Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 48b13b60 by Salvatore Bonaccorso at 2021-02-22T21:18:01+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -3,7 +3,7 @@ CVE-2021-3414 CVE-2021-27565 RESERVED CVE-2021-27564 (A stored XSS issue exists in Appspace 6.2.4. After a user is authentic ...) - TODO: check + NOT-FOR-US: Appspace CVE-2021-27563 RESERVED CVE-2021-27562 @@ -13,7 +13,7 @@ CVE-2021-27561 CVE-2021-27560 RESERVED CVE-2021-27559 (The Contact page in Monica 2.19.1 allows stored XSS via the Nickname f ...) - TODO: check + NOT-FOR-US: Monica CVE-2021-27558 RESERVED CVE-2021-27557 @@ -429,13 +429,13 @@ CVE-2021-27373 CVE-2021-27372 RESERVED CVE-2021-27371 (The Contact page in Monica 2.19.1 allows stored XSS via the Descriptio ...) - TODO: check + NOT-FOR-US: Monica CVE-2021-27370 (The Contact page in Monica 2.19.1 allows stored XSS via the Last Name ...) - TODO: check + NOT-FOR-US: Monica CVE-2021-27369 (The Contact page in Monica 2.19.1 allows stored XSS via the Middle Nam ...) - TODO: check + NOT-FOR-US: Monica CVE-2021-27368 (The Contact page in Monica 2.19.1 allows stored XSS via the First Name ...) - TODO: check + NOT-FOR-US: Monica CVE-2021-27367 (Controller/Backend/FileEditController.php and Controller/Backend/Filem ...) NOT-FOR-US: Bolt CMS CVE-2021-27366 @@ -616,7 +616,7 @@ CVE-2021-27281 CVE-2021-27280 RESERVED CVE-2021-27279 (MyBB before 1.8.25 allows stored XSS via nested [email] tags with MyCo ...) - TODO: check + NOT-FOR-US: MyBB CVE-2021-27278 RESERVED CVE-2021-27277 @@ -722,7 +722,7 @@ CVE-2021-27229 (Mumble before 1.3.4 allows remote code execution if a victim nav NOTE: https://github.com/mumble-voip/mumble/commit/e59ee87abe249f345908c7d568f6879d16bfd648 NOTE: https://github.com/mumble-voip/mumble/pull/4733 CVE-2021-27228 (An issue was discovered in Shinobi through ocean version 1. lib/auth.j ...) - TODO: check + NOT-FOR-US: Shinobi CVE-2021-27227 RESERVED CVE-2021-27226 @@ -8601,7 +8601,7 @@ CVE-2021-3121 (An issue was discovered in GoGo Protobuf before 1.3.2. plugin/unm - golang-gogoprotobuf 1.3.2-1 NOTE: https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc CVE-2021-3120 (An arbitrary file upload vulnerability in the YITH WooCommerce Gift Ca ...) - TODO: check + NOT-FOR-US: YITH WooCommerce Gift Cards Premium plugin for WordPress CVE-2021-3119 RESERVED CVE-2021-3118 (** UNSUPPORTED WHEN ASSIGNED ** EVOLUCARE ECSIMAGING (aka ECS Imaging) ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48b13b60916fd3137cd8c96404a7b9a7cd556c4c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48b13b60916fd3137cd8c96404a7b9a7cd556c4c You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits