Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
be9b0c9e by security tracker role at 2022-08-02T08:10:19+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,121 @@
+CVE-2022-37348
+ RESERVED
+CVE-2022-37347
+ RESERVED
+CVE-2022-37341
+ RESERVED
+CVE-2022-37340
+ RESERVED
+CVE-2022-37326
+ RESERVED
+CVE-2022-37325
+ RESERVED
+CVE-2022-37324
+ RESERVED
+CVE-2022-37323
+ RESERVED
+CVE-2022-37322
+ RESERVED
+CVE-2022-37321
+ RESERVED
+CVE-2022-37320
+ RESERVED
+CVE-2022-37319
+ RESERVED
+CVE-2022-37318
+ RESERVED
+CVE-2022-37317
+ RESERVED
+CVE-2022-37316
+ RESERVED
+CVE-2022-37315 (graphql-go (aka GraphQL for Go) through 0.8.0 has infinite
recursion i ...)
+ TODO: check
+CVE-2022-37314
+ RESERVED
+CVE-2022-37313
+ RESERVED
+CVE-2022-37312
+ RESERVED
+CVE-2022-37311
+ RESERVED
+CVE-2022-37310
+ RESERVED
+CVE-2022-37309
+ RESERVED
+CVE-2022-37308
+ RESERVED
+CVE-2022-37307
+ RESERVED
+CVE-2022-37306
+ RESERVED
+CVE-2022-37305
+ RESERVED
+CVE-2022-36426
+ RESERVED
+CVE-2022-36397
+ RESERVED
+CVE-2022-36369
+ RESERVED
+CVE-2022-36353
+ RESERVED
+CVE-2022-36348
+ RESERVED
+CVE-2022-36291
+ RESERVED
+CVE-2022-36281
+ RESERVED
+CVE-2022-33940
+ RESERVED
+CVE-2022-2625
+ RESERVED
+CVE-2022-2624
+ RESERVED
+CVE-2022-2623
+ RESERVED
+CVE-2022-2622
+ RESERVED
+CVE-2022-2621
+ RESERVED
+CVE-2022-2620
+ RESERVED
+CVE-2022-2619
+ RESERVED
+CVE-2022-2618
+ RESERVED
+CVE-2022-2617
+ RESERVED
+CVE-2022-2616
+ RESERVED
+CVE-2022-2615
+ RESERVED
+CVE-2022-2614
+ RESERVED
+CVE-2022-2613
+ RESERVED
+CVE-2022-2612
+ RESERVED
+CVE-2022-2611
+ RESERVED
+CVE-2022-2610
+ RESERVED
+CVE-2022-2609
+ RESERVED
+CVE-2022-2608
+ RESERVED
+CVE-2022-2607
+ RESERVED
+CVE-2022-2606
+ RESERVED
+CVE-2022-2605
+ RESERVED
+CVE-2022-2604
+ RESERVED
+CVE-2022-2603
+ RESERVED
+CVE-2022-2602
+ RESERVED
+CVE-2021-46831
+ RESERVED
CVE-2022-37304
RESERVED
CVE-2022-37303
@@ -3301,22 +3419,22 @@ CVE-2022-35924
RESERVED
CVE-2022-35923
RESERVED
-CVE-2022-35922
- RESERVED
-CVE-2022-35921
- RESERVED
-CVE-2022-35920
- RESERVED
-CVE-2022-35919
- RESERVED
-CVE-2022-35918
- RESERVED
-CVE-2022-35917
- RESERVED
-CVE-2022-35916
- RESERVED
-CVE-2022-35915
- RESERVED
+CVE-2022-35922 (Rust-WebSocket is a WebSocket (RFC6455) library written in
Rust. In ve ...)
+ TODO: check
+CVE-2022-35921 (fof/byobu is a private discussions extension for Flarum forum.
Affecte ...)
+ TODO: check
+CVE-2022-35920 (Sanic is an opensource python web server/framework. Affected
versions ...)
+ TODO: check
+CVE-2022-35919 (MinIO is a High Performance Object Storage released under GNU
Affero G ...)
+ TODO: check
+CVE-2022-35918 (Streamlit is a data oriented application development framework
for pyt ...)
+ TODO: check
+CVE-2022-35917 (Solana Pay is a protocol and set of reference implementations
that ena ...)
+ TODO: check
+CVE-2022-35916 (OpenZeppelin Contracts is a library for secure smart contract
developm ...)
+ TODO: check
+CVE-2022-35915 (OpenZeppelin Contracts is a library for secure smart contract
developm ...)
+ TODO: check
CVE-2022-35914
RESERVED
CVE-2022-35913
@@ -4485,10 +4603,10 @@ CVE-2022-35424
RESERVED
CVE-2022-35423
RESERVED
-CVE-2022-35422
- RESERVED
-CVE-2022-35421
- RESERVED
+CVE-2022-35422 (Web Based Quiz System v1.0 was discovered to contain a SQL
injection v ...)
