Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
efaf8ea4 by security tracker role at 2022-12-12T08:10:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,13 @@
+CVE-2022-46908 (SQLite through 3.40.0, when relying on --safe for execution of
an untr ...)
+ TODO: check
+CVE-2022-4416
+ RESERVED
+CVE-2022-4415
+ RESERVED
+CVE-2022-4414 (Cross-site Scripting (XSS) - DOM in GitHub repository
nuxt/framework p ...)
+ TODO: check
+CVE-2022-4413 (Cross-site Scripting (XSS) - Reflected in GitHub repository
nuxt/frame ...)
+ TODO: check
CVE-2022-4412
RESERVED
CVE-2022-4411
@@ -3393,16 +3403,16 @@ CVE-2022-45762
RESERVED
CVE-2022-45761
RESERVED
-CVE-2022-45760
- RESERVED
-CVE-2022-45759
- RESERVED
-CVE-2022-45758
- RESERVED
+CVE-2022-45760 (SENS v1.0 is vulnerable to Incorrect Access Control
vulnerability. ...)
+ TODO: check
+CVE-2022-45759 (SENS v1.0 has a file upload vulnerability. ...)
+ TODO: check
+CVE-2022-45758 (SENS v1.0 is vulnerable to Cross Site Scripting (XSS) via
com.liuyanzh ...)
+ TODO: check
CVE-2022-45757
RESERVED
-CVE-2022-45756
- RESERVED
+CVE-2022-45756 (SENS v1.0 is vulnerable to Cross Site Scripting (XSS). ...)
+ TODO: check
CVE-2022-45755
RESERVED
CVE-2022-45754
@@ -5022,10 +5032,10 @@ CVE-2022-45230
RESERVED
CVE-2022-45229
RESERVED
-CVE-2022-45228
- RESERVED
-CVE-2022-45227
- RESERVED
+CVE-2022-45228 (Dragino Lora LG01 18ed40 IoT v4.3.4 was discovered to contain
a Cross- ...)
+ TODO: check
+CVE-2022-45227 (The web portal of Dragino Lora LG01 18ed40 IoT v4.3.4 has the
director ...)
+ TODO: check
CVE-2022-45226
RESERVED
CVE-2022-45225 (Book Store Management System v1.0 was discovered to contain a
cross-si ...)
@@ -7664,8 +7674,8 @@ CVE-2022-44638 (In libpixman in Pixman before 0.42.2,
there is an out-of-bounds
NOTE:
https://gitlab.freedesktop.org/pixman/pixman/-/commit/a1f88e842e0216a5b4df1ab023caebe33c101395
(pixman-0.42.2)
NOTE: https://gitlab.freedesktop.org/pixman/pixman/-/issues/63
NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=2345
-CVE-2022-44637
- RESERVED
+CVE-2022-44637 (Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent
XSS in i ...)
+ TODO: check
CVE-2022-44636
RESERVED
CVE-2022-3846 (The Workreap WordPress theme before 2.6.3 has a vulnerability
with the ...)
@@ -9186,8 +9196,8 @@ CVE-2022-44032 (An issue was discovered in the Linux
kernel through 6.0.6. drive
- linux <unfixed>
NOTE: https://lore.kernel.org/lkml/20220915020834.GA110086@ubuntu/
NOTE: https://lore.kernel.org/lkml/20220919040701.GA302806@ubuntu/
-CVE-2022-44031
- RESERVED
+CVE-2022-44031 (Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent
XSS in i ...)
+ TODO: check
CVE-2022-44030 (Redmine 5.x before 5.0.4 allows downloading of file
attachments of any ...)
- redmine <unfixed>
NOTE: https://www.redmine.org/projects/redmine/wiki/Security_Advisories
@@ -44669,8 +44679,8 @@ CVE-2022-31598 (Due to insufficient input validation,
SAP Business Objects - ver
NOT-FOR-US: SAP
CVE-2022-31597 (Within SAP S/4HANA - versions S4CORE 101, 102, 103, 104, 105,
106, SAP ...)
NOT-FOR-US: SAP
-CVE-2022-31596
- RESERVED
+CVE-2022-31596 (Under certain conditions, an attacker authenticated as a CMS
administr ...)
