diff options
author | security tracker role <sectracker@soriano.debian.org> | 2022-01-25 20:10:20 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2022-01-25 20:10:20 +0000 |
commit | a8927b69c8e3b709c2e6e9d2c5fc22fd3eabe0c4 (patch) | |
tree | 17dfd0afdc465cebe7a3c8f278863c8ce7e23511 /data/CVE/list.2022 | |
parent | 79b0d48fec5d366c5a82085f4b0d96f171ff2c32 (diff) |
automatic update
Diffstat (limited to 'data/CVE/list.2022')
-rw-r--r-- | data/CVE/list.2022 | 101 |
1 files changed, 69 insertions, 32 deletions
diff --git a/data/CVE/list.2022 b/data/CVE/list.2022 index f10924caaa..6093f19ce4 100644 --- a/data/CVE/list.2022 +++ b/data/CVE/list.2022 @@ -1,3 +1,43 @@ +CVE-2022-23947 + RESERVED +CVE-2022-23946 + RESERVED +CVE-2022-23945 (Missing authentication on ShenYu Admin when register by HTTP. This iss ...) + TODO: check +CVE-2022-23944 (User can access /plugin api without authentication. This issue affecte ...) + TODO: check +CVE-2022-23943 + RESERVED +CVE-2022-23942 + RESERVED +CVE-2022-21184 + RESERVED +CVE-2022-0368 + RESERVED +CVE-2022-0367 + RESERVED +CVE-2022-0366 + RESERVED +CVE-2022-0365 + RESERVED +CVE-2022-0364 + RESERVED +CVE-2022-0363 + RESERVED +CVE-2022-0362 + RESERVED +CVE-2022-0361 + RESERVED +CVE-2022-0360 + RESERVED +CVE-2022-0359 + RESERVED +CVE-2022-0358 + RESERVED +CVE-2022-0357 + RESERVED +CVE-2022-0356 + RESERVED CVE-2022-23941 RESERVED CVE-2022-23940 @@ -155,8 +195,8 @@ CVE-2022-23865 RESERVED CVE-2022-0352 RESERVED -CVE-2022-0351 - RESERVED +CVE-2022-0351 (Access of Memory Location Before Start of Buffer in Conda vim prior to ...) + TODO: check CVE-2022-0350 RESERVED CVE-2022-0349 @@ -214,8 +254,8 @@ CVE-2022-23849 RESERVED CVE-2022-0339 RESERVED -CVE-2022-0338 - RESERVED +CVE-2022-0338 (Improper Privilege Management in Conda loguru prior to 0.5.3. ...) + TODO: check CVE-2022-23848 RESERVED CVE-2022-23847 @@ -1547,8 +1587,8 @@ CVE-2022-0270 RESERVED CVE-2022-0269 (Cross-Site Request Forgery (CSRF) in Packagist yetiforce/yetiforce-crm ...) TODO: check -CVE-2022-0268 - RESERVED +CVE-2022-0268 (Cross-site Scripting (XSS) - Stored in Packagist getgrav/grav prior to ...) + TODO: check CVE-2022-0267 RESERVED CVE-2022-23312 @@ -1808,8 +1848,8 @@ CVE-2022-23225 RESERVED CVE-2022-23224 RESERVED -CVE-2022-23223 - RESERVED +CVE-2022-23223 (The HTTP response will disclose the user password. This issue affected ...) + TODO: check CVE-2022-23221 (H2 Console before 2.1.210 allows remote attackers to execute arbitrary ...) - h2database <unfixed> NOTE: https://github.com/h2database/h2database/releases/tag/version-2.1.210 @@ -2362,20 +2402,17 @@ CVE-2022-23037 RESERVED CVE-2022-23036 RESERVED -CVE-2022-23035 - RESERVED +CVE-2022-23035 (Insufficient cleanup of passed-through device IRQs The management of I ...) - xen <unfixed> [buster] - xen <end-of-life> (DSA 4677-1) [stretch] - xen <end-of-life> (DSA 4602-1) NOTE: https://xenbits.xen.org/xsa/advisory-395.html -CVE-2022-23034 - RESERVED +CVE-2022-23034 (A PV guest could DoS Xen while unmapping a grant To address XSA-380, r ...) - xen <unfixed> [buster] - xen <end-of-life> (DSA 4677-1) [stretch] - xen <end-of-life> (DSA 4602-1) NOTE: https://xenbits.xen.org/xsa/advisory-394.html -CVE-2022-23033 - RESERVED +CVE-2022-23033 (arm: guest_physmap_remove_page not removing the p2m mappings The funct ...) - xen <unfixed> [buster] - xen <end-of-life> (DSA 4677-1) [stretch] - xen <end-of-life> (DSA 4602-1) @@ -3090,7 +3127,7 @@ CVE-2022-22748 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-03/#CVE-2022-22748 CVE-2022-22747 RESERVED - {DSA-5045-1 DSA-5044-1 DLA-2881-1 DLA-2880-1} + {DSA-5045-1 DSA-5044-1 DLA-2898-1 DLA-2881-1 DLA-2880-1} - nss 2:3.73-1 - firefox 96.0-1 - firefox-esr 91.5.0esr-1 @@ -5690,8 +5727,8 @@ CVE-2022-21699 (IPython (Interactive Python) is a command shell for interactive NOTE: https://ipython.readthedocs.io/en/stable/whatsnew/version8.html#ipython-8-0-1-cve-2022-21699 CVE-2022-21698 RESERVED -CVE-2022-21697 - RESERVED +CVE-2022-21697 (Jupyter Server Proxy is a Jupyter notebook server extension to proxy w ...) + TODO: check CVE-2022-21696 (OnionShare is an open source tool that lets you securely and anonymous ...) - onionshare <unfixed> NOTE: https://github.com/onionshare/onionshare/security/advisories/GHSA-68vr-8f46-vc9f @@ -6395,11 +6432,11 @@ CVE-2022-21367 (Vulnerability in the MySQL Server product of Oracle MySQL (compo - mysql-5.7 <removed> - mysql-8.0 <unfixed> CVE-2022-21366 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - {DSA-5057-1} + {DSA-5058-1 DSA-5057-1} - openjdk-11 11.0.14+9-1 - openjdk-17 17.0.2+8-1 CVE-2022-21365 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - {DSA-5057-1} + {DSA-5058-1 DSA-5057-1} - openjdk-8 <unfixed> - openjdk-11 11.0.14+9-1 - openjdk-17 17.0.2+8-1 @@ -6412,7 +6449,7 @@ CVE-2022-21362 (Vulnerability in the MySQL Server product of Oracle MySQL (compo CVE-2022-21361 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) NOT-FOR-US: Oracle CVE-2022-21360 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - {DSA-5057-1} + {DSA-5058-1 DSA-5057-1} - openjdk-8 <unfixed> - openjdk-11 11.0.14+9-1 - openjdk-17 17.0.2+8-1 @@ -6454,12 +6491,12 @@ CVE-2022-21343 CVE-2022-21342 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 <unfixed> CVE-2022-21341 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - {DSA-5057-1} + {DSA-5058-1 DSA-5057-1} - openjdk-8 <unfixed> - openjdk-11 11.0.14+9-1 - openjdk-17 17.0.2+8-1 CVE-2022-21340 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - {DSA-5057-1} + {DSA-5058-1 DSA-5057-1} - openjdk-8 <unfixed> - openjdk-11 11.0.14+9-1 - openjdk-17 17.0.2+8-1 @@ -6532,7 +6569,7 @@ CVE-2022-21307 (Vulnerability in the MySQL Cluster product of Oracle MySQL (comp CVE-2022-21306 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) NOT-FOR-US: Oracle CVE-2022-21305 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - {DSA-5057-1} + {DSA-5058-1 DSA-5057-1} - openjdk-8 <unfixed> - openjdk-11 11.0.14+9-1 - openjdk-17 17.0.2+8-1 @@ -6549,7 +6586,7 @@ CVE-2022-21301 (Vulnerability in the MySQL Server product of Oracle MySQL (compo CVE-2022-21300 (Vulnerability in the PeopleSoft Enterprise CS SA Integration Pack prod ...) NOT-FOR-US: Oracle CVE-2022-21299 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - {DSA-5057-1} + {DSA-5058-1 DSA-5057-1} - openjdk-8 <unfixed> - openjdk-11 11.0.14+9-1 - openjdk-17 17.0.2+8-1 @@ -6558,26 +6595,26 @@ CVE-2022-21298 (Vulnerability in the Oracle Solaris product of Oracle Systems (c CVE-2022-21297 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 <unfixed> CVE-2022-21296 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - {DSA-5057-1} + {DSA-5058-1 DSA-5057-1} - openjdk-8 <unfixed> - openjdk-11 11.0.14+9-1 - openjdk-17 17.0.2+8-1 CVE-2022-21295 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...) - virtualbox <not-affected> (Windows-specific) CVE-2022-21294 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - {DSA-5057-1} + {DSA-5058-1 DSA-5057-1} - openjdk-8 <unfixed> - openjdk-11 11.0.14+9-1 - openjdk-17 17.0.2+8-1 CVE-2022-21293 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - {DSA-5057-1} + {DSA-5058-1 DSA-5057-1} - openjdk-8 <unfixed> - openjdk-11 11.0.14+9-1 - openjdk-17 17.0.2+8-1 CVE-2022-21292 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) NOT-FOR-US: Oracle CVE-2022-21291 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - {DSA-5057-1} + {DSA-5058-1 DSA-5057-1} - openjdk-8 <unfixed> - openjdk-11 11.0.14+9-1 - openjdk-17 17.0.2+8-1 @@ -6596,11 +6633,11 @@ CVE-2022-21285 (Vulnerability in the MySQL Cluster product of Oracle MySQL (comp CVE-2022-21284 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...) NOT-FOR-US: MySQL Cluster CVE-2022-21283 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - {DSA-5057-1} + {DSA-5058-1 DSA-5057-1} - openjdk-11 11.0.14+9-1 - openjdk-17 17.0.2+8-1 CVE-2022-21282 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - {DSA-5057-1} + {DSA-5058-1 DSA-5057-1} - openjdk-8 <unfixed> - openjdk-11 11.0.14+9-1 - openjdk-17 17.0.2+8-1 @@ -6613,7 +6650,7 @@ CVE-2022-21279 (Vulnerability in the MySQL Cluster product of Oracle MySQL (comp CVE-2022-21278 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 <unfixed> CVE-2022-21277 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - {DSA-5057-1} + {DSA-5058-1 DSA-5057-1} - openjdk-11 11.0.14+9-1 - openjdk-17 17.0.2+8-1 CVE-2022-21276 (Vulnerability in the Oracle Communications Billing and Revenue Managem ...) @@ -6675,7 +6712,7 @@ CVE-2022-21250 (Vulnerability in the Oracle Trade Management product of Oracle E CVE-2022-21249 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 <unfixed> CVE-2022-21248 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - {DSA-5057-1} + {DSA-5058-1 DSA-5057-1} - openjdk-8 <unfixed> - openjdk-11 11.0.14+9-1 - openjdk-17 17.0.2+8-1 |