[Git][security-tracker-team/security-tracker][master] four airflow related issues not in airflow itself

Moritz Muehlenhoff (@jmm) Fri, 09 Dec 2022 12:32:44 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
db8af07b by Moritz Muehlenhoff at 2022-12-09T21:32:25+01:00
four airflow related  issues not in airflow itself

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -18697,7 +18697,7 @@ CVE-2017-20147 (In the ebuild package through 
smokeping-2.7.3-r1 for SmokePing o
 CVE-2016-20015 (In the ebuild package through smokeping-2.7.3-r1 for SmokePing 
on Gent ...)
        NOT-FOR-US: ebuild package for SmokePing on Gentoo
 CVE-2022-41131 (Improper Neutralization of Special Elements used in an OS 
Command ('OS ...)
-       - airflow <itp> (bug #819700)
+       NOT-FOR-US: Airflow Hive provider
 CVE-2022-41130
        RESERVED
 CVE-2022-41129
@@ -19067,7 +19067,7 @@ CVE-2022-40956
 CVE-2022-40955 (In versions of Apache InLong prior to 1.3.0, an attacker with 
sufficie ...)
        NOT-FOR-US: Apache InLong
 CVE-2022-40954 (Improper Neutralization of Special Elements used in an OS 
Command ('OS ...)
-       - airflow <itp> (bug #819700)
+       NOT-FOR-US: Airflow Spark provider
 CVE-2022-40701
        RESERVED
 CVE-2022-40220
@@ -20849,7 +20849,7 @@ CVE-2022-40194 (Unauthenticated Sensitive Information 
Disclosure vulnerability i
 CVE-2022-40191 (Authenticated (subscriber+) Stored Cross-Site Scripting (XSS) 
vulnerab ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-40189 (Improper Neutralization of Special Elements used in an OS 
Command ('OS ...)
-       - airflow <itp> (bug #819700)
+       NOT-FOR-US: Airflow Pig provider
 CVE-2022-40132 (Cross-Site Request Forgery (CSRF) vulnerability in Seriously 
Simple Po ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-38976
@@ -24979,7 +24979,7 @@ CVE-2022-38651 (** UNSUPPORTED WHEN ASSIGNED ** A 
security filter misconfigurati
 CVE-2022-38650 (** UNSUPPORTED WHEN ASSIGNED ** A remote unauthenticated 
insecure dese ...)
        NOT-FOR-US: VMware
 CVE-2022-38649 (Improper Neutralization of Special Elements used in an OS 
Command ('OS ...)
-       - airflow <itp> (bug #819700)
+       NOT-FOR-US: Airflow Pinot provider
 CVE-2022-38648 (Server-Side Request Forgery (SSRF) vulnerability in Batik of 
Apache XM ...)
        - batik 1.15+dfsg-1 (bug #1020589)
        [bullseye] - batik <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db8af07b70a079644f1261069f709781d3dcb745

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db8af07b70a079644f1261069f709781d3dcb745
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] four airflow related issues not in airflow itself

Reply via email to