[Git][security-tracker-team/security-tracker][master] automatic update

Sat Mar 12 20:10:35 GMT 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8ec6642d by security tracker role at 2022-03-12T20:10:26+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,21 @@
+CVE-2022-26954
+	RESERVED
+CVE-2022-26953
+	RESERVED
+CVE-2022-26952
+	RESERVED
+CVE-2022-26951
+	RESERVED
+CVE-2022-26950
+	RESERVED
+CVE-2022-26949
+	RESERVED
+CVE-2022-26948
+	RESERVED
+CVE-2022-26947
+	RESERVED
+CVE-2022-0936
+	RESERVED
 CVE-2022-26946
 	RESERVED
 CVE-2022-26945
@@ -132,16 +150,16 @@ CVE-2022-0932 (Improper Authorization in GitHub repository saleor/saleor prior t
 	NOT-FOR-US: saleor
 CVE-2022-0931
 	RESERVED
-CVE-2022-0930
-	RESERVED
-CVE-2022-0929
-	RESERVED
+CVE-2022-0930 (File upload filter bypass leading to stored XSS in GitHub repository m ...)
+	TODO: check
+CVE-2022-0929 (XSS on dynamic_text module in GitHub repository microweber/microweber  ...)
+	TODO: check
 CVE-2022-0928 (Cross-site Scripting (XSS) - Stored in GitHub repository microweber/mi ...)
 	NOT-FOR-US: microweber
 CVE-2022-0927
 	RESERVED
-CVE-2022-0926
-	RESERVED
+CVE-2022-0926 (File upload filter bypass leading to stored XSS in GitHub repository m ...)
+	TODO: check
 CVE-2022-0925
 	RESERVED
 CVE-2022-26883
@@ -1061,12 +1079,13 @@ CVE-2022-26498
 CVE-2022-26497
 	RESERVED
 CVE-2022-26496 (In nbd-server in nbd before 3.24, there is a stack-based buffer overfl ...)
+	{DSA-5100-1}
 	- nbd 1:3.24-1 (bug #1006915)
 	[stretch] - nbd <not-affected> (NBD_OPT_INFO/NBD_OPT_GO introduced later, in 3.16)
 	NOTE: https://lists.debian.org/nbd/2022/01/msg00036.html
 	NOTE: https://lists.debian.org/nbd/2022/01/msg00037.html
 CVE-2022-26495 (In nbd-server in nbd before 3.24, there is an integer overflow with a  ...)
-	{DLA-2944-1}
+	{DSA-5100-1 DLA-2944-1}
 	- nbd 1:3.24-1 (bug #1006915)
 	NOTE: https://lists.debian.org/nbd/2022/01/msg00037.html
 CVE-2022-26494



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8ec6642d97ac6f0db17ba8d712e2b706c2ca951f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8ec6642d97ac6f0db17ba8d712e2b706c2ca951f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220312/c704fdf3/attachment.htm>
