[Git][security-tracker-team/security-tracker][master] automatic update

Sun Nov 20 08:10:28 GMT 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
261d02f9 by security tracker role at 2022-11-20T08:10:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,15 @@
-CVE-2022-4066
-	RESERVED
-CVE-2022-4065
-	RESERVED
+CVE-2022-4070 (Insufficient Session Expiration in GitHub repository librenms/librenms ...)
+	TODO: check
+CVE-2022-4069 (Cross-site Scripting (XSS) - Generic in GitHub repository librenms/lib ...)
+	TODO: check
+CVE-2022-4068 (A user is able to enable their own account if it was disabled by an ad ...)
+	TODO: check
+CVE-2022-4067 (Cross-site Scripting (XSS) - Stored in GitHub repository librenms/libr ...)
+	TODO: check
+CVE-2022-4066 (A vulnerability was found in davidmoreno onion. It has been rated as p ...)
+	TODO: check
+CVE-2022-4065 (A vulnerability was found in cbeust testng. It has been declared as cr ...)
+	TODO: check
 CVE-2022-4064 (A vulnerability was found in Dalli. It has been classified as problema ...)
 	- ruby-dalli <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/petergoldstein/dalli/issues/932
@@ -9568,10 +9576,10 @@ CVE-2022-3563 (A vulnerability classified as problematic has been found in Linux
 	[buster] - bluez <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=e3c92f1f786f0b55440bd908b55894d0c792cf0e (5.65)
 	NOTE: Introduced by: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=bc3a76f01f461db19381f1922cdaeac222dfd374 (5.56)
-CVE-2022-3562
-	RESERVED
-CVE-2022-3561
-	RESERVED
+CVE-2022-3562 (Cross-site Scripting (XSS) - Stored in GitHub repository librenms/libr ...)
+	TODO: check
+CVE-2022-3561 (Cross-site Scripting (XSS) - Generic in GitHub repository librenms/lib ...)
+	TODO: check
 CVE-2022-3560
 	RESERVED
 CVE-2022-3559 (A vulnerability was found in Exim and classified as problematic. This  ...)
@@ -9711,8 +9719,8 @@ CVE-2022-3526 (A vulnerability classified as problematic was found in Linux Kern
 	[bullseye] - linux <not-affected> (Vulnerable code not present)
 	[buster] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/e16b859872b87650bb55b12cca5a5fcdc49c1442
-CVE-2022-3525
-	RESERVED
+CVE-2022-3525 (Deserialization of Untrusted Data in GitHub repository librenms/libren ...)
+	TODO: check
 CVE-2022-3524 (A vulnerability was found in Linux Kernel. It has been declared as pro ...)
 	- linux 6.0.7-1
 	NOTE: https://git.kernel.org/linus/3c52c6bb831f6335c176a0fc7214e26f43adbd11
@@ -9890,8 +9898,8 @@ CVE-2022-3517 (A vulnerability was found in the minimatch package. This flaw all
 	[buster] - node-minimatch <no-dsa> (Minor issue)
 	NOTE: https://github.com/grafana/grafana-image-renderer/issues/329
 	NOTE: https://github.com/isaacs/minimatch/commit/a8763f4388e51956be62dc6025cec1126beeb5e6 (v3.0.5)
-CVE-2022-3516
-	RESERVED
+CVE-2022-3516 (Cross-site Scripting (XSS) - Stored in GitHub repository librenms/libr ...)
+	TODO: check
 CVE-2022-3515
 	RESERVED
 	{DSA-5255-1 DLA-3153-1}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/261d02f99ce470dff827bed262032847773dd693

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/261d02f99ce470dff827bed262032847773dd693
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221120/0a6596c4/attachment.htm>
