[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Apr 3 21:10:30 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cd359505 by security tracker role at 2022-04-03T20:10:22+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,13 @@
+CVE-2022-28381 (Mediaserver.exe in ALLMediaServer 1.6 has a stack-based buffer overflo ...)
+ TODO: check
+CVE-2022-28380 (The rc-httpd component through 2022-03-31 for 9front (Plan 9 fork) all ...)
+ TODO: check
+CVE-2022-28379 (jc21.com Nginx Proxy Manager before 2.9.17 allows XSS during item dele ...)
+ TODO: check
+CVE-2022-28378 (Craft CMS before 3.7.29 allows XSS. ...)
+ TODO: check
+CVE-2022-1211 (A vulnerability classified as critical has been found in tildearrow Fu ...)
+ TODO: check
CVE-2022-28377
RESERVED
CVE-2022-28376 (Verizon LVSKIHP 5G outside devices through 2022-02-15 allow anyone (kn ...)
@@ -54,8 +64,7 @@ CVE-2022-28354
RESERVED
CVE-2022-28353
RESERVED
-CVE-2022-1210 [Tiff conversion to PS crashed due to incorrect memory size request]
- RESERVED
+CVE-2022-1210 (A vulnerability classified as problematic was found in LibTIFF 4.3.0. ...)
- tiff <unfixed>
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/402
CVE-2021-46782
@@ -768,31 +777,37 @@ CVE-2022-1147
RESERVED
CVE-2022-1146
RESERVED
+ {DSA-5112-1}
- chromium 100.0.4896.60-1
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-1145
RESERVED
+ {DSA-5112-1}
- chromium 100.0.4896.60-1
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-1144
RESERVED
+ {DSA-5112-1}
- chromium 100.0.4896.60-1
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-1143
RESERVED
+ {DSA-5112-1}
- chromium 100.0.4896.60-1
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-1142
RESERVED
+ {DSA-5112-1}
- chromium 100.0.4896.60-1
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-1141
RESERVED
+ {DSA-5112-1}
- chromium 100.0.4896.60-1
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
@@ -800,66 +815,79 @@ CVE-2022-1140
RESERVED
CVE-2022-1139
RESERVED
+ {DSA-5112-1}
- chromium 100.0.4896.60-1
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-1138
RESERVED
+ {DSA-5112-1}
- chromium 100.0.4896.60-1
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-1137
RESERVED
+ {DSA-5112-1}
- chromium 100.0.4896.60-1
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-1136
RESERVED
+ {DSA-5112-1}
- chromium 100.0.4896.60-1
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-1135
RESERVED
+ {DSA-5112-1}
- chromium 100.0.4896.60-1
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-1134
RESERVED
+ {DSA-5112-1}
- chromium 100.0.4896.60-1
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-1133
RESERVED
+ {DSA-5112-1}
- chromium 100.0.4896.60-1
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-1132
RESERVED
+ {DSA-5112-1}
- chromium 100.0.4896.60-1
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-1131
RESERVED
+ {DSA-5112-1}
- chromium 100.0.4896.60-1
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-1130
RESERVED
+ {DSA-5112-1}
- chromium 100.0.4896.60-1
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-1129
RESERVED
+ {DSA-5112-1}
- chromium 100.0.4896.60-1
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-1128
RESERVED
+ {DSA-5112-1}
- chromium 100.0.4896.60-1
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-1127
RESERVED
+ {DSA-5112-1}
- chromium 100.0.4896.60-1
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
@@ -867,6 +895,7 @@ CVE-2022-1126
RESERVED
CVE-2022-1125
RESERVED
+ {DSA-5112-1}
- chromium 100.0.4896.60-1
[buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
@@ -11895,10 +11924,10 @@ CVE-2022-0407 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to
NOTE: https://github.com/vim/vim/commit/44db8213d38c39877d2148eff6a72f4beccfb94e (v8.2.4219)
CVE-2022-24112 (An attacker can abuse the batch-requests plugin to send requests to by ...)
NOT-FOR-US: Apache APISIX
-CVE-2022-0406
- RESERVED
-CVE-2022-0405
- RESERVED
+CVE-2022-0406 (Improper Authorization in GitHub repository janeczku/calibre-web prior ...)
+ TODO: check
+CVE-2022-0405 (Improper Access Control in GitHub repository janeczku/calibre-web prio ...)
+ TODO: check
CVE-2022-0404
RESERVED
CVE-2022-0403
@@ -17936,8 +17965,8 @@ CVE-2022-0090 (An issue has been discovered affecting GitLab versions prior to 1
- gitlab <unfixed>
CVE-2022-0089
RESERVED
-CVE-2022-0088
- RESERVED
+CVE-2022-0088 (Cross-Site Request Forgery (CSRF) in GitHub repository yourls/yourls p ...)
+ TODO: check
CVE-2021-46140
RESERVED
CVE-2021-46139
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd359505d5588e6ae7cfdd0c68167094dcdb3d85
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd359505d5588e6ae7cfdd0c68167094dcdb3d85
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220403/3d97470d/attachment.htm>
More information about the debian-security-tracker-commits
mailing list