[Git][security-tracker-team/security-tracker][master] automatic update

Sun Jul 31 21:10:39 BST 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7d7dab8c by security tracker role at 2022-07-31T20:10:28+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2022-2591 (A vulnerability classified as critical has been found in TEM FLEX-1085 ...)
+	TODO: check
 CVE-2022-37040
 	RESERVED
 CVE-2022-37039
@@ -3240,8 +3242,8 @@ CVE-2022-35718
 	RESERVED
 CVE-2022-35717
 	RESERVED
-CVE-2022-35716
-	RESERVED
+CVE-2022-35716 (IBM UrbanCode Deploy (UCD) 6.2.0.0 through 6.2.7.16, 7.0.0.0 through 7 ...)
+	TODO: check
 CVE-2022-35715
 	RESERVED
 CVE-2022-35714
@@ -6817,8 +6819,8 @@ CVE-2022-34340
 	RESERVED
 CVE-2022-34339
 	RESERVED
-CVE-2022-34338
-	RESERVED
+CVE-2022-34338 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could disclo ...)
+	TODO: check
 CVE-2022-34337
 	RESERVED
 CVE-2022-34336
@@ -9708,8 +9710,8 @@ CVE-2022-33171 (** DISPUTED ** The findOne function in TypeORM before 0.3.0 can
 	NOT-FOR-US: TypeORM
 CVE-2022-33170
 	RESERVED
-CVE-2022-33169
-	RESERVED
+CVE-2022-33169 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerabl ...)
+	TODO: check
 CVE-2022-33168
 	RESERVED
 CVE-2022-33167
@@ -10707,8 +10709,8 @@ CVE-2022-32752
 	RESERVED
 CVE-2022-32751
 	RESERVED
-CVE-2022-32750
-	RESERVED
+CVE-2022-32750 (IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0 ...)
+	TODO: check
 CVE-2022-32749
 	RESERVED
 CVE-2022-32748
@@ -13353,12 +13355,12 @@ CVE-2022-31778
 	RESERVED
 CVE-2022-31777
 	RESERVED
-CVE-2022-31776
-	RESERVED
-CVE-2022-31775
-	RESERVED
-CVE-2022-31774
-	RESERVED
+CVE-2022-31776 (IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0 ...)
+	TODO: check
+CVE-2022-31775 (IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0 ...)
+	TODO: check
+CVE-2022-31774 (IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0 ...)
+	TODO: check
 CVE-2022-31773
 	RESERVED
 CVE-2022-31772
@@ -16792,8 +16794,8 @@ CVE-2022-1701 (SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlie
 	NOT-FOR-US: SonicWall
 CVE-2022-1700
 	RESERVED
-CVE-2022-30616
-	RESERVED
+CVE-2022-30616 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow  ...)
+	TODO: check
 CVE-2022-30615
 	RESERVED
 CVE-2022-30614
@@ -32230,6 +32232,7 @@ CVE-2022-0657 (The 5 Stars Rating Funnel WordPress Plugin | RRatingg WordPress p
 CVE-2022-0656 (The Web To Print Shop : uDraw WordPress plugin before 3.3.3 does not v ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-26520 (** DISPUTED ** In pgjdbc before 42.3.3, an attacker (who controls the  ...)
+	{DSA-5196-1}
 	- libpgjava 42.3.3-1
 	[stretch] - libpgjava <no-dsa> (Requires control over connection properties)
 	NOTE: https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-673j-qm5f-xpv8
@@ -42367,8 +42370,8 @@ CVE-2022-22507
 	RESERVED
 CVE-2022-22506
 	RESERVED
-CVE-2022-22505
-	RESERVED
+CVE-2022-22505 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 contains a v ...)
+	TODO: check
 CVE-2022-22504
 	RESERVED
 CVE-2022-22503
@@ -42709,8 +42712,8 @@ CVE-2022-22336 (IBM Sterling External Authentication Server and IBM Sterling Sec
 	NOT-FOR-US: IBM
 CVE-2022-22335
 	RESERVED
-CVE-2022-22334
-	RESERVED
+CVE-2022-22334 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow  ...)
+	TODO: check
 CVE-2022-22333 (IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 and IBM Sterli ...)
 	NOT-FOR-US: IBM
 CVE-2022-22332 (IBM Sterling Partner Engagement Manager 6.2.0 could allow an attacker  ...)
@@ -42725,8 +42728,8 @@ CVE-2022-22328 (IBM SterlingPartner Engagement Manager 6.2.0 could allow a malic
 	NOT-FOR-US: IBM
 CVE-2022-22327 (IBM UrbanCode Deploy (UCD) 7.0.5, 7.1.0, 7.1.1, and 7.1.2 uses weaker  ...)
 	NOT-FOR-US: IBM
-CVE-2022-22326
-	RESERVED
+CVE-2022-22326 (IBM Datapower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0 ...)
+	TODO: check
 CVE-2022-22325 (IBM MQ (IBM MQ for HPE NonStop 8.1.0) can inadvertently disclose sensi ...)
 	NOT-FOR-US: IBM
 CVE-2022-22324
@@ -50470,7 +50473,7 @@ CVE-2022-21726 (Tensorflow is an Open Source Machine Learning Framework. The imp
 CVE-2022-21725 (Tensorflow is an Open Source Machine Learning Framework. The estimator ...)
 	- tensorflow <itp> (bug #804612)
 CVE-2022-21724 (pgjdbc is the offical PostgreSQL JDBC Driver. A security hole was foun ...)
-	{DLA-3018-1}
+	{DSA-5196-1 DLA-3018-1}
 	- libpgjava 42.3.2-1
 	NOTE: https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-v7wg-cpwc-24m4
 	NOTE: https://github.com/pgjdbc/pgjdbc/commit/f4d0ed69c0b3aae8531d83d6af4c57f22312c813 (REL42.3.2)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d7dab8c66d0f52456598610b167d264cc112fc1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d7dab8c66d0f52456598610b167d264cc112fc1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220731/00fc6089/attachment.htm>
