automatic update

author: security tracker role <sectracker@soriano.debian.org> 2022-01-20 08:10:15 +0000
committer: security tracker role <sectracker@soriano.debian.org> 2022-01-20 08:10:15 +0000
commit: 4987943bc053230b1e30441853deed2f3e63291f (patch)
tree: 033aa5c440bed658118c72839e1217835dbb48c1
parent: 25f7005ebad27d16a0c0553db21f35b1eaa21845 (diff)
4 files changed, 720 insertions, 41 deletions
diff --git a/data/CVE/2010.list b/data/CVE/2010.list
index ebbc8ae738..ed2fa83248 100644
--- a/data/CVE/2010.list
+++ b/data/CVE/2010.list
@@ -75,7 +75,7 @@ CVE-2010-5313 (Race condition in arch/x86/kvm/x86.c in the Linux kernel before 2
 	[squeeze] - linux-2.6 <no-dsa> (KVM not supported in Squeeze LTS)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fc3a9157d314 (v2.6.38-rc1)
 CVE-2010-5312 (Cross-site scripting (XSS) vulnerability in jquery.ui.dialog.js in the ...)
-	{DSA-3249-1 DLA-258-1}
+	{DSA-3249-1 DLA-2889-1 DLA-258-1}
 	- drupal7 <removed>
 	- jqueryui 1.10.1+dfsg-1
 	- owncloud <not-affected> (embedded copy, bug #722500, of version 1.10.1, already fixed)
diff --git a/data/CVE/2016.list b/data/CVE/2016.list
index 1c82b6332d..5ce0ac7a74 100644
--- a/data/CVE/2016.list
+++ b/data/CVE/2016.list
@@ -11733,6 +11733,7 @@ CVE-2016-7111 (MantisBT before 1.3.1 and 2.x before 2.0.0-beta.2 uses a weak Con
 	NOTE: https://github.com/mantisbt/mantisbt/commit/b3511d2feb47eaee41feb5f69cf3c8a2c9acd229
 	NOTE: https://mantisbt.org/bugs/view.php?id=21263
 CVE-2016-7103 (Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 mi ...)
+	{DLA-2889-1}
 	- drupal7 <removed>
 	- jqueryui 1.12.1+dfsg-1
 	[jessie] - jqueryui <no-dsa> (Minor issue)
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 5a709689dc..ee50c6b11b 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -238,8 +238,8 @@ CVE-2021-45729
 	RESERVED
 CVE-2021-44779
 	RESERVED
-CVE-2021-44777
-	RESERVED
+CVE-2021-44777 (Cross-Site Request Forgery (CSRF) vulnerabilities leading to single or ...)
+	TODO: check
 CVE-2021-44760
 	RESERVED
 CVE-2021-4207
@@ -855,14 +855,14 @@ CVE-2021-46030 (There is a Cross Site Scripting attack (XSS) vulnerability in Ja
 	NOT-FOR-US: JavaQuarkBBS
 CVE-2021-46029
 	RESERVED
-CVE-2021-46028
-	RESERVED
-CVE-2021-46027
-	RESERVED
-CVE-2021-46026
-	RESERVED
-CVE-2021-46025
-	RESERVED
+CVE-2021-46028 (In mblog &lt;= 3.5.0 there is a CSRF vulnerability in the background a ...)
+	TODO: check
+CVE-2021-46027 (mysiteforme, as of 19-12-2022, has a CSRF vulnerability in the backgro ...)
+	TODO: check
+CVE-2021-46026 (mysiteforme, as of 19-12-2022, is vulnerable to Cross Site Scripting ( ...)
+	TODO: check
+CVE-2021-46025 (A Cross SIte Scripting (XSS) vulnerability exists in OneBlog &lt;= 2.2 ...)
+	TODO: check
 CVE-2021-46024
 	RESERVED
 CVE-2021-46023
@@ -2420,8 +2420,8 @@ CVE-2021-45444
 	RESERVED
 CVE-2021-45443
 	RESERVED
-CVE-2021-4143
-	RESERVED
+CVE-2021-4143 (Cross-site Scripting (XSS) - Generic in GitHub repository bigbluebutto ...)
+	TODO: check
 CVE-2021-45442 (A link following denial-of-service vulnerability in Trend Micro Worry- ...)
