[Git][security-tracker-team/security-tracker][master] automatic update

Fri Dec 9 08:10:26 GMT 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6a75e6c3 by security tracker role at 2022-12-09T08:10:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2022-46835
+	RESERVED
+CVE-2022-46834
+	RESERVED
+CVE-2022-46833
+	RESERVED
+CVE-2022-46832
+	RESERVED
+CVE-2022-4375
+	RESERVED
+CVE-2022-4374
+	RESERVED
+CVE-2022-4373
+	RESERVED
+CVE-2022-4372
+	RESERVED
+CVE-2022-4371
+	RESERVED
+CVE-2022-4370
+	RESERVED
+CVE-2022-4369
+	RESERVED
+CVE-2022-4368
+	RESERVED
+CVE-2022-4367
+	RESERVED
+CVE-2022-43501
+	RESERVED
+CVE-2022-43460
+	RESERVED
 CVE-2022-46831 (In JetBrains TeamCity between 2022.10 and 2022.10.1 connecting to AWS  ...)
 	NOT-FOR-US: JetBrains TeamCity
 CVE-2022-46830 (In JetBrains TeamCity between 2022.10 and 2022.10.1 a custom STS endpo ...)
@@ -2123,8 +2153,8 @@ CVE-2022-46160
 	RESERVED
 CVE-2022-46159 (Discourse is an open-source discussion platform. In version 2.8.13 and ...)
 	NOT-FOR-US: Discourse
-CVE-2022-46158
-	RESERVED
+CVE-2022-46158 (PrestaShop is an open-source e-commerce solution. Versions prior to 1. ...)
+	TODO: check
 CVE-2022-46157
 	RESERVED
 CVE-2022-46156 (The Synthetic Monitoring Agent for Grafana's Synthetic Monitoring appl ...)
@@ -2133,8 +2163,8 @@ CVE-2022-46155 (Airtable.js is the JavaScript client for Airtable. Prior to vers
 	NOT-FOR-US: Airtable.js
 CVE-2022-46154 (Kodexplorer is a chinese language web based file manager and browser b ...)
 	NOT-FOR-US: Kodexplorer
-CVE-2022-46153
-	RESERVED
+CVE-2022-46153 (Traefik is an open source HTTP reverse proxy and load balancer. In aff ...)
+	TODO: check
 CVE-2022-46152 (OP-TEE Trusted OS is the secure side implementation of OP-TEE project, ...)
 	NOT-FOR-US: OP-TEE
 CVE-2022-46151 (Querybook is an open source data querying UI. In affected versions use ...)
@@ -5676,8 +5706,8 @@ CVE-2022-44940
 	RESERVED
 CVE-2022-44939
 	RESERVED
-CVE-2022-44938
-	RESERVED
+CVE-2022-44938 (Weak reset token generation in SeedDMS v6.0.20 and v5.1.7 allows attac ...)
+	TODO: check
 CVE-2022-44937 (Bosscms v2.0.0 was discovered to contain a Cross-Site Request Forgery  ...)
 	NOT-FOR-US: BossCMS
 CVE-2022-44936
@@ -16316,12 +16346,12 @@ CVE-2022-41951
 	RESERVED
 CVE-2022-41950 (super-xray is the GUI alternative for vulnerability scanning tool xray ...)
 	NOT-FOR-US: super-xray
-CVE-2022-41949
-	RESERVED
-CVE-2022-41948
-	RESERVED
-CVE-2022-41947
-	RESERVED
+CVE-2022-41949 (DHIS 2 is an open source information system for data capture, manageme ...)
+	TODO: check
+CVE-2022-41948 (DHIS 2 is an open source information system for data capture, manageme ...)
+	TODO: check
+CVE-2022-41947 (DHIS 2 is an open source information system for data capture, manageme ...)
+	TODO: check
 CVE-2022-41946 (pgjdbc is an open source postgresql JDBC Driver. In affected versions  ...)
 	{DLA-3218-1}
 	- libpgjava 42.5.1-1
@@ -24379,8 +24409,8 @@ CVE-2022-38767 (An issue was discovered in Wind River VxWorks 6.9 and 7, that al
 	NOT-FOR-US: Wind River VxWorks
 CVE-2022-38766
 	RESERVED
-CVE-2022-38765
-	RESERVED
+CVE-2022-38765 (Canon Medical Informatics Vitrea Vision 7.7.76.1 does not adequately e ...)
+	TODO: check
 CVE-2022-38764 (A vulnerability on Trend Micro HouseCall version 1.62.1.1133 and below ...)
 	NOT-FOR-US: Trend Micro
 CVE-2022-38763
@@ -39699,10 +39729,10 @@ CVE-2022-2073 (Code Injection in GitHub repository getgrav/grav prior to 1.7.34.
 	NOT-FOR-US: Grav CMS
 CVE-2021-46821
 	RESERVED
-CVE-2022-33187
-	RESERVED
-CVE-2022-33186
-	RESERVED
+CVE-2022-33187 (Brocade SANnav before v2.2.1 logs usernames and encoded passwords in d ...)
+	TODO: check
+CVE-2022-33186 (A vulnerability in Brocade Fabric OS software v9.1.1, v9.0.1e, v8.2.3c ...)
+	TODO: check
 CVE-2022-33185 (Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1 ...)
 	NOT-FOR-US: Brocade
 CVE-2022-33184 (A vulnerability in fab_seg.c.h libraries of all Brocade Fabric OS vers ...)
@@ -68888,12 +68918,12 @@ CVE-2022-23498
 	RESERVED
 CVE-2022-23497
 	RESERVED
-CVE-2022-23496
-	RESERVED
-CVE-2022-23495
-	RESERVED
-CVE-2022-23494
-	RESERVED
+CVE-2022-23496 (Yet Another UserAgent Analyzer (Yauaa) is a java library that tries to ...)
+	TODO: check
+CVE-2022-23495 (go-merkledag implements the 'DAGService' interface and adds two ipld n ...)
+	TODO: check
+CVE-2022-23494 (tinymce is an open source rich text editor. A cross-site scripting (XS ...)
+	TODO: check
 CVE-2022-23493
 	RESERVED
 CVE-2022-23492 (go-libp2p is the offical libp2p implementation in the Go programming l ...)
@@ -68944,8 +68974,8 @@ CVE-2022-23471 (containerd is an open source container runtime. A bug was found
 	NOTE: https://github.com/containerd/containerd/commit/a05d175400b1145e5e6a735a6710579d181e7fb0
 CVE-2022-23470 (Galaxy is an open-source platform for data analysis. An arbitrary file ...)
 	TODO: check
-CVE-2022-23469
-	RESERVED
+CVE-2022-23469 (Traefik is an open source HTTP reverse proxy and load balancer. Versio ...)
+	TODO: check
 CVE-2022-23468
 	RESERVED
 CVE-2022-23467 (OpenRazer is an open source driver and user-space daemon to control Ra ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a75e6c314357f2f951835bb3c719358ca2bea38

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a75e6c314357f2f951835bb3c719358ca2bea38
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221209/a90a8cda/attachment.htm>
