[Git][security-tracker-team/security-tracker][master] bugnums

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
deac0a55 by Moritz Muehlenhoff at 2022-07-11T21:42:19+02:00
bugnums

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -26529,7 +26529,7 @@ CVE-2022-0761
 CVE-2022-0760 (The Simple Link Directory WordPress plugin before 7.7.2 does not valid ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-0759 (A flaw was found in all versions of kubeclient up to (but not includin ...)
-	- ruby-kubeclient <unfixed>
+	- ruby-kubeclient <unfixed> (bug #1014780)
 	[bullseye] - ruby-kubeclient <no-dsa> (Minor issue)
 	[buster] - ruby-kubeclient <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2058404
@@ -26843,7 +26843,7 @@ CVE-2022-25846
 CVE-2022-25845 (The package com.alibaba:fastjson before 1.2.83 are vulnerable to Deser ...)
 	NOT-FOR-US: com.alibaba:fastjson
 CVE-2022-25844 (The package angular after 1.7.0 are vulnerable to Regular Expression D ...)
-	- angular.js <unfixed>
+	- angular.js <unfixed> (bug #1014779)
 	[stretch] - angular.js <ignored> (Nodejs in stretch not covered by security support)
 	NOTE: https://snyk.io/vuln/SNYK-JS-ANGULAR-2772735
 CVE-2022-25843
@@ -78398,7 +78398,7 @@ CVE-2021-32753 (EdgeX Foundry is an open source project for building a common op
 CVE-2021-32752 (Ether Logs is a package that allows one to check one's logs in the Cra ...)
 	NOT-FOR-US: Ether Logs
 CVE-2021-32751 (Gradle is a build tool with a focus on build automation. In versions p ...)
-	- gradle <unfixed>
+	- gradle <unfixed> (bug #1014778)
 	[bullseye] - gradle <ignored> (Minor issue)
 	[buster] - gradle <ignored> (Minor issue)
 	[stretch] - gradle <no-dsa> (Minor issue)
@@ -79579,7 +79579,7 @@ CVE-2021-32296
 CVE-2021-32295
 	RESERVED
 CVE-2021-32294 (An issue was discovered in libgig through 20200507. A heap-buffer-over ...)
-	- libgig <unfixed>
+	- libgig <unfixed> (bug #1014777)
 	[bullseye] - libgig <ignored> (Minor issue)
 	[buster] - libgig <ignored> (Minor issue)
 	[stretch] - libgig <postponed> (Minor issue, revisit when/if fixed upstream)
@@ -100968,7 +100968,7 @@ CVE-2021-23922 (An issue was discovered in Devolutions Remote Desktop Manager be
 CVE-2021-23921 (An issue was discovered in Devolutions Server before 2020.3. There is  ...)
 	NOT-FOR-US: Devolutions Server
 CVE-2020-36191 (JupyterHub 1.1.0 allows CSRF in the admin panel via a request that lac ...)
-	- jupyterhub <unfixed>
+	- jupyterhub <unfixed> (bug #1014774)
 	NOTE: https://github.com/jupyterhub/jupyterhub/issues/3304
 CVE-2020-36190 (RailsAdmin (aka rails_admin) before 1.4.3 and 2.x before 2.0.2 allows  ...)
 	NOT-FOR-US: RailsAdmin
@@ -118799,7 +118799,7 @@ CVE-2020-28590 (An out-of-bounds read vulnerability exists in the Obj File Trian
 	NOTE: https://github.com/slic3r/Slic3r/issues/5074
 	NOTE: Crash in enduser application, no security impact
 CVE-2020-28589 (An improper array index validation vulnerability exists in the LoadObj ...)
-	- tinyobjloader <undetermined>
+	- tinyobjloader <unfixed> (bug #1014776)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1212
 CVE-2020-28588 (An information disclosure vulnerability exists in the /proc/pid/syscal ...)
 	- linux 5.9.15-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/deac0a55ef18280add910102379bbfbbe068531b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/deac0a55ef18280add910102379bbfbbe068531b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220711/2c250171/attachment.htm>