 	NOT-FOR-US: Trend Micro
 CVE-2021-45441 (A origin validation error vulnerability in Trend Micro Apex One (on-pr ...)
@@ -8137,8 +8137,8 @@ CVE-2021-43271
 	RESERVED
 CVE-2021-43270 (Datalust Seq.App.EmailPlus (aka seq-app-htmlemail) 3.1.0-dev-00148, 3. ...)
 	NOT-FOR-US: Datalust Seq.App.HtmlEmail (aka Seq.App.EmailPlus)
-CVE-2021-43269
-	RESERVED
+CVE-2021-43269 (In Code42 app before 8.8.0, eval injection allows an attacker to chang ...)
+	TODO: check
 CVE-2021-43268 (An issue was discovered in VxWorks 6.9 through 7. In the IKE component ...)
 	NOT-FOR-US: Wind River VxWorks
 CVE-2021-43266 (In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exporting col ...)
@@ -9758,10 +9758,10 @@ CVE-2021-42554
 	RESERVED
 CVE-2021-3892
 	REJECTED
-CVE-2021-26247
-	RESERVED
-CVE-2021-23225
-	RESERVED
+CVE-2021-26247 (As an unauthenticated remote user, visit "http://&lt;CACTI_SERVER&gt;/ ...)
+	TODO: check
+CVE-2021-23225 (Cacti 1.1.38 allows authenticated users with User Management permissio ...)
+	TODO: check
 CVE-2021-42553
 	RESERVED
 CVE-2021-42552
@@ -12566,8 +12566,8 @@ CVE-2021-41382 (Plastic SCM before 10.0.16.5622 mishandles the WebAdmin server m
 	NOT-FOR-US: Plastic SCM
 CVE-2021-41381 (Payara Micro Community 5.2021.6 and below allows Directory Traversal. ...)
 	NOT-FOR-US: Payara Micro Community
-CVE-2021-3816
-	RESERVED
+CVE-2021-3816 (Cacti 1.1.38 allows authenticated users with User Management permissio ...)
+	TODO: check
 CVE-2021-41380 (** DISPUTED ** RealVNC Viewer 6.21.406 allows remote VNC servers to ca ...)
 	NOT-FOR-US: RealVNC
 CVE-2021-41379 (Windows Installer Elevation of Privilege Vulnerability ...)
@@ -13037,6 +13037,7 @@ CVE-2021-41184 (jQuery-UI is the official jQuery user interface library. Prior t
 	NOTE: https://github.com/jquery/jquery-ui/security/advisories/GHSA-gpqq-952q-5327
 	NOTE: https://github.com/jquery/jquery-ui/commit/effa323f1505f2ce7a324e4f429fa9032c72f280
 CVE-2021-41183 (jQuery-UI is the official jQuery user interface library. Prior to vers ...)
+	{DLA-2889-1}
 	- drupal7 <removed>
 	- jqueryui 1.13.0+dfsg-1
 	[bullseye] - jqueryui 1.12.1+dfsg-8+deb11u1
@@ -13046,6 +13047,7 @@ CVE-2021-41183 (jQuery-UI is the official jQuery user interface library. Prior t
 	NOTE: https://github.com/jquery/jquery-ui/pull/1953
 	NOTE: https://www.drupal.org/sa-core-2022-001
 CVE-2021-41182 (jQuery-UI is the official jQuery user interface library. Prior to vers ...)
+	{DLA-2889-1}
 	- drupal7 <removed>
 	- jqueryui 1.13.0+dfsg-1
 	[bullseye] - jqueryui 1.12.1+dfsg-8+deb11u1
@@ -55154,10 +55156,10 @@ CVE-2021-23845 (This vulnerability could allow an attacker to hijack a session w
 	NOT-FOR-US: Bosch
 CVE-2021-23844
 	RESERVED
-CVE-2021-23843
-	RESERVED
-CVE-2021-23842
-	RESERVED
+CVE-2021-23843 (The Bosch software tools AccessIPConfig.exe and AmcIpConfig.exe are us ...)
+	TODO: check
+CVE-2021-23842 (Communication to the AMC2 uses a state-of-the-art cryptographic algori ...)
+	TODO: check
 CVE-2021-23841 (The OpenSSL public API function X509_issuer_and_serial_hash() attempts ...)
 	{DSA-4855-1 DLA-2565-1 DLA-2563-1}
 	- openssl 1.1.1j-1
diff --git a/data/CVE/2022.list b/data/CVE/2022.list
index 48a52dd207..1417347696 100644
--- a/data/CVE/2022.list
+++ b/data/CVE/2022.list
@@ -1,3 +1,657 @@
+CVE-2022-23779
+	RESERVED
+CVE-2022-23778
+	RESERVED
+CVE-2022-23777
+	RESERVED
+CVE-2022-23776
+	RESERVED
+CVE-2022-23775
+	RESERVED
+CVE-2022-23774
+	RESERVED
+CVE-2022-23773
+	RESERVED
+CVE-2022-23772
+	RESERVED
+CVE-2022-23771
+	RESERVED
+CVE-2022-23770
+	RESERVED
+CVE-2022-23769
+	RESERVED
+CVE-2022-23768
+	RESERVED
+CVE-2022-23767
+	RESERVED
+CVE-2022-23766
+	RESERVED
+CVE-2022-23765
+	RESERVED
+CVE-2022-23764
+	RESERVED
+CVE-2022-23763
+	RESERVED
+CVE-2022-23762
+	RESERVED
+CVE-2022-23761
+	RESERVED
+CVE-2022-23760
+	RESERVED
+CVE-2022-23759
+	RESERVED
+CVE-2022-23758
+	RESERVED
+CVE-2022-23757
+	RESERVED
+CVE-2022-23756
+	RESERVED
+CVE-2022-23755
+	RESERVED
+CVE-2022-23754
+	RESERVED
+CVE-2022-23753
+	RESERVED
+CVE-2022-23752
+	RESERVED
+CVE-2022-23751
+	RESERVED
+CVE-2022-23750
+	RESERVED
+CVE-2022-23749
+	RESERVED
+CVE-2022-23748
+	RESERVED
+CVE-2022-23747
+	RESERVED
+CVE-2022-23746
+	RESERVED
+CVE-2022-23745
+	RESERVED
+CVE-2022-23744
+	RESERVED
+CVE-2022-23743
+	RESERVED
+CVE-2022-23742
+	RESERVED
+CVE-2022-23741
+	RESERVED
+CVE-2022-23740
+	RESERVED
+CVE-2022-23739
+	RESERVED
+CVE-2022-23738
+	RESERVED
+CVE-2022-23737
+	RESERVED
+CVE-2022-23736
+	RESERVED
+CVE-2022-23735
+	RESERVED
+CVE-2022-23734
+	RESERVED
+CVE-2022-23733
+	RESERVED
+CVE-2022-23732
+	RESERVED
+CVE-2022-23731
+	RESERVED
+CVE-2022-23730
+	RESERVED
+CVE-2022-23729
+	RESERVED
+CVE-2022-23728
+	RESERVED
+CVE-2022-23727
+	RESERVED
+CVE-2022-23726
+	RESERVED
+CVE-2022-23725
+	RESERVED
+CVE-2022-23724
+	RESERVED
+CVE-2022-23723
+	RESERVED
+CVE-2022-23722
+	RESERVED
+CVE-2022-23721
+	RESERVED
+CVE-2022-23720
+	RESERVED
+CVE-2022-23719
+	RESERVED
+CVE-2022-23718
+	RESERVED
+CVE-2022-23717
+	RESERVED
+CVE-2022-23716
+	RESERVED
+CVE-2022-23715
+	RESERVED
+CVE-2022-23714
+	RESERVED
+CVE-2022-23713
+	RESERVED
+CVE-2022-23712
+	RESERVED
+CVE-2022-23711
+	RESERVED
+CVE-2022-23710
+	RESERVED
+CVE-2022-23709
+	RESERVED
+CVE-2022-23708
+	RESERVED
+CVE-2022-23707
+	RESERVED
+CVE-2022-23706
+	RESERVED
+CVE-2022-23705
+	RESERVED
+CVE-2022-23704
+	RESERVED
+CVE-2022-23703
+	RESERVED
+CVE-2022-23702
+	RESERVED
+CVE-2022-23701
+	RESERVED
+CVE-2022-23700
+	RESERVED
+CVE-2022-23699
+	RESERVED
+CVE-2022-23698
+	RESERVED
+CVE-2022-23697
+	RESERVED
+CVE-2022-23696
+	RESERVED
+CVE-2022-23695
+	RESERVED
+CVE-2022-23694
+	RESERVED
+CVE-2022-23693
+	RESERVED
+CVE-2022-23692
+	RESERVED
+CVE-2022-23691
+	RESERVED
+CVE-2022-23690
+	RESERVED
+CVE-2022-23689
+	RESERVED
+CVE-2022-23688
+	RESERVED
+CVE-2022-23687
+	RESERVED
+CVE-2022-23686
+	RESERVED
+CVE-2022-23685
+	RESERVED
+CVE-2022-23684
+	RESERVED
+CVE-2022-23683
+	RESERVED
+CVE-2022-23682
+	RESERVED
+CVE-2022-23681
+	RESERVED
+CVE-2022-23680
+	RESERVED
+CVE-2022-23679
+	RESERVED
+CVE-2022-23678
+	RESERVED
+CVE-2022-23677
+	RESERVED
+CVE-2022-23676
+	RESERVED
+CVE-2022-23675
+	RESERVED
+CVE-2022-23674
+	RESERVED
+CVE-2022-23673
+	RESERVED
+CVE-2022-23672
+	RESERVED
+CVE-2022-23671
+	RESERVED
+CVE-2022-23670
+	RESERVED
+CVE-2022-23669
+	RESERVED
+CVE-2022-23668
+	RESERVED
+CVE-2022-23667
+	RESERVED
+CVE-2022-23666
+	RESERVED
+CVE-2022-23665
+	RESERVED
+CVE-2022-23664
+	RESERVED
+CVE-2022-23663
+	RESERVED
+CVE-2022-23662
+	RESERVED
+CVE-2022-23661
+	RESERVED
+CVE-2022-23660
+	RESERVED
+CVE-2022-23659
+	RESERVED
+CVE-2022-23658
+	RESERVED
+CVE-2022-23657
+	RESERVED
+CVE-2022-23656
+	RESERVED
+CVE-2022-23655
+	RESERVED
+CVE-2022-23654
+	RESERVED
+CVE-2022-23653
+	RESERVED
+CVE-2022-23652
+	RESERVED
+CVE-2022-23651
+	RESERVED
+CVE-2022-23650
+	RESERVED
+CVE-2022-23649
+	RESERVED
+CVE-2022-23648
+	RESERVED
+CVE-2022-23647
+	RESERVED
+CVE-2022-23646
+	RESERVED
+CVE-2022-23645
+	RESERVED
+CVE-2022-23644
+	RESERVED
+CVE-2022-23643
+	RESERVED
+CVE-2022-23642
+	RESERVED
+CVE-2022-23641
+	RESERVED
+CVE-2022-23640
+	RESERVED
+CVE-2022-23639
+	RESERVED
+CVE-2022-23638
+	RESERVED
+CVE-2022-23637
+	RESERVED
+CVE-2022-23636
+	RESERVED
+CVE-2022-23635
+	RESERVED
+CVE-2022-23634
+	RESERVED
+CVE-2022-23633
+	RESERVED
+CVE-2022-23632
+	RESERVED
+CVE-2022-23631
+	RESERVED
+CVE-2022-23630
+	RESERVED
+CVE-2022-23629
+	RESERVED
+CVE-2022-23628
+	RESERVED
+CVE-2022-23627
+	RESERVED
+CVE-2022-23626
+	RESERVED
+CVE-2022-23625
+	RESERVED
+CVE-2022-23624
+	RESERVED
+CVE-2022-23623
+	RESERVED
+CVE-2022-23622
+	RESERVED
+CVE-2022-23621
+	RESERVED
+CVE-2022-23620
+	RESERVED
+CVE-2022-23619
+	RESERVED
+CVE-2022-23618
+	RESERVED
+CVE-2022-23617
+	RESERVED
+CVE-2022-23616
+	RESERVED
+CVE-2022-23615
+	RESERVED
+CVE-2022-23614
+	RESERVED
+CVE-2022-23613
+	RESERVED
+CVE-2022-23612
+	RESERVED
+CVE-2022-23611
+	RESERVED
+CVE-2022-23610
+	RESERVED
+CVE-2022-23609
+	RESERVED
+CVE-2022-23608
+	RESERVED
+CVE-2022-23607
+	RESERVED
+CVE-2022-23606
+	RESERVED
+CVE-2022-23605
+	RESERVED
+CVE-2022-23604
+	RESERVED
+CVE-2022-23603
+	RESERVED
+CVE-2022-23602
+	RESERVED
+CVE-2022-23601
+	RESERVED
+CVE-2022-23600
+	RESERVED
+CVE-2022-23599
+	RESERVED
+CVE-2022-23598
+	RESERVED
+CVE-2022-23597
+	RESERVED
+CVE-2022-23596
+	RESERVED
+CVE-2022-23595
+	RESERVED
+CVE-2022-23594
+	RESERVED
+CVE-2022-23593
+	RESERVED
+CVE-2022-23592
+	RESERVED
+CVE-2022-23591
+	RESERVED
+CVE-2022-23590
+	RESERVED
+CVE-2022-23589
+	RESERVED
+CVE-2022-23588
+	RESERVED
+CVE-2022-23587
+	RESERVED
+CVE-2022-23586
+	RESERVED
+CVE-2022-23585
+	RESERVED
+CVE-2022-23584
+	RESERVED
+CVE-2022-23583
+	RESERVED
+CVE-2022-23582
+	RESERVED
+CVE-2022-23581
+	RESERVED
+CVE-2022-23580
+	RESERVED
+CVE-2022-23579
+	RESERVED
+CVE-2022-23578
+	RESERVED
+CVE-2022-23577
+	RESERVED
+CVE-2022-23576
+	RESERVED
+CVE-2022-23575
+	RESERVED
+CVE-2022-23574
+	RESERVED
+CVE-2022-23573
