Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1b5f175d by Moritz Muehlenhoff at 2022-07-06T19:56:16+02:00
hdf5 non issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -36231,17 +36231,20 @@ CVE-2021-46246
CVE-2021-46245
RESERVED
CVE-2021-46244 (A Divide By Zero vulnerability exists in HDF5 v1.13.1-1 vis
the functi ...)
- - hdf5 <undetermined>
+ - hdf5 <unfixed> (unimportant)
NOTE: https://github.com/HDFGroup/hdf5/issues/1327
NOTE: https://github.com/advisories/GHSA-vrxh-5gxg-rmhm
+ NOTE: Negligible security impact, malicous scientific data has more
issues than a crash...
CVE-2021-46243 (An untrusted pointer dereference vulnerability exists in HDF5
v1.13.1- ...)
- - hdf5 <undetermined>
+ - hdf5 <unfixed> (unimportant)
NOTE: https://github.com/HDFGroup/hdf5/issues/1326
NOTE: https://github.com/advisories/GHSA-2rqw-mg55-mp69
+ NOTE: Negligible security impact, malicous scientific data has more
issues than a crash...
CVE-2021-46242 (HDF5 v1.13.1-1 was discovered to contain a heap-use-after free
via the ...)
- - hdf5 <undetermined>
+ - hdf5 <unfixed> (unimportant)
NOTE: https://github.com/HDFGroup/hdf5/issues/1329
NOTE: https://github.com/advisories/GHSA-x9pw-hh7v-wjpf
+ NOTE: Negligible security impact, malicous scientific data has more
issues than a crash...
CVE-2021-46241
RESERVED
CVE-2021-46240 (A NULL pointer dereference vulnerability exists in GPAC v1.1.0
via the ...)
@@ -39339,26 +39342,30 @@ CVE-2021-45835 (The Online Admission System 1.0
allows an unauthenticated attack
CVE-2021-45834 (An attacker can upload or transfer files of dangerous types to
the Ope ...)
NOT-FOR-US: OpenDocMan
CVE-2021-45833 (A Stack-based Buffer Overflow Vulnerability exists in HDF5
1.13.1-1 vi ...)
- - hdf5 <undetermined>
+ - hdf5 <unfixed> (unimportant)
NOTE: https://github.com/HDFGroup/hdf5/issues/1313
NOTE: https://github.com/advisories/GHSA-x57p-jwp6-4v79
+ NOTE: Negligible security impact, malicous scientific data has more
issues than a crash...
CVE-2021-45832 (A Stack-based Buffer Overflow Vulnerability exists in HDF5
1.13.1-1 at ...)
- - hdf5 <undetermined>
+ - hdf5 <unfixed> (unimportant)
NOTE: https://github.com/HDFGroup/hdf5/issues/1315
NOTE: https://github.com/advisories/GHSA-hvh7-f5p9-68g8
+ NOTE: Negligible security impact, malicous scientific data has more
issues than a crash...
CVE-2021-45831 (A Null Pointer Dereference vulnerability exitgs in GPAC 1.0.1
in MP4Bo ...)
- gpac 2.0.0+dfsg1-2
[stretch] - gpac <end-of-life> (No longer supported in LTS)
NOTE: https://github.com/gpac/gpac/issues/1990
NOTE:
https://github.com/gpac/gpac/commit/4613a35362e15a6df90453bd632d083645e5a765
(v2.0.0)
CVE-2021-45830 (A heap-based buffer overflow vulnerability exists in HDF5
1.13.1-1 via ...)
- - hdf5 <undetermined>
+ - hdf5 <unfixed> (unimportant)
NOTE: https://github.com/HDFGroup/hdf5/issues/1314
NOTE: https://github.com/advisories/GHSA-5h2h-fjjr-x9m2
+ NOTE: Negligible security impact, malicous scientific data has more
issues than a crash...
CVE-2021-45829 (HDF5 1.13.1-1 is affected by: segmentation fault, which causes
a Denia ...)
- - hdf5 <undetermined>
+ - hdf5 <unfixed> (unimportant)
NOTE: https://github.com/HDFGroup/hdf5/issues/1317
NOTE: https://github.com/advisories/GHSA-23gx-cm6v-952g
+ NOTE: Negligible security impact, malicous scientific data has more
issues than a crash...
CVE-2021-45828
RESERVED
CVE-2021-45827
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b5f175d7ef0a72c2078f869c28b9f67f9f51dc9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b5f175d7ef0a72c2078f869c28b9f67f9f51dc9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
