diff options
author | security tracker role <sectracker@soriano.debian.org> | 2021-01-12 20:10:30 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2021-01-12 20:10:30 +0000 |
commit | 8df8aa880a2fc8f5af85c990ec07b98cd99c2319 (patch) | |
tree | af7dc53ac3aff76d92887a147adbcbed4d9ef0fc /data | |
parent | 9963a6a4ec94300138c893ccbf3ac46170a21686 (diff) |
automatic update
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/2017.list | 1 | ||||
-rw-r--r-- | data/CVE/2020.list | 80 | ||||
-rw-r--r-- | data/CVE/2021.list | 176 |
3 files changed, 162 insertions, 95 deletions
diff --git a/data/CVE/2017.list b/data/CVE/2017.list index 96dd8c0f7a..bde5db9fed 100644 --- a/data/CVE/2017.list +++ b/data/CVE/2017.list @@ -12690,6 +12690,7 @@ CVE-2017-14529 (The pe_print_idata function in peXXigen.c in the Binary File Des NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=4d465c689a8fb27212ef358d0aee89d60dee69a6 NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=dcaaca89e8618eba35193c27afcb1cfa54f74582 CVE-2017-14528 (The TIFFSetProfiles function in coders/tiff.c in ImageMagick 7.0.6 has ...) + {DLA-2523-1} [experimental] - imagemagick 8:6.9.10.2+dfsg-1 - imagemagick 8:6.9.10.2+dfsg-2 (bug #878544) [jessie] - imagemagick <not-affected> (Vulnerable code not present) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 7f9da4dd6a..2c70a277da 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -1170,12 +1170,12 @@ CVE-2020-35657 (Jaws through 1.8.0 allows remote authenticated administrators to NOT-FOR-US: Jaws CVE-2020-35656 (Jaws through 1.8.0 allows remote authenticated administrators to execu ...) NOT-FOR-US: Jaws -CVE-2020-35655 - RESERVED -CVE-2020-35654 - RESERVED -CVE-2020-35653 - RESERVED +CVE-2020-35655 (In Pillow before 8.1.0, SGIRleDecode has a 4-byte buffer over-read whe ...) + TODO: check +CVE-2020-35654 (In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow wh ...) + TODO: check +CVE-2020-35653 (In Pillow before 8.1.0, PcxDecode has a buffer over-read when decoding ...) + TODO: check CVE-2020-35652 [remote crash in res_pjsip_diversion] RESERVED - asterisk <unfixed> (bug #979372) @@ -1670,12 +1670,10 @@ CVE-2020-35461 RESERVED CVE-2020-35460 (common/InputStreamHelper.java in Packwood MPXJ before 8.3.5 allows dir ...) NOT-FOR-US: Packwood MPXJ -CVE-2020-35459 - RESERVED +CVE-2020-35459 (An issue was discovered in ClusterLabs crmsh through 4.2.1. Local atta ...) - crmsh <unfixed> NOTE: https://www.openwall.com/lists/oss-security/2021/01/12/3 -CVE-2020-35458 - RESERVED +CVE-2020-35458 (An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There ...) - hawk <itp> (bug #634344) CVE-2020-35457 (** DISPUTED ** GNOME GLib before 2.65.3 has an integer overflow, that ...) - glib2.0 2.66.0-1 (unimportant) @@ -2623,6 +2621,7 @@ CVE-2020-29600 (In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an ab NOTE: https://github.com/eldy/awstats/issues/90 NOTE: https://github.com/eldy/awstats/commit/d4d815d0caae3dbae83ac70a1ae4581bd57cf376 CVE-2020-29599 (ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the - ...) + {DLA-2523-1} - imagemagick 8:6.9.11.57+dfsg-1 (bug #977205) NOTE: https://github.com/ImageMagick/ImageMagick/discussions/2851 NOTE: https://insert-script.blogspot.com/2020/11/imagemagick-shell-injection-via-pdf.html @@ -6772,6 +6771,7 @@ CVE-2020-27774 (A flaw was found in ImageMagick in MagickCore/statistic.c. An at NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/29cee9152d1b5487cfd19443ca48935eea0cabe2 NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/052175e4b190598141fbcc64641cd5ee4db3602d CVE-2020-27773 (A flaw was found in ImageMagick in MagickCore/gem-private.h. An attack ...) + {DLA-2523-1} - imagemagick 8:6.9.11.24+dfsg-1 [buster] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1739 @@ -6831,6 +6831,7 @@ CVE-2020-27766 (A flaw was found in ImageMagick in MagickCore/statistic.c. An at NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/052175e4b190598141fbcc64641cd5ee4db3602d NOTE: Same fix as CVE-2020-27774 CVE-2020-27765 (A flaw was found in ImageMagick in MagickCore/segment.c. An attacker w ...) + {DLA-2523-1} - imagemagick 8:6.9.11.24+dfsg-1 [buster] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1730 @@ -6843,6 +6844,7 @@ CVE-2020-27764 (In /MagickCore/statistic.c, there are several areas in ApplyEval NOTE: https://github.com/ImageMagick/ImageMagick/issues/1735 NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/3e21bc8a58b4ae38d24c7e283837cc279f35b6a5 CVE-2020-27763 (A flaw was found in ImageMagick in MagickCore/resize.c. An attacker wh ...) + {DLA-2523-1} - imagemagick 8:6.9.11.24+dfsg-1 [buster] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1718 @@ -6863,6 +6865,7 @@ CVE-2020-27761 (WritePALMImage() in /coders/palm.c used size_t casts in several NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/db5e12e24f1378ce8c93a5c35991dcdd23a67bb0 NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/14c90fb315eb3666a4cf6d784cbde74c69c934ec CVE-2020-27760 (In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` v ...) + {DLA-2523-1} - imagemagick 8:6.9.11.24+dfsg-1 [buster] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1717 @@ -6927,6 +6930,7 @@ CVE-2020-27751 (A flaw was found in ImageMagick in MagickCore/quantum-export.c. NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/f60d59cc3a7e3402d403361e0985ffa56f746a82 NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/879bb6a13ece5508cd983bc3d64ced23900b60ee CVE-2020-27750 (A flaw was found in ImageMagick in MagickCore/colorspace-private.h and ...) + {DLA-2523-1} - imagemagick 8:6.9.11.24+dfsg-1 [buster] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1711 @@ -7395,6 +7399,7 @@ CVE-2020-27562 CVE-2020-27561 RESERVED CVE-2020-27560 (ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames i ...) + {DLA-2523-1} - imagemagick 8:6.9.11.57+dfsg-1 (bug #972797) [buster] - imagemagick <ignored> (Minor issue) NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/ef59bd764f88d893f1219fee8ba696a5d3f8c1c4 @@ -8254,8 +8259,8 @@ CVE-2020-27150 RESERVED CVE-2020-27149 RESERVED -CVE-2020-27148 - RESERVED +CVE-2020-27148 (The TIBCO EBX Add-on for Oracle Hyperion EPM, TIBCO EBX Data Exchange ...) + TODO: check CVE-2020-27147 (The REST API component of TIBCO Software Inc.'s TIBCO PartnerExpress c ...) NOT-FOR-US: TIBCO CVE-2020-27146 (The Core component of TIBCO Software Inc.'s TIBCO iProcess Workspace ( ...) @@ -9255,10 +9260,10 @@ CVE-2020-26715 RESERVED CVE-2020-26714 RESERVED -CVE-2020-26713 - RESERVED -CVE-2020-26712 - RESERVED +CVE-2020-26713 (REDCap 10.3.4 contains a XSS vulnerability in the ToDoList function wi ...) + TODO: check +CVE-2020-26712 (REDCap 10.3.4 contains a SQL injection vulnerability in the ToDoList f ...) + TODO: check CVE-2020-26711 RESERVED CVE-2020-26710 @@ -10239,7 +10244,7 @@ CVE-2020-26263 (tlslite-ng is an open source python library that implements SSL NOTE: https://github.com/tlsfuzzer/tlslite-ng/pull/439 CVE-2020-26262 RESERVED - {DSA-4829-1} + {DSA-4829-1 DLA-2522-1} - coturn 4.5.2-1 NOTE: https://github.com/coturn/coturn/security/advisories/GHSA-6g6j-r9rf-cm7p NOTE: https://github.com/coturn/coturn/commit/ff5e5478a3e1b426bad053828099403cfc5c1f5f @@ -11643,6 +11648,7 @@ CVE-2020-25675 (In the CropImage() and CropImageToTiles() routines of MagickCore NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/64dc80b2e1907f7f20bf34d4df9483f938b0de71 NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/6b169173585127299f4724f7880b575879c7f033 CVE-2020-25674 (WriteOnePNGImage() from coders/png.c (the PNG coder) has a for loop wi ...) + {DLA-2523-1} - imagemagick 8:6.9.11.24+dfsg-1 NOTE: https://github.com/ImageMagick/ImageMagick/issues/1715 NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/67b871032183a29d3ca0553db6ce1ae80fddb9aa @@ -11689,6 +11695,7 @@ CVE-2020-25666 (There are 4 places in HistogramCompare() in MagickCore/histogram NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/94691f00839dbdf43edb1508af945ab19b388573 NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/91ae12c57f3b9b23f2072462c27a8378b59f395e CVE-2020-25665 (The PALM image coder at coders/palm.c makes an improper call to Acquir ...) + {DLA-2523-1} - imagemagick 8:6.9.11.24+dfsg-1 [buster] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1714 @@ -11736,8 +11743,7 @@ CVE-2020-25658 (It was found that python-rsa is vulnerable to Bleichenbacher tim [buster] - python-rsa <no-dsa> (Minor issue) [stretch] - python-rsa <no-dsa> (Minor issue) NOTE: https://github.com/sybrenstuvel/python-rsa/issues/165 -CVE-2020-25657 - RESERVED +CVE-2020-25657 (A flaw was found in all released versions of m2crypto, where they are ...) - m2crypto <unfixed> (bug #975002) [bullseye] - m2crypto <no-dsa> (Minor issue) [buster] - m2crypto <no-dsa> (Minor issue) @@ -13883,10 +13889,10 @@ CVE-2020-24703 (An issue was discovered in certain WSO2 products. A valid Carbon NOT-FOR-US: WSO2 CVE-2020-24702 RESERVED -CVE-2020-24701 - RESERVED -CVE-2020-24700 - RESERVED +CVE-2020-24701 (OX App Suite through 7.10.4 allows XSS via the app loading mechanism ( ...) + TODO: check +CVE-2020-24700 (OX App Suite through 7.10.3 allows SSRF because GET requests are sent ...) + TODO: check CVE-2020-24699 (The Chamber Dashboard Business Directory plugin 3.2.8 for WordPress al ...) NOT-FOR-US: Chamber Dashboard Business Directory plugin for WordPress CVE-2020-24698 (An issue was discovered in PowerDNS Authoritative through 4.3.0 when - ...) @@ -24105,6 +24111,7 @@ CVE-2020-19668 (Unverified indexs into the array lead to out of bound access in [stretch] - libsixel <no-dsa> (Minor issue) NOTE: https://github.com/saitoha/libsixel/issues/136 CVE-2020-19667 (Stack-based buffer overflow and unconditional jump in ReadXPMImage in ...) + {DLA-2523-1} - imagemagick 8:6.9.11.24+dfsg-1 [buster] - imagemagick <ignored> (Minor issue) NOTE: https://github.com/ImageMagick/ImageMagick/issues/1895 @@ -36061,8 +36068,7 @@ CVE-2020-14342 (It was found that cifs-utils' mount.cifs was invoking a shell wh NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14442 NOTE: https://lists.samba.org/archive/samba-technical/2020-September/135747.html NOTE: https://git.samba.org/cifs-utils.git/?p=cifs-utils.git;a=commit;h=48a654e2e763fce24c22e1b9c695b42804bbdd4a -CVE-2020-14341 - RESERVED +CVE-2020-14341 (The "Test Connection" available in v7.x of the Red Hat Single Sign On ...) NOT-FOR-US: Red Hat Single Sign On application console CVE-2020-14340 RESERVED @@ -36279,10 +36285,10 @@ CVE-2020-14277 RESERVED CVE-2020-14276 RESERVED -CVE-2020-14275 - RESERVED -CVE-2020-14274 - RESERVED +CVE-2020-14275 (Security vulnerability in HCL Commerce 9.0.0.5 through 9.0.0.13, 9.0.1 ...) + TODO: check +CVE-2020-14274 (Information disclosure vulnerability in HCL Commerce 9.0.1.9 through 9 ...) + TODO: check CVE-2020-14273 (HCL Domino v10 and v11 is susceptible to a Denial of Service (DoS) vul ...) NOT-FOR-US: HCL Domino CVE-2020-14272 @@ -39180,8 +39186,8 @@ CVE-2020-13118 (An issue was discovered in Mikrotik-Router-Monitoring-System thr NOT-FOR-US: Mikrotik-Router-Monitoring-System CVE-2020-13117 RESERVED -CVE-2020-13116 - RESERVED +CVE-2020-13116 (OpenText Carbonite Server Backup Portal before 8.8.7 allows XSS by an ...) + TODO: check CVE-2020-13115 RESERVED CVE-2020-13114 (An issue was discovered in libexif before 0.6.22. An unrestricted size ...) @@ -59478,8 +59484,8 @@ CVE-2020-4840 (IBM Security Secret Server 10.6 could allow a remote attacker to NOT-FOR-US: IBM CVE-2020-4839 RESERVED -CVE-2020-4838 - RESERVED +CVE-2020-4838 (IBM API Connect 5.0.0.0 through 5.0.8.10 is vulnerable to stored cross ...) + TODO: check CVE-2020-4837 RESERVED CVE-2020-4836 @@ -59809,10 +59815,10 @@ CVE-2020-4676 RESERVED CVE-2020-4675 RESERVED -CVE-2020-4674 - RESERVED -CVE-2020-4673 - RESERVED +CVE-2020-4674 (IBM Workload Automation 9.5 stores the server path in URLs that could ...) + TODO: check +CVE-2020-4673 (IBM Workload Automation 9.5 stores sensitive information in HTML comme ...) + TODO: check CVE-2020-4672 (IBM Business Automation Workflow 20.0.0.1 is vulnerable to cross-site ...) NOT-FOR-US: IBM CVE-2020-4671 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 a ...) diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 382897033e..c89413bf6b 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -1,3 +1,65 @@ +CVE-2021-3134 (Mubu 2.2.1 allows local users to gain privileges to execute commands, ...) + TODO: check +CVE-2021-3133 (The Elementor Contact Form DB plugin before 1.6 for WordPress allows C ...) + TODO: check +CVE-2021-3132 + RESERVED +CVE-2021-3131 + RESERVED +CVE-2021-3130 + RESERVED +CVE-2021-3129 (Ignition before 2.5.2, as used in Laravel and other products, allows u ...) + TODO: check +CVE-2021-3128 + RESERVED +CVE-2021-23920 + RESERVED +CVE-2021-23919 + RESERVED +CVE-2021-23918 + RESERVED +CVE-2021-23917 + RESERVED +CVE-2021-23916 + RESERVED +CVE-2021-23915 + RESERVED +CVE-2021-23914 + RESERVED +CVE-2021-23913 + RESERVED +CVE-2021-23912 + RESERVED +CVE-2021-23911 + RESERVED +CVE-2021-23910 + RESERVED +CVE-2021-23909 + RESERVED +CVE-2021-23908 + RESERVED +CVE-2021-23907 + RESERVED +CVE-2021-23906 + RESERVED +CVE-2021-23905 + RESERVED +CVE-2021-23904 + RESERVED +CVE-2021-23903 + RESERVED +CVE-2021-23902 + RESERVED +CVE-2021-23901 + RESERVED +CVE-2021-23900 + RESERVED +CVE-2021-23899 + RESERVED +CVE-2021-23898 + RESERVED +CVE-2021-23897 + RESERVED CVE-2021-XXXX [RUSTSEC-2021-0003: smallvec: Buffer overflow in SmallVec::insert_many] - rust-smallvec <unfixed> NOTE: https://rustsec.org/advisories/RUSTSEC-2021-0003.html @@ -1352,14 +1414,12 @@ CVE-2021-23242 (MERCUSYS Mercury X18G 1.0.5 devices allow Directory Traversal vi NOT-FOR-US: MERCUSYS Mercury X18G devices CVE-2021-23241 (MERCUSYS Mercury X18G 1.0.5 devices allow Directory Traversal via ../ ...) NOT-FOR-US: MERCUSYS Mercury X18G devices -CVE-2021-23240 [Possible Symlink Attack in SELinux Context in `sudoedit`] - RESERVED +CVE-2021-23240 (selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a loc ...) - sudo 1.9.5-1 NOTE: https://www.openwall.com/lists/oss-security/2021/01/11/2 NOTE: https://www.sudo.ws/repos/sudo/rev/8fcb36ef422a NOTE: https://www.sudo.ws/alerts/sudoedit_selinux.html -CVE-2021-23239 [Possible Dir Existence Test due to Race Condition in `sudoedit`] - RESERVED +CVE-2021-23239 (The sudoedit personality of Sudo before 1.9.5 