[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jun 22 21:10:30 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
822c50f1 by security tracker role at 2021-06-22T20:10:22+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2021-3613
+ RESERVED
+CVE-2021-35210
+ RESERVED
+CVE-2021-35209
+ RESERVED
+CVE-2021-35208
+ RESERVED
+CVE-2021-35207
+ RESERVED
+CVE-2021-35206 (Gitpod before 0.6.0 allows unvalidated redirects. ...)
+ TODO: check
+CVE-2021-35205
+ RESERVED
+CVE-2021-35204
+ RESERVED
+CVE-2021-35203
+ RESERVED
+CVE-2021-35202
+ RESERVED
+CVE-2021-35201
+ RESERVED
+CVE-2021-35200
+ RESERVED
+CVE-2021-35199
+ RESERVED
+CVE-2021-35198
+ RESERVED
+CVE-2021-35197
+ RESERVED
CVE-2021-35196 (** DISPUTED ** Manuskript through 0.12.0 allows remote attackers to ex ...)
TODO: check
CVE-2021-35195
@@ -326,10 +356,10 @@ CVE-2021-35048
RESERVED
CVE-2021-35047
RESERVED
-CVE-2021-35046
- RESERVED
-CVE-2021-35045
- RESERVED
+CVE-2021-35046 (A session fixation vulnerability was discovered in Ice Hrm 29.0.0 OS w ...)
+ TODO: check
+CVE-2021-35045 (Cross site scripting (XSS) vulnerability in Ice Hrm 29.0.0.OS, allows ...)
+ TODO: check
CVE-2021-35044
RESERVED
CVE-2021-35043
@@ -1693,8 +1723,8 @@ CVE-2021-34430
RESERVED
CVE-2021-34429
RESERVED
-CVE-2021-34428
- RESERVED
+CVE-2021-34428 (For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, i ...)
+ TODO: check
CVE-2021-34427
RESERVED
CVE-2021-34426
@@ -2100,10 +2130,10 @@ CVE-2021-34246
RESERVED
CVE-2021-34245
RESERVED
-CVE-2021-34244
- RESERVED
-CVE-2021-34243
- RESERVED
+CVE-2021-34244 (A cross site request forgery (CSRF) vulnerability was discovered in Ic ...)
+ TODO: check
+CVE-2021-34243 (A stored cross site scripting (XSS) vulnerability was discovered in Ic ...)
+ TODO: check
CVE-2021-34242
RESERVED
CVE-2021-34241
@@ -3791,7 +3821,7 @@ CVE-2021-33508 (Plone through 5.2.4 allows XSS via a full name that is mishandle
NOT-FOR-US: Plone
CVE-2021-33507 (Zope Products.CMFCore before 2.5.1 and Products.PluggableAuthService b ...)
NOT-FOR-US: Zope Products.CMFCore (as used in Plone)
-CVE-2021-33506 (jitsi-meet-prosody in Jitsi Meet before 5026 does not ensure that rest ...)
+CVE-2021-33506 (jitsi-meet-prosody in Jitsi Meet before 2.0.5963-1 does not ensure tha ...)
NOT-FOR-US: jitsi-meet-prosody
CVE-2021-33505
RESERVED
@@ -5706,8 +5736,8 @@ CVE-2021-32646 (Roomer is a discord bot cog (extension) which provides automatic
NOT-FOR-US: Roomer
CVE-2021-32645 (Tenancy multi-tenant is an open source multi-domain controller for the ...)
NOT-FOR-US: Teancy multi-tenant
-CVE-2021-32644
- RESERVED
+CVE-2021-32644 (Ampache is an open source web based audio/video streaming application ...)
+ TODO: check
CVE-2021-32643 (Http4s is a Scala interface for HTTP services. `StaticFile.fromUrl` ca ...)
NOT-FOR-US: Http4s
CVE-2021-32642 (radsecproxy is a generic RADIUS proxy that supports both UDP and TLS ( ...)
@@ -28566,8 +28596,8 @@ CVE-2021-3046
RESERVED
CVE-2021-3045
RESERVED
-CVE-2021-3044
- RESERVED
+CVE-2021-3044 (An improper authorization vulnerability in Palo Alto Networks Cortex X ...)
