[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu May 19 09:10:29 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a90ecfc3 by security tracker role at 2022-05-19T08:10:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,39 @@
+CVE-2022-31215
+	RESERVED
+CVE-2022-31214
+	RESERVED
+CVE-2022-31213
+	RESERVED
+CVE-2022-31212
+	RESERVED
+CVE-2022-31211
+	RESERVED
+CVE-2022-31210
+	RESERVED
+CVE-2022-31209
+	RESERVED
+CVE-2022-31208
+	RESERVED
+CVE-2022-31207
+	RESERVED
+CVE-2022-31206
+	RESERVED
+CVE-2022-31205
+	RESERVED
+CVE-2022-31204
+	RESERVED
+CVE-2022-31203
+	RESERVED
+CVE-2022-31202
+	RESERVED
+CVE-2022-31201
+	RESERVED
+CVE-2022-31200
+	RESERVED
+CVE-2022-31199
+	RESERVED
+CVE-2022-1797
+	RESERVED
 CVE-2022-31198
 	RESERVED
 CVE-2022-31197
@@ -402,16 +438,16 @@ CVE-2022-30996
 	RESERVED
 CVE-2022-30995
 	RESERVED
-CVE-2022-30994
-	RESERVED
-CVE-2022-30993
-	RESERVED
-CVE-2022-30992
-	RESERVED
-CVE-2022-30991
-	RESERVED
-CVE-2022-30990
-	RESERVED
+CVE-2022-30994 (Cleartext transmission of sensitive information. The following product ...)
+	TODO: check
+CVE-2022-30993 (Cleartext transmission of sensitive information. The following product ...)
+	TODO: check
+CVE-2022-30992 (Open redirect via user-controlled query parameter. The following produ ...)
+	TODO: check
+CVE-2022-30991 (HTML injection via report name. The following products are affected: A ...)
+	TODO: check
+CVE-2022-30990 (Sensitive information disclosure due to insecure folder permissions. T ...)
+	TODO: check
 CVE-2022-30989
 	RESERVED
 CVE-2022-30988
@@ -496,14 +532,14 @@ CVE-2022-30974 (compile in regexp.c in Artifex MuJS through 1.2.0 results in sta
 	NOTE: https://github.com/ccxvii/mujs/issues/162
 CVE-2022-1775
 	RESERVED
-CVE-2022-1774
-	RESERVED
+CVE-2022-1774 (Exposure of Sensitive Information to an Unauthorized Actor in GitHub r ...)
+	TODO: check
 CVE-2022-1773
 	RESERVED
 CVE-2022-1772
 	RESERVED
-CVE-2022-1771
-	RESERVED
+CVE-2022-1771 (Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...)
+	TODO: check
 CVE-2019-25061 (The random_password_generator (aka RandomPasswordGenerator) gem throug ...)
 	NOT-FOR-US: bvsatyaram/random_password_generator
 CVE-2022-30973
@@ -1676,8 +1712,8 @@ CVE-2022-26344
 	RESERVED
 CVE-2022-25976
 	RESERVED
-CVE-2022-1670
-	RESERVED
+CVE-2022-1670 (When generating a user invitation code in Octopus Server, the validity ...)
+	TODO: check
 CVE-2022-1669
 	RESERVED
 CVE-2022-1668
@@ -2817,8 +2853,8 @@ CVE-2022-30140
 	RESERVED
 CVE-2022-30139
 	RESERVED
-CVE-2022-30138
-	RESERVED
+CVE-2022-30138 (Windows Print Spooler Elevation of Privilege Vulnerability. This CVE I ...)
+	TODO: check
 CVE-2022-30137
 	RESERVED
 CVE-2022-30136
@@ -3093,8 +3129,8 @@ CVE-2022-30035
 	RESERVED
 CVE-2022-30034
 	RESERVED
-CVE-2022-30033
-	RESERVED
+CVE-2022-30033 (Tenda TX9 Pro V22.03.02.10 is vulnerable to Buffer Overflow via the fu ...)
+	TODO: check
 CVE-2022-30032
 	RESERVED
 CVE-2022-30031
@@ -5463,10 +5499,10 @@ CVE-2022-29232
 	RESERVED
 CVE-2022-29231
 	RESERVED
-CVE-2022-29230
-	RESERVED
-CVE-2022-29229
-	RESERVED
+CVE-2022-29230 (Hydrogen is a React-based framework for building dynamic, Shopify-powe ...)
+	TODO: check
+CVE-2022-29229 (CaSS is a Competency and Skills System. CaSS Library, (npm:cassproject ...)
+	TODO: check
 CVE-2022-29228
 	RESERVED
 CVE-2022-29227
@@ -7753,12 +7789,12 @@ CVE-2021-46780 (The Easy Google Maps WordPress plugin before 1.9.32 does not esc
 	NOT-FOR-US: WordPress plugin
 CVE-2022-28351
 	RESERVED
-CVE-2022-28350
-	RESERVED
-CVE-2022-28349
-	RESERVED
-CVE-2022-28348
-	RESERVED
+CVE-2022-28350 (Arm Mali GPU Kernel Driver allows improper GPU operations in Valhall r ...)
+	TODO: check
+CVE-2022-28349 (Arm Mali GPU Kernel Driver has a use-after-free: Midgard r28p0 through ...)
+	TODO: check
+CVE-2022-28348 (Arm Mali GPU Kernel Driver (Midgard r4p0 through r31p0, Bifrost r0p0 t ...)
+	TODO: check
 CVE-2022-28347 (A SQL injection issue was discovered in QuerySet.explain() in Django 2 ...)
 	- python-django 2:3.2.13-1 (bug #1009677)
 	[stretch] - python-django <not-affected> (Vulnerable code not present)
@@ -50546,8 +50582,8 @@ CVE-2021-38946 (IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to
 	NOT-FOR-US: IBM
 CVE-2021-38945
 	RESERVED
-CVE-2021-38944
-	RESERVED
+CVE-2021-38944 (IBM DataPower Gateway 10.0.2.0 through 1.0.3.0, 10.0.1.0 through 10.0. ...)
+	TODO: check
 CVE-2021-38943
 	RESERVED
 CVE-2021-38942



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a90ecfc3faa43356d0c1a2f4d1afeeda8e65a5f5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a90ecfc3faa43356d0c1a2f4d1afeeda8e65a5f5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220519/5fa160a1/attachment.htm>

More information about the debian-security-tracker-commits mailing list