Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3161f1b9 by Moritz Muehlenhoff at 2021-06-16T11:02:55+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1363,7 +1363,7 @@ CVE-2021-34172
CVE-2021-34171
RESERVED
CVE-2021-34170 (Bandai Namco FromSoftware Dark Souls III allows remote
attackers to ex ...)
- TODO: check
+ NOT-FOR-US: Bandai
CVE-2021-34169
RESERVED
CVE-2021-34168
@@ -1445,9 +1445,9 @@ CVE-2021-34131
CVE-2021-34130
RESERVED
CVE-2021-34129 (LaikeTui 3.5.0 allows remote authenticated users to delete
arbitrary f ...)
- TODO: check
+ NOT-FOR-US: LaikeTui
CVE-2021-34128 (LaikeTui 3.5.0 allows remote authenticated users to execute
arbitrary ...)
- TODO: check
+ NOT-FOR-US: LaikeTui
CVE-2021-34127
RESERVED
CVE-2021-34126
@@ -1967,7 +1967,7 @@ CVE-2017-20005 (NGINX before 1.13.6 has a buffer overflow
for years that exceed
NOTE:
https://github.com/nginx/nginx/commit/b900cc28fcbb4cf5a32ab62f80b59292e1c85b4b
NOTE: https://trac.nginx.org/nginx/ticket/1368
CVE-2021-33887 (Insufficient verification of data authenticity in Peloton
TTR01 up to ...)
- TODO: check
+ NOT-FOR-US: Peloton TTR01
CVE-2021-33886
RESERVED
CVE-2021-33885
@@ -4727,7 +4727,7 @@ CVE-2021-32677 (FastAPI is a web framework for building
APIs with Python 3.6+ ba
NOTE:
https://github.com/tiangolo/fastapi/security/advisories/GHSA-8h2j-cgx8-6xv7
NOTE:
https://github.com/tiangolo/fastapi/commit/fa7e3c996edf2d5482fff8f9d890ac2390dede4d
(0.65.2)
CVE-2021-32676 (Nextcloud Talk is a fully on-premises audio/video and chat
communicati ...)
- TODO: check
+ NOT-FOR-US: Nextcloud Talk
CVE-2021-32675
RESERVED
CVE-2021-32674 (Zope is an open-source web application server. This advisory
extends t ...)
@@ -6107,7 +6107,7 @@ CVE-2021-3537 (A vulnerability found in libxml2 in
versions before 2.9.11 shows
CVE-2021-3536 (A flaw was found in Wildfly in versions before 23.0.2.Final
while crea ...)
- wildfly <itp> (bug #752018)
CVE-2021-3535 (Rapid7 Nexpose is vulnerable to a non-persistent cross-site
scripting ...)
- TODO: check
+ NOT-FOR-US: Rapid7
CVE-2021-32061
RESERVED
CVE-2021-32060
@@ -30235,6 +30235,7 @@ CVE-2021-3014 (In MikroTik RouterOS through 2021-01-04,
the hotspot login page i
NOT-FOR-US: MikroTik RouterOS
CVE-2021-3013 (ripgrep before 13 allows attackers to trigger execution of
arbitrary p ...)
- rust-ripgrep <not-affected> (Only affects ripgrep on Windows)
+ NOTE: https://rustsec.org/advisories/RUSTSEC-2021-0071.html
CVE-2021-3012 (A cross-site scripting (XSS) vulnerability in the Document Link
of doc ...)
NOT-FOR-US: ESRI ArcGIS Online
CVE-2021-3011 (An electromagnetic-wave side-channel issue was discovered on
NXP Smart ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3161f1b9e37870be8bdd649d9ee567a951f9c15d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3161f1b9e37870be8bdd649d9ee567a951f9c15d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
