[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Sep 24 09:10:30 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
51436461 by security tracker role at 2021-09-24T08:10:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,31 @@
+CVE-2021-41585
+ RESERVED
+CVE-2021-41584 (Gradle Enterprise before 2021.1.3 can allow unauthorized viewing of a ...)
+ TODO: check
+CVE-2021-41583 (vpn-user-portal (aka eduVPN or Let's Connect!) before 2.3.14, as packa ...)
+ TODO: check
+CVE-2021-41582
+ RESERVED
+CVE-2021-41581 (x509_constraints_parse_mailbox in lib/libcrypto/x509/x509_constraints. ...)
+ TODO: check
+CVE-2021-41580
+ RESERVED
+CVE-2021-41579
+ RESERVED
+CVE-2021-41578
+ RESERVED
+CVE-2021-41577
+ RESERVED
+CVE-2021-41576
+ RESERVED
+CVE-2021-41575
+ RESERVED
+CVE-2021-41574
+ RESERVED
+CVE-2021-41573
+ RESERVED
+CVE-2021-3827
+ RESERVED
CVE-2021-41572
RESERVED
CVE-2021-41571
@@ -1029,8 +1057,8 @@ CVE-2021-41090
RESERVED
CVE-2021-41089
RESERVED
-CVE-2021-41088
- RESERVED
+CVE-2021-41088 (Elvish is a programming language and interactive shell, combined into ...)
+ TODO: check
CVE-2021-41087 (in-toto-golang is a go implementation of the in-toto framework to prot ...)
TODO: check
CVE-2021-41086 (jsuites is an open source collection of common required javascript web ...)
@@ -22670,8 +22698,8 @@ CVE-2021-31924 (Yubico pam-u2f before 1.1.1 has a logic issue that, depending on
NOTE: https://github.com/Yubico/pam-u2f/commit/6059b057dd9b6d0164fc16f9422c0d728f902bb5 (pam_u2f-1.1.1)
NOTE: https://github.com/Yubico/pam-u2f/issues/175
NOTE: Support for PIN verification introduced in 1.1.0.
-CVE-2021-31923
- RESERVED
+CVE-2021-31923 (Ping Identity PingAccess before 5.3.3 allows HTTP request smuggling vi ...)
+ TODO: check
CVE-2021-31922 (An HTTP Request Smuggling vulnerability in Pulse Secure Virtual Traffi ...)
NOT-FOR-US: Pulse Secure
CVE-2021-3528 (A flaw was found in noobaa-operator in versions before 5.7.0, where in ...)
@@ -82173,12 +82201,12 @@ CVE-2020-19953
RESERVED
CVE-2020-19952
RESERVED
-CVE-2020-19951
- RESERVED
-CVE-2020-19950
- RESERVED
-CVE-2020-19949
- RESERVED
+CVE-2020-19951 (A cross-site request forgery (CSRF) in /controller/pay.class.php of Yz ...)
+ TODO: check
+CVE-2020-19950 (A cross-site scripting (XSS) vulnerability in the /banner/add.html com ...)
+ TODO: check
+CVE-2020-19949 (A cross-site scripting (XSS) vulnerability in the /link/add.html compo ...)
+ TODO: check
CVE-2020-19948
RESERVED
CVE-2020-19947
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/51436461a6834ef2b48513ed6b722a6832ec500b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/51436461a6834ef2b48513ed6b722a6832ec500b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210924/54171b16/attachment.htm>
More information about the debian-security-tracker-commits
mailing list