mailing list