Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a338d3e8 by security tracker role at 2022-12-10T08:10:18+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,39 @@
+CVE-2022-46906
+ RESERVED
+CVE-2022-46905
+ RESERVED
+CVE-2022-46904
+ RESERVED
+CVE-2022-46903
+ RESERVED
+CVE-2022-46902
+ RESERVED
+CVE-2022-46901
+ RESERVED
+CVE-2022-46900
+ RESERVED
+CVE-2022-46899
+ RESERVED
+CVE-2022-46898
+ RESERVED
+CVE-2022-46897
+ RESERVED
+CVE-2022-46896
+ RESERVED
+CVE-2022-46895
+ RESERVED
+CVE-2022-46894
+ RESERVED
+CVE-2022-46893
+ RESERVED
+CVE-2022-4395
+ RESERVED
+CVE-2022-4394
+ RESERVED
+CVE-2022-4393
+ RESERVED
+CVE-2022-4392
+ RESERVED
CVE-2022-46892
RESERVED
CVE-2022-46891
@@ -110,8 +146,8 @@ CVE-2022-46838
RESERVED
CVE-2022-4391
RESERVED
-CVE-2022-4390
- RESERVED
+CVE-2022-4390 (A network misconfiguration is present in versions prior to
1.0.9.90 of ...)
+ TODO: check
CVE-2022-4389
RESERVED
CVE-2022-4388
@@ -2284,8 +2320,8 @@ CVE-2022-46168
RESERVED
CVE-2022-46167 (Capsule is a multi-tenancy and policy-based framework for
Kubernetes. ...)
NOT-FOR-US: Capsule
-CVE-2022-46166
- RESERVED
+CVE-2022-46166 (Spring boot admins is an open source administrative user
interface for ...)
+ TODO: check
CVE-2022-46165
RESERVED
CVE-2022-46164 (NodeBB is an open source Node.js based forum software. Due to
a plain ...)
@@ -2302,8 +2338,8 @@ CVE-2022-46159 (Discourse is an open-source discussion
platform. In version 2.8.
NOT-FOR-US: Discourse
CVE-2022-46158 (PrestaShop is an open-source e-commerce solution. Versions
prior to 1. ...)
NOT-FOR-US: PrestaShop
-CVE-2022-46157
- RESERVED
+CVE-2022-46157 (Akeneo PIM is an open source Product Information Management
(PIM). Ake ...)
+ TODO: check
CVE-2022-46156 (The Synthetic Monitoring Agent for Grafana's Synthetic
Monitoring appl ...)
NOT-FOR-US: Grafana Synthetic Monitoring
CVE-2022-46155 (Airtable.js is the JavaScript client for Airtable. Prior to
version 0. ...)
@@ -4814,8 +4850,8 @@ CVE-2022-45294
RESERVED
CVE-2022-45293
RESERVED
-CVE-2022-45292
- RESERVED
+CVE-2022-45292 (User invites for Funkwhale v1.2.8 do not permanently expire
after bein ...)
+ TODO: check
CVE-2022-45291
RESERVED
CVE-2022-45290 (Kbase Doc v1.0 was discovered to contain an arbitrary file
deletion vu ...)
@@ -6154,8 +6190,8 @@ CVE-2022-44792 (handle_ipDefaultTTL in
agent/mibgroup/ip-mib/ip_scalars.c in Net
NOTE:
https://gist.github.com/menglong2234/b7bc13ae1a144f47cc3c95a7ea062428
CVE-2022-44791
RESERVED
-CVE-2022-44790
- RESERVED
+CVE-2022-44790 (Interspire Email Marketer through 6.5.1 allows SQL Injection
via the s ...)
+ TODO: check
CVE-2022-44789 (A logical issue in O_getOwnPropertyDescriptor() in Artifex
MuJS 1.0.0 ...)
{DSA-5291-1}
- mujs 1.3.2-1 (bug #1024769)
@@ -24639,8 +24675,8 @@ CVE-2022-38746
RESERVED
CVE-2022-38745
RESERVED
-CVE-2022-2993
- RESERVED
+CVE-2022-2993 (There is an error in the condition of the last if-statement in
the fun ...)
+ TODO: check
CVE-2022-2992 (A vulnerability in GitLab CE/EE affecting all versions from
11.10 prio ...)
[experimental] - gitlab 15.2.3+ds1-1
- gitlab <unfixed>
@@ -37088,8 +37124,8 @@ CVE-2022-34299 (There is a heap-based buffer over-read
in libdwarf 0.4.0. This i
NOTE: https://www.prevanders.net/dwarfbug.html#DW202206-001
CVE-2022-34298 (The NT auth module in OpenAM before 14.6.6 allows a "replace
Samba use ...)
NOT-FOR-US: OpenAM (different from src:openam)
-CVE-2022-34297
- RESERVED
+CVE-2022-34297 (Yii Yii2 Gii through 2.2.4 allows stored XSS by injecting a
payload in ...)
+ TODO: check
CVE-2022-34296 (In Zalando Skipper before 0.13.218, a query predicate could be
bypasse ...)
NOT-FOR-US: Zalando Skipper
CVE-2022-34295 (totd before 1.5.3 does not properly randomize mesg IDs. ...)
@@ -69040,8 +69076,8 @@ CVE-2022-23512
RESERVED
CVE-2022-23511
RESERVED
-CVE-2022-23510
- RESERVED
+CVE-2022-23510 (cube-js is a headless business intelligence platform. In
version 0.31. ...)
+ TODO: check
CVE-2022-23509
RESERVED
CVE-2022-23508
@@ -69066,8 +69102,8 @@ CVE-2022-23499
RESERVED
CVE-2022-23498
RESERVED
-CVE-2022-23497
- RESERVED
+CVE-2022-23497 (FreshRSS is a free, self-hostable RSS aggregator. User
configuration f ...)
+ TODO: check
CVE-2022-23496 (Yet Another UserAgent Analyzer (Yauaa) is a java library that
tries to ...)
TODO: check
CVE-2022-23495 (go-merkledag implements the 'DAGService' interface and adds
two ipld n ...)
@@ -69090,8 +69126,8 @@ CVE-2022-23487 (js-libp2p is the official javascript
Implementation of libp2p ne
TODO: check
CVE-2022-23486 (libp2p-rust is the official rust language Implementation of
the libp2p ...)
TODO: check
-CVE-2022-23485
- RESERVED
+CVE-2022-23485 (Sentry is an error tracking and performance monitoring
platform. In ve ...)
+ TODO: check
CVE-2022-23484 (xrdp is an open source project which provides a graphical
login to rem ...)
TODO: check
CVE-2022-23483 (xrdp is an open source project which provides a graphical
login to rem ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a338d3e83d112a142643e369c85c8733b9459f0b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a338d3e83d112a142643e369c85c8733b9459f0b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
