Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: c0145217 by Moritz Muehlenhoff at 2022-07-27T23:23:52+02:00 bugnums - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -55,7 +55,7 @@ CVE-2022-2551 CVE-2022-2550 (OS Command Injection in GitHub repository hestiacp/hestiacp prior to 1 ...) NOT-FOR-US: Hestia Control Panel CVE-2022-2549 (NULL Pointer Dereference in GitHub repository gpac/gpac prior to v2.1. ...) - - gpac <unfixed> + - gpac <unfixed> (bug #1016142) [bullseye] - gpac <ignored> (Minor issue) [buster] - gpac <ignored> (Minor issue) NOTE: https://huntr.dev/bounties/c93083dc-177c-4ba0-ba83-9d7fb29a5537 @@ -11765,7 +11765,7 @@ CVE-2022-32225 (A reflected DOM-Based XSS vulnerability has been discovered in t NOT-FOR-US: Veeam CVE-2022-32224 RESERVED - - rails <unfixed> + - rails <unfixed> (bug #1016140) NOTE: https://github.com/advisories/GHSA-3hhc-qp5v-9p2j CVE-2022-32223 (Node.js is vulnerable to Hijack Execution Flow: DLL Hijacking under ce ...) - nodejs <not-affected> (Only affects Windows) @@ -33350,27 +33350,27 @@ CVE-2022-24811 (Combodi iTop is a web based IT Service Management tool. Prior to NOT-FOR-US: Combodi CVE-2022-24810 [A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer dereference] RESERVED - - net-snmp <unfixed> + - net-snmp <unfixed> (bug #1016139) NOTE: https://fossies.org/linux/net-snmp/CHANGES (fixed in 5.9.3) CVE-2022-24809 [A malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL pointer dereference] RESERVED - - net-snmp <unfixed> + - net-snmp <unfixed> (bug #1016139) NOTE: https://fossies.org/linux/net-snmp/CHANGES (fixed in 5.9.3) CVE-2022-24808 [A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference] RESERVED - - net-snmp <unfixed> + - net-snmp <unfixed> (bug #1016139) NOTE: https://fossies.org/linux/net-snmp/CHANGES (fixed in 5.9.3) CVE-2022-24807 [A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory access] RESERVED - - net-snmp <unfixed> + - net-snmp <unfixed> (bug #1016139) NOTE: https://fossies.org/linux/net-snmp/CHANGES (fixed in 5.9.3) CVE-2022-24806 [Improper Input Validation when SETing malformed OIDs in master agent and subagent simultaneously] RESERVED - - net-snmp <unfixed> + - net-snmp <unfixed> (bug #1016139) NOTE: https://fossies.org/linux/net-snmp/CHANGES (fixed in 5.9.3) CVE-2022-24805 [A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access] RESERVED - - net-snmp <unfixed> + - net-snmp <unfixed> (bug #1016139) NOTE: https://fossies.org/linux/net-snmp/CHANGES (fixed in 5.9.3) CVE-2022-24804 (Discourse is an open source platform for community discussion. In stab ...) NOT-FOR-US: Discourse @@ -63927,7 +63927,7 @@ CVE-2021-39949 CVE-2021-39948 RESERVED CVE-2021-39947 (In specific circumstances, trace file buffers in GitLab Runner version ...) - - gitlab-ci-multi-runner <unfixed> + - gitlab-ci-multi-runner <unfixed> (bug #1016138) CVE-2021-39946 (Improper neutralization of user input in GitLab CE/EE versions 14.3 to ...) - gitlab <unfixed> CVE-2021-39945 (Improper access control in the GitLab CE/EE API affecting all versions ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c01452174c8838a19000aea8a572946f527d98c4 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c01452174c8838a19000aea8a572946f527d98c4 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits