[Git][security-tracker-team/security-tracker][master] Add CVE-2022-3275/puppet-module-puppetlabs-apt
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Oct 9 20:06:28 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0731432b by Salvatore Bonaccorso at 2022-10-09T21:06:03+02:00
Add CVE-2022-3275/puppet-module-puppetlabs-apt
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3240,7 +3240,8 @@ CVE-2022-3276 (Command injection is possible in the puppetlabs-mysql module prio
- puppet-module-puppetlabs-mysql <unfixed>
NOTE: https://puppet.com/security/cve/CVE-2022-3276
CVE-2022-3275 (Command injection is possible in the puppetlabs-apt module prior to ve ...)
- TODO: check
+ - puppet-module-puppetlabs-apt <unfixed>
+ NOTE: https://puppet.com/security/cve/CVE-2022-3275
CVE-2022-3274 (Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffwe ...)
- rdiffweb <itp> (bug #969974)
CVE-2022-3273 (Allocation of Resources Without Limits or Throttling in GitHub reposit ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0731432beaa975e0f6e784ebe590b145437ebd6d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0731432beaa975e0f6e784ebe590b145437ebd6d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221009/1b4500bb/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list