Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 3b0a239a by Salvatore Bonaccorso at 2021-03-19T21:22:55+01:00 Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -580,7 +580,7 @@ CVE-2021-28669 CVE-2021-28668 RESERVED CVE-2021-28667 (StackStorm before 3.4.1, in some situations, has an infinite loop that ...) - TODO: check + NOT-FOR-US: StackStorm CVE-2021-28666 RESERVED CVE-2021-28665 @@ -3210,9 +3210,9 @@ CVE-2021-27522 CVE-2021-27521 RESERVED CVE-2021-27520 (A cross-site scripting (XSS) issue in FUDForum 3.1.0 allows remote att ...) - TODO: check + NOT-FOR-US: FUDForum CVE-2021-27519 (A cross-site scripting (XSS) issue in FUDForum 3.1.0 allows remote att ...) - TODO: check + NOT-FOR-US: FUDForum CVE-2021-27518 RESERVED CVE-2021-27517 @@ -3248,7 +3248,7 @@ CVE-2021-27508 CVE-2021-27507 RESERVED CVE-2021-27506 (In Stormshield Network Security (SNS) 1.0 through 4.2.0, the parsing o ...) - TODO: check + NOT-FOR-US: Stormshield Network Security (SNS) CVE-2021-27505 RESERVED CVE-2021-27504 @@ -7588,7 +7588,7 @@ CVE-2021-25766 (In JetBrains YouTrack before 2020.4.4701, improper resource acce CVE-2021-25765 (In JetBrains YouTrack before 2020.4.4701, CSRF via attachment upload w ...) NOT-FOR-US: JetBrains TeamCity CVE-2021-25764 (In JetBrains PhpStorm before 2020.3, source code could be added to deb ...) - TODO: check + NOT-FOR-US: JetBrains PhpStorm CVE-2021-25763 (In JetBrains Ktor before 1.4.2, weak cipher suites were enabled by def ...) NOT-FOR-US: JetBrains Ktor CVE-2021-25762 (In JetBrains Ktor before 1.4.3, HTTP Request Smuggling was possible. ...) @@ -8747,9 +8747,9 @@ CVE-2021-25280 CVE-2021-25279 RESERVED CVE-2021-25278 (FTAPI 4.0 through 4.10 allows XSS via an SVG document to the Backgroun ...) - TODO: check + NOT-FOR-US: FTAPI CVE-2021-25277 (FTAPI 4.0 - 4.10 allows XSS via a crafted filename to the alternative ...) - TODO: check + NOT-FOR-US: FTAPI CVE-2021-25276 (In SolarWinds Serv-U before 15.2.2 Hotfix 1, there is a directory cont ...) NOT-FOR-US: SolarWinds CVE-2021-25275 (SolarWinds Orion Platform before 2020.2.4, as used by various SolarWin ...) @@ -11136,7 +11136,7 @@ CVE-2021-3143 CVE-2021-3142 REJECTED CVE-2021-3141 (In Unisys Stealth (core) before 6.0.025.0, the Keycloak password is st ...) - TODO: check + NOT-FOR-US: Unisys CVE-2021-24121 RESERVED CVE-2021-24120 @@ -16838,7 +16838,7 @@ CVE-2020-36146 CVE-2020-36145 RESERVED CVE-2020-36144 (Redash 8.0.0 is affected by LDAP Injection. There is an authentication ...) - TODO: check + NOT-FOR-US: Redash CVE-2020-36143 RESERVED CVE-2020-36142 @@ -18272,7 +18272,7 @@ CVE-2021-21385 CVE-2021-21384 (shescape is a simple shell escape package for JavaScript. In shescape ...) TODO: check CVE-2021-21383 (Wiki.js an open-source wiki app built on Node.js. Wiki.js before versi ...) - TODO: check + NOT-FOR-US: Wiki.js CVE-2021-21382 RESERVED CVE-2021-21380 @@ -21606,7 +21606,7 @@ CVE-2021-20079 CVE-2021-20078 RESERVED CVE-2021-20077 (Nessus Agent versions 7.2.0 through 8.2.2 were found to inadvertently ...) - TODO: check + NOT-FOR-US: Nessus Agent CVE-2021-20076 (Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were fou ...) NOT-FOR-US: Tenable CVE-2021-20075 (Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for pr ...) @@ -34517,7 +34517,7 @@ CVE-2020-26888 CVE-2020-26887 (FRITZ!OS before 7.21 on FRITZ!Box devices allows a bypass of a DNS Reb ...) NOT-FOR-US: Fritz OS CVE-2020-26886 (Softaculous before 5.5.7 is affected by a code execution vulnerability ...) - TODO: check + NOT-FOR-US: Softaculous CVE-2020-26885 RESERVED CVE-2020-26884 (RSA Archer 6.8 through 6.8.0.3 and 6.9 contains a URL injection vulner ...) @@ -88962,7 +88962,7 @@ CVE-2020-4637 CVE-2020-4636 (IBM Resilient OnPrem 38.2 could allow a privileged user to inject mali ...) NOT-FOR-US: IBM CVE-2020-4635 (IBM Resilient SOAR 40 and earlier could disclose sensitive information ...) - TODO: check + NOT-FOR-US: IBM CVE-2020-4634 RESERVED CVE-2020-4633 (IBM Resilient SOAR V38.0 could allow a remote attacker to execute arbi ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b0a239aba79b20e022da87a3b2d569ab486ae06 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b0a239aba79b20e022da87a3b2d569ab486ae06 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits