Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
deac0a55 by Moritz Muehlenhoff at 2022-07-11T21:42:19+02:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -26529,7 +26529,7 @@ CVE-2022-0761
CVE-2022-0760 (The Simple Link Directory WordPress plugin before 7.7.2 does
not valid ...)
NOT-FOR-US: WordPress plugin
CVE-2022-0759 (A flaw was found in all versions of kubeclient up to (but not
includin ...)
- - ruby-kubeclient <unfixed>
+ - ruby-kubeclient <unfixed> (bug #1014780)
[bullseye] - ruby-kubeclient <no-dsa> (Minor issue)
[buster] - ruby-kubeclient <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2058404
@@ -26843,7 +26843,7 @@ CVE-2022-25846
CVE-2022-25845 (The package com.alibaba:fastjson before 1.2.83 are vulnerable
to Deser ...)
NOT-FOR-US: com.alibaba:fastjson
CVE-2022-25844 (The package angular after 1.7.0 are vulnerable to Regular
Expression D ...)
- - angular.js <unfixed>
+ - angular.js <unfixed> (bug #1014779)
[stretch] - angular.js <ignored> (Nodejs in stretch not covered by
security support)
NOTE: https://snyk.io/vuln/SNYK-JS-ANGULAR-2772735
CVE-2022-25843
@@ -78398,7 +78398,7 @@ CVE-2021-32753 (EdgeX Foundry is an open source project
for building a common op
CVE-2021-32752 (Ether Logs is a package that allows one to check one's logs in
the Cra ...)
NOT-FOR-US: Ether Logs
CVE-2021-32751 (Gradle is a build tool with a focus on build automation. In
versions p ...)
- - gradle <unfixed>
+ - gradle <unfixed> (bug #1014778)
[bullseye] - gradle <ignored> (Minor issue)
[buster] - gradle <ignored> (Minor issue)
[stretch] - gradle <no-dsa> (Minor issue)
@@ -79579,7 +79579,7 @@ CVE-2021-32296
CVE-2021-32295
RESERVED
CVE-2021-32294 (An issue was discovered in libgig through 20200507. A
heap-buffer-over ...)
- - libgig <unfixed>
+ - libgig <unfixed> (bug #1014777)
[bullseye] - libgig <ignored> (Minor issue)
[buster] - libgig <ignored> (Minor issue)
[stretch] - libgig <postponed> (Minor issue, revisit when/if fixed
upstream)
@@ -100968,7 +100968,7 @@ CVE-2021-23922 (An issue was discovered in
Devolutions Remote Desktop Manager be
CVE-2021-23921 (An issue was discovered in Devolutions Server before 2020.3.
There is ...)
NOT-FOR-US: Devolutions Server
CVE-2020-36191 (JupyterHub 1.1.0 allows CSRF in the admin panel via a request
that lac ...)
- - jupyterhub <unfixed>
+ - jupyterhub <unfixed> (bug #1014774)
NOTE: https://github.com/jupyterhub/jupyterhub/issues/3304
CVE-2020-36190 (RailsAdmin (aka rails_admin) before 1.4.3 and 2.x before 2.0.2
allows ...)
NOT-FOR-US: RailsAdmin
@@ -118799,7 +118799,7 @@ CVE-2020-28590 (An out-of-bounds read vulnerability
exists in the Obj File Trian
NOTE: https://github.com/slic3r/Slic3r/issues/5074
NOTE: Crash in enduser application, no security impact
CVE-2020-28589 (An improper array index validation vulnerability exists in the
LoadObj ...)
- - tinyobjloader <undetermined>
+ - tinyobjloader <unfixed> (bug #1014776)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1212
CVE-2020-28588 (An information disclosure vulnerability exists in the
/proc/pid/syscal ...)
- linux 5.9.15-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/deac0a55ef18280add910102379bbfbbe068531b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/deac0a55ef18280add910102379bbfbbe068531b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
