[Git][security-tracker-team/security-tracker][master] Add CVE-2022-29946

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Jul 13 09:16:31 BST 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1ce26569 by Salvatore Bonaccorso at 2024-07-13T10:15:59+02:00
Add CVE-2022-29946

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -175299,7 +175299,9 @@ CVE-2022-29948 (Due to an insecure design, the Lepin EP-KP001 flash drive throug
 CVE-2022-29947 (Woodpecker before 0.15.1 allows XSS via build logs because web/src/com ...)
 	- woodpecker <itp> (bug #1008934)
 CVE-2022-29946 (NATS.io NATS Server before 2.8.2 and Streaming Server before 0.24.6 co ...)
-	TODO: check
+	- nats-server 2.9.8-1
+	- golang-github-nats-io-nats-streaming-server <itp> (bug #914290)
+	NOTE: https://github.com/nats-io/advisories/blob/main/CVE/CVE-2022-29946.txt
 CVE-2022-29945 (DJI drone devices sold in 2017 through 2022 broadcast unencrypted info ...)
 	NOT-FOR-US: DJI drone devices
 CVE-2022-29944 (An issue was discovered in ONOS 2.5.1. There is an incorrect compariso ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1ce26569a0167ee0369b6a2961f6478263f7d962

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1ce26569a0167ee0369b6a2961f6478263f7d962
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240713/0ffb0bad/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list