[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Nov 7 20:10:27 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c6ea6fc2 by security tracker role at 2021-11-07T20:10:19+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,11 @@
+CVE-2021-43414 (An issue was discovered in GNU Hurd before 0.9 20210404-9. The use of  ...)
+	TODO: check
+CVE-2021-43413 (An issue was discovered in GNU Hurd before 0.9 20210404-9. A single pa ...)
+	TODO: check
+CVE-2021-43412 (An issue was discovered in GNU Hurd before 0.9 20210404-9. libports ac ...)
+	TODO: check
+CVE-2021-43411 (An issue was discovered in GNU Hurd before 0.9 20210404-9. When trying ...)
+	TODO: check
 CVE-2021-43410
 	RESERVED
 CVE-2021-3932
@@ -16313,8 +16321,8 @@ CVE-2021-37473 (In NavigateCMS version 2.9.4 and below, function in `product.php
 	NOT-FOR-US: NavigateCMS
 CVE-2021-37472
 	RESERVED
-CVE-2021-37471
-	RESERVED
+CVE-2021-37471 (A restricted shell escape sequence is possible on Cradlepoint IBR900-6 ...)
+	TODO: check
 CVE-2021-37470 (In NCH WebDictate v2.13, persistent Cross Site Scripting (XSS) exists  ...)
 	NOT-FOR-US: NCH
 CVE-2021-37469 (In NCH WebDictate v2.13 and earlier, authenticated users can abuse log ...)
@@ -44760,8 +44768,8 @@ CVE-2021-25980
 	RESERVED
 CVE-2021-25979
 	RESERVED
-CVE-2021-25978
-	RESERVED
+CVE-2021-25978 (Apostrophe CMS versions between 2.63.0 to 3.3.1 are vulnerable to Stor ...)
+	TODO: check
 CVE-2021-25977 (In PiranhaCMS, versions 7.0.0 to 9.1.1 are vulnerable to stored XSS du ...)
 	NOT-FOR-US: PiranhaCMS
 CVE-2021-25976
@@ -82630,9 +82638,9 @@ CVE-2020-23132
 CVE-2020-23131
 	RESERVED
 CVE-2020-23130
-	RESERVED
+	REJECTED
 CVE-2020-23129
-	RESERVED
+	REJECTED
 CVE-2020-23128 (Chamilo LMS 1.11.10 does not properly manage privileges which could al ...)
 	NOT-FOR-US: Chamilo LMS
 CVE-2020-23127 (Chamilo LMS 1.11.10 is affected by Cross Site Request Forgery (CSRF) v ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c6ea6fc254feda46e946e223d4531c23124bc9f9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c6ea6fc254feda46e946e223d4531c23124bc9f9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211107/fdb94deb/attachment.htm>

More information about the debian-security-tracker-commits mailing list