[Git][security-tracker-team/security-tracker][master] new hdf5 issues

Tue, 21 Feb 2023 06:55:16 -0800 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
050c1ae5 by Moritz Muehlenhoff at 2023-02-21T15:50:57+01:00
new hdf5 issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -22326,9 +22326,8 @@ CVE-2022-41659
 CVE-2022-3921 (The Listingo WordPress theme before 3.2.7 does not validate 
files to b ...)
        NOT-FOR-US: Listingo WordPress theme
 CVE-2022-3920 (HashiCorp Consul and Consul Enterprise 1.13.0 up to 1.13.3 do 
not filt ...)
-       - consul <undetermined>
+       - consul <not-affected> (Vulnerable code not present)
        NOTE: 
https://discuss.hashicorp.com/t/hcsec-2022-28-consul-cluster-peering-leaks-imported-nodes-services-information/46946
-       TODO: check if affecting versions before 1.13.0
 CVE-2022-45108
        RESERVED
 CVE-2022-45107
@@ -75798,11 +75797,14 @@ CVE-2022-26892
 CVE-2022-26891 (Microsoft Edge (Chromium-based) Elevation of Privilege 
Vulnerability.  ...)
        NOT-FOR-US: Microsoft
 CVE-2022-26061 (A heap-based buffer overflow vulnerability exists in the 
gif2h5 functi ...)
-       TODO: check
+       - hdf5 <unfixed>
+       NOTE: 
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1487
 CVE-2022-25972 (An out-of-bounds write vulnerability exists in the gif2h5 
functionalit ...)
-       TODO: check
+       - hdf5 <unfixed>
+       NOTE: 
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1485
 CVE-2022-25942 (An out-of-bounds read vulnerability exists in the gif2h5 
functionality ...)
-       TODO: check
+       - hdf5 <unfixed>
+       NOTE: 
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1486
 CVE-2022-0935 (Host Header injection in password Reset in GitHub repository 
livehelpe ...)
        NOT-FOR-US: livehelperchat
 CVE-2022-26886



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/050c1ae5ff260dafdd0ca8ef7b1bbcf7f4d2bde1

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/050c1ae5ff260dafdd0ca8ef7b1bbcf7f4d2bde1
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to