[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Sep 29 21:10:36 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2f531ce7 by security tracker role at 2021-09-29T20:10:27+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,37 @@
+CVE-2021-41787
+ RESERVED
+CVE-2021-41786
+ RESERVED
+CVE-2021-41785
+ RESERVED
+CVE-2021-41784
+ RESERVED
+CVE-2021-41783
+ RESERVED
+CVE-2021-41782
+ RESERVED
+CVE-2021-41781
+ RESERVED
+CVE-2021-41780
+ RESERVED
+CVE-2021-41779
+ RESERVED
+CVE-2021-41778
+ RESERVED
+CVE-2021-41777
+ RESERVED
+CVE-2021-41776
+ RESERVED
+CVE-2021-41775
+ RESERVED
+CVE-2021-41774
+ RESERVED
+CVE-2021-41773
+ RESERVED
+CVE-2021-3839
+ RESERVED
+CVE-2017-20007
+ RESERVED
CVE-2021-41772
RESERVED
CVE-2021-41771
@@ -30,8 +64,8 @@ CVE-2021-3831
RESERVED
CVE-2021-41765
RESERVED
-CVE-2021-41764
- RESERVED
+CVE-2021-41764 (A cross-site request forgery (CSRF) vulnerability exists in Streama up ...)
+ TODO: check
CVE-2021-41763
RESERVED
CVE-2021-41762
@@ -94,8 +128,8 @@ CVE-2021-41734
RESERVED
CVE-2021-41733
RESERVED
-CVE-2021-41732
- RESERVED
+CVE-2021-41732 (An issue was discovered in zeek version 4.1.0. There is a HTTP request ...)
+ TODO: check
CVE-2021-41731
RESERVED
CVE-2021-41730
@@ -428,8 +462,8 @@ CVE-2021-41575
RESERVED
CVE-2021-41574
RESERVED
-CVE-2021-41573
- RESERVED
+CVE-2021-41573 (Hitachi Content Platform Anywhere (HCP-AW) 4.4.5 and later allows info ...)
+ TODO: check
CVE-2021-3827
RESERVED
NOT-FOR-US: Keycloak
@@ -2313,10 +2347,10 @@ CVE-2021-40718
RESERVED
CVE-2021-40717
RESERVED
-CVE-2021-40716
- RESERVED
-CVE-2021-40715
- RESERVED
+CVE-2021-40716 (XMP Toolkit SDK versions 2021.07 (and earlier) are affected by an out- ...)
+ TODO: check
+CVE-2021-40715 (Adobe Premiere Pro version 15.4 (and earlier) is affected by a memory ...)
+ TODO: check
CVE-2021-40714 (Adobe Experience Manager version 6.5.9.0 (and earlier) is affected by ...)
NOT-FOR-US: Adobe
CVE-2021-40713 (Adobe Experience Manager version 6.5.9.0 (and earlier) is affected by ...)
@@ -2325,12 +2359,12 @@ CVE-2021-40712 (Adobe Experience Manager version 6.5.9.0 (and earlier) is affect
NOT-FOR-US: Adobe
CVE-2021-40711 (Adobe Experience Manager version 6.5.9.0 (and earlier) is affected by ...)
NOT-FOR-US: Adobe
-CVE-2021-40710
- RESERVED
+CVE-2021-40710 (Adobe Premiere Pro version 15.4 (and earlier) is affected by a memory ...)
+ TODO: check
CVE-2021-40709 (Adobe Photoshop versions 21.2.11 (and earlier) and 22.5 (and earlier) ...)
NOT-FOR-US: Adobe
-CVE-2021-40708
- RESERVED
+CVE-2021-40708 (Adobe Genuine Service versions 7.3 (and earlier) are affected by a pri ...)
+ TODO: check
CVE-2021-40707
RESERVED
CVE-2021-40706
@@ -2351,8 +2385,8 @@ CVE-2021-40699
RESERVED
CVE-2021-40698
RESERVED
-CVE-2021-40697
- RESERVED
+CVE-2021-40697 (Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release ...)
+ TODO: check
CVE-2021-40696
RESERVED
CVE-2021-40695
@@ -2471,8 +2505,8 @@ CVE-2021-40653
RESERVED
CVE-2021-40652
RESERVED
-CVE-2021-40651
- RESERVED
+CVE-2021-40651 (OS4Ed OpenSIS Community 8.0 is vulnerable to a local file inclusion vu ...)
+ TODO: check
CVE-2021-40650
RESERVED
CVE-2021-40649
@@ -4277,80 +4311,80 @@ CVE-2021-39867
RESERVED
CVE-2021-39866
RESERVED
-CVE-2021-39865
- RESERVED
+CVE-2021-39865 (Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release ...)
+ TODO: check
CVE-2021-39864
RESERVED
-CVE-2021-39863
- RESERVED
-CVE-2021-39862
- RESERVED
-CVE-2021-39861
- RESERVED
-CVE-2021-39860
- RESERVED
+CVE-2021-39863 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
+ TODO: check
+CVE-2021-39862 (Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release ...)
+ TODO: check
+CVE-2021-39861 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
+ TODO: check
+CVE-2021-39860 (Acrobat Pro DC versions 2021.005.20060 (and earlier), 2020.004.30006 ( ...)
+ TODO: check
CVE-2021-39859
RESERVED
-CVE-2021-39858
- RESERVED
-CVE-2021-39857
- RESERVED
-CVE-2021-39856
- RESERVED
-CVE-2021-39855
- RESERVED
-CVE-2021-39854
- RESERVED
-CVE-2021-39853
- RESERVED
-CVE-2021-39852
- RESERVED
-CVE-2021-39851
- RESERVED
-CVE-2021-39850
- RESERVED
-CVE-2021-39849
- RESERVED
+CVE-2021-39858 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
+ TODO: check
+CVE-2021-39857 (Adobe Acrobat Reader DC add-on for Internet Explorer versions 2021.005 ...)
+ TODO: check
+CVE-2021-39856 (Acrobat Reader DC ActiveX Control versions 2021.005.20060 (and earlier ...)
+ TODO: check
+CVE-2021-39855 (Acrobat Reader DC ActiveX Control versions 2021.005.20060 (and earlier ...)
+ TODO: check
+CVE-2021-39854 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
+ TODO: check
+CVE-2021-39853 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
+ TODO: check
+CVE-2021-39852 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
+ TODO: check
+CVE-2021-39851 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
+ TODO: check
+CVE-2021-39850 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
+ TODO: check
+CVE-2021-39849 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
+ TODO: check
CVE-2021-39848
RESERVED
CVE-2021-39847 (XMP Toolkit SDK version 2020.1 (and earlier) is affected by a stack-ba ...)
NOT-FOR-US: Adobe
-CVE-2021-39846
- RESERVED
-CVE-2021-39845
- RESERVED
-CVE-2021-39844
- RESERVED
-CVE-2021-39843
- RESERVED
-CVE-2021-39842
- RESERVED
-CVE-2021-39841
- RESERVED
-CVE-2021-39840
- RESERVED
-CVE-2021-39839
- RESERVED
-CVE-2021-39838
- RESERVED
-CVE-2021-39837
- RESERVED
-CVE-2021-39836
- RESERVED
-CVE-2021-39835
- RESERVED
-CVE-2021-39834
- RESERVED
-CVE-2021-39833
- RESERVED
-CVE-2021-39832
- RESERVED
-CVE-2021-39831
- RESERVED
-CVE-2021-39830
- RESERVED
-CVE-2021-39829
- RESERVED
+CVE-2021-39846 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
+ TODO: check
+CVE-2021-39845 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
+ TODO: check
+CVE-2021-39844 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
+ TODO: check
+CVE-2021-39843 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
+ TODO: check
+CVE-2021-39842 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
+ TODO: check
+CVE-2021-39841 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
+ TODO: check
+CVE-2021-39840 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
+ TODO: check
+CVE-2021-39839 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
+ TODO: check
+CVE-2021-39838 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
+ TODO: check
+CVE-2021-39837 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
+ TODO: check
+CVE-2021-39836 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
+ TODO: check
+CVE-2021-39835 (Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release ...)
+ TODO: check
+CVE-2021-39834 (Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release ...)
+ TODO: check
+CVE-2021-39833 (Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release ...)
+ TODO: check
+CVE-2021-39832 (Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release ...)
+ TODO: check
+CVE-2021-39831 (Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release ...)
+ TODO: check
+CVE-2021-39830 (Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release ...)
+ TODO: check
+CVE-2021-39829 (Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release ...)
+ TODO: check
CVE-2021-39828 (Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by a p ...)
NOT-FOR-US: Adobe
CVE-2021-39827 (Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by an ...)
@@ -4365,8 +4399,8 @@ CVE-2021-39823 (Adobe svg-native-viewer 8182d14dfad5d1e10f53ed830328d7d9a3cfa96d
NOT-FOR-US: Adobe
CVE-2021-39822
RESERVED
-CVE-2021-39821
- RESERVED
+CVE-2021-39821 (Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) a ...)
