[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sat, 10 Sep 2022 01:10:38 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
9c13ec15 by security tracker role at 2022-09-10T08:10:19+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,7 @@
+CVE-2022-40320 (cfg_tilde_expand in confuse.c in libConfuse 3.3 has a 
heap-based buffe ...)
+       TODO: check
+CVE-2022-40319
+       RESERVED
 CVE-2022-40318
        RESERVED
 CVE-2022-40317 (OpenKM 6.3.11 allows stored XSS related to the 
javascript&amp;colon; s ...)
@@ -4098,8 +4102,8 @@ CVE-2022-38640
        RESERVED
 CVE-2022-38639 (A cross-site scripting (XSS) vulnerability in Markdown-Nice 
v1.8.22 al ...)
        NOT-FOR-US: Markdown-Nice
-CVE-2022-38638
-       RESERVED
+CVE-2022-38638 (Casdoor v1.97.3 was discovered to contain an arbitrary file 
write vuln ...)
+       TODO: check
 CVE-2022-38637
        RESERVED
 CVE-2022-38636
@@ -5245,8 +5249,8 @@ CVE-2022-38268 (School Activity Updates with SMS 
Notification v1.0 was discovere
        NOT-FOR-US: School Activity Updates with SMS Notification
 CVE-2022-38267 (School Activity Updates with SMS Notification v1.0 was 
discovered to c ...)
        NOT-FOR-US: School Activity Updates with SMS Notification
-CVE-2022-38266
-       RESERVED
+CVE-2022-38266 (An issue in the Leptonica linked library (v1.79.0) in 
Tesseract v5.0.0 ...)
+       TODO: check
 CVE-2022-38265 (Apartment Visitor Management System v1.0 was discovered to 
contain a S ...)
        NOT-FOR-US: Apartment Visitor Management System
 CVE-2022-38264
@@ -10803,8 +10807,8 @@ CVE-2022-36112
        RESERVED
 CVE-2022-36111
        RESERVED
-CVE-2022-36110
-       RESERVED
+CVE-2022-36110 (Netmaker makes networks with WireGuard. Prior to version 
0.15.1, Impro ...)
+       TODO: check
 CVE-2022-36109 (Moby is an open-source project created by Docker to enable 
software co ...)
        TODO: check
 CVE-2022-36108
@@ -10849,8 +10853,8 @@ CVE-2022-36089 (KubeVela is an application delivery 
platform Users using KubeVel
        NOT-FOR-US: KubeVela
 CVE-2022-36088 (GoCD is a continuous delivery server. Windows installations 
via either ...)
        NOT-FOR-US: GoCD
-CVE-2022-36087
-       RESERVED
+CVE-2022-36087 (OAuthLib is an implementation of the OAuth request-signing 
logic for P ...)
+       TODO: check
 CVE-2022-36086 (linked_list_allocator is an allocator usable for no_std 
systems. Prior ...)
        TODO: check
 CVE-2022-36085 (Open Policy Agent (OPA) is an open source, general-purpose 
policy engi ...)
@@ -24396,8 +24400,8 @@ CVE-2022-31008
        RESERVED
 CVE-2022-31007 (eLabFTW is an electronic lab notebook manager for research 
teams. Prio ...)
        NOT-FOR-US: eLabFTW
-CVE-2022-31006
-       RESERVED
+CVE-2022-31006 (indy-node is the server portion of Hyperledger Indy, a 
distributed led ...)
+       TODO: check
 CVE-2022-31005 (Vapor is an HTTP web framework for Swift. Users of Vapor prior 
to vers ...)
        NOT-FOR-US: Vapor
 CVE-2022-31004 (CVEProject/cve-services is an open source project used to 
operate the  ...)
@@ -53155,7 +53159,7 @@ CVE-2021-45709 (An issue was discovered in the crypto2 
crate through 2021-10-08
        NOT-FOR-US: Rust crate crypto2
 CVE-2021-45708 (An issue was discovered in the abomonation crate through 
2021-10-17 fo ...)
        NOT-FOR-US: Rust crate abomonation
-CVE-2021-45707 (An issue was discovered in the nix crate before 0.20.2, 0.21.x 
before  ...)
+CVE-2021-45707 (An issue was discovered in the nix crate 0.16.0 and later 
before 0.20. ...)
        - rust-nix 0.23.0-1
        [bullseye] - rust-nix <no-dsa> (Minor issue)
        [buster] - rust-nix <not-affected> (Introduced in 0.16)
@@ -78860,8 +78864,8 @@ CVE-2021-37821
        RESERVED
 CVE-2021-37820
        RESERVED
-CVE-2021-37819
-       RESERVED
+CVE-2021-37819 (PDF Labs pdftk-java v3.2.3 was discovered to contain an 
infinite loop  ...)
+       TODO: check
 CVE-2021-37818
        RESERVED
 CVE-2021-37817



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c13ec158cd69293f254a14bc7785fd936cca5b7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c13ec158cd69293f254a14bc7785fd936cca5b7
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to