+ TODO: check
CVE-2021-3043
RESERVED
CVE-2021-3042
@@ -30330,20 +30360,20 @@ CVE-2021-22385
RESERVED
CVE-2021-22384
RESERVED
-CVE-2021-22383
- RESERVED
-CVE-2021-22382
- RESERVED
+CVE-2021-22383 (There is an out-of-bounds read vulnerability in eCNS280_TD V100R005C10 ...)
+ TODO: check
+CVE-2021-22382 (Huawei LTE USB Dongle products have an improper permission assignment ...)
+ TODO: check
CVE-2021-22381
RESERVED
CVE-2021-22380
RESERVED
CVE-2021-22379
RESERVED
-CVE-2021-22378
- RESERVED
-CVE-2021-22377
- RESERVED
+CVE-2021-22378 (There is a race condition vulnerability in eCNS280_TD V100R005C00 and ...)
+ TODO: check
+CVE-2021-22377 (There is a command injection vulnerability in S12700 V200R019C00SPC500 ...)
+ TODO: check
CVE-2021-22376
RESERVED
CVE-2021-22375
@@ -30364,18 +30394,18 @@ CVE-2021-22368
RESERVED
CVE-2021-22367
RESERVED
-CVE-2021-22366
- RESERVED
-CVE-2021-22365
- RESERVED
+CVE-2021-22366 (There is an out-of-bounds read vulnerability in eSE620X vESS V100R001C ...)
+ TODO: check
+CVE-2021-22365 (There is an out of bounds read vulnerability in eSE620X vESS V100R001C ...)
+ TODO: check
CVE-2021-22364 (There is a denial of service vulnerability in the versions 10.1.0.126( ...)
NOT-FOR-US: Huawei
-CVE-2021-22363
- RESERVED
+CVE-2021-22363 (There is a resource management error vulnerability in eCNS280_TD V100R ...)
+ TODO: check
CVE-2021-22362 (There is an out of bounds write vulnerability in some Huawei products. ...)
NOT-FOR-US: Huawei
-CVE-2021-22361
- RESERVED
+CVE-2021-22361 (There is an improper authorization vulnerability in eCNS280 V100R005C0 ...)
+ TODO: check
CVE-2021-22360 (There is a resource management error vulnerability in the verisions V5 ...)
NOT-FOR-US: Huawei
CVE-2021-22359 (There is a denial of service vulnerability in the verisions V200R005C0 ...)
@@ -30412,8 +30442,8 @@ CVE-2021-22344
RESERVED
CVE-2021-22343
RESERVED
-CVE-2021-22342
- RESERVED
+CVE-2021-22342 (There is an information leak vulnerability in Huawei products. A modul ...)
+ TODO: check
CVE-2021-22341
RESERVED
CVE-2021-22340
@@ -45594,16 +45624,14 @@ CVE-2021-0610
RESERVED
CVE-2021-0609
RESERVED
-CVE-2021-0608
- RESERVED
-CVE-2021-0607
- RESERVED
-CVE-2021-0606
- RESERVED
+CVE-2021-0608 (In handleAppLaunch of AppLaunchActivity.java, there is a possible arbi ...)
+ TODO: check
+CVE-2021-0607 (In iaxxx_calc_i2s_div of iaxxx-codec.c, there is a possible hardware p ...)
+ TODO: check
+CVE-2021-0606 (In drm_syncobj_handle_to_fd of drm_syncobj.c, there is a possible use ...)
- linux <not-affected> (Vulnerability specific to 4.14.y backporting)
NOTE: https://source.android.com/security/bulletin/pixel/2021-06-01
-CVE-2021-0605
- RESERVED
+CVE-2021-0605 (In pfkey_dump of af_key.c, there is a possible out-of-bounds read due ...)
- linux 5.8.7-1
[buster] - linux 4.19.152-1
[stretch] - linux 4.9.240-1
@@ -45672,84 +45700,84 @@ CVE-2021-0574
RESERVED
CVE-2021-0573
RESERVED
-CVE-2021-0572
- RESERVED
-CVE-2021-0571
- RESERVED
-CVE-2021-0570
- RESERVED
-CVE-2021-0569
- RESERVED
-CVE-2021-0568
- RESERVED
-CVE-2021-0567
- RESERVED
-CVE-2021-0566
- RESERVED
-CVE-2021-0565
- RESERVED
-CVE-2021-0564
- RESERVED
-CVE-2021-0563
- RESERVED
-CVE-2021-0562
- RESERVED
-CVE-2021-0561
- RESERVED
+CVE-2021-0572 (In doNotification of AccountManagerService.java, there is a possible p ...)
