Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 63bc46fb by security tracker role at 2022-02-01T08:10:17+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,35 @@ +CVE-2022-24286 + RESERVED +CVE-2022-24285 + RESERVED +CVE-2022-24284 + RESERVED +CVE-2022-24283 + RESERVED +CVE-2022-0437 + RESERVED +CVE-2022-0436 + RESERVED +CVE-2021-46669 (MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_ ...) + TODO: check +CVE-2021-46668 (MariaDB through 10.5.9 allows an application crash via certain long SE ...) + TODO: check +CVE-2021-46667 (MariaDB before 10.6.5 has a sql_lex.cc integer overflow, leading to an ...) + TODO: check +CVE-2021-46666 (MariaDB before 10.6.2 allows an application crash because of mishandli ...) + TODO: check +CVE-2021-46665 (MariaDB through 10.5.9 allows a sql_parse.cc application crash because ...) + TODO: check +CVE-2021-46664 (MariaDB through 10.5.9 allows an application crash in sub_select_postj ...) + TODO: check +CVE-2021-46663 (MariaDB through 10.5.13 allows a ha_maria::extra application crash via ...) + TODO: check +CVE-2021-46662 (MariaDB through 10.5.9 allows a set_var.cc application crash via certa ...) + TODO: check +CVE-2021-46661 (MariaDB through 10.5.9 allows an application crash in find_field_in_ta ...) + TODO: check +CVE-2021-4218 + RESERVED CVE-2022-24282 RESERVED CVE-2022-24281 @@ -63,14 +95,14 @@ CVE-2022-24268 RESERVED CVE-2022-24267 RESERVED -CVE-2022-24266 - RESERVED -CVE-2022-24265 - RESERVED -CVE-2022-24264 - RESERVED -CVE-2022-24263 - RESERVED +CVE-2022-24266 (Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability ...) + TODO: check +CVE-2022-24265 (Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability ...) + TODO: check +CVE-2022-24264 (Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability ...) + TODO: check +CVE-2022-24263 (Hospital Management System v4.0 was discovered to contain a SQL inject ...) + TODO: check CVE-2022-24262 RESERVED CVE-2022-24261 @@ -1323,8 +1355,8 @@ CVE-2022-23874 RESERVED CVE-2022-23873 RESERVED -CVE-2022-23872 - RESERVED +CVE-2022-23872 (Emlog pro v1.1.1 was discovered to contain a stored cross-site scripti ...) + TODO: check CVE-2022-23871 RESERVED CVE-2022-23870 @@ -1972,8 +2004,8 @@ CVE-2022-23776 RESERVED CVE-2022-23775 RESERVED -CVE-2022-23774 - RESERVED +CVE-2022-23774 (Docker Desktop before 4.4.4 on Windows allows attackers to move arbitr ...) + TODO: check CVE-2022-23773 RESERVED CVE-2022-23772 @@ -5773,6 +5805,7 @@ CVE-2022-22596 CVE-2022-22595 RESERVED CVE-2022-22594 [A cross-origin issue in the IndexDB API was addressed with improved input validation] + RESERVED {DSA-5061-1 DSA-5060-1} - webkit2gtk 2.34.4-1 [stretch] - webkit2gtk <ignored> (Not covered by security support in stretch) @@ -14030,8 +14063,8 @@ CVE-2022-21661 (WordPress is a free and open-source content management system wr NOTE: https://www.zerodayinitiative.com/blog/2022/1/18/cve-2021-21661-exposing-database-info-via-wordpress-sql-injection CVE-2022-21660 RESERVED -CVE-2022-21659 - RESERVED +CVE-2022-21659 (Flask-AppBuilder is an application development framework, built on top ...) + TODO: check CVE-2022-21658 (Rust is a multi-paradigm, general-purpose programming language designe ...) - rustc <unfixed> NOTE: https://github.com/rust-lang/wg-security-response/tree/master/patches/CVE-2022-21658 @@ -46527,7 +46560,7 @@ CVE-2018-25014 (A flaw was found in libwebp in versions before 1.0.1. An unitial - libwebp 0.6.1-2.1 NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496 CVE-2021-3534 - RESERVED + REJECTED CVE-2021-3533 (A flaw was found in Ansible if an ansible user sets ANSIBLE_ASYNC_DIR ...) - ansible <unfixed> [bullseye] - ansible <postponed> (Minor issue, revisit when/if fixed upstream) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/63bc46fb702799e19f85fae65633b0c1604f4ae5 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/63bc46fb702799e19f85fae65633b0c1604f4ae5 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits