[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sat, 20 Nov 2021 00:10:32 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d12733ea by security tracker role at 2021-11-20T08:10:10+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,81 @@
+CVE-2021-44076
+       RESERVED
+CVE-2021-44075
+       RESERVED
+CVE-2021-44074
+       RESERVED
+CVE-2021-44073
+       RESERVED
+CVE-2021-44072
+       RESERVED
+CVE-2021-44071
+       RESERVED
+CVE-2021-44070
+       RESERVED
+CVE-2021-44069
+       RESERVED
+CVE-2021-44068
+       RESERVED
+CVE-2021-44067
+       RESERVED
+CVE-2021-44066
+       RESERVED
+CVE-2021-44065
+       RESERVED
+CVE-2021-44064
+       RESERVED
+CVE-2021-44063
+       RESERVED
+CVE-2021-44062
+       RESERVED
+CVE-2021-44061
+       RESERVED
+CVE-2021-44060
+       RESERVED
+CVE-2021-44059
+       RESERVED
+CVE-2021-44058
+       RESERVED
+CVE-2021-44057
+       RESERVED
+CVE-2021-44056
+       RESERVED
+CVE-2021-44055
+       RESERVED
+CVE-2021-44054
+       RESERVED
+CVE-2021-44053
+       RESERVED
+CVE-2021-44052
+       RESERVED
+CVE-2021-44051
+       RESERVED
+CVE-2021-44050
+       RESERVED
+CVE-2021-44049
+       RESERVED
+CVE-2021-44048
+       RESERVED
+CVE-2021-44047
+       RESERVED
+CVE-2021-44046
+       RESERVED
+CVE-2021-44045
+       RESERVED
+CVE-2021-44044
+       RESERVED
+CVE-2021-44043
+       RESERVED
+CVE-2021-44042
+       RESERVED
+CVE-2021-44041
+       RESERVED
+CVE-2021-3985
+       RESERVED
+CVE-2021-3984
+       RESERVED
+CVE-2021-3983
+       RESERVED
 CVE-2022-21742
        RESERVED
 CVE-2021-44040
@@ -9723,8 +9801,8 @@ CVE-2021-41282
        RESERVED
 CVE-2021-41281
        RESERVED
-CVE-2021-41280
-       RESERVED
+CVE-2021-41280 (Sharetribe Go is a source available marketplace software. In 
affected  ...)
+       TODO: check
 CVE-2021-41279
        RESERVED
 CVE-2021-41278 (Functions SDK for EdgeX is meant to provide all the plumbing 
necessary ...)
@@ -14749,8 +14827,8 @@ CVE-2021-39200 (WordPress is a free and open-source 
content management system wr
        NOTE: 
https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-m9hc-7v5q-x8q5
 CVE-2021-39199 (remark-html is an open source nodejs library which compiles 
Markdown t ...)
        NOT-FOR-US: Node remark-html
-CVE-2021-39198
-       RESERVED
+CVE-2021-39198 (OroCRM is an open source Client Relationship Management (CRM) 
applicat ...)
+       TODO: check
 CVE-2021-39197 (better_errors is an open source replacement for the standard 
Rails err ...)
        - ruby-better-errors <itp> (bug #739168)
 CVE-2021-39196 (pcapture is an open source dumpcap web service interface . In 
affected ...)
@@ -15888,8 +15966,8 @@ CVE-2021-38683
        RESERVED
 CVE-2021-38682
        RESERVED
-CVE-2021-38681
-       RESERVED
+CVE-2021-38681 (A reflected cross-site scripting (XSS) vulnerability has been 
reported ...)
+       TODO: check
 CVE-2021-38680
        RESERVED
 CVE-2021-38679
@@ -21580,8 +21658,8 @@ CVE-2021-36342
        RESERVED
 CVE-2021-36341
        RESERVED
-CVE-2021-36340
-       RESERVED
+CVE-2021-36340 (Dell EMC SCG 5.00.00.10 and earlier, contain a sensitive 
information d ...)
+       TODO: check
 CVE-2021-36339
        RESERVED
 CVE-2021-36338
@@ -21616,14 +21694,14 @@ CVE-2021-36324 (Dell BIOS contains an improper input 
validation vulnerability. A
        NOT-FOR-US: Dell
 CVE-2021-36323 (Dell BIOS contains an improper input validation vulnerability. 
A local ...)
