[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jun 30 09:10:32 BST 2022



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0e79cd58 by security tracker role at 2022-06-30T08:10:16+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,41 @@
+CVE-2022-34835 (In Das U-Boot through 2022.07-rc5, an integer signedness error and res ...)
+	TODO: check
+CVE-2022-34834
+	RESERVED
+CVE-2022-34833
+	RESERVED
+CVE-2022-34832
+	RESERVED
+CVE-2022-34831
+	RESERVED
+CVE-2022-34830
+	RESERVED
+CVE-2022-34829
+	RESERVED
+CVE-2022-34828
+	RESERVED
+CVE-2022-34827
+	RESERVED
+CVE-2022-34826
+	RESERVED
+CVE-2022-34825
+	RESERVED
+CVE-2022-34824
+	RESERVED
+CVE-2022-34823
+	RESERVED
+CVE-2022-34822
+	RESERVED
+CVE-2022-2259
+	RESERVED
+CVE-2022-2258
+	RESERVED
+CVE-2022-2257
+	RESERVED
+CVE-2022-2256
+	RESERVED
+CVE-2022-2255
+	RESERVED
 CVE-2022-34821
 	RESERVED
 CVE-2022-34820
@@ -267,14 +305,14 @@ CVE-2022-2226
 	RESERVED
 	- thunderbird <unfixed>
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-26/#CVE-2022-2226
-CVE-2017-20125
-	RESERVED
-CVE-2017-20124
-	RESERVED
-CVE-2017-20123
-	RESERVED
-CVE-2017-20122
-	RESERVED
+CVE-2017-20125 (A vulnerability classified as critical was found in Online Hotel Booki ...)
+	TODO: check
+CVE-2017-20124 (A vulnerability classified as critical has been found in Online Hotel  ...)
+	TODO: check
+CVE-2017-20123 (A vulnerability was found in Viscosity 1.6.7. It has been classified a ...)
+	TODO: check
+CVE-2017-20122 (A vulnerability classified as problematic was found in Bitrix Site Man ...)
+	TODO: check
 CVE-2022-34734
 	RESERVED
 CVE-2022-34733
@@ -456,8 +494,8 @@ CVE-2020-36551
 	RESERVED
 CVE-2020-36550
 	RESERVED
-CVE-2017-20121
-	RESERVED
+CVE-2017-20121 (A vulnerability was found in Teradici Management Console 2.2.0. It has ...)
+	TODO: check
 CVE-2017-20120 (A vulnerability classified as problematic was found in TrueConf Server ...)
 	TODO: check
 CVE-2017-20119 (A vulnerability classified as problematic has been found in TrueConf S ...)
@@ -4117,8 +4155,8 @@ CVE-2022-2075
 	RESERVED
 CVE-2022-2074
 	RESERVED
-CVE-2022-2073
-	RESERVED
+CVE-2022-2073 (Code Injection in GitHub repository getgrav/grav prior to 1.7.34. ...)
+	TODO: check
 CVE-2021-46821
 	RESERVED
 CVE-2022-33187
@@ -11590,8 +11628,8 @@ CVE-2022-30469 (In Afian Filerun 20220202, lack of sanitization of the POST para
 	NOT-FOR-US: Afian Filerun
 CVE-2022-30468
 	RESERVED
-CVE-2022-30467
-	RESERVED
+CVE-2022-30467 (Joy ebike Wolf Manufacturing year 2022 is vulnerable to Denial of serv ...)
+	TODO: check
 CVE-2022-30466 (joyebike Joy ebike Wolf Manufacturing year 2022 is vulnerable to Authe ...)
 	NOT-FOR-US: joyebike Joy ebike Wolf Manufacturing
 CVE-2022-30465
@@ -24252,8 +24290,8 @@ CVE-2022-26137
 	RESERVED
 CVE-2022-26136
 	RESERVED
-CVE-2022-26135
-	RESERVED
+CVE-2022-26135 (A vulnerability in Mobile Plugin for Jira Data Center and Server allow ...)
+	TODO: check
 CVE-2022-26134 (In affected versions of Confluence Server and Data Center, an OGNL inj ...)
 	NOT-FOR-US: Atlassian Confluence Server and Data Center
 CVE-2022-26133 (SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center ve ...)
@@ -56678,8 +56716,8 @@ CVE-2021-40599
 	RESERVED
 CVE-2021-40598
 	RESERVED
-CVE-2021-40597
-	RESERVED
+CVE-2021-40597 (The firmware of EDIMAX IC-3140W Version 3.11 is hardcoded with Adminis ...)
+	TODO: check
 CVE-2021-40596 (SQL injection vulnerability in Login.php in sourcecodester Online Lear ...)
 	NOT-FOR-US: Sourcecodester
 CVE-2021-40595 (SQL injection vulnerability in Sourcecodester Online Leave Management  ...)
@@ -66383,6 +66421,7 @@ CVE-2020-36421 (An issue was discovered in Arm Mbed TLS before 2.23.0. Because o
 CVE-2021-36774 (Apache Kylin allows users to read data from other database systems usi ...)
 	NOT-FOR-US: Apache Kylin (different from Kylin desktop environment)
 CVE-2021-36773 (uBlock Origin before 1.36.2 and nMatrix before 4.4.9 support an arbitr ...)
+	{DLA-3062-1}
 	- ublock-origin 1.37.0+dfsg-1 (bug #991386)
 	[bullseye] - ublock-origin 1.37.0+dfsg-1~deb11u1
 	[buster] - ublock-origin 1.37.0+dfsg-1~deb10u1
@@ -443340,7 +443379,7 @@ CVE-2013-4127 (Use-after-free vulnerability in the vhost_net_set_backend functio
 	[wheezy] - linux <not-affected> (Introduced in 3.8)
 	- linux-2.6 <not-affected> (Introduced in 3.8)
 CVE-2013-4126
-	RESERVED
+	REJECTED
 CVE-2013-4125 (The fib6_add_rt2node function in net/ipv6/ip6_fib.c in the IPv6 stack  ...)
 	- linux 3.10.5-1
 	[wheezy] - linux <not-affected> (Introduced in 3.7)
@@ -447970,7 +448009,7 @@ CVE-2013-2254 (The deepGetOrCreateNode function in impl/operations/AbstractCreat
 CVE-2013-2253
 	RESERVED
 CVE-2013-2252
-	RESERVED
+	REJECTED
 CVE-2013-2251 (Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute  ...)
 	- libstruts1.2-java <not-affected> (Only affect 2.x)
 CVE-2013-2250 (Apache Open For Business Project (aka OFBiz) 10.04.01 through 10.04.05 ...)
@@ -448022,7 +448061,7 @@ CVE-2013-2236 (Stack-based buffer overflow in the new_msg_lsa_change_notify func
 	- quagga 0.99.22.4-1 (bug #726724)
 	NOTE: http://lists.quagga.net/pipermail/quagga-dev/2013-July/010621.html
 CVE-2013-2235
-	RESERVED
+	REJECTED
 CVE-2013-2234 (The (1) key_notify_sa_flush and (2) key_notify_policy_flush functions  ...)
 	{DSA-2766-1 DSA-2745-1}
 	- linux-2.6 <removed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e79cd5872901913834c2aa18ead82688daa64cb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e79cd5872901913834c2aa18ead82688daa64cb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220630/e218752c/attachment.htm>


More information about the debian-security-tracker-commits mailing list