[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Apr 16 09:10:30 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8464c668 by security tracker role at 2022-04-16T08:10:21+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,249 @@
-CVE-2022-29281
+CVE-2022-29403
RESERVED
+CVE-2022-29402
+ RESERVED
+CVE-2022-29401
+ RESERVED
+CVE-2022-29400
+ RESERVED
+CVE-2022-29399
+ RESERVED
+CVE-2022-29398
+ RESERVED
+CVE-2022-29397
+ RESERVED
+CVE-2022-29396
+ RESERVED
+CVE-2022-29395
+ RESERVED
+CVE-2022-29394
+ RESERVED
+CVE-2022-29393
+ RESERVED
+CVE-2022-29392
+ RESERVED
+CVE-2022-29391
+ RESERVED
+CVE-2022-29390
+ RESERVED
+CVE-2022-29389
+ RESERVED
+CVE-2022-29388
+ RESERVED
+CVE-2022-29387
+ RESERVED
+CVE-2022-29386
+ RESERVED
+CVE-2022-29385
+ RESERVED
+CVE-2022-29384
+ RESERVED
+CVE-2022-29383
+ RESERVED
+CVE-2022-29382
+ RESERVED
+CVE-2022-29381
+ RESERVED
+CVE-2022-29380
+ RESERVED
+CVE-2022-29379
+ RESERVED
+CVE-2022-29378
+ RESERVED
+CVE-2022-29377
+ RESERVED
+CVE-2022-29376
+ RESERVED
+CVE-2022-29375
+ RESERVED
+CVE-2022-29374
+ RESERVED
+CVE-2022-29373
+ RESERVED
+CVE-2022-29372
+ RESERVED
+CVE-2022-29371
+ RESERVED
+CVE-2022-29370
+ RESERVED
+CVE-2022-29369
+ RESERVED
+CVE-2022-29368
+ RESERVED
+CVE-2022-29367
+ RESERVED
+CVE-2022-29366
+ RESERVED
+CVE-2022-29365
+ RESERVED
+CVE-2022-29364
+ RESERVED
+CVE-2022-29363
+ RESERVED
+CVE-2022-29362
+ RESERVED
+CVE-2022-29361
+ RESERVED
+CVE-2022-29360
+ RESERVED
+CVE-2022-29359
+ RESERVED
+CVE-2022-29358
+ RESERVED
+CVE-2022-29357
+ RESERVED
+CVE-2022-29356
+ RESERVED
+CVE-2022-29355
+ RESERVED
+CVE-2022-29354
+ RESERVED
+CVE-2022-29353
+ RESERVED
+CVE-2022-29352
+ RESERVED
+CVE-2022-29351
+ RESERVED
+CVE-2022-29350
+ RESERVED
+CVE-2022-29349
+ RESERVED
+CVE-2022-29348
+ RESERVED
+CVE-2022-29347
+ RESERVED
+CVE-2022-29346
+ RESERVED
+CVE-2022-29345
+ RESERVED
+CVE-2022-29344
+ RESERVED
+CVE-2022-29343
+ RESERVED
+CVE-2022-29342
+ RESERVED
+CVE-2022-29341
+ RESERVED
+CVE-2022-29340
+ RESERVED
+CVE-2022-29339
+ RESERVED
+CVE-2022-29338
+ RESERVED
+CVE-2022-29337
+ RESERVED
+CVE-2022-29336
+ RESERVED
+CVE-2022-29335
+ RESERVED
+CVE-2022-29334
+ RESERVED
+CVE-2022-29333
+ RESERVED
+CVE-2022-29332
+ RESERVED
+CVE-2022-29331
+ RESERVED
+CVE-2022-29330
+ RESERVED
+CVE-2022-29329
+ RESERVED
+CVE-2022-29328
+ RESERVED
+CVE-2022-29327
+ RESERVED
+CVE-2022-29326
+ RESERVED
+CVE-2022-29325
+ RESERVED
+CVE-2022-29324
+ RESERVED
+CVE-2022-29323
+ RESERVED
+CVE-2022-29322
+ RESERVED
+CVE-2022-29321
+ RESERVED
+CVE-2022-29320
+ RESERVED
+CVE-2022-29319
+ RESERVED
+CVE-2022-29318
+ RESERVED
+CVE-2022-29317
+ RESERVED
+CVE-2022-29316
+ RESERVED
+CVE-2022-29315
+ RESERVED
+CVE-2022-29314
+ RESERVED
+CVE-2022-29313
+ RESERVED
+CVE-2022-29312
+ RESERVED
+CVE-2022-29311
+ RESERVED
+CVE-2022-29310
+ RESERVED
+CVE-2022-29309
+ RESERVED
+CVE-2022-29308
+ RESERVED
+CVE-2022-29307
+ RESERVED
+CVE-2022-29306
+ RESERVED
+CVE-2022-29305
+ RESERVED
+CVE-2022-29304
+ RESERVED
+CVE-2022-29303
+ RESERVED
+CVE-2022-29302
+ RESERVED
+CVE-2022-29301
+ RESERVED
+CVE-2022-29300
+ RESERVED
+CVE-2022-29299
+ RESERVED
+CVE-2022-29298
+ RESERVED
+CVE-2022-29297
+ RESERVED
+CVE-2022-29296
+ RESERVED
+CVE-2022-29295
+ RESERVED
+CVE-2022-29294
+ RESERVED
+CVE-2022-29293
+ RESERVED
+CVE-2022-29292
+ RESERVED
+CVE-2022-29291
+ RESERVED
+CVE-2022-29290
+ RESERVED
+CVE-2022-29289
+ RESERVED
+CVE-2022-29288
+ RESERVED
+CVE-2022-29287 (Kentico CMS before 13.0.66 has an Insecure Direct Object Reference vul ...)
+ TODO: check
+CVE-2022-29286
+ RESERVED
+CVE-2022-29285
+ RESERVED
+CVE-2022-29284
+ RESERVED
+CVE-2022-29283
+ RESERVED
+CVE-2022-29282
+ RESERVED
+CVE-2022-29281 (Notable before 1.9.0-beta.8 doesn't effectively prevent the opening of ...)
+ TODO: check
CVE-2022-29280
RESERVED
CVE-2022-29279
@@ -60,8 +304,8 @@ CVE-2022-1367
RESERVED
CVE-2022-1366
RESERVED
-CVE-2022-1365
- RESERVED
+CVE-2022-1365 (Exposure of Private Personal Information to an Unauthorized Actor in G ...)
+ TODO: check
CVE-2022-29265
RESERVED
CVE-2022-1364
@@ -561,8 +805,8 @@ CVE-2022-29074
RESERVED
CVE-2022-29073
RESERVED
-CVE-2022-29072
- RESERVED
+CVE-2022-29072 (7-Zip through 21.07 on Windows allows privilege escalation and command ...)
+ TODO: check
CVE-2022-29071
RESERVED
CVE-2022-29070
@@ -768,8 +1012,8 @@ CVE-2022-29022
RESERVED
CVE-2022-29021
RESERVED
-CVE-2022-29020
- RESERVED
+CVE-2022-29020 (ForestBlog through 2022-02-16 allows admin/profile/save userAvatar XSS ...)
+ TODO: check
CVE-2022-29019
RESERVED
CVE-2022-29018
@@ -5004,20 +5248,20 @@ CVE-2022-27429
RESERVED
CVE-2022-27428
RESERVED
-CVE-2022-27427
- RESERVED
-CVE-2022-27426
- RESERVED
-CVE-2022-27425
- RESERVED
+CVE-2022-27427 (A zero-code remote code injection vulnerability via configuration.php ...)
+ TODO: check
+CVE-2022-27426 (A Server-Side Request Forgery (SSRF) in Chamilo LMS v1.11.13 allows at ...)
+ TODO: check
+CVE-2022-27425 (Chamilo LMS v1.11.13 was discovered to contain a cross-site scripting ...)
+ TODO: check
CVE-2022-27424
RESERVED
-CVE-2022-27423
- RESERVED
-CVE-2022-27422
- RESERVED
-CVE-2022-27421
- RESERVED
+CVE-2022-27423 (Chamilo LMS v1.11.13 was discovered to contain a SQL injection vulnera ...)
+ TODO: check
+CVE-2022-27422 (A reflected cross-site scripting (XSS) vulnerability in Chamilo LMS v1 ...)
+ TODO: check
+CVE-2022-27421 (Chamilo LMS v1.11.13 lacks validation on the user modification form, a ...)
+ TODO: check
CVE-2022-27420
RESERVED
CVE-2022-27419 (rtl_433 21.12 was discovered to contain a stack overflow in the functi ...)
@@ -9235,8 +9479,8 @@ CVE-2022-24373
RESERVED
CVE-2022-24298
RESERVED
-CVE-2022-24279
- RESERVED
+CVE-2022-24279 (The package madlib-object-utils before 0.1.8 are vulnerable to Prototy ...)
+ TODO: check
CVE-2022-24278
RESERVED
CVE-2022-24068
@@ -12319,7 +12563,7 @@ CVE-2022-24769 (Moby is an open-source project created by Docker to enable and a
NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-c9cp-9c75-9v8c
CVE-2022-24768 (Argo CD is a declarative, GitOps continuous delivery tool for Kubernet ...)
NOT-FOR-US: Argo CD
-CVE-2022-24767 (GitHub: Git for Windows' uninstaller vulnerable to DLL hijacking when ...)
+CVE-2022-24767 (Git for Windows is a fork of Git containing Windows-specific patches. ...)
NOT-FOR-US: Git-for-Windows (Git fork containing Windows-specific patches)
CVE-2022-24766 (mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mi ...)
- mitmproxy <unfixed> (bug #1008948)
@@ -33976,7 +34220,7 @@ CVE-2021-42699 (The affected product is vulnerable to cookie information being t
NOT-FOR-US: AzeoTech
CVE-2021-42698 (Project files are stored memory objects in the form of binary serializ ...)
NOT-FOR-US: AzeoTech
-CVE-2021-42697 (Akka HTTP 10.1.x and 10.2.x before 10.2.7 can encounter stack exhausti ...)
+CVE-2021-42697 (Akka HTTP 10.1.x before 10.1.15 and 10.2.x before 10.2.7 can encounter ...)
NOT-FOR-US: Akka HTTP
CVE-2021-42696
RESERVED
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8464c668bdf562a38586e33d3db20bace75e006b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8464c668bdf562a38586e33d3db20bace75e006b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220416/2183d71e/attachment.htm>
More information about the debian-security-tracker-commits
mailing list