+	RESERVED
+CVE-2022-23572
+	RESERVED
+CVE-2022-23571
+	RESERVED
+CVE-2022-23570
+	RESERVED
+CVE-2022-23569
+	RESERVED
+CVE-2022-23568
+	RESERVED
+CVE-2022-23567
+	RESERVED
+CVE-2022-23566
+	RESERVED
+CVE-2022-23565
+	RESERVED
+CVE-2022-23564
+	RESERVED
+CVE-2022-23563
+	RESERVED
+CVE-2022-23562
+	RESERVED
+CVE-2022-23561
+	RESERVED
+CVE-2022-23560
+	RESERVED
+CVE-2022-23559
+	RESERVED
+CVE-2022-23558
+	RESERVED
+CVE-2022-23557
+	RESERVED
+CVE-2022-23556
+	RESERVED
+CVE-2022-23555
+	RESERVED
+CVE-2022-23554
+	RESERVED
+CVE-2022-23553
+	RESERVED
+CVE-2022-23552
+	RESERVED
+CVE-2022-23551
+	RESERVED
+CVE-2022-23550
+	RESERVED
+CVE-2022-23549
+	RESERVED
+CVE-2022-23548
+	RESERVED
+CVE-2022-23547
+	RESERVED
+CVE-2022-23546
+	RESERVED
+CVE-2022-23545
+	RESERVED
+CVE-2022-23544
+	RESERVED
+CVE-2022-23543
+	RESERVED
+CVE-2022-23542
+	RESERVED
+CVE-2022-23541
+	RESERVED
+CVE-2022-23540
+	RESERVED
+CVE-2022-23539
+	RESERVED
+CVE-2022-23538
+	RESERVED
+CVE-2022-23537
+	RESERVED
+CVE-2022-23536
+	RESERVED
+CVE-2022-23535
+	RESERVED
+CVE-2022-23534
+	RESERVED
+CVE-2022-23533
+	RESERVED
+CVE-2022-23532
+	RESERVED
+CVE-2022-23531
+	RESERVED
+CVE-2022-23530
+	RESERVED
+CVE-2022-23529
+	RESERVED
+CVE-2022-23528
+	RESERVED
+CVE-2022-23527
+	RESERVED
+CVE-2022-23526
+	RESERVED
+CVE-2022-23525
+	RESERVED
+CVE-2022-23524
+	RESERVED
+CVE-2022-23523
+	RESERVED
+CVE-2022-23522
+	RESERVED
+CVE-2022-23521
+	RESERVED
+CVE-2022-23520
+	RESERVED
+CVE-2022-23519
+	RESERVED
+CVE-2022-23518
+	RESERVED
+CVE-2022-23517
+	RESERVED
+CVE-2022-23516
+	RESERVED
+CVE-2022-23515
+	RESERVED
+CVE-2022-23514
+	RESERVED
+CVE-2022-23513
+	RESERVED
+CVE-2022-23512
+	RESERVED
+CVE-2022-23511
+	RESERVED
+CVE-2022-23510
+	RESERVED
+CVE-2022-23509
+	RESERVED
+CVE-2022-23508
+	RESERVED
+CVE-2022-23507
+	RESERVED
+CVE-2022-23506
+	RESERVED
+CVE-2022-23505
+	RESERVED
+CVE-2022-23504
+	RESERVED
+CVE-2022-23503
+	RESERVED
+CVE-2022-23502
+	RESERVED
+CVE-2022-23501
+	RESERVED
+CVE-2022-23500
+	RESERVED
+CVE-2022-23499
+	RESERVED
+CVE-2022-23498
+	RESERVED
+CVE-2022-23497
+	RESERVED
+CVE-2022-23496
+	RESERVED
+CVE-2022-23495
+	RESERVED
+CVE-2022-23494
+	RESERVED
+CVE-2022-23493
+	RESERVED
+CVE-2022-23492
+	RESERVED
+CVE-2022-23491
+	RESERVED
+CVE-2022-23490
+	RESERVED
+CVE-2022-23489
+	RESERVED
+CVE-2022-23488
+	RESERVED
+CVE-2022-23487
+	RESERVED
+CVE-2022-23486
+	RESERVED
+CVE-2022-23485
+	RESERVED
+CVE-2022-23484
+	RESERVED
+CVE-2022-23483
+	RESERVED
+CVE-2022-23482
+	RESERVED
+CVE-2022-23481
+	RESERVED
+CVE-2022-23480
+	RESERVED
+CVE-2022-23479
+	RESERVED
+CVE-2022-23478
+	RESERVED
+CVE-2022-23477
+	RESERVED
+CVE-2022-23476
+	RESERVED
+CVE-2022-23475
+	RESERVED
+CVE-2022-23474
+	RESERVED
+CVE-2022-23473
+	RESERVED
+CVE-2022-23472
+	RESERVED
+CVE-2022-23471
+	RESERVED
+CVE-2022-23470
+	RESERVED
+CVE-2022-23469
+	RESERVED
+CVE-2022-23468
+	RESERVED
+CVE-2022-23467
+	RESERVED
+CVE-2022-23466
