[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Sep 1 09:10:32 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f1efe19e by security tracker role at 2021-09-01T08:10:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,53 @@
+CVE-2021-40353 (A SQL injection vulnerability exists in version 8.0 of openSIS when My ...)
+	TODO: check
+CVE-2021-40352
+	RESERVED
+CVE-2021-40351
+	RESERVED
+CVE-2021-40350
+	RESERVED
+CVE-2021-40349
+	RESERVED
+CVE-2021-40348
+	RESERVED
+CVE-2021-40347
+	RESERVED
+CVE-2021-40346
+	RESERVED
+CVE-2021-40345
+	RESERVED
+CVE-2021-40344
+	RESERVED
+CVE-2021-40343
+	RESERVED
+CVE-2021-40342
+	RESERVED
+CVE-2021-40341
+	RESERVED
+CVE-2021-40340
+	RESERVED
+CVE-2021-40339
+	RESERVED
+CVE-2021-40338
+	RESERVED
+CVE-2021-40337
+	RESERVED
+CVE-2021-40336
+	RESERVED
+CVE-2021-40335
+	RESERVED
+CVE-2021-40334
+	RESERVED
+CVE-2021-40333
+	RESERVED
+CVE-2021-40332
+	RESERVED
+CVE-2021-3759
+	RESERVED
+CVE-2021-3758
+	RESERVED
+CVE-2021-3757
+	RESERVED
 CVE-2021-40331
 	RESERVED
 CVE-2021-3756
@@ -2677,7 +2727,7 @@ CVE-2021-39134 (`@npmcli/arborist`, the library that calculates dependency trees
 	NOTE: https://github.com/npm/arborist/security/advisories/GHSA-2h3h-q99f-3fhc
 CVE-2021-39133 (Rundeck is an open source automation service with a web console, comma ...)
 	NOT-FOR-US: Rundeck
-CVE-2021-39132 (### Impact An authorized user can upload a zip-format plugin with a cr ...)
+CVE-2021-39132 (Rundeck is an open source automation service with a web console, comma ...)
 	NOT-FOR-US: Rundeck
 CVE-2021-39131 (ced detects character encoding using Google’s compact_enc_det li ...)
 	NOT-FOR-US: Node ced
@@ -2723,8 +2773,8 @@ CVE-2021-39111 (The Editor plugin in Atlassian Jira Server and Data Center befor
 	NOT-FOR-US: Atlassian
 CVE-2021-39110
 	RESERVED
-CVE-2021-39109
-	RESERVED
+CVE-2021-39109 (The renderWidgetResource resource in Atlasian Atlasboard before versio ...)
+	TODO: check
 CVE-2021-39108
 	RESERVED
 CVE-2021-39107
@@ -6523,8 +6573,8 @@ CVE-2021-37417 (Zoho ManageEngine ADSelfService Plus version 6103 and prior allo
 	NOT-FOR-US: Zoho ManageEngine
 CVE-2021-37416 (Zoho ManageEngine ADSelfService Plus version 6103 and prior is vulnera ...)
 	NOT-FOR-US: Zoho ManageEngine
-CVE-2021-37415
-	RESERVED
+CVE-2021-37415 (Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authe ...)
+	TODO: check
 CVE-2021-37414
 	RESERVED
 CVE-2021-37413
@@ -9168,8 +9218,8 @@ CVE-2021-3638 [ati-vga: inconsistent check in ati_2d_blt() may lead to out-of-bo
 	[buster] - qemu <not-affected> (Vulnerable code introduced in ATI VGA device emulation added later)
 	[stretch] - qemu <not-affected> (Vulnerable code introduced in ATI VGA device emulation added later)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1979858
-CVE-2021-36235
-	RESERVED
+CVE-2021-36235 (An issue was discovered in Ivanti Workspace Control before 10.6.30.0.  ...)
+	TODO: check
 CVE-2021-36234 (Use of a hard-coded cryptographic key in MIK.starlight 7.9.5.24363 all ...)
 	NOT-FOR-US: MIK.starlight
 CVE-2021-36233 (The function AdminGetFirstFileContentByFilePath in MIK.starlight 7.9.5 ...)