+ TODO: check
CVE-2022-31595 (SAP Financial Consolidation - version 1010,�does not
perform ne ...)
NOT-FOR-US: SAP
CVE-2022-31594 (A highly privileged user can exploit SUID-root program to
escalate his ...)
@@ -61446,10 +61456,10 @@ CVE-2022-0744
RESERVED
CVE-2022-25838 (Laravel Fortify before 1.11.1 allows reuse within a short time
window, ...)
NOT-FOR-US: Laravel Fortify
-CVE-2022-25837
- RESERVED
-CVE-2022-25836
- RESERVED
+CVE-2022-25837 (Bluetooth® Pairing in Bluetooth Core Specification v1.0B
through ...)
+ TODO: check
+CVE-2022-25836 (Bluetooth® Low Energy Pairing in Bluetooth Core
Specification v4. ...)
+ TODO: check
CVE-2022-25835
RESERVED
CVE-2022-25834
@@ -74108,7 +74118,7 @@ CVE-2021-45943 (GDAL 3.3.0 through 3.4.0 has a
heap-based buffer overflow in PCI
NOTE:
https://github.com/OSGeo/gdal/commit/9b2bcbc47d1649adc0ab65b801f96f56156cf017
(v3.4.1RC1)
NOTE:
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/gdal/OSV-2021-1651.yaml
CVE-2021-45942 (OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in
Imf_3_1 ...)
- {DSA-5299-1}
+ {DSA-5299-1 DLA-3236-1}
[experimental] - openexr 3.1.4-1
- openexr 3.1.5-2 (bug #1014828)
[stretch] - openexr <no-dsa> (Minor issue)
@@ -83608,7 +83618,7 @@ CVE-2021-3942 (Certain HP Print products and Digital
Sending products may be vul
CVE-2021-43557 (The uri-block plugin in Apache APISIX before 2.10.2 uses
$request_uri ...)
NOT-FOR-US: Apache Apisix
CVE-2021-3941 (In ImfChromaticities.cpp routine RGBtoXYZ(), there are some
division o ...)
- {DSA-5299-1}
+ {DSA-5299-1 DLA-3236-1}
[experimental] - openexr 3.1.3-1
- openexr 3.1.5-2 (bug #1014828)
[stretch] - openexr <no-dsa> (Minor issue)
@@ -83796,7 +83806,7 @@ CVE-2021-3935 (When PgBouncer is configured to use
"cert" authentication, a man-
CVE-2021-3934 (ohmyzsh is vulnerable to Improper Neutralization of Special
Elements u ...)
NOT-FOR-US: ohmyzsh
CVE-2021-3933 (An integer overflow could occur when OpenEXR processes a
crafted file ...)
- {DSA-5299-1}
+ {DSA-5299-1 DLA-3236-1}
[experimental] - openexr 3.1.3-1
- openexr 3.1.5-2 (bug #1014828)
[stretch] - openexr <not-affected> (Vulnerable code not present)
@@ -108269,7 +108279,7 @@ CVE-2021-34697 (A vulnerability in the Protection
Against Distributed Denial of
CVE-2021-34696 (A vulnerability in the access control list (ACL) programming
of Cisco ...)
NOT-FOR-US: Cisco
CVE-2021-3605 (There's a flaw in OpenEXR's rleUncompress functionality in
versions pr ...)
- {DSA-5299-1 DLA-2732-1}
+ {DSA-5299-1 DLA-3236-1 DLA-2732-1}
- openexr 2.5.7-1 (bug #990899)
NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/1036
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/25259a84827234a283f6f9db72978198c7a3f268
(master)
@@ -108347,7 +108357,7 @@ CVE-2021-34676 (Basix NEX-Forms through 7.8.7 allows
authentication bypass for E
CVE-2021-34675 (Basix NEX-Forms through 7.8.7 allows authentication bypass for
stored ...)
NOT-FOR-US: Basix NEX-Forms
CVE-2021-3598 (There's a flaw in OpenEXR's ImfDeepScanLineInputFile
functionality in ...)
- {DSA-5299-1 DLA-2701-1}
+ {DSA-5299-1 DLA-3236-1 DLA-2701-1}
- openexr 2.5.7-1 (bug #990450)
NOTE: https://github.com/AcademySoftwareFoundation/openexr/issues/1033
NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/1037
@@ -116541,7 +116551,7 @@ CVE-2021-26945 (An integer overflow leading to a
heap-buffer overflow was found
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/2f01a253db2bc82724405a16c76783c38c67ba05
NOTE: Only affects exrcheck, which isn't built into the binary packages
CVE-2021-26260 (An integer overflow leading to a heap-buffer overflow was
found in the ...)
- {DSA-5299-1 DLA-2701-1}
+ {DSA-5299-1 DLA-3236-1 DLA-2701-1}
- openexr 2.5.7-1 (bug #992703)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1947582
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29423
@@ -116549,7 +116559,7 @@ CVE-2021-26260 (An integer overflow leading to a
heap-buffer overflow was found
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/088a61434568cedf3ac1521c44584be397909078
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/4212416433a230334cef0ac122cb8d722746035d
(2.5)
CVE-2021-23215 (An integer overflow leading to a heap-buffer overflow was
found in the ...)
- {DSA-5299-1 DLA-2701-1}
+ {DSA-5299-1 DLA-3236-1 DLA-2701-1}
- openexr 2.5.7-1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1947586
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29653
@@ -121630,13 +121640,13 @@ CVE-2021-3480 (A flaw was found in slapi-nis in
versions before 0.56.7. A NULL p
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1944640
NOTE:
https://pagure.io/slapi-nis/c/c7417ea2d534712e559b56ed45baa91c5d3d44db?branch=master
CVE-2021-3479 (There's a flaw in OpenEXR's Scanline API functionality in
versions bef ...)
- {DLA-2701-1}
+ {DLA-3236-1 DLA-2701-1}
- openexr 2.5.4-1 (bug #986796)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25370
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/d80f11f4f55100d007ae80a162bf257ec291612c
NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/830
CVE-2021-3478 (There's a flaw in OpenEXR's scanline input file functionality
in versi ...)
- {DLA-2701-1}
+ {DLA-3236-1 DLA-2701-1}
- openexr 2.5.4-1 (bug #986796)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27409
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1939160
@@ -121644,7 +121654,7 @@ CVE-2021-3478 (There's a flaw in OpenEXR's scanline
input file functionality in
NOTE: Depends on prior v3 checks
https://github.com/AcademySoftwareFoundation/openexr/commit/0963ff1c4fcb3e748a9386685622747bfef00eb1
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/0c2b46f630a3b5f2f561c2849d047ee39f899179
(2.5)
CVE-2021-3477 (There's a flaw in OpenEXR's deep tile sample size calculations
in vers ...)
- {DLA-2701-1}
+ {DLA-3236-1 DLA-2701-1}
- openexr 2.5.4-1 (bug #986796)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26956
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1939159
@@ -122241,17 +122251,17 @@ CVE-2021-29425 (In Apache Commons IO before 2.7,
When invoking the method FileNa
NOTE: https://www.openwall.com/lists/oss-security/2021/04/12/1
NOTE: https://issues.apache.org/jira/browse/IO-556
CVE-2021-3476 (A flaw was found in OpenEXR's B44 uncompression functionality
in versi ...)
- {DLA-2701-1}
+ {DLA-3236-1 DLA-2701-1}
- openexr 2.5.4-1 (bug #986796)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24787
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/eec0dba242bedd2778c973ae4af112107b33d9c9
CVE-2021-3475 (There is a flaw in OpenEXR in versions before 3.0.0-beta. An
attacker ...)
- {DLA-2701-1}
+ {DLA-3236-1 DLA-2701-1}
- openexr 2.5.4-1 (bug #986796)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25297
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/2a18ed424a854598c2a20b5dd7e782b436a1e753
CVE-2021-3474 (There's a flaw in OpenEXR in versions before 3.0.0-beta. A
crafted inp ...)