+ TODO: check
+CVE-2021-0571 (In ActivityTaskManagerService.startActivity() and AppTaskImpl.startAct ...)
+ TODO: check
+CVE-2021-0570 (In sendBugreportNotification of BugreportProgressService.java, there i ...)
+ TODO: check
+CVE-2021-0569 (In onStart of ContactsDumpActivity.java, there is possible access to c ...)
+ TODO: check
+CVE-2021-0568 (In onReceive of DevicePolicyManagerService.java, there is a possible e ...)
+ TODO: check
+CVE-2021-0567 (In isRestricted of RemoteViews.java, there is a possible way to inject ...)
+ TODO: check
+CVE-2021-0566 (In accessAudioHalPidscpp of TimeCheck.cpp, there is a possible out of ...)
+ TODO: check
+CVE-2021-0565 (In wrapUserThread of AudioStream.cpp, there is a possible use after fr ...)
+ TODO: check
+CVE-2021-0564 (In decrypt of CryptoPlugin.cpp, there is a possible use-after-free due ...)
+ TODO: check
+CVE-2021-0563 (In ih264e_fmt_conv_422i_to_420sp of ih264e_fmt_conv.c, there is a poss ...)
+ TODO: check
+CVE-2021-0562 (In RasterIntraUpdate of motion_est.cpp, there is a possible out of bou ...)
+ TODO: check
+CVE-2021-0561 (In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a ...)
+ TODO: check
CVE-2021-0560
RESERVED
-CVE-2021-0559
- RESERVED
-CVE-2021-0558
- RESERVED
-CVE-2021-0557
- RESERVED
-CVE-2021-0556
- RESERVED
-CVE-2021-0555
- RESERVED
-CVE-2021-0554
- RESERVED
-CVE-2021-0553
- RESERVED
-CVE-2021-0552
- RESERVED
-CVE-2021-0551
- RESERVED
-CVE-2021-0550
- RESERVED
-CVE-2021-0549
- RESERVED
-CVE-2021-0548
- RESERVED
-CVE-2021-0547
- RESERVED
-CVE-2021-0546
- RESERVED
-CVE-2021-0545
- RESERVED
-CVE-2021-0544
- RESERVED
-CVE-2021-0543
- RESERVED
-CVE-2021-0542
- RESERVED
-CVE-2021-0541
- RESERVED
-CVE-2021-0540
- RESERVED
-CVE-2021-0539
- RESERVED
-CVE-2021-0538
- RESERVED
-CVE-2021-0537
- RESERVED
-CVE-2021-0536
- RESERVED
-CVE-2021-0535
- RESERVED
-CVE-2021-0534
- RESERVED
+CVE-2021-0559 (In Lag_max of p_ol_wgh.cpp, there is a possible out of bounds read due ...)
+ TODO: check
+CVE-2021-0558 (In fillMainDataBuf of pvmp3_framedecoder.cpp, there is a possible out ...)
+ TODO: check
+CVE-2021-0557 (In setRange of ABuffer.cpp, there is a possible out of bounds write du ...)
+ TODO: check
+CVE-2021-0556 (In getBlockSum of fastcodemb.cpp, there is a possible out of bounds re ...)
+ TODO: check
+CVE-2021-0555 (In RenderStruct of protostream_objectsource.cc, there is a possible cr ...)
+ TODO: check
+CVE-2021-0554 (In isBackupServiceActive of BackupManagerService.java, there is a miss ...)
+ TODO: check
+CVE-2021-0553 (In onBindViewHolder of AppSwitchPreference.java, there is a possible b ...)
+ TODO: check
+CVE-2021-0552 (In getEndItemSliceAction of MediaOutputSlice.java, there is a possible ...)
+ TODO: check
+CVE-2021-0551 (In bind of MediaControlPanel.java, there is a possible way to lock up ...)
+ TODO: check
+CVE-2021-0550 (In onLoadFailed of AnnotateActivity.java, there is a possible way to g ...)
+ TODO: check
+CVE-2021-0549 (In sspRequestCallback of BondStateMachine.java, there is a possible le ...)
+ TODO: check
+CVE-2021-0548 (In rw_i93_send_to_lower of rw_i93.cc, there is a possible out of bound ...)
+ TODO: check
+CVE-2021-0547 (In onReceive of NetInitiatedActivity.java, there is a possible way to ...)
+ TODO: check
+CVE-2021-0546 (In phNxpNciHal_print_res_status of phNxpNciHal.cc, there is a possible ...)
+ TODO: check
+CVE-2021-0545 (In phNxpNciHal_print_res_status of phNxpNciHal.cc, there is a possible ...)
+ TODO: check
+CVE-2021-0544 (In phNxpNciHal_print_res_status of phNxpNciHal.cc, there is a possible ...)
+ TODO: check
+CVE-2021-0543 (In phNxpNciHal_process_ext_rsp of phNxpNciHal_ext.cc, there is a possi ...)
+ TODO: check
+CVE-2021-0542 (In updateNotification of BeamTransferManager.java, there is a missing ...)
+ TODO: check
+CVE-2021-0541 (In phNxpNciHal_ext_process_nfc_init_rsp of phNxpNciHal_ext.cc, there i ...)
+ TODO: check
+CVE-2021-0540 (In halWrapperDataCallback of hal_wrapper.cc, there is a possible out o ...)
+ TODO: check
+CVE-2021-0539 (In archiveStoredConversation of MmsService.java, there is a possible w ...)
+ TODO: check
+CVE-2021-0538 (In onCreate of EmergencyCallbackModeExitDialog.java, there is a possib ...)
+ TODO: check
+CVE-2021-0537 (In onCreate of WiFiInstaller.java, there is a possible way to install ...)
+ TODO: check
+CVE-2021-0536 (In dropFile of WiFiInstaller, there is a way to delete files accessibl ...)
+ TODO: check
+CVE-2021-0535 (In wpas_ctrl_msg_queue_timeout of ctrl_iface_unix.c, there is a possib ...)
+ TODO: check
+CVE-2021-0534 (In permission declarations of DeviceAdminReceiver.java, there is a pos ...)
+ TODO: check
CVE-2021-0533 (In memory management driver, there is a possible memory corruption due ...)
NOT-FOR-US: MediaTek components for Android
CVE-2021-0532 (In memory management driver, there is a possible memory corruption due ...)
@@ -60978,32 +61006,32 @@ CVE-2020-22178
RESERVED
CVE-2020-22177
RESERVED
-CVE-2020-22176
- RESERVED
-CVE-2020-22175
- RESERVED
-CVE-2020-22174
- RESERVED
-CVE-2020-22173
- RESERVED
-CVE-2020-22172
- RESERVED
-CVE-2020-22171
- RESERVED
-CVE-2020-22170
- RESERVED
-CVE-2020-22169
- RESERVED
-CVE-2020-22168
- RESERVED
-CVE-2020-22167
- RESERVED
-CVE-2020-22166
- RESERVED
-CVE-2020-22165
- RESERVED
-CVE-2020-22164
- RESERVED
+CVE-2020-22176 (PHPGurukul Hospital Management System in PHP v4.0 has a sensitive info ...)
+ TODO: check
+CVE-2020-22175 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection ...)
+ TODO: check
+CVE-2020-22174 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection ...)
+ TODO: check
+CVE-2020-22173 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection ...)
+ TODO: check
+CVE-2020-22172 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection ...)
+ TODO: check
+CVE-2020-22171 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection ...)
+ TODO: check
+CVE-2020-22170 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection ...)
+ TODO: check
+CVE-2020-22169 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection ...)
+ TODO: check
+CVE-2020-22168 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection ...)
+ TODO: check
+CVE-2020-22167 (PHPGurukul Hospital Management System in PHP v4.0 has a Persistent Cro ...)
+ TODO: check
+CVE-2020-22166 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection ...)
+ TODO: check
+CVE-2020-22165 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection ...)
+ TODO: check
+CVE-2020-22164 (PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection ...)
+ TODO: check
CVE-2020-22163
RESERVED
CVE-2020-22162
@@ -68169,8 +68197,8 @@ CVE-2020-18656
RESERVED
CVE-2020-18655
RESERVED
-CVE-2020-18654
- RESERVED
+CVE-2020-18654 (Cross Site Scripting (XSS) in Wuzhi CMS v4.1.0 allows remote attackers ...)
+ TODO: check
CVE-2020-18653
RESERVED
CVE-2020-18652
@@ -68181,12 +68209,12 @@ CVE-2020-18650
RESERVED
CVE-2020-18649
RESERVED
-CVE-2020-18648
- RESERVED
-CVE-2020-18647
- RESERVED
-CVE-2020-18646
- RESERVED
+CVE-2020-18648 (Cross Site Request Forgery (CSRF) in JuQingCMS v1.0 allows remote atta ...)
+ TODO: check
+CVE-2020-18647 (Information Disclosure in NoneCMS v1.3 allows remote attackers to obta ...)
+ TODO: check
+CVE-2020-18646 (Information Disclosure in NoneCMS v1.3 allows remote attackers to obta ...)
+ TODO: check
CVE-2020-18645
RESERVED
CVE-2020-18644
@@ -74618,8 +74646,8 @@ CVE-2020-15734 (An Origin Validation Error vulnerability in Bitdefender Safepay
NOT-FOR-US: Bitdefender
CVE-2020-15733 (An Origin Validation Error vulnerability in the SafePay component of B ...)
NOT-FOR-US: Bitdefender Antivirus Plus
-CVE-2020-15732
- RESERVED
+CVE-2020-15732 (Improper Certificate Validation vulnerability in the Online Threat Pre ...)
+ TODO: check
CVE-2020-15731 (An improper Input Validation vulnerability in the code handling file r ...)
NOT-FOR-US: Bitdefender
CVE-2020-15730
@@ -403301,8 +403329,8 @@ CVE-2010-4818 (The GLX extension in X.Org xserver 1.7.7 allows remote authentica
NOTE: http://cgit.freedesktop.org/xorg/xserver/commit/?id=3f0d3f4d97bce75c1828635c322b6560a45a037f
CVE-2010-4817 (pithos before 0.3.5 allows overwrite of arbitrary files via symlinks. ...)
- pithos 0.3.5-1
-CVE-2010-4816
- RESERVED
+CVE-2010-4816 (It was found in FreeBSD 8.0, 6.3 and 4.9, and OpenBSD 4.6 that a null ...)
+ TODO: check
CVE-2010-4815 (Coppermine gallery before 1.4.26 has an input validation vulnerability ...)
NOT-FOR-US: Coppermine Photo Gallery
CVE-2011-3169 (Unspecified vulnerability in the SMTP service implementation in HP TCP ...)
@@ -413735,12 +413763,12 @@ CVE-2010-4268 (SQL injection vulnerability in the Pulse Infotech Flip Wall (com_
CVE-2010-4267 (Stack-based buffer overflow in the hpmud_get_pml function in io/hpmud/ ...)
{DSA-2152-1}
- hplip 3.10.6-2 (bug #610960)
-CVE-2010-4266
- RESERVED
+CVE-2010-4266 (It was found in vanilla forums before 2.0.10 a potential linkbait vuln ...)
+ TODO: check
CVE-2010-4265 (The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$Second ...)
- jbossas4 <not-affected> (Red Hat issue, they didn't include the fix for CVE-2010-3862 in the update)
-CVE-2010-4264
- RESERVED
+CVE-2010-4264 (It was found in vanilla forums before 2.0.10 a cross-site scripting vu ...)
+ TODO: check
CVE-2010-4263 (The igb_receive_skb function in drivers/net/igb/igb_main.c in the Inte ...)
- linux-2.6 2.6.32-30
[lenny] - linux-2.6 <not-affected> (Vulnerable code not present)
@@ -414806,7 +414834,7 @@ CVE-2010-3846 (Array index error in the apply_rcs_change function in rcs.c in CV
CVE-2010-3844 (An unchecked sscanf() call in ettercap before 0.7.5 allows an insecure ...)
