Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d7c879cb by security tracker role at 2023-01-16T20:10:33+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,131 @@
+CVE-2023-23637
+ RESERVED
+CVE-2023-23636
+ RESERVED
+CVE-2023-23635
+ RESERVED
+CVE-2023-23634
+ RESERVED
+CVE-2023-23633
+ RESERVED
+CVE-2023-23632
+ RESERVED
+CVE-2023-23631
+ RESERVED
+CVE-2023-23630
+ RESERVED
+CVE-2023-23629
+ RESERVED
+CVE-2023-23628
+ RESERVED
+CVE-2023-23627
+ RESERVED
+CVE-2023-23626
+ RESERVED
+CVE-2023-23625
+ RESERVED
+CVE-2023-23624
+ RESERVED
+CVE-2023-23623
+ RESERVED
+CVE-2023-23622
+ RESERVED
+CVE-2023-23621
+ RESERVED
+CVE-2023-23620
+ RESERVED
+CVE-2023-23619
+ RESERVED
+CVE-2023-23618
+ RESERVED
+CVE-2023-23617
+ RESERVED
+CVE-2023-23616
+ RESERVED
+CVE-2023-23615
+ RESERVED
+CVE-2023-23614
+ RESERVED
+CVE-2023-23613
+ RESERVED
+CVE-2023-23612
+ RESERVED
+CVE-2023-23611
+ RESERVED
+CVE-2023-23610
+ RESERVED
+CVE-2023-23609
+ RESERVED
+CVE-2023-23608
+ RESERVED
+CVE-2023-23607
+ RESERVED
+CVE-2023-23606
+ RESERVED
+CVE-2023-23605
+ RESERVED
+CVE-2023-23604
+ RESERVED
+CVE-2023-23603
+ RESERVED
+CVE-2023-23602
+ RESERVED
+CVE-2023-23601
+ RESERVED
+CVE-2023-23600
+ RESERVED
+CVE-2023-23599
+ RESERVED
+CVE-2023-23598
+ RESERVED
+CVE-2023-23597
+ RESERVED
+CVE-2023-0328
+ RESERVED
+CVE-2023-0327 (A vulnerability was found in saemorris TheRadSystem. It has
been class ...)
+ TODO: check
+CVE-2023-0326
+ RESERVED
+CVE-2023-0325
+ RESERVED
+CVE-2023-0324 (A vulnerability was found in SourceCodester Online Tours &
Travels ...)
+ TODO: check
+CVE-2023-0323 (Cross-site Scripting (XSS) - Stored in GitHub repository
pimcore/pimco ...)
+ TODO: check
+CVE-2023-0322
+ RESERVED
+CVE-2023-0321
+ RESERVED
+CVE-2023-0320
+ RESERVED
+CVE-2023-0319
+ RESERVED
+CVE-2023-0318
+ RESERVED
+CVE-2023-0317
+ RESERVED
+CVE-2022-4891
+ RESERVED
+CVE-2017-20170
+ RESERVED
+CVE-2016-15021
+ RESERVED
+CVE-2015-10064
+ RESERVED
+CVE-2015-10063
+ RESERVED
+CVE-2015-10062
+ RESERVED
+CVE-2015-10061
+ RESERVED
+CVE-2015-10060
+ RESERVED
+CVE-2015-10059
+ RESERVED
+CVE-2015-10058
+ RESERVED
+CVE-2013-10013
+ RESERVED
CVE-2023-0316 (Path Traversal: '\..\filename' in GitHub repository
froxlor/froxlor pr ...)
- froxlor <itp> (bug #581792)
CVE-2023-0315 (Command Injection in GitHub repository froxlor/froxlor prior to
2.0.8. ...)
@@ -29,30 +157,30 @@ CVE-2023-0304 (A vulnerability classified as critical has
been found in SourceCo
NOT-FOR-US: SourceCodester Online Food Ordering System
CVE-2023-0303 (A vulnerability was found in SourceCodester Online Food
Ordering Syste ...)
NOT-FOR-US: SourceCodester Online Food Ordering System
-CVE-2022-4890
- RESERVED
-CVE-2021-4313
- RESERVED
-CVE-2018-25076
- RESERVED
-CVE-2016-15020
- RESERVED
-CVE-2015-10057
- RESERVED
-CVE-2015-10056
- RESERVED
-CVE-2015-10055
- RESERVED
-CVE-2015-10054
- RESERVED
-CVE-2015-10053
- RESERVED
-CVE-2014-125080
- RESERVED
-CVE-2013-10012
- RESERVED
-CVE-2010-10005
- RESERVED
+CVE-2022-4890 (A vulnerability, which was classified as critical, has been
found in a ...)
+ TODO: check
+CVE-2021-4313 (A vulnerability was found in NethServer phonenehome. It has
been rated ...)
+ TODO: check
+CVE-2018-25076 (A vulnerability classified as critical was found in Events
Extension. ...)
+ TODO: check
+CVE-2016-15020 (A vulnerability was found in liftkit database up to 2.13.1. It
has bee ...)
+ TODO: check
+CVE-2015-10057 (A vulnerability was found in Little Apps Little Software
Stats. It has ...)
+ TODO: check
+CVE-2015-10056 (A vulnerability was found in 2071174A vinylmap. It has been
classified ...)
+ TODO: check
+CVE-2015-10055 (A vulnerability was found in PictureThisWebServer and
classified as cr ...)
+ TODO: check
+CVE-2015-10054 (A vulnerability, which was classified as critical, was found
in githui ...)
+ TODO: check
+CVE-2015-10053 (A vulnerability classified as critical has been found in
prodigasistem ...)
+ TODO: check
+CVE-2014-125080 (A vulnerability has been found in frontaccounting faplanet
and classif ...)
+ TODO: check
+CVE-2013-10012 (A vulnerability, which was classified as critical, was found
in antonb ...)
+ TODO: check
+CVE-2010-10005 (A vulnerability was found in msmania poodim. It has been
declared as c ...)
+ TODO: check
CVE-2023-23596
RESERVED
CVE-2023-23595 (BlueCat Device Registration Portal 2.2 allows XXE attacks that
exfiltr ...)
@@ -201,6 +329,7 @@ CVE-2009-10002 (A vulnerability, which was classified as
problematic, has been f
CVE-2009-10001 (A vulnerability classified as problematic was found in
jianlinwei cool ...)
NOT-FOR-US: jianlinwei cool-php-captcha
CVE-2023-23589 (The SafeSocks option in Tor before 0.4.7.13 has a logic error
in which ...)
+ {DSA-5320-1}
- tor 0.4.7.13-1
NOTE:
https://gitlab.torproject.org/tpo/core/tor/-/raw/release-0.4.7/ReleaseNotes
NOTE: https://gitlab.torproject.org/tpo/core/tor/-/issues/40730
@@ -4895,18 +5024,18 @@ CVE-2022-4660
RESERVED
CVE-2022-4659
REJECTED
-CVE-2022-4658
- RESERVED
+CVE-2022-4658 (The RSSImport WordPress plugin through 4.6.1 does not validate
and esc ...)
+ TODO: check
CVE-2022-4657
RESERVED
CVE-2022-4656
RESERVED
-CVE-2022-4655
- RESERVED
+CVE-2022-4655 (The Welcart e-Commerce WordPress plugin before 2.8.9 does not
validate ...)
+ TODO: check
CVE-2022-4654
RESERVED
-CVE-2022-4653
- RESERVED
+CVE-2022-4653 (The Greenshift WordPress plugin before 4.8.9 does not validate
and esc ...)
+ TODO: check
CVE-2022-4652
RESERVED
CVE-2022-4651
@@ -4923,8 +5052,8 @@ CVE-2022-47925
RESERVED
CVE-2022-47924
RESERVED
-CVE-2022-4648
- RESERVED
+CVE-2022-4648 (The Real Testimonials WordPress plugin before 2.6.0 does not
validate ...)
+ TODO: check
CVE-2022-4647 (Cross-site Scripting (XSS) - Stored in GitHub repository
microweber/mi ...)
NOT-FOR-US: microweber
CVE-2022-4646 (Cross-Site Request Forgery (CSRF) in GitHub repository
ikus060/rdiffwe ...)
@@ -5663,8 +5792,8 @@ CVE-2022-47632
RESERVED
CVE-2022-47631
RESERVED
-CVE-2022-47630
- RESERVED
+CVE-2022-47630 (Trusted Firmware-A through 2.8 has an out-of-bounds read in
the X.509 ...)
+ TODO: check
CVE-2022-47628
RESERVED
CVE-2022-47627
@@ -7055,8 +7184,8 @@ CVE-2022-4580
RESERVED
CVE-2022-4579
REJECTED
-CVE-2022-4578
- RESERVED
+CVE-2022-4578 (The Video Conferencing with Zoom WordPress plugin before 4.0.10
does n ...)
+ TODO: check
CVE-2022-4577
RESERVED
CVE-2022-4576
@@ -7069,8 +7198,8 @@ CVE-2022-4573
RESERVED
CVE-2022-4572 (A vulnerability, which was classified as problematic, has been
found i ...)
NOT-FOR-US: UBI reader
-CVE-2022-4571
- RESERVED
+CVE-2022-4571 (The Seriously Simple Podcasting WordPress plugin before 2.19.1
does no ...)
+ TODO: check
CVE-2022-4570
RESERVED
CVE-2022-4569
@@ -7159,18 +7288,18 @@ CVE-2022-4551
RESERVED
CVE-2022-4550
RESERVED
-CVE-2022-4549
- RESERVED
+CVE-2022-4549 (The Tickera WordPress plugin before 3.5.1.0 does not have CSRF
check i ...)
+ TODO: check
CVE-2022-4548
RESERVED
-CVE-2022-4547
- RESERVED
+CVE-2022-4547 (The Conditional Payment Methods for WooCommerce WordPress
plugin throu ...)
+ TODO: check
CVE-2022-4546
RESERVED
CVE-2022-4545
RESERVED
-CVE-2022-4544
- RESERVED
+CVE-2022-4544 (The MashShare WordPress plugin before 3.8.7 does not validate
and esca ...)
+ TODO: check
CVE-2022-4543 (A flaw named "EntryBleed" was found in the Linux Kernel Page
Table Iso ...)
- linux <unfixed>
NOTE: https://www.openwall.com/lists/oss-security/2022/12/16/3
@@ -7484,10 +7613,10 @@ CVE-2022-47407 (An issue was discovered in the
fp_masterquiz (aka Master-Quiz) e
NOT-FOR-US: TYPO3 extension
CVE-2022-47406 (An issue was discovered in the fe_change_pwd (aka Change
password for ...)
NOT-FOR-US: TYPO3 extension
-CVE-2022-4508
- RESERVED
-CVE-2022-4507
- RESERVED
+CVE-2022-4508 (The ConvertKit WordPress plugin before 2.0.5 does not validate
and esc ...)
+ TODO: check
+CVE-2022-4507 (The Real Cookie Banner WordPress plugin before 3.4.10 does not
validat ...)
+ TODO: check
CVE-2022-4506 (Unrestricted Upload of File with Dangerous Type in GitHub
repository o ...)
NOT-FOR-US: OpenEMR
CVE-2022-4505 (Improper Access Control in GitHub repository openemr/openemr
prior to ...)
