Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
51436461 by security tracker role at 2021-09-24T08:10:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,31 @@
+CVE-2021-41585
+ RESERVED
+CVE-2021-41584 (Gradle Enterprise before 2021.1.3 can allow unauthorized
viewing of a ...)
+ TODO: check
+CVE-2021-41583 (vpn-user-portal (aka eduVPN or Let's Connect!) before 2.3.14,
as packa ...)
+ TODO: check
+CVE-2021-41582
+ RESERVED
+CVE-2021-41581 (x509_constraints_parse_mailbox in
lib/libcrypto/x509/x509_constraints. ...)
+ TODO: check
+CVE-2021-41580
+ RESERVED
+CVE-2021-41579
+ RESERVED
+CVE-2021-41578
+ RESERVED
+CVE-2021-41577
+ RESERVED
+CVE-2021-41576
+ RESERVED
+CVE-2021-41575
+ RESERVED
+CVE-2021-41574
+ RESERVED
+CVE-2021-41573
+ RESERVED
+CVE-2021-3827
+ RESERVED
CVE-2021-41572
RESERVED
CVE-2021-41571
@@ -1029,8 +1057,8 @@ CVE-2021-41090
RESERVED
CVE-2021-41089
RESERVED
-CVE-2021-41088
- RESERVED
+CVE-2021-41088 (Elvish is a programming language and interactive shell,
combined into ...)
+ TODO: check
CVE-2021-41087 (in-toto-golang is a go implementation of the in-toto framework
to prot ...)
TODO: check
CVE-2021-41086 (jsuites is an open source collection of common required
javascript web ...)
@@ -22670,8 +22698,8 @@ CVE-2021-31924 (Yubico pam-u2f before 1.1.1 has a logic
issue that, depending on
NOTE:
https://github.com/Yubico/pam-u2f/commit/6059b057dd9b6d0164fc16f9422c0d728f902bb5
(pam_u2f-1.1.1)
NOTE: https://github.com/Yubico/pam-u2f/issues/175
NOTE: Support for PIN verification introduced in 1.1.0.
-CVE-2021-31923
- RESERVED
+CVE-2021-31923 (Ping Identity PingAccess before 5.3.3 allows HTTP request
smuggling vi ...)
+ TODO: check
CVE-2021-31922 (An HTTP Request Smuggling vulnerability in Pulse Secure
Virtual Traffi ...)
NOT-FOR-US: Pulse Secure
CVE-2021-3528 (A flaw was found in noobaa-operator in versions before 5.7.0,
where in ...)
@@ -82173,12 +82201,12 @@ CVE-2020-19953
RESERVED
CVE-2020-19952
RESERVED
-CVE-2020-19951
- RESERVED
-CVE-2020-19950
- RESERVED
-CVE-2020-19949
- RESERVED
+CVE-2020-19951 (A cross-site request forgery (CSRF) in
/controller/pay.class.php of Yz ...)
+ TODO: check
+CVE-2020-19950 (A cross-site scripting (XSS) vulnerability in the
/banner/add.html com ...)
+ TODO: check
+CVE-2020-19949 (A cross-site scripting (XSS) vulnerability in the
/link/add.html compo ...)
+ TODO: check
CVE-2020-19948
RESERVED
CVE-2020-19947
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/51436461a6834ef2b48513ed6b722a6832ec500b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/51436461a6834ef2b48513ed6b722a6832ec500b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
