[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jul 21 21:10:29 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d29c0bf3 by security tracker role at 2021-07-21T20:10:21+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,136 @@
-CVE-2021-37159 [net: hso: do not call unregister if not registered]
+CVE-2021-37216
+ RESERVED
+CVE-2021-37215
+ RESERVED
+CVE-2021-37214
+ RESERVED
+CVE-2021-37213
+ RESERVED
+CVE-2021-37212
+ RESERVED
+CVE-2021-37211
+ RESERVED
+CVE-2021-37210
+ RESERVED
+CVE-2021-37209
+ RESERVED
+CVE-2021-37208
+ RESERVED
+CVE-2021-37207
+ RESERVED
+CVE-2021-37206
+ RESERVED
+CVE-2021-37205
+ RESERVED
+CVE-2021-37204
+ RESERVED
+CVE-2021-37203
+ RESERVED
+CVE-2021-37202
+ RESERVED
+CVE-2021-37201
+ RESERVED
+CVE-2021-37200
+ RESERVED
+CVE-2021-37199
+ RESERVED
+CVE-2021-37198
+ RESERVED
+CVE-2021-37197
+ RESERVED
+CVE-2021-37196
+ RESERVED
+CVE-2021-37195
+ RESERVED
+CVE-2021-37194
+ RESERVED
+CVE-2021-37193
+ RESERVED
+CVE-2021-37192
+ RESERVED
+CVE-2021-37191
+ RESERVED
+CVE-2021-37190
+ RESERVED
+CVE-2021-37189
+ RESERVED
+CVE-2021-37188
+ RESERVED
+CVE-2021-37187
+ RESERVED
+CVE-2021-37186
+ RESERVED
+CVE-2021-37185
+ RESERVED
+CVE-2021-37184
+ RESERVED
+CVE-2021-37183
+ RESERVED
+CVE-2021-37182
+ RESERVED
+CVE-2021-37181
+ RESERVED
+CVE-2021-37180
+ RESERVED
+CVE-2021-37179
+ RESERVED
+CVE-2021-37178
+ RESERVED
+CVE-2021-37177
+ RESERVED
+CVE-2021-37176
+ RESERVED
+CVE-2021-37175
+ RESERVED
+CVE-2021-37174
+ RESERVED
+CVE-2021-37173
+ RESERVED
+CVE-2021-37172
+ RESERVED
+CVE-2021-37171
+ RESERVED
+CVE-2021-37170
+ RESERVED
+CVE-2021-37169
+ RESERVED
+CVE-2021-37168
+ RESERVED
+CVE-2021-37167
+ RESERVED
+CVE-2021-37166
+ RESERVED
+CVE-2021-37165
+ RESERVED
+CVE-2021-37164
+ RESERVED
+CVE-2021-37163
+ RESERVED
+CVE-2021-37162
+ RESERVED
+CVE-2021-37161
+ RESERVED
+CVE-2021-37160
+ RESERVED
+CVE-2021-37158
+ RESERVED
+CVE-2021-37157
+ RESERVED
+CVE-2021-37156
+ RESERVED
+CVE-2021-37155 (wolfSSL 4.6.x through 4.7.x before 4.8.0 does not produce a failure ou ...)
+ TODO: check
+CVE-2021-37154
+ RESERVED
+CVE-2021-37153
+ RESERVED
+CVE-2021-37152
+ RESERVED
+CVE-2021-37151
+ RESERVED
+CVE-2021-3657
+ RESERVED
+CVE-2021-37159 (hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel throu ...)
- linux <unfixed>
NOTE: https://www.spinics.net/lists/linux-usb/msg202228.html
CVE-2021-37150
@@ -3712,8 +3844,8 @@ CVE-2021-35484
RESERVED
CVE-2021-35483
RESERVED
-CVE-2021-35482
- RESERVED
+CVE-2021-35482 (An issue was discovered in Barco MirrorOp Windows Sender before 2.5.4. ...)
+ TODO: check
CVE-2021-35481
RESERVED
CVE-2021-35480
@@ -5164,8 +5296,8 @@ CVE-2021-34818
RESERVED
CVE-2021-34817 (A Cross-Site Scripting (XSS) issue in the chat component of Etherpad 1 ...)
TODO: check
-CVE-2021-34816
- RESERVED
+CVE-2021-34816 (An Argument Injection issue in the plugin management of Etherpad 1.8.1 ...)
+ TODO: check
CVE-2021-34815 (CheckSec Canopy before 3.5.2 allows XSS attacks against the login page ...)
NOT-FOR-US: CheckSec Canopy
CVE-2020-36389 (In CiviCRM before 5.28.1 and CiviCRM ESR before 5.27.5 ESR, the CKEdit ...)
@@ -5627,8 +5759,8 @@ CVE-2021-34621 (A vulnerability in the user registration component found in the
NOT-FOR-US: WordPress plugin
CVE-2021-34620 (The WP Fluent Forms plugin < 3.6.67 for WordPress is vulnerable to ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-34619
- RESERVED
+CVE-2021-34619 (The WooCommerce Stock Manager WordPress plugin is vulnerable to Cross- ...)
+ TODO: check
CVE-2021-34618 (A remote denial of service (DoS) vulnerability was discovered in some ...)
NOT-FOR-US: Aruba
CVE-2021-34617 (A remote cross-site scripting (XSS) vulnerability was discovered in so ...)
@@ -6210,13 +6342,13 @@ CVE-2021-34370 (Accela Civic Platform through 20.1 allows ssoAdapter/logoutActio
CVE-2021-34369 (portlets/contact/ref/refContactDetail.do in Accela Civic Platform thro ...)
NOT-FOR-US: Accela Civic Platform
CVE-2021-34368
- RESERVED
+ REJECTED
CVE-2021-34367
- RESERVED
+ REJECTED
CVE-2021-34366
- RESERVED
+ REJECTED
CVE-2021-34365
- RESERVED
+ REJECTED
CVE-2021-34364 (The Refined GitHub browser extension before 21.6.8 might allow XSS via ...)
NOT-FOR-US: Refined GitHub browser extension
CVE-2021-34363 (The thefuck (aka The Fuck) package before 3.31 for Python allows Path ...)
@@ -9929,8 +10061,8 @@ CVE-2021-32758
RESERVED
CVE-2021-32757
RESERVED
-CVE-2021-32756
- RESERVED
+CVE-2021-32756 (ManageIQ is an open-source management platform. In versions prior to j ...)
+ TODO: check
CVE-2021-32755 (Wire is a collaboration platform. wire-ios-transport handles authentic ...)
NOT-FOR-US: wire-ios (iOS version of Wire)
CVE-2021-32754 (FlowDroid is a data flow analysis tool. FlowDroid versions prior to 2. ...)
@@ -9963,10 +10095,10 @@ CVE-2021-32746 (Icinga Web 2 is an open source monitoring web interface, framewo
[buster] - icingaweb2 <no-dsa> (Minor issue)
NOTE: https://github.com/Icinga/icingaweb2/security/advisories/GHSA-cmgc-h4cx-3v43
NOTE: https://github.com/Icinga/icingaweb2/commit/80875d91bbfa52553fe7bb2c1a32a9814880d9c1 (v2.8.3)
-CVE-2021-32745
- RESERVED
-CVE-2021-32744
- RESERVED
+CVE-2021-32745 (Collabora Online is a collaborative online office suite. A reflected X ...)
+ TODO: check
+CVE-2021-32744 (Collabora Online is a collaborative online office suite. In versions p ...)
+ TODO: check
CVE-2021-32743 (Icinga is a monitoring system which checks the availability of network ...)
[experimental] - icinga2 2.12.5-1~exp1
- icinga2 <unfixed>
@@ -27586,20 +27718,20 @@ CVE-2021-25703
RESERVED
CVE-2021-25702
RESERVED
-CVE-2021-25701
- RESERVED
+CVE-2021-25701 (The fUSBHub driver in the PCoIP Software Client prior to version 21.07 ...)
+ TODO: check
CVE-2021-25700
RESERVED
-CVE-2021-25699
- RESERVED
-CVE-2021-25698
- RESERVED
+CVE-2021-25699 (The OpenSSL component of the Teradici PCoIP Software Client prior to v ...)
+ TODO: check
+CVE-2021-25698 (The OpenSSL component of the Teradici PCoIP Standard Agent prior to ve ...)
+ TODO: check
CVE-2021-25697
RESERVED
CVE-2021-25696
RESERVED
-CVE-2021-25695
- RESERVED
+CVE-2021-25695 (The USB vHub in the Teradici PCOIP Software Agent prior to version 21. ...)
+ TODO: check
CVE-2021-25694 (Teradici PCoIP Graphics Agent for Windows prior to 21.03 does not vali ...)
NOT-FOR-US: Teradici PCoIP Graphics Agent for Windows
CVE-2021-25693 (An attacker may cause a Denial of Service (DoS) in multiple versions o ...)
@@ -32721,14 +32853,14 @@ CVE-2021-23413
RESERVED
CVE-2021-23412
RESERVED
-CVE-2021-23411
- RESERVED
-CVE-2021-23410
- RESERVED
+CVE-2021-23411 (All versions of package anchorme are vulnerable to Cross-site Scriptin ...)
+ TODO: check
+CVE-2021-23410 (All versions of package msgpack are vulnerable to Deserialization of U ...)
+ TODO: check
CVE-2021-23409 (The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable ...)
TODO: check
-CVE-2021-23408
- RESERVED
+CVE-2021-23408 (This affects the package com.graphhopper:graphhopper-web-bundle before ...)
+ TODO: check
CVE-2021-23407 (This affects the package elFinder.Net.Core from 0 and before 1.2.4. Th ...)
NOT-FOR-US: elFinder.Net.Core
CVE-2021-23406
@@ -34111,8 +34243,8 @@ CVE-2021-22786
RESERVED
CVE-2021-22785
RESERVED
-CVE-2021-22784
- RESERVED
+CVE-2021-22784 (A CWE-306: Missing Authentication for Critical Function vulnerability ...)
+ TODO: check
CVE-2021-22783
RESERVED
CVE-2021-22782 (Missing Encryption of Sensitive Data vulnerability exists in EcoStruxu ...)
@@ -34125,23 +34257,23 @@ CVE-2021-22779 (Authentication Bypass by Spoofing vulnerability exists in EcoStr
NOT-FOR-US: Schneider Electric
CVE-2021-22778 (Insufficiently Protected Credentials vulnerability exists in EcoStruxu ...)
NOT-FOR-US: Schneider Electric
-CVE-2021-22777
- RESERVED
+CVE-2021-22777 (A CWE-502: Deserialization of Untrusted Data vulnerability exists that ...)
+ TODO: check
CVE-2021-22776
RESERVED
CVE-2021-22775
RESERVED
-CVE-2021-22774
- RESERVED
-CVE-2021-22773
- RESERVED
-CVE-2021-22772
- RESERVED
-CVE-2021-22771
- RESERVED
-CVE-2021-22770
- RESERVED
-CVE-2021-22769 (A CWE-269: Improper Privilege Management vulnerability exists in Enerl ...)
+CVE-2021-22774 (A CWE-759: Use of a One-Way Hash without a Salt vulnerability exists i ...)
+ TODO: check
+CVE-2021-22773 (A CWE-620: Unverified Password Change vulnerability exists in EVlink C ...)
+ TODO: check
+CVE-2021-22772 (A CWE-306: Missing Authentication for Critical Function vulnerability ...)
+ TODO: check
+CVE-2021-22771 (A CWE-1236: Improper Neutralization of Formula Elements in a CSV File ...)
+ TODO: check
+CVE-2021-22770 (A CWE-200: Information Exposure vulnerability exists in Easergy T300 w ...)
+ TODO: check
+CVE-2021-22769 (A CWE-552: Files or Directories Accessible to External Parties vulnera ...)
NOT-FOR-US: Schneider Electric
CVE-2021-22768 (** UNSUPPORTED WHEN ASSIGNED ** A CWE-20: Improper Input Validation vu ...)
NOT-FOR-US: PowerLogic EGX300
@@ -34219,26 +34351,26 @@ CVE-2021-22732 (Improper Privilege Management vulnerability exists in homeLYnk (
NOT-FOR-US: Schneider
CVE-2021-22731 (Weak Password Recovery Mechanism for Forgotten Password vulnerability ...)
NOT-FOR-US: Modicon
-CVE-2021-22730
- RESERVED
-CVE-2021-22729
- RESERVED
-CVE-2021-22728
- RESERVED
-CVE-2021-22727
- RESERVED
-CVE-2021-22726
- RESERVED
+CVE-2021-22730 (A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlin ...)
+ TODO: check
+CVE-2021-22729 (A CWE-259: Use of Hard-coded Password vulnerability exists in EVlink C ...)
+ TODO: check
+CVE-2021-22728 (A CWE-200: Information Exposure vulnerability exists in EVlink City (E ...)
+ TODO: check
+CVE-2021-22727 (A CWE-331: Insufficient Entropy vulnerability exists in EVlink City (E ...)
+ TODO: check
+CVE-2021-22726 (A CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists in ...)
+ TODO: check
CVE-2021-22725
RESERVED
CVE-2021-22724
RESERVED
-CVE-2021-22723
- RESERVED
-CVE-2021-22722
- RESERVED
-CVE-2021-22721
- RESERVED
+CVE-2021-22723 (A CWE-79: Improper Neutralization of Input During Web Page Generation ...)
+ TODO: check
+CVE-2021-22722 (A CWE-79: Improper Neutralization of Input During Web Page Generation ...)
+ TODO: check
+CVE-2021-22721 (A CWE-200: Information Exposure vulnerability exists in EVlink City (E ...)
+ TODO: check
CVE-2021-22720 (A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ...)
NOT-FOR-US: Schneider Electric
CVE-2021-22719 (A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ...)
@@ -34263,12 +34395,12 @@ CVE-2021-22710 (A CWE-119:Improper Restriction of Operations within the Bounds o
NOT-FOR-US: Schneider
CVE-2021-22709 (A CWE-119:Improper Restriction of Operations within the Bounds of a Me ...)
NOT-FOR-US: Schneider
-CVE-2021-22708
- RESERVED
-CVE-2021-22707
- RESERVED
-CVE-2021-22706
- RESERVED
+CVE-2021-22708 (A CWE-347: Improper Verification of Cryptographic Signature vulnerabil ...)
+ TODO: check
+CVE-2021-22707 (A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlin ...)
+ TODO: check
+CVE-2021-22706 (A CWE-79: Improper Neutralization of Input During Web Page Generation ...)
+ TODO: check
CVE-2021-22705 (Improper Restriction of Operations within the Bounds of a Memory Buffe ...)
NOT-FOR-US: Schneider
CVE-2021-22704
@@ -35611,10 +35743,10 @@ CVE-2021-22148
RESERVED
CVE-2021-22147
RESERVED
-CVE-2021-22146
- RESERVED
-CVE-2021-22145
- RESERVED
+CVE-2021-22146 (All versions of Elastic Cloud Enterprise has the Elasticsearch “ ...)
+ TODO: check
+CVE-2021-22145 (A memory disclosure vulnerability was identified in Elasticsearch 7.10 ...)
+ TODO: check
CVE-2021-22144
RESERVED
CVE-2021-22143
@@ -38469,10 +38601,10 @@ CVE-2021-21409 (Netty is an open-source, asynchronous event-driven network appli
NOTE: Is a followup to: https://github.com/netty/netty/security/advisories/GHSA-wm47-8v5p-wjpj
CVE-2021-21408
RESERVED
-CVE-2021-21407
- RESERVED
-CVE-2021-21406
- RESERVED
+CVE-2021-21407 (Combodo iTop is an open source, web based IT Service Management tool. ...)
+ TODO: check
+CVE-2021-21406 (Combodo iTop is an open source, web based IT Service Management tool. ...)
+ TODO: check
CVE-2021-21405 (Lotus is an Implementation of the Filecoin protocol written in Go. BLS ...)
NOT-FOR-US: Lotus
CVE-2021-21404 (Syncthing is a continuous file synchronization program. In Syncthing b ...)
@@ -42064,8 +42196,8 @@ CVE-2021-20108 (Manage Engine Asset Explorer Agent 1.0.34 listens on port 9000 f
TODO: check
CVE-2021-20107 (There exists an unauthenticated BLE Interface in Sloan SmartFaucets in ...)
NOT-FOR-US: Sloan
-CVE-2021-20106
- RESERVED
+CVE-2021-20106 (Nessus Agent versions 8.2.5 and earlier were found to contain a privil ...)
+ TODO: check
CVE-2021-20105 (Machform prior to version 16 is vulnerable to an open redirect in Safa ...)
NOT-FOR-US: Machform
CVE-2021-20104 (Machform prior to version 16 is vulnerable to unauthenticated remote c ...)
@@ -43070,7 +43202,7 @@ CVE-2020-35242 (Flamingo (aka FlamingoIM) through 2020-09-29 has a SQL injection
NOT-FOR-US: Flamingo (aka FlamingoIM)
CVE-2020-35241 (FlatPress 1.0.3 is affected by cross-site scripting (XSS) in the Blog ...)
NOT-FOR-US: FlatPress
-CVE-2020-35240 (FluxBB 1.5.11 is affected by cross-site scripting (XSS in the Blog Con ...)
+CVE-2020-35240 (** DISPUTED ** FluxBB 1.5.11 is affected by cross-site scripting (XSS ...)
NOT-FOR-US: FluxBB
CVE-2020-35239 (A vulnerability exists in CakePHP versions 4.0.x through 4.1.3. The Cs ...)
- cakephp <not-affected> (Vulnerable code introduced later)
@@ -63692,10 +63824,10 @@ CVE-2020-23285
RESERVED
CVE-2020-23284 (Information disclosure in aspx pages in MV's IDCE application v1.0 all ...)
TODO: check
-CVE-2020-23283
- RESERVED
-CVE-2020-23282
- RESERVED
+CVE-2020-23283 (Information disclosure in Logon Page in MV's mConnect application v02. ...)
+ TODO: check
+CVE-2020-23282 (SQL injection in Logon Page in MV's mConnect application, v02.001.00, ...)
+ TODO: check
CVE-2020-23281
RESERVED
CVE-2020-23280
@@ -65960,12 +66092,12 @@ CVE-2020-22152
RESERVED
CVE-2020-22151
RESERVED
-CVE-2020-22150
- RESERVED
+CVE-2020-22150 (A cross site scripting (XSS) vulnerability in /admin.php?page=permalin ...)
+ TODO: check
CVE-2020-22149
RESERVED
-CVE-2020-22148
- RESERVED
+CVE-2020-22148 (A stored cross site scripting (XSS) vulnerability in /admin.php?page=t ...)
+ TODO: check
CVE-2020-22147
RESERVED
CVE-2020-22146
@@ -66494,18 +66626,18 @@ CVE-2020-21939
RESERVED
CVE-2020-21938
RESERVED
-CVE-2020-21937
- RESERVED
-CVE-2020-21936
- RESERVED
-CVE-2020-21935
- RESERVED
-CVE-2020-21934
- RESERVED
-CVE-2020-21933
- RESERVED
-CVE-2020-21932
- RESERVED
+CVE-2020-21937 (An command injection vulnerability in HNAP1/SetWLanApcliSettings of Mo ...)
+ TODO: check
+CVE-2020-21936 (An issue in HNAP1/GetMultipleHNAPs of Motorola CX2 router CX 1.0.2 Bui ...)
+ TODO: check
+CVE-2020-21935 (A command injection vulnerability in HNAP1/GetNetworkTomographySetting ...)
+ TODO: check
+CVE-2020-21934 (An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 ...)
+ TODO: check
+CVE-2020-21933 (An issue was discovered in Motorola CX2 router CX 1.0.2 Build 20190508 ...)
+ TODO: check
+CVE-2020-21932 (A vulnerability in /Login.html of Motorola CX2 router CX 1.0.2 Build 2 ...)
+ TODO: check
CVE-2020-21931
RESERVED
CVE-2020-21930
@@ -69876,8 +70008,8 @@ CVE-2020-20264 (Mikrotik RouterOs before 6.47 (stable tree) in the /ram/pckg/adv
NOT-FOR-US: Mikrotik RouterOs
CVE-2020-20263
RESERVED
-CVE-2020-20262
- RESERVED
+CVE-2020-20262 (Mikrotik RouterOs before 6.47 (stable tree) suffers from an assertion ...)
+ TODO: check
CVE-2020-20261
RESERVED
CVE-2020-20260
@@ -69958,12 +70090,12 @@ CVE-2020-20223
RESERVED
CVE-2020-20222 (Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corrup ...)
NOT-FOR-US: Mikrotik RouterOs
-CVE-2020-20221
- RESERVED
+CVE-2020-20221 (Mikrotik RouterOs before 6.44.6 (long-term tree) suffers from an uncon ...)
+ TODO: check
CVE-2020-20220 (Mikrotik RouterOs prior to stable 6.47 suffers from a memory corruptio ...)
NOT-FOR-US: Mikrotik RouterOs
-CVE-2020-20219
- RESERVED
+CVE-2020-20219 (Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corrup ...)
+ TODO: check
CVE-2020-20218 (Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corrup ...)
NOT-FOR-US: Mikrotik RouterOs
CVE-2020-20217 (Mikrotik RouterOs before 6.47 (stable tree) suffers from an uncontroll ...)
@@ -71195,8 +71327,8 @@ CVE-2020-19611
RESERVED
CVE-2020-19610
RESERVED
-CVE-2020-19609
- RESERVED
+CVE-2020-19609 (Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff ...)
+ TODO: check
CVE-2020-19608
RESERVED
CVE-2020-19607
@@ -71415,12 +71547,12 @@ CVE-2020-19501
RESERVED
CVE-2020-19500
RESERVED
-CVE-2020-19499
- RESERVED
-CVE-2020-19498
- RESERVED
-CVE-2020-19497
- RESERVED
+CVE-2020-19499 (An issue was discovered in heif::Box_iref::get_references in libheif 1 ...)
+ TODO: check
+CVE-2020-19498 (Floating point exception in function Fraction in libheif 1.4.0, allows ...)
+ TODO: check
+CVE-2020-19497 (Integer overflow vulnerability in Mat_VarReadNextInfo5 in mat5.c in tb ...)
+ TODO: check
CVE-2020-19496
RESERVED
CVE-2020-19495
@@ -71429,16 +71561,16 @@ CVE-2020-19494
RESERVED
CVE-2020-19493
RESERVED
-CVE-2020-19492
- RESERVED
-CVE-2020-19491
- RESERVED
-CVE-2020-19490
- RESERVED
+CVE-2020-19492 (There is a floating point exception in ReadImage that leads to a Segme ...)
+ TODO: check
+CVE-2020-19491 (There is an invalid memory access bug in cgif.c that leads to a Segmen ...)
+ TODO: check
+CVE-2020-19490 (tinyexr 0.9.5 has a integer overflow over-write in tinyexr::DecodePixe ...)
+ TODO: check
CVE-2020-19489
RESERVED
-CVE-2020-19488
- RESERVED
+CVE-2020-19488 (An issue was discovered in box_code_apple.c:119 in Gpac MP4Box 0.8.0, ...)
+ TODO: check
CVE-2020-19487
RESERVED
CVE-2020-19486
@@ -71451,8 +71583,8 @@ CVE-2020-19483
RESERVED
CVE-2020-19482
RESERVED
-CVE-2020-19481
- RESERVED
+CVE-2020-19481 (An issue was discovered in GPAC before 0.8.0, as demonstrated by MP4Bo ...)
+ TODO: check
CVE-2020-19480
RESERVED
CVE-2020-19479
@@ -71463,32 +71595,32 @@ CVE-2020-19477
RESERVED
CVE-2020-19476
RESERVED
-CVE-2020-19475
- RESERVED
-CVE-2020-19474
- RESERVED
-CVE-2020-19473
- RESERVED
-CVE-2020-19472
- RESERVED
-CVE-2020-19471
- RESERVED
-CVE-2020-19470
- RESERVED
-CVE-2020-19469
- RESERVED
-CVE-2020-19468
- RESERVED
-CVE-2020-19467
- RESERVED
-CVE-2020-19466
- RESERVED
-CVE-2020-19465
- RESERVED
-CVE-2020-19464
- RESERVED
-CVE-2020-19463
- RESERVED
+CVE-2020-19475 (An issue has been found in function CCITTFaxStream::lookChar in PDF2JS ...)
+ TODO: check
+CVE-2020-19474 (An issue has been found in function Gfx::doShowText in PDF2JSON 0.70 t ...)
+ TODO: check
+CVE-2020-19473 (An issue has been found in function DCTStream::decodeImage in PDF2JSON ...)
+ TODO: check
+CVE-2020-19472 (An issue has been found in function DCTStream::readHuffSym in PDF2JSON ...)
+ TODO: check
+CVE-2020-19471 (An issue has been found in function DCTStream::decodeImage in PDF2JSON ...)
+ TODO: check
+CVE-2020-19470 (An issue has been found in function DCTStream::getChar in PDF2JSON 0.7 ...)
+ TODO: check
+CVE-2020-19469 (An issue has been found in function DCTStream::reset in PDF2JSON 0.70 ...)
+ TODO: check
+CVE-2020-19468 (An issue has been found in function EmbedStream::getChar in PDF2JSON 0 ...)
+ TODO: check
+CVE-2020-19467 (An issue has been found in function DCTStream::transformDataUnit in PD ...)
+ TODO: check
+CVE-2020-19466 (An issue has been found in function DCTStream::transformDataUnit in PD ...)
+ TODO: check
+CVE-2020-19465 (An issue has been found in function ObjectStream::getObject in PDF2JSO ...)
+ TODO: check
+CVE-2020-19464 (An issue has been found in function XRef::fetch in PDF2JSON 0.70 that ...)
+ TODO: check
+CVE-2020-19463 (An issue has been found in function vfprintf in PDF2JSON 0.70 that all ...)
+ TODO: check
CVE-2020-19462
RESERVED
CVE-2020-19461
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d29c0bf34799e754665b6c8efa65930ef4b9b569
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d29c0bf34799e754665b6c8efa65930ef4b9b569
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210721/33b97209/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list