[Git][security-tracker-team/security-tracker][master] new squirrel3 issue

Fri, 29 Jul 2022 03:24:47 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
92419eaa by Moritz Muehlenhoff at 2022-07-29T12:24:01+02:00
new squirrel3 issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -60020,7 +60020,9 @@ CVE-2021-41558 (The set_user extension module before 
3.0.0 for PostgreSQL allows
 CVE-2021-41557 (Sofico Miles RIA 2020.2 Build 127964T is affected by Stored 
Cross Site ...)
        NOT-FOR-US: Sofico
 CVE-2021-41556 (sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 
allows an ou ...)
-       TODO: check
+       - squirrel3 <unfixed>
+       NOTE: 
https://github.com/albertodemichelis/squirrel/commit/23a0620658714b996d20da3d4dd1a0dcf9b0bd98
+       NOTE: https://blog.sonarsource.com/squirrel-vm-sandbox-escape/
 CVE-2021-41555 (** UNSUPPORTED WHEN ASSIGNED ** In ARCHIBUS Web Central 
21.3.3.815 (a  ...)
        NOT-FOR-US: ARCHIBUS Web Central
 CVE-2021-41554 (** UNSUPPORTED WHEN ASSIGNED ** ARCHIBUS Web Central 
21.3.3.815 (a ver ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92419eaa27830b7aa7537ec8897d0a4ab5d69393

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92419eaa27830b7aa7537ec8897d0a4ab5d69393
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to