[Git][security-tracker-team/security-tracker][master] bugnums
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Jul 7 18:40:38 BST 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
92ba5070 by Moritz Muehlenhoff at 2022-07-07T19:40:17+02:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10400,7 +10400,7 @@ CVE-2022-31293
CVE-2022-31292
RESERVED
CVE-2022-31291 (An issue in dlt_config_file_parser.c of dlt-daemon v2.18.8 allows atta ...)
- - dlt-daemon <unfixed>
+ - dlt-daemon <unfixed> (bug #1014534)
[bullseye] - dlt-daemon <no-dsa> (Minor issue)
[buster] - dlt-daemon <no-dsa> (Minor issue)
NOTE: https://github.com/COVESA/dlt-daemon/pull/376
@@ -10903,7 +10903,7 @@ CVE-2022-31110 (RSSHub is an open source, extensible RSS feed generator. In comm
CVE-2022-31109
RESERVED
CVE-2022-31108 (Mermaid is a JavaScript based diagramming and charting tool that uses ...)
- - node-mermaid <unfixed>
+ - node-mermaid <unfixed> (bug #1014540)
[bullseye] - node-mermaid <no-dsa> (Minor issue)
NOTE: https://github.com/mermaid-js/mermaid/security/advisories/GHSA-x3vm-38hw-55wf
NOTE: https://github.com/mermaid-js/mermaid/commit/0ae1bdb61adff1cd485caff8c62ec6b8ac57b225
@@ -13409,11 +13409,12 @@ CVE-2022-1590 (A vulnerability was found in Bludit 3.13.1. It has been declared
CVE-2022-1589 (The Change wp-admin login WordPress plugin before 1.1.0 does not prope ...)
NOT-FOR-US: WordPress plugin
CVE-2022-30292 (Heap-based buffer overflow in sqbaselib.cpp in SQUIRREL 3.2 due to lac ...)
- - squirrel3 <unfixed>
+ - squirrel3 <unfixed> (bug #1014539)
[bullseye] - squirrel3 <no-dsa> (Minor issue)
[buster] - squirrel3 <no-dsa> (Minor issue)
[stretch] - squirrel3 <no-dsa> (Minor issue)
NOTE: https://github.com/albertodemichelis/squirrel/commit/a6413aa690e0bdfef648c68693349a7b878fe60d
+ NOTE: https://github.com/sprushed/CVE-2022-30292
CVE-2022-30291
RESERVED
CVE-2022-30290 (In OpenCTI through 5.2.4, a broken access control vulnerability has be ...)
@@ -13435,10 +13436,7 @@ CVE-2022-30286 (pyscriptjs (aka PyScript Demonstrator) in PyScript through 2022-
CVE-2022-30285
RESERVED
CVE-2022-30284 (** DISPUTED ** In the python-libnmap package through 0.7.2 for Python, ...)
- - python-libnmap <unfixed>
- [bullseye] - python-libnmap <no-dsa> (Minor issue)
- [buster] - python-libnmap <no-dsa> (Minor issue)
- NOTE: https://www.swascan.com/security-advisory-libnmap-2/
+ NOTE: Bogus python-libnmap issue
CVE-2022-30283
RESERVED
CVE-2022-30282
@@ -14249,7 +14247,7 @@ CVE-2022-29975 (An Authenticated Reflected Cross-site scripting at CC Parameter
CVE-2022-29974
RESERVED
CVE-2022-29973 (relan exFAT 1.3.0 allows local users to obtain sensitive information ( ...)
- - fuse-exfat <unfixed>
+ - fuse-exfat <unfixed> (bug #1014538)
[bullseye] - fuse-exfat <no-dsa> (Minor issue)
[buster] - fuse-exfat <no-dsa> (Minor issue)
[stretch] - fuse-exfat <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92ba507021b0163e8d6d4c4474bbf5fbcdc2cec5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/92ba507021b0163e8d6d4c4474bbf5fbcdc2cec5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220707/bcf0c170/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list