[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Wed, 01 Sep 2021 01:10:42 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
f1efe19e by security tracker role at 2021-09-01T08:10:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,53 @@
+CVE-2021-40353 (A SQL injection vulnerability exists in version 8.0 of openSIS 
when My ...)
+       TODO: check
+CVE-2021-40352
+       RESERVED
+CVE-2021-40351
+       RESERVED
+CVE-2021-40350
+       RESERVED
+CVE-2021-40349
+       RESERVED
+CVE-2021-40348
+       RESERVED
+CVE-2021-40347
+       RESERVED
+CVE-2021-40346
+       RESERVED
+CVE-2021-40345
+       RESERVED
+CVE-2021-40344
+       RESERVED
+CVE-2021-40343
+       RESERVED
+CVE-2021-40342
+       RESERVED
+CVE-2021-40341
+       RESERVED
+CVE-2021-40340
+       RESERVED
+CVE-2021-40339
+       RESERVED
+CVE-2021-40338
+       RESERVED
+CVE-2021-40337
+       RESERVED
+CVE-2021-40336
+       RESERVED
+CVE-2021-40335
+       RESERVED
+CVE-2021-40334
+       RESERVED
+CVE-2021-40333
+       RESERVED
+CVE-2021-40332
+       RESERVED
+CVE-2021-3759
+       RESERVED
+CVE-2021-3758
+       RESERVED
+CVE-2021-3757
+       RESERVED
 CVE-2021-40331
        RESERVED
 CVE-2021-3756
@@ -2677,7 +2727,7 @@ CVE-2021-39134 (`@npmcli/arborist`, the library that 
calculates dependency trees
        NOTE: 
https://github.com/npm/arborist/security/advisories/GHSA-2h3h-q99f-3fhc
 CVE-2021-39133 (Rundeck is an open source automation service with a web 
console, comma ...)
        NOT-FOR-US: Rundeck
-CVE-2021-39132 (### Impact An authorized user can upload a zip-format plugin 
with a cr ...)
+CVE-2021-39132 (Rundeck is an open source automation service with a web 
console, comma ...)
        NOT-FOR-US: Rundeck
 CVE-2021-39131 (ced detects character encoding using Google&#8217;s 
compact_enc_det li ...)
        NOT-FOR-US: Node ced
@@ -2723,8 +2773,8 @@ CVE-2021-39111 (The Editor plugin in Atlassian Jira 
Server and Data Center befor
        NOT-FOR-US: Atlassian
 CVE-2021-39110
        RESERVED
-CVE-2021-39109
-       RESERVED
+CVE-2021-39109 (The renderWidgetResource resource in Atlasian Atlasboard 
before versio ...)
+       TODO: check
 CVE-2021-39108
        RESERVED
 CVE-2021-39107
@@ -6523,8 +6573,8 @@ CVE-2021-37417 (Zoho ManageEngine ADSelfService Plus 
version 6103 and prior allo
        NOT-FOR-US: Zoho ManageEngine
 CVE-2021-37416 (Zoho ManageEngine ADSelfService Plus version 6103 and prior is 
vulnera ...)
        NOT-FOR-US: Zoho ManageEngine
-CVE-2021-37415
-       RESERVED
+CVE-2021-37415 (Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable 
to authe ...)
+       TODO: check
 CVE-2021-37414
        RESERVED
 CVE-2021-37413
@@ -9168,8 +9218,8 @@ CVE-2021-3638 [ati-vga: inconsistent check in 
ati_2d_blt() may lead to out-of-bo
        [buster] - qemu <not-affected> (Vulnerable code introduced in ATI VGA 
device emulation added later)
        [stretch] - qemu <not-affected> (Vulnerable code introduced in ATI VGA 
device emulation added later)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1979858
-CVE-2021-36235
-       RESERVED
+CVE-2021-36235 (An issue was discovered in Ivanti Workspace Control before 
10.6.30.0.  ...)
+       TODO: check
 CVE-2021-36234 (Use of a hard-coded cryptographic key in MIK.starlight 
7.9.5.24363 all ...)
        NOT-FOR-US: MIK.starlight
 CVE-2021-36233 (The function AdminGetFirstFileContentByFilePath in 
MIK.starlight 7.9.5 ...)
@@ -15317,8 +15367,8 @@ CVE-2021-33584
        RESERVED
 CVE-2021-33583
        RESERVED
-CVE-2021-33582
-       RESERVED
+CVE-2021-33582 (Cyrus IMAP before 3.4.2 allows remote attackers to cause a 
denial of s ...)
