Neil Williams pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
21dfe9df by Neil Williams at 2022-06-11T12:57:38+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3098,7 +3098,7 @@ CVE-2020-36525 (A vulnerability classified as problematic
has been found in Link
CVE-2020-36524 (A vulnerability was found in Refined Toolkit. It has been
rated as pro ...)
NOT-FOR-US: Atlassian
CVE-2020-36523 (A vulnerability was found in PlantUML 6.43. It has been
declared as pr ...)
- TODO: check
+ NOT-FOR-US: Atlassian PlantUML plugin
CVE-2022-31749
RESERVED
CVE-2022-31748
@@ -59539,7 +59539,7 @@ CVE-2021-37591
CVE-2021-37590
RESERVED
CVE-2021-37589 (Virtua Cobranca before 12R allows SQL Injection on the login
page. ...)
- TODO: check
+ NOT-FOR-US: Virtua Cobranca
CVE-2021-37588 (In Charm 0.43, any two users can collude to achieve the
ability to dec ...)
NOT-FOR-US: Charm
CVE-2021-37587 (In Charm 0.43, any single user can decrypt DAC-MACS or
MA-ABE-YJ14 dat ...)
@@ -67825,13 +67825,13 @@ CVE-2021-34085 (Read access violation in the
III_dequantize_sample function in m
NOTE: Vulnerable code removed in
https://sourceforge.net/p/mp3gain/code/ci/aea83203960fc6d3237b1ae38e8434ec8681b21a/
(v1.6.0)
NOTE:
https://drive.google.com/drive/folders/1epm65c4_iC0zE5V_leoet4Jyk1Prz2p5?usp=sharing
CVE-2021-34084 (OS command injection vulnerability in Turistforeningen
node-s3-uploade ...)
- TODO: check
+ NOT-FOR-US: Node s3-uploader
CVE-2021-34083 (Google-it is a Node.js package which allows its users to send
search q ...)
- TODO: check
+ NOT-FOR-US: Node google-it
CVE-2021-34082 (OS Command Injection vulnerability in allenhwkim proctree
through 0.1. ...)
- TODO: check
+ NOT-FOR-US: Node proctree
CVE-2021-34081 (OS Command Injection vulnerability in bbultman gitsome through
0.2.3 a ...)
- TODO: check
+ NOT-FOR-US: Node bbultman gitsome
CVE-2021-34080 (OS Command Injection vulnerability in es128 ssl-utils 1.0.0
for Node.j ...)
TODO: check
CVE-2021-34079 (OS Command injection vulnerability in Mintzo Docker-Tester
through 1.2 ...)
@@ -69885,7 +69885,7 @@ CVE-2021-33256 (** DISPUTED ** A CSV injection
vulnerability on the login panel
CVE-2021-33255
RESERVED
CVE-2021-33254 (An issue was discovered in src/http/httpLib.c in EmbedThis
Appweb Comm ...)
- TODO: check
+ NOT-FOR-US: AppWeb HTTP server
CVE-2021-33253
RESERVED
CVE-2021-33252
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21dfe9df1ad9609fcd63c757b67d8a12d224fc16
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21dfe9df1ad9609fcd63c757b67d8a12d224fc16
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
