[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Nov 2 08:10:31 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
eef31292 by security tracker role at 2022-11-02T08:10:21+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,238 @@
-CVE-2022-3786
+CVE-2023-20903
RESERVED
+CVE-2023-20902
+ RESERVED
+CVE-2023-20901
+ RESERVED
+CVE-2023-20900
+ RESERVED
+CVE-2023-20899
+ RESERVED
+CVE-2023-20898
+ RESERVED
+CVE-2023-20897
+ RESERVED
+CVE-2023-20896
+ RESERVED
+CVE-2023-20895
+ RESERVED
+CVE-2023-20894
+ RESERVED
+CVE-2023-20893
+ RESERVED
+CVE-2023-20892
+ RESERVED
+CVE-2023-20891
+ RESERVED
+CVE-2023-20890
+ RESERVED
+CVE-2023-20889
+ RESERVED
+CVE-2023-20888
+ RESERVED
+CVE-2023-20887
+ RESERVED
+CVE-2023-20886
+ RESERVED
+CVE-2023-20885
+ RESERVED
+CVE-2023-20884
+ RESERVED
+CVE-2023-20883
+ RESERVED
+CVE-2023-20882
+ RESERVED
+CVE-2023-20881
+ RESERVED
+CVE-2023-20880
+ RESERVED
+CVE-2023-20879
+ RESERVED
+CVE-2023-20878
+ RESERVED
+CVE-2023-20877
+ RESERVED
+CVE-2023-20876
+ RESERVED
+CVE-2023-20875
+ RESERVED
+CVE-2023-20874
+ RESERVED
+CVE-2023-20873
+ RESERVED
+CVE-2023-20872
+ RESERVED
+CVE-2023-20871
+ RESERVED
+CVE-2023-20870
+ RESERVED
+CVE-2023-20869
+ RESERVED
+CVE-2023-20868
+ RESERVED
+CVE-2023-20867
+ RESERVED
+CVE-2023-20866
+ RESERVED
+CVE-2023-20865
+ RESERVED
+CVE-2023-20864
+ RESERVED
+CVE-2023-20863
+ RESERVED
+CVE-2023-20862
+ RESERVED
+CVE-2023-20861
+ RESERVED
+CVE-2023-20860
+ RESERVED
+CVE-2023-20859
+ RESERVED
+CVE-2023-20858
+ RESERVED
+CVE-2023-20857
+ RESERVED
+CVE-2023-20856
+ RESERVED
+CVE-2023-20855
+ RESERVED
+CVE-2023-20854
+ RESERVED
+CVE-2022-44605
+ RESERVED
+CVE-2022-44604
+ RESERVED
+CVE-2022-44603
+ RESERVED
+CVE-2022-44602
+ RESERVED
+CVE-2022-44601
+ RESERVED
+CVE-2022-44600
+ RESERVED
+CVE-2022-44599
+ RESERVED
+CVE-2022-44598
+ RESERVED
+CVE-2022-44597
+ RESERVED
+CVE-2022-44596
+ RESERVED
+CVE-2022-44595
+ RESERVED
+CVE-2022-44594
+ RESERVED
+CVE-2022-44593
+ RESERVED
+CVE-2022-44592
+ RESERVED
+CVE-2022-44591
+ RESERVED
+CVE-2022-44590
+ RESERVED
+CVE-2022-44589
+ RESERVED
+CVE-2022-44588
+ RESERVED
+CVE-2022-44587
+ RESERVED
+CVE-2022-44586
+ RESERVED
+CVE-2022-44585
+ RESERVED
+CVE-2022-44584
+ RESERVED
+CVE-2022-44583
+ RESERVED
+CVE-2022-44582
+ RESERVED
+CVE-2022-44581
+ RESERVED
+CVE-2022-44580
+ RESERVED
+CVE-2022-44579
+ RESERVED
+CVE-2022-44578
+ RESERVED
+CVE-2022-44577
+ RESERVED
+CVE-2022-44576
+ RESERVED
+CVE-2022-44575
+ RESERVED
+CVE-2022-44574
+ RESERVED
+CVE-2022-44573
+ RESERVED
+CVE-2022-44572
+ RESERVED
+CVE-2022-44571
+ RESERVED
+CVE-2022-44570
+ RESERVED
+CVE-2022-44569
+ RESERVED
+CVE-2022-44568
+ RESERVED
+CVE-2022-44567
+ RESERVED
+CVE-2022-44566
+ RESERVED
+CVE-2022-44565
+ RESERVED
+CVE-2022-44564
+ RESERVED
+CVE-2022-3811
+ RESERVED
+CVE-2022-3810
+ RESERVED
+CVE-2022-3809
+ RESERVED
+CVE-2022-3808 (A vulnerability classified as problematic has been found in WebFactory ...)
+ TODO: check
+CVE-2022-3807 (A vulnerability was found in Axiomatic Bento4. It has been rated as pr ...)
+ TODO: check
+CVE-2022-3806
+ RESERVED
+CVE-2022-3805
+ RESERVED
+CVE-2022-3804 (A vulnerability was found in eolinker apinto-dashboard. It has been cl ...)
+ TODO: check
+CVE-2022-3803 (A vulnerability was found in eolinker apinto-dashboard and classified ...)
+ TODO: check
+CVE-2022-3802 (A vulnerability has been found in IBAX go-ibax and classified as criti ...)
+ TODO: check
+CVE-2022-3801 (A vulnerability, which was classified as critical, was found in IBAX g ...)
+ TODO: check
+CVE-2022-3800 (A vulnerability, which was classified as critical, has been found in I ...)
+ TODO: check
+CVE-2022-3799 (A vulnerability classified as critical was found in IBAX go-ibax. Affe ...)
+ TODO: check
+CVE-2022-3798 (A vulnerability classified as critical has been found in IBAX go-ibax. ...)
+ TODO: check
+CVE-2022-3797 (A vulnerability was found in eolinker apinto-dashboard. It has been ra ...)
+ TODO: check
+CVE-2022-3796 (A vulnerability was found in Events Calendar Plugin. It has been decla ...)
