[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Dec 22 08:10:24 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2a9da5c7 by security tracker role at 2021-12-22T08:10:16+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,243 @@
+CVE-2022-22261
+ RESERVED
+CVE-2022-22260
+ RESERVED
+CVE-2022-22259
+ RESERVED
+CVE-2022-22258
+ RESERVED
+CVE-2022-22257
+ RESERVED
+CVE-2022-22256
+ RESERVED
+CVE-2022-22255
+ RESERVED
+CVE-2022-22254
+ RESERVED
+CVE-2022-22253
+ RESERVED
+CVE-2022-22252
+ RESERVED
+CVE-2022-22251
+ RESERVED
+CVE-2022-22250
+ RESERVED
+CVE-2022-22249
+ RESERVED
+CVE-2022-22248
+ RESERVED
+CVE-2022-22247
+ RESERVED
+CVE-2022-22246
+ RESERVED
+CVE-2022-22245
+ RESERVED
+CVE-2022-22244
+ RESERVED
+CVE-2022-22243
+ RESERVED
+CVE-2022-22242
+ RESERVED
+CVE-2022-22241
+ RESERVED
+CVE-2022-22240
+ RESERVED
+CVE-2022-22239
+ RESERVED
+CVE-2022-22238
+ RESERVED
+CVE-2022-22237
+ RESERVED
+CVE-2022-22236
+ RESERVED
+CVE-2022-22235
+ RESERVED
+CVE-2022-22234
+ RESERVED
+CVE-2022-22233
+ RESERVED
+CVE-2022-22232
+ RESERVED
+CVE-2022-22231
+ RESERVED
+CVE-2022-22230
+ RESERVED
+CVE-2022-22229
+ RESERVED
+CVE-2022-22228
+ RESERVED
+CVE-2022-22227
+ RESERVED
+CVE-2022-22226
+ RESERVED
+CVE-2022-22225
+ RESERVED
+CVE-2022-22224
+ RESERVED
+CVE-2022-22223
+ RESERVED
+CVE-2022-22222
+ RESERVED
+CVE-2022-22221
+ RESERVED
+CVE-2022-22220
+ RESERVED
+CVE-2022-22219
+ RESERVED
+CVE-2022-22218
+ RESERVED
+CVE-2022-22217
+ RESERVED
+CVE-2022-22216
+ RESERVED
+CVE-2022-22215
+ RESERVED
+CVE-2022-22214
+ RESERVED
+CVE-2022-22213
+ RESERVED
+CVE-2022-22212
+ RESERVED
+CVE-2022-22211
+ RESERVED
+CVE-2022-22210
+ RESERVED
+CVE-2022-22209
+ RESERVED
+CVE-2022-22208
+ RESERVED
+CVE-2022-22207
+ RESERVED
+CVE-2022-22206
+ RESERVED
+CVE-2022-22205
+ RESERVED
+CVE-2022-22204
+ RESERVED
+CVE-2022-22203
+ RESERVED
+CVE-2022-22202
+ RESERVED
+CVE-2022-22201
+ RESERVED
+CVE-2022-22200
+ RESERVED
+CVE-2022-22199
+ RESERVED
+CVE-2022-22198
+ RESERVED
+CVE-2022-22197
+ RESERVED
+CVE-2022-22196
+ RESERVED
+CVE-2022-22195
+ RESERVED
+CVE-2022-22194
+ RESERVED
+CVE-2022-22193
+ RESERVED
+CVE-2022-22192
+ RESERVED
+CVE-2022-22191
+ RESERVED
+CVE-2022-22190
+ RESERVED
+CVE-2022-22189
+ RESERVED
+CVE-2022-22188
+ RESERVED
+CVE-2022-22187
+ RESERVED
+CVE-2022-22186
+ RESERVED
+CVE-2022-22185
+ RESERVED
+CVE-2022-22184
+ RESERVED
+CVE-2022-22183
+ RESERVED
+CVE-2022-22182
+ RESERVED
+CVE-2022-22181
+ RESERVED
+CVE-2022-22180
+ RESERVED
+CVE-2022-22179
+ RESERVED
+CVE-2022-22178
+ RESERVED
+CVE-2022-22177
+ RESERVED
+CVE-2022-22176
+ RESERVED
+CVE-2022-22175
+ RESERVED
+CVE-2022-22174
+ RESERVED
+CVE-2022-22173
+ RESERVED
+CVE-2022-22172
+ RESERVED
+CVE-2022-22171
+ RESERVED
+CVE-2022-22170
+ RESERVED
+CVE-2022-22169
+ RESERVED
+CVE-2022-22168
+ RESERVED
+CVE-2022-22167
+ RESERVED
+CVE-2022-22166
+ RESERVED
+CVE-2022-22165
+ RESERVED
+CVE-2022-22164
+ RESERVED
+CVE-2022-22163
+ RESERVED
+CVE-2022-22162
+ RESERVED
+CVE-2022-22161
+ RESERVED
+CVE-2022-22160
+ RESERVED
+CVE-2022-22159
+ RESERVED
+CVE-2022-22158
+ RESERVED
+CVE-2022-22157
+ RESERVED
+CVE-2022-22156
+ RESERVED
+CVE-2022-22155
+ RESERVED
+CVE-2022-22154
+ RESERVED
+CVE-2022-22153
+ RESERVED
+CVE-2022-22152
+ RESERVED
+CVE-2022-21800
+ RESERVED
+CVE-2022-21215
+ RESERVED
+CVE-2022-21196
+ RESERVED
+CVE-2022-21155
+ RESERVED
+CVE-2022-21137
+ RESERVED
+CVE-2021-45459 (lib/cmd.js in the node-windows package before 1.0.0-beta.6 for Node.js ...)
+ TODO: check
+CVE-2021-4154
+ RESERVED
+CVE-2021-4153
+ RESERVED
+CVE-2021-4152
+ RESERVED
+CVE-2021-4151
+ RESERVED
CVE-2022-22136
RESERVED
CVE-2022-22135
@@ -1881,28 +2121,28 @@ CVE-2021-44929
RESERVED
CVE-2021-44928
RESERVED
-CVE-2021-44927
- RESERVED
-CVE-2021-44926
- RESERVED
-CVE-2021-44925
- RESERVED
-CVE-2021-44924
- RESERVED
-CVE-2021-44923
- RESERVED
-CVE-2021-44922
- RESERVED
-CVE-2021-44921
- RESERVED
-CVE-2021-44920
- RESERVED
-CVE-2021-44919
- RESERVED
-CVE-2021-44918
- RESERVED
-CVE-2021-44917
- RESERVED
+CVE-2021-44927 (A null pointer dereference vulnerability exists in gpac 1.1.0 in the g ...)
+ TODO: check
+CVE-2021-44926 (A null pointer dereference vulnerability exists in the gpac in the gf_ ...)
+ TODO: check
+CVE-2021-44925 (A null pointer dereference vulnerability exists in gpac 1.1.0 in the g ...)
+ TODO: check
+CVE-2021-44924 (An infinite loop vulnerability exists in gpac 1.1.0 in the gf_log func ...)
+ TODO: check
+CVE-2021-44923 (A null pointer dereference vulnerability exists in gpac 1.1.0 in the g ...)
+ TODO: check
+CVE-2021-44922 (A null pointer dereference vulnerability exists in gpac 1.1.0 in the B ...)
+ TODO: check
+CVE-2021-44921 (A null pointer dereference vulnerability exists in gpac 1.1.0 in the g ...)
+ TODO: check
+CVE-2021-44920 (An invalid memory address dereference vulnerability exists in gpac 1.1 ...)
+ TODO: check
+CVE-2021-44919 (A Null Pointer Dereference vulnerability exists in the gf_sg_vrml_mf_a ...)
+ TODO: check
+CVE-2021-44918 (A Null Pointer Dereference vulnerability exists in gpac 1.1.0 in the g ...)
+ TODO: check
+CVE-2021-44917 (A Divide by Zero vulnerability exists in gnuplot 5.4 in the boundary3d ...)
+ TODO: check
CVE-2021-44916 (Opmantek Open-AudIT Community 4.2.0 (Fixed in 4.3.0) is affected by a ...)
NOT-FOR-US: Open-AudIT
CVE-2021-44915
@@ -4474,14 +4714,14 @@ CVE-2021-44033 (In Ionic Identity Vault before 5.0.5, the protection mechanism f
NOT-FOR-US: Ionic Identity Vault
CVE-2021-44032
RESERVED
-CVE-2021-44031
- RESERVED
-CVE-2021-44030
- RESERVED
-CVE-2021-44029
- RESERVED
-CVE-2021-44028
- RESERVED
+CVE-2021-44031 (An issue was discovered in Quest KACE Desktop Authority before 11.2. / ...)
+ TODO: check
+CVE-2021-44030 (Quest KACE Desktop Authority before 11.2 allows XSS because it does no ...)
+ TODO: check
+CVE-2021-44029 (An issue was discovered in Quest KACE Desktop Authority before 11.2. T ...)
+ TODO: check
+CVE-2021-44028 (XXE can occur in Quest KACE Desktop Authority before 11.2 because the ...)
+ TODO: check
CVE-2021-44027
RESERVED
CVE-2021-44024
@@ -5087,8 +5327,8 @@ CVE-2021-43853
RESERVED
CVE-2021-43852
RESERVED
-CVE-2021-43851
- RESERVED
+CVE-2021-43851 (Anuko Time Tracker is an open source, web-based time tracking applicat ...)
+ TODO: check
CVE-2021-43850
RESERVED
CVE-2021-43849
@@ -20023,8 +20263,8 @@ CVE-2021-38968
RESERVED
CVE-2021-38967 (IBM MQ Appliance 9.2 CD and 9.2 LTS could allow a local privileged use ...)
NOT-FOR-US: IBM
-CVE-2021-38966
- RESERVED
+CVE-2021-38966 (IBM Cloud Pak for Automation 21.0.2 is vulnerable to cross-site script ...)
+ TODO: check
CVE-2021-38965
RESERVED
CVE-2021-38964
@@ -20155,8 +20395,8 @@ CVE-2021-38902
RESERVED
CVE-2021-38901 (IBM Spectrum Protect Operations Center 7.1, under special configuratio ...)
NOT-FOR-US: IBM
-CVE-2021-38900
- RESERVED
+CVE-2021-38900 (IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation W ...)
+ TODO: check
CVE-2021-38899 (IBM Cloud Pak for Data 2.5 could allow a local user with special privi ...)
NOT-FOR-US: IBM
CVE-2021-38898
@@ -20169,8 +20409,8 @@ CVE-2021-38895
RESERVED
CVE-2021-38894
RESERVED
-CVE-2021-38893
- RESERVED
+CVE-2021-38893 (IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation W ...)
+ TODO: check
CVE-2021-38892
RESERVED
CVE-2021-38891 (IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses weaker than ...)
@@ -23438,9 +23678,9 @@ CVE-2021-3669 [reading /proc/sysvipc/shm does not scale with large shared memory
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1986473
CVE-2021-37606 (Meow hash 0.5/calico does not sufficiently thwart key recovery by an a ...)
NOT-FOR-US: Meow hash
-CVE-2021-37605 (In version 6.5 of MiWi software and all previous versions including le ...)
+CVE-2021-37605 (In version 6.5 Microchip MiWi software and all previous versions inclu ...)
NOT-FOR-US: Microchip MiWi
-CVE-2021-37604 (In version 6.5 of our MiWi software and all previous versions includin ...)
+CVE-2021-37604 (In version 6.5 of Microchip MiWi software and all previous versions in ...)
NOT-FOR-US: Microchip MiWi
CVE-2021-37603
RESERVED
@@ -39752,11 +39992,13 @@ CVE-2021-30890 (A logic issue was addressed with improved state management. This
- wpewebkit 2.34.3-1
NOTE: https://webkitgtk.org/security/WSA-2021-0007.html
CVE-2021-30889 (A buffer overflow issue was addressed with improved memory handling. T ...)
+ {DSA-4996-1 DSA-4995-1}
- webkit2gtk 2.34.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
- wpewebkit 2.34.1-1
NOTE: https://webkitgtk.org/security/WSA-2021-0007.html
CVE-2021-30888 (An information leakage issue was addressed. This issue is fixed in iOS ...)
+ {DSA-4996-1 DSA-4995-1}
- webkit2gtk 2.34.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
- wpewebkit 2.34.1-1
@@ -39771,6 +40013,7 @@ CVE-2021-30886 (A use after free issue was addressed with improved memory manage
CVE-2021-30885
REJECTED
CVE-2021-30884 (The issue was resolved with additional restrictions on CSS compositing ...)
+ {DSA-4996-1 DSA-4995-1}
- webkit2gtk 2.34.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
- wpewebkit 2.34.1-1
@@ -39892,6 +40135,7 @@ CVE-2021-30838 (A memory corruption issue was addressed with improved memory han
CVE-2021-30837 (A memory consumption issue was addressed with improved memory handling ...)
NOT-FOR-US: Apple
CVE-2021-30836 (An out-of-bounds read was addressed with improved input validation. Th ...)
+ {DSA-4976-1 DSA-4975-1}
- webkit2gtk 2.32.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
- wpewebkit 2.32.4-1
@@ -39921,6 +40165,7 @@ CVE-2021-30825 (This issue was addressed with improved checks. This issue is fix
CVE-2021-30824 (A memory corruption issue was addressed with improved state management ...)
NOT-FOR-US: Apple
CVE-2021-30823 (A logic issue was addressed with improved restrictions. This issue is ...)
+ {DSA-4996-1 DSA-4995-1}
- webkit2gtk 2.34.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
- wpewebkit 2.34.1-1
@@ -39934,6 +40179,7 @@ CVE-2021-30820 (A logic issue was addressed with improved state management. This
CVE-2021-30819 (An out-of-bounds read was addressed with improved input validation. Th ...)
NOT-FOR-US: Apple
CVE-2021-30818 (A type confusion issue was addressed with improved state handling. Thi ...)
+ {DSA-4996-1 DSA-4995-1}
- webkit2gtk 2.34.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
- wpewebkit 2.34.1-1
@@ -39955,6 +40201,7 @@ CVE-2021-30811 (This issue was addressed with improved checks. This issue is fix
CVE-2021-30810 (An authorization issue was addressed with improved state management. T ...)
NOT-FOR-US: Apple
CVE-2021-30809 (A use after free issue was addressed with improved memory management. ...)
+ {DSA-4976-1 DSA-4975-1}
- webkit2gtk 2.32.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
- wpewebkit 2.32.4-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a9da5c7ab54606cc6c3d9be76c76e046f7e6bce
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a9da5c7ab54606cc6c3d9be76c76e046f7e6bce
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211222/d2761f67/attachment.htm>
More information about the debian-security-tracker-commits
mailing list