[Git][security-tracker-team/security-tracker][master] automatic update

Sun Dec 11 20:10:29 GMT 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
83053157 by security tracker role at 2022-12-11T20:10:18+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,29 @@
-CVE-2022-4401
+CVE-2022-4412
 	RESERVED
-CVE-2022-4400
+CVE-2022-4411
 	RESERVED
+CVE-2022-4410
+	RESERVED
+CVE-2022-4409 (Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub ...)
+	TODO: check
+CVE-2022-4408 (Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpm ...)
+	TODO: check
+CVE-2022-4407 (Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/p ...)
+	TODO: check
+CVE-2022-4406
+	RESERVED
+CVE-2022-4405
+	RESERVED
+CVE-2022-4404
+	RESERVED
+CVE-2022-4403 (A vulnerability classified as critical was found in SourceCodester Can ...)
+	TODO: check
+CVE-2022-4402 (A vulnerability classified as critical has been found in RainyGao DocS ...)
+	TODO: check
+CVE-2022-4401 (A vulnerability was found in pallidlight online-course-selection-syste ...)
+	TODO: check
+CVE-2022-4400 (A vulnerability was found in zbl1996 FS-Blog and classified as problem ...)
+	TODO: check
 CVE-2022-46907
 	RESERVED
 CVE-2022-4399 (A vulnerability was found in TicklishHoneyBee nodau. It has been rated ...)
@@ -47674,6 +47696,7 @@ CVE-2022-1651 (A memory leak flaw was found in the Linux kernel in acrn_dev_ioct
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/ecd1735f14d6ac868ae5d8b7a2bf193fa11f388b (5.18-rc1)
 CVE-2022-1650 (Exposure of Sensitive Information to an Unauthorized Actor in GitHub r ...)
+	{DLA-3235-1}
 	- node-eventsource 2.0.2+~1.1.8-1
 	[bullseye] - node-eventsource 1.0.7-1+deb11u1
 	[stretch] - node-eventsource <end-of-life> (not covered by security support)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83053157264d0169d04d08b142e274bcc1161fbd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83053157264d0169d04d08b142e274bcc1161fbd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221211/e0b259b7/attachment-0001.htm>
