Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c0145217 by Moritz Muehlenhoff at 2022-07-27T23:23:52+02:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -55,7 +55,7 @@ CVE-2022-2551
CVE-2022-2550 (OS Command Injection in GitHub repository hestiacp/hestiacp
prior to 1 ...)
NOT-FOR-US: Hestia Control Panel
CVE-2022-2549 (NULL Pointer Dereference in GitHub repository gpac/gpac prior
to v2.1. ...)
- - gpac <unfixed>
+ - gpac <unfixed> (bug #1016142)
[bullseye] - gpac <ignored> (Minor issue)
[buster] - gpac <ignored> (Minor issue)
NOTE: https://huntr.dev/bounties/c93083dc-177c-4ba0-ba83-9d7fb29a5537
@@ -11765,7 +11765,7 @@ CVE-2022-32225 (A reflected DOM-Based XSS vulnerability
has been discovered in t
NOT-FOR-US: Veeam
CVE-2022-32224
RESERVED
- - rails <unfixed>
+ - rails <unfixed> (bug #1016140)
NOTE: https://github.com/advisories/GHSA-3hhc-qp5v-9p2j
CVE-2022-32223 (Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking
under ce ...)
- nodejs <not-affected> (Only affects Windows)
@@ -33350,27 +33350,27 @@ CVE-2022-24811 (Combodi iTop is a web based IT
Service Management tool. Prior to
NOT-FOR-US: Combodi
CVE-2022-24810 [A malformed OID in a SET to the nsVacmAccessTable can cause a
NULL pointer dereference]
RESERVED
- - net-snmp <unfixed>
+ - net-snmp <unfixed> (bug #1016139)
NOTE: https://fossies.org/linux/net-snmp/CHANGES (fixed in 5.9.3)
CVE-2022-24809 [A malformed OID in a GET-NEXT to the nsVacmAccessTable can
cause a NULL pointer dereference]
RESERVED
- - net-snmp <unfixed>
+ - net-snmp <unfixed> (bug #1016139)
NOTE: https://fossies.org/linux/net-snmp/CHANGES (fixed in 5.9.3)
CVE-2022-24808 [A malformed OID in a SET request to
NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference]
RESERVED
- - net-snmp <unfixed>
+ - net-snmp <unfixed> (bug #1016139)
NOTE: https://fossies.org/linux/net-snmp/CHANGES (fixed in 5.9.3)
CVE-2022-24807 [A malformed OID in a SET request to
SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory
access]
RESERVED
- - net-snmp <unfixed>
+ - net-snmp <unfixed> (bug #1016139)
NOTE: https://fossies.org/linux/net-snmp/CHANGES (fixed in 5.9.3)
CVE-2022-24806 [Improper Input Validation when SETing malformed OIDs in master
agent and subagent simultaneously]
RESERVED
- - net-snmp <unfixed>
+ - net-snmp <unfixed> (bug #1016139)
NOTE: https://fossies.org/linux/net-snmp/CHANGES (fixed in 5.9.3)
CVE-2022-24805 [A buffer overflow in the handling of the INDEX of
NET-SNMP-VACM-MIB can cause an out-of-bounds memory access]
RESERVED
- - net-snmp <unfixed>
+ - net-snmp <unfixed> (bug #1016139)
NOTE: https://fossies.org/linux/net-snmp/CHANGES (fixed in 5.9.3)
CVE-2022-24804 (Discourse is an open source platform for community discussion.
In stab ...)
NOT-FOR-US: Discourse
@@ -63927,7 +63927,7 @@ CVE-2021-39949
CVE-2021-39948
RESERVED
CVE-2021-39947 (In specific circumstances, trace file buffers in GitLab Runner
version ...)
- - gitlab-ci-multi-runner <unfixed>
+ - gitlab-ci-multi-runner <unfixed> (bug #1016138)
CVE-2021-39946 (Improper neutralization of user input in GitLab CE/EE versions
14.3 to ...)
- gitlab <unfixed>
CVE-2021-39945 (Improper access control in the GitLab CE/EE API affecting all
versions ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c01452174c8838a19000aea8a572946f527d98c4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c01452174c8838a19000aea8a572946f527d98c4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
