diff options
author | security tracker role <sectracker@soriano.debian.org> | 2022-02-13 20:10:28 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2022-02-13 20:10:28 +0000 |
commit | 4bd2244256d1f04bfa9aa408d3c9f562ff33c56f (patch) | |
tree | 5f97abbe6fc21b9d1c15a218c5645f0efd4e3df0 /data | |
parent | 4d1c01ac31437cd55d01b88bfeb06cc5b1920633 (diff) |
automatic update
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list.2021 | 3 | ||||
-rw-r--r-- | data/CVE/list.2022 | 35 |
2 files changed, 24 insertions, 14 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index 7669940007..af1007b6ef 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -4651,8 +4651,7 @@ CVE-2021-44881 (D-Link device DIR_882 DIR_882_FW1.30B06_Hotfix_02 was discovered NOT-FOR-US: D-Link CVE-2021-44880 (D-Link devices DIR_878 DIR_878_FW1.30B08_Hotfix_02 and DIR_882 DIR_882 ...) NOT-FOR-US: D-Link -CVE-2021-44879 - RESERVED +CVE-2021-44879 (In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, ...) - linux 5.16.7-1 NOTE: https://www.openwall.com/lists/oss-security/2022/02/12/1 NOTE: Fixed by: https://git.kernel.org/linus/9056d6489f5a41cfbb67f719d2c0ce61ead72d9f (5.17-rc1) diff --git a/data/CVE/list.2022 b/data/CVE/list.2022 index 9e51838292..f1f80424ca 100644 --- a/data/CVE/list.2022 +++ b/data/CVE/list.2022 @@ -1,4 +1,16 @@ -CVE-2022-24976 [authentication bypass by ending an IRC handshake at a certain point during a challenge-response login sequence] +CVE-2022-24980 + RESERVED +CVE-2022-24979 + RESERVED +CVE-2022-24978 + RESERVED +CVE-2022-24977 (ImpressCMS before 1.4.2 allows unauthenticated remote code execution v ...) + TODO: check +CVE-2022-0579 + RESERVED +CVE-2022-0578 + RESERVED +CVE-2022-24976 (Atheme IRC Services before 7.2.12, when used in conjunction with InspI ...) - atheme-services <unfixed> [bullseye] - atheme-services <no-dsa> (Minor issue; can be fixed via point release) [buster] - atheme-services <no-dsa> (Minor issue; can be fixed via point release) @@ -14,15 +26,14 @@ CVE-2022-0574 RESERVED CVE-2022-0573 RESERVED -CVE-2022-0572 [crash when repeatedly using :retab] - RESERVED +CVE-2022-0572 (Heap-based Buffer Overflow in Conda vim prior to 8.2. ...) - vim <unfixed> [bullseye] - vim <no-dsa> (Minor issue) [buster] - vim <no-dsa> (Minor issue) NOTE: https://huntr.dev/bounties/bf3e0643-03e9-4436-a1c8-74e7111c32bf NOTE: https://github.com/vim/vim/commit/6e28703a8e41f775f64e442c5d11ce1ff599aa3f (v8.2.4359) -CVE-2022-0571 - RESERVED +CVE-2022-0571 (Cross-site Scripting (XSS) - Reflected in Homebrew phoronixtestsuite p ...) + TODO: check CVE-2022-0570 (Heap-based Buffer Overflow in Homebrew mruby prior to 3.2. ...) - mruby <not-affected> (Vulnerable code introduced later) NOTE: https://huntr.dev/bounties/65a7632e-f95b-4836-b1a7-9cb95e5124f1 @@ -6007,7 +6018,7 @@ CVE-2022-22765 (BD Viper LT system, versions 2.0 and later, contains hardcoded c NOT-FOR-US: BD Viper LT system CVE-2022-22764 RESERVED - {DSA-5069-1 DLA-2916-1} + {DSA-5074-1 DSA-5069-1 DLA-2916-1} - firefox 97.0-1 - firefox-esr 91.6.0esr-1 - thunderbird 1:91.6.0-1 @@ -6016,7 +6027,7 @@ CVE-2022-22764 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-06/#CVE-2022-22764 CVE-2022-22763 RESERVED - {DSA-5069-1 DLA-2916-1} + {DSA-5074-1 DSA-5069-1 DLA-2916-1} - firefox-esr 91.6.0esr-1 - thunderbird 1:91.6.0-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-05/#CVE-2022-22763 @@ -6027,7 +6038,7 @@ CVE-2022-22762 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-04/#CVE-2022-22762 CVE-2022-22761 RESERVED - {DSA-5069-1 DLA-2916-1} + {DSA-5074-1 DSA-5069-1 DLA-2916-1} - firefox 97.0-1 - firefox-esr 91.6.0esr-1 - thunderbird 1:91.6.0-1 @@ -6036,7 +6047,7 @@ CVE-2022-22761 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-06/#CVE-2022-22761 CVE-2022-22760 RESERVED - {DSA-5069-1 DLA-2916-1} + {DSA-5074-1 DSA-5069-1 DLA-2916-1} - firefox 97.0-1 - firefox-esr 91.6.0esr-1 - thunderbird 1:91.6.0-1 @@ -6045,7 +6056,7 @@ CVE-2022-22760 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-06/#CVE-2022-22760 CVE-2022-22759 RESERVED - {DSA-5069-1 DLA-2916-1} + {DSA-5074-1 DSA-5069-1 DLA-2916-1} - firefox 97.0-1 - firefox-esr 91.6.0esr-1 - thunderbird 1:91.6.0-1 @@ -6063,7 +6074,7 @@ CVE-2022-22757 TODO: check if WebDriver enabled, if not demote severity to unimportant CVE-2022-22756 RESERVED - {DSA-5069-1 DLA-2916-1} + {DSA-5074-1 DSA-5069-1 DLA-2916-1} - firefox 97.0-1 - firefox-esr 91.6.0esr-1 - thunderbird 1:91.6.0-1 @@ -6076,7 +6087,7 @@ CVE-2022-22755 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-04/#CVE-2022-22755 CVE-2022-22754 RESERVED - {DSA-5069-1 DLA-2916-1} + {DSA-5074-1 DSA-5069-1 DLA-2916-1} - firefox 97.0-1 - firefox-esr 91.6.0esr-1 - thunderbird 1:91.6.0-1 |