[Git][security-tracker-team/security-tracker][master] Add three new trafficserver issues

Mon, 19 Dec 2022 23:16:06 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3297b0aa by Salvatore Bonaccorso at 2022-12-20T08:15:24+01:00
Add three new trafficserver issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -22852,7 +22852,9 @@ CVE-2022-40745
 CVE-2022-40744
        RESERVED
 CVE-2022-40743 (Improper Input Validation vulnerability for the xdebug plugin 
in Apach ...)
-       TODO: check
+       - trafficserver <unfixed>
+       NOTE: https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02
+       TODO: check, appears to affect only 9.1.x versions
 CVE-2022-3233 (Cross-Site Request Forgery (CSRF) in GitHub repository 
ikus060/rdiffwe ...)
        - rdiffweb <itp> (bug #969974)
 CVE-2022-3232 (Cross-Site Request Forgery (CSRF) in GitHub repository 
ikus060/rdiffwe ...)
@@ -31943,7 +31945,8 @@ CVE-2022-37393 (Zimbra's sudo configuration permits the 
zimbra user to execute t
 CVE-2022-2634 (An attacker may be able to execute malicious actions due to the 
lack o ...)
        NOT-FOR-US: Digi ConnectPort X2D
 CVE-2022-37392 (Improper Check for Unusual or Exceptional Conditions 
vulnerability in  ...)
-       TODO: check
+       - trafficserver <unfixed>
+       NOTE: https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02
 CVE-2022-37391
        RESERVED
 CVE-2022-37390
@@ -44316,7 +44319,8 @@ CVE-2022-32751
 CVE-2022-32750 (IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 
through 10.0 ...)
        NOT-FOR-US: IBM
 CVE-2022-32749 (Improper Check for Unusual or Exceptional Conditions 
vulnerability han ...)
-       TODO: check
+       - trafficserver <unfixed>
+       NOTE: https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02
 CVE-2022-32748
        RESERVED
 CVE-2022-32747



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3297b0aac7c1a16c88e837eb5ed28e12ae5d0d9e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3297b0aac7c1a16c88e837eb5ed28e12ae5d0d9e
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to