Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: d12733ea by security tracker role at 2021-11-20T08:10:10+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,81 @@ +CVE-2021-44076 + RESERVED +CVE-2021-44075 + RESERVED +CVE-2021-44074 + RESERVED +CVE-2021-44073 + RESERVED +CVE-2021-44072 + RESERVED +CVE-2021-44071 + RESERVED +CVE-2021-44070 + RESERVED +CVE-2021-44069 + RESERVED +CVE-2021-44068 + RESERVED +CVE-2021-44067 + RESERVED +CVE-2021-44066 + RESERVED +CVE-2021-44065 + RESERVED +CVE-2021-44064 + RESERVED +CVE-2021-44063 + RESERVED +CVE-2021-44062 + RESERVED +CVE-2021-44061 + RESERVED +CVE-2021-44060 + RESERVED +CVE-2021-44059 + RESERVED +CVE-2021-44058 + RESERVED +CVE-2021-44057 + RESERVED +CVE-2021-44056 + RESERVED +CVE-2021-44055 + RESERVED +CVE-2021-44054 + RESERVED +CVE-2021-44053 + RESERVED +CVE-2021-44052 + RESERVED +CVE-2021-44051 + RESERVED +CVE-2021-44050 + RESERVED +CVE-2021-44049 + RESERVED +CVE-2021-44048 + RESERVED +CVE-2021-44047 + RESERVED +CVE-2021-44046 + RESERVED +CVE-2021-44045 + RESERVED +CVE-2021-44044 + RESERVED +CVE-2021-44043 + RESERVED +CVE-2021-44042 + RESERVED +CVE-2021-44041 + RESERVED +CVE-2021-3985 + RESERVED +CVE-2021-3984 + RESERVED +CVE-2021-3983 + RESERVED CVE-2022-21742 RESERVED CVE-2021-44040 @@ -9723,8 +9801,8 @@ CVE-2021-41282 RESERVED CVE-2021-41281 RESERVED -CVE-2021-41280 - RESERVED +CVE-2021-41280 (Sharetribe Go is a source available marketplace software. In affected ...) + TODO: check CVE-2021-41279 RESERVED CVE-2021-41278 (Functions SDK for EdgeX is meant to provide all the plumbing necessary ...) @@ -14749,8 +14827,8 @@ CVE-2021-39200 (WordPress is a free and open-source content management system wr NOTE: https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-m9hc-7v5q-x8q5 CVE-2021-39199 (remark-html is an open source nodejs library which compiles Markdown t ...) NOT-FOR-US: Node remark-html -CVE-2021-39198 - RESERVED +CVE-2021-39198 (OroCRM is an open source Client Relationship Management (CRM) applicat ...) + TODO: check CVE-2021-39197 (better_errors is an open source replacement for the standard Rails err ...) - ruby-better-errors <itp> (bug #739168) CVE-2021-39196 (pcapture is an open source dumpcap web service interface . In affected ...) @@ -15888,8 +15966,8 @@ CVE-2021-38683 RESERVED CVE-2021-38682 RESERVED -CVE-2021-38681 - RESERVED +CVE-2021-38681 (A reflected cross-site scripting (XSS) vulnerability has been reported ...) + TODO: check CVE-2021-38680 RESERVED CVE-2021-38679 @@ -21580,8 +21658,8 @@ CVE-2021-36342 RESERVED CVE-2021-36341 RESERVED -CVE-2021-36340 - RESERVED +CVE-2021-36340 (Dell EMC SCG 5.00.00.10 and earlier, contain a sensitive information d ...) + TODO: check CVE-2021-36339 RESERVED CVE-2021-36338 @@ -21616,14 +21694,14 @@ CVE-2021-36324 (Dell BIOS contains an improper input validation vulnerability. A NOT-FOR-US: Dell CVE-2021-36323 (Dell BIOS contains an improper input validation vulnerability. A local ...) NOT-FOR-US: Dell -CVE-2021-36322 - RESERVED -CVE-2021-36321 - RESERVED -CVE-2021-36320 - RESERVED -CVE-2021-36319 - RESERVED +CVE-2021-36322 (Dell Networking X-Series firmware versions