[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
83605875 by security tracker role at 2022-11-26T08:10:12+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,25 @@
+CVE-2022-45909 (drachtio-server 0.8.18 has a heap-based buffer over-read via a long Re ...)
+	TODO: check
+CVE-2022-45908 (In PaddlePaddle before 2.4, paddle.audio.functional.get_window is vuln ...)
+	TODO: check
+CVE-2022-45907 (In PyTorch before trunk/89695, torch.jit.annotations.parse_type_line c ...)
+	TODO: check
+CVE-2022-45906
+	RESERVED
+CVE-2022-45905
+	RESERVED
+CVE-2022-45904
+	RESERVED
+CVE-2022-45903
+	RESERVED
+CVE-2022-45902
+	RESERVED
+CVE-2022-45901
+	RESERVED
+CVE-2022-45900
+	RESERVED
+CVE-2022-45899
+	RESERVED
 CVE-2022-45898
 	RESERVED
 CVE-2022-4144
@@ -2016,8 +2038,8 @@ CVE-2022-45227
 	RESERVED
 CVE-2022-45226
 	RESERVED
-CVE-2022-45225
-	RESERVED
+CVE-2022-45225 (Book Store Management System v1.0 was discovered to contain a cross-si ...)
+	TODO: check
 CVE-2022-45224
 	RESERVED
 CVE-2022-45223
@@ -3090,10 +3112,10 @@ CVE-2022-44846
 	RESERVED
 CVE-2022-44845
 	RESERVED
-CVE-2022-44844
-	RESERVED
-CVE-2022-44843
-	RESERVED
+CVE-2022-44844 (TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a com ...)
+	TODO: check
+CVE-2022-44843 (TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a com ...)
+	TODO: check
 CVE-2022-44842
 	RESERVED
 CVE-2022-44841
@@ -19705,12 +19727,12 @@ CVE-2022-39335
 	RESERVED
 CVE-2022-39334 (Nextcloud desktop is the desktop sync client for Nextcloud. Versions p ...)
 	TODO: check
-CVE-2022-39333
-	RESERVED
-CVE-2022-39332
-	RESERVED
-CVE-2022-39331
-	RESERVED
+CVE-2022-39333 (Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker ...)
+	TODO: check
+CVE-2022-39332 (Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker ...)
+	TODO: check
+CVE-2022-39331 (Nexcloud desktop is the Desktop sync client for Nextcloud. An attacker ...)
+	TODO: check
 CVE-2022-39330 (Nextcloud Server is the file server software for Nextcloud, a self-hos ...)
 	- nextcloud-server <itp> (bug #941708)
 CVE-2022-39329 (Nextcloud Server is the file server software for Nextcloud, a self-hos ...)
@@ -19724,8 +19746,8 @@ CVE-2022-39327 (Azure CLI is the command-line interface for Microsoft Azure. In
 	NOTE: https://github.com/Azure/azure-cli/pull/24015
 CVE-2022-39326 (kartverket/github-workflows are shared reusable workflows for GitHub A ...)
 	NOT-FOR-US: kartverket/github-workflows
-CVE-2022-39325
-	RESERVED
+CVE-2022-39325 (BaserCMS is a content management system with a japanese language focus ...)
+	TODO: check
 CVE-2022-39324
 	RESERVED
 CVE-2022-39323 (GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Fre ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83605875c9e5aec75a8705b1e7d54377e1774909

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83605875c9e5aec75a8705b1e7d54377e1774909
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221126/9eab2232/attachment.htm>