[Git][security-tracker-team/security-tracker][master] new node-object-path issue
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Sep 3 13:44:47 BST 2021
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5570a188 by Moritz Muehlenhoff at 2021-09-03T14:43:51+02:00
new node-object-path issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5244,9 +5244,10 @@ CVE-2021-38173 (Btrbk before 0.31.2 allows command execution because of the mish
CVE-2021-38172
RESERVED
CVE-2021-38171 (adts_decode_extradata in libavformat/adtsenc.c in FFmpeg 4.4 does not ...)
- - ffmpeg <undetermined>
+ - ffmpeg <unfixed>
+ [bullseye] - ffmpeg <postponed> (Wait for 4.3.3)
+ [buster] - ffmpeg <postponed> (Wait for 4.1.7)
NOTE: https://github.com/FFmpeg/FFmpeg/commit/9ffa49496d1aae4cbbb387aac28a9e061a6ab0a6
- TODO: check
CVE-2021-38170
RESERVED
CVE-2021-38169 (Roxy-WI through 5.2.2.0 allows command injection via /app/funct.py and ...)
@@ -40795,7 +40796,9 @@ CVE-2021-23436 (This affects the package immer before 9.0.6. A type confusion vu
CVE-2021-23435
RESERVED
CVE-2021-23434 (This affects the package object-path before 0.11.6. A type confusion v ...)
- TODO: check
+ - node-object-path <unfixed>
+ NOTE: https://snyk.io/vuln/SNYK-JS-OBJECTPATH-1569453
+ NOTE: https://github.com/mariocasciaro/object-path/commit/7bdf4abefd102d16c163d633e8994ef154cab9eb
CVE-2021-23433
RESERVED
CVE-2021-23432 (This affects all versions of package mootools. This is due to the abil ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5570a188db235741074e3e7252d454258ceef368
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5570a188db235741074e3e7252d454258ceef368
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210903/0f3f2abb/attachment.htm>
More information about the debian-security-tracker-commits
mailing list