diff options
author | Neil Williams <codehelp@debian.org> | 2022-02-14 10:59:31 +0000 |
---|---|---|
committer | Neil Williams <codehelp@debian.org> | 2022-02-14 10:59:31 +0000 |
commit | a53d1db0a7f804d45e6a3a076cab91a74a652f91 (patch) | |
tree | 220e5762a9f74a42c89f50df6332fe68c5f7de1b | |
parent | e27cbfc358000fdffcab44216c5da556d2cc5d61 (diff) |
Update other Flask-AppBuilder CVEs
-rw-r--r-- | data/CVE/list.2021 | 6 | ||||
-rw-r--r-- | data/CVE/list.2022 | 4 |
2 files changed, 7 insertions, 3 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index 4a385aabc1..ba61836209 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -34133,7 +34133,8 @@ CVE-2021-32807 (The module `AccessControl` defines security policies for Python CVE-2021-32806 (Products.isurlinportal is a replacement for isURLInPortal method in Pl ...) NOT-FOR-US: Plone CVE-2021-32805 (Flask-AppBuilder is an application development framework, built on top ...) - NOT-FOR-US: Flask-AppBuilder + - flask-appbuilder <itp> (bug #998029) + NOTE: https://github.com/dpgaspar/Flask-AppBuilder/commit/6af28521589599b1dbafd6313256229ee9a4fa74 (3.3.4) CVE-2021-32804 (The npm package "tar" (aka node-tar) before versions 6.1.1, 5.0.6, 4.4 ...) - node-tar 6.1.7+~cs11.3.10-1 (bug #992111) [bullseye] - node-tar 6.0.5+ds1+~cs11.3.9-1+deb11u1 @@ -42426,7 +42427,8 @@ CVE-2021-29622 (Prometheus is an open-source monitoring system and time series d NOTE: The vulnerability itself is introduced with 2.23.0 upstream. NOTE: See https://bugs.debian.org/988804 for details. CVE-2021-29621 (Flask-AppBuilder is a development framework, built on top of Flask. Us ...) - NOT-FOR-US: Flask-AppBuilder + - flask-appbuilder <itp> (bug #998029) + NOTE: https://github.com/dpgaspar/Flask-AppBuilder/commit/780bd0e8fbf2d36ada52edb769477e0a4edae580 (3.3.4) CVE-2021-29620 (Report portal is an open source reporting and analysis framework. Star ...) NOT-FOR-US: Report portal CVE-2021-29619 (TensorFlow is an end-to-end open source platform for machine learning. ...) diff --git a/data/CVE/list.2022 b/data/CVE/list.2022 index 1607984463..ae426b0d62 100644 --- a/data/CVE/list.2022 +++ b/data/CVE/list.2022 @@ -9265,7 +9265,9 @@ CVE-2022-21661 (WordPress is a free and open-source content management system wr CVE-2022-21660 (Gin-vue-admin is a backstage management system based on vue and gin. I ...) TODO: check CVE-2022-21659 (Flask-AppBuilder is an application development framework, built on top ...) - TODO: check + - flask-appbuilder <itp> (bug #998029) + NOTE: https://github.com/dpgaspar/Flask-AppBuilder/pull/1775 + NOTE: https://github.com/dpgaspar/Flask-AppBuilder/commit/e2b744c258ff62ece9d5ac7172c3b4644ff4c2fe (3.4.4) CVE-2022-21658 (Rust is a multi-paradigm, general-purpose programming language designe ...) - rustc <unfixed> [bullseye] - rustc <no-dsa> (Minor issue) |