Log

AVG-2828 created at 19 Feb 2023 19:11:06
Packages
+ samba
Issues
+ CVE-2022-3437
+ CVE-2022-3492
+ CVE-2022-37966
+ CVE-2022-37967
+ CVE-2022-38023
+ CVE-2022-42898
+ CVE-2022-45141
Status
+ Fixed
Severity
+ Unknown
Affected
+ 4.17.4-4
Fixed
+ 4.17.5-1
Ticket
Advisory qualified
+ No
References
+ https://www.samba.org/samba/security/CVE-2022-3592.html
+ https://www.samba.org/samba/security/CVE-2022-3437.html
+ https://www.samba.org/samba/security/CVE-2022-45141.html
+ https://www.samba.org/samba/security/CVE-2022-37967.html
+ https://www.samba.org/samba/security/CVE-2022-37966.html
+ https://www.samba.org/samba/security/CVE-2022-38023.html
+ https://www.samba.org/samba/security/CVE-2022-42898.html
Notes
CVE-2022-37967 created at 19 Feb 2023 19:11:06
AVG-2828 created at 19 Feb 2023 19:11:06
Packages
+ samba
Issues
+ CVE-2022-3437
+ CVE-2022-3492
+ CVE-2022-37966
+ CVE-2022-37967
+ CVE-2022-38023
+ CVE-2022-42898
+ CVE-2022-45141
Status
+ Fixed
Severity
+ Unknown
Affected
+ 4.17.4-4
Fixed
+ 4.17.5-1
Ticket
Advisory qualified
+ No
References
+ https://www.samba.org/samba/security/CVE-2022-3592.html
+ https://www.samba.org/samba/security/CVE-2022-3437.html
+ https://www.samba.org/samba/security/CVE-2022-45141.html
+ https://www.samba.org/samba/security/CVE-2022-37967.html
+ https://www.samba.org/samba/security/CVE-2022-37966.html
+ https://www.samba.org/samba/security/CVE-2022-38023.html
+ https://www.samba.org/samba/security/CVE-2022-42898.html
Notes
CVE-2022-37966 created at 19 Feb 2023 19:11:06
AVG-2828 created at 19 Feb 2023 19:11:06
Packages
+ samba
Issues
+ CVE-2022-3437
+ CVE-2022-3492
+ CVE-2022-37966
+ CVE-2022-37967
+ CVE-2022-38023
+ CVE-2022-42898
+ CVE-2022-45141
Status
+ Fixed
Severity
+ Unknown
Affected
+ 4.17.4-4
Fixed
+ 4.17.5-1
Ticket
Advisory qualified
+ No
References
+ https://www.samba.org/samba/security/CVE-2022-3592.html
+ https://www.samba.org/samba/security/CVE-2022-3437.html
+ https://www.samba.org/samba/security/CVE-2022-45141.html
+ https://www.samba.org/samba/security/CVE-2022-37967.html
+ https://www.samba.org/samba/security/CVE-2022-37966.html
+ https://www.samba.org/samba/security/CVE-2022-38023.html
+ https://www.samba.org/samba/security/CVE-2022-42898.html
Notes
CVE-2022-3492 created at 19 Feb 2023 19:11:06
AVG-2828 created at 19 Feb 2023 19:11:06
Packages
+ samba
Issues
+ CVE-2022-3437
+ CVE-2022-3492
+ CVE-2022-37966
+ CVE-2022-37967
+ CVE-2022-38023
+ CVE-2022-42898
+ CVE-2022-45141
Status
+ Fixed
Severity
+ Unknown
Affected
+ 4.17.4-4
Fixed
+ 4.17.5-1
Ticket
Advisory qualified
+ No
References
+ https://www.samba.org/samba/security/CVE-2022-3592.html
+ https://www.samba.org/samba/security/CVE-2022-3437.html
+ https://www.samba.org/samba/security/CVE-2022-45141.html
+ https://www.samba.org/samba/security/CVE-2022-37967.html
+ https://www.samba.org/samba/security/CVE-2022-37966.html
+ https://www.samba.org/samba/security/CVE-2022-38023.html
+ https://www.samba.org/samba/security/CVE-2022-42898.html
Notes
CVE-2022-45141 created at 19 Feb 2023 19:11:06
AVG-2828 created at 19 Feb 2023 19:11:06
Packages
+ samba
Issues
+ CVE-2022-3437
+ CVE-2022-3492
+ CVE-2022-37966
+ CVE-2022-37967
+ CVE-2022-38023
+ CVE-2022-42898
+ CVE-2022-45141
Status
+ Fixed
Severity
+ Unknown
Affected
+ 4.17.4-4
Fixed
+ 4.17.5-1
Ticket
Advisory qualified
+ No
References
+ https://www.samba.org/samba/security/CVE-2022-3592.html
+ https://www.samba.org/samba/security/CVE-2022-3437.html
+ https://www.samba.org/samba/security/CVE-2022-45141.html
+ https://www.samba.org/samba/security/CVE-2022-37967.html
+ https://www.samba.org/samba/security/CVE-2022-37966.html
+ https://www.samba.org/samba/security/CVE-2022-38023.html
+ https://www.samba.org/samba/security/CVE-2022-42898.html
Notes
CVE-2022-3437 created at 19 Feb 2023 19:11:06
CVE-2022-1537 edited at 19 Feb 2023 17:14:52
Description
+ file.copy operations in GruntJS are vulnerable to a TOC-TOU race condition leading to arbitrary file write when an attacker can create a symlink just after deletion of the dest symlink
References
+ https://huntr.dev/bounties/0179c3e5-bc02-4fc9-8491-a1a319b51b4d/
+ https://www.github.com/gruntjs/grunt/commit/58016ffac5ed9338b63ecc2a63710f5027362bae
AVG-2827 edited at 19 Feb 2023 17:11:42
Issues
CVE-2022-0436
+ CVE-2022-1537
Affected
- 1.5.1-1
+ 1.5.2-1
Fixed
- 1.5.2-1
+ 1.5.3-1
References
- https://huntr.dev/bounties/f55315e9-9f6d-4dbb-8c40-bae50c1ae92b/
- https://github.com/gruntjs/grunt/commit/aad3d4521c3098fb255fb2db8f2e1d691a033665
- https://github.com/gruntjs/grunt/commit/433f91b78df99d83daa6f56a5505ead743627c30
CVE-2022-1537 created at 19 Feb 2023 17:11:42
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes
CVE-2022-0436 edited at 19 Feb 2023 17:11:12
Description
+ file.copy operations in GruntJS are not protected against symlink traversal for both source and destination directories
References
+ https://huntr.dev/bounties/f55315e9-9f6d-4dbb-8c40-bae50c1ae92b/
+ https://github.com/gruntjs/grunt/commit/aad3d4521c3098fb255fb2db8f2e1d691a033665
+ https://github.com/gruntjs/grunt/commit/433f91b78df99d83daa6f56a5505ead743627c30
Notes
AVG-2827 created at 19 Feb 2023 17:08:44
Packages
+ grunt-cli
Issues
+ CVE-2022-0436
Status
+ Unknown
Severity
+ Unknown
Affected
+ 1.5.1-1
Fixed
+ 1.5.2-1
Ticket
Advisory qualified
+ No
References
+ https://huntr.dev/bounties/f55315e9-9f6d-4dbb-8c40-bae50c1ae92b/
+ https://github.com/gruntjs/grunt/commit/aad3d4521c3098fb255fb2db8f2e1d691a033665
+ https://github.com/gruntjs/grunt/commit/433f91b78df99d83daa6f56a5505ead743627c30
Notes
CVE-2022-0436 created at 19 Feb 2023 17:08:44
AVG-2825 edited at 19 Feb 2023 12:32:07
Severity
- Unknown
+ Medium
CVE-2022-1941 edited at 19 Feb 2023 12:32:07
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Denial of service
Description
+ A message parsing and memory management vulnerability in ProtocolBuffer’s C++ and Python implementations can trigger an out of memory (OOM) failure when processing a specially crafted message, which could lead to a denial of service (DoS) on services using the libraries.
References
Notes