automatic update

author: security tracker role <sectracker@soriano.debian.org> 2022-01-14 20:10:16 +0000
committer: security tracker role <sectracker@soriano.debian.org> 2022-01-14 20:10:16 +0000
commit: 82a86c776278fffc214cf32f7461a709651ae586 (patch)
tree: e8cc56d035805f5fc4d2bf32b8b746d546b3873b /data/CVE/list.2021
parent: db714509ca15e88355a5d4a3371779f03ea0e8ec (diff)
1 files changed, 193 insertions, 102 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 1f16de3899..7ad116a7b5 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -1,3 +1,5 @@
+CVE-2021-46304
+	RESERVED
 CVE-2021-46303
 	RESERVED
 CVE-2021-46302
@@ -1391,12 +1393,12 @@ CVE-2021-45765
 	RESERVED
 CVE-2021-45764
 	RESERVED
-CVE-2021-45763
-	RESERVED
-CVE-2021-45762
-	RESERVED
-CVE-2021-45761
-	RESERVED
+CVE-2021-45763 (GPAC v1.1.0 was discovered to contain an invalid call in the function  ...)
+	TODO: check
+CVE-2021-45762 (GPAC v1.1.0 was discovered to contain an invalid memory address derefe ...)
+	TODO: check
+CVE-2021-45761 (ROPium v3.1 was discovered to contain an invalid memory address derefe ...)
+	TODO: check
 CVE-2021-45760 (GPAC v1.1.0 was discovered to contain an invalid memory address derefe ...)
 	TODO: check
 CVE-2021-45759
@@ -2062,8 +2064,8 @@ CVE-2021-4161 (The affected products contain vulnerable firmware, which could al
 CVE-2021-45469 (In __f2fs_setxattr in fs/f2fs/xattr.c in the Linux kernel through 5.15 ...)
 	- linux <unfixed>
 	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=215235
-CVE-2021-45468
-	RESERVED
+CVE-2021-45468 (Imperva Web Application Firewall (WAF) before 2021-12-31 allows remote ...)
+	TODO: check
 CVE-2021-45467
 	RESERVED
 CVE-2021-45466
@@ -2683,7 +2685,7 @@ CVE-2021-4141
 	RESERVED
 CVE-2021-4140
 	RESERVED
-	{DSA-5044-1}
+	{DSA-5045-1 DSA-5044-1}
 	- firefox 96.0-1
 	- firefox-esr 91.5.0esr-1
 	- thunderbird 1:91.5.0-1
@@ -3151,24 +3153,24 @@ CVE-2021-45070
 	RESERVED
 CVE-2021-45069
 	RESERVED
-CVE-2021-45068
-	RESERVED
-CVE-2021-45067
-	RESERVED
+CVE-2021-45068 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
+	TODO: check
+CVE-2021-45067 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
+	TODO: check
 CVE-2021-45066
 	RESERVED
 CVE-2021-45065
 	RESERVED
-CVE-2021-45064
-	RESERVED
-CVE-2021-45063
-	RESERVED
-CVE-2021-45062
-	RESERVED
-CVE-2021-45061
-	RESERVED
-CVE-2021-45060
-	RESERVED
+CVE-2021-45064 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
+	TODO: check
+CVE-2021-45063 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
+	TODO: check
+CVE-2021-45062 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
+	TODO: check
+CVE-2021-45061 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
+	TODO: check
+CVE-2021-45060 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
+	TODO: check
 CVE-2021-45059 (Adobe InDesign version 16.4 (and earlier) is affected by a use-after-f ...)
 	TODO: check
 CVE-2021-45058 (Adobe InDesign version 16.4 (and earlier) is affected by an out-of-bou ...)
@@ -3183,10 +3185,10 @@ CVE-2021-45054 (Adobe InCopy version 16.4 (and earlier) is affected by a use-aft
 	TODO: check
 CVE-2021-45053 (Adobe InCopy version 16.4 (and earlier) is affected by an out-of-bound ...)
 	TODO: check
-CVE-2021-45052
-	RESERVED
-CVE-2021-45051
-	RESERVED
+CVE-2021-45052 (Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlie ...)
+	TODO: check
+CVE-2021-45051 (Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlie ...)
+	TODO: check
 CVE-2021-4120
 	RESERVED
 CVE-2021-45050
@@ -3839,22 +3841,27 @@ CVE-2021-44796
 	RESERVED
 CVE-2021-4102
 	RESERVED
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4101
 	RESERVED
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4100
 	RESERVED
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4099
 	RESERVED
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4098
 	RESERVED
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4097 (phpservermon is vulnerable to Improper Neutralization of CRLF Sequence ...)