@@ -7546,30 +7675,30 @@ CVE-2022-4489
RESERVED
CVE-2022-4488
RESERVED
-CVE-2022-4487
- RESERVED
-CVE-2022-4486
- RESERVED
+CVE-2022-4487 (The Easy Accordion WordPress plugin before 2.2.0 does not
validate and ...)
+ TODO: check
+CVE-2022-4486 (The Meteor Slides WordPress plugin through 1.5.6 does not
validate and ...)
+ TODO: check
CVE-2022-4485
RESERVED
-CVE-2022-4484
- RESERVED
-CVE-2022-4483
- RESERVED
-CVE-2022-4482
- RESERVED
-CVE-2022-4481
- RESERVED
-CVE-2022-4480
- RESERVED
+CVE-2022-4484 (The Social Share, Social Login and Social Comments Plugin
WordPress pl ...)
+ TODO: check
+CVE-2022-4483 (The Insert Pages WordPress plugin before 3.7.5 does not
validate and e ...)
+ TODO: check
+CVE-2022-4482 (The Carousel, Slider, Gallery by WP Carousel WordPress plugin
before 2 ...)
+ TODO: check
+CVE-2022-4481 (The Mesmerize Companion WordPress plugin before 1.6.135 does
not valid ...)
+ TODO: check
+CVE-2022-4480 (The Click to Chat WordPress plugin before 3.18.1 does not
validate and ...)
+ TODO: check
CVE-2022-4479 (The Table of Contents Plus WordPress plugin before 2212 does
not valid ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-4478
- RESERVED
-CVE-2022-4477
- RESERVED
-CVE-2022-4476
- RESERVED
+CVE-2022-4478 (The Font Awesome WordPress plugin before 4.3.2 does not
validate and e ...)
+ TODO: check
+CVE-2022-4477 (The Smash Balloon Social Post Feed WordPress plugin before
4.1.6 does ...)
+ TODO: check
+CVE-2022-4476 (The Download Manager WordPress plugin before 3.2.62 does not
validate ...)
+ TODO: check
CVE-2023-21773 (Windows Kernel Elevation of Privilege Vulnerability. This CVE
ID is un ...)
NOT-FOR-US: Microsoft
CVE-2023-21772 (Windows Kernel Elevation of Privilege Vulnerability. This CVE
ID is un ...)
@@ -7720,26 +7849,26 @@ CVE-2022-4471
RESERVED
CVE-2022-4470
RESERVED
-CVE-2022-4469
- RESERVED
+CVE-2022-4469 (The Simple Membership WordPress plugin before 4.2.2 does not
validate ...)
+ TODO: check
CVE-2022-4468 (The WP Recipe Maker WordPress plugin before 8.6.1 does not
validate an ...)
NOT-FOR-US: WordPress plugin
CVE-2022-4467
RESERVED
CVE-2022-4466
RESERVED
-CVE-2022-4465
- RESERVED
-CVE-2022-4464
- RESERVED
+CVE-2022-4465 (The WP Video Lightbox WordPress plugin before 1.9.7 does not
validate ...)
+ TODO: check
+CVE-2022-4464 (Themify Portfolio Post WordPress plugin before 1.2.1 does not
validate ...)
+ TODO: check
CVE-2022-4463
RESERVED
CVE-2022-4462
RESERVED
CVE-2022-4461
RESERVED
-CVE-2022-4460
- RESERVED
+CVE-2022-4460 (The Sidebar Widgets by CodeLights WordPress plugin through 1.4
does no ...)
+ TODO: check
CVE-2022-4459
RESERVED
CVE-2022-4458
@@ -7862,20 +7991,20 @@ CVE-2022-4455 (A vulnerability, which was classified as
problematic, was found i
NOT-FOR-US: sproctor php-calendar
CVE-2022-4454 (A vulnerability, which was classified as critical, has been
found in m ...)
NOT-FOR-US: m0ver bible-online
-CVE-2022-4453
- RESERVED
+CVE-2022-4453 (The 3D FlipBook WordPress plugin through 1.13.2 does not
validate or e ...)
