[Git][security-tracker-team/security-tracker][master] Add CVE-2021-37533/libcommons-net-java
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Dec 11 19:49:29 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
488a5251 by Salvatore Bonaccorso at 2022-12-11T20:48:57+01:00
Add CVE-2021-37533/libcommons-net-java
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -101519,7 +101519,10 @@ CVE-2021-37535 (SAP NetWeaver Application Server Java (JMS Connector Service) -
CVE-2021-37534 (app/View/GalaxyClusters/add.ctp in MISP 2.4.146 allows Stored XSS when ...)
NOT-FOR-US: MISP
CVE-2021-37533 (Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host fr ...)
- TODO: check
+ - libcommons-net-java <unfixed>
+ NOTE: https://lists.apache.org/thread/o6yn9r9x6s94v97264hmgol1sf48mvx7
+ NOTE: https://issues.apache.org/jira/browse/NET-711
+ NOTE: https://github.com/apache/commons-net/commit/b0bff89f70cfea70009e22f87639816cc3993974 (commons-net-3.9.0-RC1)
CVE-2021-37532 (SAP Business One version - 10, due to improper input validation, allow ...)
NOT-FOR-US: SAP
CVE-2021-37531 (SAP NetWeaver Knowledge Management XML Forms versions - 7.10, 7.11, 7. ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/488a5251fde69b845745741bc55baa27bd7a7b3d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/488a5251fde69b845745741bc55baa27bd7a7b3d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221211/ff4deb6f/attachment.htm>
More information about the debian-security-tracker-commits
mailing list