[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Sep 1 21:10:33 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7a8461e0 by security tracker role at 2021-09-01T20:10:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,11 +1,73 @@
-CVE-2021-40353 (A SQL injection vulnerability exists in version 8.0 of openSIS when My ...)
+CVE-2021-40382 (An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_713052 ...)
+ TODO: check
+CVE-2021-40381 (An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_713052 ...)
+ TODO: check
+CVE-2021-40380 (An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_713052 ...)
+ TODO: check
+CVE-2021-40379 (An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_713052 ...)
TODO: check
-CVE-2021-40352
+CVE-2021-40378 (An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_713052 ...)
+ TODO: check
+CVE-2021-40377
RESERVED
-CVE-2021-40351
+CVE-2021-40376
+ RESERVED
+CVE-2021-40375
+ RESERVED
+CVE-2021-40374
+ RESERVED
+CVE-2021-40373
+ RESERVED
+CVE-2021-40372
+ RESERVED
+CVE-2021-40371
+ RESERVED
+CVE-2021-40370
+ RESERVED
+CVE-2021-40369
+ RESERVED
+CVE-2021-40368
+ RESERVED
+CVE-2021-40367
+ RESERVED
+CVE-2021-40366
+ RESERVED
+CVE-2021-40365
+ RESERVED
+CVE-2021-40364
+ RESERVED
+CVE-2021-40363
+ RESERVED
+CVE-2021-40362
+ RESERVED
+CVE-2021-40361
+ RESERVED
+CVE-2021-40360
+ RESERVED
+CVE-2021-40359
+ RESERVED
+CVE-2021-40358
+ RESERVED
+CVE-2021-40357
+ RESERVED
+CVE-2021-40356
+ RESERVED
+CVE-2021-40355
RESERVED
-CVE-2021-40350
+CVE-2021-40354
RESERVED
+CVE-2021-3761
+ RESERVED
+CVE-2021-3760
+ RESERVED
+CVE-2021-40353 (A SQL injection vulnerability exists in version 8.0 of openSIS when My ...)
+ TODO: check
+CVE-2021-40352 (OpenEMR 6.0.0 has a pnotes_print.php?noteid= Insecure Direct Object Re ...)
+ TODO: check
+CVE-2021-40351
+ RESERVED
+CVE-2021-40350 (webctrl.cgi.elf on Christie Digital DWU850-GS V06.46 devices allows at ...)
+ TODO: check
CVE-2021-40349
RESERVED
CVE-2021-40348
@@ -1118,8 +1180,8 @@ CVE-2021-39849
RESERVED
CVE-2021-39848
RESERVED
-CVE-2021-39847
- RESERVED
+CVE-2021-39847 (XMP Toolkit SDK version 2020.1 (and earlier) is affected by a stack-ba ...)
+ TODO: check
CVE-2021-39846
RESERVED
CVE-2021-39845
@@ -1178,10 +1240,10 @@ CVE-2021-39819
RESERVED
CVE-2021-39818
RESERVED
-CVE-2021-39817
- RESERVED
-CVE-2021-39816
- RESERVED
+CVE-2021-39817 (Adobe Bridge version 11.1 (and earlier) is affected by a memory corrup ...)
+ TODO: check
+CVE-2021-39816 (Adobe Bridge version 11.1 (and earlier) is affected by a memory corrup ...)
+ TODO: check
CVE-2021-39815
RESERVED
CVE-2021-39814
@@ -2061,20 +2123,20 @@ CVE-2021-39381
RESERVED
CVE-2021-39380
RESERVED
-CVE-2021-39379
- RESERVED
-CVE-2021-39378
- RESERVED
-CVE-2021-39377
- RESERVED
+CVE-2021-39379 (A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaD ...)
+ TODO: check
+CVE-2021-39378 (A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaD ...)
+ TODO: check
+CVE-2021-39377 (A SQL Injection vulnerability exists in openSIS 8.0 when MySQL (MariaD ...)
+ TODO: check
CVE-2021-39376 (Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06 allows SQ ...)
