[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a90ecfc3 by security tracker role at 2022-05-19T08:10:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,39 @@
+CVE-2022-31215
+       RESERVED
+CVE-2022-31214
+       RESERVED
+CVE-2022-31213
+       RESERVED
+CVE-2022-31212
+       RESERVED
+CVE-2022-31211
+       RESERVED
+CVE-2022-31210
+       RESERVED
+CVE-2022-31209
+       RESERVED
+CVE-2022-31208
+       RESERVED
+CVE-2022-31207
+       RESERVED
+CVE-2022-31206
+       RESERVED
+CVE-2022-31205
+       RESERVED
+CVE-2022-31204
+       RESERVED
+CVE-2022-31203
+       RESERVED
+CVE-2022-31202
+       RESERVED
+CVE-2022-31201
+       RESERVED
+CVE-2022-31200
+       RESERVED
+CVE-2022-31199
+       RESERVED
+CVE-2022-1797
+       RESERVED
 CVE-2022-31198
        RESERVED
 CVE-2022-31197
@@ -402,16 +438,16 @@ CVE-2022-30996
        RESERVED
 CVE-2022-30995
        RESERVED
-CVE-2022-30994
-       RESERVED
-CVE-2022-30993
-       RESERVED
-CVE-2022-30992
-       RESERVED
-CVE-2022-30991
-       RESERVED
-CVE-2022-30990
-       RESERVED
+CVE-2022-30994 (Cleartext transmission of sensitive information. The following 
product ...)
+       TODO: check
+CVE-2022-30993 (Cleartext transmission of sensitive information. The following 
product ...)
+       TODO: check
+CVE-2022-30992 (Open redirect via user-controlled query parameter. The 
following produ ...)
+       TODO: check
+CVE-2022-30991 (HTML injection via report name. The following products are 
affected: A ...)
+       TODO: check
+CVE-2022-30990 (Sensitive information disclosure due to insecure folder 
permissions. T ...)
+       TODO: check
 CVE-2022-30989
        RESERVED
 CVE-2022-30988
@@ -496,14 +532,14 @@ CVE-2022-30974 (compile in regexp.c in Artifex MuJS 
through 1.2.0 results in sta
        NOTE: https://github.com/ccxvii/mujs/issues/162
 CVE-2022-1775
        RESERVED
-CVE-2022-1774
-       RESERVED
+CVE-2022-1774 (Exposure of Sensitive Information to an Unauthorized Actor in 
GitHub r ...)
+       TODO: check
 CVE-2022-1773
        RESERVED
 CVE-2022-1772
        RESERVED
-CVE-2022-1771
-       RESERVED
+CVE-2022-1771 (Stack-based Buffer Overflow in GitHub repository vim/vim prior 
to 8.2. ...)
+       TODO: check
 CVE-2019-25061 (The random_password_generator (aka RandomPasswordGenerator) 
gem throug ...)
        NOT-FOR-US: bvsatyaram/random_password_generator
 CVE-2022-30973
@@ -1676,8 +1712,8 @@ CVE-2022-26344
        RESERVED
 CVE-2022-25976
        RESERVED
-CVE-2022-1670
-       RESERVED
+CVE-2022-1670 (When generating a user invitation code in Octopus Server, the 
validity ...)
+       TODO: check
 CVE-2022-1669
        RESERVED
 CVE-2022-1668
@@ -2817,8 +2853,8 @@ CVE-2022-30140
        RESERVED
 CVE-2022-30139
        RESERVED
-CVE-2022-30138
-       RESERVED
+CVE-2022-30138 (Windows Print Spooler Elevation of Privilege Vulnerability. 
This CVE I ...)
+       TODO: check
 CVE-2022-30137
        RESERVED
 CVE-2022-30136
@@ -3093,8 +3129,8 @@ CVE-2022-30035
        RESERVED
 CVE-2022-30034
        RESERVED
-CVE-2022-30033
-       RESERVED
+CVE-2022-30033 (Tenda TX9 Pro V22.03.02.10 is vulnerable to Buffer Overflow 
via the fu ...)
+       TODO: check
 CVE-2022-30032
        RESERVED
 CVE-2022-30031
@@ -5463,10 +5499,10 @@ CVE-2022-29232
        RESERVED
 CVE-2022-29231
        RESERVED
-CVE-2022-29230
-       RESERVED
-CVE-2022-29229
-       RESERVED
+CVE-2022-29230 (Hydrogen is a React-based framework for building dynamic, 
Shopify-powe ...)
+       TODO: check
+CVE-2022-29229 (CaSS is a Competency and Skills System. CaSS Library, 
(npm:cassproject ...)
+       TODO: check
 CVE-2022-29228
        RESERVED
 CVE-2022-29227
@@ -7753,12 +7789,12 @@ CVE-2021-46780 (The Easy Google Maps WordPress plugin 
before 1.9.32 does not esc
        NOT-FOR-US: WordPress plugin
 CVE-2022-28351
        RESERVED
-CVE-2022-28350
-       RESERVED
-CVE-2022-28349
-       RESERVED
-CVE-2022-28348
-       RESERVED
+CVE-2022-28350 (Arm Mali GPU Kernel Driver allows improper GPU operations in 
Valhall r ...)
+       TODO: check
+CVE-2022-28349 (Arm Mali GPU Kernel Driver has a use-after-free: Midgard r28p0 
through ...)
+       TODO: check
+CVE-2022-28348 (Arm Mali GPU Kernel Driver (Midgard r4p0 through r31p0, 
Bifrost r0p0 t ...)
+       TODO: check
 CVE-2022-28347 (A SQL injection issue was discovered in QuerySet.explain() in 
Django 2 ...)
        - python-django 2:3.2.13-1 (bug #1009677)
        [stretch] - python-django <not-affected> (Vulnerable code not present)
@@ -50546,8 +50582,8 @@ CVE-2021-38946 (IBM Cognos Analytics 11.1.7, 11.2.0, 
and 11.1.7 is vulnerable to
        NOT-FOR-US: IBM
 CVE-2021-38945
        RESERVED
-CVE-2021-38944
-       RESERVED
+CVE-2021-38944 (IBM DataPower Gateway 10.0.2.0 through 1.0.3.0, 10.0.1.0 
through 10.0. ...)
+       TODO: check
 CVE-2021-38943
        RESERVED
 CVE-2021-38942



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a90ecfc3faa43356d0c1a2f4d1afeeda8e65a5f5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a90ecfc3faa43356d0c1a2f4d1afeeda8e65a5f5
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits