[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Nov 29 08:10:20 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fe190236 by security tracker role at 2021-11-29T08:10:11+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2021-4027
+	RESERVED
+CVE-2021-4026
+	RESERVED
 CVE-2021-4025
 	RESERVED
 CVE-2021-44235
@@ -460,10 +464,10 @@ CVE-2021-44096
 	RESERVED
 CVE-2021-44095
 	RESERVED
-CVE-2021-44094
-	RESERVED
-CVE-2021-44093
-	RESERVED
+CVE-2021-44094 (ZrLog 2.2.2 has a remote command execution vulnerability at plugin dow ...)
+	TODO: check
+CVE-2021-44093 (A Remote Command Execution vulnerability on the background in zrlog 2. ...)
+	TODO: check
 CVE-2021-44092
 	RESERVED
 CVE-2021-44091
@@ -518,8 +522,8 @@ CVE-2021-3992
 	RESERVED
 CVE-2021-44078
 	RESERVED
-CVE-2021-44077
-	RESERVED
+CVE-2021-44077 (Zoho ManageEngine ServiceDesk Plus before 11306 is vulnerable to unaut ...)
+	TODO: check
 CVE-2021-3991
 	RESERVED
 CVE-2021-3990
@@ -32603,8 +32607,8 @@ CVE-2021-3536 (A flaw was found in Wildfly in versions before 23.0.2.Final while
 	- wildfly <itp> (bug #752018)
 CVE-2021-3535 (Rapid7 Nexpose is vulnerable to a non-persistent cross-site scripting  ...)
 	NOT-FOR-US: Rapid7
-CVE-2021-32061
-	RESERVED
+CVE-2021-32061 (S3Scanner before 2.0.2 allows Directory Traversal via a crafted bucket ...)
+	TODO: check
 CVE-2021-32060
 	RESERVED
 CVE-2021-32059
@@ -58276,8 +58280,7 @@ CVE-2021-21709
 	RESERVED
 CVE-2021-21708
 	RESERVED
-CVE-2021-21707 [special character is breaking the path in xml function]
-	RESERVED
+CVE-2021-21707 (In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below ...)
 	- php8.1 8.1.0-1
 	- php8.0 <unfixed>
 	- php7.4 <removed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fe190236a65a899f30c7782e0eee160fb32fc338

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fe190236a65a899f30c7782e0eee160fb32fc338
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211129/52455fe7/attachment.htm>

More information about the debian-security-tracker-commits mailing list