@@ -3997,16 +4004,16 @@ CVE-2021-44745
 	RESERVED
 CVE-2021-44744
 	RESERVED
-CVE-2021-44743
-	RESERVED
-CVE-2021-44742
-	RESERVED
-CVE-2021-44741
-	RESERVED
-CVE-2021-44740
-	RESERVED
-CVE-2021-44739
-	RESERVED
+CVE-2021-44743 (Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlie ...)
+	TODO: check
+CVE-2021-44742 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
+	TODO: check
+CVE-2021-44741 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
+	TODO: check
+CVE-2021-44740 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
+	TODO: check
+CVE-2021-44739 (Acrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), ...)
+	TODO: check
 CVE-2021-44545
 	RESERVED
 CVE-2021-44457
@@ -4106,38 +4113,38 @@ CVE-2021-44716 (net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows un
 	NOTE: https://github.com/golang/go/commit/48d948963c5ce7add72af5665a871caff6c1d35a (go1.17.5)
 	NOTE: https://github.com/golang/go/commit/d0aebe3e74fe14799f97ddd3f01129697c6a290a (go1.16.12)
 	NOTE: https://github.com/golang/net/commit/491a49abca63de5e07ef554052d180a1b5fe2d70
-CVE-2021-44715
-	RESERVED
-CVE-2021-44714
-	RESERVED
-CVE-2021-44713
-	RESERVED
-CVE-2021-44712
-	RESERVED
-CVE-2021-44711
-	RESERVED
-CVE-2021-44710
-	RESERVED
-CVE-2021-44709
-	RESERVED
-CVE-2021-44708
-	RESERVED
-CVE-2021-44707
-	RESERVED
-CVE-2021-44706
-	RESERVED
-CVE-2021-44705
-	RESERVED
-CVE-2021-44704
-	RESERVED
-CVE-2021-44703
-	RESERVED
-CVE-2021-44702
-	RESERVED
-CVE-2021-44701
-	RESERVED
-CVE-2021-44700
-	RESERVED
+CVE-2021-44715 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
+	TODO: check
+CVE-2021-44714 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
+	TODO: check
+CVE-2021-44713 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
+	TODO: check
+CVE-2021-44712 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
+	TODO: check
+CVE-2021-44711 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
+	TODO: check
+CVE-2021-44710 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
+	TODO: check
+CVE-2021-44709 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
+	TODO: check
+CVE-2021-44708 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
+	TODO: check
+CVE-2021-44707 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
+	TODO: check
+CVE-2021-44706 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
+	TODO: check
+CVE-2021-44705 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
+	TODO: check
+CVE-2021-44704 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
+	TODO: check
+CVE-2021-44703 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
+	TODO: check
+CVE-2021-44702 (Acrobat Reader DC ActiveX Control versions 21.007.20099 (and earlier), ...)
+	TODO: check
+CVE-2021-44701 (Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (an ...)
+	TODO: check
+CVE-2021-44700 (Adobe Illustrator versions 25.4.2 (and earlier) and 26.0.1 (and earlie ...)
+	TODO: check
 CVE-2021-44699 (Adobe Audition versions 14.4 (and earlier), and 22.0 (and earlier)are  ...)
 	NOT-FOR-US: Adobe
 CVE-2021-44698 (Adobe Audition versions 14.4 (and earlier), and 22.0 (and earlier)are  ...)
@@ -4153,9 +4160,11 @@ CVE-2021-44694
 CVE-2021-44693
 	RESERVED
 CVE-2021-4079 (Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 a ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4078 (Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a  ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4077
@@ -4486,53 +4495,69 @@ CVE-2021-4069 (vim is vulnerable to Use After Free ...)
 CVE-2021-44548 (An Improper Input Validation vulnerability in DataImportHandler of Apa ...)
