[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Dec 6 20:10:39 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
02db06f0 by security tracker role at 2022-12-06T20:10:27+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,57 @@
+CVE-2022-46674
+ RESERVED
+CVE-2022-46673
+ RESERVED
+CVE-2022-46672
+ RESERVED
+CVE-2022-46671
+ RESERVED
+CVE-2022-46670
+ RESERVED
+CVE-2022-46669
+ RESERVED
+CVE-2022-46668
+ RESERVED
+CVE-2022-46667
+ RESERVED
+CVE-2022-46666
+ RESERVED
+CVE-2022-46665
+ RESERVED
+CVE-2022-46664
+ RESERVED
+CVE-2022-46662
+ RESERVED
+CVE-2022-4310
+ RESERVED
+CVE-2022-4309
+ RESERVED
+CVE-2022-4308
+ RESERVED
+CVE-2022-4307
+ RESERVED
+CVE-2022-4306
+ RESERVED
+CVE-2022-4305
+ RESERVED
+CVE-2022-4304
+ RESERVED
+CVE-2022-4303
+ RESERVED
+CVE-2022-4302
+ RESERVED
+CVE-2022-4301
+ RESERVED
+CVE-2022-4300 (A vulnerability was found in FastCMS. It has been rated as critical. T ...)
+ TODO: check
+CVE-2022-4299
+ RESERVED
+CVE-2022-4298
+ RESERVED
+CVE-2022-4297
+ RESERVED
+CVE-2022-4296 (A vulnerability classified as problematic has been found in TP-Link TL ...)
+ TODO: check
CVE-2022-46663
RESERVED
CVE-2022-46651
@@ -594,10 +648,10 @@ CVE-2022-46385
RESERVED
CVE-2022-46384
RESERVED
-CVE-2022-46383
- RESERVED
-CVE-2022-46382
- RESERVED
+CVE-2022-46383 (RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through 4. ...)
+ TODO: check
+CVE-2022-46382 (RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through 4. ...)
+ TODO: check
CVE-2022-46381
RESERVED
CVE-2022-4280 (A vulnerability, which was classified as problematic, has been found i ...)
@@ -1524,8 +1578,8 @@ CVE-2022-46163
RESERVED
CVE-2022-46162 (discourse-bbcode is the official BBCode plugin for Discourse. Prior to ...)
NOT-FOR-US: BBCode plugin for Discourse
-CVE-2022-46161
- RESERVED
+CVE-2022-46161 (pdfmake is an open source client/server side PDF printing in pure Java ...)
+ TODO: check
CVE-2022-46160
RESERVED
CVE-2022-46159 (Discourse is an open-source discussion platform. In version 2.8.13 and ...)
@@ -1538,8 +1592,8 @@ CVE-2022-46156 (The Synthetic Monitoring Agent for Grafana's Synthetic Monitorin
NOT-FOR-US: Grafana Synthetic Monitoring
CVE-2022-46155 (Airtable.js is the JavaScript client for Airtable. Prior to version 0. ...)
NOT-FOR-US: Airtable.js
-CVE-2022-46154
- RESERVED
+CVE-2022-46154 (Kodexplorer is a chinese language web based file manager and browser b ...)
+ TODO: check
CVE-2022-46153
RESERVED
CVE-2022-46152 (OP-TEE Trusted OS is the secure side implementation of OP-TEE project, ...)
@@ -1637,8 +1691,8 @@ CVE-2022-4149
RESERVED
CVE-2022-4148
RESERVED
-CVE-2022-4147
- RESERVED
+CVE-2022-4147 (Quarkus CORS filter allows simple GET and POST requests with invalid O ...)
+ TODO: check
CVE-2022-46139
RESERVED
CVE-2022-46138
@@ -2971,8 +3025,8 @@ CVE-2022-45550
RESERVED
CVE-2022-45549
RESERVED
-CVE-2022-45548
- RESERVED
+CVE-2022-45548 (AyaCMS v3.1.2 has an Arbitrary File Upload vulnerability. ...)
+ TODO: check
CVE-2022-45547
RESERVED
CVE-2022-45546
@@ -3977,8 +4031,8 @@ CVE-2022-45328 (Church Management System v1.0 was discovered to contain a SQL in
NOT-FOR-US: Church Management System
CVE-2022-45327
RESERVED
-CVE-2022-45326
- RESERVED
+CVE-2022-45326 (An XML external entity (XXE) injection vulnerability in Kwoksys Kwok I ...)
+ TODO: check
CVE-2022-45325
RESERVED
CVE-2022-45324
@@ -4716,6 +4770,7 @@ CVE-2022-45063 (xterm before 375 allows code execution via font ops, e.g., becau
NOTE: Debian sets defaults for allowWindowOps and allowFontOps resources to false since
NOTE: 238-1, mitigating the issue.
CVE-2022-45062 (In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there i ...)
+ {DSA-5296-1}
- xfce4-settings 4.16.4-1 (bug #1023732)
[buster] - xfce4-settings <not-affected> (The vulnerable code was introduced later)
NOTE: https://gitlab.xfce.org/xfce/xfce4-settings/-/issues/390
@@ -7810,8 +7865,8 @@ CVE-2022-44291 (webTareas 2.4p5 was discovered to contain a SQL injection vulner
NOT-FOR-US: webtareas
CVE-2022-44290 (webTareas 2.4p5 was discovered to contain a SQL injection vulnerabilit ...)
NOT-FOR-US: webtareas
-CVE-2022-44289
- RESERVED
+CVE-2022-44289 (Thinkphp 5.1.41 and 5.0.24 has a code logic error which causes file up ...)
+ TODO: check
CVE-2022-44288
RESERVED
CVE-2022-44287
@@ -10504,8 +10559,8 @@ CVE-2022-43869
RESERVED
CVE-2022-43868
RESERVED
-CVE-2022-43867
- RESERVED
+CVE-2022-43867 (IBM Spectrum Scale 5.1.0.1 through 5.1.4.1 could allow a local attacke ...)
+ TODO: check
CVE-2022-43866
RESERVED
CVE-2022-43865
@@ -11951,8 +12006,8 @@ CVE-2022-43371
RESERVED
CVE-2022-43370
RESERVED
-CVE-2022-43369
- RESERVED
+CVE-2022-43369 (AutoTaxi Stand Management System v1.0 was discovered to contain a cros ...)
+ TODO: check
CVE-2022-43368
RESERVED
CVE-2022-43367 (IP-COM EW9 V15.11.0.14(9732) was discovered to contain a command injec ...)
@@ -11963,8 +12018,8 @@ CVE-2022-43365 (IP-COM EW9 V15.11.0.14(9732) was discovered to contain a buffer
NOT-FOR-US: IP-COM EW9
CVE-2022-43364 (An access control issue in the password reset page of IP-COM EW9 V15.1 ...)
NOT-FOR-US: IP-COM EW9
-CVE-2022-43363
- RESERVED
+CVE-2022-43363 (** DISPUTED ** Telegram Web 15.3.1 allows XSS via a certain payload de ...)
+ TODO: check
CVE-2022-43362 (Senayan Library Management System v9.4.2 was discovered to contain a S ...)
NOT-FOR-US: Senayan Library Management System
CVE-2022-43361 (Senayan Library Management System v9.4.2 was discovered to contain a c ...)
@@ -16618,8 +16673,8 @@ CVE-2022-40218
RESERVED
CVE-2022-40216 (Auth. (subscriber+) Messaging Block Bypass vulnerability in Better Mes ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-40209
- RESERVED
+CVE-2022-40209 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Xylus Th ...)
+ TODO: check
CVE-2022-40203
RESERVED
CVE-2022-40192 (Cross-Site Request Forgery (CSRF) vulnerability in wpForo Forum plugin ...)
@@ -16717,10 +16772,10 @@ CVE-2022-41562
RESERVED
CVE-2022-41561
RESERVED
-CVE-2022-41560
- RESERVED
-CVE-2022-41559
- RESERVED
+CVE-2022-41560 (The Statement Set Upload via the Web Client component of TIBCO Softwar ...)
+ TODO: check
+CVE-2022-41559 (The Web Client component of TIBCO Software Inc.'s TIBCO Nimbus contain ...)
+ TODO: check
CVE-2022-41558 (The Visualizations component of TIBCO Software Inc.'s TIBCO Spotfire A ...)
NOT-FOR-US: TIBCO
CVE-2022-41342
@@ -17374,8 +17429,7 @@ CVE-2022-3282 (The Drag and Drop Multiple File Upload WordPress plugin before 1.
NOT-FOR-US: WordPress plugin
CVE-2022-41326 (The web conferencing component of Mitel MiCollab through 9.6.0.13 coul ...)
NOT-FOR-US: Mitel
-CVE-2022-41325
- RESERVED
+CVE-2022-41325 (An integer overflow in the VNC module in VideoLAN VLC Media Player thr ...)
{DLA-3216-1}
- vlc 3.0.18-1
NOTE: https://www.videolan.org/security/sb-vlc3018.html
@@ -18880,8 +18934,8 @@ CVE-2022-40682
RESERVED
CVE-2022-40681
RESERVED
-CVE-2022-40680
- RESERVED
+CVE-2022-40680 (A improper neutralization of input during web page generation ('cross- ...)
+ TODO: check
CVE-2022-40679
RESERVED
CVE-2022-40678
@@ -25131,8 +25185,8 @@ CVE-2022-38381 (An improper handling of malformed request vulnerability [CWE-228
NOT-FOR-US: FortiGuard
CVE-2022-38380 (An improper access control [CWE-284] vulnerability in FortiOS version ...)
NOT-FOR-US: FortiGuard
-CVE-2022-38379
- RESERVED
+CVE-2022-38379 (Improper neutralization of input during web page generation [CWE-79] i ...)
+ TODO: check
CVE-2022-38378
RESERVED
CVE-2022-38377 (An improper access control vulnerability [CWE-284] in FortiManager 7.2 ...)
@@ -25879,8 +25933,8 @@ CVE-2022-38125
RESERVED
CVE-2022-38124
RESERVED
-CVE-2022-38123
- RESERVED
+CVE-2022-38123 (Improper Input Validation of plugin files in Administrator Interface o ...)
+ TODO: check
CVE-2022-38122 (UPSMON PRO transmits sensitive data in cleartext over HTTP protocol. A ...)
NOT-FOR-US: UPSMON PRO
CVE-2022-38121 (UPSMON PRO configuration file stores user password in plaintext under ...)
@@ -31833,8 +31887,8 @@ CVE-2022-35845
RESERVED
CVE-2022-35844 (An improper neutralization of special elements used in an OS command v ...)
NOT-FOR-US: FortiGuard
-CVE-2022-35843
- RESERVED
+CVE-2022-35843 (An authentication bypass by assumed-immutable data vulnerability [CWE- ...)
+ TODO: check
CVE-2022-35842 (An exposure of sensitive information to an unauthorized actor vulnerab ...)
NOT-FOR-US: FortiGuard
CVE-2022-35841 (Windows Enterprise App Management Service Remote Code Execution Vulner ...)
@@ -36109,8 +36163,8 @@ CVE-2022-2191 (In Eclipse Jetty versions 10.0.0 thru 10.0.9, and 11.0.0 thru 11.
NOTE: https://github.com/eclipse/jetty.project/security/advisories/GHSA-8mpp-f3f7-xc28
CVE-2022-34362
RESERVED
-CVE-2022-34361
- RESERVED
+CVE-2022-34361 (IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographi ...)
+ TODO: check
CVE-2022-34360
RESERVED
CVE-2022-34359
@@ -37582,10 +37636,10 @@ CVE-2022-33878 (An exposure of sensitive information to an unauthorized actor vu
NOT-FOR-US: FortiGuard
CVE-2022-33877
RESERVED
-CVE-2022-33876
- RESERVED
-CVE-2022-33875
- RESERVED
+CVE-2022-33876 (Multiple instances of improper input validation vulnerability in Forti ...)
+ TODO: check
+CVE-2022-33875 (An improper neutralization of special elements used in an SQL Command ...)
+ TODO: check
CVE-2022-33874 (An improper neutralization of special elements used in an OS Command ( ...)
NOT-FOR-US: Fortiguard
CVE-2022-33873 (An improper neutralization of special elements used in an OS Command ( ...)
@@ -41659,6 +41713,7 @@ CVE-2022-32210 (`Undici.ProxyAgent` never verifies the remote server's certifica
- node-undici 5.6.1+dfsg1+~cs18.9.16-1
NOTE: https://github.com/advisories/GHSA-pgw7-wx7w-2w33
CVE-2022-32209 (# Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possi ...)
+ {DLA-3227-1}
- ruby-rails-html-sanitizer 1.4.3-0.1 (bug #1013806)
NOTE: https://hackerone.com/reports/1530898
NOTE: https://discuss.rubyonrails.org/t/cve-2022-32209-possible-xss-vulnerability-in-rails-sanitizer/80800
@@ -47415,8 +47470,8 @@ CVE-2022-30307 (A key management error vulnerability [CWE-320] affecting the RSA
NOT-FOR-US: FortiGuard
CVE-2022-30306
RESERVED
-CVE-2022-30305
- RESERVED
+CVE-2022-30305 (An insufficient logging [CWE-778] vulnerability in FortiSandbox versio ...)
+ TODO: check
CVE-2022-30304
RESERVED
CVE-2022-30303
@@ -68311,20 +68366,20 @@ CVE-2022-23474
RESERVED
CVE-2022-23473
RESERVED
-CVE-2022-23472
- RESERVED
+CVE-2022-23472 (Passeo is an open source python password generator. Versions prior to ...)
