[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Wed, 26 Oct 2022 01:10:31 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
7d7d1a7c by security tracker role at 2022-10-26T08:10:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,45 @@
+CVE-2022-43760
+       RESERVED
+CVE-2022-43759
+       RESERVED
+CVE-2022-43758
+       RESERVED
+CVE-2022-43757
+       RESERVED
+CVE-2022-43756
+       RESERVED
+CVE-2022-43755
+       RESERVED
+CVE-2022-43754
+       RESERVED
+CVE-2022-43753
+       RESERVED
+CVE-2022-43752
+       RESERVED
+CVE-2022-43751
+       RESERVED
+CVE-2022-43750 (drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 
5.19.15 ...)
+       TODO: check
+CVE-2022-43749
+       RESERVED
+CVE-2022-43748
+       RESERVED
+CVE-2022-43747 (baramundi Management Agent (bMA) in baramundi Management Suite 
(bMS) 2 ...)
+       TODO: check
+CVE-2022-3687
+       RESERVED
+CVE-2022-3686
+       RESERVED
+CVE-2022-3685
+       RESERVED
+CVE-2022-3684
+       RESERVED
+CVE-2022-3683
+       RESERVED
+CVE-2022-3682
+       RESERVED
+CVE-2022-3681
+       RESERVED
 CVE-2022-43746
        RESERVED
 CVE-2022-43745
@@ -969,7 +1011,8 @@ CVE-2022-3595 (A vulnerability was found in Linux Kernel. 
It has been rated as p
 CVE-2022-3594 (A vulnerability was found in Linux Kernel. It has been declared 
as pro ...)
        - linux 6.0.3-1
        NOTE: 
https://git.kernel.org/linus/93e2be344a7db169b7119de21ac1bf253b8c6907 (6.1-rc1)
-CVE-2022-3593 (A vulnerability was found in Linux Kernel. It has been 
classified as p ...)
+CVE-2022-3593
+       REJECTED
        - iproute2 5.19.0-1 (unimportant)
        NOTE: 
https://git.kernel.org/pub/scm/network/iproute2/iproute2-next.git/commit/?id=2cb76253ed852559a4f2b315f5e23457a15d71e5
        NOTE: Memory leak in CLI tool, no security impact
@@ -2038,19 +2081,23 @@ CVE-2022-3531 (A vulnerability was found in Linux 
Kernel. It has been classified
        - linux <unfixed> (unimportant)
        NOTE: 
https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git/commit/?id=6d2e21dc4db3933db65293552ecc1ede26febeca
        NOTE: Issue only in selftest/bpf.
-CVE-2022-3530 (A vulnerability was found in Linux Kernel and classified as 
problemati ...)
+CVE-2022-3530
+       REJECTED
        - iproute2 5.19.0-1 (unimportant)
        NOTE: 
https://git.kernel.org/pub/scm/network/iproute2/iproute2-next.git/commit/?id=1d540336b026ed5bfe10eefac383db7f434d842f
        NOTE: Memory leak in CLI tool, no security impact
-CVE-2022-3529 (A vulnerability has been found in Linux Kernel and classified 
as probl ...)
+CVE-2022-3529
+       REJECTED
        - iproute2 5.19.0-1 (unimportant)
        NOTE: 
https://git.kernel.org/pub/scm/network/iproute2/iproute2-next.git/commit/?id=6db01afd60748afbba114be2773be338c5be28ff
        NOTE: Memory leak in CLI tool, no security impact
-CVE-2022-3528 (A vulnerability, which was classified as problematic, was found 
in Lin ...)
+CVE-2022-3528
+       REJECTED
        - iproute2 5.19.0-1 (unimportant)
        NOTE: 
https://git.kernel.org/pub/scm/network/iproute2/iproute2-next.git/commit/?id=afdbb0204a5872f1f76058a0db5a529b1f0c8de7
        NOTE: Memory leak in CLI tool, no security impact
-CVE-2022-3527 (A vulnerability, which was classified as problematic, has been 
found i ...)
+CVE-2022-3527
+       REJECTED
        - iproute2 5.19.0-1 (unimportant)
        NOTE: 
https://git.kernel.org/pub/scm/network/iproute2/iproute2-next.git/commit/?id=c5433c4b7a57d380f4cb351316f5ba5ebae9538e
        NOTE: Memory leak in CLI tool, no security impact
@@ -5104,8 +5151,8 @@ CVE-2022-41713
        RESERVED
 CVE-2022-41712
        RESERVED
-CVE-2022-41711
-       RESERVED
+CVE-2022-41711 (Badaso version 2.6.0 allows an unauthenticated remote attacker 
to exec ...)
+       TODO: check
 CVE-2022-41710
        RESERVED
 CVE-2022-41709 (Markdownify version 1.4.1 allows an external attacker to 
execute arbit ...)
@@ -27453,22 +27500,22 @@ CVE-2022-33187
        RESERVED
 CVE-2022-33186
        RESERVED
-CVE-2022-33185
-       RESERVED
-CVE-2022-33184
-       RESERVED
-CVE-2022-33183
-       RESERVED
-CVE-2022-33182
-       RESERVED
-CVE-2022-33181
-       RESERVED
-CVE-2022-33180
-       RESERVED
-CVE-2022-33179
-       RESERVED
-CVE-2022-33178
-       RESERVED
+CVE-2022-33185 (Several commands in Brocade Fabric OS before Brocade Fabric OS 
v.9.0.1 ...)
+       TODO: check
+CVE-2022-33184 (A vulnerability in fab_seg.c.h libraries of all Brocade Fabric 
OS vers ...)
+       TODO: check
+CVE-2022-33183 (A vulnerability in Brocade Fabric OS CLI before Brocade Fabric 
OS v9.1 ...)
+       TODO: check
+CVE-2022-33182 (A privilege escalation vulnerability in Brocade Fabric OS CLI 
before B ...)
+       TODO: check
+CVE-2022-33181 (An information disclosure vulnerability in Brocade Fabric OS 
CLI befor ...)
+       TODO: check
+CVE-2022-33180 (A vulnerability in Brocade Fabric OS CLI before Brocade Fabric 
OS v9.1 ...)
+       TODO: check
+CVE-2022-33179 (A vulnerability in Brocade Fabric OS CLI before Brocade Fabric 
OS v9.1 ...)
+       TODO: check
+CVE-2022-33178 (A vulnerability in the radius authentication system of Brocade 
Fabric  ...)
+       TODO: check
 CVE-2022-33175 (Power Distribution Units running on Powertek firmware 
(multiple brands ...)
        NOT-FOR-US: Powertek
 CVE-2022-33174 (Power Distribution Units running on Powertek firmware 
(multiple brands ...)
@@ -42168,10 +42215,10 @@ CVE-2022-1160 (heap buffer overflow in 
get_one_sourceline in GitHub repository v
        NOTE: https://huntr.dev/bounties/a6f3222d-2472-439d-8881-111138a5694c/
        NOTE: Introduced by: 
https://github.com/vim/vim/commit/85b43c6cb7d56919e245622f4e42db6d8bee4194 
(v8.2.4603)
        NOTE: Fixed by: 
https://github.com/vim/vim/commit/2bdad6126778f907c0b98002bfebf0e611a3f5db 
(v8.2.4647)
-CVE-2022-28170
-       RESERVED
-CVE-2022-28169
-       RESERVED
+CVE-2022-28170 (Brocade Fabric OS Web Application services before Brocade 
Fabric v9.1. ...)
+       TODO: check
+CVE-2022-28169 (Brocade Webtools in Brocade Fabric OS versions before Brocade 
Fabric O ...)
+       TODO: check
 CVE-2022-28168 (In Brocade SANnav before Brocade SANnav v2.2.0.2 and Brocade 
SANnav2.1 ...)
        NOT-FOR-US: Brocade
 CVE-2022-28167 (Brocade SANnav before Brocade SANvav v. 2.2.0.2 and Brocade 
SANanv v.2 ...)
@@ -48559,8 +48606,8 @@ CVE-2022-25851 (The package jpeg-js before 0.4.4 are 
vulnerable to Denial of Ser
        NOT-FOR-US: jpeg-js
 CVE-2022-25850 (The package github.com/hoppscotch/proxyscotch before 1.0.0 are 
vulnera ...)
        NOT-FOR-US: hoppscotch proxyscotch
-CVE-2022-25849
-       RESERVED
+CVE-2022-25849 (The package joyqi/hyper-down from 0.0.0 are vulnerable to 
Cross-site S ...)
+       TODO: check
 CVE-2022-25848
        RESERVED
 CVE-2022-25847



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d7d1a7c0f7c91f6ba0a2c38700888a74f07a0a6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d7d1a7c0f7c91f6ba0a2c38700888a74f07a0a6
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to