 	TODO: check
 CVE-2021-4068 (Insufficient data validation in new tab page in Google Chrome prior to ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4067 (Use after free in window manager in Google Chrome on ChromeOS prior to ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4066 (Integer underflow in ANGLE in Google Chrome prior to 96.0.4664.93 allo ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4065 (Use after free in autofill in Google Chrome prior to 96.0.4664.93 allo ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4064 (Use after free in screen capture in Google Chrome on ChromeOS prior to ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4063 (Use after free in developer tools in Google Chrome prior to 96.0.4664. ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4062 (Heap buffer overflow in BFCache in Google Chrome prior to 96.0.4664.93 ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4061 (Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a  ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4060
 	RESERVED
 CVE-2021-4059 (Insufficient data validation in loader in Google Chrome prior to 96.0. ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4058 (Heap buffer overflow in ANGLE in Google Chrome prior to 96.0.4664.93 a ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4057 (Use after free in file API in Google Chrome prior to 96.0.4664.93 allo ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4056 (Type confusion in loader in Google Chrome prior to 96.0.4664.93 allowe ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4055 (Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664 ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4054 (Incorrect security UI in autofill in Google Chrome prior to 96.0.4664. ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4053 (Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 a ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4052 (Use after free in web apps in Google Chrome prior to 96.0.4664.93 allo ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4051
@@ -5477,11 +5502,11 @@ CVE-2021-44189
 	RESERVED
 CVE-2021-44188
 	RESERVED
-CVE-2021-44187 (Adobe Bridge versions 11.1.1 (and earlier) are affected by an out-of-b ...)
+CVE-2021-44187 (Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlie ...)
 	NOT-FOR-US: Adobe
-CVE-2021-44186 (Adobe Bridge versions 11.1.1 (and earlier) are affected by an out-of-b ...)
+CVE-2021-44186 (Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlie ...)
 	NOT-FOR-US: Adobe
-CVE-2021-44185 (Adobe Bridge versions 11.1.1 (and earlier) are affected by an out-of-b ...)
+CVE-2021-44185 (Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlie ...)
 	NOT-FOR-US: Adobe
 CVE-2021-44184
 	RESERVED
@@ -6595,8 +6620,8 @@ CVE-2021-43754
 	RESERVED
 CVE-2021-43753
 	RESERVED
-CVE-2021-43752
-	RESERVED
+CVE-2021-43752 (Adobe Illustrator versions 25.4.2 (and earlier) and 26.0.1 (and earlie ...)
+	TODO: check
 CVE-2021-43751
 	RESERVED
 CVE-2021-43750 (Adobe Premiere Rush versions 1.5.16 (and earlier) are affected by a Nu ...)
@@ -9501,8 +9526,8 @@ CVE-2021-42553
 	RESERVED
 CVE-2021-42552
 	RESERVED
-CVE-2021-42551
-	RESERVED
+CVE-2021-42551 (Cross-site Scripting (XSS) vulnerability in the search functionality o ...)
+	TODO: check
 CVE-2021-42549 (Insufficient Input Validation in the search functionality of Wordpress ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2021-42548 (Insufficient Input Validation in the search functionality of Wordpress ...)
@@ -18086,8 +18111,8 @@ CVE-2021-39034
 	RESERVED
 CVE-2021-39033
 	RESERVED
-CVE-2021-39032
-	RESERVED
+CVE-2021-39032 (IBM Sterling Gentran:Server for Microsoft Windows 5.3 stores potential ...)
+	TODO: check
 CVE-2021-39031
 	RESERVED
 CVE-2021-39030
@@ -20511,203 +20536,269 @@ CVE-2021-38024
 CVE-2021-38023
 	RESERVED
 CVE-2021-38022 (Inappropriate implementation in WebAuthentication in Google Chrome pri ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-38021 (Inappropriate implementation in referrer in Google Chrome prior to 96. ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-38020 (Insufficient policy enforcement in contacts picker in Google Chrome on ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-38019 (Insufficient policy enforcement in CORS in Google Chrome prior to 96.0 ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-38018 (Inappropriate implementation in navigation in Google Chrome prior to 9 ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-38017 (Insufficient policy enforcement in iframe sandbox in Google Chrome pri ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-38016 (Insufficient policy enforcement in background fetch in Google Chrome p ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-38015 (Inappropriate implementation in input in Google Chrome prior to 96.0.4 ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-38014 (Out of bounds write in Swiftshader in Google Chrome prior to 96.0.4664 ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-38013 (Heap buffer overflow in fingerprint recognition in Google Chrome on Ch ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-38012 (Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a  ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-38011 (Use after free in storage foundation in Google Chrome prior to 96.0.46 ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-38010 (Inappropriate implementation in service workers in Google Chrome prior ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-38009 (Inappropriate implementation in cache in Google Chrome prior to 96.0.4 ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-38008 (Use after free in media in Google Chrome prior to 96.0.4664.45 allowed ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-38007 (Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a  ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-38006 (Use after free in storage foundation in Google Chrome prior to 96.0.46 ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-38005 (Use after free in loader in Google Chrome prior to 96.0.4664.45 allowe ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-38004 (Insufficient policy enforcement in Autofill in Google Chrome prior to  ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-38003 (Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638 ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-38002 (Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-38001 (Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a  ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-38000 (Insufficient