[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Feb 17 08:10:25 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0803596f by security tracker role at 2022-02-17T08:10:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,103 @@
+CVE-2022-25299
+ RESERVED
+CVE-2022-25298
+ RESERVED
+CVE-2022-25297
+ RESERVED
+CVE-2022-25296
+ RESERVED
+CVE-2022-25295
+ RESERVED
+CVE-2022-25294
+ RESERVED
+CVE-2022-25293
+ RESERVED
+CVE-2022-25292
+ RESERVED
+CVE-2022-25291
+ RESERVED
+CVE-2022-25290
+ RESERVED
+CVE-2022-25289
+ RESERVED
+CVE-2022-25288
+ RESERVED
+CVE-2022-25287
+ RESERVED
+CVE-2022-25286
+ RESERVED
+CVE-2022-25285
+ RESERVED
+CVE-2022-25284
+ RESERVED
+CVE-2022-25283
+ RESERVED
+CVE-2022-25282
+ RESERVED
+CVE-2022-25281
+ RESERVED
+CVE-2022-25280
+ RESERVED
+CVE-2022-25279
+ RESERVED
+CVE-2022-25278
+ RESERVED
+CVE-2022-25277
+ RESERVED
+CVE-2022-25276
+ RESERVED
+CVE-2022-25275
+ RESERVED
+CVE-2022-25274
+ RESERVED
+CVE-2022-25273
+ RESERVED
+CVE-2022-25272
+ RESERVED
+CVE-2022-25271 (Drupal core's form API has a vulnerability where certain contributed o ...)
+ TODO: check
+CVE-2022-25270 (The Quick Edit module does not properly check entity access in some ci ...)
+ TODO: check
+CVE-2022-25269
+ RESERVED
+CVE-2022-25268
+ RESERVED
+CVE-2022-25267
+ RESERVED
+CVE-2022-25266
+ RESERVED
+CVE-2022-25265 (In the Linux kernel through 5.16.10, certain binary files may have the ...)
+ TODO: check
+CVE-2022-25264
+ RESERVED
+CVE-2022-25263
+ RESERVED
+CVE-2022-25262
+ RESERVED
+CVE-2022-25261
+ RESERVED
+CVE-2022-25260
+ RESERVED
+CVE-2022-25259
+ RESERVED
+CVE-2022-25258 (An issue was discovered in the Linux kernel before 5.16.10. The USB Ga ...)
+ TODO: check
+CVE-2022-0655
+ RESERVED
+CVE-2022-0654
+ RESERVED
+CVE-2022-0653
+ RESERVED
+CVE-2022-0652
+ RESERVED
+CVE-2022-0651
+ RESERVED
+CVE-2022-0650
+ RESERVED
+CVE-2022-0649
+ RESERVED
+CVE-2021-46699
+ RESERVED
CVE-2022-25257
RESERVED
CVE-2022-25256
@@ -157,10 +257,10 @@ CVE-2022-22985
RESERVED
CVE-2022-21146
RESERVED
-CVE-2022-0623
- RESERVED
-CVE-2022-0622
- RESERVED
+CVE-2022-0623 (Out-of-bounds Read in Homebrew mruby prior to 3.2. ...)
+ TODO: check
+CVE-2022-0622 (Generation of Error Message Containing Sensitive Information in Packag ...)
+ TODO: check
CVE-2022-0621
RESERVED
CVE-2022-0620
@@ -739,16 +839,16 @@ CVE-2022-24987
RESERVED
CVE-2022-24986
RESERVED
-CVE-2022-24985
- RESERVED
-CVE-2022-24984
- RESERVED
-CVE-2022-24983
- RESERVED
-CVE-2022-24982
- RESERVED
-CVE-2022-24981
- RESERVED
+CVE-2022-24985 (Forms generated by JQueryForm.com before 2022-02-05 allows a remote au ...)
+ TODO: check
+CVE-2022-24984 (Forms generated by JQueryForm.com before 2022-02-05 (if file-upload ca ...)
+ TODO: check
+CVE-2022-24983 (Forms generated by JQueryForm.com before 2022-02-05 allow remote attac ...)
+ TODO: check
+CVE-2022-24982 (Forms generated by JQueryForm.com before 2022-02-05 allows a remote au ...)
+ TODO: check
+CVE-2022-24981 (A reflected cross-site scripting (XSS) vulnerability in forms generate ...)
+ TODO: check
CVE-2022-0586 (Infinite loop in RTMPT protocol dissector in Wireshark 3.6.0 to 3.6.1 ...)
- wireshark <unfixed>
[bullseye] - wireshark <no-dsa> (Minor issue)
@@ -899,8 +999,8 @@ CVE-2022-24955 (Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.
NOT-FOR-US: Foxit
CVE-2022-24954 (Foxit PDF Reader before 11.2.1 and Foxit PDF Editor before 11.2.1 have ...)
NOT-FOR-US: Foxit
-CVE-2022-24953
- RESERVED
+CVE-2022-24953 (The Crypt_GPG extension before 1.6.7 for PHP does not prevent addition ...)
+ TODO: check
CVE-2022-24952
RESERVED
CVE-2022-24951
@@ -5118,8 +5218,8 @@ CVE-2022-23638 (svg-sanitizer is a SVG/XML sanitizer written in PHP. A cross-sit
TODO: check
CVE-2022-23637 (K-Box is a web-based application to manage documents, images, videos a ...)
NOT-FOR-US: K-Box
-CVE-2022-23636
- RESERVED
+CVE-2022-23636 (Wasmtime is an open source runtime for WebAssembly & WASI. Prior t ...)
+ TODO: check
CVE-2022-23635
RESERVED
CVE-2022-23634 (Puma is a Ruby/Rack web server built for parallelism. Prior to `puma` ...)
@@ -7457,8 +7557,8 @@ CVE-2022-22903
RESERVED
CVE-2022-22902
RESERVED
-CVE-2022-22901
- RESERVED
+CVE-2022-22901 (There is an Assertion in 'context_p->next_scanner_info_p->type = ...)
+ TODO: check
CVE-2022-22900
RESERVED
CVE-2022-22899
@@ -7517,18 +7617,18 @@ CVE-2022-22887
RESERVED
CVE-2022-22886
RESERVED
-CVE-2022-22885
- RESERVED
+CVE-2022-22885 (Hutool v5.7.18's HttpRequest was discovered to ignore all TLS/SSL cert ...)
+ TODO: check
CVE-2022-22884
RESERVED
CVE-2022-22883
RESERVED
CVE-2022-22882
RESERVED
-CVE-2022-22881
- RESERVED
-CVE-2022-22880
- RESERVED
+CVE-2022-22881 (Jeecg-boot v3.0 was discovered to contain a SQL injection vulnerabilit ...)
+ TODO: check
+CVE-2022-22880 (Jeecg-boot v3.0 was discovered to contain a SQL injection vulnerabilit ...)
+ TODO: check
CVE-2022-22879
RESERVED
CVE-2022-22878
@@ -19795,16 +19895,16 @@ CVE-2021-43305
RESERVED
CVE-2021-43304
RESERVED
-CVE-2021-43303
- RESERVED
-CVE-2021-43302
- RESERVED
-CVE-2021-43301
- RESERVED
-CVE-2021-43300
- RESERVED
-CVE-2021-43299
- RESERVED
+CVE-2021-43303 (Buffer overflow in PJSUA API when calling pjsua_call_dump. An attacker ...)
+ TODO: check
+CVE-2021-43302 (Read out-of-bounds in PJSUA API when calling pjsua_recorder_create. An ...)
+ TODO: check
+CVE-2021-43301 (Stack overflow in PJSUA API when calling pjsua_playlist_create. An att ...)
+ TODO: check
+CVE-2021-43300 (Stack overflow in PJSUA API when calling pjsua_recorder_create. An att ...)
+ TODO: check
+CVE-2021-43299 (Stack overflow in PJSUA API when calling pjsua_player_create. An attac ...)
+ TODO: check
CVE-2021-43298 (The code that performs password matching when using 'Basic' HTTP authe ...)
NOT-FOR-US: GoAhead Web Server
CVE-2021-43297 (A deserialization vulnerability existed in dubbo hessian-lite 3.2.11 a ...)
@@ -65701,8 +65801,8 @@ CVE-2021-3244
RESERVED
CVE-2021-3243 (Wfilter ICF 5.0.117 contains a cross-site scripting (XSS) vulnerabilit ...)
NOT-FOR-US: Wfilter ICF
-CVE-2021-3242
- RESERVED
+CVE-2021-3242 (DuxCMS v3.1.3 was discovered to contain a SQL injection vulnerability ...)
+ TODO: check
CVE-2021-3241
RESERVED
CVE-2021-3240
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0803596fd6c23e4d726f29905564db285cc633d8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0803596fd6c23e4d726f29905564db285cc633d8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220217/2fc6b9e2/attachment.htm>
More information about the debian-security-tracker-commits
mailing list