+ TODO: check
CVE-2022-4452
RESERVED
-CVE-2022-4451
- RESERVED
+CVE-2022-4451 (The Social Sharing WordPress plugin before 3.3.45 does not
validate an ...)
+ TODO: check
CVE-2022-4450
RESERVED
-CVE-2022-4449
- RESERVED
+CVE-2022-4449 (The Page scroll to id WordPress plugin before 1.7.6 does not
validate ...)
+ TODO: check
CVE-2022-4448
RESERVED
-CVE-2022-4447
- RESERVED
+CVE-2022-4447 (The Fontsy WordPress plugin through 1.8.6 does not properly
sanitize a ...)
+ TODO: check
CVE-2022-4446 (PHP Remote File Inclusion in GitHub repository tsolucio/corebos
prior ...)
NOT-FOR-US: Corebos
CVE-2022-4445
@@ -7884,8 +8013,8 @@ CVE-2022-4444 (A vulnerability was found in ipti br.tag.
It has been declared as
NOT-FOR-US: ipti br.tag
CVE-2022-4443
RESERVED
-CVE-2022-4442
- RESERVED
+CVE-2022-4442 (The Custom Post Types and Custom Fields creator WordPress
plugin befor ...)
+ TODO: check
CVE-2019-25078 (A vulnerability classified as problematic was found in
pacparser up to ...)
- pacparser <unfixed> (bug #1026106)
[bullseye] - pacparser <no-dsa> (Minor issue)
@@ -8270,8 +8399,8 @@ CVE-2022-4433 (A buffer over-read vulnerability was
reported in the ThinkPadX13s
NOT-FOR-US: Lenovo
CVE-2022-4432 (A buffer over-read vulnerability was reported in the
ThinkPadX13s BIOS ...)
NOT-FOR-US: Lenovo
-CVE-2022-4431
- RESERVED
+CVE-2022-4431 (The WOOCS WordPress plugin before 1.3.9.4 does not validate and
escape ...)
+ TODO: check
CVE-2022-4430
RESERVED
CVE-2022-43669
@@ -9511,14 +9640,14 @@ CVE-2022-4332
RESERVED
CVE-2022-4331
RESERVED
-CVE-2022-4330
- RESERVED
+CVE-2022-4330 (The WP Attachments WordPress plugin through 5.0.5 does not
sanitise an ...)
+ TODO: check
CVE-2022-4329 (The Product list Widget for Woocommerce WordPress plugin
through 1.0 d ...)
NOT-FOR-US: WordPress plugin
CVE-2022-4328
RESERVED
-CVE-2022-4327
- RESERVED
+CVE-2022-4327 (The Anti-Malware Security and Brute-Force Firewall WordPress
plugin th ...)
+ TODO: check
CVE-2022-4326 (Improper preservation of permissions vulnerability in Trellix
Endpoint ...)
NOT-FOR-US: Trellix Endpoint Agent (xAgent)
CVE-2022-4325 (The Post Status Notifier Lite WordPress plugin before 1.10.1
does not ...)
@@ -9796,8 +9925,8 @@ CVE-2022-4322 (A vulnerability, which was classified as
critical, was found in m
NOT-FOR-US: maku-boot
CVE-2022-4321
RESERVED
-CVE-2022-4320
- RESERVED
+CVE-2022-4320 (The WordPress Events Calendar WordPress plugin before 1.4.5
does not s ...)
+ TODO: check
CVE-2022-4319
RESERVED
CVE-2022-4318
@@ -9847,8 +9976,8 @@ CVE-2022-46662 (Roxio Creator LJB starts another program
with an unquoted file p
NOT-FOR-US: Roxio
CVE-2022-4310 (The Slimstat Analytics WordPress plugin before 4.9.3 does not
sanitise ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-4309
- RESERVED
+CVE-2022-4309 (The Subscribe2 WordPress plugin before 10.38 does not have CSRF
check ...)