+       TODO: check
 CVE-2021-33581
        RESERVED
 CVE-2021-33580 (User controlled `request.getHeader("Referer")`, 
`request.getRequestURL ...)
@@ -43590,8 +43640,8 @@ CVE-2021-22031
        RESERVED
 CVE-2021-22030
        RESERVED
-CVE-2021-22029
-       RESERVED
+CVE-2021-22029 (VMware Workspace ONE UEM REST API contains a denial of service 
vulnera ...)
+       TODO: check
 CVE-2021-22028
        RESERVED
 CVE-2021-22027 (The vRealize Operations Manager API (8.x prior to 8.5) 
contains a Serv ...)
@@ -43642,10 +43692,10 @@ CVE-2021-22005
        RESERVED
 CVE-2021-22004
        RESERVED
-CVE-2021-22003
-       RESERVED
-CVE-2021-22002
-       RESERVED
+CVE-2021-22003 (VMware Workspace ONE Access and Identity Manager, 
unintentionally prov ...)
+       TODO: check
+CVE-2021-22002 (VMware Workspace ONE Access and Identity Manager, allow the 
/cfg web a ...)
+       TODO: check
 CVE-2021-22001 (In UAA versions prior to 75.3.0, sensitive information like 
relaying s ...)
        NOT-FOR-US: CloudFoundry
 CVE-2021-22000 (VMware Thinapp version 5.x prior to 5.2.10 contain a DLL 
hijacking vul ...)
@@ -43947,6 +43997,7 @@ CVE-2021-21862 (Multiple exploitable integer truncation 
vulnerabilities exist wi
        NOTE: 
https://github.com/gpac/gpac/commit/8cd33e8977fd5f4215e4b67c309fd403762bfeb7
        NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21861 (An exploitable integer truncation vulnerability exists within 
the MPEG ...)
+       {DSA-4966-1}
        - gpac <unfixed>
        [buster] - gpac <not-affected> (Vulnerable code not present)
        [stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -43954,6 +44005,7 @@ CVE-2021-21861 (An exploitable integer truncation 
vulnerability exists within th
        NOTE: 
https://github.com/gpac/gpac/commit/8cd33e8977fd5f4215e4b67c309fd403762bfeb7
        NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21860 (An exploitable integer truncation vulnerability exists within 
the MPEG ...)
+       {DSA-4966-1}
        - gpac <unfixed>
        [buster] - gpac <not-affected> (Vulnerable code not present)
        [stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -43961,6 +44013,7 @@ CVE-2021-21860 (An exploitable integer truncation 
vulnerability exists within th
        NOTE: 
https://github.com/gpac/gpac/commit/8cd33e8977fd5f4215e4b67c309fd403762bfeb7
        NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21859 (An exploitable integer truncation vulnerability exists within 
the MPEG ...)
+       {DSA-4966-1}
        - gpac <unfixed>
        [buster] - gpac <not-affected> (Vulnerable code not present)
        [stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -43968,6 +44021,7 @@ CVE-2021-21859 (An exploitable integer truncation 
vulnerability exists within th
        NOTE: 
https://github.com/gpac/gpac/commit/8cd33e8977fd5f4215e4b67c309fd403762bfeb7
        NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21858 (Multiple exploitable integer overflow vulnerabilities exist 
within the ...)
+       {DSA-4966-1}
        - gpac <unfixed>
        [buster] - gpac <not-affected> (Vulnerable code not present)
        [stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -43975,6 +44029,7 @@ CVE-2021-21858 (Multiple exploitable integer overflow 
vulnerabilities exist with
        NOTE: 
https://github.com/gpac/gpac/commit/bbd741e0e5a6e7e1e90a73c350acc061dde9450b
        NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21857 (Multiple exploitable integer overflow vulnerabilities exist 
within the ...)
+       {DSA-4966-1}
        - gpac <unfixed>
        [buster] - gpac <not-affected> (Vulnerable code not present)
        [stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -43988,6 +44043,7 @@ CVE-2021-21856 (Multiple exploitable integer overflow 
vulnerabilities exist with
        NOTE: 
https://github.com/gpac/gpac/commit/bbd741e0e5a6e7e1e90a73c350acc061dde9450b
        NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21855 (Multiple exploitable integer overflow vulnerabilities exist 
within the ...)
