Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9259172c by security tracker role at 2022-10-29T08:10:11+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,37 @@
+CVE-2022-43997
+ RESERVED
+CVE-2022-43996
+ RESERVED
+CVE-2022-43995
+ RESERVED
+CVE-2022-43994
+ RESERVED
+CVE-2022-43993
+ RESERVED
+CVE-2022-43992
+ RESERVED
+CVE-2022-43991
+ RESERVED
+CVE-2022-43990
+ RESERVED
+CVE-2022-43989
+ RESERVED
+CVE-2022-43988
+ RESERVED
+CVE-2022-43987
+ RESERVED
+CVE-2022-43986
+ RESERVED
+CVE-2022-43985
+ RESERVED
+CVE-2022-43984
+ RESERVED
+CVE-2022-43983
+ RESERVED
+CVE-2022-3752
+ RESERVED
+CVE-2022-3751
+ RESERVED
CVE-2022-43982
RESERVED
CVE-2022-43981
@@ -3635,20 +3669,20 @@ CVE-2022-43288
RESERVED
CVE-2022-43287
RESERVED
-CVE-2022-43286
- RESERVED
-CVE-2022-43285
- RESERVED
-CVE-2022-43284
- RESERVED
-CVE-2022-43283
- RESERVED
-CVE-2022-43282
- RESERVED
-CVE-2022-43281
- RESERVED
-CVE-2022-43280
- RESERVED
+CVE-2022-43286 (Nginx NJS v0.7.2 was discovered to contain a
heap-use-after-free bug c ...)
+ TODO: check
+CVE-2022-43285 (Nginx NJS v0.7.4 was discovered to contain a segmentation
violation in ...)
+ TODO: check
+CVE-2022-43284 (Nginx NJS v0.7.2 to v0.7.4 was discovered to contain a
segmentation vi ...)
+ TODO: check
+CVE-2022-43283 (wasm2c v1.0.29 was discovered to contain an abort in
CWriter::Write. ...)
+ TODO: check
+CVE-2022-43282 (wasm-interp v1.0.29 was discovered to contain an out-of-bounds
read vi ...)
+ TODO: check
+CVE-2022-43281 (wasm-interp v1.0.29 was discovered to contain a heap overflow
via the ...)
+ TODO: check
+CVE-2022-43280 (wasm-interp v1.0.29 was discovered to contain an out-of-bounds
read vi ...)
+ TODO: check
CVE-2022-43279
RESERVED
CVE-2022-43278
@@ -4628,8 +4662,7 @@ CVE-2022-42918
RESERVED
CVE-2022-42917
RESERVED
-CVE-2022-42916 [HSTS bypass via IDN]
- RESERVED
+CVE-2022-42916 (In curl before 7.86.0, the HSTS check could be bypassed to
trick it in ...)
- curl 7.86.0-1
[buster] - curl <not-affected> (Vulnerable code not present)
NOTE: https://curl.se/docs/CVE-2022-42916.html
@@ -16223,8 +16256,8 @@ CVE-2022-2828 (In affected versions of Octopus Server
it is possible to reveal i
NOT-FOR-US: Octopus Server
CVE-2022-2827
RESERVED
-CVE-2022-2826
- RESERVED
+CVE-2022-2826 (An issue has been discovered in GitLab affecting all versions
starting ...)
+ TODO: check
CVE-2022-38362 (Apache Airflow Docker's Provider prior to 3.0.0 shipped with
an exampl ...)
- airflow <itp> (bug #819700)
CVE-2022-38361
@@ -18029,8 +18062,8 @@ CVE-2022-37623
RESERVED
CVE-2022-37622
RESERVED
-CVE-2022-37621
- RESERVED
+CVE-2022-37621 (Prototype pollution vulnerability in function resolveShims in
resolve- ...)
+ TODO: check
CVE-2022-37620
RESERVED
CVE-2022-37619
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9259172c29f30c79f9b429908d2a444c9439fa4f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9259172c29f30c79f9b429908d2a444c9439fa4f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
