[Git][security-tracker-team/security-tracker][master] automatic update

Thu, 27 Oct 2022 01:10:35 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
faf49d27 by security tracker role at 2022-10-27T08:10:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,45 @@
+CVE-2022-43945
+       RESERVED
+CVE-2022-43944
+       RESERVED
+CVE-2022-43943
+       RESERVED
+CVE-2022-43942
+       RESERVED
+CVE-2022-43941
+       RESERVED
+CVE-2022-43940
+       RESERVED
+CVE-2022-43939
+       RESERVED
+CVE-2022-43938
+       RESERVED
+CVE-2022-43937
+       RESERVED
+CVE-2022-43936
+       RESERVED
+CVE-2022-43935
+       RESERVED
+CVE-2022-43934
+       RESERVED
+CVE-2022-43933
+       RESERVED
+CVE-2022-3713
+       RESERVED
+CVE-2022-3712
+       RESERVED
+CVE-2022-3711
+       RESERVED
+CVE-2022-3710
+       RESERVED
+CVE-2022-3709
+       RESERVED
+CVE-2022-3708
+       RESERVED
+CVE-2022-3707
+       RESERVED
+CVE-2022-3706
+       RESERVED
 CVE-2022-43932
        RESERVED
 CVE-2022-43931
@@ -342,10 +384,10 @@ CVE-2022-43762
        RESERVED
 CVE-2022-43761
        RESERVED
-CVE-2022-3705
-       RESERVED
-CVE-2022-3704
-       RESERVED
+CVE-2022-3705 (A vulnerability was found in vim and classified as problematic. 
Affect ...)
+       TODO: check
+CVE-2022-3704 (A vulnerability classified as problematic has been found in 
Ruby on Ra ...)
+       TODO: check
 CVE-2022-3703
        RESERVED
 CVE-2022-3702
@@ -5282,8 +5324,8 @@ CVE-2022-3365
        RESERVED
 CVE-2022-3364 (Allocation of Resources Without Limits or Throttling in GitHub 
reposit ...)
        - rdiffweb <itp> (bug #969974)
-CVE-2022-3363
-       RESERVED
+CVE-2022-3363 (Business Logic Errors in GitHub repository ikus060/rdiffweb 
prior to 2 ...)
+       TODO: check
 CVE-2022-3362
        RESERVED
 CVE-2022-41850 (roccat_report_event in drivers/hid/hid-roccat.c in the Linux 
kernel th ...)
@@ -5355,8 +5397,8 @@ CVE-2022-40967
        RESERVED
 CVE-2022-40965
        RESERVED
-CVE-2022-40703
-       RESERVED
+CVE-2022-40703 (CWE-302 Authentication Bypass by Assumed-Immutable Data in 
AliveCor Ka ...)
+       TODO: check
 CVE-2022-40204
        RESERVED
 CVE-2022-40202
@@ -11169,8 +11211,8 @@ CVE-2022-39357 (Winter is a free, open-source content 
management system based on
        NOT-FOR-US: Winter
 CVE-2022-39356
        RESERVED
-CVE-2022-39355
-       RESERVED
+CVE-2022-39355 (Discourse Patreon enables syncronization between Discourse 
Groups and  ...)
+       TODO: check
 CVE-2022-39354 (SputnikVM, also called evm, is a Rust implementation of 
Ethereum Virtu ...)
        TODO: check
 CVE-2022-39353
@@ -11183,8 +11225,8 @@ CVE-2022-39350 (@dependencytrack/frontend is a Single 
Page Application (SPA) use
        TODO: check
 CVE-2022-39349 (The Tasks.org Android app is an open-source app for to-do 
lists and re ...)
        TODO: check
-CVE-2022-39348
-       RESERVED
+CVE-2022-39348 (Twisted is an event-based framework for internet applications. 
Started ...)
+       TODO: check
 CVE-2022-39347
        RESERVED
 CVE-2022-39346
@@ -11319,8 +11361,8 @@ CVE-2022-39288 (fastify is a fast and low overhead web 
framework, for Node.js. A
        NOT-FOR-US: Node fastify
 CVE-2022-39287 (tiny-csrf is a Node.js cross site request forgery (CSRF) 
protection mi ...)
        NOT-FOR-US: tiny-csrf Nodejs module
-CVE-2022-39286
-       RESERVED
+CVE-2022-39286 (Jupyter Core is a package for the core common functionality of 
Jupyter ...)
+       TODO: check
 CVE-2022-39285 (ZoneMinder is a free, open source Closed-circuit television 
software a ...)
        - zoneminder 1.36.31+dfsg1-1 (unimportant; bug #1021565)
        NOTE: 
https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-h6xp-cvwv-q433
@@ -14794,8 +14836,8 @@ CVE-2022-2784
        RESERVED
 CVE-2022-2783 (In affected versions of Octopus Server it was identified that a 
sessio ...)
        NOT-FOR-US: Octopus
-CVE-2022-2782
-       RESERVED
+CVE-2022-2782 (In affected versions of Octopus Server it is possible for a 
session to ...)
+       TODO: check
 CVE-2022-2781 (In affected versions of Octopus Server it was identified that 
the same ...)
        NOT-FOR-US: Octopus
 CVE-2022-2780 (In affected versions of Octopus Server it is possible to use 
the Git C ...)
@@ -19342,8 +19384,8 @@ CVE-2022-2509 (A vulnerability found in gnutls. This 
security flaw happens becau
        NOTE: https://gnutls.org/security-new.html#GNUTLS-SA-2022-07-07
        NOTE: https://gitlab.com/gnutls/gnutls/-/issues/1383 (restricted)
        NOTE: 
https://gitlab.com/gnutls/gnutls/-/commit/ce37f9eb265dbe9b6d597f5767449e8ee95848e2
-CVE-2022-2508
-       RESERVED
+CVE-2022-2508 (In affected versions of Octopus Server it is possible to reveal 
the ex ...)
+       TODO: check
 CVE-2022-2507
        RESERVED
 CVE-2022-2506
@@ -48872,8 +48914,8 @@ CVE-2022-25921 (All versions of package morgan-json are 
vulnerable to Arbitrary
        NOT-FOR-US: Node morgan-json
 CVE-2022-25919
        RESERVED
-CVE-2022-25918
-       RESERVED
+CVE-2022-25918 (The package shescape from 1.5.10 and before 1.6.1 are 
vulnerable to Re ...)
+       TODO: check
 CVE-2022-25916
        RESERVED
 CVE-2022-25914 (The package com.google.cloud.tools:jib-core before 0.22.0 are 
vulnerab ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/faf49d27dbd1924b97fdd39b6df0ffceb8310477

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/faf49d27dbd1924b97fdd39b6df0ffceb8310477
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to