Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: faf49d27 by security tracker role at 2022-10-27T08:10:15+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,45 @@ +CVE-2022-43945 + RESERVED +CVE-2022-43944 + RESERVED +CVE-2022-43943 + RESERVED +CVE-2022-43942 + RESERVED +CVE-2022-43941 + RESERVED +CVE-2022-43940 + RESERVED +CVE-2022-43939 + RESERVED +CVE-2022-43938 + RESERVED +CVE-2022-43937 + RESERVED +CVE-2022-43936 + RESERVED +CVE-2022-43935 + RESERVED +CVE-2022-43934 + RESERVED +CVE-2022-43933 + RESERVED +CVE-2022-3713 + RESERVED +CVE-2022-3712 + RESERVED +CVE-2022-3711 + RESERVED +CVE-2022-3710 + RESERVED +CVE-2022-3709 + RESERVED +CVE-2022-3708 + RESERVED +CVE-2022-3707 + RESERVED +CVE-2022-3706 + RESERVED CVE-2022-43932 RESERVED CVE-2022-43931 @@ -342,10 +384,10 @@ CVE-2022-43762 RESERVED CVE-2022-43761 RESERVED -CVE-2022-3705 - RESERVED -CVE-2022-3704 - RESERVED +CVE-2022-3705 (A vulnerability was found in vim and classified as problematic. Affect ...) + TODO: check +CVE-2022-3704 (A vulnerability classified as problematic has been found in Ruby on Ra ...) + TODO: check CVE-2022-3703 RESERVED CVE-2022-3702 @@ -5282,8 +5324,8 @@ CVE-2022-3365 RESERVED CVE-2022-3364 (Allocation of Resources Without Limits or Throttling in GitHub reposit ...) - rdiffweb <itp> (bug #969974) -CVE-2022-3363 - RESERVED +CVE-2022-3363 (Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2 ...) + TODO: check CVE-2022-3362 RESERVED CVE-2022-41850 (roccat_report_event in drivers/hid/hid-roccat.c in the Linux kernel th ...) @@ -5355,8 +5397,8 @@ CVE-2022-40967 RESERVED CVE-2022-40965 RESERVED -CVE-2022-40703 - RESERVED +CVE-2022-40703 (CWE-302 Authentication Bypass by Assumed-Immutable Data in AliveCor Ka ...) + TODO: check CVE-2022-40204 RESERVED CVE-2022-40202 @@ -11169,8 +11211,8 @@ CVE-2022-39357 (Winter is a free, open-source content management system based on NOT-FOR-US: Winter CVE-2022-39356 RESERVED -CVE-2022-39355 - RESERVED +CVE-2022-39355 (Discourse Patreon enables syncronization between Discourse Groups and ...) + TODO: check CVE-2022-39354 (SputnikVM, also called evm, is a Rust implementation of Ethereum Virtu ...) TODO: check CVE-2022-39353 @@ -11183,8 +11225,8 @@ CVE-2022-39350 (@dependencytrack/frontend is a Single Page Application (SPA) use TODO: check CVE-2022-39349 (The Tasks.org Android app is an open-source app for to-do lists and re ...) TODO: check -CVE-2022-39348 - RESERVED +CVE-2022-39348 (Twisted is an event-based framework for internet applications. Started ...) + TODO: check CVE-2022-39347 RESERVED CVE-2022-39346 @@ -11319,8 +11361,8 @@ CVE-2022-39288 (fastify is a fast and low overhead web framework, for Node.js. A NOT-FOR-US: Node fastify CVE-2022-39287 (tiny-csrf is a Node.js cross site request forgery (CSRF) protection mi ...) NOT-FOR-US: tiny-csrf Nodejs module -CVE-2022-39286 - RESERVED +CVE-2022-39286 (Jupyter Core is a package for the core common functionality of Jupyter ...) + TODO: check CVE-2022-39285 (ZoneMinder is a free, open source Closed-circuit television software a ...) - zoneminder 1.36.31+dfsg1-1 (unimportant; bug #1021565) NOTE: https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-h6xp-cvwv-q433 @@ -14794,8 +14836,8 @@ CVE-2022-2784 RESERVED CVE-2022-2783 (In affected versions of Octopus Server it was identified that a sessio ...) NOT-FOR-US: Octopus -CVE-2022-2782 - RESERVED +CVE-2022-2782 (In affected versions of Octopus Server it is possible for a session to ...) + TODO: check CVE-2022-2781 (In affected versions of Octopus Server it was identified that the same ...) NOT-FOR-US: Octopus CVE-2022-2780 (In affected versions of Octopus Server it is possible to use the Git C ...) @@ -19342,8 +19384,8 @@ CVE-2022-2509 (A vulnerability found in gnutls. This security flaw happens becau NOTE: https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07 NOTE: https://gitlab.com/gnutls/gnutls/-/issues/1383 (restricted) NOTE: https://gitlab.com/gnutls/gnutls/-/commit/ce37f9eb265dbe9b6d597f5767449e8ee95848e2 -CVE-2022-2508 - RESERVED +CVE-2022-2508 (In affected versions of Octopus Server it is possible to reveal the ex ...) + TODO: check CVE-2022-2507 RESERVED CVE-2022-2506 @@ -48872,8 +48914,8 @@ CVE-2022-25921 (All versions of package morgan-json are vulnerable to Arbitrary NOT-FOR-US: Node morgan-json CVE-2022-25919 RESERVED -CVE-2022-25918 - RESERVED +CVE-2022-25918 (The package shescape from 1.5.10 and before 1.6.1 are vulnerable to Re ...) + TODO: check CVE-2022-25916 RESERVED CVE-2022-25914 (The package com.google.cloud.tools:jib-core before 0.22.0 are vulnerab ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/faf49d27dbd1924b97fdd39b6df0ffceb8310477 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/faf49d27dbd1924b97fdd39b6df0ffceb8310477 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits