[Git][security-tracker-team/security-tracker][master] new graphviz issue
Moritz Muehlenhoff
jmm at debian.org
Mon May 3 13:15:17 BST 2021
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dd1ca29e by Moritz Muehlenhoff at 2021-05-03T14:15:01+02:00
new graphviz issue
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,7 +9,7 @@ CVE-2021-31998
CVE-2021-31997
RESERVED
CVE-2021-31996 (An issue was discovered in the algorithmica crate through 2021-03-07 f ...)
- TODO: check
+ NOT-FOR-US: Rust crate algorithmica
CVE-2021-3529
RESERVED
CVE-2021-31995
@@ -5657,7 +5657,7 @@ CVE-2021-29488
CVE-2021-29487
RESERVED
CVE-2021-29486 (cumulative-distribution-function is an open source npm library used wh ...)
- TODO: check
+ NOT-FOR-US: Node cumulative-distribution-function
CVE-2021-29485
RESERVED
CVE-2021-29484 (Ghost is a Node.js CMS. An unused endpoint added during the developmen ...)
@@ -11942,7 +11942,7 @@ CVE-2021-26809 (PHPGurukul Car Rental Project version 2.0 suffers from a remote
CVE-2021-26808
RESERVED
CVE-2021-26807 (GalaxyClient version 2.0.28.9 loads unsigned DLLs such as zlib1.dll, l ...)
- TODO: check
+ NOT-FOR-US: GOG Galaxy client
CVE-2021-26806
RESERVED
CVE-2021-26805 (Buffer Overflow in tsMuxer 2.6.16 allows attackers to cause a Denial o ...)
@@ -49138,7 +49138,7 @@ CVE-2020-23909
CVE-2020-23908
RESERVED
CVE-2020-23907 (An issue was discovered in retdec v3.3. In function canSplitFunctionOn ...)
- TODO: check
+ NOT-FOR-US: retdec
CVE-2020-23906
RESERVED
CVE-2020-23905
@@ -51336,9 +51336,9 @@ CVE-2020-22810
CVE-2020-22809
RESERVED
CVE-2020-22808 (An issue was found in yii2_fecshop 2.x. There is a reflected XSS vulne ...)
- TODO: check
+ NOT-FOR-US: yii2_fecshop
CVE-2020-22807 (An issue was dicovered in vtiger crm 7.2. Union sql injection in the c ...)
- TODO: check
+ NOT-FOR-US: VTiger CRM
CVE-2020-22806
RESERVED
CVE-2020-22805
@@ -54053,7 +54053,7 @@ CVE-2020-21454
CVE-2020-21453
RESERVED
CVE-2020-21452 (An issue was discovered in uniview ISC2500-S. This is an upload vulner ...)
- TODO: check
+ NOT-FOR-US: uniview ISC2500-S
CVE-2020-21451
RESERVED
CVE-2020-21450
@@ -54755,7 +54755,7 @@ CVE-2020-21103
CVE-2020-21102
RESERVED
CVE-2020-21101 (Cross Site Scriptiong vulnerabilityin Screenly screenly-ose all versio ...)
- TODO: check
+ NOT-FOR-US: Screenly
CVE-2020-21100
RESERVED
CVE-2020-21099
@@ -60910,13 +60910,14 @@ CVE-2020-18037
CVE-2020-18036
RESERVED
CVE-2020-18035 (Cross Site Scripting (XSS) in Jeesns v1.4.2 allows remote attackers to ...)
- TODO: check
+ NOT-FOR-US: Jeesns
CVE-2020-18034
RESERVED
CVE-2020-18033
RESERVED
CVE-2020-18032 (Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f ...)
- TODO: check
+ - graphviz <unfixed>
+ NOTE: https://gitlab.com/graphviz/graphviz/-/commit/784411ca3655c80da0f6025ab20634b2a6ff696b
CVE-2020-18031
RESERVED
CVE-2020-18030
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd1ca29e7b3522b19bf681980e19956cf6fe3da6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd1ca29e7b3522b19bf681980e19956cf6fe3da6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210503/cc1ad3df/attachment.htm>
More information about the debian-security-tracker-commits
mailing list