[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jan 19 08:10:18 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
282212d8 by security tracker role at 2022-01-19T08:10:09+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,73 @@
+CVE-2022-23436
+ RESERVED
+CVE-2022-23435 (decoding.c in android-gif-drawable before 1.2.24 does not limit the ma ...)
+ TODO: check
+CVE-2022-23434
+ RESERVED
+CVE-2022-23433
+ RESERVED
+CVE-2022-23432
+ RESERVED
+CVE-2022-23431
+ RESERVED
+CVE-2022-23430
+ RESERVED
+CVE-2022-23429
+ RESERVED
+CVE-2022-23428
+ RESERVED
+CVE-2022-23427
+ RESERVED
+CVE-2022-23426
+ RESERVED
+CVE-2022-23425
+ RESERVED
+CVE-2022-23424
+ RESERVED
+CVE-2022-23423
+ RESERVED
+CVE-2022-23422
+ RESERVED
+CVE-2022-23421
+ RESERVED
+CVE-2022-23420
+ RESERVED
+CVE-2022-23419
+ RESERVED
+CVE-2022-23418
+ RESERVED
+CVE-2022-23417
+ RESERVED
+CVE-2022-23416
+ RESERVED
+CVE-2022-23415
+ RESERVED
+CVE-2022-23414
+ RESERVED
+CVE-2022-23413
+ RESERVED
+CVE-2022-23412
+ RESERVED
+CVE-2022-23411
+ RESERVED
+CVE-2022-23410
+ RESERVED
+CVE-2022-23409
+ RESERVED
+CVE-2022-23408 (wolfSSL 5.x before 5.1.1 uses non-random IV values in certain situatio ...)
+ TODO: check
+CVE-2022-23407
+ RESERVED
+CVE-2022-23406
+ RESERVED
+CVE-2022-23405
+ RESERVED
+CVE-2022-23404
+ RESERVED
+CVE-2022-0276
+ RESERVED
+CVE-2022-0275
+ RESERVED
CVE-2022-23398
RESERVED
CVE-2022-23397
@@ -392,8 +462,8 @@ CVE-2022-23309
RESERVED
CVE-2022-23308
RESERVED
-CVE-2022-0266
- RESERVED
+CVE-2022-0266 (Authorization Bypass Through User-Controlled Key in Packagist remdex/l ...)
+ TODO: check
CVE-2022-0265
RESERVED
CVE-2022-23307 (CVE-2020-9493 identified a deserialization issue that was present in A ...)
@@ -5637,88 +5707,63 @@ CVE-2022-22182
RESERVED
CVE-2022-22181
RESERVED
-CVE-2022-22180
- RESERVED
+CVE-2022-22180 (An Improper Check for Unusual or Exceptional Conditions vulnerability ...)
NOT-FOR-US: Juniper
-CVE-2022-22179
- RESERVED
+CVE-2022-22179 (A Improper Validation of Specified Index, Position, or Offset in Input ...)
NOT-FOR-US: Juniper
-CVE-2022-22178
- RESERVED
+CVE-2022-22178 (A Stack-based Buffer Overflow vulnerability in the flow processing dae ...)
NOT-FOR-US: Juniper
-CVE-2022-22177
- RESERVED
+CVE-2022-22177 (A release of illegal memory vulnerability in the snmpd daemon of Junip ...)
NOT-FOR-US: Juniper
-CVE-2022-22176
- RESERVED
+CVE-2022-22176 (An Improper Validation of Syntactic Correctness of Input vulnerability ...)
NOT-FOR-US: Juniper
-CVE-2022-22175
- RESERVED
+CVE-2022-22175 (An Improper Locking vulnerability in the SIP ALG of Juniper Networks J ...)
NOT-FOR-US: Juniper
-CVE-2022-22174
- RESERVED
+CVE-2022-22174 (A vulnerability in the processing of inbound IPv6 packets in Juniper N ...)
NOT-FOR-US: Juniper
-CVE-2022-22173
- RESERVED
+CVE-2022-22173 (A Missing Release of Memory after Effective Lifetime vulnerability in ...)
NOT-FOR-US: Juniper
-CVE-2022-22172
- RESERVED
+CVE-2022-22172 (A Missing Release of Memory after Effective Lifetime vulnerability in ...)
NOT-FOR-US: Juniper
-CVE-2022-22171
- RESERVED
+CVE-2022-22171 (An Improper Check for Unusual or Exceptional Conditions vulnerability ...)
NOT-FOR-US: Juniper
-CVE-2022-22170
- RESERVED
+CVE-2022-22170 (A Missing Release of Resource after Effective Lifetime vulnerability i ...)
NOT-FOR-US: Juniper
-CVE-2022-22169
- RESERVED
-CVE-2022-22168
- RESERVED
+CVE-2022-22169 (An Improper Initialization vulnerability in the routing protocol daemo ...)
+ TODO: check
+CVE-2022-22168 (An Improper Validation of Specified Type of Input vulnerability in the ...)
NOT-FOR-US: Juniper
-CVE-2022-22167
- RESERVED
+CVE-2022-22167 (A traffic classification vulnerability in Juniper Networks Junos OS on ...)
NOT-FOR-US: Juniper
-CVE-2022-22166
- RESERVED
+CVE-2022-22166 (An Improper Validation of Specified Quantity in Input vulnerability in ...)
NOT-FOR-US: Juniper
CVE-2022-22165
RESERVED
-CVE-2022-22164
- RESERVED
+CVE-2022-22164 (An Improper Initialization vulnerability in Juniper Networks Junos OS ...)
NOT-FOR-US: Juniper
-CVE-2022-22163
- RESERVED
+CVE-2022-22163 (An Improper Input Validation vulnerability in the Juniper DHCP daemon ...)
NOT-FOR-US: Juniper
-CVE-2022-22162
- RESERVED
+CVE-2022-22162 (A Generation of Error Message Containing Sensitive Information vulnera ...)
NOT-FOR-US: Juniper
-CVE-2022-22161
- RESERVED
+CVE-2022-22161 (An Uncontrolled Resource Consumption vulnerability in the kernel of Ju ...)
NOT-FOR-US: Juniper
-CVE-2022-22160
- RESERVED
+CVE-2022-22160 (An Unchecked Error Condition vulnerability in the subscriber managemen ...)
NOT-FOR-US: Juniper
-CVE-2022-22159
- RESERVED
+CVE-2022-22159 (A vulnerability in the NETISR network queue functionality of Juniper N ...)
NOT-FOR-US: Juniper
CVE-2022-22158
RESERVED
-CVE-2022-22157
- RESERVED
+CVE-2022-22157 (A traffic classification vulnerability in Juniper Networks Junos OS on ...)
NOT-FOR-US: Juniper
-CVE-2022-22156
- RESERVED
+CVE-2022-22156 (An Improper Certificate Validation weakness in the Juniper Networks Ju ...)
NOT-FOR-US: Juniper
-CVE-2022-22155
- RESERVED
+CVE-2022-22155 (An Uncontrolled Resource Consumption vulnerability in the handling of ...)
NOT-FOR-US: Juniper
-CVE-2022-22154
- RESERVED
+CVE-2022-22154 (In a Junos Fusion scenario an External Control of Critical State Data ...)
NOT-FOR-US: Juniper
-CVE-2022-22153
- RESERVED
-CVE-2022-22152
- RESERVED
+CVE-2022-22153 (An Insufficient Algorithmic Complexity combined with an Allocation of ...)
+ TODO: check
+CVE-2022-22152 (A Protection Mechanism Failure vulnerability in the REST API of Junipe ...)
NOT-FOR-US: Juniper
CVE-2022-21800
RESERVED
@@ -7958,14 +8003,14 @@ CVE-2021-44841
RESERVED
CVE-2021-44840 (An issue was discovered in Delta RM 1.2. Using an privileged account, ...)
NOT-FOR-US: Delta RM
-CVE-2021-44839
- RESERVED
+CVE-2021-44839 (An issue was discovered in Delta RM 1.2. It is possible to request a n ...)
+ TODO: check
CVE-2021-44838 (An issue was discovered in Delta RM 1.2. Using the /risque/risque/ajax ...)
NOT-FOR-US: Delta RM
CVE-2021-44837
RESERVED
-CVE-2021-44836
- RESERVED
+CVE-2021-44836 (An issue was discovered in Delta RM 1.2. The /risque/risque/workflow/r ...)
+ TODO: check
CVE-2021-44835
RESERVED
CVE-2021-44834
@@ -10718,32 +10763,32 @@ CVE-2022-21702
RESERVED
CVE-2022-21701
RESERVED
-CVE-2022-21700
- RESERVED
+CVE-2022-21700 (Micronaut is a JVM-based, full stack Java framework designed for build ...)
+ TODO: check
CVE-2022-21699
RESERVED
CVE-2022-21698
RESERVED
CVE-2022-21697
RESERVED
-CVE-2022-21696
- RESERVED
-CVE-2022-21695
- RESERVED
-CVE-2022-21694
- RESERVED
-CVE-2022-21693
- RESERVED
-CVE-2022-21692
- RESERVED
-CVE-2022-21691
- RESERVED
-CVE-2022-21690
- RESERVED
-CVE-2022-21689
- RESERVED
-CVE-2022-21688
- RESERVED
+CVE-2022-21696 (OnionShare is an open source tool that lets you securely and anonymous ...)
+ TODO: check
+CVE-2022-21695 (OnionShare is an open source tool that lets you securely and anonymous ...)
+ TODO: check
+CVE-2022-21694 (OnionShare is an open source tool that lets you securely and anonymous ...)
+ TODO: check
+CVE-2022-21693 (OnionShare is an open source tool that lets you securely and anonymous ...)
+ TODO: check
+CVE-2022-21692 (OnionShare is an open source tool that lets you securely and anonymous ...)
+ TODO: check
+CVE-2022-21691 (OnionShare is an open source tool that lets you securely and anonymous ...)
+ TODO: check
+CVE-2022-21690 (OnionShare is an open source tool that lets you securely and anonymous ...)
+ TODO: check
+CVE-2022-21689 (OnionShare is an open source tool that lets you securely and anonymous ...)
+ TODO: check
+CVE-2022-21688 (OnionShare is an open source tool that lets you securely and anonymous ...)
+ TODO: check
CVE-2022-21687
RESERVED
CVE-2022-21686
@@ -10775,8 +10820,8 @@ CVE-2022-21675 (Bytecode Viewer (BCV) is a Java/Android reverse engineering suit
TODO: check
CVE-2022-21674
RESERVED
-CVE-2022-21673
- RESERVED
+CVE-2022-21673 (Grafana is an open-source platform for monitoring and observability. I ...)
+ TODO: check
CVE-2022-21672 (make-ca is a utility to deliver and manage a complete PKI configuratio ...)
TODO: check
CVE-2022-21671 (@replit/crosis is a JavaScript client that speaks Replit's container p ...)
@@ -43760,8 +43805,8 @@ CVE-2021-31823
RESERVED
CVE-2021-31822 (When Octopus Tentacle is installed on a Linux operating system, the sy ...)
NOT-FOR-US: Octopus Tentacle
-CVE-2021-31821
- RESERVED
+CVE-2021-31821 (When the Windows Tentacle docker image starts up it logs all the comma ...)
+ TODO: check
CVE-2021-31820 (In Octopus Server after version 2018.8.2 if the Octopus Server Web Req ...)
NOT-FOR-US: Octopus Server
CVE-2021-31819 (In Halibut versions prior to 4.4.7 there is a deserialisation vulnerab ...)
@@ -58517,57 +58562,57 @@ CVE-2021-26068 (An endpoint in Atlassian Jira Server for Slack plugin from versi
CVE-2021-26067 (Affected versions of Atlassian Bamboo allow an unauthenticated remote ...)
NOT-FOR-US: Atlassian
CVE-2021-26066
- RESERVED
+ REJECTED
CVE-2021-26065
- RESERVED
+ REJECTED
CVE-2021-26064
- RESERVED
+ REJECTED
CVE-2021-26063
- RESERVED
+ REJECTED
CVE-2021-26062
- RESERVED
+ REJECTED
CVE-2021-26061
- RESERVED
+ REJECTED
CVE-2021-26060
- RESERVED
+ REJECTED
CVE-2021-26059
- RESERVED
+ REJECTED
CVE-2021-26058
- RESERVED
+ REJECTED
CVE-2021-26057
- RESERVED
+ REJECTED
CVE-2021-26056
- RESERVED
+ REJECTED
CVE-2021-26055
- RESERVED
+ REJECTED
CVE-2021-26054
- RESERVED
+ REJECTED
CVE-2021-26053
- RESERVED
+ REJECTED
CVE-2021-26052
- RESERVED
+ REJECTED
CVE-2021-26051
- RESERVED
+ REJECTED
CVE-2021-26050
- RESERVED
+ REJECTED
CVE-2021-26049
- RESERVED
+ REJECTED
CVE-2021-26048
- RESERVED
+ REJECTED
CVE-2021-26047
- RESERVED
+ REJECTED
CVE-2021-26046
- RESERVED
+ REJECTED
CVE-2021-26045
- RESERVED
+ REJECTED
CVE-2021-26044
- RESERVED
+ REJECTED
CVE-2021-26043
- RESERVED
+ REJECTED
CVE-2021-26042
- RESERVED
+ REJECTED
CVE-2021-26041
- RESERVED
+ REJECTED
CVE-2021-26040 (An issue was discovered in Joomla! 4.0.0. The media manager does not c ...)
