[Git][security-tracker-team/security-tracker][master] automatic update

Thu, 14 Apr 2022 01:10:36 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
846efafd by security tracker role at 2022-04-14T08:10:12+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2022-29264
+       RESERVED
+CVE-2022-28719
+       RESERVED
+CVE-2022-1350 (A vulnerability classified as problematic was found in 
Ghostscript 9.5 ...)
+       TODO: check
+CVE-2022-1349
+       RESERVED
+CVE-2022-1348
+       RESERVED
+CVE-2022-1347 (Stored XSS in the "Username" & "Email" input fields leads 
to accou ...)
+       TODO: check
+CVE-2022-1346 (Multiple Stored XSS in GitHub repository causefx/organizr prior 
to 2.1 ...)
+       TODO: check
+CVE-2022-1345 (Stored XSS viva .svg file upload in GitHub repository 
causefx/organizr ...)
+       TODO: check
 CVE-2022-29261
        RESERVED
 CVE-2022-29260
@@ -4707,8 +4723,8 @@ CVE-2022-27481 (A vulnerability has been identified in 
SCALANCE W1788-1 M12 (All
        NOT-FOR-US: Siemens SCALANCE
 CVE-2022-27480 (A vulnerability has been identified in SICAM A8000 CP-8031 
(All versio ...)
        TODO: check
-CVE-2022-27479
-       RESERVED
+CVE-2022-27479 (Apache Superset before 1.4.2 is vulnerable to SQL injection in 
chart d ...)
+       TODO: check
 CVE-2022-27478
        RESERVED
 CVE-2022-27477 (Newbee-Mall v1.0.0 was discovered to contain an arbitrary file 
upload  ...)
@@ -5187,7 +5203,7 @@ CVE-2022-27258
        RESERVED
 CVE-2022-27257
        RESERVED
-CVE-2022-27256 (An open redirect vulnerability in Hubzilla before version 7.2 
allows r ...)
+CVE-2022-27256 (A PHP Local File inclusion vulnerability in the Redbasic theme 
for Hub ...)
        TODO: check
 CVE-2022-27255
        RESERVED
@@ -11871,16 +11887,16 @@ CVE-2022-24849
        RESERVED
 CVE-2022-24848
        RESERVED
-CVE-2022-24847
-       RESERVED
+CVE-2022-24847 (GeoServer is an open source software server written in Java 
that allow ...)
+       TODO: check
 CVE-2022-24846
        RESERVED
-CVE-2022-24845
-       RESERVED
-CVE-2022-24844
-       RESERVED
-CVE-2022-24843
-       RESERVED
+CVE-2022-24845 (Vyper is a pythonic Smart Contract Language for the ethereum 
virtual m ...)
+       TODO: check
+CVE-2022-24844 (Gin-vue-admin is a backstage management system based on vue 
and gin, w ...)
+       TODO: check
+CVE-2022-24843 (Gin-vue-admin is a backstage management system based on vue 
and gin, w ...)
+       TODO: check
 CVE-2022-24842 (MinIO is a High Performance Object Storage released under GNU 
Affero G ...)
        TODO: check
 CVE-2022-24841
@@ -11911,8 +11927,8 @@ CVE-2022-24830
        RESERVED
 CVE-2022-24829 (Garden is an automation platform for Kubernetes development 
and testin ...)
        TODO: check
-CVE-2022-24828
-       RESERVED
+CVE-2022-24828 (Composer is a dependency manager for the PHP programming 
language. Int ...)
+       TODO: check
 CVE-2022-24827 (Elide is a Java library that lets you stand up a 
GraphQL/JSON-API web  ...)
        TODO: check
 CVE-2022-24826
@@ -11931,12 +11947,12 @@ CVE-2022-24820 (XWiki Platform is a generic wiki 
platform offering runtime servi
        NOT-FOR-US: XWiki
 CVE-2022-24819 (XWiki Platform is a generic wiki platform offering runtime 
services fo ...)
        NOT-FOR-US: XWiki
-CVE-2022-24818
-       RESERVED
+CVE-2022-24818 (GeoTools is an open source Java library that provides tools 
for geospa ...)
+       TODO: check
 CVE-2022-24817
        RESERVED
-CVE-2022-24816
-       RESERVED
+CVE-2022-24816 (JAI-EXT is an open-source project which aims to extend the 
Java Advanc ...)
+       TODO: check
 CVE-2022-24815 (JHipster is a development platform to quickly generate, 
develop, & ...)
        TODO: check
 CVE-2022-24814 (Directus is a real-time API and App dashboard for managing SQL 
databas ...)
@@ -12004,8 +12020,8 @@ CVE-2022-24790 (Puma is a simple, fast, multi-threaded, 
parallel HTTP 1.1 server
        NOTE: 
https://github.com/puma/puma/commit/6c514e70f5ae0ff14c9b0091fa84bfa39b022025 
(v5.6.3)
 CVE-2022-24789 (C1 CMS is an open-source, .NET based Content Management System 
(CMS).  ...)
        NOT-FOR-US: C1 CMS
-CVE-2022-24788
-       RESERVED
+CVE-2022-24788 (Vyper is a pythonic Smart Contract Language for the ethereum 
virtual m ...)
+       TODO: check
 CVE-2022-24787 (Vyper is a Pythonic Smart Contract Language for the Ethereum 
Virtual M ...)
        NOT-FOR-US: Vyper
 CVE-2022-24786 (PJSIP is a free and open source multimedia communication 
library writt ...)
@@ -21644,8 +21660,8 @@ CVE-2022-0025
        RESERVED
 CVE-2022-0024
        RESERVED
-CVE-2022-0023
-       RESERVED
+CVE-2022-0023 (An improper handling of exceptional conditions vulnerability 
exists in ...)
+       TODO: check
 CVE-2022-0022 (Usage of a weak cryptographic algorithm in Palo Alto Networks 
PAN-OS s ...)
        NOT-FOR-US: Palo Alto Networks
 CVE-2022-0021 (An information exposure through log file vulnerability exists 
in the P ...)
@@ -32586,8 +32602,8 @@ CVE-2021-43156 (In ProjectWorlds Online Book Store PHP 
1.0 a CSRF vulnerability
        NOT-FOR-US: ProjectWorlds Online Book Store PHP
 CVE-2021-43155 (Projectsworlds Online Book Store PHP v1.0 is vulnerable to SQL 
injecti ...)
        NOT-FOR-US: ProjectWorlds Online Book Store PHP
-CVE-2021-43154
-       RESERVED
+CVE-2021-43154 (Cross Site Scripting (XSS) vulnerability exists in CMS Made 
Simple 2.2 ...)
+       TODO: check
 CVE-2021-43153
        RESERVED
 CVE-2021-43152
@@ -38809,8 +38825,8 @@ CVE-2021-41121 (Vyper is a Pythonic Smart Contract 
Language for the EVM. In affe
        NOT-FOR-US: Vyper
 CVE-2021-41120 (sylius/paypal-plugin is a paypal plugin for the Sylius 
development pla ...)
        NOT-FOR-US: sylius/paypal-plugin
-CVE-2021-41119
-       RESERVED
+CVE-2021-41119 (Wire-server is the system server for the wire back-end 
services. Relea ...)
+       TODO: check
 CVE-2021-41118 (The DynamicPageList3 extension is a reporting tool for 
MediaWiki, list ...)
        NOT-FOR-US: DynamicPageList3 MediaWiki Extension
 CVE-2021-41117 (keypair is a a RSA PEM key generator written in javascript. 
keypair im ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/846efafdbf9429f3c850993533237ecf6410848f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/846efafdbf9429f3c850993533237ecf6410848f
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to