[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Fri, 10 Dec 2021 00:10:28 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
66a20405 by security tracker role at 2021-12-10T08:10:12+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,85 @@
+CVE-2022-21812
+       RESERVED
+CVE-2022-21804
+       RESERVED
+CVE-2022-21794
+       RESERVED
+CVE-2022-21793
+       RESERVED
+CVE-2022-21239
+       RESERVED
+CVE-2022-21229
+       RESERVED
+CVE-2022-21226
+       RESERVED
+CVE-2022-21206
+       RESERVED
+CVE-2022-21188
+       RESERVED
+CVE-2022-21185
+       RESERVED
+CVE-2022-21175
+       RESERVED
+CVE-2022-21171
+       RESERVED
+CVE-2022-21163
+       RESERVED
+CVE-2022-21162
+       RESERVED
+CVE-2022-21161
+       RESERVED
+CVE-2022-21156
+       RESERVED
+CVE-2022-21152
+       RESERVED
+CVE-2022-21150
+       RESERVED
+CVE-2022-21148
+       RESERVED
+CVE-2022-21135
+       RESERVED
+CVE-2021-44789
+       RESERVED
+CVE-2021-44788
+       RESERVED
+CVE-2021-44787
+       RESERVED
+CVE-2021-44786
+       RESERVED
+CVE-2021-44785
+       RESERVED
+CVE-2021-44784
+       RESERVED
+CVE-2021-44783
+       RESERVED
+CVE-2021-44782
+       RESERVED
+CVE-2021-44781
+       RESERVED
+CVE-2021-44780
+       RESERVED
+CVE-2021-44764
+       RESERVED
+CVE-2021-4089
+       RESERVED
+CVE-2021-37408
+       RESERVED
+CVE-2021-31565
+       RESERVED
+CVE-2021-26261
+       RESERVED
+CVE-2021-26255
+       RESERVED
+CVE-2021-23189
+       RESERVED
+CVE-2021-23175
+       RESERVED
+CVE-2021-23171
+       RESERVED
+CVE-2021-23170
+       RESERVED
+CVE-2021-23148
+       RESERVED
 CVE-2021-44759
        RESERVED
 CVE-2021-4088
@@ -713,8 +795,8 @@ CVE-2021-44516
        RESERVED
 CVE-2021-44515
        RESERVED
-CVE-2021-44514
-       RESERVED
+CVE-2021-44514 (ManageEngine's OpUtils 12.5.556 and prior allow access to a 
few audit  ...)
+       TODO: check
 CVE-2021-44513 (Insecure creation of temporary directories in tmate-ssh-server 
2.3.0 a ...)
        - tmate-ssh-server <unfixed> (bug #1001225)
        NOTE: Fixed by: 
https://github.com/tmate-io/tmate-ssh-server/commit/1c020d1f5ca462f5b150b46a027aaa1bbe3c9596
@@ -1079,8 +1161,8 @@ CVE-2021-44354
        RESERVED
 CVE-2021-4034
        RESERVED
-CVE-2021-4033
-       RESERVED
+CVE-2021-4033 (kimai2 is vulnerable to Cross-Site Request Forgery (CSRF) ...)
+       TODO: check
 CVE-2019-25053
        RESERVED
 CVE-2021-44353
@@ -2131,8 +2213,8 @@ CVE-2021-43984
        RESERVED
 CVE-2021-43983
        RESERVED
-CVE-2021-43982
-       RESERVED
+CVE-2021-43982 (Delta Electronics CNCSoft Versions 1.01.30 and prior are 
vulnerable to ...)
+       TODO: check
 CVE-2021-43981
        RESERVED
 CVE-2021-43980
@@ -2718,10 +2800,10 @@ CVE-2021-43805 (Solidus is a free, open-source 
ecommerce platform built on Rails
        NOT-FOR-US: Solidus
 CVE-2021-43804
        RESERVED
-CVE-2021-43803
-       RESERVED
-CVE-2021-43802
-       RESERVED
+CVE-2021-43803 (Next.js is a React framework. In versions of Next.js prior to 
12.0.5 o ...)
+       TODO: check
+CVE-2021-43802 (Etherpad is a real-time collaborative editor. In versions 
prior to 1.8 ...)
+       TODO: check
 CVE-2021-43801
        RESERVED
 CVE-2021-43800 (Wiki.js is a wiki app built on Node.js. Prior to version 
2.5.254, dire ...)
@@ -7074,7 +7156,7 @@ CVE-2021-42773 (Broadcom Emulex HBA Manager/One Command 
Manager versions before
 CVE-2021-42772 (Broadcom Emulex HBA Manager/One Command Manager versions 
before 11.4.4 ...)
        NOT-FOR-US: Broadcom Emulex HBA Manager/One Command Manager
 CVE-2021-42771 (Babel.Locale in Babel before 2.9.1 allows attackers to load 
arbitrary  ...)
-       {DLA-2790-1}
+       {DSA-5018-1 DLA-2790-1}
        - python-babel 2.8.0+dfsg.1-7 (bug #987824)
        NOTE: https://www.tenable.com/security/research/tra-2021-14
        NOTE: https://github.com/python-babel/babel/pull/782
@@ -20269,8 +20351,8 @@ CVE-2021-37863
        RESERVED
 CVE-2021-37862
        RESERVED
-CVE-2021-37861
-       RESERVED
+CVE-2021-37861 (Mattermost 6.0.2 and earlier fails to sufficiently sanitize 
user's pas ...)
+       TODO: check
 CVE-2021-37860 (Mattermost 5.38 and earlier fails to sufficiently sanitize 
clipboard c ...)
        - mattermost-server <itp> (bug #823556)
 CVE-2021-37859 (Fixed a bypass for a reflected cross-site scripting 
vulnerability affe ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/66a2040563840c6af7044c4a570e877e98dc8ed0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/66a2040563840c6af7044c4a570e877e98dc8ed0
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to