diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2021-04-30 13:00:16 +0200 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2021-04-30 13:00:16 +0200 |
| commit | fc6157cc8392c38c527a08ceb1676aeef852e565 (patch) | |
| tree | 59a48733c7d0179afdbf540d22f022a476198f85 /data | |
| parent | c85c1f55c998b1ea2a4b803f23f5764c6f3ed6fb (diff) | |
new babel issue
NFUs
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 25 |
1 files changed, 15 insertions, 10 deletions
diff --git a/data/CVE/list b/data/CVE/list index 8dbf214f69..30f009a8bb 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -5,7 +5,7 @@ CVE-2021-31921 CVE-2021-31920 RESERVED CVE-2021-31919 (An issue was discovered in the rkyv crate before 0.6.0 for Rust. When ...) - TODO: check + NOT-FOR-US: Rust crate rkyv CVE-2021-31918 RESERVED NOT-FOR-US: tripleo-ansible @@ -3752,9 +3752,9 @@ CVE-2021-30221 CVE-2021-30220 RESERVED CVE-2021-30219 (samurai 1.2 has a NULL pointer dereference in printstatus() function i ...) - TODO: check + NOT-FOR-US: samurai CVE-2021-30218 (samurai 1.2 has a NULL pointer dereference in writefile() in util.c vi ...) - TODO: check + NOT-FOR-US: samurai CVE-2021-30217 RESERVED CVE-2021-30216 @@ -5472,7 +5472,7 @@ CVE-2021-29486 CVE-2021-29485 RESERVED CVE-2021-29484 (Ghost is a Node.js CMS. An unused endpoint added during the developmen ...) - TODO: check + NOT-FOR-US: Ghost CMS CVE-2021-29483 (ManageWiki is an extension to the MediaWiki project. The 'wikiconfig' ...) NOT-FOR-US: ManageWiki MediaWiki extension CVE-2021-29482 (xz is a compression and decompression library focusing on the xz forma ...) @@ -5854,7 +5854,7 @@ CVE-2021-29352 CVE-2021-29351 RESERVED CVE-2021-29350 (SQL injection in the getip function in conn/function.php in 发&# ...) - TODO: check + NOT-FOR-US: Online video course CVE-2021-29349 (Mahara 20.10 is affected by Cross Site Request Forgery (CSRF) that all ...) - mahara <removed> CVE-2021-29348 @@ -25360,7 +25360,7 @@ CVE-2021-21390 (MinIO is an open-source high performance object storage service CVE-2021-21389 (BuddyPress is an open source WordPress plugin to build a community sit ...) NOT-FOR-US: BuddyPress WordPress plugin CVE-2021-21388 (systeminformation is an open source system and OS information library ...) - TODO: check + NOT-FOR-US: Node systeminformation CVE-2021-21387 (Wrongthink peer-to-peer, end-to-end encrypted messenger with PeerJS an ...) NOT-FOR-US: Wrongthink CVE-2021-21386 (APKLeaks is an open-source project for scanning APK file for URIs, end ...) @@ -28906,7 +28906,8 @@ CVE-2021-20097 CVE-2021-20096 RESERVED CVE-2021-20095 (Relative Path Traversal in Babel 2.9.0 allows an attacker to load arbi ...) - TODO: check + - python-babel <unfixed> + NOTE: https://www.tenable.com/security/research/tra-2021-14 CVE-2021-20094 RESERVED CVE-2021-20093 @@ -48902,7 +48903,7 @@ CVE-2020-23922 (An issue was discovered in giflib through 5.1.4. DumpScreen2RGB [stretch] - giflib <no-dsa> (Minor issue) NOTE: https://sourceforge.net/p/giflib/bugs/151/ CVE-2020-23921 (An issue was discovered in fast_ber through v0.4. yy::yylex() in asn_c ...) - TODO: check + NOT-FOR-US: fast_ber CVE-2020-23920 RESERVED CVE-2020-23919 @@ -48914,9 +48915,13 @@ CVE-2020-23917 CVE-2020-23916 RESERVED CVE-2020-23915 (An issue was discovered in cpp-peglib through v0.1.12. peg::resolve_es ...) - TODO: check + TODO: retroarch and salmon embed peglib, check if it's actually a security issue + NOTE: https://github.com/yhirose/cpp-peglib/commit/b3b29ce8f3acf3a32733d930105a17d7b0ba347e + NOTE: https://github.com/yhirose/cpp-peglib/issues/122 CVE-2020-23914 (An issue was discovered in cpp-peglib through v0.1.12. A NULL pointer ...) - TODO: check + TODO: retroarch and salmon embed peglib, check if it's actually a security issue + NOTE: https://github.com/yhirose/cpp-peglib/commit/0061f393de54cf0326621c079dc2988336d1ebb3 + NOTE: https://github.com/yhirose/cpp-peglib/issues/121 CVE-2020-23913 RESERVED CVE-2020-23912 (An issue was discovered in Bento4 through v1.6.0-637. A NULL pointer d ...) |