        NOT-FOR-US: Dell
-CVE-2021-36322
-       RESERVED
-CVE-2021-36321
-       RESERVED
-CVE-2021-36320
-       RESERVED
-CVE-2021-36319
-       RESERVED
+CVE-2021-36322 (Dell Networking X-Series firmware versions prior to 3.0.1.8 
contain a  ...)
+       TODO: check
+CVE-2021-36321 (Dell Networking X-Series firmware versions prior to 3.0.1.8 
contain an ...)
+       TODO: check
+CVE-2021-36320 (Dell Networking X-Series firmware versions prior to 3.0.1.8 
contain an ...)
+       TODO: check
+CVE-2021-36319 (Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x 
contain  ...)
+       TODO: check
 CVE-2021-36318
        RESERVED
 CVE-2021-36317
@@ -21640,16 +21718,16 @@ CVE-2021-36312
        RESERVED
 CVE-2021-36311
        RESERVED
-CVE-2021-36310
-       RESERVED
+CVE-2021-36310 (Dell Networking OS10, versions 10.4.3.x, 10.5.0.x, 10.5.1.x 
&amp; 10.5 ...)
+       TODO: check
 CVE-2021-36309 (Dell Enterprise SONiC OS, versions 3.3.0 and earlier, contains 
a sensi ...)
        NOT-FOR-US: Dell
-CVE-2021-36308
-       RESERVED
-CVE-2021-36307
-       RESERVED
-CVE-2021-36306
-       RESERVED
+CVE-2021-36308 (Networking OS10, versions prior to October 2021 with Smart 
Fabric Serv ...)
+       TODO: check
+CVE-2021-36307 (Networking OS10, versions prior to October 2021 with RESTCONF 
API enab ...)
+       TODO: check
+CVE-2021-36306 (Networking OS10, versions prior to October 2021 with RESTCONF 
API enab ...)
+       TODO: check
 CVE-2021-36305 (Dell PowerScale OneFS contains an Unsynchronized Access to 
Shared Data ...)
        NOT-FOR-US: Dell
 CVE-2021-36304
@@ -26273,8 +26351,8 @@ CVE-2021-34360
        RESERVED
 CVE-2021-34359
        RESERVED
-CVE-2021-34358
-       RESERVED
+CVE-2021-34358 (We have already fixed this vulnerability in the following 
versions of  ...)
+       TODO: check
 CVE-2021-34357 (A cross-site scripting (XSS) vulnerability has been reported 
to affect ...)
        NOT-FOR-US: QNAP
 CVE-2021-34356 (A cross-site scripting (XSS) vulnerability has been reported 
to affect ...)
@@ -53453,8 +53531,8 @@ CVE-2021-23434 (This affects the package object-path 
before 0.11.6. A type confu
        [stretch] - node-object-path <end-of-life> (Nodejs in stretch not 
covered by security support)
        NOTE: https://snyk.io/vuln/SNYK-JS-OBJECTPATH-1569453
        NOTE: 
https://github.com/mariocasciaro/object-path/commit/7bdf4abefd102d16c163d633e8994ef154cab9eb
-CVE-2021-23433
-       RESERVED
+CVE-2021-23433 (The package algoliasearch-helper before 3.6.2 are vulnerable 
to Protot ...)
+       TODO: check
 CVE-2021-23432 (This affects all versions of package mootools. This is due to 
the abil ...)
        NOT-FOR-US: Node mootools
 CVE-2021-23431 (The package joplin before 2.3.2 are vulnerable to Cross-site 
Request F ...)
@@ -56758,7 +56836,7 @@ CVE-2021-21998 (VMware Carbon Black App Control 8.0, 
8.1, 8.5 prior to 8.5.8, an
 CVE-2021-21997 (VMware Tools for Windows (11.x.y prior to 11.3.0) contains a 
denial-of ...)
        NOT-FOR-US: VMware
 CVE-2021-21996 (An issue was discovered in SaltStack Salt before 3003.3. A 
user who ha ...)
-       {DSA-5011-1}
+       {DSA-5011-1 DLA-2823-1}
        - salt 3002.7+dfsg1-1 (bug #994016)
        NOTE: 
https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/
        NOTE: Fixed by 
https://github.com/saltstack/salt/commit/0b75ba190fda9c04cc026ad1aa4a6d572f40349b



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d12733ea07092430d688953584928a3ffa6435ea

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d12733ea07092430d688953584928a3ffa6435ea
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to