[Git][security-tracker-team/security-tracker][master] automatic update

Fri Jul 22 09:10:22 BST 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
af4df02b by security tracker role at 2022-07-22T08:10:13+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2022-36372
+	RESERVED
+CVE-2022-36367
+	RESERVED
+CVE-2022-36364
+	RESERVED
+CVE-2022-36298
+	RESERVED
+CVE-2022-35729
+	RESERVED
+CVE-2022-34848
+	RESERVED
+CVE-2022-34846
+	RESERVED
+CVE-2022-34657
+	RESERVED
+CVE-2022-33196
+	RESERVED
+CVE-2022-32570
+	RESERVED
+CVE-2022-32232
+	RESERVED
+CVE-2022-2509
+	RESERVED
+CVE-2022-2508
+	RESERVED
+CVE-2022-2507
+	RESERVED
+CVE-2022-2506
+	RESERVED
 CVE-2022-36363
 	RESERVED
 CVE-2022-36362
@@ -108,12 +138,12 @@ CVE-2022-36314
 	RESERVED
 CVE-2022-36313 (An issue was discovered in the file-type package before 16.5.4 and 17. ...)
 	TODO: check
-CVE-2022-2495
-	RESERVED
-CVE-2022-2494
-	RESERVED
-CVE-2022-2493
-	RESERVED
+CVE-2022-2495 (Cross-site Scripting (XSS) - Stored in GitHub repository microweber/mi ...)
+	TODO: check
+CVE-2022-2494 (Cross-site Scripting (XSS) - Stored in GitHub repository openemr/opene ...)
+	TODO: check
+CVE-2022-2493 (Data Access from Outside Expected Data Manager Component in GitHub rep ...)
+	TODO: check
 CVE-2022-2492 (A vulnerability was found in SourceCodester Library Management System  ...)
 	NOT-FOR-US: SourceCodester
 CVE-2022-2491 (A vulnerability has been found in SourceCodester Library Management Sy ...)
@@ -10087,7 +10117,7 @@ CVE-2022-32298 (Toybox v0.8.7 was discovered to contain a NULL pointer dereferen
 	TODO: check
 CVE-2022-32297 (Piwigo v12.2.0 was discovered to contain SQL injection vulnerability v ...)
 	- piwigo <removed>
-CVE-2022-32295 (On Ampere Altra and AltraMax devices before SRP 1.09, the the Altra re ...)
+CVE-2022-32295 (On Ampere Altra and AltraMax devices before SRP 1.09, the Altra refere ...)
 	NOT-FOR-US: Ampere devices
 CVE-2022-32294 (Zimbra Collaboration Open Source 8.8.15 does not encrypt the initial-l ...)
 	NOT-FOR-US: Zimbra
@@ -13460,7 +13490,7 @@ CVE-2022-31148
 	RESERVED
 CVE-2022-31147 (The jQuery Validation Plugin (jquery-validation) provides drop-in vali ...)
 	TODO: check
-CVE-2022-31146 (There is a bug in the Wasmtime's code generator, Cranelift, where func ...)
+CVE-2022-31146 (Wasmtime is a standalone runtime for WebAssembly. There is a bug in th ...)
 	TODO: check
 CVE-2022-31145 (FlyteAdmin is the control plane for Flyte responsible for managing ent ...)
 	TODO: check
@@ -25287,62 +25317,52 @@ CVE-2022-25980 (Delta Electronics DIAEnergie (All versions prior to 1.8.02.004)
 	NOT-FOR-US: Delta Electronics
 CVE-2022-25347 (Delta Electronics DIAEnergie (All versions prior to 1.8.02.004) is vul ...)
 	NOT-FOR-US: Delta Electronics
-CVE-2022-0980
-	RESERVED
+CVE-2022-0980 (Use after free in New Tab Page in Google Chrome prior to 99.0.4844.74  ...)
 	{DSA-5104-1}
 	- chromium 99.0.4844.74-1
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2022-0979
-	RESERVED
+CVE-2022-0979 (Use after free in Safe Browsing in Google Chrome on Android prior to 9 ...)
 	{DSA-5104-1}
 	- chromium 99.0.4844.74-1
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2022-0978
-	RESERVED
+CVE-2022-0978 (Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed ...)
 	{DSA-5104-1}
 	- chromium 99.0.4844.74-1
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2022-0977
-	RESERVED
+CVE-2022-0977 (Use after free in Browser UI in Google Chrome on Chrome OS prior to 99 ...)
 	{DSA-5104-1}
 	- chromium 99.0.4844.74-1
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2022-0976
-	RESERVED
+CVE-2022-0976 (Heap buffer overflow in GPU in Google Chrome prior to 99.0.4844.74 all ...)
 	{DSA-5104-1}
 	- chromium 99.0.4844.74-1
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2022-0975
-	RESERVED
+CVE-2022-0975 (Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed ...)
 	{DSA-5104-1}
 	- chromium 99.0.4844.74-1
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2022-0974
-	RESERVED
+CVE-2022-0974 (Use after free in Splitscreen in Google Chrome on Chrome OS prior to 9 ...)
 	{DSA-5104-1}
 	- chromium 99.0.4844.74-1
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2022-0973
-	RESERVED
+CVE-2022-0973 (Use after free in Safe Browsing in Google Chrome prior to 99.0.4844.74 ...)
 	{DSA-5104-1}
 	- chromium 99.0.4844.74-1
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2022-0972
-	RESERVED
+CVE-2022-0972 (Use after free in Extensions in Google Chrome prior to 99.0.4844.74 al ...)
 	{DSA-5104-1}
 	- chromium 99.0.4844.74-1
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2022-0971
-	RESERVED
+CVE-2022-0971 (Use after free in Blink Layout in Google Chrome on Android prior to 99 ...)
 	{DSA-5104-1}
 	- chromium 99.0.4844.74-1
 	[buster] - chromium <end-of-life> (see DSA 5046)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af4df02bcc644e3b154b2897cf1d7ebc2792c089

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/af4df02bcc644e3b154b2897cf1d7ebc2792c089
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220722/632680c0/attachment-0001.htm>