+ TODO: check
+CVE-2022-35421 (Online Tours And Travels Management System v1.0 was discovered
to cont ...)
+ TODO: check
CVE-2022-35420
RESERVED
CVE-2022-35419
@@ -5008,8 +5126,8 @@ CVE-2022-35219
RESERVED
CVE-2022-35218
RESERVED
-CVE-2022-35217
- RESERVED
+CVE-2022-35217 (The NHI card’s web service component has a stack-based
buffer ov ...)
+ TODO: check
CVE-2022-35216
RESERVED
CVE-2022-2320 [ZDI-CAN-16070: X.Org Server ProcXkbSetDeviceInfo Out-Of-Bounds
Access]
@@ -5248,8 +5366,8 @@ CVE-2022-35120
RESERVED
CVE-2022-35119
RESERVED
-CVE-2022-35118
- RESERVED
+CVE-2022-35118 (PyroCMS v3.9 was discovered to contain multiple cross-site
scripting ( ...)
+ TODO: check
CVE-2022-35117
RESERVED
CVE-2022-35116
@@ -5572,30 +5690,30 @@ CVE-2022-34958
RESERVED
CVE-2022-34957
RESERVED
-CVE-2022-34956
- RESERVED
-CVE-2022-34955
- RESERVED
-CVE-2022-34954
- RESERVED
-CVE-2022-34953
- RESERVED
-CVE-2022-34952
- RESERVED
-CVE-2022-34951
- RESERVED
-CVE-2022-34950
- RESERVED
-CVE-2022-34949
- RESERVED
-CVE-2022-34948
- RESERVED
-CVE-2022-34947
- RESERVED
-CVE-2022-34946
- RESERVED
-CVE-2022-34945
- RESERVED
+CVE-2022-34956 (Pligg CMS v2.0.2 was discovered to contain a time-based SQL
injection ...)
+ TODO: check
+CVE-2022-34955 (Pligg CMS v2.0.2 was discovered to contain a time-based SQL
injection ...)
+ TODO: check
+CVE-2022-34954 (Pharmacy Management System v1.0 was discovered to contain a
SQL inject ...)
+ TODO: check
+CVE-2022-34953 (Pharmacy Management System v1.0 was discovered to contain a
SQL inject ...)
+ TODO: check
+CVE-2022-34952 (Pharmacy Management System v1.0 was discovered to contain a
SQL inject ...)
+ TODO: check
+CVE-2022-34951 (Pharmacy Management System v1.0 was discovered to contain a
SQL inject ...)
+ TODO: check
+CVE-2022-34950 (Pharmacy Management System v1.0 was discovered to contain a
SQL inject ...)
+ TODO: check
+CVE-2022-34949 (Pharmacy Management System v1.0 was discovered to contain
multiple SQL ...)
+ TODO: check
+CVE-2022-34948 (Pharmacy Management System v1.0 was discovered to contain a
SQL inject ...)
+ TODO: check
+CVE-2022-34947 (Pharmacy Management System v1.0 was discovered to contain a
SQL inject ...)
+ TODO: check
+CVE-2022-34946 (Pharmacy Management System v1.0 was discovered to contain a
SQL inject ...)
+ TODO: check
+CVE-2022-34945 (Pharmacy Management System v1.0 was discovered to contain a
SQL inject ...)
+ TODO: check
CVE-2022-34944
RESERVED
CVE-2022-34943
@@ -6802,8 +6920,8 @@ CVE-2022-34532
RESERVED
CVE-2022-34531 (DedeCMS v5.7.95 was discovered to contain a remote code
execution (RCE ...)
NOT-FOR-US: DedeCMS
-CVE-2022-34530
- RESERVED
+CVE-2022-34530 (An issue in the login and reset password functionality of
Backdrop CMS ...)
+ TODO: check
CVE-2022-34529 (WASM3 v0.5.0 was discovered to contain a segmentation fault
via the co ...)
NOT-FOR-US: WASM3
CVE-2022-34528 (D-Link DSL-3782 v1.03 and below was discovered to contain a
stack over ...)
@@ -15292,8 +15410,8 @@ CVE-2022-31323
RESERVED
CVE-2022-31322
RESERVED
-CVE-2022-31321
- RESERVED
+CVE-2022-31321 (The foldername parameter in Bolt 5.1.7 was discovered to have
incorrec ...)
+ TODO: check
CVE-2022-31320
RESERVED
CVE-2022-31319
@@ -15664,58 +15782,58 @@ CVE-2022-31199
RESERVED
CVE-2022-1797 (A malformed Class 3 common industrial protocol message with a
cached c ...)
