Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cba5df20 by Salvatore Bonaccorso at 2022-01-06T09:29:27+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -64,7 +64,7 @@ CVE-2022-22150
CVE-2022-0130
RESERVED
CVE-2021-46145 (The keyfob subsystem in Honda Civic 2012 vehicles allows a
replay atta ...)
- TODO: check
+ NOT-FOR-US: keyfob subsystem in Honda Civic 2012 vehicles
CVE-2021-46143 (In doProlog in xmlparse.c in Expat (aka libexpat) before
2.4.3, an int ...)
- expat <unfixed>
NOTE: https://github.com/libexpat/libexpat/issues/532
@@ -312,9 +312,9 @@ CVE-2022-22569
CVE-2022-22568
RESERVED
CVE-2022-0122 (forge is vulnerable to URL Redirection to Untrusted Site ...)
- TODO: check
+ NOT-FOR-US: forge
CVE-2022-0121 (hoppscotch is vulnerable to Exposure of Sensitive Information
to an Un ...)
- TODO: check
+ NOT-FOR-US: hoppscotch
CVE-2022-22567
RESERVED
CVE-2022-22566
@@ -1368,11 +1368,11 @@ CVE-2021-45972 (The giftrans function in giftrans
1.12.2 contains a stack-based
- giftrans <unfixed> (bug #1002739; unimportant)
NOTE: Negligible security impact; crash in CLI tool
CVE-2021-45971 (An issue was discovered in SdHostDriver in Insyde InsydeH2O
with kerne ...)
- TODO: check
+ NOT-FOR-US: Insyde
CVE-2021-45970 (An issue was discovered in IdeBusDxe in Insyde InsydeH2O with
kernel 5 ...)
- TODO: check
+ NOT-FOR-US: Insyde
CVE-2021-45969 (An issue was discovered in AhciBusDxe in Insyde InsydeH2O with
kernel ...)
- TODO: check
+ NOT-FOR-US: Insyde
CVE-2021-45968
RESERVED
CVE-2021-45967
@@ -8100,9 +8100,9 @@ CVE-2022-21654
CVE-2022-21653 (Jawn is an open source JSON parser. Extenders of the
`org.typelevel.ja ...)
TODO: check
CVE-2022-21652 (Shopware is an open source e-commerce software platform. In
affected v ...)
- TODO: check
+ NOT-FOR-US: Shopware
CVE-2022-21651 (Shopware is an open source e-commerce software platform. An
open redir ...)
- TODO: check
+ NOT-FOR-US: Shopware
CVE-2022-21650 (Convos is an open source multi-user chat that runs in a web
browser. Y ...)
NOT-FOR-US: Convos
CVE-2022-21649 (Convos is an open source multi-user chat that runs in a web
browser. C ...)
@@ -8148,7 +8148,7 @@ CVE-2021-43949
CVE-2021-43948
RESERVED
CVE-2021-43947 (Affected versions of Atlassian Jira Server and Data Center
allow remot ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2021-43946 (Affected versions of Atlassian Jira Server and Data Center
allow authe ...)
NOT-FOR-US: Atlassian
CVE-2021-43945
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cba5df2031610aa7fdd36bb6a235866380e6ab88
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cba5df2031610aa7fdd36bb6a235866380e6ab88
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
