[Git][security-tracker-team/security-tracker][master] Add CVE-2022-25168/hadoop
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Aug 4 21:54:45 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b120d927 by Salvatore Bonaccorso at 2022-08-04T22:54:02+02:00
Add CVE-2022-25168/hadoop
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -33613,7 +33613,7 @@ CVE-2022-25169 (The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.
[buster] - tika <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2022/05/16/4
CVE-2022-25168 (Apache Hadoop's FileUtil.unTar(File, File) API does not escape the inp ...)
- TODO: check
+ - hadoop <itp> (bug #793644)
CVE-2022-25167 (Apache Flume versions 1.4.0 through 1.9.0 are vulnerable to a remote c ...)
NOT-FOR-US: Apache Flume
CVE-2022-24435 (Cross-site scripting vulnerability in phpUploader v1.2 and earlier all ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b120d927d16d4eb8491f550b8e4f106adc6be789
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b120d927d16d4eb8491f550b8e4f106adc6be789
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220804/25e42afa/attachment.htm>
More information about the debian-security-tracker-commits
mailing list