[Git][security-tracker-team/security-tracker][master] automatic update

Tue, 09 Nov 2021 00:10:34 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
dd50c7e2 by security tracker role at 2021-11-09T08:10:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,81 @@
+CVE-2021-43556
+       RESERVED
+CVE-2021-43555
+       RESERVED
+CVE-2021-43554
+       RESERVED
+CVE-2021-43553
+       RESERVED
+CVE-2021-43552
+       RESERVED
+CVE-2021-43551
+       RESERVED
+CVE-2021-43550
+       RESERVED
+CVE-2021-43549
+       RESERVED
+CVE-2021-43548
+       RESERVED
+CVE-2021-43547
+       RESERVED
+CVE-2021-43546
+       RESERVED
+CVE-2021-43545
+       RESERVED
+CVE-2021-43544
+       RESERVED
+CVE-2021-43543
+       RESERVED
+CVE-2021-43542
+       RESERVED
+CVE-2021-43541
+       RESERVED
+CVE-2021-43540
+       RESERVED
+CVE-2021-43539
+       RESERVED
+CVE-2021-43538
+       RESERVED
+CVE-2021-43537
+       RESERVED
+CVE-2021-43536
+       RESERVED
+CVE-2021-43535
+       RESERVED
+CVE-2021-43534
+       RESERVED
+CVE-2021-43533
+       RESERVED
+CVE-2021-43532
+       RESERVED
+CVE-2021-43531
+       RESERVED
+CVE-2021-43530
+       RESERVED
+CVE-2021-43529
+       RESERVED
+CVE-2021-43528
+       RESERVED
+CVE-2021-43527
+       RESERVED
+CVE-2021-43526
+       RESERVED
+CVE-2021-43525
+       RESERVED
+CVE-2021-43524
+       RESERVED
+CVE-2021-43523
+       RESERVED
+CVE-2021-43522
+       RESERVED
+CVE-2021-3939
+       RESERVED
+CVE-2021-3938
+       RESERVED
+CVE-2021-3937
+       RESERVED
+CVE-2021-3936
+       RESERVED
 CVE-2021-3935
        RESERVED
 CVE-2021-3934
@@ -7386,8 +7464,8 @@ CVE-2021-41255
        RESERVED
 CVE-2021-41254
        RESERVED
-CVE-2021-41253
-       RESERVED
+CVE-2021-41253 (Zydis is an x86/x86-64 disassembler library. Users of Zydis 
versions v ...)
+       TODO: check
 CVE-2021-41252
        RESERVED
 CVE-2021-41251 (@sap-cloud-sdk/core contains the core functionality of the SAP 
Cloud S ...)
@@ -7559,8 +7637,8 @@ CVE-2021-41172 (AS_Redis is an AntSword plugin for Redis. 
The Redis Manage plugi
        NOT-FOR-US: AntSword plugin for Redis
 CVE-2021-41171 (eLabFTW is an open source electronic lab notebook manager for 
research ...)
        NOT-FOR-US: eLabFTW
-CVE-2021-41170
-       RESERVED
+CVE-2021-41170 (### Impact Versions prior 1.1.1 have allowed for passing in 
closures d ...)
+       TODO: check
 CVE-2021-41169 (Sulu is an open-source PHP content management system based on 
the Symf ...)
        NOT-FOR-US: Sulu
 CVE-2021-41168 (Snudown is a reddit-specific fork of the Sundown Markdown 
parser used  ...)
@@ -9768,10 +9846,10 @@ CVE-2021-40263
        RESERVED
 CVE-2021-40262
        RESERVED
-CVE-2021-40261
-       RESERVED
-CVE-2021-40260
-       RESERVED
+CVE-2021-40261 (Multiple Cross Site Scripting (XSS) vulnerabilities exist in 
SourceCod ...)
+       TODO: check
+CVE-2021-40260 (Multiple Cross Site Scripting (XSS) vulnerabilities exist in 
SourceCod ...)
+       TODO: check
 CVE-2021-40259
        RESERVED
 CVE-2021-40258
@@ -16024,6 +16102,7 @@ CVE-2021-37697 (tmerc-cogs are a collection of open 
source plugins for the Red D
 CVE-2021-37696 (tmerc-cogs are a collection of open source plugins for the Red 
Discord ...)
        NOT-FOR-US: tmerc-cogs
 CVE-2021-37695 (ckeditor is an open source WYSIWYG HTML editor with rich 
content suppo ...)
+       {DLA-2813-1}
        - ckeditor 4.16.2+dfsg-1 (bug #992290)
        [bullseye] - ckeditor <no-dsa> (Minor issue)
        [buster] - ckeditor <no-dsa> (Minor issue)
@@ -25011,6 +25090,7 @@ CVE-2021-33831 (api/account/register in the TH Wildau 
COVID-19 Contact Tracing a
 CVE-2021-33830
        RESERVED
 CVE-2021-33829 (A cross-site scripting (XSS) vulnerability in the HTML Data 
Processor  ...)
+       {DLA-2813-1}
        - ckeditor 4.16.0+dfsg-2
        [buster] - ckeditor <no-dsa> (Minor issue)
        NOTE: 
https://ckeditor.com/blog/ckeditor-4.16.1-with-accessibility-enhancements/#improvements-for-comments-in-html-parser
@@ -81899,8 +81979,8 @@ CVE-2020-23574 (When uploading a file in Sysax Multi 
Server 6.90, an authenticat
        NOT-FOR-US: Sysax Multi Server
 CVE-2020-23573
        RESERVED
-CVE-2020-23572
-       RESERVED
+CVE-2020-23572 (BEESCMS v4.0 was discovered to contain an arbitrary file 
upload vulner ...)
+       TODO: check
 CVE-2020-23571
        RESERVED
 CVE-2020-23570
@@ -260633,7 +260713,7 @@ CVE-2017-14739 (The AcquireResampleFilterThreadSet 
function in magick/resample-p
 CVE-2017-14738 (FileRun (version 2017.09.18 and below) suffers from a remote 
SQL injec ...)
        NOT-FOR-US: FileRun
 CVE-2017-14737 (A cryptographic cache-based side channel in the RSA 
implementation in  ...)
-       {DLA-1125-1}
+       {DLA-2812-1 DLA-1125-1}
        - botan1.10 1.10.17-0.1 (bug #877436)
        [jessie] - botan1.10 <no-dsa> (Minor issue)
        NOTE: https://github.com/randombit/botan/issues/1222



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd50c7e2603e1f436b6896b0cce021689cfac84e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd50c7e2603e1f436b6896b0cce021689cfac84e
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to