Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 9b8d1a56 by Salvatore Bonaccorso at 2021-02-25T21:37:22+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -133,9 +133,9 @@ CVE-2021-27673 CVE-2021-27672 RESERVED CVE-2021-27671 (An issue was discovered in the comrak crate before 0.9.1 for Rust. XSS ...) - TODO: check + NOT-FOR-US: comrak rust crate CVE-2021-27670 (Appspace 6.2.4 allows SSRF via the api/v1/core/proxy/jsonprequest url ...) - TODO: check + NOT-FOR-US: Appspace CVE-2021-27669 RESERVED CVE-2021-27668 @@ -871,7 +871,7 @@ CVE-2021-27332 CVE-2021-27331 RESERVED CVE-2021-27330 (Triconsole Datepicker Calendar <3.77 is affected by cross-site scri ...) - TODO: check + NOT-FOR-US: Triconsole Datepicker Calendar CVE-2021-27329 (Friendica 2021.01 allows SSRF via parse_url?binurl= for DNS lookups or ...) NOT-FOR-US: Friendica CVE-2021-27328 (Yeastar NeoGate TG400 91.3.0.3 devices are affected by Directory Trave ...) @@ -4342,7 +4342,7 @@ CVE-2021-3275 CVE-2021-3274 RESERVED CVE-2021-3273 (Nagios XI below 5.7 is affected by code injection in the /nagiosxi/adm ...) - TODO: check + NOT-FOR-US: Nagios XI CVE-2021-3272 (jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-b ...) - jasper <removed> NOTE: https://github.com/jasper-software/jasper/issues/259 @@ -16309,11 +16309,11 @@ CVE-2021-21068 CVE-2021-21067 RESERVED CVE-2021-21066 (Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bound ...) - TODO: check + NOT-FOR-US: Adobe CVE-2021-21065 (Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bound ...) - TODO: check + NOT-FOR-US: Adobe CVE-2021-21064 (Magento UPWARD-php version 1.1.4 (and earlier) is affected by a Path t ...) - TODO: check + NOT-FOR-US: Magento CVE-2021-21063 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...) NOT-FOR-US: Adobe CVE-2021-21062 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...) @@ -24304,7 +24304,7 @@ CVE-2021-1452 CVE-2021-1451 RESERVED CVE-2021-1450 (A vulnerability in the interprocess communication (IPC) channel of Cis ...) - TODO: check + NOT-FOR-US: Cisco CVE-2021-1449 RESERVED CVE-2021-1448 @@ -24412,13 +24412,13 @@ CVE-2021-1398 CVE-2021-1397 RESERVED CVE-2021-1396 (Multiple vulnerabilities in Cisco Application Services Engine could al ...) - TODO: check + NOT-FOR-US: Cisco CVE-2021-1395 RESERVED CVE-2021-1394 RESERVED CVE-2021-1393 (Multiple vulnerabilities in Cisco Application Services Engine could al ...) - TODO: check + NOT-FOR-US: Cisco CVE-2021-1392 RESERVED CVE-2021-1391 @@ -24428,9 +24428,9 @@ CVE-2021-1390 CVE-2021-1389 (A vulnerability in the IPv6 traffic processing of Cisco IOS XR Softwar ...) NOT-FOR-US: Cisco CVE-2021-1388 (A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrato ...) - TODO: check + NOT-FOR-US: Cisco CVE-2021-1387 (A vulnerability in the network stack of Cisco NX-OS Software could all ...) - TODO: check + NOT-FOR-US: Cisco CVE-2021-1386 RESERVED CVE-2021-1385 @@ -24468,9 +24468,9 @@ CVE-2021-1370 (A vulnerability in a CLI command of Cisco IOS XR Software for the CVE-2021-1369 RESERVED CVE-2021-1368 (A vulnerability in the Unidirectional Link Detection (UDLD) feature of ...) - TODO: check + NOT-FOR-US: Cisco CVE-2021-1367 (A vulnerability in the Protocol Independent Multicast (PIM) feature of ...) - TODO: check + NOT-FOR-US: Cisco CVE-2021-1366 (A vulnerability in the interprocess communication (IPC) channel of Cis ...) NOT-FOR-US: Cisco CVE-2021-1365 @@ -24482,7 +24482,7 @@ CVE-2021-1363 CVE-2021-1362 RESERVED CVE-2021-1361 (A vulnerability in the implementation of an internal file management s ...) - TODO: check + NOT-FOR-US: Cisco CVE-2021-1360 (Multiple vulnerabilities in the web-based management interface of Cisc ...) NOT-FOR-US: Cisco CVE-2021-1359 @@ -24742,15 +24742,15 @@ CVE-2021-1233 (A vulnerability in the CLI of Cisco SD-WAN Software could allow a CVE-2021-1232 RESERVED CVE-2021-1231 (A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus ...) - TODO: check + NOT-FOR-US: Cisco CVE-2021-1230 (A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus ...) - TODO: check + NOT-FOR-US: Cisco CVE-2021-1229 (A vulnerability in ICMP Version 6 (ICMPv6) processing in Cisco NX-OS S ...) - TODO: check + NOT-FOR-US: Cisco CVE-2021-1228 (A vulnerability in the fabric infrastructure VLAN connection establish ...) - TODO: check + NOT-FOR-US: Cisco CVE-2021-1227 (A vulnerability in the NX-API feature of Cisco NX-OS Software could al ...) - TODO: check + NOT-FOR-US: Cisco CVE-2021-1226 (A vulnerability in the audit logging component of Cisco Unified Commun ...) NOT-FOR-US: Cisco CVE-2021-1225 (Multiple vulnerabilities in the web-based management interface of Cisc ...) @@ -39030,7 +39030,7 @@ CVE-2020-23536 CVE-2020-23535 RESERVED CVE-2020-23534 (A server-side request forgery (SSRF) vulnerability in Upgrade.php of g ...) - TODO: check + NOT-FOR-US: gopeak masterlab CVE-2020-23533 RESERVED CVE-2020-23532 @@ -74738,7 +74738,7 @@ CVE-2020-8903 (A vulnerability in Google Cloud Platform's guest-oslogin versions NOTE: https://cloud.google.com/compute/docs/security-bulletins#2020619 NOTE: https://github.com/GoogleCloudPlatform/guest-oslogin/pull/29 CVE-2020-8902 (Rendertron versions prior to 3.0.0 are are susceptible to a Server-Sid ...) - TODO: check + NOT-FOR-US: Rendertron CVE-2020-8901 RESERVED CVE-2020-8900 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b8d1a56b4a3d8ecece5cbb17ecc2f12823efdd4 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b8d1a56b4a3d8ecece5cbb17ecc2f12823efdd4 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits