Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 14a1bfef by security tracker role at 2023-01-31T08:10:17+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,15 @@ +CVE-2023-24833 + RESERVED +CVE-2023-24832 + RESERVED +CVE-2023-0587 + RESERVED +CVE-2023-0586 + RESERVED +CVE-2023-0585 + RESERVED +CVE-2016-15023 + RESERVED CVE-2023-24831 RESERVED CVE-2023-24828 @@ -475,8 +487,8 @@ CVE-2023-0573 RESERVED CVE-2023-0572 (Unchecked Error Condition in GitHub repository froxlor/froxlor prior t ...) - froxlor <itp> (bug #581792) -CVE-2022-4898 - RESERVED +CVE-2022-4898 (In affected versions of Octopus Server the help sidebar can be customi ...) + TODO: check CVE-2022-48304 RESERVED CVE-2022-48303 (GNU Tar through 1.34 has a one-byte out-of-bounds read that results in ...) @@ -1083,16 +1095,16 @@ CVE-2023-24467 RESERVED CVE-2023-24466 RESERVED -CVE-2023-24020 - RESERVED -CVE-2023-23582 - RESERVED -CVE-2023-22389 - RESERVED +CVE-2023-24020 (Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior could bypass ...) + TODO: check +CVE-2023-23582 (Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior are vulnerab ...) + TODO: check +CVE-2023-22389 (Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior store passwo ...) + TODO: check CVE-2023-22371 RESERVED -CVE-2023-22315 - RESERVED +CVE-2023-22315 (Snap One Wattbox WB-300-IP-3 versions WB10.9a17 and prior use a propri ...) + TODO: check CVE-2023-0456 RESERVED CVE-2023-0455 (Unrestricted Upload of File with Dangerous Type in GitHub repository u ...) @@ -1952,7 +1964,7 @@ CVE-2023-0435 (Excessive Attack Surface in GitHub repository pyload/pyload prior CVE-2022-4895 RESERVED CVE-2022-48281 (processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has ...) - {DSA-5333-1} + {DSA-5333-1 DLA-3297-1} - tiff 4.5.0-4 (bug #1029653) NOTE: https://gitlab.com/libtiff/libtiff/-/commit/d1b6b9c1b3cae2d9e37754506c1ad8f4f7b646b5 NOTE: https://gitlab.com/libtiff/libtiff/-/issues/488 @@ -2048,6 +2060,7 @@ CVE-2023-24040 (** UNSUPPORTED WHEN ASSIGNED ** dtprintinfo in Common Desktop En CVE-2023-24039 (** UNSUPPORTED WHEN ASSIGNED ** A stack-based buffer overflow in Parse ...) NOT-FOR-US: Oracle CVE-2023-24038 (The HTML-StripScripts module through 1.06 for Perl allows _hss_attval_ ...) + {DLA-3296-1} - libhtml-stripscripts-perl 1.06-4 (bug #1029400) NOTE: https://github.com/clintongormley/perl-html-stripscripts/issues/3 NOTE: https://github.com/clintongormley/perl-html-stripscripts/pull/4 @@ -6140,8 +6153,8 @@ CVE-2023-0099 RESERVED CVE-2023-0098 RESERVED -CVE-2023-0097 - RESERVED +CVE-2023-0097 (The Post Grid, Post Carousel, & List Category Posts WordPress plug ...) + TODO: check CVE-2023-0096 RESERVED CVE-2023-0095 @@ -6382,14 +6395,14 @@ CVE-2023-0076 RESERVED CVE-2023-0075 RESERVED -CVE-2023-0074 - RESERVED +CVE-2023-0074 (The WP Social Widget WordPress plugin before 2.2.4 does not validate a ...) + TODO: check CVE-2023-0073 RESERVED CVE-2023-0072 RESERVED -CVE-2023-0071 - RESERVED +CVE-2023-0071 (The WP Tabs WordPress plugin before 2.1.17 does not validate and escap ...) + TODO: check CVE-2023-0070 RESERVED CVE-2023-0069 @@ -6506,8 +6519,8 @@ CVE-2022-4874 (Authentication bypass in Netcomm router models NF20MESH, NF20, an NOT-FOR-US: Netcomm CVE-2022-4873 (On Netcomm router models NF20MESH, NF20, and NL1902 a stack based buff ...) NOT-FOR-US: Netcomm -CVE-2022-4872 - RESERVED +CVE-2022-4872 (The Chained Products WordPress plugin before 2.12.0 does not have auth ...) + TODO: check CVE-2022-48217 (** DISPUTED ** The tf_remapper_node component 1.1.1 for Robot Operatin ...) NOT-FOR-US: ROS tf_remapper_node CVE-2022-48216 (Uniswap Universal Router before 1.1.0 mishandles reentrancy. This woul ...) @@ -6617,8 +6630,8 @@ CVE-2012-10002 (A vulnerability was found in ahmyi RivetTracker. It has been dec NOT-FOR-US: ahmyi RivetTracker CVE-2023-0034 RESERVED -CVE-2023-0033 - RESERVED +CVE-2023-0033 (The PDF Viewer WordPress plugin before 1.0.0 does not validate and esc ...) + TODO: check CVE-2022-4870 RESERVED CVE-2015-10011 (A vulnerability classified as problematic has been found in OpenDNS Op ...) @@ -6986,20 +6999,20 @@ CVE-2023-22488 (Flarum is a forum software for building communities. Using the n CVE-2023-22487 (Flarum is a forum software for building communities. Using the mention ...) NOT-FOR-US: Flarum CVE-2023-22486 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and renderin ...) - - cmark-gfm <unfixed> + - cmark-gfm <unfixed> NOTE: https://github.com/github/cmark-gfm/security/advisories/GHSA-r572-jvj2-3m8p NOTE: https://github.com/github/cmark-gfm/commit/ece074cc3378f7a8dec0395f00123e9fa6981f7b (0.29.0.gfm.7) TODO: check other codebase, python-cmarkgfm, ghostwriter, ruby-commonmarker and r-cran-commonmark CVE-2023-22485 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and renderin ...) - - cmark-gfm <unfixed> + - cmark-gfm <unfixed> NOTE: https://github.com/github/cmark-gfm/security/advisories/GHSA-c944-cv5f-hpvr TODO: check other codebase, python-cmarkgfm, ghostwriter, ruby-commonmarker and r-cran-commonmark CVE-2023-22484 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and renderin ...) - - cmark-gfm <unfixed> + - cmark-gfm <unfixed> NOTE: https://github.com/github/cmark-gfm/security/advisories/GHSA-24f7-9frr-5h2r TODO: check other codebase, python-cmarkgfm, ghostwriter, ruby-commonmarker and r-cran-commonmark CVE-2023-22483 (cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and renderin ...) - - cmark-gfm <unfixed> + - cmark-gfm <unfixed> NOTE: https://github.com/github/cmark-gfm/security/advisories/GHSA-29g3-96g3-jg6c TODO: check other codebase, python-cmarkgfm, ghostwriter, ruby-commonmarker and r-cran-commonmark CVE-2023-22482 (Argo CD is a declarative, GitOps continuous delivery tool for Kubernet ...) @@ -7058,26 +7071,26 @@ CVE-2022-4839 (Cross-site Scripting (XSS) - Stored in GitHub repository usememos NOT-FOR-US: usememos CVE-2022-4838 RESERVED -CVE-2022-4837 - RESERVED +CVE-2022-4837 (The CPO Companion WordPress plugin before 1.1.0 does not validate and ...) + TODO: check CVE-2022-4836 RESERVED -CVE-2022-4835 - RESERVED -CVE-2022-4834 - RESERVED +CVE-2022-4835 (The Social Sharing Toolkit WordPress plugin through 2.6 does not valid ...) + TODO: check +CVE-2022-4834 (The CPT Bootstrap Carousel WordPress plugin through 1.12 does not vali ...) + TODO: check CVE-2022-4833 RESERVED CVE-2022-4832 (The Store Locator WordPress plugin before 1.4.9 does not validate and ...) NOT-FOR-US: WordPress plugin -CVE-2022-4831 - RESERVED +CVE-2022-4831 (The Custom User Profile Fields for User Registration WordPress plugin ...) + TODO: check CVE-2022-4830 RESERVED CVE-2022-4829 RESERVED -CVE-2022-4828 - RESERVED +CVE-2022-4828 (The Bold Timeline Lite WordPress plugin before 1.1.5 does not validate ...) + TODO: check CVE-2022-4827 RESERVED CVE-2022-4826 @@ -7196,10 +7209,10 @@ CVE-2022-48178 RESERVED CVE-2022-48177 RESERVED -CVE-2022-48176 - RESERVED -CVE-2022-48175 - RESERVED +CVE-2022-48176 (Netgear routers R7000P before v1.3.3.154, R6900P before v1.3.3.154, R7 ...) + TODO: check +CVE-2022-48175 (Rukovoditel v3.2.1 was discovered to contain a remote code execution ( ...) + TODO: check CVE-2022-48174 RESERVED CVE-2022-48173 @@ -7536,8 +7549,8 @@ CVE-2022-48008 (An arbitrary file upload vulnerability in the plugin manager of - limesurvey <itp> (bug #472802) CVE-2022-48007 (A stored cross-site scripting (XSS) vulnerability in identification.ph ...) - piwigo <removed> -CVE-2022-48006 - RESERVED +CVE-2022-48006 (An arbitrary file upload vulnerability in taocms v3.0.2 allows attacke ...) + TODO: check CVE-2022-48005 RESERVED CVE-2022-48004 @@ -7650,12 +7663,12 @@ CVE-2022-4796 (Incorrect Use of Privileged APIs in GitHub repository usememos/me NOT-FOR-US: usememos CVE-2022-4795 RESERVED -CVE-2022-4794 - RESERVED -CVE-2022-4793 - RESERVED -CVE-2022-4792 - RESERVED +CVE-2022-4794 (The AAWP WordPress plugin before 3.12.3 can be used to abuse trusted d ...) + TODO: check +CVE-2022-4793 (The Blog Designer WordPress plugin before 2.4.1 does not validate and ...) + TODO: check +CVE-2022-4792 (The News & Blog Designer Pack WordPress plugin before 3.3 does not ...) + TODO: check CVE-2022-4791 RESERVED CVE-2022-4790 (The WP Google My Business Auto Publish WordPress plugin before 3.4 doe ...) @@ -7664,8 +7677,8 @@ CVE-2022-4789 (The WPZOOM Portfolio WordPress plugin before 1.2.2 does not valid NOT-FOR-US: WordPress plugin CVE-2022-4788 RESERVED -CVE-2022-4787 - RESERVED +CVE-2022-4787 (Themify Shortcodes WordPress plugin before 2.0.8 does not validate and ...) + TODO: check CVE-2022-4786 RESERVED CVE-2022-4785 @@ -7676,8 +7689,8 @@ CVE-2022-4783 RESERVED CVE-2022-4782 RESERVED -CVE-2022-4781 - RESERVED +CVE-2022-4781 (The Accordion Shortcodes WordPress plugin through 2.4.2 does not valid ...) + TODO: check CVE-2022-4780 (ISOS firmwares from versions 1.81 to 2.00 contain hardcoded credential ...) NOT-FOR-US: ISOS firmwares CVE-2022-4779 (StreamX applications from versions 6.02.01 to 6.04.34 are affected by ...) @@ -7800,8 +7813,8 @@ CVE-2022-47969 RESERVED CVE-2022-4777 RESERVED -CVE-2022-4776 - RESERVED +CVE-2022-4776 (The CC Child Pages WordPress plugin before 1.43 does not validate and ...) + TODO: check CVE-2022-4775 (The GeoDirectory WordPress plugin before 2.2.22 does not validate and ...) NOT-FOR-US: WordPress plugin CVE-2022-4774 @@ -7819,11 +7832,13 @@ CVE-2022-4769 CVE-2022-4768 (A vulnerability was found in Dropbox merou. It has been classified as ...) NOT-FOR-US: Dropbox merou CVE-2022-47318 (ruby-git versions prior to v1.13.0 allows a remote authenticated attac ...) + {DLA-3303-1} - ruby-git 1.13.1-1 [bullseye] - ruby-git <no-dsa> (Minor issue) NOTE: https://github.com/ruby-git/ruby-git/pull/602 NOTE: https://github.com/ruby-git/ruby-git/commit/4fe8738e8348567255ab4be25867684b5d0d282d (v1.13.0) CVE-2022-46648 (ruby-git versions prior to v1.13.0 allows a remote authenticated attac ...) + {DLA-3303-1} - ruby-git 1.13.1-1 [bullseye] - ruby-git <no-dsa> (Minor issue) NOTE: https://github.com/ruby-git/ruby-git/pull/602 @@ -7914,12 +7929,12 @@ CVE-2022-4767 (Denial of Service in GitHub repository usememos/memos prior to 0. NOT-FOR-US: usememos CVE-2022-4766 (A vulnerability was found in dolibarr_project_timesheet up to 4.5.5. I ...) NOT-FOR-US: dolibarr_project_timesheet -CVE-2022-4765 - RESERVED +CVE-2022-4765 (The Portfolio for Elementor WordPress plugin before 2.3.1 does not val ...) + TODO: check CVE-2022-4764 RESERVED -CVE-2022-4763 - RESERVED +CVE-2022-4763 (The Icon Widget WordPress plugin before 1.3.0 does not validate and es ...) + TODO: check CVE-2022-4762 RESERVED CVE-2022-4761 @@ -7946,8 +7961,8 @@ CVE-2022-4751 (The Word Balloon WordPress plugin before 4.19.3 does not validate NOT-FOR-US: WordPress plugin CVE-2022-4750 RESERVED -CVE-2022-4749 - RESERVED +CVE-2022-4749 (The Posts List Designer by Category WordPress plugin before 3.2 does n ...) + TODO: check CVE-2022-4748 (A vulnerability was found in FlatPress. It has been classified as crit ...) NOT-FOR-US: FlatPress CVE-2022-4747 @@ -8064,6 +8079,7 @@ CVE-2022-47952 (lxc-user-nic in lxc through 5.0.1 is installed setuid root, and NOTE: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1783591/comments/45 NOTE: Different issue than CVE-2018-6556 CVE-2022-47951 (An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before ...) + {DLA-3302-1 DLA-3301-1 DLA-3300-1} - nova 2:26.0.0-6 (bug #1029561) - cinder 2:21.0.0-3 (bug #1029562) - glance 2:25.0.0-2 (bug #1029563) @@ -8186,8 +8202,8 @@ CVE-2022-4701 (The Royal Elementor Addons plugin for WordPress is vulnerable to NOT-FOR-US: Royal Elementor Addons plugin for WordPress CVE-2022-4700 (The Royal Elementor Addons plugin for WordPress is vulnerable to insuf ...) NOT-FOR-US: Royal Elementor Addons plugin for WordPress -CVE-2022-4699 - RESERVED +CVE-2022-4699 (The MediaElement.js WordPress plugin through 4.2.8 does not validate a ...) + TODO: check CVE-2022-4698 (The ProfilePress plugin for WordPress is vulnerable to Stored Cross-Si ...) NOT-FOR-US: ProfilePress plugin for WordPress CVE-2022-4697 (The ProfilePress plugin for WordPress is vulnerable to Stored Cross-Si ...) @@ -8285,8 +8301,8 @@ CVE-2022-47927 (An issue was discovered in MediaWiki before 1.35.9, 1.36.x throu NOTE: https://phabricator.wikimedia.org/T322637 CVE-2022-47914 RESERVED -CVE-2022-4680 - RESERVED +CVE-2022-4680 (The Revive Old Posts WordPress plugin before 9.0.11 unserializes user ...) + TODO: check CVE-2022-4679 RESERVED CVE-2022-4678 @@ -8309,16 +8325,16 @@ CVE-2022-4673 (The Rate my Post WordPress plugin before 3.3.9 does not validate NOT-FOR-US: WordPress plugin CVE-2022-4672 (The WordPress Simple Shopping Cart WordPress plugin before 4.6.2 does ...) NOT-FOR-US: WordPress plugin -CVE-2022-4671 - RESERVED +CVE-2022-4671 (The PixCodes WordPress plugin before 2.3.7 does not validate and escap ...) + TODO: check CVE-2022-4670 RESERVED CVE-2022-4669 RESERVED CVE-2022-4668 (The Easy Appointments WordPress plugin before 3.11.2 does not validate ...) NOT-FOR-US: WordPress plugin -CVE-2022-4667 - RESERVED +CVE-2022-4667 (The RSS Aggregator by Feedzy WordPress plugin before 4.1.1 does not va ...) + TODO: check CVE-2022-4666 RESERVED CVE-2022-4665 (Unrestricted Upload of File with Dangerous Type in GitHub repository a ...) @@ -8370,18 +8386,18 @@ CVE-2022-4656 RESERVED CVE-2022-4655 (The Welcart e-Commerce WordPress plugin before 2.8.9 does not validate ...) NOT-FOR-US: WordPress plugin -CVE-2022-4654 - RESERVED +CVE-2022-4654 (The Pricing Tables WordPress Plugin WordPress plugin before 3.2.3 does ...) + TODO: check CVE-2022-4653 (The Greenshift WordPress plugin before 4.8.9 does not validate and esc ...) NOT-FOR-US: WordPress plugin CVE-2022-4652 RESERVED -CVE-2022-4651 - RESERVED +CVE-2022-4651 (The Justified Gallery WordPress plugin before 1.7.1 does not validate ...) + TODO: check CVE-2022-4650 (The HashBar WordPress plugin before 1.3.6 does not validate and escape ...) NOT-FOR-US: WordPress plugin -CVE-2022-4649 - RESERVED +CVE-2022-4649 (The WP Extended Search WordPress plugin before 2.1.2 does not validate ...) + TODO: check CVE-2020-36625 (** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in destiny.g ...) NOT-FOR-US: destiny.gg chat CVE-2020-36624 (A vulnerability was found in ahorner text-helpers up to 1.0.x. It has ...) @@ -10631,10 +10647,10 @@ CVE-2022-4555 (The WP Shamsi plugin for WordPress is vulnerable to authorization NOT-FOR-US: WP Shamsi plugin for WordPress CVE-2022-4554 (B2B Customer Ordering System developed by ID Software Project and Cons ...) NOT-FOR-US: B2B Customer Ordering System -CVE-2022-4553 - RESERVED -CVE-2022-4552 - RESERVED +CVE-2022-4553 (The FL3R FeelBox WordPress plugin through 8.1 does not have CSRF check ...) + TODO: check +CVE-2022-4552 (The FL3R FeelBox WordPress plugin through 8.1 does not have CSRF check ...) + TODO: check CVE-2022-4551 RESERVED CVE-2022-4550 @@ -11008,8 +11024,8 @@ CVE-2022-4498 (In TP-Link routers, Archer C5 and WR710N-V1, running the latest a NOT-FOR-US: TP-Link CVE-2022-4497 (The Jetpack CRM WordPress plugin before 5.5 does not validate and esca ...) NOT-FOR-US: WordPress plugin -CVE-2022-4496 - RESERVED +CVE-2022-4496 (The SAML SSO Standard WordPress plugin version 16.0.0 before 16.0.8, S ...) + TODO: check CVE-2022-4495 (A vulnerability, which was classified as problematic, has been found i ...) NOT-FOR-US: collective.dms.basecontent CVE-2022-4494 (A vulnerability, which was classified as critical, has been found in b ...) @@ -11194,12 +11210,12 @@ CVE-2022-4474 (The Easy Social Feed WordPress plugin before 6.4.0 does not valid NOT-FOR-US: WordPress plugin CVE-2022-4473 RESERVED -CVE-2022-4472 - RESERVED +CVE-2022-4472 (The Simple Sitemap WordPress plugin before 3.5.8 does not validate and ...) + TODO: check CVE-2022-4471 RESERVED -CVE-2022-4470 - RESERVED +CVE-2022-4470 (The Widgets for Google Reviews WordPress plugin before 9.8 does not va ...) + TODO: check CVE-2022-4469 (The Simple Membership WordPress plugin before 4.2.2 does not validate ...) NOT-FOR-US: WordPress plugin CVE-2022-4468 (The WP Recipe Maker WordPress plugin before 8.6.1 does not validate an ...) @@ -11720,8 +11736,8 @@ CVE-2022-44454 RESERVED CVE-2022-44450 RESERVED -CVE-2022-4441 - RESERVED +CVE-2022-4441 (Incorrect Privilege Assignment vulnerability in Hitachi Storage Plug-i ...) + TODO: check CVE-2022-4440 (Use after free in Profiles in Google Chrome prior to 108.0.5359.124 al ...) {DSA-5302-1} - chromium 108.0.5359.124-1 @@ -12521,8 +12537,8 @@ CVE-2022-46894 RESERVED CVE-2022-46893 RESERVED -CVE-2022-4395 - RESERVED +CVE-2022-4395 (The Membership For WooCommerce WordPress plugin before 2.1.7 does not ...) + TODO: check CVE-2022-4394 (The iPages Flipbook For WordPress plugin through 1.4.6 does not saniti ...) NOT-FOR-US: WordPress plugin CVE-2022-4393 (The ImageLinks Interactive Image Builder for WordPress plugin through ...) @@ -13353,8 +13369,8 @@ CVE-2022-4308 RESERVED CVE-2022-4307 (The پلاگین پرد&# ...) NOT-FOR-US: WordPress plugin -CVE-2022-4306 - RESERVED +CVE-2022-4306 (The Panda Pods Repeater Field WordPress plugin before 1.5.4 does not s ...) + TODO: check CVE-2022-4305 (The Login as User or Customer WordPress plugin before 3.3 lacks author ...) NOT-FOR-US: WordPress plugin CVE-2022-4304 @@ -15610,8 +15626,8 @@ CVE-2022-4139 (An incorrect TLB flush issue was found in the Linux kernel’ [buster] - linux <not-affected> (Vulnerable