[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri May 27 09:10:22 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f137f91f by security tracker role at 2022-05-27T08:10:13+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,57 @@
+CVE-2022-31763
+ RESERVED
+CVE-2022-31762
+ RESERVED
+CVE-2022-31761
+ RESERVED
+CVE-2022-31760
+ RESERVED
+CVE-2022-31759
+ RESERVED
+CVE-2022-31758
+ RESERVED
+CVE-2022-31757
+ RESERVED
+CVE-2022-31756
+ RESERVED
+CVE-2022-31755
+ RESERVED
+CVE-2022-31754
+ RESERVED
+CVE-2022-31753
+ RESERVED
+CVE-2022-31752
+ RESERVED
+CVE-2022-31751
+ RESERVED
+CVE-2022-31750
+ RESERVED
+CVE-2022-1902
+ RESERVED
+CVE-2022-1901
+ RESERVED
+CVE-2022-1900
+ RESERVED
+CVE-2021-46815
+ RESERVED
+CVE-2021-46814
+ RESERVED
+CVE-2021-46813
+ RESERVED
+CVE-2021-46812
+ RESERVED
+CVE-2021-46811
+ RESERVED
+CVE-2020-36527
+ RESERVED
+CVE-2020-36526
+ RESERVED
+CVE-2020-36525
+ RESERVED
+CVE-2020-36524
+ RESERVED
+CVE-2020-36523
+ RESERVED
CVE-2022-31749
RESERVED
CVE-2022-31748
@@ -214,8 +268,8 @@ CVE-2022-31650 (In SoX 14.4.2, there is a floating-point exception in lsx_aiffst
NOTE: https://sourceforge.net/p/sox/bugs/360/
CVE-2022-31649
RESERVED
-CVE-2022-31648
- RESERVED
+CVE-2022-31648 (Talend Administration Center is vulnerable to a reflected Cross-Site S ...)
+ TODO: check
CVE-2022-31647
RESERVED
CVE-2022-31646
@@ -2710,10 +2764,10 @@ CVE-2022-30703
RESERVED
CVE-2022-30702
RESERVED
-CVE-2022-30701
- RESERVED
-CVE-2022-30700
- RESERVED
+CVE-2022-30701 (An uncontrolled search path element vulnerability in Trend Micro Apex ...)
+ TODO: check
+CVE-2022-30700 (An incorrect permission assignment vulnerability in Trend Micro Apex O ...)
+ TODO: check
CVE-2022-30699
RESERVED
CVE-2022-30698
@@ -2779,8 +2833,8 @@ CVE-2022-30688 (needrestart 0.8 through 3.5 before 3.6 is prone to local privile
- needrestart 3.6-1 (bug #1011154)
NOTE: https://github.com/liske/needrestart/commit/e6e58136e1e3c92296e2e810cb8372a5fe0dbd30 (v3.6)
NOTE: https://www.openwall.com/lists/oss-security/2022/05/17/9
-CVE-2022-30687
- RESERVED
+CVE-2022-30687 (Trend Micro Maximum Security 2022 is vulnerable to a link following vu ...)
+ TODO: check
CVE-2022-30686
RESERVED
CVE-2022-30685
@@ -3057,10 +3111,10 @@ CVE-2022-30587
RESERVED
CVE-2022-30586
RESERVED
-CVE-2022-30585
- RESERVED
-CVE-2022-30584
- RESERVED
+CVE-2022-30585 (The REST API in Archer Platform 6.x before 6.11 (6.11.0.0) contains an ...)
+ TODO: check
+CVE-2022-30584 (Archer Platform 6.3 before 6.11 (6.11.0.0) contains an Improper Access ...)
+ TODO: check
CVE-2022-30583
RESERVED
CVE-2022-30582
@@ -5866,18 +5920,18 @@ CVE-2022-29639 (TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211
NOT-FOR-US: TOTOLINK
CVE-2022-29638 (TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 we ...)
NOT-FOR-US: TOTOLINK
-CVE-2022-29637
- RESERVED
+CVE-2022-29637 (An arbitrary file upload vulnerability in Mindoc v2.1-beta.5 allows at ...)
+ TODO: check
CVE-2022-29636
RESERVED
CVE-2022-29635
RESERVED
CVE-2022-29634
RESERVED
-CVE-2022-29633
- RESERVED
-CVE-2022-29632
- RESERVED
+CVE-2022-29633 (An access control issue in Linglong v1.0 allows attackers to access th ...)
+ TODO: check
+CVE-2022-29632 (An arbitrary file upload vulnerability in the component /course/api/up ...)
+ TODO: check
CVE-2022-29631
RESERVED
CVE-2022-29630
@@ -9255,8 +9309,8 @@ CVE-2022-28396 (Apostrophe v3.16.1 was discovered to contain a remote code execu
NOT-FOR-US: Apostrophe CMS
CVE-2022-28395
RESERVED
-CVE-2022-28394
- RESERVED
+CVE-2022-28394 (EOL Product CVE - Installer of Trend Micro Password Manager (Consumer) ...)
+ TODO: check
CVE-2022-28393
RESERVED
CVE-2022-28392
@@ -14177,88 +14231,88 @@ CVE-2022-0890 (NULL Pointer Dereference in GitHub repository mruby/mruby prior t
[stretch] - mruby <no-dsa> (Minor issue)
NOTE: https://huntr.dev/bounties/68e09ec1-6cc7-48b8-981d-30f478c70276/
NOTE: https://github.com/mruby/mruby/commit/da48e7dbb20024c198493b8724adae1b842083aa
-CVE-2022-26776
- RESERVED
-CVE-2022-26775
- RESERVED
-CVE-2022-26774
- RESERVED
-CVE-2022-26773
- RESERVED
-CVE-2022-26772
- RESERVED
-CVE-2022-26771
- RESERVED
-CVE-2022-26770
- RESERVED
-CVE-2022-26769
- RESERVED
-CVE-2022-26768
- RESERVED
-CVE-2022-26767
- RESERVED
-CVE-2022-26766
- RESERVED
-CVE-2022-26765
- RESERVED
-CVE-2022-26764
- RESERVED
-CVE-2022-26763
- RESERVED
+CVE-2022-26776 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
+CVE-2022-26775 (An integer overflow was addressed with improved input validation. This ...)
+ TODO: check
+CVE-2022-26774 (A logic issue was addressed with improved state management. This issue ...)
+ TODO: check
+CVE-2022-26773 (A logic issue was addressed with improved state management. This issue ...)
+ TODO: check
+CVE-2022-26772 (A memory corruption issue was addressed with improved state management ...)
+ TODO: check
+CVE-2022-26771 (A memory corruption issue was addressed with improved state management ...)
+ TODO: check
+CVE-2022-26770 (An out-of-bounds read issue was addressed with improved input validati ...)
+ TODO: check
+CVE-2022-26769 (A memory corruption issue was addressed with improved input validation ...)
+ TODO: check
+CVE-2022-26768 (A memory corruption issue was addressed with improved state management ...)
+ TODO: check
+CVE-2022-26767 (The issue was addressed with additional permissions checks. This issue ...)
+ TODO: check
+CVE-2022-26766 (A certificate parsing issue was addressed with improved checks. This i ...)
+ TODO: check
+CVE-2022-26765 (A race condition was addressed with improved state handling. This issu ...)
+ TODO: check
+CVE-2022-26764 (A memory corruption issue was addressed with improved validation. This ...)
+ TODO: check
+CVE-2022-26763 (An out-of-bounds access issue was addressed with improved bounds check ...)
+ TODO: check
CVE-2022-26762
RESERVED
-CVE-2022-26761
- RESERVED
+CVE-2022-26761 (A memory corruption issue was addressed with improved memory handling. ...)
+ TODO: check
CVE-2022-26760
RESERVED
CVE-2022-26759
RESERVED
CVE-2022-26758
RESERVED
-CVE-2022-26757
- RESERVED
-CVE-2022-26756
- RESERVED
-CVE-2022-26755
- RESERVED
-CVE-2022-26754
- RESERVED
-CVE-2022-26753
- RESERVED
-CVE-2022-26752
- RESERVED
-CVE-2022-26751
- RESERVED
-CVE-2022-26750
- RESERVED
-CVE-2022-26749
- RESERVED
-CVE-2022-26748
- RESERVED
-CVE-2022-26747
- RESERVED
-CVE-2022-26746
- RESERVED
-CVE-2022-26745
- RESERVED
-CVE-2022-26744
- RESERVED
-CVE-2022-26743
- RESERVED
-CVE-2022-26742
- RESERVED
-CVE-2022-26741
- RESERVED
-CVE-2022-26740
- RESERVED
-CVE-2022-26739
- RESERVED
-CVE-2022-26738
- RESERVED
-CVE-2022-26737
- RESERVED
-CVE-2022-26736
- RESERVED
+CVE-2022-26757 (A use after free issue was addressed with improved memory management. ...)
+ TODO: check
+CVE-2022-26756 (An out-of-bounds write issue was addressed with improved input validat ...)
+ TODO: check
+CVE-2022-26755 (This issue was addressed with improved environment sanitization. This ...)
+ TODO: check
+CVE-2022-26754 (A buffer overflow issue was addressed with improved memory handling. T ...)
+ TODO: check
+CVE-2022-26753 (A buffer overflow issue was addressed with improved memory handling. T ...)
+ TODO: check
+CVE-2022-26752 (A buffer overflow issue was addressed with improved memory handling. T ...)
+ TODO: check
+CVE-2022-26751 (A memory corruption issue was addressed with improved input validation ...)
+ TODO: check
+CVE-2022-26750 (A buffer overflow issue was addressed with improved memory handling. T ...)
+ TODO: check
+CVE-2022-26749 (A buffer overflow issue was addressed with improved memory handling. T ...)
+ TODO: check
+CVE-2022-26748 (An out-of-bounds write issue was addressed with improved input validat ...)
+ TODO: check
+CVE-2022-26747 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
+CVE-2022-26746 (This issue was addressed by removing the vulnerable code. This issue i ...)
+ TODO: check
+CVE-2022-26745 (A memory corruption issue was addressed with improved validation. This ...)
+ TODO: check
+CVE-2022-26744 (A memory corruption issue was addressed with improved state management ...)
+ TODO: check
+CVE-2022-26743 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+ TODO: check
+CVE-2022-26742 (A buffer overflow issue was addressed with improved memory handling. T ...)
+ TODO: check
+CVE-2022-26741 (A buffer overflow issue was addressed with improved memory handling. T ...)
+ TODO: check
+CVE-2022-26740 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+ TODO: check
+CVE-2022-26739 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+ TODO: check
+CVE-2022-26738 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+ TODO: check
+CVE-2022-26737 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+ TODO: check
+CVE-2022-26736 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+ TODO: check
CVE-2022-26735
RESERVED
CVE-2022-26734
@@ -14267,88 +14321,88 @@ CVE-2022-26733
RESERVED
CVE-2022-26732
RESERVED
-CVE-2022-26731
- RESERVED
+CVE-2022-26731 (A logic issue was addressed with improved state management. This issue ...)
+ TODO: check
CVE-2022-26730
RESERVED
CVE-2022-26729
RESERVED
-CVE-2022-26728
- RESERVED
-CVE-2022-26727
- RESERVED
-CVE-2022-26726
- RESERVED
-CVE-2022-26725
- RESERVED
-CVE-2022-26724
- RESERVED
-CVE-2022-26723
- RESERVED
-CVE-2022-26722
- RESERVED
-CVE-2022-26721
- RESERVED
-CVE-2022-26720
- RESERVED
+CVE-2022-26728 (This issue was addressed with improved entitlements. This issue is fix ...)
+ TODO: check
+CVE-2022-26727 (This issue was addressed with improved entitlements. This issue is fix ...)
+ TODO: check
+CVE-2022-26726 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
+CVE-2022-26725 (A logic issue was addressed with improved state management. This issue ...)
+ TODO: check
+CVE-2022-26724 (An authentication issue was addressed with improved state management. ...)
+ TODO: check
+CVE-2022-26723 (A memory corruption issue was addressed with improved input validation ...)
+ TODO: check
+CVE-2022-26722 (A memory initialization issue was addressed. This issue is fixed in Se ...)
+ TODO: check
+CVE-2022-26721 (A memory initialization issue was addressed. This issue is fixed in Se ...)
+ TODO: check
+CVE-2022-26720 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+ TODO: check
CVE-2022-26719
RESERVED
-CVE-2022-26718
- RESERVED
+CVE-2022-26718 (An out-of-bounds read issue was addressed with improved input validati ...)
+ TODO: check
CVE-2022-26717
RESERVED
CVE-2022-26716
RESERVED
-CVE-2022-26715
- RESERVED
-CVE-2022-26714
- RESERVED
+CVE-2022-26715 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+ TODO: check
+CVE-2022-26714 (A memory corruption issue was addressed with improved validation. This ...)
+ TODO: check
CVE-2022-26713
RESERVED
-CVE-2022-26712
- RESERVED
-CVE-2022-26711
- RESERVED
+CVE-2022-26712 (This issue was addressed by removing the vulnerable code. This issue i ...)
+ TODO: check
+CVE-2022-26711 (An integer overflow issue was addressed with improved input validation ...)
+ TODO: check
CVE-2022-26710
RESERVED
CVE-2022-26709
RESERVED
-CVE-2022-26708
- RESERVED
+CVE-2022-26708 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
CVE-2022-26707
RESERVED
-CVE-2022-26706
- RESERVED
+CVE-2022-26706 (An access issue was addressed with additional sandbox restrictions on ...)
+ TODO: check
CVE-2022-26705
RESERVED
-CVE-2022-26704
- RESERVED
-CVE-2022-26703
- RESERVED
-CVE-2022-26702
- RESERVED
-CVE-2022-26701
- RESERVED
+CVE-2022-26704 (A validation issue existed in the handling of symlinks and was address ...)
+ TODO: check
+CVE-2022-26703 (An authorization issue was addressed with improved state management. T ...)
+ TODO: check
+CVE-2022-26702 (A use after free issue was addressed with improved memory management. ...)
+ TODO: check
+CVE-2022-26701 (A race condition was addressed with improved locking. This issue is fi ...)
+ TODO: check
CVE-2022-26700
RESERVED
CVE-2022-26699
RESERVED
-CVE-2022-26698
- RESERVED
-CVE-2022-26697
- RESERVED
+CVE-2022-26698 (An out-of-bounds read issue was addressed with improved bounds checkin ...)
+ TODO: check
+CVE-2022-26697 (An out-of-bounds read issue was addressed with improved input validati ...)
+ TODO: check
CVE-2022-26696
RESERVED
CVE-2022-26695
RESERVED
-CVE-2022-26694
- RESERVED
-CVE-2022-26693
- RESERVED
+CVE-2022-26694 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
+CVE-2022-26693 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
CVE-2022-26692
RESERVED
CVE-2022-26691 (A logic issue was addressed with improved state management. This issue ...)
- {DSA-5149-1}
+ {DSA-5149-1 DLA-3029-1}
- cups 2.4.2-1 (bug #1011769)
NOTE: Fixed by: https://github.com/OpenPrinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444 (v2.4.2)
NOTE: Followup (fix comment): https://github.com/OpenPrinting/cups/commit/411b6136f450a583ee08c3880fa09dbe837eb3f1
@@ -20857,6 +20911,7 @@ CVE-2022-0494 (A kernel information leak flaw was identified in the scsi_ioctl f
CVE-2022-0493 (The String locator WordPress plugin before 2.5.0 does not properly val ...)
NOT-FOR-US: WordPress plugin
CVE-2021-46671 (options.c in atftp before 0.7.5 reads past the end of an array, and co ...)
+ {DLA-3028-1}
- atftp 0.7.git20210915-1 (bug #1004974)
[bullseye] - atftp 0.7.git20120829-3.3+deb11u2
[buster] - atftp 0.7.git20120829-3.2~deb10u3
@@ -78933,10 +78988,10 @@ CVE-2021-28511
RESERVED
CVE-2021-28510
RESERVED
-CVE-2021-28509
- RESERVED
-CVE-2021-28508
- RESERVED
+CVE-2021-28509 (This advisory documents the impact of an internally found vulnerabilit ...)
+ TODO: check
+CVE-2021-28508 (This advisory documents the impact of an internally found vulnerabilit ...)
+ TODO: check
CVE-2021-28507 (An issue has recently been discovered in Arista EOS where, under certa ...)
NOT-FOR-US: Arista
CVE-2021-28506 (An issue has recently been discovered in Arista EOS where certain gNOI ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f137f91f622872fdd76f417708d8dae4fda9f29c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f137f91f622872fdd76f417708d8dae4fda9f29c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220527/dbf10688/attachment.htm>
More information about the debian-security-tracker-commits
mailing list