[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Nov 11 20:10:36 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
08afc08f by security tracker role at 2021-11-11T20:10:27+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,15 @@
+CVE-2021-3949
+	RESERVED
+CVE-2021-3948
+	RESERVED
+CVE-2021-3947
+	RESERVED
+CVE-2021-3946
+	RESERVED
+CVE-2021-3945
+	RESERVED
+CVE-2002-20001 (The Diffie-Hellman Key Agreement Protocol allows remote attackers (fro ...)
+	TODO: check
 CVE-2021-3944
 	RESERVED
 CVE-2021-3943
@@ -509,8 +521,8 @@ CVE-2021-3927 (vim is vulnerable to Heap-based Buffer Overflow ...)
 	NOTE: Fixed by: https://github.com/vim/vim/commit/0b5b06cb4777d1401fdf83e7d48d287662236e7e (v8.2.3581)
 CVE-2021-43357
 	RESERVED
-CVE-2021-43350
-	RESERVED
+CVE-2021-43350 (An unauthenticated Apache Traffic Control Traffic Ops user can send a  ...)
+	TODO: check
 CVE-2021-43349
 	RESERVED
 CVE-2021-43348
@@ -531,7 +543,7 @@ CVE-2021-43341
 	RESERVED
 CVE-2021-43340
 	RESERVED
-CVE-2021-43339 (In Ericsson Network Location MPS GMPC21, it is possible for an authent ...)
+CVE-2021-43339 (In Ericsson Network Location before 2021-07-31, it is possible for an  ...)
 	NOT-FOR-US: Ericsson
 CVE-2021-43338 (In Ericsson Network Location MPS GMPC21, it is possible to creates a n ...)
 	NOT-FOR-US: Ericsson
@@ -43670,8 +43682,8 @@ CVE-2021-26560 (Cleartext transmission of sensitive information vulnerability in
 	NOT-FOR-US: Synology
 CVE-2021-26559 (Improper Access Control on Configurations Endpoint for the Stable API  ...)
 	- airflow <itp> (bug #819700)
-CVE-2021-26558
-	RESERVED
+CVE-2021-26558 (Deserialization of Untrusted Data vulnerability of Apache ShardingSphe ...)
+	TODO: check
 CVE-2019-25018 (In the rcp client in MIT krb5-appl through 1.0.3, malicious servers co ...)
 	- krb5-appl <removed>
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1131109
@@ -45214,8 +45226,8 @@ CVE-2021-25982
 	RESERVED
 CVE-2021-25981
 	RESERVED
-CVE-2021-25980
-	RESERVED
+CVE-2021-25980 (In Talkyard, versions v0.04.01 through v0.6.74-WIP-63220cb, v0.2020.22 ...)
+	TODO: check
 CVE-2021-25979 (Apostrophe CMS versions between 2.63.0 to 3.3.1 affected by an insuffi ...)
 	NOT-FOR-US: Apostrophe CMS
 CVE-2021-25978 (Apostrophe CMS versions between 2.63.0 to 3.3.1 are vulnerable to Stor ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08afc08f4b4872622ddbd89268200634d6419dec

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08afc08f4b4872622ddbd89268200634d6419dec
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211111/0ef4168a/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list