[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Oct 29 09:10:22 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9259172c by security tracker role at 2022-10-29T08:10:11+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,37 @@
+CVE-2022-43997
+ RESERVED
+CVE-2022-43996
+ RESERVED
+CVE-2022-43995
+ RESERVED
+CVE-2022-43994
+ RESERVED
+CVE-2022-43993
+ RESERVED
+CVE-2022-43992
+ RESERVED
+CVE-2022-43991
+ RESERVED
+CVE-2022-43990
+ RESERVED
+CVE-2022-43989
+ RESERVED
+CVE-2022-43988
+ RESERVED
+CVE-2022-43987
+ RESERVED
+CVE-2022-43986
+ RESERVED
+CVE-2022-43985
+ RESERVED
+CVE-2022-43984
+ RESERVED
+CVE-2022-43983
+ RESERVED
+CVE-2022-3752
+ RESERVED
+CVE-2022-3751
+ RESERVED
CVE-2022-43982
RESERVED
CVE-2022-43981
@@ -3635,20 +3669,20 @@ CVE-2022-43288
RESERVED
CVE-2022-43287
RESERVED
-CVE-2022-43286
- RESERVED
-CVE-2022-43285
- RESERVED
-CVE-2022-43284
- RESERVED
-CVE-2022-43283
- RESERVED
-CVE-2022-43282
- RESERVED
-CVE-2022-43281
- RESERVED
-CVE-2022-43280
- RESERVED
+CVE-2022-43286 (Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug c ...)
+ TODO: check
+CVE-2022-43285 (Nginx NJS v0.7.4 was discovered to contain a segmentation violation in ...)
+ TODO: check
+CVE-2022-43284 (Nginx NJS v0.7.2 to v0.7.4 was discovered to contain a segmentation vi ...)
+ TODO: check
+CVE-2022-43283 (wasm2c v1.0.29 was discovered to contain an abort in CWriter::Write. ...)
+ TODO: check
+CVE-2022-43282 (wasm-interp v1.0.29 was discovered to contain an out-of-bounds read vi ...)
+ TODO: check
+CVE-2022-43281 (wasm-interp v1.0.29 was discovered to contain a heap overflow via the ...)
+ TODO: check
+CVE-2022-43280 (wasm-interp v1.0.29 was discovered to contain an out-of-bounds read vi ...)
+ TODO: check
CVE-2022-43279
RESERVED
CVE-2022-43278
@@ -4628,8 +4662,7 @@ CVE-2022-42918
RESERVED
CVE-2022-42917
RESERVED
-CVE-2022-42916 [HSTS bypass via IDN]
- RESERVED
+CVE-2022-42916 (In curl before 7.86.0, the HSTS check could be bypassed to trick it in ...)
- curl 7.86.0-1
[buster] - curl <not-affected> (Vulnerable code not present)
NOTE: https://curl.se/docs/CVE-2022-42916.html
@@ -16223,8 +16256,8 @@ CVE-2022-2828 (In affected versions of Octopus Server it is possible to reveal i
NOT-FOR-US: Octopus Server
CVE-2022-2827
RESERVED
-CVE-2022-2826
- RESERVED
+CVE-2022-2826 (An issue has been discovered in GitLab affecting all versions starting ...)
+ TODO: check
CVE-2022-38362 (Apache Airflow Docker's Provider prior to 3.0.0 shipped with an exampl ...)
- airflow <itp> (bug #819700)
CVE-2022-38361
@@ -18029,8 +18062,8 @@ CVE-2022-37623
RESERVED
CVE-2022-37622
RESERVED
-CVE-2022-37621
- RESERVED
+CVE-2022-37621 (Prototype pollution vulnerability in function resolveShims in resolve- ...)
+ TODO: check
CVE-2022-37620
RESERVED
CVE-2022-37619
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9259172c29f30c79f9b429908d2a444c9439fa4f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9259172c29f30c79f9b429908d2a444c9439fa4f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221029/e6cac4e9/attachment.htm>
More information about the debian-security-tracker-commits
mailing list