+	RESERVED
+CVE-2022-23465
+	RESERVED
+CVE-2022-23464
+	RESERVED
+CVE-2022-23463
+	RESERVED
+CVE-2022-23462
+	RESERVED
+CVE-2022-23461
+	RESERVED
+CVE-2022-23460
+	RESERVED
+CVE-2022-23459
+	RESERVED
+CVE-2022-23458
+	RESERVED
+CVE-2022-23457
+	RESERVED
+CVE-2022-0314
+	RESERVED
+CVE-2022-0313
+	RESERVED
+CVE-2022-0312
+	RESERVED
+CVE-2022-0299
+	RESERVED
 CVE-2022-23456
 	RESERVED
 CVE-2022-23455
@@ -39,90 +693,112 @@ CVE-2022-23438
 CVE-2022-23437
 	RESERVED
 CVE-2022-0311
+	RESERVED
 	- chromium <unfixed>
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0310
+	RESERVED
 	- chromium <unfixed>
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0309
+	RESERVED
 	- chromium <unfixed>
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0308
+	RESERVED
 	- chromium <unfixed>
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0307
+	RESERVED
 	- chromium <unfixed>
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0306
+	RESERVED
 	- chromium <unfixed>
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0305
+	RESERVED
 	- chromium <unfixed>
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0304
+	RESERVED
 	- chromium <unfixed>
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0303
+	RESERVED
 	- chromium <unfixed>
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0302
+	RESERVED
 	- chromium <unfixed>
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0301
+	RESERVED
 	- chromium <unfixed>
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0300
+	RESERVED
 	- chromium <unfixed>
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0298
+	RESERVED
 	- chromium <unfixed>
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0297
+	RESERVED
 	- chromium <unfixed>
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0296
+	RESERVED
 	- chromium <unfixed>
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0295
+	RESERVED
 	- chromium <unfixed>
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0294
+	RESERVED
 	- chromium <unfixed>
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0293
+	RESERVED
 	- chromium <unfixed>
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0292
+	RESERVED
 	- chromium <unfixed>
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0291
+	RESERVED
 	- chromium <unfixed>
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0290
+	RESERVED
 	- chromium <unfixed>
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2022-0289
+	RESERVED
 	- chromium <unfixed>
 	[buster] - chromium <end-of-life> (see DSA 5046)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
@@ -495,8 +1171,8 @@ CVE-2022-0245 (Cross-Site Request Forgery (CSRF) in GitHub repository livehelper
 	NOT-FOR-US: livehelperchat
 CVE-2022-0244 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
 	- gitlab <unfixed>
-CVE-2022-0243
-	RESERVED
+CVE-2022-0243 (Cross-site Scripting (XSS) - Stored in GitHub repository orchardcms/or ...)