+ TODO: check
+CVE-2022-3795
+ RESERVED
+CVE-2022-3794
+ RESERVED
+CVE-2022-3793
+ RESERVED
+CVE-2022-3792
+ RESERVED
+CVE-2022-3791 (A vulnerability was found in PDF & Print Plugin. It has been class ...)
+ TODO: check
+CVE-2022-3790 (A vulnerability was found in Flipbook Plugin and classified as problem ...)
+ TODO: check
+CVE-2022-3789 (A vulnerability has been found in Tim Campus Confession Wall and class ...)
+ TODO: check
+CVE-2022-3788 (A vulnerability, which was classified as problematic, was found in Tab ...)
+ TODO: check
+CVE-2022-3787
+ RESERVED
+CVE-2022-3786 (A buffer overrun can be triggered in X.509 certificate verification, s ...)
- openssl 3.0.7-1
[bullseye] - openssl <not-affected> (Only affects 3.x)
[buster] - openssl <not-affected> (Only affects 3.x)
@@ -78,8 +311,8 @@ CVE-2022-3783 (A vulnerability, which was classified as problematic, has been fo
NOT-FOR-US: node-red-dashboard
CVE-2022-3782
RESERVED
-CVE-2022-3781
- RESERVED
+CVE-2022-3781 (Dashlane password and Keepass Server password in My Account Settings a ...)
+ TODO: check
CVE-2021-46852
RESERVED
CVE-2021-46851
@@ -250,8 +483,8 @@ CVE-2022-43447
RESERVED
CVE-2022-41775
RESERVED
-CVE-2022-3780
- RESERVED
+CVE-2022-3780 (Database connections on deleted users could stay active on MySQL data ...)
+ TODO: check
CVE-2022-3779
RESERVED
CVE-2022-3778
@@ -1239,10 +1472,10 @@ CVE-2022-43992
RESERVED
CVE-2022-43991
RESERVED
-CVE-2022-43990
- RESERVED
-CVE-2022-43989
- RESERVED
+CVE-2022-43990 (Password recovery vulnerability in SICK SIM1012 Partnumber 1098146 wit ...)
+ TODO: check
+CVE-2022-43989 (Password recovery vulnerability in SICK SIM2x00 (ARM) Partnumber 10926 ...)
+ TODO: check
CVE-2022-43988
RESERVED
CVE-2022-43987
@@ -4511,8 +4744,7 @@ CVE-2022-3604
RESERVED
CVE-2022-3603
RESERVED
-CVE-2022-3602
- RESERVED
+CVE-2022-3602 (A buffer overrun can be triggered in X.509 certificate verification, s ...)
- openssl 3.0.7-1
[bullseye] - openssl <not-affected> (Only affects 3.0)
[buster] - openssl <not-affected> (Only affects 3.0)
@@ -4768,10 +5000,10 @@ CVE-2022-43364 (An access control issue in the password reset page of IP-COM EW9
NOT-FOR-US: IP-COM EW9
CVE-2022-43363
RESERVED
-CVE-2022-43362
- RESERVED
-CVE-2022-43361
- RESERVED
+CVE-2022-43362 (Senayan Library Management System v9.4.2 was discovered to contain a S ...)
+ TODO: check
+CVE-2022-43361 (Senayan Library Management System v9.4.2 was discovered to contain a c ...)
+ TODO: check
CVE-2022-43360
RESERVED
CVE-2022-43359
@@ -4830,14 +5062,14 @@ CVE-2022-43333
RESERVED
CVE-2022-43332
RESERVED
-CVE-2022-43331
- RESERVED
-CVE-2022-43330
- RESERVED
-CVE-2022-43329
- RESERVED
-CVE-2022-43328
- RESERVED
+CVE-2022-43331 (Canteen Management System v1.0 was discovered to contain a SQL injecti ...)
+ TODO: check
+CVE-2022-43330 (Canteen Management System v1.0 was discovered to contain a SQL injecti ...)
+ TODO: check
+CVE-2022-43329 (Canteen Management System v1.0 was discovered to contain a SQL injecti ...)
+ TODO: check
+CVE-2022-43328 (Canteen Management System v1.0 was discovered to contain a SQL injecti ...)
+ TODO: check
CVE-2022-43327
RESERVED
CVE-2022-43326
@@ -5050,12 +5282,12 @@ CVE-2022-43225
RESERVED
CVE-2022-43224
RESERVED
-CVE-2022-43223
- RESERVED
-CVE-2022-43222
- RESERVED
-CVE-2022-43221
- RESERVED
+CVE-2022-43223 (open5gs v2.4.11 was discovered to contain a memory leak in the compone ...)
+ TODO: check
+CVE-2022-43222 (open5gs v2.4.11 was discovered to contain a memory leak in the compone ...)
+ TODO: check
+CVE-2022-43221 (open5gs v2.4.11 was discovered to contain a memory leak in the compone ...)
+ TODO: check
CVE-2022-43220
RESERVED
CVE-2022-43219
@@ -5244,14 +5476,14 @@ CVE-2022-43129
RESERVED
CVE-2022-43128
RESERVED
-CVE-2022-43127
- RESERVED
-CVE-2022-43126
- RESERVED
-CVE-2022-43125
- RESERVED
-CVE-2022-43124
- RESERVED
+CVE-2022-43127 (Online Diagnostic Lab Management System v1.0 was discovered to contain ...)
+ TODO: check
+CVE-2022-43126 (Online Diagnostic Lab Management System v1.0 was discovered to contain ...)
+ TODO: check
+CVE-2022-43125 (Online Diagnostic Lab Management System v1.0 was discovered to contain ...)
+ TODO: check
+CVE-2022-43124 (Online Diagnostic Lab Management System v1.0 was discovered to contain ...)
+ TODO: check
CVE-2022-43123
RESERVED
CVE-2022-43122
@@ -5326,28 +5558,28 @@ CVE-2022-43088
RESERVED
CVE-2022-43087
RESERVED
-CVE-2022-43086
- RESERVED
-CVE-2022-43085
- RESERVED
-CVE-2022-43084
- RESERVED
-CVE-2022-43083
- RESERVED
-CVE-2022-43082
- RESERVED
-CVE-2022-43081
- RESERVED
+CVE-2022-43086 (Restaurant POS System v1.0 was discovered to contain a SQL injection v ...)
+ TODO: check
+CVE-2022-43085 (An arbitrary file upload vulnerability in add_product.php of Restauran ...)
+ TODO: check
+CVE-2022-43084 (A cross-site scripting (XSS) vulnerability in admin-add-vehicle.php of ...)
+ TODO: check
+CVE-2022-43083 (An arbitrary file upload vulnerability in admin-add-vehicle.php of Veh ...)
+ TODO: check
+CVE-2022-43082 (A cross-site scripting (XSS) vulnerability in /fastfood/purchase.php o ...)
+ TODO: check
+CVE-2022-43081 (Fast Food Ordering System v1.0 was discovered to contain a SQL injecti ...)
+ TODO: check
CVE-2022-43080
RESERVED
-CVE-2022-43079
- RESERVED
-CVE-2022-43078
- RESERVED
+CVE-2022-43079 (A cross-site scripting (XSS) vulnerability in /admin/add-fee.php of Tr ...)
+ TODO: check
+CVE-2022-43078 (A cross-site scripting (XSS) vulnerability in /admin/add-fee.php of We ...)
+ TODO: check
CVE-2022-43077
RESERVED
-CVE-2022-43076
- RESERVED
+CVE-2022-43076 (A cross-site scripting (XSS) vulnerability in /admin/edit-admin.php of ...)
+ TODO: check
CVE-2022-43075
RESERVED
CVE-2022-43074
@@ -5898,8 +6130,8 @@ CVE-2022-3511
RESERVED
CVE-2022-3510
RESERVED
-CVE-2022-3509
- RESERVED
+CVE-2022-3509 (A parsing issue similar to CVE-2022-3171, but with textformat in proto ...)
+ TODO: check
CVE-2022-3508
RESERVED
CVE-2022-3507
@@ -6212,96 +6444,96 @@ CVE-2022-42834
RESERVED
CVE-2022-42833
RESERVED
-CVE-2022-42832
- RESERVED
-CVE-2022-42831
- RESERVED
-CVE-2022-42830
- RESERVED
-CVE-2022-42829
- RESERVED
+CVE-2022-42832 (A race condition was addressed with improved locking. This issue is fi ...)
+ TODO: check
+CVE-2022-42831 (A race condition was addressed with improved locking. This issue is fi ...)
+ TODO: check
+CVE-2022-42830 (The issue was addressed with improved memory handling. This issue is f ...)
+ TODO: check
+CVE-2022-42829 (A use after free issue was addressed with improved memory management. ...)
+ TODO: check
CVE-2022-42828
RESERVED
-CVE-2022-42827
- RESERVED
+CVE-2022-42827 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+ TODO: check
CVE-2022-42826
RESERVED
-CVE-2022-42825
- RESERVED
-CVE-2022-42824
- RESERVED
-CVE-2022-42823
- RESERVED
+CVE-2022-42825 (This issue was addressed by removing additional entitlements. This iss ...)
+ TODO: check
+CVE-2022-42824 (A logic issue was addressed with improved state management. This issue ...)
+ TODO: check
+CVE-2022-42823 (A type confusion issue was addressed with improved memory handling. Th ...)
+ TODO: check
CVE-2022-42822
RESERVED
CVE-2022-42821
RESERVED
-CVE-2022-42820
- RESERVED
-CVE-2022-42819
- RESERVED
-CVE-2022-42818
- RESERVED
-CVE-2022-42817
- RESERVED
+CVE-2022-42820 (A memory corruption issue was addressed with improved state management ...)
+ TODO: check
+CVE-2022-42819 (An access issue was addressed with improved access restrictions. This ...)
+ TODO: check
+CVE-2022-42818 (This issue was addressed with improved data protection. This issue is ...)
+ TODO: check
+CVE-2022-42817 (A logic issue was addressed with improved state management. This issue ...)
+ TODO: check
CVE-2022-42816
RESERVED
-CVE-2022-42815
- RESERVED
-CVE-2022-42814
- RESERVED
-CVE-2022-42813
- RESERVED
+CVE-2022-42815 (This issue was addressed with improved data protection. This issue is ...)
+ TODO: check
+CVE-2022-42814 (A logic issue was addressed with improved checks. This issue is fixed ...)
+ TODO: check
+CVE-2022-42813 (A certificate validation issue existed in the handling of WKWebView. T ...)
+ TODO: check
CVE-2022-42812
RESERVED
-CVE-2022-42811
- RESERVED
-CVE-2022-42810
- RESERVED
-CVE-2022-42809
- RESERVED
-CVE-2022-42808
- RESERVED
+CVE-2022-42811 (An access issue was addressed with additional sandbox restrictions. Th ...)
+ TODO: check
+CVE-2022-42810 (The issue was addressed with improved memory handling. This issue is f ...)
+ TODO: check
+CVE-2022-42809 (The issue was addressed with improved memory handling. This issue is f ...)
+ TODO: check
+CVE-2022-42808 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+ TODO: check
CVE-2022-42807
RESERVED
-CVE-2022-42806
- RESERVED
+CVE-2022-42806 (A race condition was addressed with improved locking. This issue is fi ...)
+ TODO: check
CVE-2022-42805
RESERVED
CVE-2022-42804
RESERVED
-CVE-2022-42803
- RESERVED
+CVE-2022-42803 (A race condition was addressed with improved locking. This issue is fi ...)
+ TODO: check
CVE-2022-42802
RESERVED
-CVE-2022-42801
- RESERVED
-CVE-2022-42800
- RESERVED
-CVE-2022-42799
- RESERVED
-CVE-2022-42798
- RESERVED
+CVE-2022-42801 (A logic issue was addressed with improved checks. This issue is fixed ...)
+ TODO: check
+CVE-2022-42800 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
+CVE-2022-42799 (The issue was addressed with improved UI handling. This issue is fixed ...)
+ TODO: check
+CVE-2022-42798 (The issue was addressed with improved memory handling. This issue is f ...)
+ TODO: check
CVE-2022-42797
RESERVED
-CVE-2022-42796
- RESERVED
-CVE-2022-42795
- RESERVED
+CVE-2022-42796 (This issue was addressed by removing the vulnerable code. This issue i ...)
+ TODO: check
+CVE-2022-42795 (A memory consumption issue was addressed with improved memory handling ...)