validation of untrusted input in Intents in Google Chrome ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37999 (Insufficient data validation in New Tab Page in Google Chrome prior to ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37998 (Use after free in Garbage Collection in Google Chrome prior to 95.0.46 ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37997 (Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allow ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37996 (Insufficient validation of untrusted input Downloads in Google Chrome  ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37995 (Inappropriate implementation in WebApp Installer in Google Chrome prio ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37994 (Inappropriate implementation in iFrame Sandbox in Google Chrome prior  ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37993 (Use after free in PDF Accessibility in Google Chrome prior to 95.0.463 ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37992 (Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54  ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37991 (Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote att ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37990 (Inappropriate implementation in WebView in Google Chrome on Android pr ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37989 (Inappropriate implementation in Blink in Google Chrome prior to 95.0.4 ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37988 (Use after free in Profiles in Google Chrome prior to 95.0.4638.54 allo ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37987 (Use after free in Network APIs in Google Chrome prior to 95.0.4638.54  ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37986 (Heap buffer overflow in Settings in Google Chrome prior to 95.0.4638.5 ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37985 (Use after free in V8 in Google Chrome prior to 95.0.4638.54 allowed a  ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37984 (Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54  ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37983 (Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 all ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37982 (Use after free in Incognito in Google Chrome prior to 95.0.4638.54 all ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37981 (Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 al ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37980 (Inappropriate implementation in Sandbox in Google Chrome prior to 94.0 ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37979 (heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81  ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37978 (Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 a ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37977 (Use after free in Garbage Collection in Google Chrome prior to 94.0.46 ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37976 (Inappropriate implementation in Memory in Google Chrome prior to 94.0. ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37975 (Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a  ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37974 (Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71  ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37973 (Use after free in Portals in Google Chrome prior to 94.0.4606.61 allow ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37972 (Out of bounds read in libjpeg-turbo in Google Chrome prior to 94.0.460 ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37971 (Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0 ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37970 (Use after free in File System API in Google Chrome prior to 94.0.4606. ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37969 (Inappropriate implementation in Google Updater in Google Chrome on Win ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37968 (Inappropriate implementation in Background Fetch API in Google Chrome  ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37967 (Inappropriate implementation in Background Fetch API in Google Chrome  ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37966 (Inappropriate implementation in Compositing in Google Chrome on Androi ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37965 (Inappropriate implementation in Background Fetch API in Google Chrome  ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37964 (Inappropriate implementation in ChromeOS Networking in Google Chrome o ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37963 (Side-channel information leakage in DevTools in Google Chrome prior to ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37962 (Use after free in Performance Manager in Google Chrome prior to 94.0.4 ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37961 (Use after free in Tab Strip in Google Chrome prior to 94.0.4606.54 all ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37960
 	REJECTED
 CVE-2021-37959 (Use after free in Task Manager in Google Chrome prior to 94.0.4606.54  ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37958 (Inappropriate implementation in Navigation in Google Chrome on Windows ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37957 (Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowe ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37956 (Use after free in Offline use in Google Chrome on Android prior to 94. ...)
+	{DSA-5046-1}
 	- chromium 97.0.4692.71-0.1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37955
@@ -23400,8 +23491,8 @@ CVE-2021-36783
 	RESERVED
 CVE-2021-36782
 	RESERVED
-CVE-2021-36781
-	RESERVED
+CVE-2021-36781 (A Incorrect Default Permissions vulnerability in the parsec package of ...)
+	TODO: check
 CVE-2021-36780 (A Improper Access Control vulnerability in longhorn of SUSE Longhorn a ...)
 	TODO: check
 CVE-2021-36779 (A Improper Access Control vulnerability inf SUSE Longhorn allows any w ...)
@@ -23547,11 +23638,11 @@ CVE-2021-36738 (The input fields in the JSP version of the Apache Pluto Applican
 CVE-2021-36737 (The input fields of the Apache Pluto UrlTestPortlet are vulnerable to  ...)
 	NOT-FOR-US: Apache Pluto UrlTestPortlet
 CVE-2021-36736
-	RESERVED
+	REJECTED
 CVE-2021-36735
-	RESERVED
+	REJECTED
 CVE-2021-36734
-	RESERVED
+	REJECTED
 CVE-2021-36733
 	RESERVED
 CVE-2021-36732
@@ -29822,8 +29913,8 @@ CVE-2021-33964
 	RESERVED
 CVE-2021-33963
 	RESERVED
-CVE-2021-33962
-	RESERVED
+CVE-2021-33962 (China Mobile An Lianbao WF-1 router v1.0.1 is affected by an OS comman ...)