+	TODO: check
 CVE-2022-23302 (JMSSink in all versions of Log4j 1.x is vulnerable to deserialization  ...)
 	- apache-log4j1.2 <unfixed>
 	NOTE: https://www.openwall.com/lists/oss-security/2022/01/18/3
@@ -1180,10 +1856,10 @@ CVE-2022-23048
 	RESERVED
 CVE-2022-23047
 	RESERVED
-CVE-2022-23046
-	RESERVED
-CVE-2022-23045
-	RESERVED
+CVE-2022-23046 (PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL senten ...)
+	TODO: check
+CVE-2022-23045 (PhpIPAM v1.4.4 allows an authenticated admin user to inject persistent ...)
+	TODO: check
 CVE-2022-23044
 	RESERVED
 CVE-2022-23043
@@ -1831,8 +2507,8 @@ CVE-2022-22771
 	RESERVED
 CVE-2022-22770
 	RESERVED
-CVE-2022-22769
-	RESERVED
+CVE-2022-22769 (The Web server component of TIBCO Software Inc.'s TIBCO EBX, TIBCO EBX ...)
+	TODO: check
 CVE-2022-22768
 	RESERVED
 CVE-2022-22767
@@ -4478,18 +5154,18 @@ CVE-2022-21706
 	RESERVED
 CVE-2022-21705
 	RESERVED
-CVE-2022-21704
-	RESERVED
+CVE-2022-21704 (log4js-node is a port of log4js to node.js. In affected versions defau ...)
+	TODO: check
 CVE-2022-21703
 	RESERVED
 CVE-2022-21702
 	RESERVED
-CVE-2022-21701
-	RESERVED
+CVE-2022-21701 (Istio is an open platform to connect, manage, and secure microservices ...)
+	TODO: check
 CVE-2022-21700 (Micronaut is a JVM-based, full stack Java framework designed for build ...)
 	TODO: check
-CVE-2022-21699
-	RESERVED
+CVE-2022-21699 (IPython (Interactive Python) is a command shell for interactive comput ...)
+	TODO: check
 CVE-2022-21698
 	RESERVED
 CVE-2022-21697
@@ -4542,8 +5218,8 @@ CVE-2022-21681 (Marked is a markdown parser and compiler. Prior to version 4.0.1
 	TODO: check
 CVE-2022-21680 (Marked is a markdown parser and compiler. Prior to version 4.0.10, the ...)
 	TODO: check
-CVE-2022-21679
-	RESERVED
+CVE-2022-21679 (Istio is an open platform to connect, manage, and secure microservices ...)
+	TODO: check
 CVE-2022-21678 (Discourse is an open source discussion platform. Prior to version 2.8. ...)
 	NOT-FOR-US: Discourse
 CVE-2022-21677 (Discourse is an open source discussion platform. Discourse groups can  ...)
author	security tracker role <sectracker@soriano.debian.org>	2022-01-20 08:10:15 +0000
committer	security tracker role <sectracker@soriano.debian.org>	2022-01-20 08:10:15 +0000
commit	4987943bc053230b1e30441853deed2f3e63291f (patch)
tree	033aa5c440bed658118c72839e1217835dbb48c1
parent	25f7005ebad27d16a0c0553db21f35b1eaa21845 (diff)