Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: f94c2ac3 by Salvatore Bonaccorso at 2021-03-09T21:38:24+01:00 Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1156,23 +1156,23 @@ CVE-2021-27594 CVE-2021-27593 RESERVED CVE-2021-27592 (When a user opens manipulated Universal 3D (.U3D) files received from ...) - TODO: check + NOT-FOR-US: SAP CVE-2021-27591 (When a user opens manipulated Portable Document Format (.PDF) format f ...) - TODO: check + NOT-FOR-US: SAP CVE-2021-27590 (When a user opens manipulated Tag Image File Format (.TIFF) format fil ...) - TODO: check + NOT-FOR-US: SAP CVE-2021-27589 (When a user opens manipulated Scalable Vector Graphics (.SVG) format f ...) - TODO: check + NOT-FOR-US: SAP CVE-2021-27588 (When a user opens manipulated HPGL format files received from untruste ...) - TODO: check + NOT-FOR-US: SAP CVE-2021-27587 (When a user opens manipulated Jupiter Tessellation (.JT) format files ...) - TODO: check + NOT-FOR-US: SAP CVE-2021-27586 (When a user opens manipulated Interchange File Format (.IFF) format fi ...) - TODO: check + NOT-FOR-US: SAP CVE-2021-27585 (When a user opens manipulated Computer Graphics Metafile (.CGM) format ...) - TODO: check + NOT-FOR-US: SAP CVE-2021-27584 (When a user opens manipulated PhotoShop Document (.PSD) format files r ...) - TODO: check + NOT-FOR-US: SAP CVE-2021-27583 (** UNSUPPORTED WHEN ASSIGNED ** In Directus 8.x through 8.8.1, an atta ...) NOT-FOR-US: Directus CVE-2021-27582 (org/mitre/oauth2/web/OAuthConfirmationController.java in the OpenID Co ...) @@ -15547,7 +15547,7 @@ CVE-2019-25001 (An issue was discovered in the serde_cbor crate before 0.10.2 fo CVE-2018-25001 (An issue was discovered in the libpulse-binding crate before 2.5.0 for ...) NOT-FOR-US: libpulse-binding rust crate CVE-2021-21493 (When a user opens manipulated Graphics Interchange Format (.GIF) forma ...) - TODO: check + NOT-FOR-US: SAP CVE-2021-21492 RESERVED CVE-2021-21491 @@ -15559,21 +15559,21 @@ CVE-2021-21489 CVE-2021-21488 (Knowledge Management versions 7.01, 7.02, 7.30, 7.31, 7.40, 7.50 allow ...) TODO: check CVE-2021-21487 (SAP Payment Engine version 500, does not perform necessary authorizati ...) - TODO: check + NOT-FOR-US: SAP CVE-2021-21486 (SAP Enterprise Financial Services versions, 101, 102, 103, 104, 105, 6 ...) - TODO: check + NOT-FOR-US: SAP CVE-2021-21485 RESERVED CVE-2021-21484 (LDAP authentication in SAP HANA Database version 2.0 can be bypassed i ...) - TODO: check + NOT-FOR-US: SAP CVE-2021-21483 RESERVED CVE-2021-21482 RESERVED CVE-2021-21481 (The MigrationService, which is part of SAP NetWeaver versions 7.10, 7. ...) - TODO: check + NOT-FOR-US: SAP CVE-2021-21480 (SAP MII allows users to create dashboards and save them as JSP through ...) - TODO: check + NOT-FOR-US: SAP CVE-2021-21479 (In SCIMono before 0.0.19, it is possible for an attacker to inject and ...) NOT-FOR-US: SAP CVE-2021-21478 (SAP Web Dynpro ABAP allow an attacker to redirect users to a malicious ...) @@ -18783,7 +18783,7 @@ CVE-2021-20343 CVE-2021-20342 RESERVED CVE-2021-20341 (IBM Cloud Pak for Multicloud Management Monitoring 2.2 returns potenti ...) - TODO: check + NOT-FOR-US: IBM CVE-2021-20340 (IBM Engineering products are vulnerable to cross-site scripting. This ...) NOT-FOR-US: IBM CVE-2021-20339 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f94c2ac3777de6ac84a35ba72cab3cb57626d868 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f94c2ac3777de6ac84a35ba72cab3cb57626d868 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits