[Git][security-tracker-team/security-tracker][master] automatic update

Sat, 24 Sep 2022 01:10:39 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
50abc733 by security tracker role at 2022-09-24T08:10:16+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2022-3294
+       RESERVED
+CVE-2022-3293
+       RESERVED
+CVE-2022-3292
+       RESERVED
 CVE-2022-41336
        RESERVED
 CVE-2022-41335
@@ -60,8 +66,8 @@ CVE-2022-3280
        RESERVED
 CVE-2022-3279
        RESERVED
-CVE-2022-3278
-       RESERVED
+CVE-2022-3278 (NULL Pointer Dereference in GitHub repository vim/vim prior to 
9.0.055 ...)
+       TODO: check
 CVE-2022-3277 [unrestricted creation of security groups]
        RESERVED
        - neutron <unfixed>
@@ -1600,15 +1606,15 @@ CVE-2022-40673 (KDiskMark before 3.1.0 lacks 
authorization checking for D-Bus me
 CVE-2022-40670
        RESERVED
 CVE-2022-40669
-       RESERVED
+       REJECTED
 CVE-2022-40668
-       RESERVED
+       REJECTED
 CVE-2022-40667
-       RESERVED
+       REJECTED
 CVE-2022-40666
-       RESERVED
+       REJECTED
 CVE-2022-40665
-       RESERVED
+       REJECTED
 CVE-2022-40664
        RESERVED
 CVE-2022-40663 (This vulnerability allows remote attackers to execute 
arbitrary code o ...)
@@ -2934,26 +2940,26 @@ CVE-2022-40124
        RESERVED
 CVE-2022-40123
        RESERVED
-CVE-2022-40122
-       RESERVED
-CVE-2022-40121
-       RESERVED
-CVE-2022-40120
-       RESERVED
-CVE-2022-40119
-       RESERVED
-CVE-2022-40118
-       RESERVED
-CVE-2022-40117
-       RESERVED
-CVE-2022-40116
-       RESERVED
-CVE-2022-40115
-       RESERVED
-CVE-2022-40114
-       RESERVED
-CVE-2022-40113
-       RESERVED
+CVE-2022-40122 (Online Banking System v1.0 was discovered to contain a SQL 
injection v ...)
+       TODO: check
+CVE-2022-40121 (Online Banking System v1.0 was discovered to contain a SQL 
injection v ...)
+       TODO: check
+CVE-2022-40120 (Online Banking System v1.0 was discovered to contain a SQL 
injection v ...)
+       TODO: check
+CVE-2022-40119 (Online Banking System v1.0 was discovered to contain a SQL 
injection v ...)
+       TODO: check
+CVE-2022-40118 (Online Banking System v1.0 was discovered to contain a SQL 
injection v ...)
+       TODO: check
+CVE-2022-40117 (Online Banking System v1.0 was discovered to contain a SQL 
injection v ...)
+       TODO: check
+CVE-2022-40116 (Online Banking System v1.0 was discovered to contain a SQL 
injection v ...)
+       TODO: check
+CVE-2022-40115 (Online Banking System v1.0 was discovered to contain a SQL 
injection v ...)
+       TODO: check
+CVE-2022-40114 (Online Banking System v1.0 was discovered to contain a SQL 
injection v ...)
+       TODO: check
+CVE-2022-40113 (Online Banking System v1.0 was discovered to contain a SQL 
injection v ...)
+       TODO: check
 CVE-2022-40112 (TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is 
vulnerable ...)
        NOT-FOR-US: TOTOLINK
 CVE-2022-40111 (In TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 in 
the sha ...)
@@ -4805,12 +4811,12 @@ CVE-2022-39244
        RESERVED
 CVE-2022-39243
        RESERVED
-CVE-2022-39242
-       RESERVED
+CVE-2022-39242 (Frontier is an Ethereum compatibility layer for Substrate. 
Prior to co ...)
+       TODO: check
 CVE-2022-39241
        RESERVED
-CVE-2022-39240
-       RESERVED
+CVE-2022-39240 (MyGraph is a permission management system. Versions prior to 
1.0.4 are ...)
+       TODO: check
 CVE-2022-39239 (netlify-ipx is an on-Demand image optimization for Netlify 
using ipx.  ...)
        TODO: check
 CVE-2022-39238 (Arvados is an open source platform for managing and analyzing 
biomedic ...)
@@ -13610,8 +13616,8 @@ CVE-2022-36027 (TensorFlow is an open source platform 
for machine learning. When
        - tensorflow <itp> (bug #804612)
 CVE-2022-36026 (TensorFlow is an open source platform for machine learning. If 
`Quanti ...)
        - tensorflow <itp> (bug #804612)
-CVE-2022-36025
-       RESERVED
+CVE-2022-36025 (Besu is a Java-based Ethereum client. In versions newer than 
22.1.3 an ...)
+       TODO: check
 CVE-2022-36024 (py-cord is a an API wrapper for Discord written in Python. 
Bots creati ...)
        NOT-FOR-US: py-cord
 CVE-2022-36023 (Hyperledger Fabric is an enterprise-grade permissioned 
distributed led ...)
@@ -50198,14 +50204,14 @@ CVE-2022-23466
        RESERVED
 CVE-2022-23465
        RESERVED
-CVE-2022-23464
-       RESERVED
-CVE-2022-23463
-       RESERVED
+CVE-2022-23464 (Nepxion Discovery is a solution for Spring Cloud. Discovery is 
vulnera ...)
+       TODO: check
+CVE-2022-23463 (Nepxion Discovery is a solution for Spring Cloud. Discover is 
vulnerab ...)
+       TODO: check
 CVE-2022-23462
        RESERVED
-CVE-2022-23461
-       RESERVED
+CVE-2022-23461 (Jodit Editor is a WYSIWYG editor written in pure TypeScript 
without th ...)
+       TODO: check
 CVE-2022-23460 (Jsonxx or Json++ is a JSON parser, writer and reader written 
in C++. I ...)
        TODO: check - numerous jsonxx repositories exist on github
        NOTE: https://github.com/advisories/GHSA-h8mv-q3c4-8hw2



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/50abc733ec3f8470a47509bce04da89ea7eb8cef

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/50abc733ec3f8470a47509bce04da89ea7eb8cef
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to