+ TODO: check
CVE-2022-42794
RESERVED
-CVE-2022-42793
- RESERVED
+CVE-2022-42793 (An issue in code signature validation was addressed with improved chec ...)
+ TODO: check
CVE-2022-42792
RESERVED
-CVE-2022-42791
- RESERVED
-CVE-2022-42790
- RESERVED
-CVE-2022-42789
- RESERVED
-CVE-2022-42788
- RESERVED
+CVE-2022-42791 (A race condition was addressed with improved state handling. This issu ...)
+ TODO: check
+CVE-2022-42790 (A logic issue was addressed with improved state management. This issue ...)
+ TODO: check
+CVE-2022-42789 (An issue in code signature validation was addressed with improved chec ...)
+ TODO: check
+CVE-2022-42788 (A permissions issue existed. This issue was addressed with improved pe ...)
+ TODO: check
CVE-2022-42787
RESERVED
CVE-2022-42786
@@ -6460,10 +6692,10 @@ CVE-2022-42733
RESERVED
CVE-2022-42732
RESERVED
-CVE-2022-3444
- RESERVED
-CVE-2022-3443
- RESERVED
+CVE-2022-3444 (Insufficient data validation in File System API in Google Chrome prior ...)
+ TODO: check
+CVE-2022-3443 (Insufficient data validation in File System API in Google Chrome prior ...)
+ TODO: check
CVE-2022-3442 (A vulnerability was found in Crealogix EBICS 7.0. It has been rated as ...)
NOT-FOR-US: Crealogix EBICS
CVE-2022-3441 (The Rock Convert WordPress plugin before 2.11.0 does not sanitise and ...)
@@ -7382,99 +7614,80 @@ CVE-2022-42329
RESERVED
CVE-2022-42328
RESERVED
-CVE-2022-42327
- RESERVED
+CVE-2022-42327 (x86: unintended memory sharing between guests On Intel systems that su ...)
- xen <unfixed>
[bullseye] - xen <not-affected> (Vulnerable code introduced later in 4.16)
[buster] - xen <not-affected> (Vulnerable code introduced later in 4.16)
NOTE: https://xenbits.xen.org/xsa/advisory-412.html
-CVE-2022-42326
- RESERVED
+CVE-2022-42326 (Xenstore: Guests can create arbitrary number of nodes via transactions ...)
- xen <unfixed>
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-421.html
-CVE-2022-42325
- RESERVED
+CVE-2022-42325 (Xenstore: Guests can create arbitrary number of nodes via transactions ...)
- xen <unfixed>
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-421.html
-CVE-2022-42324
- RESERVED
+CVE-2022-42324 (Oxenstored 32->31 bit integer truncation issues Integers in Ocaml a ...)
- xen <unfixed>
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-420.html
-CVE-2022-42323
- RESERVED
+CVE-2022-42323 (Xenstore: Cooperating guests can create arbitrary numbers of nodes T[h ...)
- xen <unfixed>
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-419.html
-CVE-2022-42322
- RESERVED
+CVE-2022-42322 (Xenstore: Cooperating guests can create arbitrary numbers of nodes T[h ...)
- xen <unfixed>
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-419.html
-CVE-2022-42321
- RESERVED
+CVE-2022-42321 (Xenstore: Guests can crash xenstored via exhausting the stack Xenstore ...)
- xen <unfixed>
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-418.html
-CVE-2022-42320
- RESERVED
+CVE-2022-42320 (Xenstore: Guests can get access to Xenstore nodes of deleted domains A ...)
- xen <unfixed>
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-417.html
-CVE-2022-42319
- RESERVED
+CVE-2022-42319 (Xenstore: Guests can cause Xenstore to not free temporary memory When ...)
- xen <unfixed>
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-416.html
-CVE-2022-42318
- RESERVED
+CVE-2022-42318 (Xenstore: guests can let run xenstored out of memory T[his CNA informa ...)
- xen <unfixed>
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-326.html
-CVE-2022-42317
- RESERVED
+CVE-2022-42317 (Xenstore: guests can let run xenstored out of memory T[his CNA informa ...)
- xen <unfixed>
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-326.html
-CVE-2022-42316
- RESERVED
+CVE-2022-42316 (Xenstore: guests can let run xenstored out of memory T[his CNA informa ...)
- xen <unfixed>
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-326.html
-CVE-2022-42315
- RESERVED
+CVE-2022-42315 (Xenstore: guests can let run xenstored out of memory T[his CNA informa ...)
- xen <unfixed>
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-326.html
-CVE-2022-42314
- RESERVED
+CVE-2022-42314 (Xenstore: guests can let run xenstored out of memory T[his CNA informa ...)
- xen <unfixed>
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-326.html
-CVE-2022-42313
- RESERVED
+CVE-2022-42313 (Xenstore: guests can let run xenstored out of memory T[his CNA informa ...)
- xen <unfixed>
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-326.html
-CVE-2022-42312
- RESERVED
+CVE-2022-42312 (Xenstore: guests can let run xenstored out of memory T[his CNA informa ...)
- xen <unfixed>
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-326.html
-CVE-2022-42311
- RESERVED
+CVE-2022-42311 (Xenstore: guests can let run xenstored out of memory T[his CNA informa ...)
- xen <unfixed>
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-326.html
-CVE-2022-42310
- RESERVED
+CVE-2022-42310 (Xenstore: Guests can create orphaned Xenstore nodes By creating multip ...)
- xen <unfixed>
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-415.html
-CVE-2022-42309
- RESERVED
+CVE-2022-42309 (Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-11 ...)
- xen <unfixed>
[buster] - xen <end-of-life> (DSA 4677-1)
NOTE: https://xenbits.xen.org/xsa/advisory-414.html
@@ -9280,78 +9493,63 @@ CVE-2022-3320 (It was possible to bypass policies configured for Zero Trust Secu
TODO: check
CVE-2022-3319
RESERVED
-CVE-2022-3318
- RESERVED
+CVE-2022-3318 (Use after free in ChromeOS Notifications in Google Chrome on ChromeOS ...)
{DSA-5244-1}
- chromium 106.0.5249.61-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2022-3317
- RESERVED
+CVE-2022-3317 (Insufficient validation of untrusted input in Intents in Google Chrome ...)
