Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
92ff188e by security tracker role at 2021-06-28T08:10:14+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27625,6 +27625,7 @@ CVE-2021-23928 (OX App Suite through 7.10.3 allows XSS
via the ajax/apps/manifes
CVE-2021-23927 (OX App Suite through 7.10.4 allows SSRF via a URL with an @
character ...)
NOT-FOR-US: OX App Suite
CVE-2021-23926 (The XML parsers used by XMLBeans up to version 2.6.0 did not
set the p ...)
+ {DLA-2693-1}
- xmlbeans 3.0.2-1
NOTE: https://issues.apache.org/jira/browse/XMLBEANS-517
CVE-2021-23925 (An issue was discovered in Devolutions Server before 2020.3.
There is ...)
@@ -36285,20 +36286,20 @@ CVE-2021-20753
RESERVED
CVE-2021-20752
RESERVED
-CVE-2021-20751
- RESERVED
-CVE-2021-20750
- RESERVED
-CVE-2021-20749
- RESERVED
+CVE-2021-20751 (Cross-site scripting vulnerability in EC-CUBE EC-CUBE 4.0.0 to
4.0.5-p ...)
+ TODO: check
+CVE-2021-20750 (Cross-site scripting vulnerability in EC-CUBE EC-CUBE 3.0.0 to
3.0.18- ...)
+ TODO: check
+CVE-2021-20749 (Cross-site scripting vulnerability in Fudousan plugin ver5.7.0
and ear ...)
+ TODO: check
CVE-2021-20748
RESERVED
CVE-2021-20747
RESERVED
-CVE-2021-20746
- RESERVED
-CVE-2021-20745
- RESERVED
+CVE-2021-20746 (Cross-site scripting vulnerability in WordPress Popular Posts
5.3.2 an ...)
+ TODO: check
+CVE-2021-20745 (Inkdrop versions prior to v5.3.1 allows an attacker to execute
arbitra ...)
+ TODO: check
CVE-2021-20744 (Cross-site scripting vulnerability in EC-CUBE Category
contents plugin ...)
NOT-FOR-US: EC-CUBE Category contents plugin
CVE-2021-20743 (Cross-site scripting vulnerability in EC-CUBE Email
newsletters manage ...)
@@ -36307,8 +36308,8 @@ CVE-2021-20742 (Cross-site scripting vulnerability in
EC-CUBE Business form outp
NOT-FOR-US: EC-CUBE Business form output plugin
CVE-2021-20741 (Cross-site scripting vulnerability in Hitachi Application
Server Help ...)
NOT-FOR-US: Hitachi
-CVE-2021-20740
- RESERVED
+CVE-2021-20740 (Hitachi Virtual File Platform Versions prior to 5.5.3-09 and
Versions ...)
+ TODO: check
CVE-2021-20739
RESERVED
CVE-2021-20738
@@ -38116,12 +38117,12 @@ CVE-2020-35526
CVE-2020-35525
RESERVED
CVE-2020-35524 (A heap-based buffer overflow flaw was found in libtiff in the
handling ...)
- {DSA-4869-1}
+ {DSA-4869-1 DLA-2694-1}
- tiff 4.1.0+git201212-1
NOTE:
https://gitlab.com/libtiff/libtiff/-/commit/7be2e452ddcf6d7abca88f41d3761e6edab72b22
NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/159
CVE-2020-35523 (An integer overflow flaw was found in libtiff that exists in
the tif_g ...)
- {DSA-4869-1}
+ {DSA-4869-1 DLA-2694-1}
- tiff 4.1.0+git201212-1
NOTE:
https://gitlab.com/libtiff/libtiff/-/commit/c8d613ef497058fe653c467fc84c70a62a4a71b2
NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/160
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92ff188e39e48a002f1b6a2066a5c45d39839756
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92ff188e39e48a002f1b6a2066a5c45d39839756
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