- {DLA-2701-1}
+ {DLA-3236-1 DLA-2701-1}
- openexr 2.5.4-1 (bug #986796)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24831
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/c3ed4a1db1f39bf4524a644cb2af81dc8cfab33f
@@ -146006,30 +146016,31 @@ CVE-2021-20304 (A flaw was found in OpenEXR's
hufDecode functionality. This flaw
NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/849
NOTE: Negligible security impact
CVE-2021-20303 (A flaw found in function dataWindowForTile() of
IlmImf/ImfTiledMisc.cp ...)
- {DLA-2732-1}
+ {DLA-3236-1 DLA-2732-1}
- openexr 2.5.4-1
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25505
NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/831
CVE-2021-20302 (A flaw was found in OpenEXR's TiledInputFile functionality.
This flaw ...)
- {DLA-2732-1}
+ {DLA-3236-1 DLA-2732-1}
- openexr 2.5.4-1
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25894
NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/842
CVE-2021-20301
REJECTED
CVE-2021-20300 (A flaw was found in OpenEXR's hufUncompress functionality in
OpenEXR/I ...)
- {DLA-2732-1}
+ {DLA-3236-1 DLA-2732-1}
- openexr 2.5.4-1
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25562
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/ed560b8a932c78d5e8e5990ce36fe7808b35d9f0
(master)
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/4212416433a230334cef0ac122cb8d722746035d
(2.5.x)
CVE-2021-20299 (A flaw was found in OpenEXR's Multipart input file
functionality. A cr ...)
- {DLA-2732-1}
+ {DLA-3236-1 DLA-2732-1}
- openexr 2.5.4-1
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25740
NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/840
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/25e9515b06a6bc293d871622b8cafaee7af84e0f
CVE-2021-20298 (A flaw was found in OpenEXR's B44Compressor. This flaw allows
an attac ...)
+ {DLA-3236-1}
- openexr 2.5.4-1
[stretch] - openexr <postponed> (Minor issue, OOM, revisit when there's
a full fix upstream)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25913
@@ -146043,7 +146054,7 @@ CVE-2021-20297 (A flaw was found in NetworkManager in
versions before 1.30.0. Se
NOTE: Introduced by:
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/3ced486f4162edcd03ff42fa27535130aff0c86c
(1.26-rc2)
NOTE: Fixed by:
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/420784e342da4883f6debdfe10cde68507b10d27
CVE-2021-20296 (A flaw was found in OpenEXR in versions before 3.0.0-beta. A
crafted i ...)
- {DLA-2701-1}
+ {DLA-3236-1 DLA-2701-1}
- openexr 2.5.4-1 (bug #986796)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24854
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/b0c63c0b96eb9b0d3998f603e12f9f414fb0d44a
@@ -183125,17 +183136,17 @@ CVE-2020-16590 (A double free vulnerability exists
in the Binary File Descriptor
NOTE:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c98a4545dc7bf2bcaf1de539c4eb84784680eaa4
NOTE: binutils not covered by security support
CVE-2020-16589 (A head-based buffer overflow exists in Academy Software
Foundation Ope ...)
- {DLA-2491-1}
+ {DLA-3236-1 DLA-2491-1}
- openexr 2.5.3-2
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/6bb36714528a9563dd3b92720c5063a1284b86f8
(v2.4.0-beta.1)
NOTE: https://github.com/AcademySoftwareFoundation/openexr/issues/494
CVE-2020-16588 (A Null Pointer Deference issue exists in Academy Software
Foundation O ...)
- {DLA-2491-1}
+ {DLA-3236-1 DLA-2491-1}
- openexr 2.5.3-2
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/74504503cff86e986bac441213c403b0ba28d58f
(v2.4.0-beta.1)
NOTE: https://github.com/AcademySoftwareFoundation/openexr/issues/493
CVE-2020-16587 (A heap-based buffer overflow vulnerability exists in Academy
Software ...)
- {DLA-2701-1}
+ {DLA-3236-1 DLA-2701-1}
- openexr 2.5.3-2
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/8b5370c688a7362673c3a5256d93695617a4cd9a
(v2.4.0-beta.1)
NOTE: https://github.com/AcademySoftwareFoundation/openexr/issues/491
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/efaf8ea4250bff9567ff401cd59e62a96c55059b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/efaf8ea4250bff9567ff401cd59e62a96c55059b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
