Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2ebd8ce3 by Salvatore Bonaccorso at 2021-12-03T21:34:54+01:00
Process some NFUs
- - - - -
ad5ccfad by Salvatore Bonaccorso at 2021-12-03T21:34:56+01:00
Add CVE-2021-3980/elgg
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -451,17 +451,17 @@ CVE-2019-25053
CVE-2021-44353
RESERVED
CVE-2021-44352 (A Stack-based Buffer Overflow vlnerability exists in the Tenda
AC15 V1 ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2021-44351
RESERVED
CVE-2021-44350
RESERVED
CVE-2021-44349 (SQL Injection vulnerability exists in TuziCMS v2.0.6 via the
id parame ...)
- TODO: check
+ NOT-FOR-US: TuziCMS
CVE-2021-44348 (SQL Injection vulnerability exists in TuziCMS v2.0.6 via the
id parame ...)
- TODO: check
+ NOT-FOR-US: TuziCMS
CVE-2021-44347 (SQL Injection vulnerability exists in TuziCMS v2.0.6 in
App\Manage\Con ...)
- TODO: check
+ NOT-FOR-US: TuziCMS
CVE-2021-44346
RESERVED
CVE-2021-44345
@@ -599,7 +599,7 @@ CVE-2021-44280 (attendance management system 1.0 is
affected by a SQL injection
CVE-2021-44279 (Librenms 21.11.0 is affected by a Cross Site Scripting (XSS)
vulnerabi ...)
NOT-FOR-US: LibreNMS
CVE-2021-44278 (Librenms 21.11.0 is affected by a path manipulation
vulnerability in i ...)
- TODO: check
+ NOT-FOR-US: LibreNMS
CVE-2021-44277 (Librenms 21.11.0 is affected by a Cross Site Scripting (XSS)
vulnerabi ...)
NOT-FOR-US: LibreNMS
CVE-2021-44276
@@ -1212,7 +1212,7 @@ CVE-2021-4001 [race condition when the EBPF map is frozen]
[stretch] - linux <not-affected> (Vulnerable code introduced later)
NOTE:
https://git.kernel.org/linus/353050be4c19e102178ccc05988101887c25ae53
CVE-2021-4000 (showdoc is vulnerable to URL Redirection to Untrusted Site ...)
- TODO: check
+ NOT-FOR-US: showdoc
CVE-2021-3999
RESERVED
CVE-2021-3998
@@ -1352,7 +1352,7 @@ CVE-2021-3982 [Distributions using CAP_SYS_NICE in
gnome-shell may be exposed to
CVE-2021-3981
RESERVED
CVE-2021-3980 (elgg is vulnerable to Exposure of Private Personal Information
to an U ...)
- TODO: check
+ - elgg <itp> (bug #526197)
CVE-2021-3979
RESERVED
CVE-2021-44034
@@ -1463,7 +1463,7 @@ CVE-2021-43993
CVE-2021-43992
RESERVED
CVE-2021-43991 (The Kentico Xperience CMS version 13.0 – 13.0.43 is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: Kentico Xperience CMS
CVE-2021-43990
RESERVED
CVE-2021-43989
@@ -3168,9 +3168,9 @@ CVE-2021-43676 (matyhtf framework v3.0.5 is affected by a
path manipulation vuln
CVE-2021-43675
RESERVED
CVE-2021-43674 (** UNSUPPORTED WHEN ASSIGNED ** ThinkUp 2.0-beta.10 is
affected by a p ...)
- TODO: check
+ NOT-FOR-US: ThinkUp
CVE-2021-43673 (dzzoffice 2.02.1_SC_UTF8 is affected by a Cross Site Scripting
(XSS) v ...)
- TODO: check
+ NOT-FOR-US: dzzoffice
CVE-2021-43672
RESERVED
CVE-2021-43671
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4575aa25acca8fa53e69e22c9007bc272a139b29...ad5ccfad125c079188aedd995c2a2f7323e53948
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4575aa25acca8fa53e69e22c9007bc272a139b29...ad5ccfad125c079188aedd995c2a2f7323e53948
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
