diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2022-01-17 17:48:27 +0100 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2022-01-17 17:48:27 +0100 |
| commit | 84811e63984a917731c4b0796109d61d06581c38 (patch) | |
| tree | 06f8eb4e48896f240169d016e7ad947da2ef284a /data/CVE/list.2021 | |
| parent | eee6bce83d6ac018496f94b953d49e73fa764471 (diff) | |
new iotjs issue
Diffstat (limited to 'data/CVE/list.2021')
| -rw-r--r-- | data/CVE/list.2021 | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index c9130d37be..c780683032 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -279,7 +279,9 @@ CVE-2021-46172 CVE-2021-46171 (Modex v2.11 was discovered to contain a NULL pointer dereference in se ...) NOT-FOR-US: Modex CVE-2021-46170 (An issue was discovered in JerryScript commit a6ab5e9. There is an Use ...) - TODO: check + - iotjs <unfixed> + NOTE: https://github.com/jerryscript-project/jerryscript/issues/4917 + NOTE: https://github.com/jerryscript-project/jerryscript/pull/4942/commits/5e1fdd1d1e75105b43392b4bb3996099cdc50f3d CVE-2021-46169 (Modex v2.11 was discovered to contain an Use-After-Free vulnerability ...) NOT-FOR-US: Modex CVE-2021-46168 (Spin v6.5.1 was discovered to contain an out-of-bounds write in lex() ...) @@ -301,7 +303,7 @@ CVE-2021-4202 [bullseye] - linux 5.10.84-1 NOTE: CONFIG_NFC_NCI not enabled in Debian CVE-2021-23218 (When running with FIPS mode enabled, Mirantis Container Runtime 20.10. ...) - TODO: check + NOT-FOR-US: Mirantis Container Runtime CVE-2021-23154 (In Lens prior to 5.3.4, custom helm chart configuration creates helm c ...) NOT-FOR-US: Lens CVE-2021-46166 (Zoho ManageEngine Desktop Central before 10.0.662 allows authenticated ...) @@ -1976,7 +1978,7 @@ CVE-2021-45494 (Certain NETGEAR devices are affected by an attacker's ability to CVE-2021-45493 (Certain NETGEAR devices are affected by disclosure of administrative c ...) NOT-FOR-US: Netgear CVE-2021-4170 (calibre-web is vulnerable to Improper Neutralization of Input During W ...) - TODO: check + NOT-FOR-US: calibre-web CVE-2021-4169 (livehelperchat is vulnerable to Improper Neutralization of Input Durin ...) NOT-FOR-US: livehelperchat CVE-2021-45492 @@ -2208,7 +2210,7 @@ CVE-2021-45450 (In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psa_cipher_gener NOTE: https://github.com/ARMmbed/mbedtls/commit/c423acbe0f7957d8ef1e6036c2429c9f79c6f05e (mbedtls-2.28.0) NOTE: https://github.com/ARMmbed/mbedtls/commit/4c224fe3ccbe527a2b7d55a927f1f09511ff1b83 (mbedtls-2.28.0) CVE-2021-45449 (Docker Desktop version 4.3.0 and 4.3.1 has a bug that may log sensitiv ...) - TODO: check + NOT-FOR-US: Docker Desktop on Windows CVE-2021-45448 RESERVED CVE-2021-45447 @@ -3624,7 +3626,7 @@ CVE-2021-44880 CVE-2021-44879 RESERVED CVE-2021-44878 (Pac4j v5.1 and earlier allows (by default) clients to accept and succe ...) - TODO: check + NOT-FOR-US: Pac4j CVE-2021-44877 (Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Incorrect A ...) NOT-FOR-US: Dalmark Systems Systeam CVE-2021-44876 (Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to User enumer ...) @@ -3782,7 +3784,7 @@ CVE-2021-44830 CVE-2021-44829 RESERVED CVE-2021-44828 (Arm Mali GPU Kernel Driver (Midgard r26p0 through r30p0, Bifrost r0p0 ...) - TODO: check + NOT-FOR-US: ARM CVE-2021-44827 RESERVED CVE-2021-44826 @@ -4036,7 +4038,7 @@ CVE-2021-44454 CVE-2021-43351 RESERVED CVE-2021-4080 (crater is vulnerable to Unrestricted Upload of File with Dangerous Typ ...) - TODO: check + NOT-FOR-US: Crater CVE-2021-26946 RESERVED CVE-2021-26254 @@ -4427,7 +4429,7 @@ CVE-2021-44588 CVE-2021-44587 RESERVED CVE-2021-44586 (An issue was discovered in dst-admin v1.3.0. The product has an unauth ...) - TODO: check + NOT-FOR-US: dst-admin CVE-2021-44585 RESERVED CVE-2021-44584 (Cross-site scripting (XSS) vulnerability in index.php in emlog version ...) |