prior to 3.0.1.8 contain a ...) + TODO: check +CVE-2021-36321 (Dell Networking X-Series firmware versions prior to 3.0.1.8 contain an ...) + TODO: check +CVE-2021-36320 (Dell Networking X-Series firmware versions prior to 3.0.1.8 contain an ...) + TODO: check +CVE-2021-36319 (Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain ...) + TODO: check CVE-2021-36318 RESERVED CVE-2021-36317 @@ -21640,16 +21718,16 @@ CVE-2021-36312 RESERVED CVE-2021-36311 RESERVED -CVE-2021-36310 - RESERVED +CVE-2021-36310 (Dell Networking OS10, versions 10.4.3.x, 10.5.0.x, 10.5.1.x & 10.5 ...) + TODO: check CVE-2021-36309 (Dell Enterprise SONiC OS, versions 3.3.0 and earlier, contains a sensi ...) NOT-FOR-US: Dell -CVE-2021-36308 - RESERVED -CVE-2021-36307 - RESERVED -CVE-2021-36306 - RESERVED +CVE-2021-36308 (Networking OS10, versions prior to October 2021 with Smart Fabric Serv ...) + TODO: check +CVE-2021-36307 (Networking OS10, versions prior to October 2021 with RESTCONF API enab ...) + TODO: check +CVE-2021-36306 (Networking OS10, versions prior to October 2021 with RESTCONF API enab ...) + TODO: check CVE-2021-36305 (Dell PowerScale OneFS contains an Unsynchronized Access to Shared Data ...) NOT-FOR-US: Dell CVE-2021-36304 @@ -26273,8 +26351,8 @@ CVE-2021-34360 RESERVED CVE-2021-34359 RESERVED -CVE-2021-34358 - RESERVED +CVE-2021-34358 (We have already fixed this vulnerability in the following versions of ...) + TODO: check CVE-2021-34357 (A cross-site scripting (XSS) vulnerability has been reported to affect ...) NOT-FOR-US: QNAP CVE-2021-34356 (A cross-site scripting (XSS) vulnerability has been reported to affect ...) @@ -53453,8 +53531,8 @@ CVE-2021-23434 (This affects the package object-path before 0.11.6. A type confu [stretch] - node-object-path <end-of-life> (Nodejs in stretch not covered by security support) NOTE: https://snyk.io/vuln/SNYK-JS-OBJECTPATH-1569453 NOTE: https://github.com/mariocasciaro/object-path/commit/7bdf4abefd102d16c163d633e8994ef154cab9eb -CVE-2021-23433 - RESERVED +CVE-2021-23433 (The package algoliasearch-helper before 3.6.2 are vulnerable to Protot ...) + TODO: check CVE-2021-23432 (This affects all versions of package mootools. This is due to the abil ...) NOT-FOR-US: Node mootools CVE-2021-23431 (The package joplin before 2.3.2 are vulnerable to Cross-site Request F ...) @@ -56758,7 +56836,7 @@ CVE-2021-21998 (VMware Carbon Black App Control 8.0, 8.1, 8.5 prior to 8.5.8, an CVE-2021-21997 (VMware Tools for Windows (11.x.y prior to 11.3.0) contains a denial-of ...) NOT-FOR-US: VMware CVE-2021-21996 (An issue was discovered in SaltStack Salt before 3003.3. A user who ha ...) - {DSA-5011-1} + {DSA-5011-1 DLA-2823-1} - salt 3002.7+dfsg1-1 (bug #994016) NOTE: https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/ NOTE: Fixed by https://github.com/saltstack/salt/commit/0b75ba190fda9c04cc026ad1aa4a6d572f40349b View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d12733ea07092430d688953584928a3ffa6435ea -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d12733ea07092430d688953584928a3ffa6435ea You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits