Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
261d02f9 by security tracker role at 2022-11-20T08:10:15+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,15 @@
-CVE-2022-4066
- RESERVED
-CVE-2022-4065
- RESERVED
+CVE-2022-4070 (Insufficient Session Expiration in GitHub repository
librenms/librenms ...)
+ TODO: check
+CVE-2022-4069 (Cross-site Scripting (XSS) - Generic in GitHub repository
librenms/lib ...)
+ TODO: check
+CVE-2022-4068 (A user is able to enable their own account if it was disabled
by an ad ...)
+ TODO: check
+CVE-2022-4067 (Cross-site Scripting (XSS) - Stored in GitHub repository
librenms/libr ...)
+ TODO: check
+CVE-2022-4066 (A vulnerability was found in davidmoreno onion. It has been
rated as p ...)
+ TODO: check
+CVE-2022-4065 (A vulnerability was found in cbeust testng. It has been
declared as cr ...)
+ TODO: check
CVE-2022-4064 (A vulnerability was found in Dalli. It has been classified as
problema ...)
- ruby-dalli <not-affected> (Vulnerable code introduced later)
NOTE: https://github.com/petergoldstein/dalli/issues/932
@@ -9568,10 +9576,10 @@ CVE-2022-3563 (A vulnerability classified as
problematic has been found in Linux
[buster] - bluez <not-affected> (Vulnerable code introduced later)
NOTE: Fixed by:
https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=e3c92f1f786f0b55440bd908b55894d0c792cf0e
(5.65)
NOTE: Introduced by:
https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=bc3a76f01f461db19381f1922cdaeac222dfd374
(5.56)
-CVE-2022-3562
- RESERVED
-CVE-2022-3561
- RESERVED
+CVE-2022-3562 (Cross-site Scripting (XSS) - Stored in GitHub repository
librenms/libr ...)
+ TODO: check
+CVE-2022-3561 (Cross-site Scripting (XSS) - Generic in GitHub repository
librenms/lib ...)
+ TODO: check
CVE-2022-3560
RESERVED
CVE-2022-3559 (A vulnerability was found in Exim and classified as
problematic. This ...)
@@ -9711,8 +9719,8 @@ CVE-2022-3526 (A vulnerability classified as problematic
was found in Linux Kern
[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/e16b859872b87650bb55b12cca5a5fcdc49c1442
-CVE-2022-3525
- RESERVED
+CVE-2022-3525 (Deserialization of Untrusted Data in GitHub repository
librenms/libren ...)
+ TODO: check
CVE-2022-3524 (A vulnerability was found in Linux Kernel. It has been declared
as pro ...)
- linux 6.0.7-1
NOTE:
https://git.kernel.org/linus/3c52c6bb831f6335c176a0fc7214e26f43adbd11
@@ -9890,8 +9898,8 @@ CVE-2022-3517 (A vulnerability was found in the minimatch
package. This flaw all
[buster] - node-minimatch <no-dsa> (Minor issue)
NOTE: https://github.com/grafana/grafana-image-renderer/issues/329
NOTE:
https://github.com/isaacs/minimatch/commit/a8763f4388e51956be62dc6025cec1126beeb5e6
(v3.0.5)
-CVE-2022-3516
- RESERVED
+CVE-2022-3516 (Cross-site Scripting (XSS) - Stored in GitHub repository
librenms/libr ...)
+ TODO: check
CVE-2022-3515
RESERVED
{DSA-5255-1 DLA-3153-1}
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/261d02f99ce470dff827bed262032847773dd693
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/261d02f99ce470dff827bed262032847773dd693
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