NOT-FOR-US: Rockwell Automation
-CVE-2022-31198
- RESERVED
+CVE-2022-31198 (OpenZeppelin Contracts is a library for secure smart contract
developm ...)
+ TODO: check
CVE-2022-31197
RESERVED
CVE-2022-31196
RESERVED
-CVE-2022-31195
- RESERVED
-CVE-2022-31194
- RESERVED
-CVE-2022-31193
- RESERVED
-CVE-2022-31192
- RESERVED
-CVE-2022-31191
- RESERVED
-CVE-2022-31190
- RESERVED
-CVE-2022-31189
- RESERVED
-CVE-2022-31188
- RESERVED
+CVE-2022-31195 (DSpace open source software is a repository application which
provides ...)
+ TODO: check
+CVE-2022-31194 (DSpace open source software is a repository application which
provides ...)
+ TODO: check
+CVE-2022-31193 (DSpace open source software is a repository application which
provides ...)
+ TODO: check
+CVE-2022-31192 (DSpace open source software is a repository application which
provides ...)
+ TODO: check
+CVE-2022-31191 (DSpace open source software is a repository application which
provides ...)
+ TODO: check
+CVE-2022-31190 (DSpace open source software is a repository application which
provides ...)
+ TODO: check
+CVE-2022-31189 (DSpace open source software is a repository application which
provides ...)
+ TODO: check
+CVE-2022-31188 (CVAT is an opensource interactive video and image annotation
tool for ...)
+ TODO: check
CVE-2022-31187
RESERVED
-CVE-2022-31186
- RESERVED
-CVE-2022-31185
- RESERVED
-CVE-2022-31184
- RESERVED
-CVE-2022-31183
- RESERVED
-CVE-2022-31182
- RESERVED
-CVE-2022-31181
- RESERVED
-CVE-2022-31180
- RESERVED
-CVE-2022-31179
- RESERVED
-CVE-2022-31178
- RESERVED
-CVE-2022-31177
- RESERVED
+CVE-2022-31186 (NextAuth.js is a complete open source authentication solution
for Next ...)
+ TODO: check
+CVE-2022-31185 (mprweb is a hosting platform for the makedeb Package
Repository. Email ...)
+ TODO: check
+CVE-2022-31184 (Discourse is the an open source discussion platform. In
affected versi ...)
+ TODO: check
+CVE-2022-31183 (fs2 is a compositional, streaming I/O library for Scala. When
establis ...)
+ TODO: check
+CVE-2022-31182 (Discourse is the an open source discussion platform. In
affected versi ...)
+ TODO: check
+CVE-2022-31181 (PrestaShop is an Open Source e-commerce platform. In versions
from 1.6 ...)
+ TODO: check
+CVE-2022-31180 (Shescape is a simple shell escape package for JavaScript.
Affected ver ...)
+ TODO: check
+CVE-2022-31179 (Shescape is a simple shell escape package for JavaScript.
Versions pri ...)
+ TODO: check
+CVE-2022-31178 (eLabFTW is an electronic lab notebook manager for research
teams. A vu ...)
+ TODO: check
+CVE-2022-31177 (Flask-AppBuilder is an application development framework built
on top ...)
+ TODO: check
CVE-2022-31176
RESERVED
CVE-2022-31175
RESERVED
CVE-2022-31174
RESERVED
-CVE-2022-31173
- RESERVED
+CVE-2022-31173 (Juniper is a GraphQL server library for Rust. Affected
versions of Jun ...)
+ TODO: check
CVE-2022-31172 (OpenZeppelin Contracts is a library for smart contract
development. Ve ...)
NOT-FOR-US: OpenZeppelin Contracts
CVE-2022-31171
@@ -15758,10 +15876,10 @@ CVE-2022-31157 (LTI 1.3 Tool Library is a library
used for building IMS-certifie
CVE-2022-31156 (Gradle is a build tool. Dependency verification is a security
feature ...)
- gradle <not-affected> (Vulnerable node not yet uploaded; introduced
in 6.2)
NOTE:
https://github.com/gradle/gradle/security/advisories/GHSA-j6wc-xfg8-jx2j
-CVE-2022-31155
- RESERVED
-CVE-2022-31154
- RESERVED
+CVE-2022-31155 (Sourcegraph is an opensource code search and navigation
engine. In Sou ...)
+ TODO: check
+CVE-2022-31154 (Sourcegraph is an opensource code search and navigation
engine. It is ...)
+ TODO: check
CVE-2022-31153 (OpenZeppelin Contracts for Cairo is a library for contract
development ...)
NOT-FOR-US: OpenZeppelin Contracts
CVE-2022-31152
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/be9b0c9e33e3b75d16e18c636779ebec1825d6ad
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/be9b0c9e33e3b75d16e18c636779ebec1825d6ad
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