code not present, only affects gen12 video and compute engines) NOTE: https://www.openwall.com/lists/oss-security/2022/11/30/1 NOTE: https://git.kernel.org/linus/04aa64375f48a5d430b5550d9271f8428883e550 -CVE-2022-45897 - RESERVED +CVE-2022-45897 (On Xerox WorkCentre 3550 25.003.03.000 devices, an authenticated attac ...) + TODO: check CVE-2022-45896 (Planet eStream before 6.72.10.07 allows unauthenticated upload of arbi ...) NOT-FOR-US: Planet eStream CVE-2022-45895 (Planet eStream before 6.72.10.07 discloses sensitive information, rela ...) @@ -15903,8 +15919,8 @@ CVE-2022-45791 RESERVED CVE-2022-45790 RESERVED -CVE-2022-45789 - RESERVED +CVE-2022-45789 (A CWE-294: Authentication Bypass by Capture-replay vulnerability exist ...) + TODO: check CVE-2022-45788 (A CWE-754: Improper Check for Unusual or Exceptional Conditions vulner ...) TODO: check CVE-2022-45787 (Unproper laxist permissions on the temporary files used by MIME4J Temp ...) @@ -16761,8 +16777,8 @@ CVE-2022-4043 (The WP Custom Admin Interface WordPress plugin before 7.29 unseri NOT-FOR-US: WordPress plugin CVE-2022-4042 (The Paytium: Mollie payment forms & donations WordPress plugin thr ...) NOT-FOR-US: WordPress plugin -CVE-2022-4041 - RESERVED +CVE-2022-4041 (Incorrect Privilege Assignment vulnerability in Hitachi Storage Plug-i ...) + TODO: check CVE-2022-4040 RESERVED CVE-2022-4039 @@ -18632,8 +18648,8 @@ CVE-2022-44899 RESERVED CVE-2022-44898 (The MsIo64.sys component in Asus Aura Sync through v1.07.79 does not p ...) NOT-FOR-US: Asus Aura Sync -CVE-2022-44897 - RESERVED +CVE-2022-44897 (A cross-site scripting (XSS) vulnerability in ApolloTheme AP PageBuild ...) + TODO: check CVE-2022-44896 RESERVED CVE-2022-44895 @@ -20608,18 +20624,21 @@ CVE-2022-44573 RESERVED CVE-2022-44572 [rack: Forbid control characters in attributes] RESERVED + {DLA-3298-1} - ruby-rack <unfixed> (bug #1029832) NOTE: https://github.com/rack/rack/commit/dc50f8e495f67eb933b1fc33ebee550908d945e6 (v2.0.9.2) NOTE: https://github.com/rack/rack/commit/8291f502b0e1dcf514cc25c34e4bf0beec7a92ae (v2.1.4.2) NOTE: https://github.com/rack/rack/commit/19e49f0f185d7e42ed5b402baec6c897a8c48029 (v2.2.6.1) CVE-2022-44571 [rack: Fix ReDoS vulnerability in multipart parser] RESERVED + {DLA-3298-1} - ruby-rack <unfixed> (bug #1029832) NOTE: https://github.com/rack/rack/commit/4e33ad10bf5f16d25c156f905bcc548e7f787bc3 (v2.0.9.2) NOTE: https://github.com/rack/rack/commit/9b5fb5c7ef0e39b959a6c5c0005d9af44a29d6f8 (v2.1.4.2) NOTE: https://github.com/rack/rack/commit/ee25ab9a7ee981d7578f559701085b0cf39bde77 (v2.2.6.1) CVE-2022-44570 [rack: Fix ReDoS in Rack::Utils.get_byte_ranges] RESERVED + {DLA-3298-1} - ruby-rack <unfixed> (bug #1029832) NOTE: https://github.com/rack/rack/commit/52721ae0b730e3920ad5375dfd5a3ea9b4f9e359 (v2.0.9.2) NOTE: https://github.com/rack/rack/commit/f66ef5c8255dcea82c1b2665fc9ab948b76bb437 (v2.1.4.2) @@ -33681,8 +33700,8 @@ CVE-2022-40260 RESERVED CVE-2022-40259 (AMI MegaRAC Redfish Arbitrary Code Execution ...) NOT-FOR-US: AMI MegaRAC Redfish -CVE-2022-40258 - RESERVED +CVE-2022-40258 (AMI Megarac Weak password hashes for Redfish & API ...) + TODO: check CVE-2022-40257 (An HTML injection vulnerability exists in CERT/CC VINCE software prior ...) NOT-FOR-US: CERT/CC VINCE CVE-2022-40256 @@ -34048,14 +34067,14 @@ CVE-2022-3144 (The Wordfence Security – Firewall & Malware Scan plugin NOT-FOR-US: WordPress plugin CVE-2022-3143 (wildfly-elytron: possible timing attacks via use of unsafe comparator. ...) NOT-FOR-US: WildFly Elytron -CVE-2022-40137 - RESERVED -CVE-2022-40136 - RESERVED -CVE-2022-40135 - RESERVED -CVE-2022-40134 - RESERVED +CVE-2022-40137 (A buffer overflow in the WMI SMI Handler in some Lenovo models may all ...) + TODO: check +CVE-2022-40136 (An information leak vulnerability in SMI Handler used to configure pla ...) + TODO: check +CVE-2022-40135 (An information leak vulnerability in the Smart USB Protection SMI Hand ...) + TODO: check +CVE-2022-40134 (An information leak vulnerability in the SMI Set BIOS Password SMI Han ...) + TODO: check CVE-2022-40127 (A vulnerability in Example Dags of Apache Airflow allows an attacker w ...) - airflow <itp> (bug #819700) CVE-2022-38972 (Cross-site scripting vulnerability in Movable Type plugin A-Form versi ...) @@ -48319,16 +48338,16 @@ CVE-2022-34890 (This vulnerability allows local attackers to disclose sensitive NOT-FOR-US: Parallels CVE-2022-34889 (This vulnerability allows local attackers to escalate privileges on af ...) NOT-FOR-US: Parallels -CVE-2022-34888 - RESERVED +CVE-2022-34888 (The Remote Mount feature can potentially be abused by valid, authentic ...) + TODO: check CVE-2022-34887 RESERVED CVE-2022-34886 RESERVED -CVE-2022-34885 - RESERVED -CVE-2022-34884 - RESERVED +CVE-2022-34885 (An improper input sanitization vulnerability in the Motorola MR2600 ro ...) + TODO: check +CVE-2022-34884 (A buffer overflow exists in the Remote Presence subsystem which can po ...) + TODO: check CVE-2022-34883 (OS Command Injection vulnerability in Hitachi RAID Manager Storage Rep ...) NOT-FOR-US: Hitachi CVE-2022-34882 (Information Exposure Through an Error Message vulnerability in Hitachi ...) @@ -53987,10 +54006,10 @@ CVE-2022-32749 (Improper Check for Unusual or Exceptional Conditions vulnerabili NOTE: https://github.com/apache/trafficserver/pull/9243 NOTE: https://github.com/apache/trafficserver/commit/71a80d1abb3fbcb2e30ff850c8bca0a371589b5a (master) NOTE: https://github.com/apache/trafficserver/commit/590f87304b233791169af3d5899c5ba135bb61fa (9.1.x) -CVE-2022-32748 - RESERVED -CVE-2022-32747 - RESERVED +CVE-2022-32748 (A CWE-295: Improper Certificate Validation vulnerability exists that c ...) + TODO: check +CVE-2022-32747 (A CWE-290: Authentication Bypass by Spoofing vulnerability exists that ...) + TODO: check CVE-2022-32746 (A flaw was found in the Samba AD LDAP server. The AD DC database audit ...) {DSA-5205-1} - samba 2:4.16.4+dfsg-1 (bug #1016449) @@ -54551,42 +54570,42 @@ CVE-2022-2014 (Code Injection in GitHub repository jgraph/drawio prior to 19.0.2 NOT-FOR-US: jgraph/drawio CVE-2022-32530 (A CWE-668 Exposure of Resource to Wrong Sphere vulnerability exists th ...) NOT-FOR-US: Geo SCADA Mobile -CVE-2022-32529 - RESERVED -CVE-2022-32528 - RESERVED -CVE-2022-32527 - RESERVED -CVE-2022-32526 - RESERVED -CVE-2022-32525 - RESERVED -CVE-2022-32524 - RESERVED -CVE-2022-32523 - RESERVED -CVE-2022-32522 - RESERVED -CVE-2022-32521 - RESERVED -CVE-2022-32520 - RESERVED -CVE-2022-32519 - RESERVED -CVE-2022-32518 - RESERVED -CVE-2022-32517 - RESERVED -CVE-2022-32516 - RESERVED -CVE-2022-32515 - RESERVED -CVE-2022-32514 - RESERVED -CVE-2022-32513 - RESERVED -CVE-2022-32512 - RESERVED +CVE-2022-32529 (A CWE-120: Buffer Copy without Checking Size of Input vulnerability ex ...) + TODO: check +CVE-2022-32528 (A CWE-306: Missing Authentication for Critical Function vulnerability ...) + TODO: check +CVE-2022-32527 (A CWE-120: Buffer Copy without Checking Size of Input vulnerability ex ...) + TODO: check +CVE-2022-32526 (A CWE-120: Buffer Copy without Checking Size of Input vulnerability ex ...) + TODO: check +CVE-2022-32525 (A CWE-120: Buffer Copy without Checking Size of Input vulnerability ex ...) + TODO: check +CVE-2022-32524 (A CWE-120: Buffer Copy without Checking Size of Input vulnerability ex ...) + TODO: check +CVE-2022-32523 (A CWE-120: Buffer Copy without Checking Size of Input vulnerability ex ...) + TODO: check +CVE-2022-32522 (A CWE-120: Buffer Copy without Checking Size of Input vulnerability ex ...) + TODO: check +CVE-2022-32521 (A CWE 502: Deserialization of Untrusted Data vulnerability exists that ...) + TODO: check +CVE-2022-32520 (A CWE-522: Insufficiently Protected Credentials vulnerability exists t ...) + TODO: check +CVE-2022-32519 (A CWE-257: Storing Passwords in a Recoverable Format vulnerability exi ...) + TODO: check +CVE-2022-32518 (A CWE-522: Insufficiently Protected Credentials vulnerability exists t ...) + TODO: check +CVE-2022-32517 (A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulne ...) + TODO: check +CVE-2022-32516 (A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists that ...) + TODO: check +CVE-2022-32515 (A CWE-307: Improper Restriction of Excessive Authentication Attempts v ...) + TODO: check +CVE-2022-32514 (A CWE-287: Improper Authentication vulnerability exists that could all ...) + TODO: check +CVE-2022-32513 (A CWE-521: Weak Password Requirements vulnerability exists that could ...) + TODO: check +CVE-2022-32512 (A CWE-119: Improper Restriction of Operations within the Bounds of a M ...) + TODO: check CVE-2022-32511 (jmespath.rb (aka JMESPath for Ruby) before 1.6.1 uses JSON.load in a s ...) - ruby-jmespath 1.6.1-1 (bug #1014807) [bullseye] - ruby-jmespath <no-dsa> (Minor issue) @@ -58704,6 +58723,7 @@ CVE-2022-31131 (Nextcloud mail is a Mail app for the Nextcloud home server produ CVE-2022-31130 (Grafana is an open source observability and data visualization platfor ...) - grafana <removed> CVE-2022-31129 (moment is a JavaScript date library for parsing, validating, manipulat ...) + {DLA-3295-1} - node-moment 2.29.4+ds-1 (bug #1014845) [bullseye] - node-moment 2.29.1+ds-2+deb11u2 NOTE: https://github.com/moment/moment/commit/9a3b5894f3d5d602948ac8a02e4ee528a49ca3a3 (2.29.4) @@ -60958,8 +60978,8 @@ CVE-2022-30423 (Merchandise Online Store v1.0 by oretnom23 has an arbitrary code NOT-FOR-US: Merchandise Online Store CVE-2022-30422 (Proietti Tech srl Planet Time Enterprise 4.2.0.1,4.2.0.0,4.1.0.0,4.0.0 ...) NOT-FOR-US: Proietti Tech srl Planet Time Enterprise -CVE-2022-30421 - RESERVED +CVE-2022-30421 (Improper Authentication vulnerability in Toshiba Storage Security Soft ...) + TODO: check CVE-2022-30420 RESERVED CVE-2022-30419 @@ -69436,10 +69456,10 @@ CVE-2022-27540 RESERVED CVE-2022-27539 RESERVED -CVE-2022-27538 - RESERVED -CVE-2022-27537 - RESERVED +CVE-2022-27538 (A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has be ...) + TODO: check +CVE-2022-27537 (Potential vulnerabilities have been identified in the system BIOS of c ...) + TODO: check CVE-2022-27536 (Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be ca ...) - golang-1.18 <not-affected> (MacOS-specific) - golang-1.17 <not-affected> (MacOS-specific) @@ -73842,8 +73862,8 @@ CVE-2022-25982 RESERVED CVE-2022-25981 RESERVED -CVE-2022-25979 - RESERVED +CVE-2022-25979 (Versions of the package jsuites before 5.0.1 are vulnerable to Cross-s ...) + TODO: check CVE-2022-25978 RESERVED CVE-2022-25977 @@ -74000,8 +74020,8 @@ CVE-2022-25883 RESERVED CVE-2022-25882 (Versions of the package onnx before 1.13.0 are vulnerable to Directory ...) TODO: check -CVE-2022-25881 - RESERVED +CVE-2022-25881 (This affects versions of the package http-cache-semantics before 4.1.1 ...) + TODO: check CVE-2022-25879 RESERVED CVE-2022-25878 (The package protobufjs before 6.11.3 are vulnerable to Prototype Pollu ...) @@ -74109,6 +74129,7 @@ CVE-2022-25759 (The package convert-svg-core before 0.6.2 are vulnerable to Remo CVE-2022-25758 (All versions of package scss-tokenizer are vulnerable to Regular Expre ...) - node-scss-tokenizer <itp> (bug #885456) CVE-2022-25648 (The package git before 1.11.0 are vulnerable to Command Injection via ...) + {DLA-3303-1} - ruby-git 1.13.1-1 (bug #1009926) [bullseye] - ruby-git <no-dsa> (Minor issue) NOTE: https://github.com/ruby-git/ruby-git/pull/569 @@ -74322,8 +74343,8 @@ CVE-2022-21149 (The package s-cart/s-cart before 6.9; the package s-cart/core be NOT-FOR-US: s-cart/core CVE-2022-21144 (This affects all versions of package libxmljs. When invoking the libxm ...) NOT-FOR-US: Node libxmljs -CVE-2022-21129 - RESERVED +CVE-2022-21129 (Versions of the package nemo-appium before 0.0.9 are vulnerable to Com ...) + TODO: check CVE-2022-21126 (The package com.github.samtools:htsjdk before 3.0.1 are vulnerable to ...) TODO: check CVE-2022-21122 (The package metacalc before 0.0.2 are vulnerable to Arbitrary Code Exe ...) @@ -76730,6 +76751,7 @@ CVE-2022-25001 CVE-2022-25000 RESERVED CVE-2022-24999 (qs before 6.10.3, as used in Express before 4.17.3 and other products, ...) + {DLA-3299-1} - node-qs 6.10.3+ds+~6.9.7-1 [bullseye] - node-qs 6.9.4+ds-1+deb11u1 NOTE: https://github.com/ljharb/qs/pull/428 @@ -77433,6 +77455,7 @@ CVE-2022-24786 (PJSIP is a free and open source multimedia communication library NOTE: https://github.com/pjsip/pjproject/security/advisories/GHSA-vhxv-phmx-g52q NOTE: https://github.com/pjsip/pjproject/commit/11559e49e65bdf00922ad5ae28913ec6a198d508 CVE-2022-24785 (Moment.js is a JavaScript date library for parsing, validating, manipu ...) + {DLA-3295-1} - node-moment 2.29.2+ds-1 (bug #1009327) [bullseye] - node-moment 2.29.1+ds-2+deb11u1 [stretch] - node-moment <end-of-life> (Nodejs in stretch not covered by security support) @@ -82231,12 +82254,12 @@ CVE-2022-0299 RESERVED CVE-2022-23456 (Potential arbitrary file deletion vulnerability has been identified in ...) NOT-FOR-US: HP -CVE-2022-23455 - RESERVED -CVE-2022-23454 - RESERVED -CVE-2022-23453 - RESERVED +CVE-2022-23455 (Potential security vulnerabilities have been identified in HP Support ...) + TODO: check +CVE-2022-23454 (Potential security vulnerabilities have been identified in HP Support ...) + TODO: check +CVE-2022-23453 (Potential security vulnerabilities have been identified in HP Support ...) + TODO: check CVE-2022-23452 (An authorization flaw was found in openstack-barbican, where anyone wi ...) - barbican 1:14.0.0~rc1-2 [bullseye] - barbican <no-dsa> (Minor issue) @@ -83361,8 +83384,8 @@ CVE-2022-0225 (A flaw was found in Keycloak. This flaw allows a privileged attac NOT-FOR-US: Keycloak CVE-2022-0224 (dolibarr is vulnerable to Improper Neutralization of Special Elements ...) - dolibarr <removed> -CVE-2022-0223 - RESERVED +CVE-2022-0223 (A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ...) + TODO: check CVE-2022-0222 (A CWE-269: Improper Privilege Management vulnerability exists that cou ...) NOT-FOR-US: Modicon CVE-2022-0221 (A CWE-611: Improper Restriction of XML External Entity Reference vulne ...) @@ -85240,10 +85263,10 @@ CVE-2021-46152 (A vulnerability has been identified in Simcenter Femap V2020.2 ( NOT-FOR-US: Siemens CVE-2021-46151 (A vulnerability has been identified in Simcenter Femap V2020.2 (All ve ...) NOT-FOR-US: Siemens -CVE-2022-22732 - RESERVED -CVE-2022-22731 - RESERVED +CVE-2022-22732 (A CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists t ...) + TODO: check +CVE-2022-22731 (A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ...) + TODO: check CVE-2022-0144 (shelljs is vulnerable to Improper Privilege Management ...) - node-shelljs 0.8.5+~cs0.8.10-1 [bullseye] - node-shelljs <no-dsa> (Minor issue) @@ -104692,10 +104715,10 @@ CVE-2021-3811 (adminlte is vulnerable to Improper Neutralization of Input During NOT-FOR-US: adminlte CVE-2021-3810 (code-server is vulnerable to Inefficient Regular Expression Complexity ...) NOT-FOR-US: code-server -CVE-2021-3809 - RESERVED -CVE-2021-3808 - RESERVED +CVE-2021-3809 (Potential security vulnerabilities have been identified in the BIOS (U ...) + TODO: check +CVE-2021-3808 (Potential security vulnerabilities have been identified in the BIOS (U ...) + TODO: check CVE-2021-3807 (ansi-regex is vulnerable to Inefficient Regular Expression Complexity ...) - node-ansi-regex 5.0.1-1 (bug #994568) [bullseye] - node-ansi-regex 5.0.1-1~deb11u1 @@ -138106,8 +138129,8 @@ CVE-2021-3441 (A potential security vulnerability has been identified for the HP NOT-FOR-US: HP CVE-2021-3440 (HP Print and Scan Doctor, an application within the HP Smart App for W ...) NOT-FOR-US: HP -CVE-2021-3439 - RESERVED +CVE-2021-3439 (HP has identified a potential vulnerability in BIOS firmware of some W ...) + TODO: check CVE-2021-3438 (A potential buffer overflow in the software drivers for certain HP Las ...) NOT-FOR-US: HP LaserJet products and Samsung product printers CVE-2021-3437 (Potential security vulnerabilities have been identified in an OMEN Gam ...) @@ -219714,7 +219737,7 @@ CVE-2020-8185 (A denial of service vulnerability exists in Rails <6.0.3.2 tha - rails <not-affected> (Introduced in rails 6.x) NOTE: https://groups.google.com/g/rubyonrails-security/c/pAe9EV8gbM0 CVE-2020-8184 (A reliance on cookies without validation/integrity check security vuln ...) - {DLA-2275-1} + {DLA-3298-1 DLA-2275-1} - ruby-rack 2.1.1-6 (bug #963477) NOTE: https://hackerone.com/reports/895727 NOTE: Fixed by: https://github.com/rack/rack/commit/1f5763de6a9fe515ff84992b343d63c88104654c @@ -219813,7 +219836,7 @@ CVE-2020-8162 (A client side enforcement of server side security vulnerability e NOTE: https://weblog.rubyonrails.org/2020/5/18/Rails-5-2-4-3-and-6-0-3-1-have-been-released NOTE: https://github.com/rails/rails/commit/e8df5648515a0e8324d3b3c4bdb7bde6802cd8be (5.2) CVE-2020-8161 (A directory traversal vulnerability exists in rack < 2.2.0 that all ...) - {DLA-2275-1 DLA-2216-1} + {DLA-3298-1 DLA-2275-1 DLA-2216-1} - ruby-rack 2.1.1-5 NOTE: https://groups.google.com/forum/#!msg/rubyonrails-security/IOO1vNZTzPA/Ylzi1UYLAAAJ NOTE: Fixed by: https://github.com/rack/rack/commit/dddb7ad18ed79ca6ab06ccc417a169fde451246e View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14a1bfefebed3975fdfac231624773aa001d028c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14a1bfefebed3975fdfac231624773aa001d028c You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits