Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ff697deb by security tracker role at 2021-07-24T08:10:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2021-37425
+ RESERVED
CVE-2021-37424
RESERVED
CVE-2021-37423
@@ -10493,8 +10495,8 @@ CVE-2021-32785 (mod_auth_openidc is an
authentication/authorization module for t
NOTE:
https://github.com/zmartzone/mod_auth_openidc/commit/dc672688dc1f2db7df8ad4abebc367116017a449
(v2.4.9)
CVE-2021-32784
RESERVED
-CVE-2021-32783
- RESERVED
+CVE-2021-32783 (Contour is a Kubernetes ingress controller using Envoy proxy.
In Conto ...)
+ TODO: check
CVE-2021-32782
RESERVED
CVE-2021-32781
@@ -10730,8 +10732,8 @@ CVE-2021-32688 (Nextcloud Server is a Nextcloud package
that handles data storag
- nextcloud-server <itp> (bug #941708)
CVE-2021-32687
RESERVED
-CVE-2021-32686
- RESERVED
+CVE-2021-32686 (PJSIP is a free and open source multimedia communication
library writt ...)
+ TODO: check
CVE-2021-32685 (tEnvoy contains the PGP, NaCl, and PBKDF2 in node.js and the
browser ( ...)
NOT-FOR-US: tEnvoy
CVE-2021-32684 (magento-scripts contains scripts and configuration used by
Create Mage ...)
@@ -27997,10 +27999,10 @@ CVE-2021-25811 (MERCUSYS Mercury X18G 1.0.5 devices
allow Denial of service via
NOT-FOR-US: MERCUSYS Mercury X18G 1.0.5 devices
CVE-2021-25810 (Cross site Scripting (XSS) vulnerability in MERCUSYS Mercury
X18G 1.0. ...)
NOT-FOR-US: MERCUSYS Mercury X18G 1.0.5 devices
-CVE-2021-25809
- RESERVED
-CVE-2021-25808
- RESERVED
+CVE-2021-25809 (UCMS 1.5.0 was discovered to contain a physical path leakage
via an er ...)
+ TODO: check
+CVE-2021-25808 (A code injection vulnerability in backup/plugin.php of Bludit
3.13.1 a ...)
+ TODO: check
CVE-2021-25807
RESERVED
CVE-2021-25806
@@ -29154,8 +29156,8 @@ CVE-2021-3171
RESERVED
CVE-2021-3170
RESERVED
-CVE-2021-3169
- RESERVED
+CVE-2021-3169 (An issue in Jumpserver 2.6.2 and below allows attackers to
create a co ...)
+ TODO: check
CVE-2021-3168
RESERVED
CVE-2021-3167 (In Cloudera Data Engineering (CDE) 1.3.0, JWT authentication
tokens ar ...)
@@ -69543,8 +69545,8 @@ CVE-2020-20743
RESERVED
CVE-2020-20742
RESERVED
-CVE-2020-20741
- RESERVED
+CVE-2020-20741 (Incorrect Access Control in Beckhoff Automation GmbH & Co.
KG CX90 ...)
+ TODO: check
CVE-2020-20740 (PDFResurrect before 0.20 lack of header validation checks
causes heap- ...)
{DLA-2475-1}
- pdfresurrect 0.21-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff697debd020cb658e85d90202e0606f6a6f186a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff697debd020cb658e85d90202e0606f6a6f186a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
