Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
42273d1a by security tracker role at 2021-05-04T08:10:19+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,37 @@
+CVE-2021-3534
+ RESERVED
+CVE-2021-3533
+ RESERVED
+CVE-2021-32026
+ RESERVED
+CVE-2021-32025
+ RESERVED
+CVE-2021-32024
+ RESERVED
+CVE-2021-32023
+ RESERVED
+CVE-2021-32022
+ RESERVED
+CVE-2021-32021
+ RESERVED
+CVE-2021-32020 (The kernel in Amazon Web Services FreeRTOS before 10.4.3 has
insuffici ...)
+ TODO: check
+CVE-2021-32019
+ RESERVED
+CVE-2021-32018
+ RESERVED
+CVE-2021-32017
+ RESERVED
+CVE-2021-32016
+ RESERVED
+CVE-2021-32015
+ RESERVED
+CVE-2021-32014
+ RESERVED
+CVE-2021-32013
+ RESERVED
+CVE-2021-32012
+ RESERVED
CVE-2021-3532
RESERVED
CVE-2021-3531
@@ -1926,8 +1960,8 @@ CVE-2021-31166
RESERVED
CVE-2021-31165
RESERVED
-CVE-2021-31164
- RESERVED
+CVE-2021-31164 (Apache Unomi prior to version 1.5.5 allows CRLF log injection
because ...)
+ TODO: check
CVE-2021-31163
RESERVED
CVE-2021-31162 (In the standard library in Rust before 1.53.0, a double free
can occur ...)
@@ -25145,14 +25179,14 @@ CVE-2020-35760
RESERVED
CVE-2020-35759
RESERVED
-CVE-2020-35758
- RESERVED
-CVE-2020-35757
- RESERVED
-CVE-2020-35756
- RESERVED
-CVE-2020-35755
- RESERVED
+CVE-2020-35758 (An issue was discovered on Libre Wireless LS9 LS1.5/p7040
devices. The ...)
+ TODO: check
+CVE-2020-35757 (An issue was discovered on Libre Wireless LS9 LS1.5/p7040
devices. The ...)
+ TODO: check
+CVE-2020-35756 (An issue was discovered on Libre Wireless LS9 LS1.5/p7040
devices. The ...)
+ TODO: check
+CVE-2020-35755 (An issue was discovered on Libre Wireless LS9 LS1.5/p7040
devices. The ...)
+ TODO: check
CVE-2020-35754 (OpenSolution Quick.CMS < 6.7 and Quick.Cart < 6.7 allow
an authe ...)
NOT-FOR-US: OpenSolution Quick.CMS
CVE-2020-35753 (The job posting recommendation form in Persis Human Resource
Managemen ...)
@@ -26043,24 +26077,31 @@ CVE-2021-21234 (spring-boot-actuator-logview in a
library that adds a simple log
CVE-2020-35627 (Ultimate WooCommerce Gift Cards 3.0.2 is affected by a file
upload vul ...)
NOT-FOR-US: Ultimate WooCommerce Gift Cards
CVE-2021-21233 (Heap buffer overflow in ANGLE in Google Chrome on Windows
prior to 90. ...)
+ {DSA-4911-1}
- chromium 90.0.4430.93-1 (bug #987715)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-21232 (Use after free in Dev Tools in Google Chrome prior to
90.0.4430.93 all ...)
+ {DSA-4911-1}
- chromium 90.0.4430.93-1 (bug #987715)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-21231 (Insufficient data validation in V8 in Google Chrome prior to
90.0.4430 ...)
+ {DSA-4911-1}
- chromium 90.0.4430.93-1 (bug #987715)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-21230 (Type confusion in V8 in Google Chrome prior to 90.0.4430.93
allowed a ...)
+ {DSA-4911-1}
- chromium 90.0.4430.93-1 (bug #987715)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-21229 (Incorrect security UI in downloads in Google Chrome on Android
prior t ...)
+ {DSA-4911-1}
- chromium 90.0.4430.93-1 (bug #987715)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-21228 (Insufficient policy enforcement in extensions in Google Chrome
prior t ...)
+ {DSA-4911-1}
- chromium 90.0.4430.93-1 (bug #987715)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-21227 (Insufficient data validation in V8 in Google Chrome prior to
90.0.4430 ...)
+ {DSA-4911-1}
- chromium 90.0.4430.93-1 (bug #987715)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-21226 (Use after free in navigation in Google Chrome prior to
90.0.4430.85 al ...)
@@ -33967,8 +34008,8 @@ CVE-2020-28947 (In MISP 2.4.134, XSS exists in the
template element index view b
NOT-FOR-US: MISP
CVE-2020-28946 (An improper webserver configuration on Plum IK-401 devices
with firmwa ...)
NOT-FOR-US: Plum IK-401 devices
-CVE-2020-28945
- RESERVED
+CVE-2020-28945 (OX App Suite 7.10.4 and earlier allows XSS via crafted content
to reac ...)
+ TODO: check
CVE-2020-28944 (OX Guard 2.10.4 and earlier allows a Denial of Service via a
WKS serve ...)
NOT-FOR-US: OX Guard
CVE-2020-28943 (OX App Suite 7.10.4 and earlier allows SSRF via a snippet. ...)
@@ -50821,8 +50862,8 @@ CVE-2020-23085
RESERVED
CVE-2020-23084
RESERVED
-CVE-2020-23083
- RESERVED
+CVE-2020-23083 (Unrestricted File Upload in JEECG v4.0 and earlier allows
remote attac ...)
+ TODO: check
CVE-2020-23082
RESERVED
CVE-2020-23081
@@ -50957,8 +50998,8 @@ CVE-2020-23017
RESERVED
CVE-2020-23016
RESERVED
-CVE-2020-23015
- RESERVED
+CVE-2020-23015 (An open redirect issue was discovered in OPNsense through
20.1.5. The ...)
+ TODO: check
CVE-2020-23014 (APfell 1.4 is vulnerable to authenticated reflected cross-site
scripti ...)
NOT-FOR-US: APfell
CVE-2020-23013
@@ -61977,7 +62018,7 @@ CVE-2020-17527 (While investigating bug 64830 it was
discovered that Apache Tomc
CVE-2020-17526 (Incorrect Session Validation in Apache Airflow Webserver
versions prio ...)
- airflow <itp> (bug #819700)
CVE-2020-17525 (Subversion's mod_authz_svn module will crash if the server is
using in ...)
- {DSA-4851-1}
+ {DSA-4851-1 DLA-2646-1}
- subversion 1.14.1-1 (bug #982464)
NOTE: https://subversion.apache.org/security/CVE-2020-17525-advisory.txt
CVE-2020-17524
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/42273d1a990f0684e4c2a629d04a0ff16f507910
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/42273d1a990f0684e4c2a629d04a0ff16f507910
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
