[Git][security-tracker-team/security-tracker][master] automatic update

Fri, 19 Nov 2021 00:10:33 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
8b0f2900 by security tracker role at 2021-11-19T08:10:13+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,35 @@
+CVE-2021-44034
+       RESERVED
+CVE-2021-44033 (In Ionic Identity Vault before 5.0.5, the protection mechanism 
for inv ...)
+       TODO: check
+CVE-2021-44032
+       RESERVED
+CVE-2021-44031
+       RESERVED
+CVE-2021-44030
+       RESERVED
+CVE-2021-44029
+       RESERVED
+CVE-2021-44028
+       RESERVED
+CVE-2021-44027
+       RESERVED
+CVE-2021-44024
+       RESERVED
+CVE-2021-44023
+       RESERVED
+CVE-2021-44022
+       RESERVED
+CVE-2021-44021
+       RESERVED
+CVE-2021-44020
+       RESERVED
+CVE-2021-44019
+       RESERVED
+CVE-2021-3978
+       RESERVED
+CVE-2021-3977
+       RESERVED
 CVE-2021-44018
        RESERVED
 CVE-2021-44017
@@ -42,12 +74,12 @@ CVE-2021-3976
        RESERVED
 CVE-2021-3975
        RESERVED
-CVE-2021-44025 [XSS issue in handling attachment filename extension in 
mimetype mismatch warning]
+CVE-2021-44025 (Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to 
XSS in han ...)
        - roundcube 1.5.0+dfsg.1-1 (bug #1000156)
        NOTE: https://github.com/roundcube/roundcubemail/issues/8193
        NOTE: 
https://github.com/roundcube/roundcubemail/commit/faf99bf8a2b7b7562206fa047e8de652861e624a
 (1.4.12)
        NOTE: 
https://github.com/roundcube/roundcubemail/commit/7d7b1dfeff795390b69905ceb63d6391b5b0dfe7
 (1.3.17)
-CVE-2021-44026 [SQL injection via some session variables]
+CVE-2021-44026 (Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to a 
potentia ...)
        - roundcube 1.5.0+dfsg.1-1 (bug #1000156)
        NOTE: 
https://github.com/roundcube/roundcubemail/commit/c8947ecb762d9e89c2091bda28d49002817263f1
 (1.4.12)
        NOTE: 
https://github.com/roundcube/roundcubemail/commit/ee809bde2dcaa04857a919397808a7296681dcfa
 (1.3.17)
@@ -9638,8 +9670,8 @@ CVE-2021-41280
        RESERVED
 CVE-2021-41279
        RESERVED
-CVE-2021-41278
-       RESERVED
+CVE-2021-41278 (Functions SDK for EdgeX is meant to provide all the plumbing 
necessary ...)
+       TODO: check
 CVE-2021-41277 (Metabase is an open source data analytics platform. In 
affected versio ...)
        NOT-FOR-US: Metabase
 CVE-2021-41276
@@ -12419,12 +12451,12 @@ CVE-2021-40133
        RESERVED
 CVE-2021-40132
        RESERVED
-CVE-2021-40131
-       RESERVED
-CVE-2021-40130
-       RESERVED
-CVE-2021-40129
-       RESERVED
+CVE-2021-40131 (A vulnerability in the web-based management interface of Cisco 
Common  ...)
+       TODO: check
+CVE-2021-40130 (A vulnerability in the web application of Cisco Common 
Services Platfo ...)
+       TODO: check
+CVE-2021-40129 (A vulnerability in the configuration dashboard of Cisco Common 
Service ...)
+       TODO: check
 CVE-2021-40128 (A vulnerability in the account activation feature of Cisco 
Webex Meeti ...)
        NOT-FOR-US: Cisco
 CVE-2021-40127 (A vulnerability in the web-based management interface of Cisco 
Small B ...)
@@ -19214,8 +19246,8 @@ CVE-2021-37324
        RESERVED
 CVE-2021-37323
        RESERVED
-CVE-2021-37322
-       RESERVED
+CVE-2021-37322 (GCC c++filt v2.26 was discovered to contain a use-after-free 
vulnerabi ...)
+       TODO: check
 CVE-2021-37321
        RESERVED
 CVE-2021-37320
@@ -181078,9 +181110,11 @@ CVE-2019-7250 (An issue was discovered in the Cross 
Reference Add-on 36 for Goog
 CVE-2019-7249 (In Keybase before 2.12.6 on macOS, the move RPC to the Helper 
was susc ...)
        NOT-FOR-US: Keybase on MacOS
 CVE-2019-7283 (An issue was discovered in rcp in NetKit through 0.17. For an 
rcp oper ...)
+       {DLA-2822-1}
        - netkit-rsh 0.17-20 (bug #920486)
        [jessie] - netkit-rsh <no-dsa> (Minor issue)
 CVE-2019-7282 (In NetKit through 0.17, rcp.c in the rcp client allows remote 
rsh serv ...)
+       {DLA-2822-1}
        - netkit-rsh 0.17-20 (bug #920486)
        [jessie] - netkit-rsh <no-dsa> (Minor issue)
 CVE-2019-7248



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b0f2900c90b91a75ddfb65a7156e2ba66d43798

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b0f2900c90b91a75ddfb65a7156e2ba66d43798
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to