[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Sep 12 21:10:31 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
065e552d by security tracker role at 2022-09-12T20:10:19+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,229 @@
+CVE-2022-40606
+ RESERVED
+CVE-2022-40605
+ RESERVED
+CVE-2022-40604
+ RESERVED
+CVE-2022-40603
+ RESERVED
+CVE-2022-40602
+ RESERVED
+CVE-2022-40601
+ RESERVED
+CVE-2022-40600
+ RESERVED
+CVE-2022-40599
+ RESERVED
+CVE-2022-40598
+ RESERVED
+CVE-2022-40597
+ RESERVED
+CVE-2022-40596
+ RESERVED
+CVE-2022-40595
+ RESERVED
+CVE-2022-40594
+ RESERVED
+CVE-2022-40593
+ RESERVED
+CVE-2022-40592
+ RESERVED
+CVE-2022-40591
+ RESERVED
+CVE-2022-40590
+ RESERVED
+CVE-2022-40589
+ RESERVED
+CVE-2022-40588
+ RESERVED
+CVE-2022-40587
+ RESERVED
+CVE-2022-40586
+ RESERVED
+CVE-2022-40585
+ RESERVED
+CVE-2022-40584
+ RESERVED
+CVE-2022-40583
+ RESERVED
+CVE-2022-40582
+ RESERVED
+CVE-2022-40581
+ RESERVED
+CVE-2022-40580
+ RESERVED
+CVE-2022-40579
+ RESERVED
+CVE-2022-40578
+ RESERVED
+CVE-2022-40577
+ RESERVED
+CVE-2022-40576
+ RESERVED
+CVE-2022-40575
+ RESERVED
+CVE-2022-40574
+ RESERVED
+CVE-2022-40573
+ RESERVED
+CVE-2022-40572
+ RESERVED
+CVE-2022-40571
+ RESERVED
+CVE-2022-40570
+ RESERVED
+CVE-2022-40569
+ RESERVED
+CVE-2022-40568
+ RESERVED
+CVE-2022-40567
+ RESERVED
+CVE-2022-40566
+ RESERVED
+CVE-2022-40565
+ RESERVED
+CVE-2022-40564
+ RESERVED
+CVE-2022-40563
+ RESERVED
+CVE-2022-40562
+ RESERVED
+CVE-2022-40561
+ RESERVED
+CVE-2022-40560
+ RESERVED
+CVE-2022-40559
+ RESERVED
+CVE-2022-40558
+ RESERVED
+CVE-2022-40557
+ RESERVED
+CVE-2022-40556
+ RESERVED
+CVE-2022-40555
+ RESERVED
+CVE-2022-40554
+ RESERVED
+CVE-2022-40553
+ RESERVED
+CVE-2022-40552
+ RESERVED
+CVE-2022-40551
+ RESERVED
+CVE-2022-40550
+ RESERVED
+CVE-2022-40549
+ RESERVED
+CVE-2022-40548
+ RESERVED
+CVE-2022-40547
+ RESERVED
+CVE-2022-40546
+ RESERVED
+CVE-2022-40545
+ RESERVED
+CVE-2022-40544
+ RESERVED
+CVE-2022-40543
+ RESERVED
+CVE-2022-40542
+ RESERVED
+CVE-2022-40541
+ RESERVED
+CVE-2022-40540
+ RESERVED
+CVE-2022-40539
+ RESERVED
+CVE-2022-40538
+ RESERVED
+CVE-2022-40537
+ RESERVED
+CVE-2022-40536
+ RESERVED
+CVE-2022-40535
+ RESERVED
+CVE-2022-40534
+ RESERVED
+CVE-2022-40533
+ RESERVED
+CVE-2022-40532
+ RESERVED
+CVE-2022-40531
+ RESERVED
+CVE-2022-40530
+ RESERVED
+CVE-2022-40529
+ RESERVED
+CVE-2022-40528
+ RESERVED
+CVE-2022-40527
+ RESERVED
+CVE-2022-40526
+ RESERVED
+CVE-2022-40525
+ RESERVED
+CVE-2022-40524
+ RESERVED
+CVE-2022-40523
+ RESERVED
+CVE-2022-40522
+ RESERVED
+CVE-2022-40521
+ RESERVED
+CVE-2022-40520
+ RESERVED
+CVE-2022-40519
+ RESERVED
+CVE-2022-40518
+ RESERVED
+CVE-2022-40517
+ RESERVED
+CVE-2022-40516
+ RESERVED
+CVE-2022-40515
+ RESERVED
+CVE-2022-40514
+ RESERVED
+CVE-2022-40513
+ RESERVED
+CVE-2022-40512
+ RESERVED
+CVE-2022-40511
+ RESERVED
+CVE-2022-40510
+ RESERVED
+CVE-2022-40509
+ RESERVED
+CVE-2022-40508
+ RESERVED
+CVE-2022-40507
+ RESERVED
+CVE-2022-40506
+ RESERVED
+CVE-2022-40505
+ RESERVED
+CVE-2022-40504
+ RESERVED
+CVE-2022-40503
+ RESERVED
+CVE-2022-40502
+ RESERVED
+CVE-2022-3181
+ RESERVED
+CVE-2022-3180
+ RESERVED
+CVE-2022-3179
+ RESERVED
+CVE-2022-3178 (Buffer Over-read in GitHub repository gpac/gpac prior to 2.1.0-DEV. ...)
+ TODO: check
+CVE-2022-3177
+ RESERVED
+CVE-2022-3176
+ RESERVED
+CVE-2022-3175
+ RESERVED
+CVE-2022-3174
+ RESERVED
CVE-2022-40501
RESERVED
CVE-2022-40500
@@ -6702,8 +6928,8 @@ CVE-2022-37862
RESERVED
CVE-2022-37861
RESERVED
-CVE-2022-37860
- RESERVED
+CVE-2022-37860 (The web configuration interface of the TP-Link M7350 V3 with firmware ...)
+ TODO: check
CVE-2022-37859
RESERVED
CVE-2022-37858
@@ -6752,8 +6978,8 @@ CVE-2022-37837
RESERVED
CVE-2022-37836
RESERVED
-CVE-2022-37835
- RESERVED
+CVE-2022-37835 (Torguard VPN 4.8, has a vulnerability that allows an attacker to dump ...)
+ TODO: check
CVE-2022-37834
RESERVED
CVE-2022-37833
@@ -6828,8 +7054,8 @@ CVE-2022-37799 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack over
NOT-FOR-US: Tenda
CVE-2022-37798 (Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow v ...)
NOT-FOR-US: Tenda
-CVE-2022-37797
- RESERVED
+CVE-2022-37797 (In lighttpd 1.4.65, mod_wstunnel does not initialize a handler functio ...)
+ TODO: check
CVE-2022-37796 (In Simple Online Book Store System 1.0 in /admin_book.php the Title, A ...)
NOT-FOR-US: Simple Online Book Store System
CVE-2022-37795
@@ -6900,8 +7126,8 @@ CVE-2022-37768 (libjpeg commit 281daa9 was discovered to contain an infinite loo
NOTE: https://github.com/thorfdbg/libjpeg/issues/77
NOTE: https://github.com/thorfdbg/libjpeg/commit/281daa9ccee18742b83a77cd29bd2726b69b7977
NOTE: Hang in CLI tool, no security impact
-CVE-2022-37767
- RESERVED
+CVE-2022-37767 (Pebble Templates 3.1.5 allows attackers to bypass a protection mechani ...)
+ TODO: check
CVE-2022-37766
RESERVED
CVE-2022-37765
@@ -6966,8 +7192,8 @@ CVE-2022-37736
RESERVED
CVE-2022-37735
RESERVED
-CVE-2022-37734
- RESERVED
+CVE-2022-37734 (graphql-java before19.0 is vulnerable to Denial of Service. An attacke ...)
+ TODO: check
CVE-2022-37733
RESERVED
CVE-2022-37732
@@ -7662,7 +7888,7 @@ CVE-2022-2669
CVE-2022-2668 (An issue was discovered in Keycloak that allows arbitrary Javascript t ...)
NOT-FOR-US: Keycloak
CVE-2022-37434 (zlib through 1.2.12 has a heap-based buffer over-read or buffer overfl ...)
- {DSA-5218-1}
+ {DSA-5218-1 DLA-3103-1}
- zlib 1:1.2.11.dfsg-4.1 (bug #1016710)
- libz-mingw-w64 1.2.12+dfsg-2
[bullseye] - libz-mingw-w64 <no-dsa> (Minor issue)
@@ -8159,8 +8385,8 @@ CVE-2022-37302
RESERVED
CVE-2022-37301
RESERVED
-CVE-2022-37300
- RESERVED
+CVE-2022-37300 (A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vul ...)
+ TODO: check
CVE-2022-2601
RESERVED
CVE-2022-2600 (The Auto-hyperlink URLs WordPress plugin through 5.4.1 does not set re ...)
@@ -24224,20 +24450,20 @@ CVE-2022-31228
RESERVED
CVE-2022-31227
RESERVED
-CVE-2022-31226
- RESERVED
-CVE-2022-31225
- RESERVED
-CVE-2022-31224
- RESERVED
-CVE-2022-31223
- RESERVED
-CVE-2022-31222
- RESERVED
-CVE-2022-31221
- RESERVED
-CVE-2022-31220
- RESERVED
+CVE-2022-31226 (Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability ...)
+ TODO: check
+CVE-2022-31225 (Dell BIOS versions contain an Unchecked Return Value vulnerability. A ...)
+ TODO: check
+CVE-2022-31224 (Dell BIOS versions contain an Improper Protection Against Voltage and ...)
+ TODO: check
+CVE-2022-31223 (Dell BIOS versions contain an Improper Neutralization of Null Byte vul ...)
+ TODO: check
+CVE-2022-31222 (Dell BIOS versions contain a Missing Release of Resource after Effecti ...)
+ TODO: check
+CVE-2022-31221 (Dell BIOS versions contain an Information Exposure vulnerability. A lo ...)
+ TODO: check
+CVE-2022-31220 (Dell BIOS versions contain an Unchecked Return Value vulnerability. A ...)
+ TODO: check
CVE-2022-31219 (Vulnerabilities in the Drive Composer allow a low privileged attacker ...)
NOT-FOR-US: Drive Composer
CVE-2022-31218 (Vulnerabilities in the Drive Composer allow a low privileged attacker ...)
@@ -26026,8 +26252,8 @@ CVE-2022-1702 (SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlie
NOT-FOR-US: SonicWall
CVE-2022-1701 (SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier ver ...)
NOT-FOR-US: SonicWall
-CVE-2022-1700
- RESERVED
+CVE-2022-1700 (Improper Restriction of XML External Entity Reference ('XXE') vulnerab ...)
+ TODO: check
CVE-2022-30616 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow ...)
NOT-FOR-US: IBM
CVE-2022-30615
@@ -44669,7 +44895,7 @@ CVE-2022-24303 (Pillow before 9.0.1 allows attackers to delete files because spa
NOTE: https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html#security
NOTE: https://github.com/python-pillow/Pillow/commit/427221ef5f19157001bf8b1ad7cfe0b905ca8c26 (9.0.1)
CVE-2022-24302 (In Paramiko before 2.10.1, a race condition (between creation and chmo ...)
- {DLA-2959-1}
+ {DLA-3104-1 DLA-2959-1}
- paramiko 2.10.3-1 (bug #1008012)
[bullseye] - paramiko <no-dsa> (Minor issue)
NOTE: https://github.com/paramiko/paramiko/commit/4c491e299c9b800358b16fa4886d8d94f45abe2e (2.10.1)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/065e552d598e13dc37007c8f77db9569a26ecf48
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/065e552d598e13dc37007c8f77db9569a26ecf48
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220912/97eaea78/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list