NOT-FOR-US: Philips Healthcare Tasy Electronic Medical Record (EMR)
CVE-2021-39375 (Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06 allows SQ ...)
NOT-FOR-US: Philips Healthcare Tasy Electronic Medical Record (EMR)
CVE-2021-39374
RESERVED
-CVE-2021-39373
- RESERVED
+CVE-2021-39373 (Samsung Drive Manager 2.0.104 on Samsung H3 devices allows attackers t ...)
+ TODO: check
CVE-2021-39372
RESERVED
CVE-2021-39371 (An XML external entity (XXE) injection in PyWPS before 4.5.0 allows an ...)
@@ -2210,8 +2272,8 @@ CVE-2021-39322
RESERVED
CVE-2021-39321
RESERVED
-CVE-2021-39320
- RESERVED
+CVE-2021-39320 (The underConstruction plugin <= 1.18 for WordPress echoes out the r ...)
+ TODO: check
CVE-2021-39319
RESERVED
CVE-2021-39318
@@ -2621,16 +2683,16 @@ CVE-2021-39172 (Cachet is an open source status page system. Prior to version 2.
- cachet <itp> (bug #851177)
CVE-2021-39171 (Passport-SAML is a SAML 2.0 authentication provider for Passport, the ...)
TODO: check
-CVE-2021-39170
- RESERVED
+CVE-2021-39170 (Pimcore is an open source data & experience management platform. P ...)
+ TODO: check
CVE-2021-39169 (Misskey is a decentralized microblogging platform. In versions of Miss ...)
NOT-FOR-US: Misskey
CVE-2021-39168 (OpenZepplin is a library for smart contract development. In affected v ...)
NOT-FOR-US: OpenZeppelin
CVE-2021-39167 (OpenZepplin is a library for smart contract development. In affected v ...)
NOT-FOR-US: OpenZeppelin
-CVE-2021-39166
- RESERVED
+CVE-2021-39166 (Pimcore is an open source data & experience management platform. P ...)
+ TODO: check
CVE-2021-39165 (Cachet is an open source status page. With Cachet prior to and includi ...)
- cachet <itp> (bug #851177)
CVE-2021-39164 (Matrix is an ecosystem for open federated Instant Messaging and Voice ...)
@@ -3621,8 +3683,8 @@ CVE-2021-38705
RESERVED
CVE-2021-38704
RESERVED
-CVE-2021-38703
- RESERVED
+CVE-2021-38703 (Wireless devices running certain Arcadyan-derived firmware (such as KP ...)
+ TODO: check
CVE-2021-3708 (D-Link router DSL-2750U with firmware vME1.16 or prior versions is vul ...)
NOT-FOR-US: D-Link
CVE-2021-3707 (D-Link router DSL-2750U with firmware vME1.16 or prior versions is vul ...)
@@ -7151,8 +7213,8 @@ CVE-2021-37153 (ForgeRock Access Management (AM) before 7.0.2, when configured w
NOT-FOR-US: ForgeRock Access Management (AM)
CVE-2021-37152 (Multiple XSS issues exist in Sonatype Nexus Repository Manager 3 befor ...)
NOT-FOR-US: Sonatype
-CVE-2021-37151
- RESERVED
+CVE-2021-37151 (CyberArk Identity 21.5.131, when handling an invalid authentication at ...)
+ TODO: check
CVE-2021-3657
RESERVED
CVE-2021-37159 (hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel throu ...)
@@ -9727,126 +9789,126 @@ CVE-2021-3631 [insecure sVirt label generation]
[stretch] - libvirt <no-dsa> (Minor issue)
NOTE: https://gitlab.com/libvirt/libvirt/-/issues/153
NOTE: Fixed by: https://gitlab.com/libvirt/libvirt/-/commit/15073504dbb624d3f6c911e85557019d3620fdb2 (v7.5.0)
-CVE-2021-36079
- RESERVED
-CVE-2021-36078
- RESERVED
-CVE-2021-36077
- RESERVED
-CVE-2021-36076
- RESERVED
-CVE-2021-36075
- RESERVED
-CVE-2021-36074
- RESERVED
-CVE-2021-36073
- RESERVED
-CVE-2021-36072
- RESERVED
-CVE-2021-36071
- RESERVED
-CVE-2021-36070
- RESERVED
-CVE-2021-36069
- RESERVED
-CVE-2021-36068
- RESERVED
-CVE-2021-36067
- RESERVED
-CVE-2021-36066
- RESERVED
-CVE-2021-36065
- RESERVED
-CVE-2021-36064
- RESERVED
-CVE-2021-36063
- RESERVED
-CVE-2021-36062
- RESERVED
-CVE-2021-36061
- RESERVED
+CVE-2021-36079 (Adobe Bridge version 11.1 (and earlier) is affected by an out-of-bound ...)
+ TODO: check
+CVE-2021-36078 (Adobe Bridge version 11.1 (and earlier) is affected by a memory corrup ...)
+ TODO: check
+CVE-2021-36077 (Adobe Bridge version 11.1 (and earlier) is affected by a memory corrup ...)
+ TODO: check
+CVE-2021-36076 (Adobe Bridge version 11.1 (and earlier) is affected by a memory corrup ...)
+ TODO: check
+CVE-2021-36075 (Adobe Bridge version 11.1 (and earlier) is affected by a Buffer Overfl ...)
+ TODO: check
+CVE-2021-36074 (Adobe Bridge versions 11.1 (and earlier) are affected by an out-of-bou ...)
+ TODO: check
+CVE-2021-36073 (Adobe Bridge version 11.1 (and earlier) is affected by a heap-based bu ...)
+ TODO: check
+CVE-2021-36072 (Adobe Bridge versions 11.1 (and earlier) are affected by an out-of-bou ...)
+ TODO: check
+CVE-2021-36071 (Adobe Bridge versions 11.1 (and earlier) are affected by an out-of-bou ...)
+ TODO: check
+CVE-2021-36070 (Adobe Media Encoder version 15.1 (and earlier) is affected by an impro ...)
+ TODO: check
+CVE-2021-36069 (Adobe Bridge version 11.1 (and earlier) is affected by a memory corrup ...)
+ TODO: check
+CVE-2021-36068 (Adobe Bridge version 11.1 (and earlier) is affected by a memory corrup ...)
+ TODO: check
+CVE-2021-36067 (Adobe Bridge version 11.1 (and earlier) is affected by a memory corrup ...)
+ TODO: check
+CVE-2021-36066 (Adobe Photoshop versions 21.2.10 (and earlier) and 22.4.3 (and earlier ...)
+ TODO: check
+CVE-2021-36065 (Adobe Photoshop versions 21.2.10 (and earlier) and 22.4.3 (and earlier ...)
+ TODO: check
+CVE-2021-36064 (XMP Toolkit version 2020.1 (and earlier) is affected by a Buffer Under ...)
+ TODO: check
+CVE-2021-36063 (Adobe Connect version 11.2.2 (and earlier) is affected by a Reflected ...)
+ TODO: check
+CVE-2021-36062 (Adobe Connect version 11.2.2 (and earlier) is affected by a Reflected ...)
+ TODO: check
+CVE-2021-36061 (Adobe Connect version 11.2.2 (and earlier) is affected by a secure des ...)
+ TODO: check
CVE-2021-36060
RESERVED
-CVE-2021-36059
- RESERVED
-CVE-2021-36058
- RESERVED
-CVE-2021-36057
- RESERVED
-CVE-2021-36056
- RESERVED
-CVE-2021-36055
- RESERVED
-CVE-2021-36054
- RESERVED
-CVE-2021-36053
- RESERVED
-CVE-2021-36052
- RESERVED
+CVE-2021-36059 (Adobe Bridge version 11.1 (and earlier) is affected by a memory corrup ...)
+ TODO: check
+CVE-2021-36058 (XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Integer ...)
+ TODO: check
+CVE-2021-36057 (XMP Toolkit SDK version 2020.1 (and earlier) is affected by a write-wh ...)
+ TODO: check
+CVE-2021-36056 (XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer o ...)
+ TODO: check
+CVE-2021-36055 (XMP Toolkit SDK versions 2020.1 (and earlier) are affected by a use-af ...)
