Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dbe066bd by Moritz Muehlenhoff at 2021-11-29T15:09:03+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1391,7 +1391,7 @@ CVE-2021-43787
CVE-2021-43786
RESERVED
CVE-2021-43785 (@joeattardi/emoji-button is a Vanilla JavaScript emoji picker
componen ...)
- TODO: check
+ NOT-FOR-US: @joeattardi/emoji-button
CVE-2021-43784
RESERVED
CVE-2021-43783
@@ -5590,7 +5590,7 @@ CVE-2021-42787
CVE-2021-42786
RESERVED
CVE-2021-42785 (Buffer Overflow vulnerability in tvnviewer.exe of TightVNC
Viewer allo ...)
- TODO: check
+ NOT-FOR-US: TightVNC Viewer
CVE-2021-42784 (OS Command Injection vulnerability in debug_fcgi of D-Link
DWR-932C E1 ...)
NOT-FOR-US: D-Link
CVE-2021-42783 (Missing Authentication for Critical Function vulnerability in
debug_po ...)
@@ -24190,7 +24190,7 @@ CVE-2021-35535 (Insecure Boot Image vulnerability in
Hitachi Energy Relion Relio
CVE-2021-35534 (Insufficient security control vulnerability in internal
database acces ...)
NOT-FOR-US: Hitachi
CVE-2021-35533 (Improper Input Validation vulnerability in the APDU parser in
the Bidi ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2021-35532
RESERVED
CVE-2021-35531
@@ -32608,7 +32608,7 @@ CVE-2021-3536 (A flaw was found in Wildfly in versions
before 23.0.2.Final while
CVE-2021-3535 (Rapid7 Nexpose is vulnerable to a non-persistent cross-site
scripting ...)
NOT-FOR-US: Rapid7
CVE-2021-32061 (S3Scanner before 2.0.2 allows Directory Traversal via a
crafted bucket ...)
- TODO: check
+ NOT-FOR-US: S3Scanner
CVE-2021-32060
RESERVED
CVE-2021-32059
@@ -32660,7 +32660,7 @@ CVE-2021-32039
CVE-2021-32038
RESERVED
CVE-2021-32037 (An authorized user may trigger an invariant which may result
in denial ...)
- TODO: check
+ - mongodb <removed>
CVE-2021-32036
RESERVED
CVE-2021-32035
@@ -53549,7 +53549,7 @@ CVE-2021-23734
CVE-2021-23733
RESERVED
CVE-2021-23732 (This affects all versions of package docker-cli-js. If the
command par ...)
- TODO: check
+ NOT-FOR-US: Node docker-cli-js
CVE-2021-23731
RESERVED
CVE-2021-23730
@@ -53667,7 +53667,7 @@ CVE-2021-23675
CVE-2021-23674
RESERVED
CVE-2021-23673 (This affects all versions of package pekeupload. If an
attacker induce ...)
- TODO: check
+ NOT-FOR-US: Node pekeupload
CVE-2021-23672
RESERVED
CVE-2021-23671
@@ -53705,7 +53705,7 @@ CVE-2021-23656
CVE-2021-23655
RESERVED
CVE-2021-23654 (This affects all versions of package html-to-csv. When there
is a form ...)
- TODO: check
+ NOT-FOR-US: html-to-csv
CVE-2021-23653
RESERVED
CVE-2021-23652
@@ -61959,13 +61959,13 @@ CVE-2021-20850 (PowerCMS XMLRPC API of PowerCMS 5.19
and earlier, PowerCMS 4.49
CVE-2021-20849
RESERVED
CVE-2021-20848 (Cross-site scripting vulnerability in rwtxt versions prior to
v1.8.6 a ...)
- TODO: check
+ NOT-FOR-US: rwtxt
CVE-2021-20847
RESERVED
CVE-2021-20846 (Cross-site request forgery (CSRF) vulnerability in Push
Notifications ...)
NOT-FOR-US: WordPress plugin
CVE-2021-20845 (Cross-site request forgery (CSRF) vulnerability in Unlimited
Sitemap G ...)
- TODO: check
+ NOT-FOR-US: Unlimited Sitemap Generator
CVE-2021-20844 (Improper neutralization of HTTP request headers for scripting
syntax v ...)
NOT-FOR-US: RTX830
CVE-2021-20843 (Cross-site script inclusion vulnerability in the Web GUI of
RTX830 Rev ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dbe066bd061a424620950bb766f049d5dd6f4a6d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dbe066bd061a424620950bb766f049d5dd6f4a6d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
