[Git][security-tracker-team/security-tracker][master] Add CVE-2021-43085/openssl, needs further check
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Mar 25 20:38:22 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
82d345cb by Salvatore Bonaccorso at 2022-03-25T21:37:54+01:00
Add CVE-2021-43085/openssl, needs further check
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -28723,7 +28723,9 @@ CVE-2021-43087
CVE-2021-43086 (ARM astcenc 3.2.0 is vulnerable to Buffer Overflow. When the compressi ...)
NOT-FOR-US: ARM astcenc
CVE-2021-43085 (An Insecure Permissions vulnerability exists in the OpenSSL Project 3. ...)
- TODO: check
+ - openssl <undetermined>
+ NOTE: https://github.com/openssl/openssl/issues/16873
+ TODO: check, possibly as oulined only in 3.x versions
CVE-2021-43084 (An SQL Injection vulnerability exists in Dreamer CMS 4.0.0 via the tab ...)
NOT-FOR-US: Dreamer CMS
CVE-2021-3916 (bookstack is vulnerable to Improper Limitation of a Pathname to a Rest ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82d345cbfc9b7379ace69add192a19e8244c2b89
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82d345cbfc9b7379ace69add192a19e8244c2b89
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220325/845d024a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list