diff options
| author | security tracker role <sectracker@soriano.debian.org> | 2022-02-20 20:10:19 +0000 |
|---|---|---|
| committer | security tracker role <sectracker@soriano.debian.org> | 2022-02-20 20:10:19 +0000 |
| commit | 5dc31fe35f593a747e1d438adf8ecbd5e806667c (patch) | |
| tree | 714c5ee6b43f60ec7e721aca969195ec8f772293 /data/CVE/list.2022 | |
| parent | 598df42e2831bdee06464cbabb92ef7bf8b91515 (diff) | |
automatic update
Diffstat (limited to 'data/CVE/list.2022')
| -rw-r--r-- | data/CVE/list.2022 | 42 |
1 files changed, 28 insertions, 14 deletions
diff --git a/data/CVE/list.2022 b/data/CVE/list.2022 index 626e4a9b6d..ef4fdecf37 100644 --- a/data/CVE/list.2022 +++ b/data/CVE/list.2022 @@ -1,3 +1,17 @@ +CVE-2022-25371 + RESERVED +CVE-2022-25370 + RESERVED +CVE-2022-25355 + RESERVED +CVE-2022-0694 + RESERVED +CVE-2022-0693 + RESERVED +CVE-2022-0692 + RESERVED +CVE-2022-0691 + RESERVED CVE-2022-25369 RESERVED CVE-2022-25368 @@ -6,14 +20,14 @@ CVE-2022-0690 (Cross-site Scripting (XSS) - Reflected in Packagist microweber/mi NOT-FOR-US: microweber CVE-2022-0689 (Use multiple time the one-time coupon in Packagist microweber/microweb ...) NOT-FOR-US: microweber -CVE-2022-0688 - RESERVED +CVE-2022-0688 (Business Logic Errors in Packagist microweber/microweber prior to 1.2. ...) + TODO: check CVE-2022-0687 RESERVED -CVE-2022-0686 - RESERVED -CVE-2022-0685 - RESERVED +CVE-2022-0686 (Authorization Bypass Through User-Controlled Key in NPM url-parse prio ...) + TODO: check +CVE-2022-0685 (Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior ...) + TODO: check CVE-2022-0684 RESERVED CVE-2022-25367 @@ -4211,8 +4225,8 @@ CVE-2022-0338 (Improper Privilege Management in Conda loguru prior to 0.5.3. ... NOTE: https://huntr.dev/bounties/359bea50-2bc6-426a-b2f9-175d401b1ed0/ NOTE: Document best practices for security: https://github.com/delgan/loguru/commit/ea39375e62f9b8f18e2ca798a5c0fb8c972b7eaa NOTE: loguru documents security considerations and best practices to follow -CVE-2022-23848 - RESERVED +CVE-2022-23848 (In Alluxio before 2.7.3, the logserver does not validate the input str ...) + TODO: check CVE-2022-23847 RESERVED CVE-2022-23846 @@ -6440,10 +6454,10 @@ CVE-2022-23056 RESERVED CVE-2022-23055 RESERVED -CVE-2022-23054 - RESERVED -CVE-2022-23053 - RESERVED +CVE-2022-23054 (Openmct versions 1.3.0 to 1.7.7 are vulnerable against stored XSS via ...) + TODO: check +CVE-2022-23053 (Openmct versions 1.3.0 to 1.7.7 are vulnerable against stored XSS via ...) + TODO: check CVE-2022-23052 RESERVED CVE-2022-23051 @@ -9005,8 +9019,8 @@ CVE-2022-22128 RESERVED CVE-2022-22127 RESERVED -CVE-2022-22126 - RESERVED +CVE-2022-22126 (Openmct versions 1.3.0 to 1.7.7 are vulnerable against stored XSS via ...) + TODO: check CVE-2022-22125 (In Halo, versions v1.0.0 to v1.4.17 (latest) are vulnerable to Stored ...) NOT-FOR-US: Halo CVE-2022-22124 (In Halo, versions v1.0.0 to v1.4.17 (latest) are vulnerable to Stored ...) |