+ TODO: check
CVE-2021-39820
RESERVED
CVE-2021-39819 (Adobe InCopy version 11.1 (and earlier) is affected by a memory corrup ...)
@@ -6031,46 +6065,57 @@ CVE-2021-39156 (Istio is an open source platform for providing a uniform way to
CVE-2021-39155 (Istio is an open source platform for providing a uniform way to integr ...)
NOT-FOR-US: Istio
CVE-2021-39154 (XStream is a simple library to serialize objects to XML and back again ...)
+ {DLA-2769-1}
- libxstream-java 1.4.18-1
NOTE: https://github.com/x-stream/xstream/security/advisories/GHSA-6w62-hx7r-mw68
NOTE: https://x-stream.github.io/CVE-2021-39154.html
CVE-2021-39153 (XStream is a simple library to serialize objects to XML and back again ...)
+ {DLA-2769-1}
- libxstream-java 1.4.18-1
NOTE: https://github.com/x-stream/xstream/security/advisories/GHSA-2q8x-2p7f-574v
NOTE: https://x-stream.github.io/CVE-2021-39153.html
CVE-2021-39152 (XStream is a simple library to serialize objects to XML and back again ...)
+ {DLA-2769-1}
- libxstream-java 1.4.18-1
NOTE: https://github.com/x-stream/xstream/security/advisories/GHSA-xw4p-crpj-vjx2
NOTE: https://x-stream.github.io/CVE-2021-39152.html
CVE-2021-39151 (XStream is a simple library to serialize objects to XML and back again ...)
+ {DLA-2769-1}
- libxstream-java 1.4.18-1
NOTE: https://github.com/x-stream/xstream/security/advisories/GHSA-hph2-m3g5-xxv4
NOTE: https://x-stream.github.io/CVE-2021-39151.html
CVE-2021-39150 (XStream is a simple library to serialize objects to XML and back again ...)
+ {DLA-2769-1}
- libxstream-java 1.4.18-1
NOTE: https://github.com/x-stream/xstream/security/advisories/GHSA-cxfm-5m4g-x7xp
NOTE: https://x-stream.github.io/CVE-2021-39150.html
CVE-2021-39149 (XStream is a simple library to serialize objects to XML and back again ...)
+ {DLA-2769-1}
- libxstream-java 1.4.18-1
NOTE: https://github.com/x-stream/xstream/security/advisories/GHSA-3ccq-5vw3-2p6x
NOTE: https://x-stream.github.io/CVE-2021-39149.html
CVE-2021-39148 (XStream is a simple library to serialize objects to XML and back again ...)
+ {DLA-2769-1}
- libxstream-java 1.4.18-1
NOTE: https://github.com/x-stream/xstream/security/advisories/GHSA-qrx8-8545-4wg2
NOTE: https://x-stream.github.io/CVE-2021-39148.html
CVE-2021-39147 (XStream is a simple library to serialize objects to XML and back again ...)
+ {DLA-2769-1}
- libxstream-java 1.4.18-1
NOTE: https://github.com/x-stream/xstream/security/advisories/GHSA-h7v4-7xg3-hxcc
NOTE: https://x-stream.github.io/CVE-2021-39147.html
CVE-2021-39146 (XStream is a simple library to serialize objects to XML and back again ...)
+ {DLA-2769-1}
- libxstream-java 1.4.18-1
NOTE: https://github.com/x-stream/xstream/security/advisories/GHSA-p8pq-r894-fm8f
NOTE: https://x-stream.github.io/CVE-2021-39146.html
CVE-2021-39145 (XStream is a simple library to serialize objects to XML and back again ...)
+ {DLA-2769-1}
- libxstream-java 1.4.18-1
NOTE: https://github.com/x-stream/xstream/security/advisories/GHSA-8jrj-525p-826v
NOTE: https://x-stream.github.io/CVE-2021-39145.html
CVE-2021-39144 (XStream is a simple library to serialize objects to XML and back again ...)
+ {DLA-2769-1}
- libxstream-java 1.4.18-1
NOTE: https://github.com/x-stream/xstream/security/advisories/GHSA-j9h8-phrw-h4fh
NOTE: https://x-stream.github.io/CVE-2021-39144.html
@@ -6079,14 +6124,17 @@ CVE-2021-39143
CVE-2021-39142
RESERVED
CVE-2021-39141 (XStream is a simple library to serialize objects to XML and back again ...)
+ {DLA-2769-1}
- libxstream-java 1.4.18-1
NOTE: https://github.com/x-stream/xstream/security/advisories/GHSA-g5w6-mrj7-75h2
NOTE: https://x-stream.github.io/CVE-2021-39141.html
CVE-2021-39140 (XStream is a simple library to serialize objects to XML and back again ...)
+ {DLA-2769-1}
- libxstream-java 1.4.18-1
NOTE: https://github.com/x-stream/xstream/security/advisories/GHSA-6wf9-jmg9-vxcc
NOTE: https://x-stream.github.io/CVE-2021-39140.html
CVE-2021-39139 (XStream is a simple library to serialize objects to XML and back again ...)
+ {DLA-2769-1}
- libxstream-java 1.4.18-1
NOTE: https://github.com/x-stream/xstream/security/advisories/GHSA-64xx-cq4q-mf44
NOTE: https://x-stream.github.io/CVE-2021-39139.html
@@ -11644,8 +11692,8 @@ CVE-2020-36420 (** UNSUPPORTED WHEN ASSIGNED ** Polipo through 1.1.1, when NDEBU
[buster] - polipo <ignored> (Minor issue)
[stretch] - polipo <ignored> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2020/11/18/1
-CVE-2021-36745
- RESERVED
+CVE-2021-36745 (A vulnerability in Trend Micro ServerProtect for Storage 6.0, ServerPr ...)
+ TODO: check
CVE-2021-36744 (Trend Micro Security (Consumer) 2021 and 2020 are vulnerable to a dire ...)
NOT-FOR-US: Trend Micro
CVE-2021-36743
@@ -12915,6 +12963,7 @@ CVE-2021-36162 (Apache Dubbo supports various rules to support configuration ove
CVE-2021-36161 (Some component in Dubbo will try to print the formated string of the i ...)
NOT-FOR-US: Apache Dubbo
CVE-2021-36160 (A carefully crafted request uri-path can cause mod_proxy_uwsgi to read ...)
+ {DLA-2768-1}
- apache2 2.4.49-1
[stretch] - apache2 <not-affected> (Vulnerable module not present)
- uwsgi <unfixed> (unimportant)
@@ -13470,8 +13519,8 @@ CVE-2021-35984 (Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.00
NOT-FOR-US: Adobe
CVE-2021-35983 (Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.3000 ...)
NOT-FOR-US: Adobe
-CVE-2021-35982
- RESERVED
+CVE-2021-35982 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
+ TODO: check
CVE-2021-35981 (Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.3000 ...)
NOT-FOR-US: Adobe
CVE-2021-35980
@@ -15612,10 +15661,10 @@ CVE-2021-35030 (A vulnerability was found in the CGI program in Zyxel GS1900-8 f
NOT-FOR-US: Zyxel
CVE-2021-35029 (An authentication bypasss vulnerability in the web-based management in ...)
NOT-FOR-US: Zyxel
-CVE-2021-35028
- RESERVED
-CVE-2021-35027
- RESERVED
+CVE-2021-35028 (A command injection vulnerability in the CGI program of the Zyxel VPN2 ...)
+ TODO: check
+CVE-2021-35027 (A directory traversal vulnerability in the web server of the Zyxel VPN ...)
+ TODO: check
CVE-2021-35026
RESERVED
CVE-2021-35025
@@ -18074,10 +18123,10 @@ CVE-2021-33926
RESERVED
CVE-2021-33925
RESERVED
-CVE-2021-33924
- RESERVED
-CVE-2021-33923
- RESERVED
+CVE-2021-33924 (Confluent Ansible (cp-ansible) version 5.5.0, 5.5.1, 5.5.2 and 6.0.0 i ...)
+ TODO: check
+CVE-2021-33923 (Insecure permissions in Confluent Ansible (cp-ansible) 5.5.0, 5.5.1, 5 ...)
+ TODO: check
CVE-2021-33922
RESERVED
CVE-2021-33921
@@ -21793,8 +21842,8 @@ CVE-2021-32468
RESERVED
CVE-2021-32467
RESERVED
-CVE-2021-32466
- RESERVED
+CVE-2021-32466 (An uncontrolled search path element privilege escalation vulnerability ...)
+ TODO: check
CVE-2021-32465 (An incorrect permission preservation vulnerability in Trend Micro Apex ...)
NOT-FOR-US: Trend Micro
CVE-2021-32464 (An incorrect permission assignment privilege escalation vulnerability ...)
@@ -22198,7 +22247,7 @@ CVE-2021-32282 (An issue was discovered in gravity through 0.8.1. A NULL pointer
NOT-FOR-US: Gravity
CVE-2021-32281 (An issue was discovered in gravity through 0.8.1. A heap-buffer-overfl ...)
NOT-FOR-US: Gravity
-CVE-2021-32280 (An issue was discovered in fig2dev through 20200520. A NULL pointer de ...)
+CVE-2021-32280 (An issue was discovered in fig2dev before 3.2.8.. A NULL pointer deref ...)
- fig2dev 1:3.2.7b-5 (bug #960736)
[buster] - fig2dev <no-dsa> (Minor issue)
[stretch] - fig2dev <no-dsa> (Minor issue)
@@ -28756,8 +28805,8 @@ CVE-2021-29836
RESERVED
CVE-2021-29835
RESERVED
-CVE-2021-29834
- RESERVED
+CVE-2021-29834 (IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0. ...)
+ TODO: check
CVE-2021-29833 (IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbu ...)
NOT-FOR-US: IBM
CVE-2021-29832 (IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbu ...)
@@ -31956,8 +32005,8 @@ CVE-2021-28549 (Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earl
NOT-FOR-US: Adobe
CVE-2021-28548 (Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earlier) a ...)
NOT-FOR-US: Adobe
-CVE-2021-28547
- RESERVED
+CVE-2021-28547 (Adobe Creative Cloud Desktop Application for macOS version 5.3 (and ea ...)
+ TODO: check
CVE-2021-28546 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
NOT-FOR-US: Adobe
CVE-2021-28545 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...)
@@ -38250,14 +38299,14 @@ CVE-2021-25964
RESERVED
CVE-2021-25963
RESERVED
-CVE-2021-25962
- RESERVED
-CVE-2021-25961
- RESERVED
-CVE-2021-25960
- RESERVED
-CVE-2021-25959
- RESERVED
+CVE-2021-25962 (“Shuup” application in versions 0.4.2 to 2.10.8 is affecte ...)
+ TODO: check
+CVE-2021-25961 (In “SuiteCRM” application, v7.1.7 through v7.10.31 and v7. ...)
+ TODO: check
+CVE-2021-25960 (In “SuiteCRM” application, v7.11.18 through v7.11.19 and v ...)
+ TODO: check
+CVE-2021-25959 (In OpenCRX, versions v4.0.0 through v5.1.0 are vulnerable to reflected ...)
+ TODO: check
CVE-2021-25958 (In Apache Ofbiz, versions v17.12.01 to v17.12.07 implement a try catch ...)
NOT-FOR-US: Apache Ofbiz
CVE-2021-25957 (In “Dolibarr” application, v2.8.1 to v13.0.2 are vulnerabl ...)
@@ -44148,8 +44197,8 @@ CVE-2021-23448
RESERVED
CVE-2021-23447
RESERVED
-CVE-2021-23446
- RESERVED
+CVE-2021-23446 (The package handsontable before 10.0.0; the package handsontable from ...)
+ TODO: check
CVE-2021-23445 (This affects the package datatables.net before 1.11.3. If an array is ...)
- datatables.js 1.10.21+dfsg-3 (bug #995229)
NOTE: https://github.com/DataTables/Dist-DataTables/commit/59a8d3f8a3c1138ab08704e783bc52bfe88d7c9b (v1.11.3)
@@ -155194,7 +155243,7 @@ CVE-2019-12825 (Unauthorized Access to the Container Registry of other groups wa
- gitlab <not-affected> (Only affects Gitlab EE)
CVE-2019-12824
RESERVED
-CVE-2019-12823 (Craft CMS 3.1.30 has XSS. ...)
+CVE-2019-12823 (Craft CMS before 3.1.31 does not properly filter XML feeds and thus al ...)
NOT-FOR-US: Craft CMS
CVE-2019-12822 (In http.c in Embedthis GoAhead before 4.1.1 and 5.x before 5.0.1, a he ...)
NOT-FOR-US: Embedthis GoAhead
@@ -200709,7 +200758,7 @@ CVE-2018-16179 (The Mizuho Direct App for Android version 3.13.0 and earlier doe
NOT-FOR-US: Mizuho Direct App for Android
CVE-2018-16178 (Cybozu Garoon 3.0.0 to 4.10.0 allows remote attackers to bypass access ...)
NOT-FOR-US: Cybozu Garoon
-CVE-2018-16177 (Untrusted search path vulnerability in The installer of Windows10 Fall ...)
+CVE-2018-16177 (Untrusted search path vulnerability in The installer of Windows 10 Fal ...)
NOT-FOR-US: Random Windows installer
CVE-2018-16176 (Untrusted search path vulnerability in Installer of Mapping Tool 2.0.1 ...)
NOT-FOR-US: Random Windows installer
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f531ce7b39571f9719079471e15d87d60076e20
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f531ce7b39571f9719079471e15d87d60076e20
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210929/7b5f3aaa/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list