[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Dec 14 08:10:25 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dae93c3d by security tracker role at 2021-12-14T08:10:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,217 @@
+CVE-2022-21933
+ RESERVED
+CVE-2022-21932
+ RESERVED
+CVE-2022-21931
+ RESERVED
+CVE-2022-21930
+ RESERVED
+CVE-2022-21929
+ RESERVED
+CVE-2022-21928
+ RESERVED
+CVE-2022-21927
+ RESERVED
+CVE-2022-21926
+ RESERVED
+CVE-2022-21925
+ RESERVED
+CVE-2022-21924
+ RESERVED
+CVE-2022-21923
+ RESERVED
+CVE-2022-21922
+ RESERVED
+CVE-2022-21921
+ RESERVED
+CVE-2022-21920
+ RESERVED
+CVE-2022-21919
+ RESERVED
+CVE-2022-21918
+ RESERVED
+CVE-2022-21917
+ RESERVED
+CVE-2022-21916
+ RESERVED
+CVE-2022-21915
+ RESERVED
+CVE-2022-21914
+ RESERVED
+CVE-2022-21913
+ RESERVED
+CVE-2022-21912
+ RESERVED
+CVE-2022-21911
+ RESERVED
+CVE-2022-21910
+ RESERVED
+CVE-2022-21909
+ RESERVED
+CVE-2022-21908
+ RESERVED
+CVE-2022-21907
+ RESERVED
+CVE-2022-21906
+ RESERVED
+CVE-2022-21905
+ RESERVED
+CVE-2022-21904
+ RESERVED
+CVE-2022-21903
+ RESERVED
+CVE-2022-21902
+ RESERVED
+CVE-2022-21901
+ RESERVED
+CVE-2022-21900
+ RESERVED
+CVE-2022-21899
+ RESERVED
+CVE-2022-21898
+ RESERVED
+CVE-2022-21897
+ RESERVED
+CVE-2022-21896
+ RESERVED
+CVE-2022-21895
+ RESERVED
+CVE-2022-21894
+ RESERVED
+CVE-2022-21893
+ RESERVED
+CVE-2022-21892
+ RESERVED
+CVE-2022-21891
+ RESERVED
+CVE-2022-21890
+ RESERVED
+CVE-2022-21889
+ RESERVED
+CVE-2022-21888
+ RESERVED
+CVE-2022-21887
+ RESERVED
+CVE-2022-21886
+ RESERVED
+CVE-2022-21885
+ RESERVED
+CVE-2022-21884
+ RESERVED
+CVE-2022-21883
+ RESERVED
+CVE-2022-21882
+ RESERVED
+CVE-2022-21881
+ RESERVED
+CVE-2022-21880
+ RESERVED
+CVE-2022-21879
+ RESERVED
+CVE-2022-21878
+ RESERVED
+CVE-2022-21877
+ RESERVED
+CVE-2022-21876
+ RESERVED
+CVE-2022-21875
+ RESERVED
+CVE-2022-21874
+ RESERVED
+CVE-2022-21873
+ RESERVED
+CVE-2022-21872
+ RESERVED
+CVE-2022-21871
+ RESERVED
+CVE-2022-21870
+ RESERVED
+CVE-2022-21869
+ RESERVED
+CVE-2022-21868
+ RESERVED
+CVE-2022-21867
+ RESERVED
+CVE-2022-21866
+ RESERVED
+CVE-2022-21865
+ RESERVED
+CVE-2022-21864
+ RESERVED
+CVE-2022-21863
+ RESERVED
+CVE-2022-21862
+ RESERVED
+CVE-2022-21861
+ RESERVED
+CVE-2022-21860
+ RESERVED
+CVE-2022-21859
+ RESERVED
+CVE-2022-21858
+ RESERVED
+CVE-2022-21857
+ RESERVED
+CVE-2022-21856
+ RESERVED
+CVE-2022-21855
+ RESERVED
+CVE-2022-21854
+ RESERVED
+CVE-2022-21853
+ RESERVED
+CVE-2022-21852
+ RESERVED
+CVE-2022-21851
+ RESERVED
+CVE-2022-21850
+ RESERVED
+CVE-2022-21849
+ RESERVED
+CVE-2022-21848
+ RESERVED
+CVE-2022-21847
+ RESERVED
+CVE-2022-21846
+ RESERVED
+CVE-2022-21845
+ RESERVED
+CVE-2022-21844
+ RESERVED
+CVE-2022-21843
+ RESERVED
+CVE-2022-21842
+ RESERVED
+CVE-2022-21841
+ RESERVED
+CVE-2022-21840
+ RESERVED
+CVE-2022-21839
+ RESERVED
+CVE-2022-21838
+ RESERVED
+CVE-2022-21837
+ RESERVED
+CVE-2022-21836
+ RESERVED
+CVE-2022-21835
+ RESERVED
+CVE-2022-21834
+ RESERVED
+CVE-2022-21833
+ RESERVED
+CVE-2021-45043
+ RESERVED
+CVE-2021-45042
+ RESERVED
+CVE-2021-45041
+ RESERVED
+CVE-2021-4110
+ RESERVED
+CVE-2021-4109
+ RESERVED
+CVE-2021-4108
+ RESERVED
CVE-2022-0010
RESERVED
CVE-2021-45040
@@ -538,18 +752,23 @@ CVE-2021-44797
CVE-2021-44796
RESERVED
CVE-2021-4102
+ RESERVED
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4101
+ RESERVED
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4100
+ RESERVED
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4099
+ RESERVED
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4098
+ RESERVED
- chromium <unfixed>
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4097 (phpservermon is vulnerable to Improper Neutralization of CRLF Sequence ...)
@@ -3391,10 +3610,10 @@ CVE-2021-43825
RESERVED
CVE-2021-43824
RESERVED
-CVE-2021-43823
- RESERVED
-CVE-2021-43822
- RESERVED
+CVE-2021-43823 (Sourcegraph is a code search and navigation engine. Sourcegraph prior ...)
+ TODO: check
+CVE-2021-43822 (Jackalope Doctrine-DBAL is an implementation of the PHP Content Reposi ...)
+ TODO: check
CVE-2021-43821
RESERVED
CVE-2021-43820
@@ -3406,14 +3625,14 @@ CVE-2021-43818 (lxml is a library for processing XML and HTML in the Python lang
NOTE: https://github.com/lxml/lxml/security/advisories/GHSA-55x5-fj6c-h6m8
NOTE: https://github.com/lxml/lxml/commit/12fa9669007180a7bb87d990c375cf91ca5b664a (lxml-4.6.5)
NOTE: https://github.com/lxml/lxml/commit/f2330237440df7e8f39c3ad1b1aa8852be3b27c0 (lxml-4.6.5)
-CVE-2021-43817
- RESERVED
+CVE-2021-43817 (Collabora Online is a collaborative online office suite based on Libre ...)
+ TODO: check
CVE-2021-43816
RESERVED
CVE-2021-43815 (Grafana is an open-source platform for monitoring and observability. G ...)
- grafana <removed>
-CVE-2021-43814
- RESERVED
+CVE-2021-43814 (Rizin is a UNIX-like reverse engineering framework and command-line to ...)
+ TODO: check
CVE-2021-43813 (Grafana is an open-source platform for monitoring and observability. G ...)
- grafana <removed>
CVE-2021-43812
@@ -3440,8 +3659,8 @@ CVE-2021-43803 (Next.js is a React framework. In versions of Next.js prior to 12
NOT-FOR-US: next.js
CVE-2021-43802 (Etherpad is a real-time collaborative editor. In versions prior to 1.8 ...)
TODO: check
-CVE-2021-43801
- RESERVED
+CVE-2021-43801 (Mercurius is a GraphQL adapter for Fastify. Any users from Mercurius at 8 ...)
+ TODO: check
CVE-2021-43800 (Wiki.js is a wiki app built on Node.js. Prior to version 2.5.254, dire ...)
NOT-FOR-US: Wiki.js
CVE-2021-43799
@@ -12600,8 +12819,8 @@ CVE-2021-41274 (solidus_auth_devise provides authentication services for the Sol
NOT-FOR-US: solidus_auth_devise
CVE-2021-41273 (Pterodactyl is an open-source game server management panel built with ...)
NOT-FOR-US: Pterodactyl
-CVE-2021-41272
- RESERVED
+CVE-2021-41272 (Besu is an Ethereum client written in Java. Starting in version 21.10. ...)
+ TODO: check
CVE-2021-41271 (Discourse is a platform for community discussion. In affected versions ...)
NOT-FOR-US: Discourse
CVE-2021-41270 (Symfony/Serializer handles serializing and deserializing data structur ...)
@@ -55010,8 +55229,8 @@ CVE-2021-24047
RESERVED
CVE-2021-24046
RESERVED
-CVE-2021-24045
- RESERVED
+CVE-2021-24045 (A type confusion vulnerability could be triggered when resolving the " ...)
+ TODO: check
CVE-2021-24044
RESERVED
CVE-2021-24043
@@ -82531,6 +82750,7 @@ CVE-2020-25715 (A flaw was found in pki-core 10.9.0. A specially crafted POST re
CVE-2020-25714
RESERVED
CVE-2020-25713 (A malformed input file can lead to a segfault due to an out of bounds ...)
+ {DLA-2846-1}
- raptor <removed>
- raptor2 2.0.14-1.2 (bug #974664)
[buster] - raptor2 <no-dsa> (Minor issue)
@@ -97265,8 +97485,8 @@ CVE-2020-19044
RESERVED
CVE-2020-19043
RESERVED
-CVE-2020-19042
- RESERVED
+CVE-2020-19042 (Cross Site Scripting (XSS) vulnerability exists in zzcms 2019 XSS via ...)
+ TODO: check
CVE-2020-19041
RESERVED
CVE-2020-19040
@@ -287816,6 +288036,7 @@ CVE-2017-7698 (A Use After Free in the pdf2swf part of swftools 0.9.2 and earlie
NOTE: https://github.com/matthiaskramm/swftools/pull/19
NOTE: Vulnerable code removed with the 0.9.2+dfs1-2 upload
CVE-2017-7697 (In libsamplerate before 0.1.9, a buffer over-read occurs in the calc_o ...)
+ {DLA-2845-1}
- libsamplerate 0.1.9-1 (bug #860159)
[jessie] - libsamplerate <no-dsa> (Minor issue)
[wheezy] - libsamplerate <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dae93c3d55998abeb50d43de57ae44db59fc1dff
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dae93c3d55998abeb50d43de57ae44db59fc1dff
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211214/20ea1999/attachment.htm>
More information about the debian-security-tracker-commits
mailing list