[Git][security-tracker-team/security-tracker][master] Add CVE-2022-40716/consul
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Sep 24 12:30:21 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
afada32c by Salvatore Bonaccorso at 2022-09-24T13:29:55+02:00
Add CVE-2022-40716/consul
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1466,7 +1466,8 @@ CVE-2022-40718
CVE-2022-40717
RESERVED
CVE-2022-40716 (HashiCorp Consul and Consul Enterprise up to 1.11.8, 1.12.4, and 1.13. ...)
- TODO: check
+ - consul <unfixed>
+ NOTE: https://discuss.hashicorp.com/t/hcsec-2022-20-consul-service-mesh-intention-bypass-with-malicious-certificate-signing-request/44628
CVE-2022-40715 (An issue was discovered in NOKIA 1350OMS R14.2. An Absolute Path Trave ...)
NOT-FOR-US: NOKIA
CVE-2022-40714 (An issue was discovered in NOKIA 1350OMS R14.2. Reflected XSS exists u ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/afada32c3121eae7874eaf46d7793c9dde67fc0d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/afada32c3121eae7874eaf46d7793c9dde67fc0d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220924/0a771acf/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list