+ TODO: check
+CVE-2021-36054 (XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer o ...)
+ TODO: check
+CVE-2021-36053 (XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-o ...)
+ TODO: check
+CVE-2021-36052 (XMP Toolkit version 2020.1 (and earlier) is affected by a memory corru ...)
+ TODO: check
CVE-2021-36051
RESERVED
-CVE-2021-36050
- RESERVED
-CVE-2021-36049
- RESERVED
-CVE-2021-36048
- RESERVED
-CVE-2021-36047
- RESERVED
-CVE-2021-36046
- RESERVED
-CVE-2021-36045
- RESERVED
-CVE-2021-36044
- RESERVED
-CVE-2021-36043
- RESERVED
-CVE-2021-36042
- RESERVED
-CVE-2021-36041
- RESERVED
-CVE-2021-36040
- RESERVED
-CVE-2021-36039
- RESERVED
-CVE-2021-36038
- RESERVED
-CVE-2021-36037
- RESERVED
+CVE-2021-36050 (XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer o ...)
+ TODO: check
+CVE-2021-36049 (Adobe Bridge version 11.1 (and earlier) is affected by a memory corrup ...)
+ TODO: check
+CVE-2021-36048 (XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Imprope ...)
+ TODO: check
+CVE-2021-36047 (XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Imprope ...)
+ TODO: check
+CVE-2021-36046 (XMP Toolkit version 2020.1 (and earlier) is affected by a memory corru ...)
+ TODO: check
+CVE-2021-36045 (XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-o ...)
+ TODO: check
+CVE-2021-36044 (Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) ...)
+ TODO: check
+CVE-2021-36043 (Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) ...)
+ TODO: check
+CVE-2021-36042 (Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) ...)
+ TODO: check
+CVE-2021-36041 (Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) ...)
+ TODO: check
+CVE-2021-36040 (Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) ...)
+ TODO: check
+CVE-2021-36039 (Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) ...)
+ TODO: check
+CVE-2021-36038 (Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) ...)
+ TODO: check
+CVE-2021-36037 (Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) ...)
+ TODO: check
CVE-2021-36036
RESERVED
-CVE-2021-36035
- RESERVED
-CVE-2021-36034
- RESERVED
-CVE-2021-36033
- RESERVED
-CVE-2021-36032
- RESERVED
-CVE-2021-36031
- RESERVED
-CVE-2021-36030
- RESERVED
-CVE-2021-36029
- RESERVED
-CVE-2021-36028
- RESERVED
-CVE-2021-36027
- RESERVED
-CVE-2021-36026
- RESERVED
-CVE-2021-36025
- RESERVED
-CVE-2021-36024
- RESERVED
+CVE-2021-36035 (Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) ...)
+ TODO: check
+CVE-2021-36034 (Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) ...)
+ TODO: check
+CVE-2021-36033 (Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) ...)
+ TODO: check
+CVE-2021-36032 (Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) ...)
+ TODO: check
+CVE-2021-36031 (Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) ...)
+ TODO: check
+CVE-2021-36030 (Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) ...)
+ TODO: check
+CVE-2021-36029 (Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) ...)
+ TODO: check
+CVE-2021-36028 (Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) ...)
+ TODO: check
+CVE-2021-36027 (Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) ...)
+ TODO: check
+CVE-2021-36026 (Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) ...)
+ TODO: check
+CVE-2021-36025 (Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) ...)
+ TODO: check
+CVE-2021-36024 (Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) ...)
+ TODO: check
CVE-2021-36023
RESERVED
-CVE-2021-36022
- RESERVED
+CVE-2021-36022 (Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) ...)
+ TODO: check
CVE-2021-36021
RESERVED
-CVE-2021-36020
- RESERVED
+CVE-2021-36020 (Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) ...)
+ TODO: check
CVE-2021-36019
RESERVED
CVE-2021-36018
@@ -9861,8 +9923,8 @@ CVE-2021-36014 (Adobe Media Encoder version 15.2 (and earlier) is affected by an
NOT-FOR-US: Adobe
CVE-2021-36013 (Adobe Media Encoder version 15.2 (and earlier) is affected by an Out-o ...)
NOT-FOR-US: Adobe
-CVE-2021-36012
- RESERVED
+CVE-2021-36012 (Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) ...)
+ TODO: check
CVE-2021-36011 (Adobe Illustrator version 25.2.3 (and earlier) is affected by a potent ...)
NOT-FOR-US: Adobe
CVE-2021-36010 (Adobe Illustrator version 25.2.3 (and earlier) is affected by an out-o ...)
@@ -9881,8 +9943,8 @@ CVE-2021-36004 (Adobe InDesign version 16.0 (and earlier) is affected by an Out-
NOT-FOR-US: Adobe
CVE-2021-36003
RESERVED
-CVE-2021-36002
- RESERVED
+CVE-2021-36002 (Adobe Captivate version 11.5.5 (and earlier) is affected by an Creatio ...)
+ TODO: check
CVE-2021-36001 (Adobe Character Animator version 4.2 (and earlier) is affected by an o ...)
NOT-FOR-US: Adobe
CVE-2021-36000 (Adobe Character Animator version 4.2 (and earlier) is affected by a me ...)
@@ -10945,8 +11007,8 @@ CVE-2021-35510
RESERVED
CVE-2021-35509
RESERVED
-CVE-2021-35508
- RESERVED
+CVE-2021-35508 (NMSAccess32.exe in TeraRecon AQNetClient 4.4.13 allows attackers to ex ...)
+ TODO: check
CVE-2021-35507
RESERVED
CVE-2021-35506
@@ -11576,8 +11638,8 @@ CVE-2021-35240 (A security researcher stored XSS via a Help Server setting. This
NOT-FOR-US: SolarWinds
CVE-2021-35239 (A security researcher found a user with Orion map manage rights could ...)
NOT-FOR-US: SolarWinds
-CVE-2021-35238
- RESERVED
+CVE-2021-35238 (User with Orion Platform Admin Rights could store XSS through URL POST ...)
+ TODO: check
CVE-2021-35237
RESERVED
CVE-2021-35236
@@ -11616,14 +11678,14 @@ CVE-2021-35220 (Command Injection vulnerability in EmailWebPage API which can le
NOT-FOR-US: SolarWinds
CVE-2021-35219 (ExportToPdfCmd Arbitrary File Read Information Disclosure Vulnerabilit ...)
NOT-FOR-US: SolarWinds
-CVE-2021-35218
- RESERVED
+CVE-2021-35218 (Deserialization of Untrusted Data in the Web Console Chart Endpoint ca ...)
+ TODO: check
CVE-2021-35217
RESERVED
-CVE-2021-35216
- RESERVED
-CVE-2021-35215
- RESERVED
+CVE-2021-35216 (Insecure Deserialization of untrusted data remote code execution vulne ...)
+ TODO: check
+CVE-2021-35215 (Insecure deserialization leading to Remote Code Execution was detected ...)
+ TODO: check
CVE-2021-35214
RESERVED
CVE-2021-35213 (An Improper Access Control Privilege Escalation Vulnerability was disc ...)
@@ -13406,8 +13468,8 @@ CVE-2021-34437
RESERVED
CVE-2021-34436
RESERVED
-CVE-2021-34435
- RESERVED
+CVE-2021-34435 (In Eclipse Theia 0.3.9 to 1.8.1, the "mini-browser" extension allows a ...)
+ TODO: check
CVE-2021-34434 (In Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic se ...)
- mosquitto <unfixed> (bug #993400)
[buster] - mosquitto <not-affected> (Vulnerable code introduced later)
@@ -23625,10 +23687,10 @@ CVE-2021-30357 (SSL Network Extender Client for Linux before build 800008302 rev
NOT-FOR-US: SSL Network Extender Client
CVE-2021-30356 (A denial of service vulnerability was reported in Check Point Identity ...)
NOT-FOR-US: Check Point Identity Agent
-CVE-2021-30355
- RESERVED
-CVE-2021-30354
- RESERVED
+CVE-2021-30355 (Amazon Kindle e-reader prior to and including version 5.13.4 improperl ...)
