[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Thu Mar 11 20:10:38 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2a69c8df by security tracker role at 2021-03-11T20:10:30+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,17 +1,29 @@
+CVE-2021-3435
+ RESERVED
+CVE-2021-3434
+ RESERVED
+CVE-2021-3433
+ RESERVED
+CVE-2021-3432
+ RESERVED
+CVE-2021-3431
+ RESERVED
+CVE-2021-3430
+ RESERVED
CVE-2021-3429
RESERVED
CVE-2021-3428
RESERVED
CVE-2021-28145
RESERVED
-CVE-2021-28144
- RESERVED
+CVE-2021-28144 (prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote a ...)
+ TODO: check
CVE-2021-28143
RESERVED
CVE-2021-28142
RESERVED
-CVE-2021-28141
- RESERVED
+CVE-2021-28141 (An issue was discovered in Progress Telerik UI for ASP.NET AJAX 2021.1 ...)
+ TODO: check
CVE-2021-28140
RESERVED
CVE-2021-28139
@@ -189,13 +201,13 @@ CVE-2021-28089
RESERVED
CVE-2020-36256
RESERVED
-CVE-2021-21381 [Arbitrary file read/write without permissions]
+CVE-2021-21381 (Flatpak is a system for building, distributing, and running sandboxed ...)
- flatpak 1.10.1-4 (bug #984859)
[stretch] - flatpak <not-affected> (Vulnerable code introduced later)
NOTE: https://github.com/flatpak/flatpak/issues/4146
NOTE: https://github.com/flatpak/flatpak/security/advisories/GHSA-xgh4-387p-hqpp
-CVE-2021-28088
- RESERVED
+CVE-2021-28088 (Cross-site scripting (XSS) in modules/content/admin/content.php in Imp ...)
+ TODO: check
CVE-2021-28087
RESERVED
CVE-2021-28086
@@ -1076,12 +1088,12 @@ CVE-2021-27681
RESERVED
CVE-2021-27680
RESERVED
-CVE-2021-27679
- RESERVED
-CVE-2021-27678
- RESERVED
-CVE-2021-27677
- RESERVED
+CVE-2021-27679 (Cross-site scripting (XSS) vulnerability in Navigation in Batflat CMS ...)
+ TODO: check
+CVE-2021-27678 (Cross-site scripting (XSS) vulnerability in Snippets in Batflat CMS 1. ...)
+ TODO: check
+CVE-2021-27677 (Cross-site scripting (XSS) vulnerability in Galleries in Batflat CMS 1 ...)
+ TODO: check
CVE-2021-27676
RESERVED
CVE-2021-27675
@@ -2330,6 +2342,7 @@ CVE-2021-27106
CVE-2021-27105
RESERVED
CVE-2021-3407 (A flaw was found in mupdf 1.18.0. Double free of object during lineari ...)
+ {DLA-2589-1}
- mupdf 1.17.0+ds1-1.3 (bug #983684)
NOTE: http://git.ghostscript.com/?p=mupdf.git;h=cee7cefc610d42fd383b3c80c12cbc675443176a
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=703366 (not public yet)
@@ -2382,84 +2395,84 @@ CVE-2021-27087
RESERVED
CVE-2021-27086
RESERVED
-CVE-2021-27085
- RESERVED
-CVE-2021-27084
- RESERVED
-CVE-2021-27083
- RESERVED
-CVE-2021-27082
- RESERVED
-CVE-2021-27081
- RESERVED
-CVE-2021-27080
- RESERVED
+CVE-2021-27085 (Internet Explorer Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2021-27084 (Visual Studio Code Java Extension Pack Remote Code Execution Vulnerabi ...)
+ TODO: check
+CVE-2021-27083 (Remote Development Extension for Visual Studio Code Remote Code Execut ...)
+ TODO: check
+CVE-2021-27082 (Quantum Development Kit for Visual Studio Code Remote Code Execution V ...)
+ TODO: check
+CVE-2021-27081 (Visual Studio Code ESLint Extension Remote Code Execution Vulnerabilit ...)
+ TODO: check
+CVE-2021-27080 (Azure Sphere Unsigned Code Execution Vulnerability This CVE ID is uniq ...)
+ TODO: check
CVE-2021-27079
RESERVED
CVE-2021-27078 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
NOT-FOR-US: Microsoft
-CVE-2021-27077
- RESERVED
-CVE-2021-27076
- RESERVED
-CVE-2021-27075
- RESERVED
-CVE-2021-27074
- RESERVED
+CVE-2021-27077 (Windows Win32k Elevation of Privilege Vulnerability This CVE ID is uni ...)
+ TODO: check
+CVE-2021-27076 (Microsoft SharePoint Server Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2021-27075 (Azure Virtual Machine Information Disclosure Vulnerability ...)
+ TODO: check
+CVE-2021-27074 (Azure Sphere Unsigned Code Execution Vulnerability This CVE ID is uniq ...)
+ TODO: check
CVE-2021-27073
RESERVED
CVE-2021-27072
RESERVED
CVE-2021-27071
RESERVED
-CVE-2021-27070
- RESERVED
+CVE-2021-27070 (Windows 10 Update Assistant Elevation of Privilege Vulnerability ...)
+ TODO: check
CVE-2021-27069
RESERVED
CVE-2021-27068
RESERVED
CVE-2021-27067
RESERVED
-CVE-2021-27066
- RESERVED
+CVE-2021-27066 (Windows Admin Center Security Feature Bypass Vulnerability ...)
+ TODO: check
CVE-2021-27065 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
NOT-FOR-US: Microsoft
CVE-2021-27064
RESERVED
-CVE-2021-27063
- RESERVED
-CVE-2021-27062
- RESERVED
-CVE-2021-27061
- RESERVED
-CVE-2021-27060
- RESERVED
-CVE-2021-27059
- RESERVED
-CVE-2021-27058
- RESERVED
-CVE-2021-27057
- RESERVED
-CVE-2021-27056
- RESERVED
-CVE-2021-27055
- RESERVED
-CVE-2021-27054
- RESERVED
-CVE-2021-27053
- RESERVED
-CVE-2021-27052
- RESERVED
-CVE-2021-27051
- RESERVED
-CVE-2021-27050
- RESERVED
-CVE-2021-27049
- RESERVED
-CVE-2021-27048
- RESERVED
-CVE-2021-27047
- RESERVED
+CVE-2021-27063 (Windows DNS Server Denial of Service Vulnerability This CVE ID is uniq ...)
+ TODO: check
+CVE-2021-27062 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+ TODO: check
+CVE-2021-27061 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+ TODO: check
+CVE-2021-27060 (Visual Studio Code Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2021-27059 (Microsoft Office Remote Code Execution Vulnerability This CVE ID is un ...)
+ TODO: check
+CVE-2021-27058 (Microsoft Office ClickToRun Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2021-27057 (Microsoft Office Remote Code Execution Vulnerability This CVE ID is un ...)
+ TODO: check
+CVE-2021-27056 (Microsoft PowerPoint Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2021-27055 (Microsoft Visio Security Feature Bypass Vulnerability ...)
+ TODO: check
+CVE-2021-27054 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
+ TODO: check
+CVE-2021-27053 (Microsoft Excel Remote Code Execution Vulnerability This CVE ID is uni ...)
+ TODO: check
+CVE-2021-27052 (Microsoft SharePoint Server Information Disclosure Vulnerability ...)
+ TODO: check
+CVE-2021-27051 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+ TODO: check
+CVE-2021-27050 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+ TODO: check
+CVE-2021-27049 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+ TODO: check
+CVE-2021-27048 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+ TODO: check
+CVE-2021-27047 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+ TODO: check
CVE-2021-27046
RESERVED
CVE-2021-27045
@@ -2812,94 +2825,94 @@ CVE-2021-26904 (LMA ISIDA Retriever 5.2 allows SQL Injection. ...)
NOT-FOR-US: LMA ISIDA Retriever
CVE-2021-26903 (LMA ISIDA Retriever 5.2 is vulnerable to XSS via query['text']. ...)
NOT-FOR-US: LMA ISIDA Retriever
-CVE-2021-26902
- RESERVED
-CVE-2021-26901
- RESERVED
-CVE-2021-26900
- RESERVED
-CVE-2021-26899
- RESERVED
-CVE-2021-26898
- RESERVED
-CVE-2021-26897
- RESERVED
-CVE-2021-26896
- RESERVED
-CVE-2021-26895
- RESERVED
-CVE-2021-26894
- RESERVED
-CVE-2021-26893
- RESERVED
-CVE-2021-26892
- RESERVED
-CVE-2021-26891
- RESERVED
-CVE-2021-26890
- RESERVED
-CVE-2021-26889
- RESERVED
+CVE-2021-26902 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+ TODO: check
+CVE-2021-26901 (Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID ...)
+ TODO: check
+CVE-2021-26900 (Windows Win32k Elevation of Privilege Vulnerability This CVE ID is uni ...)
+ TODO: check
+CVE-2021-26899 (Windows UPnP Device Host Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2021-26898 (Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID ...)
+ TODO: check
+CVE-2021-26897 (Windows DNS Server Remote Code Execution Vulnerability This CVE ID is ...)
+ TODO: check
+CVE-2021-26896 (Windows DNS Server Denial of Service Vulnerability This CVE ID is uniq ...)
+ TODO: check
+CVE-2021-26895 (Windows DNS Server Remote Code Execution Vulnerability This CVE ID is ...)
+ TODO: check
+CVE-2021-26894 (Windows DNS Server Remote Code Execution Vulnerability This CVE ID is ...)
+ TODO: check
+CVE-2021-26893 (Windows DNS Server Remote Code Execution Vulnerability This CVE ID is ...)
+ TODO: check
+CVE-2021-26892 (Windows Extensible Firmware Interface Security Feature Bypass Vulnerab ...)
+ TODO: check
+CVE-2021-26891 (Windows Container Execution Agent Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2021-26890 (Application Virtualization Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2021-26889 (Windows Update Stack Elevation of Privilege Vulnerability ...)
+ TODO: check
CVE-2021-26888
RESERVED
-CVE-2021-26887
- RESERVED
-CVE-2021-26886
- RESERVED
-CVE-2021-26885
- RESERVED
-CVE-2021-26884
- RESERVED
+CVE-2021-26887 (Microsoft Windows Folder Redirection Elevation of Privilege Vulnerabil ...)
+ TODO: check
+CVE-2021-26886 (User Profile Service Denial of Service Vulnerability ...)
+ TODO: check
+CVE-2021-26885 (Windows WalletService Elevation of Privilege Vulnerability This CVE ID ...)
+ TODO: check
+CVE-2021-26884 (Windows Media Photo Codec Information Disclosure Vulnerability ...)
+ TODO: check
CVE-2021-26883
RESERVED
-CVE-2021-26882
- RESERVED
-CVE-2021-26881
- RESERVED
-CVE-2021-26880
- RESERVED
-CVE-2021-26879
- RESERVED
-CVE-2021-26878
- RESERVED
-CVE-2021-26877
- RESERVED
-CVE-2021-26876
- RESERVED
-CVE-2021-26875
- RESERVED
-CVE-2021-26874
- RESERVED
-CVE-2021-26873
- RESERVED
-CVE-2021-26872
- RESERVED
-CVE-2021-26871
- RESERVED
-CVE-2021-26870
- RESERVED
-CVE-2021-26869
- RESERVED
-CVE-2021-26868
- RESERVED
-CVE-2021-26867
- RESERVED
-CVE-2021-26866
- RESERVED
-CVE-2021-26865
- RESERVED
-CVE-2021-26864
- RESERVED
-CVE-2021-26863
- RESERVED
-CVE-2021-26862
- RESERVED
-CVE-2021-26861
- RESERVED
-CVE-2021-26860
- RESERVED
-CVE-2021-26859
- RESERVED
+CVE-2021-26882 (Remote Access API Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2021-26881 (Microsoft Windows Media Foundation Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2021-26880 (Storage Spaces Controller Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2021-26879 (Windows NAT Denial of Service Vulnerability ...)
+ TODO: check
+CVE-2021-26878 (Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID ...)
+ TODO: check
+CVE-2021-26877 (Windows DNS Server Remote Code Execution Vulnerability This CVE ID is ...)
+ TODO: check
+CVE-2021-26876 (OpenType Font Parsing Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2021-26875 (Windows Win32k Elevation of Privilege Vulnerability This CVE ID is uni ...)
+ TODO: check
+CVE-2021-26874 (Windows Overlay Filter Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2021-26873 (Windows User Profile Service Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2021-26872 (Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID ...)
+ TODO: check
+CVE-2021-26871 (Windows WalletService Elevation of Privilege Vulnerability This CVE ID ...)
+ TODO: check
+CVE-2021-26870 (Windows Projected File System Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2021-26869 (Windows ActiveX Installer Service Information Disclosure Vulnerability ...)
+ TODO: check
+CVE-2021-26868 (Windows Graphics Component Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2021-26867 (Windows Hyper-V Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2021-26866 (Windows Update Service Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2021-26865 (Windows Container Execution Agent Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2021-26864 (Windows Virtual Registry Provider Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2021-26863 (Windows Win32k Elevation of Privilege Vulnerability This CVE ID is uni ...)
+ TODO: check
+CVE-2021-26862 (Windows Installer Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2021-26861 (Windows Graphics Component Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2021-26860 (Windows App-V Overlay Filter Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2021-26859 (Microsoft Power BI Information Disclosure Vulnerability ...)
+ TODO: check
CVE-2021-26858 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
NOT-FOR-US: Microsoft
CVE-2021-26857 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
@@ -3105,8 +3118,8 @@ CVE-2021-26778
RESERVED
CVE-2021-26777
RESERVED
-CVE-2021-26776
- RESERVED
+CVE-2021-26776 (CSZ CMS 1.2.9 is affected by a cross-site scripting (XSS) vulnerabilit ...)
+ TODO: check
CVE-2021-26775
RESERVED
CVE-2021-26774
@@ -3997,8 +4010,8 @@ CVE-2021-26413
RESERVED
CVE-2021-26412 (Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ...)
NOT-FOR-US: Microsoft
-CVE-2021-26411
- RESERVED
+CVE-2021-26411 (Internet Explorer Memory Corruption Vulnerability ...)
+ TODO: check
CVE-2021-26410
RESERVED
CVE-2021-26409
@@ -9330,20 +9343,20 @@ CVE-2021-24112 (.NET Core Remote Code Execution Vulnerability This CVE ID is uni
NOT-FOR-US: Microsoft
CVE-2021-24111 (.NET Framework Denial of Service Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2021-24110
- RESERVED
+CVE-2021-24110 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+ TODO: check
CVE-2021-24109 (Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerabilit ...)
NOT-FOR-US: Microsoft
-CVE-2021-24108
- RESERVED
-CVE-2021-24107
- RESERVED
+CVE-2021-24108 (Microsoft Office Remote Code Execution Vulnerability This CVE ID is un ...)
+ TODO: check
+CVE-2021-24107 (Windows Event Tracing Information Disclosure Vulnerability ...)
+ TODO: check
CVE-2021-24106 (Windows DirectX Information Disclosure Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2021-24105 (Package Managers Configurations Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2021-24104
- RESERVED
+CVE-2021-24104 (Microsoft SharePoint Spoofing Vulnerability ...)
+ TODO: check
CVE-2021-24103 (Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID ...)
NOT-FOR-US: Microsoft
CVE-2021-24102 (Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID ...)
@@ -9360,8 +9373,8 @@ CVE-2021-24097
RESERVED
CVE-2021-24096 (Windows Kernel Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2021-24095
- RESERVED
+CVE-2021-24095 (DirectX Elevation of Privilege Vulnerability ...)
+ TODO: check
CVE-2021-24094 (Windows TCP/IP Remote Code Execution Vulnerability This CVE ID is uniq ...)
NOT-FOR-US: Microsoft
CVE-2021-24093 (Windows Graphics Component Remote Code Execution Vulnerability ...)
@@ -9370,10 +9383,10 @@ CVE-2021-24092 (Microsoft Defender Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2021-24091 (Windows Camera Codec Pack Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2021-24090
- RESERVED
-CVE-2021-24089
- RESERVED
+CVE-2021-24090 (Windows Error Reporting Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2021-24089 (HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID ...)
+ TODO: check
CVE-2021-24088 (Windows Local Spooler Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2021-24087 (Azure IoT CLI extension Elevation of Privilege Vulnerability ...)
