Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9f4e3f84 by security tracker role at 2021-10-26T08:10:12+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,49 @@
+CVE-2021-43032
+ RESERVED
+CVE-2021-43031
+ RESERVED
+CVE-2021-43030
+ RESERVED
+CVE-2021-43029
+ RESERVED
+CVE-2021-43028
+ RESERVED
+CVE-2021-43027
+ RESERVED
+CVE-2021-43026
+ RESERVED
+CVE-2021-43025
+ RESERVED
+CVE-2021-43024
+ RESERVED
+CVE-2021-43023
+ RESERVED
+CVE-2021-43022
+ RESERVED
+CVE-2021-43021
+ RESERVED
+CVE-2021-43020
+ RESERVED
+CVE-2021-43019
+ RESERVED
+CVE-2021-43018
+ RESERVED
+CVE-2021-43017
+ RESERVED
+CVE-2021-43016
+ RESERVED
+CVE-2021-43015
+ RESERVED
+CVE-2021-43014
+ RESERVED
+CVE-2021-43013
+ RESERVED
+CVE-2021-43012
+ RESERVED
+CVE-2021-43011
+ RESERVED
+CVE-2021-3905
+ RESERVED
CVE-2021-3904
RESERVED
CVE-2021-3903
@@ -5049,16 +5095,16 @@ CVE-2021-41310
RESERVED
CVE-2021-41309
RESERVED
-CVE-2021-41308
- RESERVED
-CVE-2021-41307
- RESERVED
-CVE-2021-41306
- RESERVED
-CVE-2021-41305
- RESERVED
-CVE-2021-41304
- RESERVED
+CVE-2021-41308 (Affected versions of Atlassian Jira Server and Data Center
allow authe ...)
+ TODO: check
+CVE-2021-41307 (Affected versions of Atlassian Jira Server and Data Center
allow unaut ...)
+ TODO: check
+CVE-2021-41306 (Affected versions of Atlassian Jira Server and Data Center
allow anony ...)
+ TODO: check
+CVE-2021-41305 (Affected versions of Atlassian Jira Server and Data Center
allow anony ...)
+ TODO: check
+CVE-2021-41304 (Affected versions of Atlassian Jira Server and Data Center
allow anony ...)
+ TODO: check
CVE-2021-3812 (adminlte is vulnerable to Improper Neutralization of Input
During Web ...)
NOT-FOR-US: adminlte
CVE-2021-3811 (adminlte is vulnerable to Improper Neutralization of Input
During Web ...)
@@ -5343,12 +5389,12 @@ CVE-2021-41181
RESERVED
CVE-2021-41180
RESERVED
-CVE-2021-41179
- RESERVED
-CVE-2021-41178
- RESERVED
-CVE-2021-41177
- RESERVED
+CVE-2021-41179 (Nextcloud is an open-source, self-hosted productivity
platform. Prior ...)
+ TODO: check
+CVE-2021-41178 (Nextcloud is an open-source, self-hosted productivity
platform. Prior ...)
+ TODO: check
+CVE-2021-41177 (Nextcloud is an open-source, self-hosted productivity
platform. Prior ...)
+ TODO: check
CVE-2021-41176 (Pterodactyl is an open-source game server management panel
built with ...)
NOT-FOR-US: Pterodactyl
CVE-2021-41175
@@ -5429,8 +5475,7 @@ CVE-2021-41146 (qutebrowser is an open source
keyboard-focused browser with a mi
NOTE:
https://github.com/qutebrowser/qutebrowser/commit/8f46ba3f6dc7b18375f7aa63c48a1fe461190430
NOTE: Additional hardening for potential similar issues on Linux were
added, but
NOTE: are not fixing a security vulnerability.
-CVE-2021-41145
- RESERVED
+CVE-2021-41145 (Software Defined Telecom Stack enabling the digital
transformation fro ...)
- freeswitch <itp> (bug #389591)
NOTE:
https://github.com/signalwire/freeswitch/security/advisories/GHSA-jvpq-23v4-gp3m
CVE-2021-41144
@@ -5514,8 +5559,7 @@ CVE-2021-41107
RESERVED
CVE-2021-41106 (JWT is a library to work with JSON Web Token and JSON Web
Signature. P ...)
NOT-FOR-US: PHP lcobucci/jwt
-CVE-2021-41105
- RESERVED
+CVE-2021-41105 (FreeSWITCH is a Software Defined Telecom Stack enabling the
digital tr ...)
- freeswitch <itp> (bug #389591)
NOTE:
https://github.com/signalwire/freeswitch/security/advisories/GHSA-jh42-prph-gp36
CVE-2021-41104 (ESPHome is a system to control the ESP8266/ESP32. Anyone with
web_serv ...)
@@ -10001,12 +10045,12 @@ CVE-2021-39227 (ZRender is a lightweight graphic
library providing 2d draw for A
NOT-FOR-US: ZRender
CVE-2021-39226 (Grafana is an open source data visualization platform. In
affected ver ...)
- grafana <removed>
-CVE-2021-39225
- RESERVED
-CVE-2021-39224
- RESERVED
-CVE-2021-39223
- RESERVED
+CVE-2021-39225 (Nextcloud is an open-source, self-hosted productivity
platform. A miss ...)
+ TODO: check
+CVE-2021-39224 (Nextcloud is an open-source, self-hosted productivity
platform. The Ne ...)
+ TODO: check
+CVE-2021-39223 (Nextcloud is an open-source, self-hosted productivity
platform. The Ne ...)
+ TODO: check
CVE-2021-39222
RESERVED
CVE-2021-39221 (Nextcloud is an open-source, self-hosted productivity
platform. The Ne ...)
@@ -12262,12 +12306,12 @@ CVE-2021-38262
RESERVED
CVE-2021-38261
RESERVED
-CVE-2021-38260
- RESERVED
+CVE-2021-38260 (NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer
overflow ...)
+ TODO: check
CVE-2021-38259
RESERVED
-CVE-2021-38258
- RESERVED
+CVE-2021-38258 (NXP MCUXpresso SDK v2.7.0 was discovered to contain a buffer
overflow ...)
+ TODO: check
CVE-2021-38257
RESERVED
CVE-2021-38256
@@ -52768,6 +52812,7 @@ CVE-2021-21704 (In PHP versions 7.3.x below 7.3.29,
7.4.x below 7.4.21 and 8.0.x
NOTE: PHP Bug: https://bugs.php.net/76450
NOTE: PHP Bug: https://bugs.php.net/76452
CVE-2021-21703 (In PHP versions 7.3.x up to and including 7.3.31, 7.4.x below
7.4.25 a ...)
+ {DSA-4993-1 DSA-4992-1}
- php8.0 <unfixed>
- php7.4 <unfixed> (bug #997003)
- php7.3 <removed>
@@ -56417,8 +56462,8 @@ CVE-2021-20839
RESERVED
CVE-2021-20838
RESERVED
-CVE-2021-20837
- RESERVED
+CVE-2021-20837 (Movable Type 7 r.5002 and earlier (Movable Type 7 Series),
Movable Typ ...)
+ TODO: check
CVE-2021-20836 (Out-of-bounds read vulnerability in CX-Supervisor v4.0.0.13
and v4.0.0 ...)
NOT-FOR-US: CX-Supervisor
CVE-2021-20835
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f4e3f84265d46c9dcd369d310826fae521fbc3f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f4e3f84265d46c9dcd369d310826fae521fbc3f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