may allow a local unpriv ...) - sudo 1.9.5-1 NOTE: https://www.openwall.com/lists/oss-security/2021/01/11/2 NOTE: https://www.sudo.ws/repos/sudo/rev/ea19d0073c02 @@ -4915,60 +4975,60 @@ CVE-2021-21473 RESERVED CVE-2021-21472 RESERVED -CVE-2021-21471 - RESERVED -CVE-2021-21470 - RESERVED -CVE-2021-21469 - RESERVED -CVE-2021-21468 - RESERVED -CVE-2021-21467 - RESERVED -CVE-2021-21466 - RESERVED -CVE-2021-21465 - RESERVED -CVE-2021-21464 - RESERVED -CVE-2021-21463 - RESERVED -CVE-2021-21462 - RESERVED -CVE-2021-21461 - RESERVED -CVE-2021-21460 - RESERVED -CVE-2021-21459 - RESERVED -CVE-2021-21458 - RESERVED -CVE-2021-21457 - RESERVED -CVE-2021-21456 - RESERVED -CVE-2021-21455 - RESERVED -CVE-2021-21454 - RESERVED -CVE-2021-21453 - RESERVED -CVE-2021-21452 - RESERVED -CVE-2021-21451 - RESERVED -CVE-2021-21450 - RESERVED -CVE-2021-21449 - RESERVED -CVE-2021-21448 - RESERVED -CVE-2021-21447 - RESERVED -CVE-2021-21446 - RESERVED -CVE-2021-21445 - RESERVED +CVE-2021-21471 (In CLA-Assistant, versions before 2.8.5, due to improper access contro ...) + TODO: check +CVE-2021-21470 (SAP EPM Add-in for Microsoft Office, version - 1010 and SAP EPM Add-in ...) + TODO: check +CVE-2021-21469 (When security guidelines for SAP NetWeaver Master Data Management, ver ...) + TODO: check +CVE-2021-21468 (The BW Database Interface does not perform necessary authorization che ...) + TODO: check +CVE-2021-21467 (SAP Banking Services (Generic Market Data) 400, 450, and 500 does not ...) + TODO: check +CVE-2021-21466 (SAP Business Warehouse, versions 700, 701, 702, 711, 730, 731, 740, 75 ...) + TODO: check +CVE-2021-21465 (The BW Database Interface allows an attacker with low privileges to ex ...) + TODO: check +CVE-2021-21464 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...) + TODO: check +CVE-2021-21463 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...) + TODO: check +CVE-2021-21462 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...) + TODO: check +CVE-2021-21461 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...) + TODO: check +CVE-2021-21460 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...) + TODO: check +CVE-2021-21459 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...) + TODO: check +CVE-2021-21458 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...) + TODO: check +CVE-2021-21457 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...) + TODO: check +CVE-2021-21456 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...) + TODO: check +CVE-2021-21455 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...) + TODO: check +CVE-2021-21454 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...) + TODO: check +CVE-2021-21453 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...) + TODO: check +CVE-2021-21452 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...) + TODO: check +CVE-2021-21451 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...) + TODO: check +CVE-2021-21450 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...) + TODO: check +CVE-2021-21449 (SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open ma ...) + TODO: check +CVE-2021-21448 (SAP GUI for Windows, version - 7.60, allows an attacker to spoof logon ...) + TODO: check +CVE-2021-21447 (SAP BusinessObjects Business Intelligence platform, versions 410, 420, ...) + TODO: check +CVE-2021-21446 (SAP NetWeaver AS ABAP, versions 740, 750, 751, 752, 753, 754, 755, all ...) + TODO: check +CVE-2021-21445 (SAP Commerce Cloud, versions - 1808, 1811, 1905, 2005, 2011, allows an ...) + TODO: check CVE-2021-21444 RESERVED CVE-2021-21443 |