Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3ef00b22 by Salvatore Bonaccorso at 2022-01-17T21:44:01+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15,17 +15,17 @@ CVE-2022-0260
CVE-2022-0259
RESERVED
CVE-2022-0258 (pimcore is vulnerable to Improper Neutralization of Special
Elements u ...)
- TODO: check
+ NOT-FOR-US: pimcore
CVE-2022-0257 (pimcore is vulnerable to Improper Neutralization of Input
During Web P ...)
- TODO: check
+ NOT-FOR-US: pimcore
CVE-2022-0256 (pimcore is vulnerable to Improper Neutralization of Input
During Web P ...)
- TODO: check
+ NOT-FOR-US: pimcore
CVE-2022-0255
RESERVED
CVE-2022-0254
RESERVED
CVE-2022-0253 (livehelperchat is vulnerable to Improper Neutralization of
Input Durin ...)
- TODO: check
+ NOT-FOR-US: livehelperchat
CVE-2022-0252
RESERVED
CVE-2022-0251
@@ -693,9 +693,9 @@ CVE-2022-0186
CVE-2022-0185
RESERVED
CVE-2022-0184 (Insufficiently protected credentials vulnerability in 'TEPRA'
PRO SR59 ...)
- TODO: check
+ NOT-FOR-US: TEPRA
CVE-2022-0183 (Missing encryption of sensitive data vulnerability in
'MIRUPASS' PW10 ...)
- TODO: check
+ NOT-FOR-US: MIRUPASS
CVE-2020-36515
RESERVED
CVE-2022-23101
@@ -939,11 +939,11 @@ CVE-2022-21210
CVE-2022-21145
RESERVED
CVE-2022-0182 (Stored cross-site scripting vulnerability in Quiz And Survey
Master ve ...)
- TODO: check
+ NOT-FOR-US: Quiz And Survey Master
CVE-2022-0181 (Reflected cross-site scripting vulnerability in Quiz And Survey
Master ...)
- TODO: check
+ NOT-FOR-US: Quiz And Survey Master
CVE-2022-0180 (Cross-site request forgery (CSRF) vulnerability in Quiz And
Survey Mas ...)
- TODO: check
+ NOT-FOR-US: Quiz And Survey Master
CVE-2022-0179 (snipe-it is vulnerable to Improper Access Control ...)
NOT-FOR-US: snipe-it
CVE-2022-0178 (snipe-it is vulnerable to Improper Access Control ...)
@@ -2016,7 +2016,7 @@ CVE-2022-0133 (peertube is vulnerable to Improper Access
Control ...)
CVE-2022-0132 (peertube is vulnerable to Server-Side Request Forgery (SSRF)
...)
- peertube <itp> (bug #950821)
CVE-2022-0131 (Jimoty App for Android versions prior to 3.7.42 uses a
hard-coded API ...)
- TODO: check
+ NOT-FOR-US: Jimoty App for Android
CVE-2021-4201
RESERVED
CVE-2022-22708
@@ -25748,7 +25748,7 @@ CVE-2021-38967 (IBM MQ Appliance 9.2 CD and 9.2 LTS
could allow a local privileg
CVE-2021-38966 (IBM Cloud Pak for Automation 21.0.2 is vulnerable to
cross-site script ...)
NOT-FOR-US: IBM
CVE-2021-38965 (IBM FileNet Content Manager 5.5.4, 5.5.6, and 5.5.7 could
allow a remo ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2021-38964
RESERVED
CVE-2021-38963
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ef00b2233fb5e9f4bd7706ff90e0b326a8025d0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ef00b2233fb5e9f4bd7706ff90e0b326a8025d0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
