[Git][security-tracker-team/security-tracker][master] Add four new zabbix CVEs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Jan 15 09:48:54 GMT 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7fc18347 by Salvatore Bonaccorso at 2022-01-15T10:48:27+01:00
Add four new zabbix CVEs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -495,13 +495,21 @@ CVE-2022-23136
 CVE-2022-23135
 	RESERVED
 CVE-2022-23134 (After the initial setup process, some steps of setup.php file are reac ...)
-	TODO: check
+	- zabbix <unfixed>
+	NOTE: https://support.zabbix.com/browse/ZBX-20384
+	NOTE: https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/aa0fecfbcc9794bc00206630a7424575dfc944df (5.0.19rc2)
 CVE-2022-23133 (An authenticated user can create a hosts group from the configuration  ...)
-	TODO: check
+	- zabbix <unfixed>
+	NOTE: https://support.zabbix.com/browse/ZBX-20388
+	NOTE: https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/74b8716a73c324e6cdbdda1de434e7872740a908 (5.0.19rc1)
 CVE-2022-23132 (During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability i ...)
-	TODO: check
+	- zabbix <unfixed>
+	NOTE: https://support.zabbix.com/browse/ZBX-20341
+	NOTE: https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/019fbd9b5cc9c455304f1a48460435ca474ba2ac (5.0.18)
 CVE-2022-23131 (In the case of instances where the SAML SSO authentication is enabled  ...)
-	TODO: check
+	- zabbix <undetermined>
+	NOTE: https://support.zabbix.com/browse/ZBX-20350
+	TODO: check, possibly only affecting 5.4.0 onwards
 CVE-2022-23130
 	RESERVED
 CVE-2022-23129



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7fc1834754e433567d66aae69b4bee95aef6cb17

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7fc1834754e433567d66aae69b4bee95aef6cb17
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220115/3d31fc0c/attachment.htm>

More information about the debian-security-tracker-commits mailing list