[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat May 15 09:10:32 BST 2021



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6bb489dd by security tracker role at 2021-05-15T08:10:25+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,18 @@
-CVE-2021-33033 [cipso,calipso: resolve a number of problems with the DOI refcounts]
+CVE-2021-33034 (In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use ...)
+	TODO: check
+CVE-2021-33032
+	RESERVED
+CVE-2021-33031
+	RESERVED
+CVE-2021-33030
+	RESERVED
+CVE-2021-33029
+	RESERVED
+CVE-2021-33028
+	RESERVED
+CVE-2021-33027
+	RESERVED
+CVE-2021-33033 (The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genop ...)
 	- linux 5.10.24-1
 	[buster] - linux 4.19.181-1
 	NOTE: https://git.kernel.org/linus/ad5d07f4a9cd671233ae20983848874731102c08
@@ -2006,8 +2020,8 @@ CVE-2021-32075
 	RESERVED
 CVE-2021-32074 (HashiCorp vault-action (aka Vault GitHub Action) before 2.2.0 allows a ...)
 	NOT-FOR-US: HashiCorp vault-action (aka Vault GitHub Action)
-CVE-2021-32073
-	RESERVED
+CVE-2021-32073 (DedeCMS V5.7 SP2 contains a CSRF vulnerability that allows a remote at ...)
+	TODO: check
 CVE-2021-32072
 	RESERVED
 CVE-2021-32071
@@ -2039,15 +2053,14 @@ CVE-2021-32062 (MapServer before 7.0.8, 7.1.x and 7.2.x before 7.2.3, 7.3.x and
 	NOTE: https://github.com/mapserver/mapserver/commit/7db7cbb26b6bc6e651db268e9536836a56e6825a (branch-7-2)
 	NOTE: https://github.com/mapserver/mapserver/commit/82a3eb5f6c8f75cedd095b909cc4990f3d8a99e1 (branch-7-0)
 	NOTE: Fixed in 7.0.8, 7.2.3, 7.4.5, 7.6.3
-CVE-2019-25044 [block: free sched's request pool in blk_cleanup_queue]
+CVE-2019-25044 (The block subsystem in the Linux kernel before 5.2 has a use-after-fre ...)
 	- linux <not-affected> (Vulnerable code only between 5.2-rc3 and 5.2-rc4)
 CVE-2019-25043 (ModSecurity 3.x before 3.0.4 mishandles key-value pair parsing, as dem ...)
 	- modsecurity 3.0.4-1
 	[buster] - modsecurity <no-dsa> (Minor issue)
 	NOTE: https://github.com/SpiderLabs/ModSecurity/issues/2566
 	NOTE: https://github.com/SpiderLabs/ModSecurity/commit/9cac167fafd180902c2aa5dc6141aae874127199
-CVE-2021-3537 [NULL pointer dereference in valid.c in xmlValidBuildAContentModel]
-	RESERVED
+CVE-2021-3537 (A vulnerability found in libxml2 in versions before 2.9.11 shows that  ...)
 	{DLA-2653-1}
 	- libxml2 2.9.10+dfsg-6.6 (bug #988123)
 	[buster] - libxml2 <no-dsa> (Minor issue)
@@ -2076,8 +2089,8 @@ CVE-2021-32056 (Cyrus IMAP before 3.2.7, and 3.3.x and 3.4.x before 3.4.1, allow
 	[stretch] - cyrus-imapd <not-affected> (Vulnerable code introduced in the 3.2.x series)
 	NOTE: https://github.com/cyrusimap/cyrus-imapd/commit/621f9e41465b521399f691c241181300fab55995
 	NOTE: https://cyrus.topicbox.com/groups/announce/T126392718bc29d6b/cyrus-imap-3-2-7-released
-CVE-2021-32054
-	RESERVED
+CVE-2021-32054 (Firely/Incendi Spark before 1.5.5-r4 lacks Content-Disposition headers ...)
+	TODO: check
 CVE-2021-32053 (JPA Server in HAPI FHIR before 5.4.0 allows a user to deny service (e. ...)
 	NOT-FOR-US: HAPI FHIR
 CVE-2021-32052 (In Django 2.2 before 2.2.22, 3.1 before 3.1.10, and 3.2 before 3.2.2 ( ...)
@@ -2206,7 +2219,7 @@ CVE-2021-32029
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=a71cfc56bf6013e3ea1d673acaf73fe7ebbd6bf3 (REL_13_3)
 CVE-2021-32028
 	RESERVED
-	{DSA-4915-1}
+	{DSA-4915-1 DLA-2662-1}
 	- postgresql-13 13.3-1
 	- postgresql-11 <removed>
 	- postgresql-9.6 <removed>
@@ -2214,7 +2227,7 @@ CVE-2021-32028
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=4a8656a7ee0c155b0249376af58eb3fc3a90415f (REL_13_3)
 CVE-2021-32027
 	RESERVED
-	{DSA-4915-1}
+	{DSA-4915-1 DLA-2662-1}
 	- postgresql-13 13.3-1
 	- postgresql-11 <removed>
 	- postgresql-9.6 <removed>
@@ -7892,220 +7905,220 @@ CVE-2021-29621
 	RESERVED
 CVE-2021-29620
 	RESERVED
-CVE-2021-29619
-	RESERVED
-CVE-2021-29618
-	RESERVED
-CVE-2021-29617
-	RESERVED
-CVE-2021-29616
-	RESERVED
-CVE-2021-29615
-	RESERVED
-CVE-2021-29614
-	RESERVED
-CVE-2021-29613
-	RESERVED
-CVE-2021-29612
-	RESERVED
-CVE-2021-29611
-	RESERVED
-CVE-2021-29610
-	RESERVED
-CVE-2021-29609
-	RESERVED
-CVE-2021-29608
-	RESERVED
-CVE-2021-29607
-	RESERVED
-CVE-2021-29606
-	RESERVED
-CVE-2021-29605
-	RESERVED
-CVE-2021-29604
-	RESERVED
-CVE-2021-29603
-	RESERVED
-CVE-2021-29602
-	RESERVED
-CVE-2021-29601
-	RESERVED
-CVE-2021-29600
-	RESERVED
-CVE-2021-29599
-	RESERVED
-CVE-2021-29598
-	RESERVED
-CVE-2021-29597
-	RESERVED
-CVE-2021-29596
-	RESERVED
-CVE-2021-29595
-	RESERVED
-CVE-2021-29594
-	RESERVED
-CVE-2021-29593
-	RESERVED
-CVE-2021-29592
-	RESERVED
-CVE-2021-29591
-	RESERVED
-CVE-2021-29590
-	RESERVED
-CVE-2021-29589
-	RESERVED
-CVE-2021-29588
-	RESERVED
-CVE-2021-29587
-	RESERVED
-CVE-2021-29586
-	RESERVED
-CVE-2021-29585
-	RESERVED
-CVE-2021-29584
-	RESERVED
-CVE-2021-29583
-	RESERVED
-CVE-2021-29582
-	RESERVED
-CVE-2021-29581
-	RESERVED
-CVE-2021-29580
-	RESERVED
-CVE-2021-29579
-	RESERVED
-CVE-2021-29578
-	RESERVED
-CVE-2021-29577
-	RESERVED
-CVE-2021-29576
-	RESERVED
-CVE-2021-29575
-	RESERVED
-CVE-2021-29574
-	RESERVED
-CVE-2021-29573
-	RESERVED
-CVE-2021-29572
-	RESERVED
-CVE-2021-29571
-	RESERVED
-CVE-2021-29570
-	RESERVED
-CVE-2021-29569
-	RESERVED
-CVE-2021-29568
-	RESERVED
-CVE-2021-29567
-	RESERVED
-CVE-2021-29566
-	RESERVED
-CVE-2021-29565
-	RESERVED
-CVE-2021-29564
-	RESERVED
-CVE-2021-29563
-	RESERVED
-CVE-2021-29562
-	RESERVED
-CVE-2021-29561
-	RESERVED
-CVE-2021-29560
-	RESERVED
-CVE-2021-29559
-	RESERVED
-CVE-2021-29558
-	RESERVED
-CVE-2021-29557
-	RESERVED
-CVE-2021-29556
-	RESERVED
-CVE-2021-29555
-	RESERVED
-CVE-2021-29554
-	RESERVED
-CVE-2021-29553
-	RESERVED
-CVE-2021-29552
-	RESERVED
-CVE-2021-29551
-	RESERVED
-CVE-2021-29550
-	RESERVED
-CVE-2021-29549
-	RESERVED
-CVE-2021-29548
-	RESERVED
-CVE-2021-29547
-	RESERVED
-CVE-2021-29546
-	RESERVED
-CVE-2021-29545
-	RESERVED
-CVE-2021-29544
-	RESERVED
-CVE-2021-29543
-	RESERVED
-CVE-2021-29542
-	RESERVED
-CVE-2021-29541
-	RESERVED
-CVE-2021-29540
-	RESERVED
-CVE-2021-29539
-	RESERVED
-CVE-2021-29538
-	RESERVED
-CVE-2021-29537
-	RESERVED
-CVE-2021-29536
-	RESERVED
-CVE-2021-29535
-	RESERVED
-CVE-2021-29534
-	RESERVED
-CVE-2021-29533
-	RESERVED
-CVE-2021-29532
-	RESERVED
-CVE-2021-29531
-	RESERVED
-CVE-2021-29530
-	RESERVED
-CVE-2021-29529
-	RESERVED
-CVE-2021-29528
-	RESERVED
-CVE-2021-29527
-	RESERVED
-CVE-2021-29526
-	RESERVED
-CVE-2021-29525
-	RESERVED
-CVE-2021-29524
-	RESERVED
-CVE-2021-29523
-	RESERVED
-CVE-2021-29522
-	RESERVED
-CVE-2021-29521
-	RESERVED
-CVE-2021-29520
-	RESERVED
-CVE-2021-29519
-	RESERVED
-CVE-2021-29518
-	RESERVED
-CVE-2021-29517
-	RESERVED
-CVE-2021-29516
-	RESERVED
-CVE-2021-29515
-	RESERVED
-CVE-2021-29514
-	RESERVED
-CVE-2021-29513
-	RESERVED
+CVE-2021-29619 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29618 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29617 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29616 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29615 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29614 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29613 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29612 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29611 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29610 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29609 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29608 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29607 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29606 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29605 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29604 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29603 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29602 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29601 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29600 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29599 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29598 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29597 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29596 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29595 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29594 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29593 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29592 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29591 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29590 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29589 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29588 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29587 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29586 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29585 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29584 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29583 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29582 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29581 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29580 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29579 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29578 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29577 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29576 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29575 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29574 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29573 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29572 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29571 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29570 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29569 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29568 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29567 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29566 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29565 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29564 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29563 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29562 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29561 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29560 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29559 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29558 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29557 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29556 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29555 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29554 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29553 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29552 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29551 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29550 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29549 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29548 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29547 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29546 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29545 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29544 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29543 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29542 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29541 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29540 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29539 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29538 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29537 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29536 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29535 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29534 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29533 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29532 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29531 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29530 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29529 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29528 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29527 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29526 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29525 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29524 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29523 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29522 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29521 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29520 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29519 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29518 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29517 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29516 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29515 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29514 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
+CVE-2021-29513 (TensorFlow is an end-to-end open source platform for machine learning. ...)
+	TODO: check
 CVE-2021-29512 (TensorFlow is an end-to-end open source platform for machine learning. ...)
 	- tensorflow <itp> (bug #804612)
 CVE-2021-29511 (evm is a pure Rust implementation of Ethereum Virtual Machine. Prior t ...)
@@ -12370,8 +12383,8 @@ CVE-2019-10102 (JetBrains Ktor framework (created using the Kotlin IDE template)
 	NOT-FOR-US: JetBrains Ktor
 CVE-2021-27738
 	RESERVED
-CVE-2021-27737
-	RESERVED
+CVE-2021-27737 (Apache Traffic Server 9.0.0 is vulnerable to a remote DOS attack on th ...)
+	TODO: check
 CVE-2020-35358 (DomainMOD domainmod-v4.15.0 is affected by an insufficient session exp ...)
 	NOT-FOR-US: DomainMOD
 CVE-2021-27803 (A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant b ...)
@@ -14270,8 +14283,7 @@ CVE-2021-26906 (An issue was discovered in res_pjsip_session.c in Digium Asteris
 	[stretch] - asterisk <no-dsa> (Minor issue)
 	NOTE: https://downloads.asterisk.org/pub/security/AST-2021-005.html
 	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-29196
-CVE-2021-3402
-	RESERVED
+CVE-2021-3402 (An integer overflow and several buffer overflow reads in libyara/modul ...)
 	- yara 4.0.4-1
 	[buster] - yara <no-dsa> (Minor issue)
 	[stretch] - yara <postponed> (Minor issue; can be fixed with next DLA)
@@ -23705,8 +23717,8 @@ CVE-2021-22868
 	RESERVED
 CVE-2021-22867
 	RESERVED
-CVE-2021-22866
-	RESERVED
+CVE-2021-22866 (A UI misrepresentation vulnerability was identified in GitHub Enterpri ...)
+	TODO: check
 CVE-2021-22865 (An improper access control vulnerability was identified in GitHub Ente ...)
 	NOT-FOR-US: GitHub Enterprise Server
 CVE-2021-22864 (A remote code execution vulnerability was identified in GitHub Enterpr ...)
@@ -42101,8 +42113,7 @@ CVE-2020-27834 [attacker can send the same request over and over again without c
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1907497
 	NOTE: http://almorabea.net/cves/zabbix.txt
 	NOTE: very scarce/incomplete CVE request from http://almorabea.net/cves/zabbix.txt
-CVE-2020-27833
-	RESERVED
+CVE-2020-27833 (A Zip Slip vulnerability was found in the oc binary in openshift-clien ...)
 	NOT-FOR-US: OpenShift
 CVE-2020-27832
 	RESERVED
@@ -42348,8 +42359,7 @@ CVE-2020-27770 (Due to a missing check for 0 value of `replace_extent`, it is po
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1721
 	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/be90a5395695f0d19479a5d46b06c678be7f7927
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/c01495f91ac71c5205f52713430b68e80d851149
-CVE-2020-27769
-	RESERVED
+CVE-2020-27769 (In ImageMagick versions before 7.0.9-0, there are outside the range of ...)
 	{DLA-2602-1}
 	- imagemagick 8:6.9.11.24+dfsg-1
 	[buster] - imagemagick <ignored> (Minor issue)
@@ -51455,8 +51465,8 @@ CVE-2020-24121
 	RESERVED
 CVE-2020-24120
 	RESERVED
-CVE-2020-24119
-	RESERVED
+CVE-2020-24119 (A heap buffer overflow read was discovered in upx 4.0.0, because the c ...)
+	TODO: check
 CVE-2020-24118
 	RESERVED
 CVE-2020-24117
@@ -63967,8 +63977,8 @@ CVE-2020-17893
 	RESERVED
 CVE-2020-17892
 	RESERVED
-CVE-2020-17891
-	RESERVED
+CVE-2020-17891 (TP-Link Archer C1200 firmware version 1.13 Build 2018/01/24 rel.52299  ...)
+	TODO: check
 CVE-2020-17890
 	RESERVED
 CVE-2020-17889
@@ -66582,8 +66592,8 @@ CVE-2020-16634
 	RESERVED
 CVE-2020-16633
 	RESERVED
-CVE-2020-16632
-	RESERVED
+CVE-2020-16632 (A XSS Vulnerability in /uploads/dede/action_search.php in DedeCMS V5.7 ...)
+	TODO: check
 CVE-2020-16631
 	RESERVED
 CVE-2020-16630



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6bb489dd8d31fce988eb90cad4caf49b7cafef93

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6bb489dd8d31fce988eb90cad4caf49b7cafef93
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210515/65fadaab/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list