Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7d4ef1b1 by Salvatore Bonaccorso at 2022-02-16T06:42:15+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3983,9 +3983,9 @@ CVE-2022-0343
CVE-2022-0342
RESERVED
CVE-2021-46558 (Multiple cross-site scripting (XSS) vulnerabilities in the Add
User mo ...)
- TODO: check
+ NOT-FOR-US: Issabel
CVE-2021-46557 (Vicidial 2.14-783a was discovered to contain a cross-site
scripting (X ...)
- TODO: check
+ NOT-FOR-US: Vicidial
CVE-2021-46556 (Cesanta MJS v2.20.0 was discovered to contain a SEGV
vulnerability via ...)
NOT-FOR-US: Cesanta MJS
CVE-2021-46555
@@ -4173,11 +4173,11 @@ CVE-2021-46465
CVE-2021-46464
RESERVED
CVE-2021-46463 (njs through 0.7.1, used in NGINX, was discovered to contain a
control ...)
- TODO: check
+ NOT-FOR-US: njs
CVE-2021-46462 (njs through 0.7.1, used in NGINX, was discovered to contain a
segmenta ...)
- TODO: check
+ NOT-FOR-US: njs
CVE-2021-46461 (njs through 0.7.0, used in NGINX, was discovered to contain an
out-of- ...)
- TODO: check
+ NOT-FOR-US: njs
CVE-2021-46460
RESERVED
CVE-2021-46459 (Victor CMS v1.0 was discovered to contain multiple SQL
injection vulne ...)
@@ -4923,7 +4923,7 @@ CVE-2022-23639 (crossbeam-utils provides atomics,
synchronization primitives, sc
CVE-2022-23638 (svg-sanitizer is a SVG/XML sanitizer written in PHP. A
cross-site scri ...)
TODO: check
CVE-2022-23637 (K-Box is a web-based application to manage documents, images,
videos a ...)
- TODO: check
+ NOT-FOR-US: K-Box
CVE-2022-23636
RESERVED
CVE-2022-23635
@@ -5012,7 +5012,7 @@ CVE-2022-23606
CVE-2022-23605 (Wire webapp is a web client for the wire messaging protocol.
In versio ...)
NOT-FOR-US: Wire webapp
CVE-2022-23604 (x26-Cogs is a repository of cogs made by Twentysix for the Red
Discord ...)
- TODO: check
+ NOT-FOR-US: x26-Cogs
CVE-2022-23603 (iTunesRPC-Remastered is a discord rich presence application
for use wi ...)
NOT-FOR-US: iTunesRPC-Remastered
CVE-2022-23602 (Nimforum is a lightweight alternative to Discourse written in
Nim. In ...)
@@ -5622,7 +5622,7 @@ CVE-2022-23386
CVE-2022-23385
RESERVED
CVE-2022-23384 (YzmCMS v6.3 is affected by Cross Site Request Forgery (CSRF)
in /admin ...)
- TODO: check
+ NOT-FOR-US: YzmCMS
CVE-2022-23383
RESERVED
CVE-2022-23382
@@ -5756,7 +5756,7 @@ CVE-2022-23319
CVE-2022-23318
RESERVED
CVE-2022-23317 (CobaltStrike <=4.5 HTTP(S) listener does not determine
whether the ...)
- TODO: check
+ NOT-FOR-US: CobaltStrike
CVE-2022-23316 (An issue was discovered in taoCMS v3.0.2. There is an
arbitrary file r ...)
NOT-FOR-US: taocms
CVE-2022-23315 (MCMS v5.2.4 was discovered to contain an arbitrary file upload
vulnera ...)
@@ -7935,7 +7935,7 @@ CVE-2022-22772
CVE-2022-22771
RESERVED
CVE-2022-22770 (The Web Server component of TIBCO Software Inc.'s TIBCO
AuditSafe cont ...)
- TODO: check
+ NOT-FOR-US: TIBCO
CVE-2022-22769 (The Web server component of TIBCO Software Inc.'s TIBCO EBX,
TIBCO EBX ...)
NOT-FOR-US: TIBCO
CVE-2022-22768
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d4ef1b1f50fbaef15997a687a961ed7a747b684
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7d4ef1b1f50fbaef15997a687a961ed7a747b684
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