{DSA-5244-1}
- chromium 106.0.5249.61-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2022-3316
- RESERVED
+CVE-2022-3316 (Insufficient validation of untrusted input in Safe Browsing in Google ...)
{DSA-5244-1}
- chromium 106.0.5249.61-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2022-3315
- RESERVED
+CVE-2022-3315 (Type confusion in Blink in Google Chrome prior to 106.0.5249.62 allowe ...)
{DSA-5244-1}
- chromium 106.0.5249.61-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2022-3314
- RESERVED
+CVE-2022-3314 (Use after free in logging in Google Chrome prior to 106.0.5249.62 allo ...)
{DSA-5244-1}
- chromium 106.0.5249.61-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2022-3313
- RESERVED
+CVE-2022-3313 (Incorrect security UI in full screen in Google Chrome prior to 106.0.5 ...)
{DSA-5244-1}
- chromium 106.0.5249.61-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2022-3312
- RESERVED
+CVE-2022-3312 (Insufficient validation of untrusted input in VPN in Google Chrome on ...)
{DSA-5244-1}
- chromium 106.0.5249.61-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2022-3311
- RESERVED
+CVE-2022-3311 (Use after free in import in Google Chrome prior to 106.0.5249.62 allow ...)
{DSA-5244-1}
- chromium 106.0.5249.61-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2022-3310
- RESERVED
+CVE-2022-3310 (Insufficient policy enforcement in custom tabs in Google Chrome on And ...)
{DSA-5244-1}
- chromium 106.0.5249.61-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2022-3309
- RESERVED
+CVE-2022-3309 (Use after free in assistant in Google Chrome on ChromeOS prior to 106. ...)
{DSA-5244-1}
- chromium 106.0.5249.61-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2022-3308
- RESERVED
+CVE-2022-3308 (Insufficient policy enforcement in developer tools in Google Chrome pr ...)
{DSA-5244-1}
- chromium 106.0.5249.61-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2022-3307
- RESERVED
+CVE-2022-3307 (Use after free in media in Google Chrome prior to 106.0.5249.62 allowe ...)
{DSA-5244-1}
- chromium 106.0.5249.61-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2022-3306
- RESERVED
+CVE-2022-3306 (Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5 ...)
{DSA-5244-1}
- chromium 106.0.5249.61-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2022-3305
- RESERVED
+CVE-2022-3305 (Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5 ...)
{DSA-5244-1}
- chromium 106.0.5249.61-1
[buster] - chromium <end-of-life> (see DSA 5046)
-CVE-2022-3304
- RESERVED
+CVE-2022-3304 (Use after free in CSS in Google Chrome prior to 106.0.5249.62 allowed ...)
{DSA-5244-1}
- chromium 106.0.5249.61-1
[buster] - chromium <end-of-life> (see DSA 5046)
@@ -11035,8 +11233,8 @@ CVE-2022-40841
RESERVED
CVE-2022-40840
RESERVED
-CVE-2022-40839
- RESERVED
+CVE-2022-40839 (A SQL injection vulnerability in the height and width parameter in Ndk ...)
+ TODO: check
CVE-2022-40838
RESERVED
CVE-2022-40837
@@ -11580,7 +11778,7 @@ CVE-2022-3202 (A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Jo
[bullseye] - linux 5.10.113-1
[buster] - linux 4.19.249-1
NOTE: https://git.kernel.org/linus/a53046291020ec41e09181396c1e829287b48d47 (5.18-rc1)
-CVE-2022-3201 (Insufficient validation of untrusted input in DevTools in Google Chrom ...)
+CVE-2022-3201 (Insufficient validation of untrusted input in Developer tools in Googl ...)
{DSA-5244-1 DSA-5230-1}
- chromium 106.0.5249.61-1
[buster] - chromium <end-of-life> (see DSA 5046)
@@ -14479,8 +14677,8 @@ CVE-2022-39371
RESERVED
CVE-2022-39370
RESERVED
-CVE-2022-39369
- RESERVED
+CVE-2022-39369 (phpCAS is an authentication library that allows PHP applications to ea ...)
+ TODO: check
CVE-2022-39368
RESERVED
CVE-2022-39367 (QTIWorks is a software suite for standards-based assessment delivery. ...)
@@ -27450,8 +27648,7 @@ CVE-2022-34664
RESERVED
CVE-2022-34663 (A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versio ...)
NOT-FOR-US: Siemens
-CVE-2022-34662
- RESERVED
+CVE-2022-34662 (When users add resources to the resource center with a relation path w ...)
NOT-FOR-US: Apache DolphinScheduler
CVE-2022-34661 (A vulnerability has been identified in Teamcenter V12.4 (All versions ...)
NOT-FOR-US: Siemens
@@ -31894,114 +32091,114 @@ CVE-2022-32949
RESERVED
CVE-2022-32948
RESERVED
-CVE-2022-32947
- RESERVED
-CVE-2022-32946
- RESERVED
+CVE-2022-32947 (The issue was addressed with improved memory handling. This issue is f ...)
+ TODO: check
+CVE-2022-32946 (This issue was addressed with improved entitlements. This issue is fix ...)
+ TODO: check
CVE-2022-32945
RESERVED
-CVE-2022-32944
- RESERVED
+CVE-2022-32944 (A memory corruption issue was addressed with improved state management ...)
+ TODO: check
CVE-2022-32943
RESERVED
CVE-2022-32942
RESERVED
-CVE-2022-32941
- RESERVED
-CVE-2022-32940
- RESERVED
-CVE-2022-32939
- RESERVED
-CVE-2022-32938
- RESERVED
+CVE-2022-32941 (The issue was addressed with improved bounds checks. This issue is fix ...)
+ TODO: check
+CVE-2022-32940 (The issue was addressed with improved bounds checks. This issue is fix ...)
+ TODO: check
+CVE-2022-32939 (The issue was addressed with improved bounds checks. This issue is fix ...)
+ TODO: check
+CVE-2022-32938 (A parsing issue in the handling of directory paths was addressed with ...)
+ TODO: check
CVE-2022-32937
RESERVED
-CVE-2022-32936
- RESERVED
-CVE-2022-32935
- RESERVED
-CVE-2022-32934
- RESERVED
+CVE-2022-32936 (An out-of-bounds read was addressed with improved input validation. Th ...)