+ TODO: check
+CVE-2021-30354 (Amazon Kindle e-reader prior to and including version 5.13.4 contains ...)
+ TODO: check
CVE-2021-30353
RESERVED
CVE-2021-30352
@@ -24998,12 +25060,12 @@ CVE-2021-29855
RESERVED
CVE-2021-29854
RESERVED
-CVE-2021-29853
- RESERVED
-CVE-2021-29852
- RESERVED
-CVE-2021-29851
- RESERVED
+CVE-2021-29853 (IBM Planning Analytics 2.0 could expose information that could be used ...)
+ TODO: check
+CVE-2021-29852 (IBM Planning Analytics 2.0 is vulnerable to cross-site scripting. This ...)
+ TODO: check
+CVE-2021-29851 (IBM Planning Analytics 2.0 could allow a remote attacker to obtain sen ...)
+ TODO: check
CVE-2021-29850
RESERVED
CVE-2021-29849
@@ -40418,12 +40480,12 @@ CVE-2021-23440
RESERVED
CVE-2021-23439
RESERVED
-CVE-2021-23438
- RESERVED
+CVE-2021-23438 (This affects the package mpath before 0.8.4. A type confusion vulnerab ...)
+ TODO: check
CVE-2021-23437
RESERVED
-CVE-2021-23436
- RESERVED
+CVE-2021-23436 (This affects the package immer before 9.0.6. A type confusion vulnerab ...)
+ TODO: check
CVE-2021-23435
RESERVED
CVE-2021-23434 (This affects the package object-path before 0.11.6. A type confusion v ...)
@@ -40438,12 +40500,12 @@ CVE-2021-23430 (All versions of package startserver are vulnerable to Directory
TODO: check
CVE-2021-23429 (All versions of package transpile are vulnerable to Denial of Service ...)
TODO: check
-CVE-2021-23428
- RESERVED
-CVE-2021-23427
- RESERVED
-CVE-2021-23426
- RESERVED
+CVE-2021-23428 (This affects all versions of package elFinder.NetCore. The Path.Combin ...)
+ TODO: check
+CVE-2021-23427 (This affects all versions of package elFinder.NetCore. The ExtractAsyn ...)
+ TODO: check
+CVE-2021-23426 (This affects all versions of package Proto. It is possible to inject p ...)
+ TODO: check
CVE-2021-23425 (All versions of package trim-off-newlines are vulnerable to Regular Ex ...)
NOT-FOR-US: Node trim-off-newlines
CVE-2021-23424 (This affects all versions of package ansi-html. If an attacker provide ...)
@@ -76447,7 +76509,8 @@ CVE-2020-21066 (An issue was discovered in Bento4 v1.5.1.0. There is a heap-buff
NOT-FOR-US: Bento4
CVE-2020-21065
RESERVED
-CVE-2020-21064 (A buffer-overflow vulnerability in the AP4_RtpAtom::AP4_RtpAtom functi ...)
+CVE-2020-21064
+ REJECTED
NOT-FOR-US: Bento4
CVE-2020-21063
RESERVED
@@ -107234,12 +107297,12 @@ CVE-2020-9004 (A remote authenticated authorization-bypass vulnerability in Wowz
NOT-FOR-US: Wowza Streaming Engine
CVE-2020-9003 (A stored XSS vulnerability exists in the Modula Image Gallery plugin b ...)
NOT-FOR-US: Modula Image Gallery plugin for WordPress
-CVE-2020-9002
- RESERVED
+CVE-2020-9002 (An issue was discovered in iPortalis iCS 7.1.13.0. An attacker can gai ...)
+ TODO: check
CVE-2020-9001
REJECTED
-CVE-2020-9000
- RESERVED
+CVE-2020-9000 (An issue was discovered in iPortalis iCS 7.1.13.0. Attackers can send ...)
+ TODO: check
CVE-2020-8999
REJECTED
CVE-2020-8998
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7a8461e0d0816ae6967f5e7f02fc40bafc9f42dd
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7a8461e0d0816ae6967f5e7f02fc40bafc9f42dd
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210901/7994e1b5/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list