@@ -18922,8 +18935,8 @@ CVE-2021-20338
RESERVED
CVE-2021-20337
RESERVED
-CVE-2021-20336
- RESERVED
+CVE-2021-20336 (IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-sit ...)
+ TODO: check
CVE-2021-20335 (For MongoDB Ops Manager 4.2.X with multiple OM application servers, th ...)
NOT-FOR-US: MongoDB Ops Manager
CVE-2021-20334
@@ -22993,8 +23006,8 @@ CVE-2021-1731 (PFX Encryption Security Feature Bypass Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2021-1730 (Microsoft Exchange Server Spoofing Vulnerability This CVE ID is unique ...)
NOT-FOR-US: Microsoft
-CVE-2021-1729
- RESERVED
+CVE-2021-1729 (Windows Update Stack Setup Elevation of Privilege Vulnerability ...)
+ TODO: check
CVE-2021-1728 (System Center Operations Manager Elevation of Privilege Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2021-1727 (Windows Installer Elevation of Privilege Vulnerability ...)
@@ -33441,7 +33454,7 @@ CVE-2020-26521 (The JWT library in NATS nats-server before 2.1.9 allows a denial
CVE-2020-26520
RESERVED
CVE-2020-26519 (Artifex MuPDF before 1.18.0 has a heap based buffer over-write when pa ...)
- {DSA-4794-1}
+ {DSA-4794-1 DLA-2589-1}
- mupdf 1.17.0+ds1-1.1 (bug #971595)
NOTE: http://git.ghostscript.com/?p=mupdf.git;a=commit;h=af1e390a2c7abceb32676ec684cd1dbb92907ce8
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=702937
@@ -58427,12 +58440,12 @@ CVE-2020-14991
RESERVED
CVE-2020-14990 (IOBit Advanced SystemCare Free 13.5.0.263 allows local users to gain p ...)
NOT-FOR-US: IOBit Advanced SystemCare Free
-CVE-2020-14989
- RESERVED
-CVE-2020-14988
- RESERVED
-CVE-2020-14987
- RESERVED
+CVE-2020-14989 (An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 ...)
+ TODO: check
+CVE-2020-14988 (An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 ...)
+ TODO: check
+CVE-2020-14987 (An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 ...)
+ TODO: check
CVE-2020-14986
RESERVED
CVE-2020-14985
@@ -86260,10 +86273,10 @@ CVE-2020-5027
RESERVED
CVE-2020-5026
RESERVED
-CVE-2020-5025
- RESERVED
-CVE-2020-5024
- RESERVED
+CVE-2020-5025 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+ TODO: check
+CVE-2020-5024 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+ TODO: check
CVE-2020-5023 (IBM Spectrum Protect Plus 10.1.0 through 10.1.7 could allow a remote u ...)
NOT-FOR-US: IBM
CVE-2020-5022 (IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may allow unauthentica ...)
@@ -86358,8 +86371,8 @@ CVE-2020-4978
RESERVED
CVE-2020-4977
RESERVED
-CVE-2020-4976
- RESERVED
+CVE-2020-4976 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
+ TODO: check
CVE-2020-4975 (IBM Engineering products are vulnerable to cross-site scripting. This ...)
NOT-FOR-US: IBM
CVE-2020-4974
@@ -94791,7 +94804,7 @@ CVE-2020-1898 (The fb_unserialize function did not impose a depth limit for nest
TODO: check
CVE-2020-1897 (A use-after-free is possible due to an error in lifetime management in ...)
NOT-FOR-US: Facebook Proxygen
-CVE-2020-1896 (A stack overflow vulnerability in Facebook Hermes ‘builtin apply ...)
+CVE-2020-1896 (A stack overflow vulnerability in Facebook Hermes 'builtin apply' prio ...)
NOT-FOR-US: Facebook Hermes
CVE-2020-1895 (A large heap overflow could occur in Instagram for Android when attemp ...)
NOT-FOR-US: Instagram for Android
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a69c8df4e7f6d7f6ffdb82bfb9ced76ad695d45
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a69c8df4e7f6d7f6ffdb82bfb9ced76ad695d45
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210311/b7ad4634/attachment.htm>
More information about the debian-security-tracker-commits
mailing list