[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jan 21 08:10:22 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5537eafa by security tracker role at 2022-01-21T08:10:14+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,45 @@
+CVE-2022-23809
+ RESERVED
+CVE-2022-23808
+ RESERVED
+CVE-2022-23807
+ RESERVED
+CVE-2022-23806
+ RESERVED
+CVE-2022-23805
+ RESERVED
+CVE-2022-23804
+ RESERVED
+CVE-2022-23803
+ RESERVED
+CVE-2022-23802
+ RESERVED
+CVE-2022-23801
+ RESERVED
+CVE-2022-23800
+ RESERVED
+CVE-2022-23799
+ RESERVED
+CVE-2022-23798
+ RESERVED
+CVE-2022-23797
+ RESERVED
+CVE-2022-23796
+ RESERVED
+CVE-2022-23795
+ RESERVED
+CVE-2022-23794
+ RESERVED
+CVE-2022-23793
+ RESERVED
+CVE-2022-0326 (NULL Pointer Dereference in Homebrew mruby prior to 3.2. ...)
+ TODO: check
+CVE-2022-0325
+ RESERVED
+CVE-2022-0324
+ RESERVED
+CVE-2021-46402
+ RESERVED
CVE-2022-23792
RESERVED
CVE-2022-23791
@@ -1114,10 +1156,10 @@ CVE-2022-23317
RESERVED
CVE-2022-23316
RESERVED
-CVE-2022-23315
- RESERVED
-CVE-2022-23314
- RESERVED
+CVE-2022-23315 (MCMS v5.2.4 was discovered to contain an arbitrary file upload vulnera ...)
+ TODO: check
+CVE-2022-23314 (MCMS v5.2.4 was discovered to contain a SQL injection vulnerability vi ...)
+ TODO: check
CVE-2022-23313
RESERVED
CVE-2022-22137
@@ -1238,66 +1280,66 @@ CVE-2021-46353
RESERVED
CVE-2021-46352
RESERVED
-CVE-2021-46351
- RESERVED
-CVE-2021-46350
- RESERVED
-CVE-2021-46349
- RESERVED
-CVE-2021-46348
- RESERVED
-CVE-2021-46347
- RESERVED
-CVE-2021-46346
- RESERVED
-CVE-2021-46345
- RESERVED
-CVE-2021-46344
- RESERVED
-CVE-2021-46343
- RESERVED
-CVE-2021-46342
- RESERVED
+CVE-2021-46351 (There is an Assertion 'local_tza == ecma_date_local_time_zone_adjustme ...)
+ TODO: check
+CVE-2021-46350 (There is an Assertion 'ecma_is_value_object (value)' failed at jerrysc ...)
+ TODO: check
+CVE-2021-46349 (There is an Assertion 'type == ECMA_OBJECT_TYPE_GENERAL || type == ECM ...)
+ TODO: check
+CVE-2021-46348 (There is an Assertion 'ECMA_STRING_IS_REF_EQUALS_TO_ONE (string_p)' fa ...)
+ TODO: check
+CVE-2021-46347 (There is an Assertion 'ecma_object_check_class_name_is_object (obj_p)' ...)
+ TODO: check
+CVE-2021-46346 (There is an Assertion 'local_tza == ecma_date_local_time_zone_adjustme ...)
+ TODO: check
+CVE-2021-46345 (There is an Assertion 'cesu8_cursor_p == cesu8_end_p' failed at /jerry ...)
+ TODO: check
+CVE-2021-46344 (There is an Assertion 'flags & PARSER_PATTERN_HAS_REST_ELEMENT' fa ...)
+ TODO: check
+CVE-2021-46343 (There is an Assertion 'context_p->token.type == LEXER_LITERAL' fail ...)
+ TODO: check
+CVE-2021-46342 (There is an Assertion 'ecma_is_lexical_environment (obj_p) || !ecma_op ...)
+ TODO: check
CVE-2021-46341
RESERVED
-CVE-2021-46340
- RESERVED
-CVE-2021-46339
- RESERVED
-CVE-2021-46338
- RESERVED
-CVE-2021-46337
- RESERVED
-CVE-2021-46336
- RESERVED
-CVE-2021-46335
- RESERVED
-CVE-2021-46334
- RESERVED
-CVE-2021-46333
- RESERVED
-CVE-2021-46332
- RESERVED
-CVE-2021-46331
- RESERVED
-CVE-2021-46330
- RESERVED
-CVE-2021-46329
- RESERVED
-CVE-2021-46328
- RESERVED
-CVE-2021-46327
- RESERVED
-CVE-2021-46326
- RESERVED
-CVE-2021-46325
- RESERVED
-CVE-2021-46324
- RESERVED
-CVE-2021-46323
- RESERVED
-CVE-2021-46322
- RESERVED
+CVE-2021-46340 (There is an Assertion 'context_p->stack_top_uint8 == SCAN_STACK_TRY ...)
+ TODO: check
+CVE-2021-46339 (There is an Assertion 'lit_is_valid_cesu8_string (string_p, string_siz ...)
+ TODO: check
+CVE-2021-46338 (There is an Assertion 'ecma_is_lexical_environment (object_p)' failed ...)
+ TODO: check
+CVE-2021-46337 (There is an Assertion 'page_p != NULL' failed at /parser/js/js-parser- ...)
+ TODO: check
+CVE-2021-46336 (There is an Assertion 'opts & PARSER_CLASS_LITERAL_CTOR_PRESENT' f ...)
+ TODO: check
+CVE-2021-46335 (Moddable SDK v11.5.0 was discovered to contain a NULL pointer derefere ...)
+ TODO: check
+CVE-2021-46334 (Moddable SDK v11.5.0 was discovered to contain a stack buffer overflow ...)
+ TODO: check
+CVE-2021-46333 (Moddable SDK v11.5.0 was discovered to contain an invalid memory acces ...)
+ TODO: check
+CVE-2021-46332 (Moddable SDK v11.5.0 was discovered to contain a heap-buffer-overflow ...)
+ TODO: check
+CVE-2021-46331 (Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability vi ...)
+ TODO: check
+CVE-2021-46330 (Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability vi ...)
+ TODO: check
+CVE-2021-46329 (Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability vi ...)
+ TODO: check
+CVE-2021-46328 (Moddable SDK v11.5.0 was discovered to contain a heap-buffer-overflow ...)
+ TODO: check
+CVE-2021-46327 (Moddable SDK v11.5.0 was discovered to contain a SEGV vulnerability vi ...)
+ TODO: check
+CVE-2021-46326 (Moddable SDK v11.5.0 was discovered to contain a heap-buffer-overflow ...)
+ TODO: check
+CVE-2021-46325 (Espruino 2v10.246 was discovered to contain a stack buffer overflow vi ...)
+ TODO: check
+CVE-2021-46324 (Espruino 2v11.251 was discovered to contain a stack buffer overflow vi ...)
+ TODO: check
+CVE-2021-46323 (Espruino 2v11.251 was discovered to contain a SEGV vulnerability via s ...)
+ TODO: check
+CVE-2021-46322 (Duktape v2.99.99 was discovered to contain a SEGV vulnerability via th ...)
+ TODO: check
CVE-2021-46321
RESERVED
CVE-2021-46320
@@ -2425,12 +2467,12 @@ CVE-2022-22932
RESERVED
CVE-2022-22931
RESERVED
-CVE-2022-22930
- RESERVED
-CVE-2022-22929
- RESERVED
-CVE-2022-22928
- RESERVED
+CVE-2022-22930 (A remote code execution (RCE) vulnerability in the Template Management ...)
+ TODO: check
+CVE-2022-22929 (MCMS v5.2.4 was discovered to have an arbitrary file upload vulnerabil ...)
+ TODO: check
+CVE-2022-22928 (MCMS v5.2.4 was discovered to have a hardcoded shiro-key, allowing att ...)
+ TODO: check
CVE-2022-22927
RESERVED
CVE-2022-22926
@@ -2495,22 +2537,22 @@ CVE-2022-22897
RESERVED
CVE-2022-22896
RESERVED
-CVE-2022-22895
- RESERVED
-CVE-2022-22894
- RESERVED
-CVE-2022-22893
- RESERVED
-CVE-2022-22892
- RESERVED
-CVE-2022-22891
- RESERVED
-CVE-2022-22890
- RESERVED
+CVE-2022-22895 (Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via ...)
+ TODO: check
+CVE-2022-22894 (Jerryscript 3.0.0 was discovered to contain a stack overflow via ecma_ ...)
+ TODO: check
+CVE-2022-22893 (Jerryscript 3.0.0 was discovered to contain a stack overflow via vm_lo ...)
+ TODO: check
+CVE-2022-22892 (There is an Assertion 'ecma_is_value_undefined (value) || ecma_is_valu ...)
+ TODO: check
+CVE-2022-22891 (Jerryscript 3.0.0 was discovered to contain a SEGV vulnerability via e ...)
+ TODO: check
+CVE-2022-22890 (There is an Assertion 'arguments_type != SCANNER_ARGUMENTS_PRESENT &am ...)
+ TODO: check
CVE-2022-22889
RESERVED
-CVE-2022-22888
- RESERVED
+CVE-2022-22888 (Jerryscript 3.0.0 was discovered to contain a stack overflow via ecma_ ...)
+ TODO: check
CVE-2022-22887
RESERVED
CVE-2022-22886
@@ -4613,8 +4655,8 @@ CVE-2021-46063
RESERVED
CVE-2021-46062
RESERVED
-CVE-2021-46061
- RESERVED
+CVE-2021-46061 (An SQL Injection vulnerability exists in Sourcecodester Computer and M ...)
+ TODO: check
CVE-2021-46060
REJECTED
CVE-2021-46059
@@ -39300,6 +39342,7 @@ CVE-2021-33915
CVE-2021-33914
RESERVED
CVE-2021-33913 (libspf2 before 1.2.11 has a heap-based buffer overflow that might allo ...)
+ {DLA-2890-1}
- libspf2 1.2.10-7.1
[bullseye] - libspf2 1.2.10-7.1~deb11u1
[buster] - libspf2 1.2.10-7.1~deb10u1
@@ -39307,6 +39350,7 @@ CVE-2021-33913 (libspf2 before 1.2.11 has a heap-based buffer overflow that migh
NOTE: https://github.com/shevek/libspf2/pull/35
NOTE: https://github.com/shevek/libspf2/commit/f06fef6cede4c4cb42f2c617496e6041782d7070
CVE-2021-33912 (libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that ...)
+ {DLA-2890-1}
- libspf2 1.2.10-7.1
[bullseye] - libspf2 1.2.10-7.1~deb11u1
[buster] - libspf2 1.2.10-7.1~deb10u1
@@ -50304,8 +50348,8 @@ CVE-2021-29787
RESERVED
CVE-2021-29786 (IBM Jazz Team Server products stores user credentials in clear text wh ...)
NOT-FOR-US: IBM
-CVE-2021-29785
- RESERVED
+CVE-2021-29785 (IBM Security SOAR V42 and V43could allow a remote attacker to obtain s ...)
+ TODO: check
CVE-2021-29784 (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 could allow a remote attacker t ...)
NOT-FOR-US: IBM
CVE-2021-29783
@@ -97390,8 +97434,8 @@ CVE-2020-23317
RESERVED
CVE-2020-23316
RESERVED
-CVE-2020-23315
- RESERVED
+CVE-2020-23315 (There is an ASSERTION (pFuncBody->GetYieldRegister() == oldYieldReg ...)
+ TODO: check
CVE-2020-23314 (There is an Assertion 'block_found' failed at js-parser-statm.c:2003 p ...)
- iotjs <unfixed> (bug #989991)
[bullseye] - iotjs <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5537eafab0bb742e5eba88848a04f31bdae9c456
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5537eafab0bb742e5eba88848a04f31bdae9c456
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220121/27ee68d8/attachment.htm>
More information about the debian-security-tracker-commits
mailing list