[Git][security-tracker-team/security-tracker][master] add bug for frr
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue May 9 20:31:40 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
266ceb1a by Moritz Muehlenhoff at 2023-05-09T21:30:47+02:00
add bug for frr
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -44774,8 +44774,9 @@ CVE-2022-43683
CVE-2022-43682
RESERVED
CVE-2022-43681 (An out-of-bounds read exists in the BGP daemon of FRRouting FRR throug ...)
- - frr <undetermined>
- TODO: check, missing information about upstream status
+ - frr <unfixed> (bug #1035829)
+ NOTE: https://github.com/FRRouting/frr/issues/13427
+ NOTE: https://github.com/FRRouting/frr/issues/13480
CVE-2022-43680 (In libexpat through 2.4.9, there is a use-after free caused by overeag ...)
{DSA-5266-1 DLA-3165-1}
- expat 2.5.0-1 (bug #1022743)
@@ -54019,8 +54020,9 @@ CVE-2022-40320 (cfg_tilde_expand in confuse.c in libConfuse 3.3 has a heap-based
CVE-2022-40319 (The LISTSERV 17 web interface allows remote attackers to conduct Insec ...)
NOT-FOR-US: LISTSERV
CVE-2022-40318 (An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By cra ...)
- - frr <undetermined>
- TODO: check, missing information about upstream status
+ - frr <unfixed> (bug #1035829)
+ NOTE: https://github.com/FRRouting/frr/issues/13427
+ NOTE: https://github.com/FRRouting/frr/issues/13480
CVE-2022-40317 (OpenKM 6.3.11 allows stored XSS related to the javascript: subst ...)
NOT-FOR-US: OpenKM
CVE-2022-40316 (The H5P activity attempts report did not filter by groups, which in se ...)
@@ -54083,8 +54085,9 @@ CVE-2022-40303 (An issue was discovered in libxml2 before 2.10.3. When parsing a
NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libxml2/-/commit/c846986356fc149915a74972bf198abc266bc2c0 (v2.10.3)
NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=2336
CVE-2022-40302 (An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By cra ...)
- - frr <undetermined>
- TODO: check, missing information about upstream status
+ - frr <unfixed> (bug #1035829)
+ NOTE: https://github.com/FRRouting/frr/issues/13427
+ NOTE: https://github.com/FRRouting/frr/issues/13480
CVE-2022-40301
RESERVED
CVE-2022-40300 (Zoho ManageEngine Password Manager Pro through 12120 before 12121, PAM ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/266ceb1aeab7596122cfa089a9e34bcc172a5596
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/266ceb1aeab7596122cfa089a9e34bcc172a5596
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230509/8a9a1b79/attachment.htm>
More information about the debian-security-tracker-commits
mailing list