[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Oct 26 09:10:25 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7d7d1a7c by security tracker role at 2022-10-26T08:10:15+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,45 @@
+CVE-2022-43760
+ RESERVED
+CVE-2022-43759
+ RESERVED
+CVE-2022-43758
+ RESERVED
+CVE-2022-43757
+ RESERVED
+CVE-2022-43756
+ RESERVED
+CVE-2022-43755
+ RESERVED
+CVE-2022-43754
+ RESERVED
+CVE-2022-43753
+ RESERVED
+CVE-2022-43752
+ RESERVED
+CVE-2022-43751
+ RESERVED
+CVE-2022-43750 (drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 ...)
+ TODO: check
+CVE-2022-43749
+ RESERVED
+CVE-2022-43748
+ RESERVED
+CVE-2022-43747 (baramundi Management Agent (bMA) in baramundi Management Suite (bMS) 2 ...)
+ TODO: check
+CVE-2022-3687
+ RESERVED
+CVE-2022-3686
+ RESERVED
+CVE-2022-3685
+ RESERVED
+CVE-2022-3684
+ RESERVED
+CVE-2022-3683
+ RESERVED
+CVE-2022-3682
+ RESERVED
+CVE-2022-3681
+ RESERVED
CVE-2022-43746
RESERVED
CVE-2022-43745
@@ -969,7 +1011,8 @@ CVE-2022-3595 (A vulnerability was found in Linux Kernel. It has been rated as p
CVE-2022-3594 (A vulnerability was found in Linux Kernel. It has been declared as pro ...)
- linux 6.0.3-1
NOTE: https://git.kernel.org/linus/93e2be344a7db169b7119de21ac1bf253b8c6907 (6.1-rc1)
-CVE-2022-3593 (A vulnerability was found in Linux Kernel. It has been classified as p ...)
+CVE-2022-3593
+ REJECTED
- iproute2 5.19.0-1 (unimportant)
NOTE: https://git.kernel.org/pub/scm/network/iproute2/iproute2-next.git/commit/?id=2cb76253ed852559a4f2b315f5e23457a15d71e5
NOTE: Memory leak in CLI tool, no security impact
@@ -2038,19 +2081,23 @@ CVE-2022-3531 (A vulnerability was found in Linux Kernel. It has been classified
- linux <unfixed> (unimportant)
NOTE: https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=6d2e21dc4db3933db65293552ecc1ede26febeca
NOTE: Issue only in selftest/bpf.
-CVE-2022-3530 (A vulnerability was found in Linux Kernel and classified as problemati ...)
+CVE-2022-3530
+ REJECTED
- iproute2 5.19.0-1 (unimportant)
NOTE: https://git.kernel.org/pub/scm/network/iproute2/iproute2-next.git/commit/?id=1d540336b026ed5bfe10eefac383db7f434d842f
NOTE: Memory leak in CLI tool, no security impact
-CVE-2022-3529 (A vulnerability has been found in Linux Kernel and classified as probl ...)
+CVE-2022-3529
+ REJECTED
- iproute2 5.19.0-1 (unimportant)
NOTE: https://git.kernel.org/pub/scm/network/iproute2/iproute2-next.git/commit/?id=6db01afd60748afbba114be2773be338c5be28ff
NOTE: Memory leak in CLI tool, no security impact
-CVE-2022-3528 (A vulnerability, which was classified as problematic, was found in Lin ...)
+CVE-2022-3528
+ REJECTED
- iproute2 5.19.0-1 (unimportant)
NOTE: https://git.kernel.org/pub/scm/network/iproute2/iproute2-next.git/commit/?id=afdbb0204a5872f1f76058a0db5a529b1f0c8de7
NOTE: Memory leak in CLI tool, no security impact
-CVE-2022-3527 (A vulnerability, which was classified as problematic, has been found i ...)
+CVE-2022-3527
+ REJECTED
- iproute2 5.19.0-1 (unimportant)
NOTE: https://git.kernel.org/pub/scm/network/iproute2/iproute2-next.git/commit/?id=c5433c4b7a57d380f4cb351316f5ba5ebae9538e
NOTE: Memory leak in CLI tool, no security impact
@@ -5104,8 +5151,8 @@ CVE-2022-41713
RESERVED
CVE-2022-41712
RESERVED
-CVE-2022-41711
- RESERVED
+CVE-2022-41711 (Badaso version 2.6.0 allows an unauthenticated remote attacker to exec ...)
+ TODO: check
CVE-2022-41710
RESERVED
CVE-2022-41709 (Markdownify version 1.4.1 allows an external attacker to execute arbit ...)
@@ -27453,22 +27500,22 @@ CVE-2022-33187
RESERVED
CVE-2022-33186
RESERVED
-CVE-2022-33185
- RESERVED
-CVE-2022-33184
- RESERVED
-CVE-2022-33183
- RESERVED
-CVE-2022-33182
- RESERVED
-CVE-2022-33181
- RESERVED
-CVE-2022-33180
- RESERVED
-CVE-2022-33179
- RESERVED
-CVE-2022-33178
- RESERVED
+CVE-2022-33185 (Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1 ...)
+ TODO: check
+CVE-2022-33184 (A vulnerability in fab_seg.c.h libraries of all Brocade Fabric OS vers ...)
+ TODO: check
+CVE-2022-33183 (A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1 ...)
+ TODO: check
+CVE-2022-33182 (A privilege escalation vulnerability in Brocade Fabric OS CLI before B ...)
+ TODO: check
+CVE-2022-33181 (An information disclosure vulnerability in Brocade Fabric OS CLI befor ...)
+ TODO: check
+CVE-2022-33180 (A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1 ...)
+ TODO: check
+CVE-2022-33179 (A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1 ...)
+ TODO: check
+CVE-2022-33178 (A vulnerability in the radius authentication system of Brocade Fabric ...)
+ TODO: check
CVE-2022-33175 (Power Distribution Units running on Powertek firmware (multiple brands ...)
NOT-FOR-US: Powertek
CVE-2022-33174 (Power Distribution Units running on Powertek firmware (multiple brands ...)
@@ -42168,10 +42215,10 @@ CVE-2022-1160 (heap buffer overflow in get_one_sourceline in GitHub repository v
NOTE: https://huntr.dev/bounties/a6f3222d-2472-439d-8881-111138a5694c/
NOTE: Introduced by: https://github.com/vim/vim/commit/85b43c6cb7d56919e245622f4e42db6d8bee4194 (v8.2.4603)
NOTE: Fixed by: https://github.com/vim/vim/commit/2bdad6126778f907c0b98002bfebf0e611a3f5db (v8.2.4647)
-CVE-2022-28170
- RESERVED
-CVE-2022-28169
- RESERVED
+CVE-2022-28170 (Brocade Fabric OS Web Application services before Brocade Fabric v9.1. ...)
+ TODO: check
+CVE-2022-28169 (Brocade Webtools in Brocade Fabric OS versions before Brocade Fabric O ...)
+ TODO: check
CVE-2022-28168 (In Brocade SANnav before Brocade SANnav v2.2.0.2 and Brocade SANnav2.1 ...)
NOT-FOR-US: Brocade
CVE-2022-28167 (Brocade SANnav before Brocade SANvav v. 2.2.0.2 and Brocade SANanv v.2 ...)
@@ -48559,8 +48606,8 @@ CVE-2022-25851 (The package jpeg-js before 0.4.4 are vulnerable to Denial of Ser
NOT-FOR-US: jpeg-js
CVE-2022-25850 (The package github.com/hoppscotch/proxyscotch before 1.0.0 are vulnera ...)
NOT-FOR-US: hoppscotch proxyscotch
-CVE-2022-25849
- RESERVED
+CVE-2022-25849 (The package joyqi/hyper-down from 0.0.0 are vulnerable to Cross-site S ...)
+ TODO: check
CVE-2022-25848
RESERVED
CVE-2022-25847
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d7d1a7c0f7c91f6ba0a2c38700888a74f07a0a6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d7d1a7c0f7c91f6ba0a2c38700888a74f07a0a6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221026/ab67175a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list