[Git][security-tracker-team/security-tracker][master] Process NFUs

Wed, 26 Jan 2022 13:37:03 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
57b860f5 by Salvatore Bonaccorso at 2022-01-26T22:36:28+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -560,25 +560,25 @@ CVE-2021-46485
 CVE-2021-46484
        RESERVED
 CVE-2021-46483 (Jsish v3.5.0 was discovered to contain a heap buffer overflow 
via Bool ...)
-       TODO: check
+       NOT-FOR-US: Jsish
 CVE-2021-46482 (Jsish v3.5.0 was discovered to contain a heap buffer overflow 
via Numb ...)
-       TODO: check
+       NOT-FOR-US: Jsish
 CVE-2021-46481 (Jsish v3.5.0 was discovered to contain a memory leak via 
linenoise at  ...)
-       TODO: check
+       NOT-FOR-US: Jsish
 CVE-2021-46480 (Jsish v3.5.0 was discovered to contain a heap buffer overflow 
via jsiV ...)
-       TODO: check
+       NOT-FOR-US: Jsish
 CVE-2021-46479
        RESERVED
 CVE-2021-46478 (Jsish v3.5.0 was discovered to contain a heap buffer overflow 
via jsiC ...)
-       TODO: check
+       NOT-FOR-US: Jsish
 CVE-2021-46477 (Jsish v3.5.0 was discovered to contain a heap buffer overflow 
via RegE ...)
-       TODO: check
+       NOT-FOR-US: Jsish
 CVE-2021-46476
        RESERVED
 CVE-2021-46475 (Jsish v3.5.0 was discovered to contain a heap buffer overflow 
via jsi_ ...)
-       TODO: check
+       NOT-FOR-US: Jsish
 CVE-2021-46474 (Jsish v3.5.0 was discovered to contain a heap buffer overflow 
via jsiE ...)
-       TODO: check
+       NOT-FOR-US: Jsish
 CVE-2021-46473
        RESERVED
 CVE-2021-46472
@@ -2108,7 +2108,7 @@ CVE-2022-0271
 CVE-2022-0270 (Prior to v0.6.1, bored-agent failed to sanitize incoming 
kubernetes im ...)
        TODO: check
 CVE-2022-0269 (Cross-Site Request Forgery (CSRF) in Packagist 
yetiforce/yetiforce-crm ...)
-       TODO: check
+       NOT-FOR-US: yetiforce-crm
 CVE-2022-0268 (Cross-site Scripting (XSS) - Stored in Packagist getgrav/grav 
prior to ...)
        TODO: check
 CVE-2022-0267
@@ -2140,13 +2140,13 @@ CVE-2021-46388
 CVE-2021-46387
        RESERVED
 CVE-2021-46386 (https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected 
by: File U ...)
-       TODO: check
+       NOT-FOR-US: MCMS
 CVE-2021-46385 (https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected 
by: SQL In ...)
-       TODO: check
+       NOT-FOR-US: MCMS
 CVE-2021-46384
        RESERVED
 CVE-2021-46383 (https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected 
by: SQL In ...)
-       TODO: check
+       NOT-FOR-US: MCMS
 CVE-2021-46382
        RESERVED
 CVE-2021-46381
@@ -2389,7 +2389,7 @@ CVE-2022-0253 (livehelperchat is vulnerable to Improper 
Neutralization of Input
 CVE-2022-0252
        RESERVED
 CVE-2022-0251 (Cross-site Scripting (XSS) - Stored in GitHub repository 
pimcore/pimco ...)
-       TODO: check
+       NOT-FOR-US: pimcore
 CVE-2022-0250
        RESERVED
 CVE-2022-0249
@@ -3650,11 +3650,11 @@ CVE-2022-22854
 CVE-2022-22853
        RESERVED
 CVE-2022-22852 (A Stored Cross Site Scripting (XSS) vulnerability exists in 
Sourcecodt ...)
-       TODO: check
+       NOT-FOR-US: Sourcecodtester
 CVE-2022-22851 (A Stored Cross Site Scripting (XSS) vulnerability exists in 
Sourcecodt ...)
-       TODO: check
+       NOT-FOR-US: Sourcecodtester
 CVE-2022-22850 (A Stored Cross Site Scripting (XSS) vulnerability exists in 
Sourcecodt ...)
-       TODO: check
+       NOT-FOR-US: Sourcecodtester
 CVE-2022-22849
        RESERVED
 CVE-2022-22149
@@ -5584,15 +5584,15 @@ CVE-2021-46120
 CVE-2021-46119
        RESERVED
 CVE-2021-46118 (jpress 4.2.0 is vulnerable to remote code execution via 
io.jpress.modu ...)
-       TODO: check
+       NOT-FOR-US: jpress
 CVE-2021-46117 (jpress 4.2.0 is vulnerable to remote code execution via 
io.jpress.modu ...)
-       TODO: check
+       NOT-FOR-US: jpress
 CVE-2021-46116 (jpress 4.2.0 is vulnerable to remote code execution via 
io.jpress.web. ...)
-       TODO: check
+       NOT-FOR-US: jpress
 CVE-2021-46115 (jpress 4.2.0 is vulnerable to RCE via 
io.jpress.web.admin._TemplateCon ...)
-       TODO: check
+       NOT-FOR-US: jpress
 CVE-2021-46114 (jpress v 4.2.0 is vulnerable to RCE via 
io.jpress.module.product.Produ ...)
-       TODO: check
+       NOT-FOR-US: jpress
 CVE-2021-46113 (In MartDevelopers KEA-Hotel-ERP open source as of 12-31-2021, 
a remote ...)
        NOT-FOR-US: MartDevelopers KEA-Hotel-ERP open source
 CVE-2021-46112
@@ -5940,7 +5940,7 @@ CVE-2021-45977
 CVE-2021-45976
        RESERVED
 CVE-2021-45975 (In ListCheck.exe in Acer Care Center 4.x before 4.00.3038, a 
vulnerabi ...)
-       TODO: check
+       NOT-FOR-US: Acer
 CVE-2021-45974
        RESERVED
 CVE-2021-45973



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57b860f5834513193558c10bd14bd28eff6d9406

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57b860f5834513193558c10bd14bd28eff6d9406
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to