Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
27a403ff by Salvatore Bonaccorso at 2021-08-27T22:25:35+02:00
Process one NFU
- - - - -
f3c04d4d by Salvatore Bonaccorso at 2021-08-27T22:29:46+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2167,7 +2167,7 @@ CVE-2021-39163
CVE-2021-39162
RESERVED
CVE-2021-39161 (Discourse is an open source platform for community discussion.
In affe ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2021-39160 (nbgitpuller is a Jupyter server extension to sync a git
repository one ...)
TODO: check
CVE-2021-39159 (BinderHub is a kubernetes-based cloud service that allows
users to sha ...)
@@ -8101,9 +8101,9 @@ CVE-2021-36533
CVE-2021-36532
RESERVED
CVE-2021-36531 (ngiflib 0.4 has a heap overflow in GetByte() at ngiflib.c:70
in NGIFLI ...)
- TODO: check
+ NOT-FOR-US: ngiflib
CVE-2021-36530 (ngiflib 0.4 has a heap overflow in GetByteStr() at
ngiflib.c:108 in NG ...)
- TODO: check
+ NOT-FOR-US: ngiflib
CVE-2021-36529
RESERVED
CVE-2021-36528
@@ -10866,7 +10866,7 @@ CVE-2021-35344
CVE-2021-35343 (Cross-Site Request Forgery (CSRF) vulnerability in the
/op/op.Ajax.php ...)
NOT-FOR-US: SeedDMS
CVE-2021-35342 (The useradm service 1.14.0 (in Northern.tech Mender Enterprise
2.7.x b ...)
- TODO: check
+ NOT-FOR-US: Northern.tech
CVE-2021-35341
RESERVED
CVE-2021-35340
@@ -24652,7 +24652,7 @@ CVE-2021-29746
CVE-2021-29745
RESERVED
CVE-2021-29744 (IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to
cross-sit ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2021-29743
RESERVED
CVE-2021-29742 (IBM Security Verify Access Docker 10.0.0 could allow a user to
imperso ...)
@@ -28316,7 +28316,7 @@ CVE-2021-28235
CVE-2021-28234
RESERVED
CVE-2021-28233 (Heap-based Buffer Overflow vulnerability exists in
ok-file-formats 1 v ...)
- TODO: check
+ NOT-FOR-US: ok-file-formats
CVE-2021-28232
RESERVED
CVE-2021-28231
@@ -34210,7 +34210,7 @@ CVE-2021-3266
CVE-2021-3265
RESERVED
CVE-2021-3264 (SQL Injection vulnerability in cxuucms 3.1 ivia the pid
parameter in p ...)
- TODO: check
+ NOT-FOR-US: cxuucms
CVE-2021-3263
RESERVED
CVE-2021-3262
@@ -76582,7 +76582,7 @@ CVE-2020-20677
CVE-2020-20676
RESERVED
CVE-2020-20675 (Nuishop v2.3 contains a SQL injection vulnerability in
/goods/getGoods ...)
- TODO: check
+ NOT-FOR-US: Nuishop
CVE-2020-20674
RESERVED
CVE-2020-20673
@@ -80002,15 +80002,15 @@ CVE-2020-19004
CVE-2020-19003
RESERVED
CVE-2020-19002 (Cross Site Scripting (XSS) in Mezzanine v4.3.1 allows remote
attackers ...)
- TODO: check
+ NOT-FOR-US: Mezzanine CMS
CVE-2020-19001 (Command Injection in Simiki v1.6.2.1 and prior allows remote
attackers ...)
- TODO: check
+ NOT-FOR-US: Simiki
CVE-2020-19000 (Cross Site Scripting (XSS) in Simiki v1.6.2.1 and prior allows
remote ...)
- TODO: check
+ NOT-FOR-US: Simiki
CVE-2020-18999 (Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote
attackers t ...)
- TODO: check
+ NOT-FOR-US: Blog_mini
CVE-2020-18998 (Cross Site Scripting (XSS) in Blog_mini v1.0 allows remote
attackers t ...)
- TODO: check
+ NOT-FOR-US: Blog_mini
CVE-2020-18997
RESERVED
CVE-2020-18996
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/92a065de80a317d2105e39fcaae9c14b1cf2db5f...f3c04d4d8ffb2efd3d4ee12003a4e66bfb3bcfbd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/92a065de80a317d2105e39fcaae9c14b1cf2db5f...f3c04d4d8ffb2efd3d4ee12003a4e66bfb3bcfbd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
