[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sun, 12 Jun 2022 13:10:34 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
695bb17c by security tracker role at 2022-06-12T20:10:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2022-2054 (Command Injection in GitHub repository nuitka/nuitka prior to 
0.9. ...)
+       TODO: check
 CVE-2022-32985
        RESERVED
 CVE-2022-32984
@@ -1088,11 +1090,13 @@ CVE-2022-2012
        RESERVED
 CVE-2022-2011
        RESERVED
+       {DSA-5163-1}
        - chromium 102.0.5005.115-1
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-2010
        RESERVED
+       {DSA-5163-1}
        - chromium 102.0.5005.115-1
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
@@ -1100,11 +1104,13 @@ CVE-2022-2009
        RESERVED
 CVE-2022-2008
        RESERVED
+       {DSA-5163-1}
        - chromium 102.0.5005.115-1
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-2007
        RESERVED
+       {DSA-5163-1}
        - chromium 102.0.5005.115-1
        [buster] - chromium <end-of-life> (see DSA 5046)
        [stretch] - chromium <end-of-life> (see DSA 4562)
@@ -1643,18 +1649,18 @@ CVE-2018-25041
        RESERVED
 CVE-2018-25040
        RESERVED
-CVE-2018-25039
-       RESERVED
-CVE-2018-25038
-       RESERVED
-CVE-2018-25037
-       RESERVED
-CVE-2018-25036
-       RESERVED
-CVE-2018-25035
-       RESERVED
-CVE-2018-25034
-       RESERVED
+CVE-2018-25039 (A vulnerability was found in Thomson TCW710 ST5D.10.05. It has 
been de ...)
+       TODO: check
+CVE-2018-25038 (A vulnerability was found in Thomson TCW710 ST5D.10.05. It has 
been cl ...)
+       TODO: check
+CVE-2018-25037 (A vulnerability was found in Thomson TCW710 ST5D.10.05 and 
classified  ...)
+       TODO: check
+CVE-2018-25036 (A vulnerability has been found in Thomson TCW710 ST5D.10.05 
and classi ...)
+       TODO: check
+CVE-2018-25035 (A vulnerability, which was classified as problematic, was 
found in Tho ...)
+       TODO: check
+CVE-2018-25034 (A vulnerability, which was classified as problematic, has been 
found i ...)
+       TODO: check
 CVE-2017-20017 (A vulnerability, which was classified as critical, has been 
found in T ...)
        NOT-FOR-US: Genealogy Sitebuilding
 CVE-2020-36544 (A vulnerability has been found in SialWeb CMS and classified 
as proble ...)
@@ -5050,6 +5056,7 @@ CVE-2022-31031 (PJSIP is a free and open source 
multimedia communication library
        NOTE: 
https://github.com/pjsip/pjproject/commit/450baca94f475345542c6953832650c390889202
        TODO: check impact for src:asterisk and src:ring and update entry
 CVE-2022-31030 (containerd is an open source container runtime. A bug was 
found in the ...)
+       {DSA-5162-1}
        - containerd 1.6.6~ds1-1
        NOTE: 
https://github.com/containerd/containerd/security/advisories/GHSA-5ffw-gxpp-mxpf
 CVE-2022-31029
@@ -23213,6 +23220,7 @@ CVE-2022-24771 (Forge (also called `node-forge`) is a 
native implementation of T
 CVE-2022-24770 (`gradio` is an open source framework for building interactive 
machine  ...)
        NOT-FOR-US: gradio
 CVE-2022-24769 (Moby is an open-source project created by Docker to enable and 
acceler ...)
+       {DSA-5162-1}
        - containerd 1.6.2~ds1-1
        NOTE: 
https://github.com/containerd/containerd/security/advisories/GHSA-c9cp-9c75-9v8c
 CVE-2022-24768 (Argo CD is a declarative, GitOps continuous delivery tool for 
Kubernet ...)
@@ -48963,10 +48971,10 @@ CVE-2021-41751 (Buffer overflow vulnerability in file 
ecma-builtin-array-prototy
        [buster] - iotjs <no-dsa> (Minor issue)
        NOTE: https://github.com/jerryscript-project/jerryscript/pull/4797
        NOTE: 
https://github.com/jerryscript-project/jerryscript/commit/4912e3b739f4d00e51a46d883b020d2208be28a2
-CVE-2021-41750
-       RESERVED
-CVE-2021-41749
-       RESERVED
+CVE-2021-41750 (A cross-site scripting (XSS) vulnerability in the SEOmatic 
plugin 3.4. ...)
+       TODO: check
+CVE-2021-41749 (In the SEOmatic plugin up to 3.4.11 for Craft CMS 3, it is 
possible fo ...)
+       TODO: check
 CVE-2021-41748
        REJECTED
 CVE-2021-41747 (Cross-Site Scripting (XSS) vulnerability exists in Csdn APP 
4.10.0, wh ...)
@@ -49198,8 +49206,8 @@ CVE-2021-41643 (Remote Code Execution (RCE) 
vulnerability exists in Sourcecodest
        NOT-FOR-US: Sourcecodester
 CVE-2021-41642
        RESERVED
-CVE-2021-41641
-       RESERVED
+CVE-2021-41641 (Deno &lt;=1.14.0 file sandbox does not handle symbolic links 
correctly ...)
+       TODO: check
 CVE-2021-41640
        RESERVED
 CVE-2021-41639



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/695bb17c9c66293655c19271a0aa04c31b677242

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/695bb17c9c66293655c19271a0aa04c31b677242
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to