+ TODO: check
CVE-2022-23471
RESERVED
-CVE-2022-23470
- RESERVED
+CVE-2022-23470 (Galaxy is an open-source platform for data analysis. An arbitrary file ...)
+ TODO: check
CVE-2022-23469
RESERVED
CVE-2022-23468
RESERVED
CVE-2022-23467 (OpenRazer is an open source driver and user-space daemon to control Ra ...)
TODO: check
-CVE-2022-23466
- RESERVED
+CVE-2022-23466 (teler is an real-time intrusion detection and threat alert dashboard. ...)
+ TODO: check
CVE-2022-23465 (SwiftTerm is a Xterm/VT100 Terminal emulator. Prior to commit a94e6b24 ...)
TODO: check
CVE-2022-23464 (Nepxion Discovery is a solution for Spring Cloud. Discovery is vulnera ...)
@@ -80464,6 +80519,7 @@ CVE-2022-21706 (Zulip is an open-source team collaboration tool with topic-based
CVE-2022-21705 (Octobercms is a self-hosted CMS platform based on the Laravel PHP Fram ...)
NOT-FOR-US: October CMS
CVE-2022-21704 (log4js-node is a port of log4js to node.js. In affected versions defau ...)
+ {DLA-3229-1}
- node-log4js 6.4.1+~cs8.3.5-1
[bullseye] - node-log4js 6.3.0+~cs8.3.10-1+deb11u1
[stretch] - node-log4js <end-of-life> (Nodejs in stretch not covered by security support)
@@ -84786,6 +84842,7 @@ CVE-2021-43176 (The GOautodial API prior to commit 3c3a979 made on October 13th,
CVE-2021-43175 (The GOautodial API prior to commit 3c3a979 made on October 13th, 2021 ...)
NOT-FOR-US: GOautodial API
CVE-2021-3918 (json-schema is vulnerable to Improperly Controlled Modification of Obj ...)
+ {DLA-3228-1}
- node-json-schema 0.4.0+~7.0.9-1 (bug #999765)
[bullseye] - node-json-schema 0.3.0+~7.0.6-1+deb11u1
NOTE: https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741 (v0.4.0)
@@ -142108,47 +142165,47 @@ CVE-2020-35638
CVE-2020-35637
RESERVED
CVE-2020-35636 (A code execution vulnerability exists in the Nef polygon-parsing funct ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-35635 (A code execution vulnerability exists in the Nef polygon-parsing funct ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-35634 (A code execution vulnerability exists in the Nef polygon-parsing funct ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-35633 (A code execution vulnerability exists in the Nef polygon-parsing funct ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-35632 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-35631 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-35630 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-35629 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-35628 (A code execution vulnerability exists in the Nef polygon-parsing funct ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
@@ -152580,183 +152637,183 @@ CVE-2020-28638 (ask_password in Tomb 2.0 through 2.7 returns a warning when pine
CVE-2020-28637
RESERVED
CVE-2020-28636 (A code execution vulnerability exists in the Nef polygon-parsing funct ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28635 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28634 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28633 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28632 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28631 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28630 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28629 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28628 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28627 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28626 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28625 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28624 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28623 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28622 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28621 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28620 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28619 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28618 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28617 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28616 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28615 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28614 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28613 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28612 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28611 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28610 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28609 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: The code snippet in the TALOS report marks the wrong line. The description hints 4 lines earlier.
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28608 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28607 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28606 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28605 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28604 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28603 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28602 (Multiple code execution vulnerabilities exists in the Nef polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28601 (A code execution vulnerability exists in the Nef polygon-parsing funct ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
@@ -209844,8 +209901,8 @@ CVE-2020-6629 (Ming (aka libming) 0.4.8 has z NULL pointer dereference in the fu
CVE-2020-6628 (Ming (aka libming) 0.4.8 has a heap-based buffer over-read in the func ...)
- ming <removed>
NOTE: https://github.com/libming/libming/issues/191
-CVE-2020-6627
- RESERVED
+CVE-2020-6627 (The web-management application on Seagate Central NAS STCG2000300, STC ...)
+ TODO: check
CVE-2020-6626
RESERVED
CVE-2020-6625 (jhead through 3.04 has a heap-based buffer over-read in Get32s when ca ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02db06f04ef67b98fcd6c75377e4f45fdba8a5e8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02db06f04ef67b98fcd6c75377e4f45fdba8a5e8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221206/f175d7e9/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list