+	TODO: check
 CVE-2021-33961
 	RESERVED
 CVE-2021-33960
@@ -33096,10 +33187,10 @@ CVE-2021-32652 (Nextcloud Mail is a mail app for the Nextcloud platform. A missi
 	- nextcloud-server <itp> (bug #941708)
 CVE-2021-32651 (OneDev is a development operations platform. If the LDAP external auth ...)
 	NOT-FOR-US: OneDev
-CVE-2021-32650
-	RESERVED
-CVE-2021-32649
-	RESERVED
+CVE-2021-32650 (October CMS is a self-hosted content management system (CMS) platform  ...)
+	TODO: check
+CVE-2021-32649 (October CMS is a self-hosted content management system (CMS) platform  ...)
+	TODO: check
 CVE-2021-32648 (octobercms in a CMS platform based on the Laravel PHP Framework. In af ...)
 	NOT-FOR-US: October CMS
 CVE-2021-32647 (Emissary is a P2P based data-driven workflow engine. Affected versions ...)
@@ -35391,7 +35482,7 @@ CVE-2021-31773
 	RESERVED
 CVE-2021-31772
 	RESERVED
-CVE-2021-31771 (Splinterware System Scheduler Professional version 5.30 is subject to  ...)
+CVE-2021-31771 (** DISPUTED ** Splinterware System Scheduler Professional version 5.30 ...)
 	NOT-FOR-US: Splinterware
 CVE-2021-31770
 	RESERVED
@@ -43600,10 +43691,10 @@ CVE-2021-28509
 	RESERVED
 CVE-2021-28508
 	RESERVED
-CVE-2021-28507
-	RESERVED
-CVE-2021-28506
-	RESERVED
+CVE-2021-28507 (An issue has recently been discovered in Arista EOS where, under certa ...)
+	TODO: check
+CVE-2021-28506 (An issue has recently been discovered in Arista EOS where certain gNOI ...)
+	TODO: check
 CVE-2021-28505
 	RESERVED
 CVE-2021-28504
@@ -43612,8 +43703,8 @@ CVE-2021-28503
 	RESERVED
 CVE-2021-28502
 	RESERVED
-CVE-2021-28501
-	RESERVED
+CVE-2021-28501 (An issue has recently been discovered in Arista EOS where the incorrec ...)
+	TODO: check
 CVE-2021-28500
 	RESERVED
 CVE-2021-28499 (In Arista's MOS (Metamako Operating System) software which is supporte ...)
@@ -54043,8 +54134,8 @@ CVE-2021-24048
 	RESERVED
 CVE-2021-24047
 	RESERVED
-CVE-2021-24046
-	RESERVED
+CVE-2021-24046 (A logic flaw in Ray-Ban&#174; Stories device software allowed some par ...)
+	TODO: check
 CVE-2021-24045 (A type confusion vulnerability could be triggered when resolving the " ...)
 	TODO: check
 CVE-2021-24044
@@ -62238,10 +62329,10 @@ CVE-2021-20615
 	RESERVED
 CVE-2021-20614
 	RESERVED
-CVE-2021-20613
-	RESERVED
-CVE-2021-20612
-	RESERVED
+CVE-2021-20613 (Improper initialization vulnerability in MELSEC-F series FX3U-ENET Fir ...)
+	TODO: check
+CVE-2021-20612 (Lack of administrator control over security vulnerability in MELSEC-F  ...)
+	TODO: check
 CVE-2021-20611 (Improper Input Validation vulnerability in MELSEC iQ-R Series R00/01/0 ...)
 	NOT-FOR-US: Mitsubishi
 CVE-2021-20610 (Improper Handling of Length Parameter Inconsistency vulnerability in M ...)
author	security tracker role <sectracker@soriano.debian.org>	2022-01-14 20:10:16 +0000
committer	security tracker role <sectracker@soriano.debian.org>	2022-01-14 20:10:16 +0000
commit	82a86c776278fffc214cf32f7461a709651ae586 (patch)
tree	e8cc56d035805f5fc4d2bf32b8b746d546b3873b /data/CVE/list.2021
parent	db714509ca15e88355a5d4a3371779f03ea0e8ec (diff)