[Git][security-tracker-team/security-tracker][master] automatic update

Tue, 27 Sep 2022 01:10:40 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3e2a9a29 by security tracker role at 2022-09-27T08:10:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,57 @@
+CVE-2022-41568
+       RESERVED
+CVE-2022-41567
+       RESERVED
+CVE-2022-41566
+       RESERVED
+CVE-2022-41565
+       RESERVED
+CVE-2022-41564
+       RESERVED
+CVE-2022-41563
+       RESERVED
+CVE-2022-41562
+       RESERVED
+CVE-2022-41561
+       RESERVED
+CVE-2022-41560
+       RESERVED
+CVE-2022-41559
+       RESERVED
+CVE-2022-41558
+       RESERVED
+CVE-2022-41342
+       RESERVED
+CVE-2022-41314
+       RESERVED
+CVE-2022-40982
+       RESERVED
+CVE-2022-40971
+       RESERVED
+CVE-2022-40970
+       RESERVED
+CVE-2022-40964
+       RESERVED
+CVE-2022-40210
+       RESERVED
+CVE-2022-40196
+       RESERVED
+CVE-2022-38136
+       RESERVED
+CVE-2022-38099
+       RESERVED
+CVE-2022-3328
+       RESERVED
+CVE-2022-3327
+       RESERVED
+CVE-2022-3326
+       RESERVED
+CVE-2022-3325
+       RESERVED
+CVE-2022-3324
+       RESERVED
+CVE-2022-3323
+       RESERVED
 CVE-2022-41557
        RESERVED
 CVE-2022-41556
@@ -476,8 +530,8 @@ CVE-2022-40984
        RESERVED
 CVE-2022-3299 (A vulnerability was found in Open5GS up to 2.4.10. It has been 
declare ...)
        TODO: check
-CVE-2022-3298
-       RESERVED
+CVE-2022-3298 (Allocation of Resources Without Limits or Throttling in GitHub 
reposit ...)
+       TODO: check
 CVE-2022-41343 (registerFont in FontMetrics.php in Dompdf before 2.0.1 allows 
remote f ...)
        TODO: check
 CVE-2022-36368
@@ -3494,12 +3548,12 @@ CVE-2022-40101 (Tenda i9 v1.0.0.8(3828) was discovered 
to contain a buffer overf
        NOT-FOR-US: Tenda
 CVE-2022-40100 (Tenda i9 v1.0.0.8(3828) was discovered to contain a command 
injection  ...)
        NOT-FOR-US: Tenda
-CVE-2022-40099
-       RESERVED
-CVE-2022-40098
-       RESERVED
-CVE-2022-40097
-       RESERVED
+CVE-2022-40099 (Online Tours & Travels Management System v1.0 was 
discovered to co ...)
+       TODO: check
+CVE-2022-40098 (Online Tours & Travels Management System v1.0 was 
discovered to co ...)
+       TODO: check
+CVE-2022-40097 (Online Tours & Travels Management System v1.0 was 
discovered to co ...)
+       TODO: check
 CVE-2022-40096
        RESERVED
 CVE-2022-40095
@@ -3592,8 +3646,8 @@ CVE-2022-40052
        RESERVED
 CVE-2022-40051
        RESERVED
-CVE-2022-40050
-       RESERVED
+CVE-2022-40050 (ZFile v4.1.1 was discovered to contain an arbitrary file 
upload vulner ...)
+       TODO: check
 CVE-2022-40049
        RESERVED
 CVE-2022-40048
@@ -29116,6 +29170,7 @@ CVE-2022-30552 (Das U-Boot 2022.01 has a Buffer 
Overflow. ...)
 CVE-2022-30551 (OPC UA Legacy Java Stack 2022-04-01 allows a remote attacker 
to cause  ...)
        NOT-FOR-US: OPC UA Legacy Java Stack
 CVE-2022-30550 (An issue was discovered in the auth component in Dovecot 2.2 
and 2.3 b ...)
+       {DLA-3122-1}
        - dovecot 1:2.3.19.1+dfsg1-2 (bug #1016351)
        [bullseye] - dovecot 1:2.3.13+dfsg1-2+deb11u1
        NOTE: https://www.openwall.com/lists/oss-security/2022/07/06/9
@@ -30720,8 +30775,8 @@ CVE-2022-30006
        RESERVED
 CVE-2022-30005
        RESERVED
-CVE-2022-30004
-       RESERVED
+CVE-2022-30004 (Sourcecodester Online Market Place Site v1.0 suffers from an 
unauthent ...)
+       TODO: check
 CVE-2022-30003 (Sourcecodester Online Market Place Site 1.0 is vulnerable to 
Cross Sit ...)
        TODO: check
 CVE-2022-30002 (Insurance Management System 1.0 is vulnerable to SQL Injection 
via /in ...)
@@ -92531,6 +92586,7 @@ CVE-2021-33516 (An issue was discovered in GUPnP before 
1.0.7 and 1.1.x and 1.2.
        NOTE: 
https://gitlab.gnome.org/GNOME/gupnp/-/commit/05e964d48322ff23a65c6026d656e4494ace6ff9
 (gupnp-1.0)
        NOTE: 
https://gitlab.gnome.org/GNOME/gupnp/-/commit/ca6ec9dcb26fd7a2a630eb6a68118659b589afac
 (master)
 CVE-2021-33515 (The submission service in Dovecot before 2.3.15 allows 
STARTTLS comman ...)
+       {DLA-3122-1}
        - dovecot 1:2.3.13+dfsg1-2 (bug #990566)
        [stretch] - dovecot <not-affected> (Vulnerable code 
(smtp_server_command queue) introduced later)
        NOTE: https://dovecot.org/pipermail/dovecot-news/2021-June/000462.html



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3e2a9a298b6b425126e6b5f145a76862db5265f6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3e2a9a298b6b425126e6b5f145a76862db5265f6
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to