+       {DSA-4966-1}
        - gpac <unfixed>
        [buster] - gpac <not-affected> (Vulnerable code not present)
        [stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -43995,6 +44051,7 @@ CVE-2021-21855 (Multiple exploitable integer overflow 
vulnerabilities exist with
        NOTE: 
https://github.com/gpac/gpac/commit/bbd741e0e5a6e7e1e90a73c350acc061dde9450b
        NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21854 (Multiple exploitable integer overflow vulnerabilities exist 
within the ...)
+       {DSA-4966-1}
        - gpac <unfixed>
        [buster] - gpac <not-affected> (Vulnerable code not present)
        [stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44002,6 +44059,7 @@ CVE-2021-21854 (Multiple exploitable integer overflow 
vulnerabilities exist with
        NOTE: 
https://github.com/gpac/gpac/commit/bbd741e0e5a6e7e1e90a73c350acc061dde9450b
        NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21853 (Multiple exploitable integer overflow vulnerabilities exist 
within the ...)
+       {DSA-4966-1}
        - gpac <unfixed>
        [buster] - gpac <not-affected> (Vulnerable code not present)
        [stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44023,6 +44081,7 @@ CVE-2021-21851 (Multiple exploitable integer overflow 
vulnerabilities exist with
        NOTE: 
https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
        NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21850 (An exploitable integer overflow vulnerability exists within 
the MPEG-4 ...)
+       {DSA-4966-1}
        - gpac <unfixed>
        [buster] - gpac <not-affected> (Vulnerable code not present)
        [stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44030,6 +44089,7 @@ CVE-2021-21850 (An exploitable integer overflow 
vulnerability exists within the
        NOTE: 
https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
        NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21849 (An exploitable integer overflow vulnerability exists within 
the MPEG-4 ...)
+       {DSA-4966-1}
        - gpac <unfixed>
        [buster] - gpac <not-affected> (Vulnerable code not present)
        [stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44037,6 +44097,7 @@ CVE-2021-21849 (An exploitable integer overflow 
vulnerability exists within the
        NOTE: 
https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
        NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21848 (An exploitable integer overflow vulnerability exists within 
the MPEG-4 ...)
+       {DSA-4966-1}
        - gpac <unfixed>
        [buster] - gpac <not-affected> (Vulnerable code not present)
        [stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44044,6 +44105,7 @@ CVE-2021-21848 (An exploitable integer overflow 
vulnerability exists within the
        NOTE: 
https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
        NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21847 (Multiple exploitable integer overflow vulnerabilities exist 
within the ...)
+       {DSA-4966-1}
        - gpac <unfixed>
        [buster] - gpac <not-affected> (Vulnerable code not present)
        [stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44051,6 +44113,7 @@ CVE-2021-21847 (Multiple exploitable integer overflow 
vulnerabilities exist with
        NOTE: 
https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
        NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21846 (Multiple exploitable integer overflow vulnerabilities exist 
within the ...)
+       {DSA-4966-1}
        - gpac <unfixed>
        [buster] - gpac <not-affected> (Vulnerable code not present)
        [stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44058,6 +44121,7 @@ CVE-2021-21846 (Multiple exploitable integer overflow 
vulnerabilities exist with
        NOTE: 
https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
        NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21845 (Multiple exploitable integer overflow vulnerabilities exist 
within the ...)
+       {DSA-4966-1}
        - gpac <unfixed>
        [buster] - gpac <not-affected> (Vulnerable code not present)
        [stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44065,6 +44129,7 @@ CVE-2021-21845 (Multiple exploitable integer overflow 
vulnerabilities exist with
        NOTE: 
https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
        NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21844 (Multiple exploitable integer overflow vulnerabilities exist 
within the ...)
+       {DSA-4966-1}
        - gpac <unfixed>
        [buster] - gpac <not-affected> (Vulnerable code not present)
        [stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44072,6 +44137,7 @@ CVE-2021-21844 (Multiple exploitable integer overflow 
vulnerabilities exist with
        NOTE: 
https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
        NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21843 (Multiple exploitable integer overflow vulnerabilities exist 
within the ...)
+       {DSA-4966-1}
        - gpac <unfixed>
        [buster] - gpac <not-affected> (Vulnerable code not present)
        [stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44079,6 +44145,7 @@ CVE-2021-21843 (Multiple exploitable integer overflow 
vulnerabilities exist with
        NOTE: 
https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
        NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21842 (An exploitable integer overflow vulnerability exists within 
the MPEG-4 ...)
