[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sun, 03 Apr 2022 13:10:37 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
cd359505 by security tracker role at 2022-04-03T20:10:22+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,13 @@
+CVE-2022-28381 (Mediaserver.exe in ALLMediaServer 1.6 has a stack-based buffer 
overflo ...)
+       TODO: check
+CVE-2022-28380 (The rc-httpd component through 2022-03-31 for 9front (Plan 9 
fork) all ...)
+       TODO: check
+CVE-2022-28379 (jc21.com Nginx Proxy Manager before 2.9.17 allows XSS during 
item dele ...)
+       TODO: check
+CVE-2022-28378 (Craft CMS before 3.7.29 allows XSS. ...)
+       TODO: check
+CVE-2022-1211 (A vulnerability classified as critical has been found in 
tildearrow Fu ...)
+       TODO: check
 CVE-2022-28377
        RESERVED
 CVE-2022-28376 (Verizon LVSKIHP 5G outside devices through 2022-02-15 allow 
anyone (kn ...)
@@ -54,8 +64,7 @@ CVE-2022-28354
        RESERVED
 CVE-2022-28353
        RESERVED
-CVE-2022-1210 [Tiff conversion to PS crashed due to incorrect memory size 
request]
-       RESERVED
+CVE-2022-1210 (A vulnerability classified as problematic was found in LibTIFF 
4.3.0.  ...)
        - tiff <unfixed>
        NOTE: https://gitlab.com/libtiff/libtiff/-/issues/402
 CVE-2021-46782
@@ -768,31 +777,37 @@ CVE-2022-1147
        RESERVED
 CVE-2022-1146
        RESERVED
+       {DSA-5112-1}
        - chromium 100.0.4896.60-1
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-1145
        RESERVED
+       {DSA-5112-1}
        - chromium 100.0.4896.60-1
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-1144
        RESERVED
+       {DSA-5112-1}
        - chromium 100.0.4896.60-1
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-1143
        RESERVED
+       {DSA-5112-1}
        - chromium 100.0.4896.60-1
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-1142
        RESERVED
+       {DSA-5112-1}
        - chromium 100.0.4896.60-1
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-1141
        RESERVED
+       {DSA-5112-1}
        - chromium 100.0.4896.60-1
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
@@ -800,66 +815,79 @@ CVE-2022-1140
        RESERVED
 CVE-2022-1139
        RESERVED
+       {DSA-5112-1}
        - chromium 100.0.4896.60-1
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-1138
        RESERVED
+       {DSA-5112-1}
        - chromium 100.0.4896.60-1
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-1137
        RESERVED
+       {DSA-5112-1}
        - chromium 100.0.4896.60-1
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-1136
        RESERVED
+       {DSA-5112-1}
        - chromium 100.0.4896.60-1
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-1135
        RESERVED
+       {DSA-5112-1}
        - chromium 100.0.4896.60-1
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-1134
        RESERVED
+       {DSA-5112-1}
        - chromium 100.0.4896.60-1
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-1133
        RESERVED
+       {DSA-5112-1}
        - chromium 100.0.4896.60-1
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-1132
        RESERVED
+       {DSA-5112-1}
        - chromium 100.0.4896.60-1
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-1131
        RESERVED
+       {DSA-5112-1}
        - chromium 100.0.4896.60-1
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-1130
        RESERVED
+       {DSA-5112-1}
        - chromium 100.0.4896.60-1
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-1129
        RESERVED
+       {DSA-5112-1}
        - chromium 100.0.4896.60-1
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-1128
        RESERVED
+       {DSA-5112-1}
        - chromium 100.0.4896.60-1
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-1127
        RESERVED
+       {DSA-5112-1}
        - chromium 100.0.4896.60-1
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
@@ -867,6 +895,7 @@ CVE-2022-1126
        RESERVED
 CVE-2022-1125
        RESERVED
+       {DSA-5112-1}
        - chromium 100.0.4896.60-1
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
@@ -11895,10 +11924,10 @@ CVE-2022-0407 (Heap-based Buffer Overflow in GitHub 
repository vim/vim prior to
        NOTE: 
https://github.com/vim/vim/commit/44db8213d38c39877d2148eff6a72f4beccfb94e 
(v8.2.4219)
 CVE-2022-24112 (An attacker can abuse the batch-requests plugin to send 
requests to by ...)
        NOT-FOR-US: Apache APISIX
-CVE-2022-0406
-       RESERVED
-CVE-2022-0405
-       RESERVED
+CVE-2022-0406 (Improper Authorization in GitHub repository 
janeczku/calibre-web prior ...)
+       TODO: check
+CVE-2022-0405 (Improper Access Control in GitHub repository 
janeczku/calibre-web prio ...)
+       TODO: check
 CVE-2022-0404
        RESERVED
 CVE-2022-0403
@@ -17936,8 +17965,8 @@ CVE-2022-0090 (An issue has been discovered affecting 
GitLab versions prior to 1
        - gitlab <unfixed>
 CVE-2022-0089
        RESERVED
-CVE-2022-0088
-       RESERVED
+CVE-2022-0088 (Cross-Site Request Forgery (CSRF) in GitHub repository 
yourls/yourls p ...)
+       TODO: check
 CVE-2021-46140
        RESERVED
 CVE-2021-46139



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd359505d5588e6ae7cfdd0c68167094dcdb3d85

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd359505d5588e6ae7cfdd0c68167094dcdb3d85
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to