NOT-FOR-US: Joomla!
CVE-2021-26039 (An issue was discovered in Joomla! 3.0.0 through 3.9.27. Inadequate es ...)
@@ -81420,6 +81465,7 @@ CVE-2021-1097 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU
CVE-2021-1096 (NVIDIA Windows GPU Display Driver for Windows contains a vulnerability ...)
NOT-FOR-US: NVIDIA Windows GPU Display Driver for Windows
CVE-2021-1095 (NVIDIA GPU Display Driver for Windows and Linux contains a vulnerabili ...)
+ {DLA-2888-1}
- nvidia-graphics-drivers 460.91.03-1 (bug #991351)
[buster] - nvidia-graphics-drivers 418.211.00-1
- nvidia-graphics-drivers-legacy-390xx 390.144-1 (bug #991353)
@@ -81433,6 +81479,7 @@ CVE-2021-1095 (NVIDIA GPU Display Driver for Windows and Linux contains a vulner
- nvidia-graphics-drivers-tesla-418 418.211.00-1 (bug #991354)
NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5211
CVE-2021-1094 (NVIDIA GPU Display Driver for Windows and Linux contains a vulnerabili ...)
+ {DLA-2888-1}
- nvidia-graphics-drivers 460.91.03-1 (bug #991351)
[buster] - nvidia-graphics-drivers 418.211.00-1
- nvidia-graphics-drivers-legacy-390xx 390.144-1 (bug #991353)
@@ -81446,6 +81493,7 @@ CVE-2021-1094 (NVIDIA GPU Display Driver for Windows and Linux contains a vulner
- nvidia-graphics-drivers-tesla-418 418.211.00-1 (bug #991354)
NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5211
CVE-2021-1093 (NVIDIA GPU Display Driver for Windows and Linux contains a vulnerabili ...)
+ {DLA-2888-1}
- nvidia-graphics-drivers 460.91.03-1 (bug #991351)
[buster] - nvidia-graphics-drivers 418.211.00-1
- nvidia-graphics-drivers-legacy-390xx 390.144-1 (bug #991353)
@@ -81496,6 +81544,7 @@ CVE-2021-1077 (NVIDIA GPU Display Driver for Windows and Linux, R450 and R460 dr
- nvidia-graphics-drivers-tesla-450 450.119.03-1 (bug #987221)
- nvidia-graphics-drivers-tesla-460 460.73.01-1 (bug #987222)
CVE-2021-1076 (NVIDIA GPU Display Driver for Windows and Linux, all versions, contain ...)
+ {DLA-2888-1}
- nvidia-graphics-drivers 460.73.01-1 (bug #987216)
[buster] - nvidia-graphics-drivers 418.197.02-1
- nvidia-graphics-drivers-legacy-340xx <unfixed> (bug #987217)
@@ -81546,6 +81595,7 @@ CVE-2021-1058 (NVIDIA vGPU software contains a vulnerability in the guest kernel
CVE-2021-1057 (NVIDIA Virtual GPU Manager NVIDIA vGPU manager contains a vulnerabilit ...)
NOT-FOR-US: NVIDIA Virtual GPU Manager NVIDIA vGPU manager
CVE-2021-1056 (NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerab ...)
+ {DLA-2888-1}
- nvidia-graphics-drivers 460.32.03-1 (bug #979670)
[buster] - nvidia-graphics-drivers 418.181.07-1
- nvidia-graphics-drivers-legacy-340xx <unfixed> (bug #979671)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/282212d8681f3f2e0e4ce5579ceae4a48011076d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/282212d8681f3f2e0e4ce5579ceae4a48011076d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220119/bb090bdb/attachment.htm>
More information about the debian-security-tracker-commits
mailing list