[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sun, 31 Jul 2022 13:10:47 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
7d7dab8c by security tracker role at 2022-07-31T20:10:28+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2022-2591 (A vulnerability classified as critical has been found in TEM 
FLEX-1085 ...)
+       TODO: check
 CVE-2022-37040
        RESERVED
 CVE-2022-37039
@@ -3240,8 +3242,8 @@ CVE-2022-35718
        RESERVED
 CVE-2022-35717
        RESERVED
-CVE-2022-35716
-       RESERVED
+CVE-2022-35716 (IBM UrbanCode Deploy (UCD) 6.2.0.0 through 6.2.7.16, 7.0.0.0 
through 7 ...)
+       TODO: check
 CVE-2022-35715
        RESERVED
 CVE-2022-35714
@@ -6817,8 +6819,8 @@ CVE-2022-34340
        RESERVED
 CVE-2022-34339
        RESERVED
-CVE-2022-34338
-       RESERVED
+CVE-2022-34338 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 
could disclo ...)
+       TODO: check
 CVE-2022-34337
        RESERVED
 CVE-2022-34336
@@ -9708,8 +9710,8 @@ CVE-2022-33171 (** DISPUTED ** The findOne function in 
TypeORM before 0.3.0 can
        NOT-FOR-US: TypeORM
 CVE-2022-33170
        RESERVED
-CVE-2022-33169
-       RESERVED
+CVE-2022-33169 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is 
vulnerabl ...)
+       TODO: check
 CVE-2022-33168
        RESERVED
 CVE-2022-33167
@@ -10707,8 +10709,8 @@ CVE-2022-32752
        RESERVED
 CVE-2022-32751
        RESERVED
-CVE-2022-32750
-       RESERVED
+CVE-2022-32750 (IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 
through 10.0 ...)
+       TODO: check
 CVE-2022-32749
        RESERVED
 CVE-2022-32748
@@ -13353,12 +13355,12 @@ CVE-2022-31778
        RESERVED
 CVE-2022-31777
        RESERVED
-CVE-2022-31776
-       RESERVED
-CVE-2022-31775
-       RESERVED
-CVE-2022-31774
-       RESERVED
+CVE-2022-31776 (IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 
through 10.0 ...)
+       TODO: check
+CVE-2022-31775 (IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 
through 10.0 ...)
+       TODO: check
+CVE-2022-31774 (IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 
through 10.0 ...)
+       TODO: check
 CVE-2022-31773
        RESERVED
 CVE-2022-31772
@@ -16792,8 +16794,8 @@ CVE-2022-1701 (SonicWall SMA1000 series firmware 
12.4.0, 12.4.1-02965 and earlie
        NOT-FOR-US: SonicWall
 CVE-2022-1700
        RESERVED
-CVE-2022-30616
-       RESERVED
+CVE-2022-30616 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 
could allow  ...)
+       TODO: check
 CVE-2022-30615
        RESERVED
 CVE-2022-30614
@@ -32230,6 +32232,7 @@ CVE-2022-0657 (The 5 Stars Rating Funnel WordPress 
Plugin | RRatingg WordPress p
 CVE-2022-0656 (The Web To Print Shop : uDraw WordPress plugin before 3.3.3 
does not v ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-26520 (** DISPUTED ** In pgjdbc before 42.3.3, an attacker (who 
controls the  ...)
+       {DSA-5196-1}
        - libpgjava 42.3.3-1
        [stretch] - libpgjava <no-dsa> (Requires control over connection 
properties)
        NOTE: 
https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-673j-qm5f-xpv8
@@ -42367,8 +42370,8 @@ CVE-2022-22507
        RESERVED
 CVE-2022-22506
        RESERVED
-CVE-2022-22505
-       RESERVED
+CVE-2022-22505 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 
contains a v ...)
+       TODO: check
 CVE-2022-22504
        RESERVED
 CVE-2022-22503
@@ -42709,8 +42712,8 @@ CVE-2022-22336 (IBM Sterling External Authentication 
Server and IBM Sterling Sec
        NOT-FOR-US: IBM
 CVE-2022-22335
        RESERVED
-CVE-2022-22334
-       RESERVED
+CVE-2022-22334 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 
could allow  ...)
+       TODO: check
 CVE-2022-22333 (IBM Sterling Secure Proxy 6.0.3.0, 6.0.2.0, and 3.4.3.2 and 
IBM Sterli ...)
        NOT-FOR-US: IBM
 CVE-2022-22332 (IBM Sterling Partner Engagement Manager 6.2.0 could allow an 
attacker  ...)
@@ -42725,8 +42728,8 @@ CVE-2022-22328 (IBM SterlingPartner Engagement Manager 
6.2.0 could allow a malic
        NOT-FOR-US: IBM
 CVE-2022-22327 (IBM UrbanCode Deploy (UCD) 7.0.5, 7.1.0, 7.1.1, and 7.1.2 uses 
weaker  ...)
        NOT-FOR-US: IBM
-CVE-2022-22326
-       RESERVED
+CVE-2022-22326 (IBM Datapower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 
through 10.0 ...)
+       TODO: check
 CVE-2022-22325 (IBM MQ (IBM MQ for HPE NonStop 8.1.0) can inadvertently 
disclose sensi ...)
        NOT-FOR-US: IBM
 CVE-2022-22324
@@ -50470,7 +50473,7 @@ CVE-2022-21726 (Tensorflow is an Open Source Machine 
Learning Framework. The imp
 CVE-2022-21725 (Tensorflow is an Open Source Machine Learning Framework. The 
estimator ...)
        - tensorflow <itp> (bug #804612)
 CVE-2022-21724 (pgjdbc is the offical PostgreSQL JDBC Driver. A security hole 
was foun ...)
-       {DLA-3018-1}
+       {DSA-5196-1 DLA-3018-1}
        - libpgjava 42.3.2-1
        NOTE: 
https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-v7wg-cpwc-24m4
        NOTE: 
https://github.com/pgjdbc/pgjdbc/commit/f4d0ed69c0b3aae8531d83d6af4c57f22312c813
 (REL42.3.2)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d7dab8c66d0f52456598610b167d264cc112fc1

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d7dab8c66d0f52456598610b167d264cc112fc1
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to