automatic update

author: security tracker role <sectracker@soriano.debian.org> 2022-01-26 20:10:21 +0000
committer: security tracker role <sectracker@soriano.debian.org> 2022-01-26 20:10:21 +0000
commit: 35be49c9d0b4ab2b6142975cc40e6b09f9be942b (patch)
tree: aee87374ebb2bf8d8ca5ddc11c93b4316df9d1e8 /data/CVE/2022.list
parent: 197bd10a0d0ddbf719e21b02d9ead42ae3c8b278 (diff)
1 files changed, 106 insertions, 23 deletions
diff --git a/data/CVE/2022.list b/data/CVE/2022.list
index 6652d50731..62a0e3e572 100644
--- a/data/CVE/2022.list
+++ b/data/CVE/2022.list
@@ -1,3 +1,87 @@
+CVE-2022-24004
+	RESERVED
+CVE-2022-24003
+	RESERVED
+CVE-2022-24002
+	RESERVED
+CVE-2022-24001
+	RESERVED
+CVE-2022-24000
+	RESERVED
+CVE-2022-23999
+	RESERVED
+CVE-2022-23998
+	RESERVED
+CVE-2022-23997
+	RESERVED
+CVE-2022-23996
+	RESERVED
+CVE-2022-23995
+	RESERVED
+CVE-2022-23994
+	RESERVED
+CVE-2022-23993 (/usr/local/www/pkg.php in pfSense through 2.5.2 uses $_REQUEST['pkg_fi ...)
+	TODO: check
+CVE-2022-23992
+	RESERVED
+CVE-2022-23991
+	RESERVED
+CVE-2022-23990 (Expat (aka libexpat) before 2.4.4 has an integer overflow in the doPro ...)
+	TODO: check
+CVE-2022-23989
+	RESERVED
+CVE-2022-23988
+	RESERVED
+CVE-2022-23987
+	RESERVED
+CVE-2022-23984
+	RESERVED
+CVE-2022-23983
+	RESERVED
+CVE-2022-23982
+	RESERVED
+CVE-2022-23981
+	RESERVED
+CVE-2022-23980
+	RESERVED
+CVE-2022-23979
+	RESERVED
+CVE-2022-23978
+	RESERVED
+CVE-2022-23977
+	RESERVED
+CVE-2022-23976
+	RESERVED
+CVE-2022-23975
+	RESERVED
+CVE-2022-23974
+	RESERVED
+CVE-2022-23103
+	RESERVED
+CVE-2022-0383
+	RESERVED
+CVE-2022-0382
+	RESERVED
+CVE-2022-0381
+	RESERVED
+CVE-2022-0380
+	RESERVED
+CVE-2022-0379 (Cross-site Scripting (XSS) - Stored in Packagist microweber/microweber ...)
+	TODO: check
+CVE-2022-0378 (Cross-site Scripting (XSS) - Reflected in Packagist microweber/microwe ...)
+	TODO: check
+CVE-2022-0377
+	RESERVED
+CVE-2022-0376
+	RESERVED
+CVE-2022-0375 (Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat ...)
+	TODO: check
+CVE-2022-0374 (Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat ...)
+	TODO: check
+CVE-2022-0373
+	RESERVED
+CVE-2022-0372
+	RESERVED
 CVE-2022-23973
 	RESERVED
 CVE-2022-23972
@@ -74,8 +158,8 @@ CVE-2022-23942
 	RESERVED
 CVE-2022-21184
 	RESERVED
-CVE-2022-0368
-	RESERVED
+CVE-2022-0368 (Out-of-bounds Read in Conda vim prior to 8.2. ...)
+	TODO: check
 CVE-2022-0367
 	RESERVED
 CVE-2022-0366
@@ -86,14 +170,14 @@ CVE-2022-0364
 	RESERVED
 CVE-2022-0363
 	RESERVED
-CVE-2022-0362
-	RESERVED
-CVE-2022-0361
-	RESERVED
+CVE-2022-0362 (SQL Injection in Packagist showdoc/showdoc prior to 2.10.3. ...)
+	TODO: check
+CVE-2022-0361 (Heap-based Buffer Overflow in Conda vim prior to 8.2. ...)
+	TODO: check
 CVE-2022-0360
 	RESERVED
-CVE-2022-0359
-	RESERVED
+CVE-2022-0359 (Heap-based Buffer Overflow in Conda vim prior to 8.2. ...)
+	TODO: check
 CVE-2022-0358
 	RESERVED
 	- qemu <unfixed>
@@ -155,7 +239,7 @@ CVE-2022-21201
 	RESERVED
 CVE-2022-21178
 	RESERVED
-CVE-2022-0355 (Exposure of Sensitive Information to an Unauthorized Actor in NPM hiep ...)
+CVE-2022-0355 (Exposure of Sensitive Information to an Unauthorized Actor in NPM simp ...)
 	TODO: check
 CVE-2022-0354
 	RESERVED
@@ -1712,8 +1796,8 @@ CVE-2022-0253 (livehelperchat is vulnerable to Improper Neutralization of Input
 	NOT-FOR-US: livehelperchat
 CVE-2022-0252
 	RESERVED
-CVE-2022-0251
-	RESERVED
+CVE-2022-0251 (Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimco ...)
+	TODO: check
 CVE-2022-0250
 	RESERVED
 CVE-2022-0249
@@ -2119,8 +2203,8 @@ CVE-2022-0204 [Heap overflow vulnerability in the implementation of the gatt pro
 	NOTE: https://github.com/bluez/bluez/security/advisories/GHSA-479m-xcq5-9g2q
 	NOTE: Fixed by: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=591c546c536b42bef696d027f64aa22434f8c3f0 (5.63)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2039807
-CVE-2022-0203
-	RESERVED
+CVE-2022-0203 (Improper Access Control in GitHub repository crater-invoice/crater pri ...)
+	TODO: check
 CVE-2022-0202
 	RESERVED
 CVE-2022-0201
@@ -2702,8 +2786,7 @@ CVE-2022-22934
 	RESERVED
 CVE-2022-22933
 	RESERVED
-CVE-2022-22932
-	RESERVED
+CVE-2022-22932 (Apache Karaf obr:* commands and run goal on the karaf-maven-plugin hav ...)
 	- apache-karaf <itp> (bug #881297)
 CVE-2022-22931
 	RESERVED
@@ -2891,12 +2974,12 @@ CVE-2022-22854
 	RESERVED
 CVE-2022-22853
 	RESERVED
-CVE-2022-22852
-	RESERVED
-CVE-2022-22851
-	RESERVED
-CVE-2022-22850
-	RESERVED
+CVE-2022-22852 (A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodt ...)
+	TODO: check
+CVE-2022-22851 (A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodt ...)
+	TODO: check
+CVE-2022-22850 (A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodt ...)
+	TODO: check
 CVE-2022-22849
 	RESERVED
 CVE-2022-22149
@@ -5280,8 +5363,8 @@ CVE-2022-21946
 	RESERVED
 CVE-2022-21945
 	RESERVED
-CVE-2022-21944
-	RESERVED
+CVE-2022-21944 (A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd  ...)
+	TODO: check
 CVE-2022-21943
 	RESERVED
 CVE-2022-21942
author	security tracker role <sectracker@soriano.debian.org>	2022-01-26 20:10:21 +0000
committer	security tracker role <sectracker@soriano.debian.org>	2022-01-26 20:10:21 +0000
commit	35be49c9d0b4ab2b6142975cc40e6b09f9be942b (patch)
tree	aee87374ebb2bf8d8ca5ddc11c93b4316df9d1e8 /data/CVE/2022.list
parent	197bd10a0d0ddbf719e21b02d9ead42ae3c8b278 (diff)