Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e78e199c by Salvatore Bonaccorso at 2021-04-16T22:20:14+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4523,13 +4523,13 @@ CVE-2021-29435 (trestle-auth is an authentication
plugin for the Trestle admin f
CVE-2021-29434
RESERVED
CVE-2021-29433 (### Impact Missing input validation of some parameters on the
endpoint ...)
- TODO: check
+ NOT-FOR-US: Matrix Sydent
CVE-2021-29432 (Sydent is a reference matrix identity server. A malicious user
could a ...)
- TODO: check
+ NOT-FOR-US: Matrix Sydent
CVE-2021-29431 (Sydent is a reference Matrix identity server. Sydent can be
induced to ...)
- TODO: check
+ NOT-FOR-US: Matrix Sydent
CVE-2021-29430 (Sydent is a reference Matrix identity server. Sydent does not
limit th ...)
- TODO: check
+ NOT-FOR-US: Matrix Sydent
CVE-2021-29429 (In Gradle before version 7.0, files created with open
permissions in t ...)
- gradle <unfixed>
NOTE:
https://github.com/gradle/gradle/security/advisories/GHSA-fp8h-qmr5-j4c8
@@ -10561,7 +10561,7 @@ CVE-2021-26832 (Cross Site Scripting (XSS) in the
"Reset Password" page form of
CVE-2021-26831
RESERVED
CVE-2021-26830 (SQL Injection in Tribalsystems Zenario CMS 8.8.52729 allows
remote att ...)
- TODO: check
+ NOT-FOR-US: Tribalsystems Zenario CMS
CVE-2021-26829
RESERVED
CVE-2021-26828
@@ -20479,7 +20479,7 @@ CVE-2021-22541
CVE-2021-22540
RESERVED
CVE-2021-22539 (An attacker can place a crafted JSON config file into the
project fold ...)
- TODO: check
+ NOT-FOR-US: VScode-bazel
CVE-2021-22538 (A privilege escalation vulnerability impacting the Google
Exposure Not ...)
NOT-FOR-US: Google Exposure Notification Verification Server
CVE-2021-22537
@@ -26446,7 +26446,7 @@ CVE-2021-20493
CVE-2021-20492
RESERVED
CVE-2021-20491 (IBM Spectrum Protect Server 7.1 and 8.1 is subject to a
stack-based bu ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2021-20490
RESERVED
CVE-2021-20489
@@ -82267,7 +82267,7 @@ CVE-2020-9683 (Adobe Photoshop versions Photoshop CC
2019, and Photoshop 2020 ha
CVE-2020-9682 (Adobe Creative Cloud Desktop Application versions 5.1 and
earlier have ...)
NOT-FOR-US: Adobe
CVE-2020-9681 (Adobe Genuine Service version 6.6 (and earlier) is affected by
an Unco ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-9680 (Adobe Prelude versions 9.0 and earlier have an out-of-bounds
write vul ...)
NOT-FOR-US: Adobe
CVE-2020-9679 (Adobe Prelude versions 9.0 and earlier have an out-of-bounds
read vuln ...)
@@ -82293,9 +82293,9 @@ CVE-2020-9670 (Adobe Creative Cloud Desktop Application
versions 5.1 and earlier
CVE-2020-9669 (Adobe Creative Cloud Desktop Application versions 5.1 and
earlier have ...)
NOT-FOR-US: Adobe
CVE-2020-9668 (Adobe Genuine Service version 6.6 (and earlier) is affected by
an Impr ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-9667 (Adobe Genuine Service version 6.6 (and earlier) is affected by
an Unco ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2020-9666 (Adobe Campaign Classic before 20.2 have an out-of-bounds read
vulnerab ...)
NOT-FOR-US: Adobe
CVE-2020-9665 (Magento versions 1.14.4.5 and earlier, and 1.9.4.5 and earlier
have a ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e78e199ccb3c03559cd6d4374f290962cf685ede
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e78e199ccb3c03559cd6d4374f290962cf685ede
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
