Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2b37f3d9 by Salvatore Bonaccorso at 2022-09-03T09:59:50+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6792,7 +6792,7 @@ CVE-2022-37175 (Tenda ac15 firmware V15.03.05.18 httpd
server has stack buffer o
CVE-2022-37174
RESERVED
CVE-2022-37173 (An issue in the installer of gvim 9.0.0000 allows
authenticated attack ...)
- TODO: check
+ NOT-FOR-US: gvim Windows installer
CVE-2022-37172 (Incorrect access control in the install directory (C:\msys64)
of Msys2 ...)
NOT-FOR-US: Msys2
CVE-2022-37171
@@ -8155,11 +8155,11 @@ CVE-2022-36605 (Yimioa v6.1 was discovered to contain a
SQL injection vulnerabil
CVE-2022-36604 (An access control issue in Canaan Avalon ASIC Miner 2020.3.30
and belo ...)
NOT-FOR-US: Canaan Avalon ASIC Miner
CVE-2022-36603 (InnoSilicon T3T+ t2t+_soc_20190911_151433.swu was discovered
to contai ...)
- TODO: check
+ NOT-FOR-US: InnoSilicon T3T+ t2t+_soc_20190911_151433.swu
CVE-2022-36602 (InnoSilicon A10 a10_20200924_120556 was discovered to contain
a remote ...)
- TODO: check
+ NOT-FOR-US: InnoSilicon A10
CVE-2022-36601 (The Eclipse TCF debug interface in
JasMiner-X4-Server-20220621-090907 ...)
- TODO: check
+ NOT-FOR-US: JasMiner-X4-Server-20220621-090907
CVE-2022-36600 (BlogEngine v3.3.8.0 was discovered to contain a cross-site
scripting ( ...)
NOT-FOR-US: BlogEngine
CVE-2022-36599 (Mingsoft MCMS 5.2.8 was discovered to contain a SQL injection
vulnerab ...)
@@ -9447,7 +9447,7 @@ CVE-2022-36132
CVE-2022-36131 (The Better PDF Exporter add-on 10.0.0 for Atlassian Jira is
prone to s ...)
NOT-FOR-US: Atlassian addon
CVE-2022-36130 (HashiCorp Boundary up to 0.10.1 did not properly perform data
integrit ...)
- TODO: check
+ NOT-FOR-US: HashiCorp Boundary
CVE-2022-36129 (HashiCorp Vault Enterprise 1.7.0 through 1.9.7, 1.10.4, and
1.11.0 clu ...)
NOT-FOR-US: HashiCorp Vault
CVE-2022-2455
@@ -9600,7 +9600,7 @@ CVE-2022-36080
CVE-2022-36079
RESERVED
CVE-2022-36078 (Binary provides encoding/decoding in Borsh and other formats.
The vuln ...)
- TODO: check
+ NOT-FOR-US: gagliardetto/Binary (tool to provide encoding/decoding in
Borsh and other formats)
CVE-2022-36077
RESERVED
CVE-2022-36076 (NodeBB Forum Software is powered by Node.js and supports
either Redis, ...)
@@ -9660,7 +9660,7 @@ CVE-2022-36053 (Contiki-NG is an open-source,
cross-platform operating system fo
CVE-2022-36052 (Contiki-NG is an open-source, cross-platform operating system
for Next ...)
NOT-FOR-US: Contiki-NG
CVE-2022-36051 (ZITADEL combines the ease of Auth0 and the versatility of
Keycloak.**A ...)
- TODO: check
+ NOT-FOR-US: ZITADEL
CVE-2022-36050
RESERVED
CVE-2022-36049
@@ -21188,7 +21188,7 @@ CVE-2022-31679
CVE-2022-31678
RESERVED
CVE-2022-31677 (An Insufficient Session Expiration issue was discovered in the
Pinnipe ...)
- TODO: check
+ NOT-FOR-US: Pinniped Supervisor
CVE-2022-31676 (VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local
privilege es ...)
{DSA-5215-1 DLA-3081-1}
- open-vm-tools 2:12.1.0-1 (bug #1018012)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b37f3d9e09157a63a207d6b2d1a749242c51281
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b37f3d9e09157a63a207d6b2d1a749242c51281
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