+ TODO: check
CVE-2022-4308
RESERVED
CVE-2022-4307
@@ -9867,8 +9996,8 @@ CVE-2022-4301 (The Sunshine Photo Cart WordPress plugin
before 2.9.15 does not s
NOT-FOR-US: WordPress plugin
CVE-2022-4300 (A vulnerability was found in FastCMS. It has been rated as
critical. T ...)
NOT-FOR-US: FastCMS
-CVE-2022-4299
- RESERVED
+CVE-2022-4299 (The Metricool WordPress plugin before 1.18 does not sanitise
and escap ...)
+ TODO: check
CVE-2022-4298 (The Wholesale Market WordPress plugin before 2.2.1 does not
have autho ...)
NOT-FOR-US: WordPress plugin
CVE-2022-4297 (The WP AutoComplete Search WordPress plugin through 1.0.4 does
not san ...)
@@ -9907,8 +10036,8 @@ CVE-2022-43496
RESERVED
CVE-2022-43473
RESERVED
-CVE-2022-4295
- RESERVED
+CVE-2022-4295 (The Show All Comments WordPress plugin before 7.0.1 does not
sanitise ...)
+ TODO: check
CVE-2022-46644
RESERVED
CVE-2022-46643
@@ -10797,8 +10926,8 @@ CVE-2022-4260 (The WP-Ban WordPress plugin before
1.69.1 does not sanitise and e
NOT-FOR-US: WordPress plugin
CVE-2022-4259
RESERVED
-CVE-2022-4258
- RESERVED
+CVE-2022-4258 (In multiple versions of HIMA PC based Software an unquoted
Windows sea ...)
+ TODO: check
CVE-2022-4257 (A vulnerability was found in C-DATA Web Management System. It
has been ...)
NOT-FOR-US: C-DATA Web Management System
CVE-2022-4256 (The All-in-One Addons for Elementor WordPress plugin before
2.4.4 does ...)
@@ -11129,8 +11258,8 @@ CVE-2022-4201
- gitlab <unfixed>
CVE-2022-4200 (The Login with Cognito WordPress plugin through 1.4.8 does not
sanitis ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-4199
- RESERVED
+CVE-2022-4199 (The Link Library WordPress plugin before 7.4.1 does not
sanitise and e ...)
+ TODO: check
CVE-2022-4198 (The WP Social Sharing WordPress plugin through 2.2 does not
sanitise a ...)
NOT-FOR-US: WordPress plugin
CVE-2022-4197 (The Sliderby10Web WordPress plugin before 1.2.53 does not
sanitise and ...)
@@ -13061,8 +13190,8 @@ CVE-2022-4103 (The Royal Elementor Addons WordPress
plugin before 1.3.56 does no
NOT-FOR-US: WordPress plugin
CVE-2022-4102 (The Royal Elementor Addons WordPress plugin before 1.3.56 does
not hav ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-4101
- RESERVED
+CVE-2022-4101 (The Images Optimize and Upload CF7 WordPress plugin through
2.1.4 does ...)
+ TODO: check
CVE-2022-4100
RESERVED
CVE-2022-4099 (The Joy Of Text Lite WordPress plugin before 2.3.1 does not
properly s ...)
@@ -13187,8 +13316,8 @@ CVE-2022-44456 (CONPROSYS HMI System (CHS)
Ver.3.4.4?and earlier allows a remote
NOT-FOR-US: CONPROSYS HMI System (CHS)
CVE-2022-4061 (The JobBoardWP WordPress plugin before 1.2.2 does not properly
validat ...)
NOT-FOR-US: WordPress plugin
-CVE-2022-4060
- RESERVED
+CVE-2022-4060 (The User Post Gallery WordPress plugin through 2.19 does not
limit wha ...)
+ TODO: check
CVE-2022-4059 (The Cryptocurrency Widgets Pack WordPress plugin through 1.8.1
does no ...)
NOT-FOR-US: WordPress plugin
CVE-2022-4058 (The Photo Gallery by 10Web WordPress plugin before 1.8.3 does
not vali ...)
@@ -13378,8 +13507,7 @@ CVE-2022-45440
RESERVED
CVE-2022-45439
RESERVED
-CVE-2022-45438
- RESERVED
+CVE-2022-45438 (When explicitly enabling the feature flag DASHBOARD_CACHE
(disabled by ...)
NOT-FOR-US: Apache Superset
CVE-2022-45437
RESERVED
@@ -14714,8 +14842,8 @@ CVE-2022-3906 (The Easy Form Builder WordPress plugin
before 3.4.0 does not sani
NOT-FOR-US: WordPress plugin
CVE-2022-3905
REJECTED
-CVE-2022-3904
- RESERVED
+CVE-2022-3904 (The MonsterInsights WordPress plugin before 8.9.1 does not
sanitize or ...)
+ TODO: check
CVE-2022-3903 (An incorrect read request flaw was found in the Infrared
Transceiver U ...)
- linux 5.19.11-1
[bullseye] - linux 5.10.148-1
@@ -20859,20 +20987,15 @@ CVE-2022-43723 (A vulnerability has been identified
in SICAM PAS/PQS (All versio
NOT-FOR-US: Siemens
CVE-2022-43722 (A vulnerability has been identified in SICAM PAS/PQS (All
versions < ...)
NOT-FOR-US: Siemens
-CVE-2022-43721
- RESERVED
+CVE-2022-43721 (An authenticated attacker with update datasets permission
could change ...)
NOT-FOR-US: Apache Superset
-CVE-2022-43720
- RESERVED
+CVE-2022-43720 (An authenticated attacker with write CSS template permissions
can crea ...)
NOT-FOR-US: Apache Superset
-CVE-2022-43719
- RESERVED
+CVE-2022-43719 (Two legacy REST API endpoints for approval and request access
are vuln ...)
NOT-FOR-US: Apache Superset
-CVE-2022-43718
- RESERVED
+CVE-2022-43718 (Upload data forms do not correctly render user input leading
to possib ...)
NOT-FOR-US: Apache Superset
-CVE-2022-43717
- RESERVED
+CVE-2022-43717 (Dashboard rendering does not sufficiently sanitize the content
of mark ...)
NOT-FOR-US: Apache Superset
CVE-2022-43716
RESERVED
@@ -26505,8 +26628,7 @@ CVE-2022-41704 (A vulnerability in Batik of Apache XML
Graphics allows an attack
NOTE: https://www.openwall.com/lists/oss-security/2022/10/25/2
NOTE: https://issues.apache.org/jira/browse/BATIK-1338
NOTE: http://svn.apache.org/viewvc?view=revision&revision=1904320
-CVE-2022-41703
- RESERVED
+CVE-2022-41703 (A vulnerability in the SQL Alchemy connector of Apache
Superset allows ...)
NOT-FOR-US: Apache Superset
CVE-2022-41690
RESERVED
@@ -37900,8 +38022,8 @@ CVE-2022-2660 (Delta Industrial Automation DIALink
versions 1.4.0.0 and prior ar
NOT-FOR-US: Delta Industrial Automation
CVE-2022-2659
RESERVED
-CVE-2022-2658
- RESERVED
+CVE-2022-2658 (The WP Spell Check WordPress plugin before 9.13 does not escape
ignore ...)
+ TODO: check
CVE-2022-2657 (The Multivendor Marketplace Solution for WooCommerce WordPress
plugin ...)
NOT-FOR-US: WordPress plugin
CVE-2022-2656 (A vulnerability classified as critical has been found in
SourceCodeste ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7c879cbb13c1dc0714f91e1b3be4d44f955462e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7c879cbb13c1dc0714f91e1b3be4d44f955462e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
