[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Sep 27 09:10:31 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3e2a9a29 by security tracker role at 2022-09-27T08:10:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,57 @@
+CVE-2022-41568
+	RESERVED
+CVE-2022-41567
+	RESERVED
+CVE-2022-41566
+	RESERVED
+CVE-2022-41565
+	RESERVED
+CVE-2022-41564
+	RESERVED
+CVE-2022-41563
+	RESERVED
+CVE-2022-41562
+	RESERVED
+CVE-2022-41561
+	RESERVED
+CVE-2022-41560
+	RESERVED
+CVE-2022-41559
+	RESERVED
+CVE-2022-41558
+	RESERVED
+CVE-2022-41342
+	RESERVED
+CVE-2022-41314
+	RESERVED
+CVE-2022-40982
+	RESERVED
+CVE-2022-40971
+	RESERVED
+CVE-2022-40970
+	RESERVED
+CVE-2022-40964
+	RESERVED
+CVE-2022-40210
+	RESERVED
+CVE-2022-40196
+	RESERVED
+CVE-2022-38136
+	RESERVED
+CVE-2022-38099
+	RESERVED
+CVE-2022-3328
+	RESERVED
+CVE-2022-3327
+	RESERVED
+CVE-2022-3326
+	RESERVED
+CVE-2022-3325
+	RESERVED
+CVE-2022-3324
+	RESERVED
+CVE-2022-3323
+	RESERVED
 CVE-2022-41557
 	RESERVED
 CVE-2022-41556
@@ -476,8 +530,8 @@ CVE-2022-40984
 	RESERVED
 CVE-2022-3299 (A vulnerability was found in Open5GS up to 2.4.10. It has been declare ...)
 	TODO: check
-CVE-2022-3298
-	RESERVED
+CVE-2022-3298 (Allocation of Resources Without Limits or Throttling in GitHub reposit ...)
+	TODO: check
 CVE-2022-41343 (registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote f ...)
 	TODO: check
 CVE-2022-36368
@@ -3494,12 +3548,12 @@ CVE-2022-40101 (Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overf
 	NOT-FOR-US: Tenda
 CVE-2022-40100 (Tenda i9 v1.0.0.8(3828) was discovered to contain a command injection  ...)
 	NOT-FOR-US: Tenda
-CVE-2022-40099
-	RESERVED
-CVE-2022-40098
-	RESERVED
-CVE-2022-40097
-	RESERVED
+CVE-2022-40099 (Online Tours & Travels Management System v1.0 was discovered to co ...)
+	TODO: check
+CVE-2022-40098 (Online Tours & Travels Management System v1.0 was discovered to co ...)
+	TODO: check
+CVE-2022-40097 (Online Tours & Travels Management System v1.0 was discovered to co ...)
+	TODO: check
 CVE-2022-40096
 	RESERVED
 CVE-2022-40095
@@ -3592,8 +3646,8 @@ CVE-2022-40052
 	RESERVED
 CVE-2022-40051
 	RESERVED
-CVE-2022-40050
-	RESERVED
+CVE-2022-40050 (ZFile v4.1.1 was discovered to contain an arbitrary file upload vulner ...)
+	TODO: check
 CVE-2022-40049
 	RESERVED
 CVE-2022-40048
@@ -29116,6 +29170,7 @@ CVE-2022-30552 (Das U-Boot 2022.01 has a Buffer Overflow. ...)
 CVE-2022-30551 (OPC UA Legacy Java Stack 2022-04-01 allows a remote attacker to cause  ...)
 	NOT-FOR-US: OPC UA Legacy Java Stack
 CVE-2022-30550 (An issue was discovered in the auth component in Dovecot 2.2 and 2.3 b ...)
+	{DLA-3122-1}
 	- dovecot 1:2.3.19.1+dfsg1-2 (bug #1016351)
 	[bullseye] - dovecot 1:2.3.13+dfsg1-2+deb11u1
 	NOTE: https://www.openwall.com/lists/oss-security/2022/07/06/9
@@ -30720,8 +30775,8 @@ CVE-2022-30006
 	RESERVED
 CVE-2022-30005
 	RESERVED
-CVE-2022-30004
-	RESERVED
+CVE-2022-30004 (Sourcecodester Online Market Place Site v1.0 suffers from an unauthent ...)
+	TODO: check
 CVE-2022-30003 (Sourcecodester Online Market Place Site 1.0 is vulnerable to Cross Sit ...)
 	TODO: check
 CVE-2022-30002 (Insurance Management System 1.0 is vulnerable to SQL Injection via /in ...)
@@ -92531,6 +92586,7 @@ CVE-2021-33516 (An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.
 	NOTE: https://gitlab.gnome.org/GNOME/gupnp/-/commit/05e964d48322ff23a65c6026d656e4494ace6ff9 (gupnp-1.0)
 	NOTE: https://gitlab.gnome.org/GNOME/gupnp/-/commit/ca6ec9dcb26fd7a2a630eb6a68118659b589afac (master)
 CVE-2021-33515 (The submission service in Dovecot before 2.3.15 allows STARTTLS comman ...)
+	{DLA-3122-1}
 	- dovecot 1:2.3.13+dfsg1-2 (bug #990566)
 	[stretch] - dovecot <not-affected> (Vulnerable code (smtp_server_command queue) introduced later)
 	NOTE: https://dovecot.org/pipermail/dovecot-news/2021-June/000462.html



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3e2a9a298b6b425126e6b5f145a76862db5265f6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3e2a9a298b6b425126e6b5f145a76862db5265f6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220927/f2a70fc3/attachment.htm>

More information about the debian-security-tracker-commits mailing list