Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
babd4332 by security tracker role at 2022-06-13T08:10:11+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,11 @@
+CVE-2022-2058
+ RESERVED
+CVE-2022-2057
+ RESERVED
+CVE-2022-2056
+ RESERVED
+CVE-2022-2055
+ RESERVED
CVE-2022-2054 (Command Injection in GitHub repository nuitka/nuitka prior to
0.9. ...)
- nuitka <unfixed>
[bullseye] - nuitka <no-dsa> (Minor issue)
@@ -1088,8 +1096,8 @@ CVE-2022-32500
RESERVED
CVE-2022-32499
RESERVED
-CVE-2022-2013
- RESERVED
+CVE-2022-2013 (In Octopus Server after version 2022.1.1495 and before
2022.1.2647 if ...)
+ TODO: check
CVE-2022-2012
RESERVED
CVE-2022-2011
@@ -6258,12 +6266,12 @@ CVE-2022-30618 (An authenticated user with access to
the Strapi admin panel can
NOT-FOR-US: Strapi
CVE-2022-30617 (An authenticated user with access to the Strapi admin panel
can view p ...)
NOT-FOR-US: Strapi
-CVE-2022-29525
- RESERVED
-CVE-2022-28704
- RESERVED
-CVE-2022-26834
- RESERVED
+CVE-2022-29525 (Rakuten Casa version AP_F_V1_4_1 or AP_F_V2_0_0 uses a
hard-coded cred ...)
+ TODO: check
+CVE-2022-28704 (Improper access control vulnerability in Rakuten Casa version
AP_F_V1_ ...)
+ TODO: check
+CVE-2022-26834 (Improper access control vulnerability in Rakuten Casa version
AP_F_V1_ ...)
+ TODO: check
CVE-2022-1705
RESERVED
CVE-2022-1704
@@ -6306,8 +6314,8 @@ CVE-2022-29522
RESERVED
CVE-2022-29482
RESERVED
-CVE-2022-27231
- RESERVED
+CVE-2022-27231 (Cross-site scripting vulnerability exists in WP Statistics
versions pr ...)
+ TODO: check
CVE-2022-26302
RESERVED
CVE-2022-1699 (Uncontrolled Resource Consumption in GitHub repository
causefx/organiz ...)
@@ -7112,8 +7120,8 @@ CVE-2022-30336
RESERVED
CVE-2022-30335 (Bonanza Wealth Management System (BWM) 7.3.2 allows SQL
injection via ...)
NOT-FOR-US: Bonanza Wealth Management System
-CVE-2022-26041
- RESERVED
+CVE-2022-26041 (Directory traversal vulnerability in RCCMD 4.26 and earlier
allows a r ...)
+ TODO: check
CVE-2022-1623 (LibTIFF master branch has an out-of-bounds read in LZWDecode in
libtif ...)
- tiff <unfixed>
[bullseye] - tiff <no-dsa> (Minor issue)
@@ -7302,8 +7310,8 @@ CVE-2022-30293 (In WebKitGTK through 2.36.0 (and WPE
WebKit), there is a heap-ba
- webkit2gtk 2.36.1-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
- wpewebkit 2.36.1-1
-CVE-2022-29894
- RESERVED
+CVE-2022-29894 (Strapi v3.x.x versions and earlier contain a stored cross-site
scripti ...)
+ TODO: check
CVE-2022-1602
RESERVED
CVE-2022-1601
@@ -8915,8 +8923,8 @@ CVE-2022-29790 (The graphics acceleration service has a
vulnerability in multi-t
NOT-FOR-US: Huawei
CVE-2022-29789 (The HiAIserver has a vulnerability in verifying the validity
of the pr ...)
NOT-FOR-US: Huawei
-CVE-2022-27174
- RESERVED
+CVE-2022-27174 (Cross-site request forgery (CSRF) vulnerability in Easy Blog
for EC-CU ...)
+ TODO: check
CVE-2022-1465 (The WPC Smart Wishlist for WooCommerce WordPress plugin before
2.9.9 d ...)
NOT-FOR-US: WordPress plugin
CVE-2022-1464 (Stored xss bug in GitHub repository gogs/gogs prior to 0.12.7.
As the ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/babd433266e4dd51908e242ea5335be391303766
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/babd433266e4dd51908e242ea5335be391303766
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