+       {DSA-4966-1}
        - gpac <unfixed>
        [buster] - gpac <not-affected> (Vulnerable code not present)
        [stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44086,6 +44153,7 @@ CVE-2021-21842 (An exploitable integer overflow 
vulnerability exists within the
        NOTE: 
https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
        NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21841 (An exploitable integer overflow vulnerability exists within 
the MPEG-4 ...)
+       {DSA-4966-1}
        - gpac <unfixed>
        [buster] - gpac <not-affected> (Vulnerable code not present)
        [stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44093,6 +44161,7 @@ CVE-2021-21841 (An exploitable integer overflow 
vulnerability exists within the
        NOTE: 
https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
        NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21840 (An exploitable integer overflow vulnerability exists within 
the MPEG-4 ...)
+       {DSA-4966-1}
        - gpac <unfixed>
        [buster] - gpac <not-affected> (Vulnerable code not present)
        [stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44100,6 +44169,7 @@ CVE-2021-21840 (An exploitable integer overflow 
vulnerability exists within the
        NOTE: 
https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
        NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21839 (Multiple exploitable integer overflow vulnerabilities exist 
within the ...)
+       {DSA-4966-1}
        - gpac <unfixed>
        [buster] - gpac <not-affected> (Vulnerable code not present)
        [stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44107,6 +44177,7 @@ CVE-2021-21839 (Multiple exploitable integer overflow 
vulnerabilities exist with
        NOTE: 
https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
        NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21838 (Multiple exploitable integer overflow vulnerabilities exist 
within the ...)
+       {DSA-4966-1}
        - gpac <unfixed>
        [buster] - gpac <not-affected> (Vulnerable code not present)
        [stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44114,6 +44185,7 @@ CVE-2021-21838 (Multiple exploitable integer overflow 
vulnerabilities exist with
        NOTE: 
https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
        NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21837 (Multiple exploitable integer overflow vulnerabilities exist 
within the ...)
+       {DSA-4966-1}
        - gpac <unfixed>
        [buster] - gpac <not-affected> (Vulnerable code not present)
        [stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44121,6 +44193,7 @@ CVE-2021-21837 (Multiple exploitable integer overflow 
vulnerabilities exist with
        NOTE: 
https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
        NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21836 (An exploitable integer overflow vulnerability exists within 
the MPEG-4 ...)
+       {DSA-4966-1}
        - gpac <unfixed>
        [buster] - gpac <not-affected> (Vulnerable code not present)
        [stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -44134,6 +44207,7 @@ CVE-2021-21835 (An exploitable integer overflow 
vulnerability exists within the
        NOTE: 
https://github.com/gpac/gpac/commit/b515fd04f5f00f4a99df741042f1efb31ad56351
        NOTE: https://github.com/gpac/gpac/issues/1814
 CVE-2021-21834 (An exploitable integer overflow vulnerability exists within 
the MPEG-4 ...)
+       {DSA-4966-1}
        - gpac <unfixed>
        [buster] - gpac <not-affected> (Vulnerable code not present)
        [stretch] - gpac <not-affected> (Vulnerable code not present)
@@ -77499,8 +77573,8 @@ CVE-2020-20497
        RESERVED
 CVE-2020-20496
        RESERVED
-CVE-2020-20495
-       RESERVED
+CVE-2020-20495 (bludit v3.13.0 contains an arbitrary file deletion 
vulnerability in th ...)
+       TODO: check
 CVE-2020-20494
        RESERVED
 CVE-2020-20493
@@ -77509,16 +77583,16 @@ CVE-2020-20492
        RESERVED
 CVE-2020-20491
        RESERVED
-CVE-2020-20490
-       RESERVED
+CVE-2020-20490 (A heap buffer-overflow in the client_example1.c component of 
libiec_ic ...)
+       TODO: check
 CVE-2020-20489
        RESERVED
 CVE-2020-20488
        RESERVED
 CVE-2020-20487
        RESERVED
-CVE-2020-20486
-       RESERVED
+CVE-2020-20486 (IEC104 v1.0 contains a stack-buffer overflow in the parameter 
Iec10x_S ...)
+       TODO: check
 CVE-2020-20485
        RESERVED
 CVE-2020-20484



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f1efe19eb378eaf1274bac8abfee9f883c4a63db

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f1efe19eb378eaf1274bac8abfee9f883c4a63db
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to