Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
02db06f0 by security tracker role at 2022-12-06T20:10:27+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,57 @@
+CVE-2022-46674
+ RESERVED
+CVE-2022-46673
+ RESERVED
+CVE-2022-46672
+ RESERVED
+CVE-2022-46671
+ RESERVED
+CVE-2022-46670
+ RESERVED
+CVE-2022-46669
+ RESERVED
+CVE-2022-46668
+ RESERVED
+CVE-2022-46667
+ RESERVED
+CVE-2022-46666
+ RESERVED
+CVE-2022-46665
+ RESERVED
+CVE-2022-46664
+ RESERVED
+CVE-2022-46662
+ RESERVED
+CVE-2022-4310
+ RESERVED
+CVE-2022-4309
+ RESERVED
+CVE-2022-4308
+ RESERVED
+CVE-2022-4307
+ RESERVED
+CVE-2022-4306
+ RESERVED
+CVE-2022-4305
+ RESERVED
+CVE-2022-4304
+ RESERVED
+CVE-2022-4303
+ RESERVED
+CVE-2022-4302
+ RESERVED
+CVE-2022-4301
+ RESERVED
+CVE-2022-4300 (A vulnerability was found in FastCMS. It has been rated as
critical. T ...)
+ TODO: check
+CVE-2022-4299
+ RESERVED
+CVE-2022-4298
+ RESERVED
+CVE-2022-4297
+ RESERVED
+CVE-2022-4296 (A vulnerability classified as problematic has been found in
TP-Link TL ...)
+ TODO: check
CVE-2022-46663
RESERVED
CVE-2022-46651
@@ -594,10 +648,10 @@ CVE-2022-46385
RESERVED
CVE-2022-46384
RESERVED
-CVE-2022-46383
- RESERVED
-CVE-2022-46382
- RESERVED
+CVE-2022-46383 (RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8
through 4. ...)
+ TODO: check
+CVE-2022-46382 (RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8
through 4. ...)
+ TODO: check
CVE-2022-46381
RESERVED
CVE-2022-4280 (A vulnerability, which was classified as problematic, has been
found i ...)
@@ -1524,8 +1578,8 @@ CVE-2022-46163
RESERVED
CVE-2022-46162 (discourse-bbcode is the official BBCode plugin for Discourse.
Prior to ...)
NOT-FOR-US: BBCode plugin for Discourse
-CVE-2022-46161
- RESERVED
+CVE-2022-46161 (pdfmake is an open source client/server side PDF printing in
pure Java ...)
+ TODO: check
CVE-2022-46160
RESERVED
CVE-2022-46159 (Discourse is an open-source discussion platform. In version
2.8.13 and ...)
@@ -1538,8 +1592,8 @@ CVE-2022-46156 (The Synthetic Monitoring Agent for
Grafana's Synthetic Monitorin
NOT-FOR-US: Grafana Synthetic Monitoring
CVE-2022-46155 (Airtable.js is the JavaScript client for Airtable. Prior to
version 0. ...)
NOT-FOR-US: Airtable.js
-CVE-2022-46154
- RESERVED
+CVE-2022-46154 (Kodexplorer is a chinese language web based file manager and
browser b ...)
+ TODO: check
CVE-2022-46153
RESERVED
CVE-2022-46152 (OP-TEE Trusted OS is the secure side implementation of OP-TEE
project, ...)
@@ -1637,8 +1691,8 @@ CVE-2022-4149
RESERVED
CVE-2022-4148
RESERVED
-CVE-2022-4147
- RESERVED
+CVE-2022-4147 (Quarkus CORS filter allows simple GET and POST requests with
invalid O ...)
+ TODO: check
CVE-2022-46139
RESERVED
CVE-2022-46138
@@ -2971,8 +3025,8 @@ CVE-2022-45550
RESERVED
CVE-2022-45549
RESERVED
-CVE-2022-45548
- RESERVED
+CVE-2022-45548 (AyaCMS v3.1.2 has an Arbitrary File Upload vulnerability. ...)
+ TODO: check
CVE-2022-45547
RESERVED
CVE-2022-45546
@@ -3977,8 +4031,8 @@ CVE-2022-45328 (Church Management System v1.0 was
discovered to contain a SQL in
NOT-FOR-US: Church Management System
CVE-2022-45327
RESERVED
-CVE-2022-45326
- RESERVED
+CVE-2022-45326 (An XML external entity (XXE) injection vulnerability in
Kwoksys Kwok I ...)
+ TODO: check
CVE-2022-45325
RESERVED
CVE-2022-45324
@@ -4716,6 +4770,7 @@ CVE-2022-45063 (xterm before 375 allows code execution
via font ops, e.g., becau
NOTE: Debian sets defaults for allowWindowOps and allowFontOps
resources to false since
NOTE: 238-1, mitigating the issue.
CVE-2022-45062 (In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1,
there i ...)
+ {DSA-5296-1}
- xfce4-settings 4.16.4-1 (bug #1023732)
[buster] - xfce4-settings <not-affected> (The vulnerable code was
introduced later)
NOTE: https://gitlab.xfce.org/xfce/xfce4-settings/-/issues/390
@@ -7810,8 +7865,8 @@ CVE-2022-44291 (webTareas 2.4p5 was discovered to contain
a SQL injection vulner
NOT-FOR-US: webtareas
CVE-2022-44290 (webTareas 2.4p5 was discovered to contain a SQL injection
vulnerabilit ...)
NOT-FOR-US: webtareas
-CVE-2022-44289
- RESERVED
+CVE-2022-44289 (Thinkphp 5.1.41 and 5.0.24 has a code logic error which causes
file up ...)
+ TODO: check
CVE-2022-44288
RESERVED
CVE-2022-44287
@@ -10504,8 +10559,8 @@ CVE-2022-43869
RESERVED
CVE-2022-43868
RESERVED
-CVE-2022-43867
- RESERVED
+CVE-2022-43867 (IBM Spectrum Scale 5.1.0.1 through 5.1.4.1 could allow a local
attacke ...)
+ TODO: check
CVE-2022-43866
RESERVED
CVE-2022-43865
@@ -11951,8 +12006,8 @@ CVE-2022-43371
RESERVED
CVE-2022-43370
RESERVED
-CVE-2022-43369
- RESERVED
+CVE-2022-43369 (AutoTaxi Stand Management System v1.0 was discovered to
contain a cros ...)
+ TODO: check
CVE-2022-43368
RESERVED
CVE-2022-43367 (IP-COM EW9 V15.11.0.14(9732) was discovered to contain a
command injec ...)
@@ -11963,8 +12018,8 @@ CVE-2022-43365 (IP-COM EW9 V15.11.0.14(9732) was
discovered to contain a buffer
NOT-FOR-US: IP-COM EW9
CVE-2022-43364 (An access control issue in the password reset page of IP-COM
EW9 V15.1 ...)
NOT-FOR-US: IP-COM EW9
-CVE-2022-43363
- RESERVED
+CVE-2022-43363 (** DISPUTED ** Telegram Web 15.3.1 allows XSS via a certain
payload de ...)
+ TODO: check
CVE-2022-43362 (Senayan Library Management System v9.4.2 was discovered to
contain a S ...)
NOT-FOR-US: Senayan Library Management System
CVE-2022-43361 (Senayan Library Management System v9.4.2 was discovered to
contain a c ...)
@@ -16618,8 +16673,8 @@ CVE-2022-40218
RESERVED
CVE-2022-40216 (Auth. (subscriber+) Messaging Block Bypass vulnerability in
Better Mes ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-40209
- RESERVED
+CVE-2022-40209 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Xylus Th ...)
+ TODO: check
CVE-2022-40203
RESERVED
CVE-2022-40192 (Cross-Site Request Forgery (CSRF) vulnerability in wpForo
Forum plugin ...)
@@ -16717,10 +16772,10 @@ CVE-2022-41562
RESERVED
CVE-2022-41561
RESERVED
-CVE-2022-41560
- RESERVED
-CVE-2022-41559
- RESERVED
+CVE-2022-41560 (The Statement Set Upload via the Web Client component of TIBCO
Softwar ...)
+ TODO: check
+CVE-2022-41559 (The Web Client component of TIBCO Software Inc.'s TIBCO Nimbus
contain ...)
+ TODO: check
CVE-2022-41558 (The Visualizations component of TIBCO Software Inc.'s TIBCO
Spotfire A ...)
NOT-FOR-US: TIBCO
CVE-2022-41342
@@ -17374,8 +17429,7 @@ CVE-2022-3282 (The Drag and Drop Multiple File Upload
WordPress plugin before 1.
NOT-FOR-US: WordPress plugin
CVE-2022-41326 (The web conferencing component of Mitel MiCollab through
9.6.0.13 coul ...)
NOT-FOR-US: Mitel
-CVE-2022-41325
- RESERVED
+CVE-2022-41325 (An integer overflow in the VNC module in VideoLAN VLC Media
Player thr ...)
{DLA-3216-1}
- vlc 3.0.18-1
NOTE: https://www.videolan.org/security/sb-vlc3018.html
@@ -18880,8 +18934,8 @@ CVE-2022-40682
RESERVED
CVE-2022-40681
RESERVED
-CVE-2022-40680
- RESERVED
+CVE-2022-40680 (A improper neutralization of input during web page generation
('cross- ...)
+ TODO: check
CVE-2022-40679
RESERVED
CVE-2022-40678
@@ -25131,8 +25185,8 @@ CVE-2022-38381 (An improper handling of malformed
request vulnerability [CWE-228
NOT-FOR-US: FortiGuard
CVE-2022-38380 (An improper access control [CWE-284] vulnerability in FortiOS
version ...)
NOT-FOR-US: FortiGuard
-CVE-2022-38379
- RESERVED
+CVE-2022-38379 (Improper neutralization of input during web page generation
[CWE-79] i ...)
+ TODO: check
CVE-2022-38378
RESERVED
CVE-2022-38377 (An improper access control vulnerability [CWE-284] in
FortiManager 7.2 ...)
@@ -25879,8 +25933,8 @@ CVE-2022-38125
RESERVED
CVE-2022-38124
RESERVED
-CVE-2022-38123
- RESERVED
+CVE-2022-38123 (Improper Input Validation of plugin files in Administrator
Interface o ...)
+ TODO: check
CVE-2022-38122 (UPSMON PRO transmits sensitive data in cleartext over HTTP
protocol. A ...)
NOT-FOR-US: UPSMON PRO
CVE-2022-38121 (UPSMON PRO configuration file stores user password in
plaintext under ...)
@@ -31833,8 +31887,8 @@ CVE-2022-35845
RESERVED
CVE-2022-35844 (An improper neutralization of special elements used in an OS
command v ...)
NOT-FOR-US: FortiGuard
-CVE-2022-35843
- RESERVED
+CVE-2022-35843 (An authentication bypass by assumed-immutable data
vulnerability [CWE- ...)
+ TODO: check
CVE-2022-35842 (An exposure of sensitive information to an unauthorized actor
vulnerab ...)
NOT-FOR-US: FortiGuard
CVE-2022-35841 (Windows Enterprise App Management Service Remote Code
Execution Vulner ...)
@@ -36109,8 +36163,8 @@ CVE-2022-2191 (In Eclipse Jetty versions 10.0.0 thru
10.0.9, and 11.0.0 thru 11.
NOTE:
https://github.com/eclipse/jetty.project/security/advisories/GHSA-8mpp-f3f7-xc28
CVE-2022-34362
RESERVED
-CVE-2022-34361
- RESERVED
+CVE-2022-34361 (IBM Sterling Secure Proxy 6.0.3 uses weaker than expected
cryptographi ...)
+ TODO: check
CVE-2022-34360
RESERVED
CVE-2022-34359
@@ -37582,10 +37636,10 @@ CVE-2022-33878 (An exposure of sensitive information
to an unauthorized actor vu
NOT-FOR-US: FortiGuard
CVE-2022-33877
RESERVED
-CVE-2022-33876
- RESERVED
-CVE-2022-33875
- RESERVED
+CVE-2022-33876 (Multiple instances of improper input validation vulnerability
in Forti ...)
+ TODO: check
+CVE-2022-33875 (An improper neutralization of special elements used in an SQL
Command ...)
+ TODO: check
CVE-2022-33874 (An improper neutralization of special elements used in an OS
Command ( ...)
NOT-FOR-US: Fortiguard
CVE-2022-33873 (An improper neutralization of special elements used in an OS
Command ( ...)
@@ -41659,6 +41713,7 @@ CVE-2022-32210 (`Undici.ProxyAgent` never verifies the
remote server's certifica
- node-undici 5.6.1+dfsg1+~cs18.9.16-1
NOTE: https://github.com/advisories/GHSA-pgw7-wx7w-2w33
CVE-2022-32209 (# Possible XSS Vulnerability in Rails::Html::SanitizerThere is
a possi ...)
+ {DLA-3227-1}
- ruby-rails-html-sanitizer 1.4.3-0.1 (bug #1013806)
NOTE: https://hackerone.com/reports/1530898
NOTE:
https://discuss.rubyonrails.org/t/cve-2022-32209-possible-xss-vulnerability-in-rails-sanitizer/80800
@@ -47415,8 +47470,8 @@ CVE-2022-30307 (A key management error vulnerability
[CWE-320] affecting the RSA
NOT-FOR-US: FortiGuard
CVE-2022-30306
RESERVED
-CVE-2022-30305
- RESERVED
+CVE-2022-30305 (An insufficient logging [CWE-778] vulnerability in
FortiSandbox versio ...)
+ TODO: check
CVE-2022-30304
RESERVED
CVE-2022-30303
@@ -68311,20 +68366,20 @@ CVE-2022-23474
RESERVED
CVE-2022-23473
RESERVED
-CVE-2022-23472
- RESERVED
+CVE-2022-23472 (Passeo is an open source python password generator. Versions
prior to ...)
+ TODO: check
CVE-2022-23471
RESERVED
-CVE-2022-23470
- RESERVED
+CVE-2022-23470 (Galaxy is an open-source platform for data analysis. An
arbitrary file ...)
+ TODO: check
CVE-2022-23469
RESERVED
CVE-2022-23468
RESERVED
CVE-2022-23467 (OpenRazer is an open source driver and user-space daemon to
control Ra ...)
TODO: check
-CVE-2022-23466
- RESERVED
+CVE-2022-23466 (teler is an real-time intrusion detection and threat alert
dashboard. ...)
+ TODO: check
CVE-2022-23465 (SwiftTerm is a Xterm/VT100 Terminal emulator. Prior to commit
a94e6b24 ...)
TODO: check
CVE-2022-23464 (Nepxion Discovery is a solution for Spring Cloud. Discovery is
vulnera ...)
@@ -80464,6 +80519,7 @@ CVE-2022-21706 (Zulip is an open-source team
collaboration tool with topic-based
CVE-2022-21705 (Octobercms is a self-hosted CMS platform based on the Laravel
PHP Fram ...)
NOT-FOR-US: October CMS
CVE-2022-21704 (log4js-node is a port of log4js to node.js. In affected
versions defau ...)
+ {DLA-3229-1}
- node-log4js 6.4.1+~cs8.3.5-1
[bullseye] - node-log4js 6.3.0+~cs8.3.10-1+deb11u1
[stretch] - node-log4js <end-of-life> (Nodejs in stretch not covered by
security support)
@@ -84786,6 +84842,7 @@ CVE-2021-43176 (The GOautodial API prior to commit
3c3a979 made on October 13th,
CVE-2021-43175 (The GOautodial API prior to commit 3c3a979 made on October
13th, 2021 ...)
NOT-FOR-US: GOautodial API
CVE-2021-3918 (json-schema is vulnerable to Improperly Controlled Modification
of Obj ...)
+ {DLA-3228-1}
- node-json-schema 0.4.0+~7.0.9-1 (bug #999765)
[bullseye] - node-json-schema 0.3.0+~7.0.6-1+deb11u1
NOTE:
https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741
(v0.4.0)
@@ -142108,47 +142165,47 @@ CVE-2020-35638
CVE-2020-35637
RESERVED
CVE-2020-35636 (A code execution vulnerability exists in the Nef
polygon-parsing funct ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-35635 (A code execution vulnerability exists in the Nef
polygon-parsing funct ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-35634 (A code execution vulnerability exists in the Nef
polygon-parsing funct ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-35633 (A code execution vulnerability exists in the Nef
polygon-parsing funct ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-35632 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-35631 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-35630 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-35629 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-35628 (A code execution vulnerability exists in the Nef
polygon-parsing funct ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
@@ -152580,183 +152637,183 @@ CVE-2020-28638 (ask_password in Tomb 2.0 through
2.7 returns a warning when pine
CVE-2020-28637
RESERVED
CVE-2020-28636 (A code execution vulnerability exists in the Nef
polygon-parsing funct ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28635 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28634 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28633 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28632 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28631 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28630 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28629 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28628 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28627 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28626 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28625 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28624 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28623 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28622 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28621 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28620 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28619 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28618 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28617 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28616 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28615 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28614 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28613 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28612 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28611 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28610 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28609 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE: The code snippet in the TALOS report marks the wrong line. The
description hints 4 lines earlier.
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28608 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28607 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28606 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28605 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28604 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28603 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28602 (Multiple code execution vulnerabilities exists in the Nef
polygon-pars ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
CVE-2020-28601 (A code execution vulnerability exists in the Nef
polygon-parsing funct ...)
- {DLA-2649-1}
+ {DLA-3226-1 DLA-2649-1}
- cgal 5.2-3 (bug #985671)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
NOTE:
https://github.com/CGAL/cgal/commit/e1870c15224ddd5d79b1df5b8248e4c6813d7398
@@ -209844,8 +209901,8 @@ CVE-2020-6629 (Ming (aka libming) 0.4.8 has z NULL
pointer dereference in the fu
CVE-2020-6628 (Ming (aka libming) 0.4.8 has a heap-based buffer over-read in
the func ...)
- ming <removed>
NOTE: https://github.com/libming/libming/issues/191
-CVE-2020-6627
- RESERVED
+CVE-2020-6627 (The web-management application on Seagate Central NAS
STCG2000300, STC ...)
+ TODO: check
CVE-2020-6626
RESERVED
CVE-2020-6625 (jhead through 3.04 has a heap-based buffer over-read in Get32s
when ca ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02db06f04ef67b98fcd6c75377e4f45fdba8a5e8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02db06f04ef67b98fcd6c75377e4f45fdba8a5e8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