- ettercap 1:0.7.4-1 (unimportant; bug #600130)
NOTE: Very far-fetched attack vector
-CVE-2010-3843 (The gtkui_conf_read function in src/interfaces/gtk/ec_gtk_conf.c in Et ...)
+CVE-2010-3843 (The GTK version of ettercap uses a global settings file at /tmp/.etter ...)
- ettercap 1:0.7.4-1 (unimportant; bug #600130)
NOTE: Very far-fetched attack vector
CVE-2010-3842 (Absolute path traversal vulnerability in curl 7.20.0 through 7.21.1, w ...)
@@ -415930,7 +415958,7 @@ CVE-2010-3447 (Cross-site scripting (XSS) vulnerability in view.php in the file
[lenny] - gollem <not-affected> ($filename not printed directly and passed through htmlspecialchars())
NOTE: http://bugs.horde.org/ticket/9191
CVE-2010-3446
- RESERVED
+ REJECTED
CVE-2010-3445 (Stack consumption vulnerability in the dissect_ber_unknown function in ...)
{DSA-2127-1}
- wireshark 1.2.11-3 (low)
@@ -416324,8 +416352,8 @@ CVE-2010-3302 (Buffer overflow in programs/pluto/xauth.c in the client in Opensw
CVE-2010-3301 (The IA32 system call emulation functionality in arch/x86/ia32/ia32entr ...)
- linux-2.6 2.6.32-23
[lenny] - linux-2.6 <not-affected> (vulnerability introduced in 2.6.27)
-CVE-2010-3300
- RESERVED
+CVE-2010-3300 (It was found that all OWASP ESAPI for Java up to version 2.0 RC2 are v ...)
+ TODO: check
CVE-2010-3299 (The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to p ...)
- rails <unfixed> (unimportant)
NOTE: http://seclists.org/oss-sec/2010/q3/415
@@ -417702,7 +417730,7 @@ CVE-2010-2805 (The FT_Stream_EnterFrame function in base/ftstream.c in FreeType
{DSA-2105-1}
- freetype 2.4.2-1
CVE-2010-2804
- RESERVED
+ REJECTED
CVE-2010-2803 (The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rend ...)
{DSA-2094-1}
- linux-2.6 2.6.32-22
@@ -418562,8 +418590,8 @@ CVE-2010-2527 (Multiple buffer overflows in demo programs in FreeType before 2.4
CVE-2010-2526 (The cluster logical volume manager daemon (clvmd) in lvm2-cluster in L ...)
{DSA-2095-1}
- lvm2 2.02.66-3 (bug #591204)
-CVE-2010-2525
- RESERVED
+CVE-2010-2525 (A flaw was discovered in gfs2 file system’s handling of acls (ac ...)
+ TODO: check
CVE-2010-2524 (The DNS resolution functionality in the CIFS implementation in the Lin ...)
{DSA-2264-1}
- linux-2.6 2.6.32-19
@@ -418686,9 +418714,9 @@ CVE-2010-2487 (Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1
{DSA-2083-1}
- moin 1.9.3-1 (bug #584809)
CVE-2010-2486
- RESERVED
+ REJECTED
CVE-2010-2485
- RESERVED
+ REJECTED
CVE-2010-2484 (The strrchr function in PHP 5.2 before 5.2.14 allows context-dependent ...)
- php5 5.3.3-1 (unimportant)
CVE-2010-2483 (The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers ...)
@@ -418714,7 +418742,7 @@ CVE-2010-2477 (Multiple cross-site scripting (XSS) vulnerabilities in the paste.
[lenny] - paste 1.7.1-1+lenny1
NOTE: http://bitbucket.org/ianb/paste/changeset/fcae59df8b56
CVE-2010-2475
- RESERVED
+ REJECTED
CVE-2010-2474 (JBoss Enterprise Service Bus (ESB) before 4.7 CP02 in JBoss Enterprise ...)
- jbossas4 <not-affected> (Only builds a few libraries, not the full application server, #581226)
CVE-2010-2470 (Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6.1 and 3.7 through ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/822c50f1a1c70cb8dbe3e765117d530a34dfdb75
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/822c50f1a1c70cb8dbe3e765117d530a34dfdb75
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210622/75887b72/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list