[Git][security-tracker-team/security-tracker][master] new squirrel3 issue
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Jul 29 11:24:38 BST 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
92419eaa by Moritz Muehlenhoff at 2022-07-29T12:24:01+02:00
new squirrel3 issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -60020,7 +60020,9 @@ CVE-2021-41558 (The set_user extension module before 3.0.0 for PostgreSQL allows
CVE-2021-41557 (Sofico Miles RIA 2020.2 Build 127964T is affected by Stored Cross Site ...)
NOT-FOR-US: Sofico
CVE-2021-41556 (sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an ou ...)
- TODO: check
+ - squirrel3 <unfixed>
+ NOTE: https://github.com/albertodemichelis/squirrel/commit/23a0620658714b996d20da3d4dd1a0dcf9b0bd98
+ NOTE: https://blog.sonarsource.com/squirrel-vm-sandbox-escape/
CVE-2021-41555 (** UNSUPPORTED WHEN ASSIGNED ** In ARCHIBUS Web Central 21.3.3.815 (a ...)
NOT-FOR-US: ARCHIBUS Web Central
CVE-2021-41554 (** UNSUPPORTED WHEN ASSIGNED ** ARCHIBUS Web Central 21.3.3.815 (a ver ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92419eaa27830b7aa7537ec8897d0a4ab5d69393
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92419eaa27830b7aa7537ec8897d0a4ab5d69393
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220729/9b2318cf/attachment.htm>
More information about the debian-security-tracker-commits
mailing list