diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2021-10-06 11:44:31 +0200 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2021-10-06 11:46:00 +0200 |
commit | 258bbb9931bbeaa6df140b22199bc871da793463 (patch) | |
tree | f1a06b64b0b4f16b11c65f8ec1f6be6216fc4096 /data | |
parent | af061bd4ea0c406ef1a3bf02cc30b684443a4999 (diff) |
new gitlab issues
NFUs
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 52 |
1 files changed, 26 insertions, 26 deletions
diff --git a/data/CVE/list b/data/CVE/list index 58e91fc396..c51d556ef1 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -334,7 +334,7 @@ CVE-2021-41863 CVE-2021-41862 (AviatorScript through 5.2.7 allows code execution via an expression th ...) NOT-FOR-US: AviatorScript CVE-2021-41861 (The Telegram application 7.5.0 through 7.8.0 for Android does not prop ...) - TODO: check + NOT-FOR-US: Telegram for Android CVE-2021-41860 RESERVED CVE-2021-41859 @@ -1970,15 +1970,15 @@ CVE-2021-41126 CVE-2021-41125 RESERVED CVE-2021-41124 (Scrapy-splash is a library which provides Scrapy and JavaScript integr ...) - TODO: check + NOT-FOR-US: Scrapy-splash CVE-2021-41123 (Survey Solutions is a survey management and data collection system. In ...) NOT-FOR-US: Survey Solutions CVE-2021-41122 (Vyper is a Pythonic Smart Contract Language for the EVM. In affected v ...) - TODO: check + NOT-FOR-US: Vyper CVE-2021-41121 RESERVED CVE-2021-41120 (sylius/paypal-plugin is a paypal plugin for the Sylius development pla ...) - TODO: check + NOT-FOR-US: sylius/paypal-plugin CVE-2021-41119 RESERVED CVE-2021-41118 (The DynamicPageList3 extension is a reporting tool for MediaWiki, list ...) @@ -1992,9 +1992,9 @@ CVE-2021-41116 (Composer is an open source dependency manager for the PHP langua CVE-2021-41115 RESERVED CVE-2021-41114 (TYPO3 is an open source PHP based web content management system releas ...) - TODO: check + NOT-FOR-US: Typo3 CVE-2021-41113 (TYPO3 is an open source PHP based web content management system releas ...) - TODO: check + NOT-FOR-US: Typo3 CVE-2021-41112 RESERVED CVE-2021-41111 @@ -2037,9 +2037,9 @@ CVE-2021-41096 (Rucky is a USB HID Rubber Ducky Launch Pad for Android. Versions CVE-2021-41095 (Discourse is an open source discussion platform. There is a cross-site ...) NOT-FOR-US: Discourse CVE-2021-41094 (Wire is an open source secure messenger. Users of Wire by Bund may byp ...) - TODO: check + NOT-FOR-US: Wire by Bund CVE-2021-41093 (Wire is an open source secure messenger. In affected versions if the a ...) - TODO: check + NOT-FOR-US: Wire iOS CVE-2021-41092 (Docker CLI is the command line interface for the docker container runt ...) TODO: check CVE-2021-41091 (Moby is an open-source project created by Docker to enable software co ...) @@ -4825,33 +4825,33 @@ CVE-2021-39896 (In all versions of GitLab CE/EE since version 8.0, when an admin CVE-2021-39895 RESERVED CVE-2021-39894 (In all versions of GitLab CE/EE since version 8.0, a DNS rebinding vul ...) - TODO: check + - gitlab <unfixed> CVE-2021-39893 (A potential DOS vulnerability was discovered in GitLab starting with v ...) - TODO: check + - gitlab <unfixed> CVE-2021-39892 RESERVED CVE-2021-39891 (In all versions of GitLab CE/EE since version 8.0, access tokens creat ...) - TODO: check + - gitlab <unfixed> CVE-2021-39890 RESERVED CVE-2021-39889 (In all versions of GitLab EE since version 14.1, due to an insecure di ...) - TODO: check + - gitlab <not-affected> (Specific to Enterprise Edition) CVE-2021-39888 (In all versions of GitLab EE since version 13.10, a specific API endpo ...) - TODO: check + - gitlab <not-affected> (Specific to Enterprise Edition) CVE-2021-39887 (A stored Cross-Site Scripting vulnerability in the GitLab Flavored Mar ...) - TODO: check + - gitlab <unfixed> CVE-2021-39886 (Permissions rules were not applied while issues were moved between pro ...) - TODO: check + - gitlab <unfixed> CVE-2021-39885 (A Stored XSS in merge request creation page in Gitlab EE version 13.5 ...) - TODO: check + - gitlab <not-affected> (Specific to Enterprise Edition) CVE-2021-39884 (In all versions of GitLab EE since version 8.13, an endpoint discloses ...) - TODO: check + - gitlab <not-affected> (Specific to Enterprise Edition) CVE-2021-39883 (Improper authorization checks in GitLab EE > 13.11 allows subgroup ...) - TODO: check + - gitlab <not-affected> (Specific to Enterprise Edition) CVE-2021-39882 (In all versions of GitLab CE/EE, provided a user ID, anonymous users c ...) - TODO: check + - gitlab <unfixed> CVE-2021-39881 (In all versions of GitLab CE/EE since version 7.7, the application may ...) - TODO: check + - gitlab <unfixed> CVE-2021-39880 (A Denial Of Service vulnerability in the apollo_upload_server Ruby gem ...) TODO: check CVE-2021-39879 (Missing authentication in all versions of GitLab CE/EE since version 7 ...) @@ -4863,25 +4863,25 @@ CVE-2021-39877 (A vulnerability was discovered in GitLab starting with version 1 CVE-2021-39876 RESERVED CVE-2021-39875 (In all versions of GitLab CE/EE since version 13.6, it is possible to ...) - TODO: check + - gitlab <unfixed> CVE-2021-39874 (In all versions of GitLab CE/EE since version 11.0, the requirement to ...) - gitlab <unfixed> CVE-2021-39873 (In all versions of GitLab CE/EE, there exists a content spoofing vulne ...) - gitlab <unfixed> CVE-2021-39872 (In all versions of GitLab CE/EE since version 14.1, an improper access ...) - TODO: check + - gitlab <unfixed> CVE-2021-39871 (In all versions of GitLab CE/EE since version 13.0, an instance that h ...) - gitlab <unfixed> CVE-2021-39870 (In all versions of GitLab CE/EE since version 11.11, an instance that ...) - TODO: check + - gitlab <unfixed> CVE-2021-39869 (In all versions of GitLab CE/EE since version 8.9, project exports may ...) - TODO: check + - gitlab <unfixed> CVE-2021-39868 (In all versions of GitLab CE/EE since version 8.12, an authenticated l ...) - gitlab <unfixed> CVE-2021-39867 (In all versions of GitLab CE/EE since version 8.15, a DNS rebinding vu ...) - TODO: check + - gitlab <unfixed> CVE-2021-39866 (A business logic error in the project deletion process in GitLab 13.6 ...) - TODO: check + - gitlab <unfixed> CVE-2021-39865 (Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release ...) NOT-FOR-US: Adobe CVE-2021-39864 |