[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Mon, 07 Jun 2021 01:10:40 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
a28dca40 by security tracker role at 2021-06-07T08:10:22+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,29 @@
+CVE-2021-33899
+       RESERVED
+CVE-2021-33898 (In Invoice Ninja before 4.4.0, there is an unsafe call to 
unserialize( ...)
+       TODO: check
+CVE-2021-33897
+       RESERVED
+CVE-2021-33896
+       RESERVED
+CVE-2021-33895
+       RESERVED
+CVE-2021-33894
+       RESERVED
+CVE-2021-33893
+       RESERVED
+CVE-2021-33892
+       RESERVED
+CVE-2021-33891
+       RESERVED
+CVE-2021-33890
+       RESERVED
+CVE-2021-33889
+       RESERVED
+CVE-2021-33888
+       RESERVED
+CVE-2017-20005 (NGINX before 1.13.6 has a buffer overflow for years that 
exceed four d ...)
+       TODO: check
 CVE-2021-33887
        RESERVED
 CVE-2021-33886
@@ -14,8 +40,8 @@ CVE-2021-33881 (On NXP MIFARE Ultralight and NTAG cards, an 
attacker can interru
        NOT-FOR-US: NXP
 CVE-2021-33880 (The aaugustin websockets library before 9.1 for Python has an 
Observab ...)
        TODO: check
-CVE-2021-33879
-       RESERVED
+CVE-2021-33879 (Tencent GameLoop before 4.1.21.90 downloaded updates over an 
insecure  ...)
+       TODO: check
 CVE-2021-33878
        RESERVED
 CVE-2021-33877
@@ -9284,7 +9310,7 @@ CVE-2021-29968
        RESERVED
 CVE-2021-29967
        RESERVED
-       {DSA-4927-1 DSA-4925-1 DLA-2673-1}
+       {DSA-4927-1 DSA-4925-1 DLA-2679-1 DLA-2673-1}
        - firefox-esr 78.11.0esr-1
        - firefox 89.0-1
        - thunderbird 1:78.11.0-1
@@ -9333,12 +9359,12 @@ CVE-2021-29958
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2021-23/#CVE-2021-29958
 CVE-2021-29957
        RESERVED
-       {DSA-4927-1}
+       {DSA-4927-1 DLA-2679-1}
        - thunderbird 1:78.10.2-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2021-22/#CVE-2021-29957
 CVE-2021-29956
        RESERVED
-       {DSA-4927-1}
+       {DSA-4927-1 DLA-2679-1}
        - thunderbird 1:78.10.2-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2021-22/#CVE-2021-29956
 CVE-2021-29955
@@ -47302,8 +47328,8 @@ CVE-2020-26887 (FRITZ!OS before 7.21 on FRITZ!Box 
devices allows a bypass of a D
        NOT-FOR-US: Fritz OS
 CVE-2020-26886 (Softaculous before 5.5.7 is affected by a code execution 
vulnerability ...)
        NOT-FOR-US: Softaculous
-CVE-2020-26885
-       RESERVED
+CVE-2020-26885 (An issue was discovered in 2sic 2sxc before 11.22. A XSS 
vulnerability ...)
+       TODO: check
 CVE-2020-26884 (RSA Archer 6.8 through 6.8.0.3 and 6.9 contains a URL 
injection vulner ...)
        NOT-FOR-US: RSA Archer
 CVE-2020-26883 (In Play Framework 2.6.0 through 2.8.2, stack consumption can 
occur bec ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a28dca402121c6f3122b0a315217ac49b2a7d76a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a28dca402121c6f3122b0a315217ac49b2a7d76a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to