@@ -15317,8 +15367,8 @@ CVE-2021-33584
 	RESERVED
 CVE-2021-33583
 	RESERVED
-CVE-2021-33582
-	RESERVED
+CVE-2021-33582 (Cyrus IMAP before 3.4.2 allows remote attackers to cause a denial of s ...)
+	TODO: check
 CVE-2021-33581
 	RESERVED
 CVE-2021-33580 (User controlled `request.getHeader("Referer")`, `request.getRequestURL ...)
@@ -43590,8 +43640,8 @@ CVE-2021-22031
 	RESERVED
 CVE-2021-22030
 	RESERVED
-CVE-2021-22029
-	RESERVED
+CVE-2021-22029 (VMware Workspace ONE UEM REST API contains a denial of service vulnera ...)
+	TODO: check
 CVE-2021-22028
 	RESERVED
 CVE-2021-22027 (The vRealize Operations Manager API (8.x prior to 8.5) contains a Serv ...)
@@ -43642,10 +43692,10 @@ CVE-2021-22005
 	RESERVED
 CVE-2021-22004
 	RESERVED
-CVE-2021-22003
-	RESERVED
-CVE-2021-22002
-	RESERVED
+CVE-2021-22003 (VMware Workspace ONE Access and Identity Manager, unintentionally prov ...)
+	TODO: check
+CVE-2021-22002 (VMware Workspace ONE Access and Identity Manager, allow the /cfg web a ...)
+	TODO: check
 CVE-2021-22001 (In UAA versions prior to 75.3.0, sensitive information like relaying s ...)
 	NOT-FOR-US: CloudFoundry
 CVE-2021-22000 (VMware Thinapp version 5.x prior to 5.2.10 contain a DLL hijacking vul ...)
@@ -43947,6 +43997,7 @@ CVE-2021-21862 (Multiple exploitable integer truncation vulnerabilities exist wi
 	NOTE: https://github.com/gpac/gpac/commit/8cd33e8977fd5f4215e4b67c309fd403762bfeb7
 	NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21861 (An exploitable integer truncation vulnerability exists within the MPEG ...)
+	{DSA-4966-1}
 	- gpac <unfixed>
 	[buster] - gpac <not-affected> (Vulnerable code not present)
 	[stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -43954,6 +44005,7 @@ CVE-2021-21861 (An exploitable integer truncation vulnerability exists within th
 	NOTE: https://github.com/gpac/gpac/commit/8cd33e8977fd5f4215e4b67c309fd403762bfeb7
 	NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21860 (An exploitable integer truncation vulnerability exists within the MPEG ...)
+	{DSA-4966-1}
 	- gpac <unfixed>
 	[buster] - gpac <not-affected> (Vulnerable code not present)
 	[stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -43961,6 +44013,7 @@ CVE-2021-21860 (An exploitable integer truncation vulnerability exists within th
 	NOTE: https://github.com/gpac/gpac/commit/8cd33e8977fd5f4215e4b67c309fd403762bfeb7
 	NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21859 (An exploitable integer truncation vulnerability exists within the MPEG ...)
+	{DSA-4966-1}
 	- gpac <unfixed>
 	[buster] - gpac <not-affected> (Vulnerable code not present)
 	[stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -43968,6 +44021,7 @@ CVE-2021-21859 (An exploitable integer truncation vulnerability exists within th
 	NOTE: https://github.com/gpac/gpac/commit/8cd33e8977fd5f4215e4b67c309fd403762bfeb7
 	NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21858 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
+	{DSA-4966-1}
 	- gpac <unfixed>
 	[buster] - gpac <not-affected> (Vulnerable code not present)
 	[stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -43975,6 +44029,7 @@ CVE-2021-21858 (Multiple exploitable integer overflow vulnerabilities exist with
 	NOTE: https://github.com/gpac/gpac/commit/bbd741e0e5a6e7e1e90a73c350acc061dde9450b
 	NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21857 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
+	{DSA-4966-1}
 	- gpac <unfixed>
 	[buster] - gpac <not-affected> (Vulnerable code not present)
 	[stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -43988,6 +44043,7 @@ CVE-2021-21856 (Multiple exploitable integer overflow vulnerabilities exist with
 	NOTE: https://github.com/gpac/gpac/commit/bbd741e0e5a6e7e1e90a73c350acc061dde9450b
 	NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21855 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
+	{DSA-4966-1}
 	- gpac <unfixed>
 	[buster] - gpac <not-affected> (Vulnerable code not present)
 	[stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -43995,6 +44051,7 @@ CVE-2021-21855 (Multiple exploitable integer overflow vulnerabilities exist with
 	NOTE: https://github.com/gpac/gpac/commit/bbd741e0e5a6e7e1e90a73c350acc061dde9450b
 	NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21854 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
+	{DSA-4966-1}
 	- gpac <unfixed>
 	[buster] - gpac <not-affected> (Vulnerable code not present)
 	[stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44002,6 +44059,7 @@ CVE-2021-21854 (Multiple exploitable integer overflow vulnerabilities exist with
 	NOTE: https://github.com/gpac/gpac/commit/bbd741e0e5a6e7e1e90a73c350acc061dde9450b
 	NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21853 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
+	{DSA-4966-1}
 	- gpac <unfixed>
 	[buster] - gpac <not-affected> (Vulnerable code not present)
 	[stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44023,6 +44081,7 @@ CVE-2021-21851 (Multiple exploitable integer overflow vulnerabilities exist with
 	NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
 	NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21850 (An exploitable integer overflow vulnerability exists within the MPEG-4 ...)
+	{DSA-4966-1}
 	- gpac <unfixed>
 	[buster] - gpac <not-affected> (Vulnerable code not present)
 	[stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44030,6 +44089,7 @@ CVE-2021-21850 (An exploitable integer overflow vulnerability exists within the
 	NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
 	NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21849 (An exploitable integer overflow vulnerability exists within the MPEG-4 ...)
+	{DSA-4966-1}
 	- gpac <unfixed>
 	[buster] - gpac <not-affected> (Vulnerable code not present)
 	[stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44037,6 +44097,7 @@ CVE-2021-21849 (An exploitable integer overflow vulnerability exists within the
 	NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
 	NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21848 (An exploitable integer overflow vulnerability exists within the MPEG-4 ...)
+	{DSA-4966-1}
 	- gpac <unfixed>
 	[buster] - gpac <not-affected> (Vulnerable code not present)
 	[stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44044,6 +44105,7 @@ CVE-2021-21848 (An exploitable integer overflow vulnerability exists within the
 	NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
 	NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21847 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
+	{DSA-4966-1}
 	- gpac <unfixed>
 	[buster] - gpac <not-affected> (Vulnerable code not present)
 	[stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44051,6 +44113,7 @@ CVE-2021-21847 (Multiple exploitable integer overflow vulnerabilities exist with
 	NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
 	NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21846 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
+	{DSA-4966-1}
 	- gpac <unfixed>
 	[buster] - gpac <not-affected> (Vulnerable code not present)
 	[stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44058,6 +44121,7 @@ CVE-2021-21846 (Multiple exploitable integer overflow vulnerabilities exist with
 	NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
 	NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21845 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
+	{DSA-4966-1}
 	- gpac <unfixed>
 	[buster] - gpac <not-affected> (Vulnerable code not present)
 	[stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44065,6 +44129,7 @@ CVE-2021-21845 (Multiple exploitable integer overflow vulnerabilities exist with
 	NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
 	NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21844 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
+	{DSA-4966-1}
 	- gpac <unfixed>
 	[buster] - gpac <not-affected> (Vulnerable code not present)
 	[stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44072,6 +44137,7 @@ CVE-2021-21844 (Multiple exploitable integer overflow vulnerabilities exist with
 	NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
 	NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21843 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
+	{DSA-4966-1}
 	- gpac <unfixed>
 	[buster] - gpac <not-affected> (Vulnerable code not present)
 	[stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44079,6 +44145,7 @@ CVE-2021-21843 (Multiple exploitable integer overflow vulnerabilities exist with
 	NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
 	NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21842 (An exploitable integer overflow vulnerability exists within the MPEG-4 ...)
+	{DSA-4966-1}
 	- gpac <unfixed>
 	[buster] - gpac <not-affected> (Vulnerable code not present)
 	[stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44086,6 +44153,7 @@ CVE-2021-21842 (An exploitable integer overflow vulnerability exists within the
 	NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
 	NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21841 (An exploitable integer overflow vulnerability exists within the MPEG-4 ...)
+	{DSA-4966-1}
 	- gpac <unfixed>
 	[buster] - gpac <not-affected> (Vulnerable code not present)
 	[stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44093,6 +44161,7 @@ CVE-2021-21841 (An exploitable integer overflow vulnerability exists within the
 	NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
 	NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21840 (An exploitable integer overflow vulnerability exists within the MPEG-4 ...)
+	{DSA-4966-1}
 	- gpac <unfixed>
 	[buster] - gpac <not-affected> (Vulnerable code not present)
 	[stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44100,6 +44169,7 @@ CVE-2021-21840 (An exploitable integer overflow vulnerability exists within the
 	NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
 	NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21839 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
+	{DSA-4966-1}
 	- gpac <unfixed>
 	[buster] - gpac <not-affected> (Vulnerable code not present)
 	[stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44107,6 +44177,7 @@ CVE-2021-21839 (Multiple exploitable integer overflow vulnerabilities exist with
 	NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
 	NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21838 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
+	{DSA-4966-1}
 	- gpac <unfixed>
 	[buster] - gpac <not-affected> (Vulnerable code not present)
 	[stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44114,6 +44185,7 @@ CVE-2021-21838 (Multiple exploitable integer overflow vulnerabilities exist with
 	NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
 	NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21837 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
+	{DSA-4966-1}
 	- gpac <unfixed>
 	[buster] - gpac <not-affected> (Vulnerable code not present)
 	[stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44121,6 +44193,7 @@ CVE-2021-21837 (Multiple exploitable integer overflow vulnerabilities exist with
 	NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
 	NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21836 (An exploitable integer overflow vulnerability exists within the MPEG-4 ...)
+	{DSA-4966-1}
 	- gpac <unfixed>
 	[buster] - gpac <not-affected> (Vulnerable code not present)
 	[stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44134,6 +44207,7 @@ CVE-2021-21835 (An exploitable integer overflow vulnerability exists within the
 	NOTE: https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
 	NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21834 (An exploitable integer overflow vulnerability exists within the MPEG-4 ...)
+	{DSA-4966-1}
 	- gpac <unfixed>
 	[buster] - gpac <not-affected> (Vulnerable code not present)
 	[stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -77499,8 +77573,8 @@ CVE-2020-20497
 	RESERVED
 CVE-2020-20496
 	RESERVED
-CVE-2020-20495
-	RESERVED
+CVE-2020-20495 (bludit v3.13.0 contains an arbitrary file deletion vulnerability in th ...)
+	TODO: check
 CVE-2020-20494
 	RESERVED
 CVE-2020-20493
@@ -77509,16 +77583,16 @@ CVE-2020-20492
 	RESERVED
 CVE-2020-20491
 	RESERVED
-CVE-2020-20490
-	RESERVED
+CVE-2020-20490 (A heap buffer-overflow in the client_example1.c component of libiec_ic ...)
+	TODO: check
 CVE-2020-20489
 	RESERVED
 CVE-2020-20488
 	RESERVED
 CVE-2020-20487
 	RESERVED
-CVE-2020-20486
-	RESERVED
+CVE-2020-20486 (IEC104 v1.0 contains a stack-buffer overflow in the parameter Iec10x_S ...)
+	TODO: check
 CVE-2020-20485
 	RESERVED
 CVE-2020-20484



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f1efe19eb378eaf1274bac8abfee9f883c4a63db

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f1efe19eb378eaf1274bac8abfee9f883c4a63db
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210901/1b309643/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list