+ TODO: check
+CVE-2022-32935 (A lock screen issue was addressed with improved state management. This ...)
+ TODO: check
+CVE-2022-32934 (The issue was addressed with improved memory handling. This issue is f ...)
+ TODO: check
CVE-2022-32933
RESERVED
-CVE-2022-32932
- RESERVED
+CVE-2022-32932 (The issue was addressed with improved memory handling. This issue is f ...)
+ TODO: check
CVE-2022-32931
RESERVED
CVE-2022-32930
RESERVED
-CVE-2022-32929
- RESERVED
-CVE-2022-32928
- RESERVED
-CVE-2022-32927
- RESERVED
-CVE-2022-32926
- RESERVED
-CVE-2022-32925
- RESERVED
-CVE-2022-32924
- RESERVED
-CVE-2022-32923
- RESERVED
-CVE-2022-32922
- RESERVED
+CVE-2022-32929 (A permissions issue was addressed with additional restrictions. This i ...)
+ TODO: check
+CVE-2022-32928 (A logic issue was addressed with improved restrictions. This issue is ...)
+ TODO: check
+CVE-2022-32927 (The issue was addressed with improved memory handling. This issue is f ...)
+ TODO: check
+CVE-2022-32926 (The issue was addressed with improved bounds checks. This issue is fix ...)
+ TODO: check
+CVE-2022-32925 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+ TODO: check
+CVE-2022-32924 (The issue was addressed with improved memory handling. This issue is f ...)
+ TODO: check
+CVE-2022-32923 (A correctness issue in the JIT was addressed with improved checks. Thi ...)
+ TODO: check
+CVE-2022-32922 (A use after free issue was addressed with improved memory management. ...)
+ TODO: check
CVE-2022-32921
RESERVED
CVE-2022-32920
RESERVED
CVE-2022-32919
RESERVED
-CVE-2022-32918
- RESERVED
+CVE-2022-32918 (This issue was addressed with improved data protection. This issue is ...)
+ TODO: check
CVE-2022-32917 (The issue was addressed with improved bounds checks. This issue is fix ...)
NOT-FOR-US: Apple
CVE-2022-32916
RESERVED
-CVE-2022-32915
- RESERVED
-CVE-2022-32914
- RESERVED
-CVE-2022-32913
- RESERVED
+CVE-2022-32915 (A type confusion issue was addressed with improved checks. This issue ...)
+ TODO: check
+CVE-2022-32914 (A use after free issue was addressed with improved memory management. ...)
+ TODO: check
+CVE-2022-32913 (The issue was addressed with additional restrictions on the observabil ...)
+ TODO: check
CVE-2022-32912 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
- webkit2gtk <not-affected> (only affects macOS)
- wpewebkit <not-affected> (only affects macOS)
NOTE: https://webkitgtk.org/security/WSA-2022-0009.html
CVE-2022-32911 (The issue was addressed with improved memory handling. This issue is f ...)
NOT-FOR-US: Apple
-CVE-2022-32910
- RESERVED
-CVE-2022-32909
- RESERVED
+CVE-2022-32910 (A logic issue was addressed with improved checks. This issue is fixed ...)
+ TODO: check
+CVE-2022-32909 (The issue was addressed with improved handling of caches. This issue i ...)
+ TODO: check
CVE-2022-32908 (A memory corruption issue was addressed with improved input validation ...)
NOT-FOR-US: Apple
-CVE-2022-32907
- RESERVED
+CVE-2022-32907 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
CVE-2022-32906
RESERVED
-CVE-2022-32905
- RESERVED
-CVE-2022-32904
- RESERVED
-CVE-2022-32903
- RESERVED
+CVE-2022-32905 (This issue was addressed with improved validation of symlinks. This is ...)
+ TODO: check
+CVE-2022-32904 (An access issue was addressed with additional sandbox restrictions. Th ...)
+ TODO: check
+CVE-2022-32903 (A use after free issue was addressed with improved memory management. ...)
+ TODO: check
CVE-2022-32902
RESERVED
CVE-2022-32901
RESERVED
CVE-2022-32900
RESERVED
-CVE-2022-32899
- RESERVED
-CVE-2022-32898
- RESERVED
+CVE-2022-32899 (The issue was addressed with improved memory handling. This issue is f ...)
+ TODO: check
+CVE-2022-32898 (The issue was addressed with improved memory handling. This issue is f ...)
+ TODO: check
CVE-2022-32897
RESERVED
CVE-2022-32896
RESERVED
-CVE-2022-32895
- RESERVED
+CVE-2022-32895 (A race condition was addressed with improved state handling. This issu ...)
+ TODO: check
CVE-2022-32894 (An out-of-bounds write issue was addressed with improved bounds checki ...)
NOT-FOR-US: Apple
CVE-2022-32893 (An out-of-bounds write issue was addressed with improved bounds checki ...)
@@ -32009,22 +32206,22 @@ CVE-2022-32893 (An out-of-bounds write issue was addressed with improved bounds
- webkit2gtk 2.36.7-1
- wpewebkit 2.36.7-1
NOTE: https://wpewebkit.org/security/WSA-2022-0008.html
-CVE-2022-32892
- RESERVED
+CVE-2022-32892 (An access issue was addressed with improvements to the sandbox. This i ...)
+ TODO: check
CVE-2022-32891
RESERVED
{DSA-5211-1 DSA-5210-1 DLA-3073-1}
- webkit2gtk 2.36.6-1
- wpewebkit 2.36.6-1
NOTE: https://webkitgtk.org/security/WSA-2022-0009.html
-CVE-2022-32890
- RESERVED
-CVE-2022-32889
- RESERVED
-CVE-2022-32888
- RESERVED
-CVE-2022-32887
- RESERVED
+CVE-2022-32890 (A logic issue was addressed with improved checks. This issue is fixed ...)
+ TODO: check
+CVE-2022-32889 (The issue was addressed with improved memory handling. This issue is f ...)
+ TODO: check
+CVE-2022-32888 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+ TODO: check
+CVE-2022-32887 (The issue was addressed with improved memory handling. This issue is f ...)
+ TODO: check
CVE-2022-32886 (A buffer overflow issue was addressed with improved memory handling. T ...)
{DSA-5241-1 DSA-5240-1 DLA-3124-1}
- webkit2gtk 2.38.0-1
@@ -32038,20 +32235,20 @@ CVE-2022-32883 (A logic issue was addressed with improved restrictions. This iss
NOT-FOR-US: Apple
CVE-2022-32882 (This issue was addressed with improved checks. This issue is fixed in ...)
NOT-FOR-US: Apple
-CVE-2022-32881
- RESERVED
+CVE-2022-32881 (A logic issue was addressed with improved restrictions. This issue is ...)
+ TODO: check
CVE-2022-32880 (This issue was addressed by enabling hardened runtime. This issue is f ...)
NOT-FOR-US: Apple
-CVE-2022-32879
- RESERVED
+CVE-2022-32879 (A logic issue was addressed with improved state management. This issue ...)
+ TODO: check
CVE-2022-32878
RESERVED
-CVE-2022-32877
- RESERVED
+CVE-2022-32877 (A configuration issue was addressed with additional restrictions. This ...)
+ TODO: check
CVE-2022-32876
RESERVED
-CVE-2022-32875
- RESERVED
+CVE-2022-32875 (A logic issue was addressed with improved state management. This issue ...)
+ TODO: check
CVE-2022-32874
RESERVED
CVE-2022-32873
@@ -32060,32 +32257,32 @@ CVE-2022-32872 (A logic issue was addressed with improved restrictions. This iss
NOT-FOR-US: Apple
CVE-2022-32871
RESERVED
-CVE-2022-32870
- RESERVED
+CVE-2022-32870 (A logic issue was addressed with improved state management. This issue ...)
+ TODO: check
CVE-2022-32869
RESERVED
CVE-2022-32868 (A logic issue was addressed with improved state management. This issue ...)
NOT-FOR-US: Apple
-CVE-2022-32867
- RESERVED
-CVE-2022-32866
- RESERVED
-CVE-2022-32865
- RESERVED
+CVE-2022-32867 (This issue was addressed with improved data protection. This issue is ...)
+ TODO: check
+CVE-2022-32866 (The issue was addressed with improved memory handling. This issue is f ...)
+ TODO: check
+CVE-2022-32865 (The issue was addressed with improved memory handling. This issue is f ...)
+ TODO: check
CVE-2022-32864 (The issue was addressed with improved memory handling. This issue is f ...)
NOT-FOR-US: Apple
CVE-2022-32863 (A memory corruption issue was addressed with improved state management ...)
NOT-FOR-US: Apple
-CVE-2022-32862
- RESERVED
+CVE-2022-32862 (This issue was addressed with improved data protection. This issue is ...)
+ TODO: check
CVE-2022-32861 (A logic issue was addressed with improved state management. This issue ...)
NOT-FOR-US: Apple
CVE-2022-32860
RESERVED
-CVE-2022-32859
- RESERVED
-CVE-2022-32858
- RESERVED
+CVE-2022-32859 (A logic issue was addressed with improved state management. This issue ...)
+ TODO: check
+CVE-2022-32858 (The issue was addressed with improved memory handling. This issue is f ...)
+ TODO: check
CVE-2022-32857 (This issue was addressed by using HTTPS when sending information over ...)
NOT-FOR-US: Apple
CVE-2022-32856
@@ -32130,8 +32327,8 @@ CVE-2022-32837 (This issue was addressed with improved checks. This issue is fix
NOT-FOR-US: Apple
CVE-2022-32836
RESERVED
-CVE-2022-32835
- RESERVED
+CVE-2022-32835 (This issue was addressed with improved entitlements. This issue is fix ...)
+ TODO: check
CVE-2022-32834 (An access issue was addressed with improvements to the sandbox. This i ...)
NOT-FOR-US: Apple
CVE-2022-32833
@@ -32146,8 +32343,8 @@ CVE-2022-32829 (This issue was addressed with improved checks. This issue is fix
NOT-FOR-US: Apple
CVE-2022-32828 (The issue was addressed with improved memory handling. This issue is f ...)
NOT-FOR-US: Apple
-CVE-2022-32827
- RESERVED
+CVE-2022-32827 (A memory corruption issue was addressed with improved state management ...)
+ TODO: check
CVE-2022-32826 (An authorization issue was addressed with improved state management. T ...)
NOT-FOR-US: Apple
CVE-2022-32825 (The issue was addressed with improved memory handling. This issue is f ...)
@@ -32215,8 +32412,8 @@ CVE-2022-32796 (A memory corruption issue was addressed with improved state mana
NOT-FOR-US: Apple
CVE-2022-32795 (This issue was addressed with improved checks. This issue is fixed in ...)
NOT-FOR-US: Apple
-CVE-2022-32794
- RESERVED
+CVE-2022-32794 (A logic issue was addressed with improved state management. This issue ...)
+ TODO: check
CVE-2022-32793 (Multiple out-of-bounds write issues were addressed with improved bound ...)
NOT-FOR-US: Apple
CVE-2022-32792 (An out-of-bounds write issue was addressed with improved input validat ...)
@@ -35033,8 +35230,7 @@ CVE-2022-31778 (Improper Input Validation vulnerability in handling the Transfer
- trafficserver 9.1.3+ds-1
[buster] - trafficserver <ignored> (Minor issue, intrusive to backport)
NOTE: https://lists.apache.org/thread/rc64lwbdgrkv674koc3zl1sljr9vwg21
-CVE-2022-31777
- RESERVED
+CVE-2022-31777 (A stored cross-site scripting (XSS) vulnerability in Apache Spark 3.2. ...)
NOT-FOR-US: Apache Spark
CVE-2022-31776 (IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0 ...)
NOT-FOR-US: IBM
@@ -47682,16 +47878,16 @@ CVE-2022-27588 (We have already fixed this vulnerability in the following versio
NOT-FOR-US: QNAP
CVE-2022-27587
RESERVED
-CVE-2022-27586
- RESERVED
-CVE-2022-27585
- RESERVED
-CVE-2022-27584
- RESERVED
+CVE-2022-27586 (Password recovery vulnerability in SICK SIM1004 Partnumber 1098148 wit ...)
+ TODO: check
+CVE-2022-27585 (Password recovery vulnerability in SICK SIM1000 FX Partnumber 1097816 ...)
+ TODO: check
+CVE-2022-27584 (Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 a ...)
+ TODO: check
CVE-2022-27583 (A remote unprivileged attacker can interact with the configuration int ...)
TODO: check
-CVE-2022-27582
- RESERVED
+CVE-2022-27582 (Password recovery vulnerability in SICK SICK SIM4000 (PPC) Partnumber ...)
+ TODO: check
CVE-2022-27581
RESERVED
CVE-2022-27580 (A deserialization vulnerability in a .NET framework class used and not ...)
@@ -50102,8 +50298,8 @@ CVE-2022-26764 (A memory corruption issue was addressed with improved validation
NOT-FOR-US: Apple
CVE-2022-26763 (An out-of-bounds access issue was addressed with improved bounds check ...)
NOT-FOR-US: Apple
-CVE-2022-26762
- RESERVED
+CVE-2022-26762 (A memory corruption issue was addressed with improved memory handling. ...)
+ TODO: check
CVE-2022-26761 (A memory corruption issue was addressed with improved memory handling. ...)
NOT-FOR-US: Apple
CVE-2022-26760
@@ -50166,8 +50362,8 @@ CVE-2022-26732
RESERVED
CVE-2022-26731 (A logic issue was addressed with improved state management. This issue ...)
NOT-FOR-US: Apple
-CVE-2022-26730
- RESERVED
+CVE-2022-26730 (A memory corruption issue existed in the processing of ICC profiles. T ...)
+ TODO: check
CVE-2022-26729
RESERVED
CVE-2022-26728 (This issue was addressed with improved entitlements. This issue is fix ...)
@@ -50188,8 +50384,7 @@ CVE-2022-26721 (A memory initialization issue was addressed. This issue is fixed
NOT-FOR-US: Apple
CVE-2022-26720 (An out-of-bounds write issue was addressed with improved bounds checki ...)
NOT-FOR-US: Apple
-CVE-2022-26719
- RESERVED
+CVE-2022-26719 (A memory corruption issue was addressed with improved state management ...)
{DSA-5155-1 DSA-5154-1}
- webkit2gtk 2.36.3-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
@@ -50197,15 +50392,13 @@ CVE-2022-26719
NOTE: https://webkitgtk.org/security/WSA-2022-0005.html
CVE-2022-26718 (An out-of-bounds read issue was addressed with improved input validati ...)
NOT-FOR-US: Apple
-CVE-2022-26717
- RESERVED
+CVE-2022-26717 (A use after free issue was addressed with improved memory management. ...)
{DSA-5155-1 DSA-5154-1}
- webkit2gtk 2.36.3-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
- wpewebkit 2.36.3-1
NOTE: https://webkitgtk.org/security/WSA-2022-0005.html
-CVE-2022-26716
- RESERVED
+CVE-2022-26716 (A memory corruption issue was addressed with improved state management ...)
{DSA-5155-1 DSA-5154-1}
- webkit2gtk 2.36.3-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
@@ -50221,15 +50414,13 @@ CVE-2022-26712 (This issue was addressed by removing the vulnerable code. This i
NOT-FOR-US: Apple
CVE-2022-26711 (An integer overflow issue was addressed with improved input validation ...)
NOT-FOR-US: Apple
-CVE-2022-26710
- RESERVED
+CVE-2022-26710 (A use after free issue was addressed with improved memory management. ...)
{DSA-5183-1 DSA-5182-1}
- webkit2gtk 2.36.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
- wpewebkit 2.36.4-1
NOTE: https://webkitgtk.org/security/WSA-2022-0006.html
-CVE-2022-26709
- RESERVED
+CVE-2022-26709 (A use after free issue was addressed with improved memory management. ...)
{DSA-5155-1 DSA-5154-1}
- webkit2gtk 2.36.3-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
@@ -59862,8 +60053,8 @@ CVE-2022-23740
RESERVED
CVE-2022-23739
RESERVED
-CVE-2022-23738
- RESERVED
+CVE-2022-23738 (An improper cache key vulnerability was identified in GitHub Enterpris ...)
+ TODO: check
CVE-2022-23737
RESERVED
CVE-2022-23736
@@ -63774,8 +63965,7 @@ CVE-2022-0123 (An issue has been discovered affecting GitLab versions prior to 1
- gitlab <unfixed>
CVE-2021-4200 (A Improper Privilege Management vulnerability in SUSE Rancher allows w ...)
NOT-FOR-US: Rancher
-CVE-2022-22677
- RESERVED
+CVE-2022-22677 (A logic issue in the handling of concurrent media was addressed with i ...)
{DSA-5183-1 DSA-5182-1}
- webkit2gtk 2.36.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
@@ -63821,8 +64011,8 @@ CVE-2022-22660 (This issue was addressed with a new entitlement. This issue is f
NOT-FOR-US: Apple
CVE-2022-22659 (A logic issue was addressed with improved state management. This issue ...)
NOT-FOR-US: Apple
-CVE-2022-22658
- RESERVED
+CVE-2022-22658 (An input validation issue was addressed with improved input validation ...)
+ TODO: check
CVE-2022-22657 (A memory initialization issue was addressed with improved memory handl ...)
NOT-FOR-US: Apple
CVE-2022-22656 (An authentication issue was addressed with improved state management. ...)
@@ -208330,8 +208520,8 @@ CVE-2020-4101 ("HCL Digital Experience is susceptible to Server Side Request For
NOT-FOR-US: HCL Digital Experience
CVE-2020-4100 ("HCL Verse for Android was found to employ dynamic code loading. This ...)
NOT-FOR-US: HCL
-CVE-2020-4099
- RESERVED
+CVE-2020-4099 (The application was signed using a key length less than or equal to 10 ...)
+ TODO: check
CVE-2020-4098
RESERVED
CVE-2020-4097 (In HCL Notes version 9 previous to release 9.0.1 FixPack 10 Interim Fi ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eef312920b4491da002cf4053328ac7f71f565a5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eef312920b4491da002cf4053328ac7f71f565a5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221102/43ec9e1a/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list