Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
de5ad7f4 by Salvatore Bonaccorso at 2022-03-03T06:54:42+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4222,13 +4222,13 @@ CVE-2022-24722
CVE-2022-24721
RESERVED
CVE-2022-24720 (image_processing is an image processing wrapper for libvips
and ImageM ...)
- TODO: check
+ NOT-FOR-US: image_processing
CVE-2022-24719 (Fluture-Node is a FP-style HTTP and streaming utils for Node
based on ...)
TODO: check
CVE-2022-24718 (ssr-pages is an HTML page builder for the purpose of
server-side rende ...)
- TODO: check
+ NOT-FOR-US: ssr-pages
CVE-2022-24717 (ssr-pages is an HTML page builder for the purpose of
server-side rende ...)
- TODO: check
+ NOT-FOR-US: ssr-pages
CVE-2022-24716
RESERVED
CVE-2022-24715
@@ -4666,7 +4666,7 @@ CVE-2022-24596
CVE-2022-24595
RESERVED
CVE-2022-24594 (In waline 1.6.1, an attacker can submit messages using
X-Forwarded-For ...)
- TODO: check
+ NOT-FOR-US: waline
CVE-2022-24593
RESERVED
CVE-2022-24592
@@ -21889,7 +21889,7 @@ CVE-2021-43621
CVE-2021-43620 (An issue was discovered in the fruity crate through 0.2.0 for
Rust. Se ...)
NOT-FOR-US: Rust crate fruity
CVE-2021-43619 (Trusted Firmware M 1.4.x through 1.4.1 has a buffer overflow
issue in ...)
- TODO: check
+ NOT-FOR-US: Trusted Firmware M
CVE-2021-43618 (GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1
has an m ...)
{DLA-2837-1}
- gmp 2:6.2.1+dfsg-3 (bug #994405)
@@ -30165,7 +30165,7 @@ CVE-2021-41195 (TensorFlow is an open source platform
for machine learning. In a
CVE-2021-41194 (FirstUseAuthenticator is a JupyterHub authenticator that helps
new use ...)
NOT-FOR-US: FirstUseAuthenticator for JupyterHub
CVE-2021-41193 (wire-avs is the audio visual signaling (AVS) component of
Wire, an ope ...)
- TODO: check
+ NOT-FOR-US: wire-avs
CVE-2021-41192 (Redash is a package for data visualization and sharing. If an
admin se ...)
NOT-FOR-US: Redash
CVE-2021-41191 (Roblox-Purchasing-Hub is an open source Roblox product
purchasing hub. ...)
@@ -30389,9 +30389,9 @@ CVE-2021-41114 (TYPO3 is an open source PHP based web
content management system
CVE-2021-41113 (TYPO3 is an open source PHP based web content management
system releas ...)
NOT-FOR-US: Typo3
CVE-2021-41112 (Rundeck is an open source automation service with a web
console, comma ...)
- TODO: check
+ NOT-FOR-US: Rundeck
CVE-2021-41111 (Rundeck is an open source automation service with a web
console, comma ...)
- TODO: check
+ NOT-FOR-US: Rundeck
CVE-2021-41110 (cwlviewer is a web application to view and share Common
Workflow Langu ...)
NOT-FOR-US: cwlviewer
CVE-2021-41109 (Parse Server is an open source backend that can be deployed to
any inf ...)
@@ -37409,7 +37409,7 @@ CVE-2021-38270
CVE-2021-38269
RESERVED
CVE-2021-38268 (The Dynamic Data Mapping module in Liferay Portal through
v7.3.6 and L ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2021-38267
RESERVED
CVE-2021-38266
@@ -42617,7 +42617,7 @@ CVE-2021-36173 (A heap-based buffer overflow in the
firmware signature verificat
CVE-2021-36172 (An improper restriction of XML external entity reference
vulnerability ...)
NOT-FOR-US: Fortiguard
CVE-2021-36171 (The use of a cryptographically weak pseudo-random number
generator in ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2021-36170 (An information disclosure vulnerability [CWE-200] in
FortiAnalyzerVM a ...)
NOT-FOR-US: Fortiguard
CVE-2021-36169 (A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1,
FortiOS 6 ...)
@@ -42627,7 +42627,7 @@ CVE-2021-36168 (A Improper Limitation of a Pathname to
a Restricted Directory ('
CVE-2021-36167 (An improper authorization vulnerabiltiy [CWE-285] in
FortiClient Windo ...)
NOT-FOR-US: FortiGuard
CVE-2021-36166 (An improper authentication vulnerability in FortiMail before
7.0.1 may ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2021-36165 (RICON Industrial Cellular Router S9922L 16.10.3(3794) is
affected by c ...)
NOT-FOR-US: RICON Industrial Cellular Router
CVE-2021-36164
@@ -51357,7 +51357,7 @@ CVE-2021-32588 (A use of hard-coded credentials
(CWE-798) vulnerability in Forti
CVE-2021-32587 (An improper access control vulnerability in FortiManager and
FortiAnal ...)
NOT-FOR-US: Fortiguard
CVE-2021-32586 (An improper input validation vulnerability in the web server
CGI facil ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2021-32585
RESERVED
CVE-2021-32584
@@ -107244,9 +107244,9 @@ CVE-2020-22847
CVE-2020-22846
RESERVED
CVE-2020-22845 (A buffer overflow in Mikrotik RouterOS 6.47 allows
unauthenticated att ...)
- TODO: check
+ NOT-FOR-US: Mikrotik
CVE-2020-22844 (A buffer overflow in Mikrotik RouterOS 6.47 allows
unauthenticated att ...)
- TODO: check
+ NOT-FOR-US: Mikrotik
CVE-2020-22843
RESERVED
CVE-2020-22842 (CMS Made Simple before 2.2.15 allows XSS via the m1_mod
parameter in a ...)
@@ -122175,7 +122175,7 @@ CVE-2020-15938 (When traffic other than HTTP/S (eg:
SSH traffic, etc...) travers
CVE-2020-15937 (An improper neutralization of input vulnerability in FortiGate
version ...)
NOT-FOR-US: FortiGate FortiGuard
CVE-2020-15936 (A improper input validation in Fortinet FortiGate version
6.4.3 and be ...)
- TODO: check
+ NOT-FOR-US: FortiGuard
CVE-2020-15935 (A cleartext storage of sensitive information in GUI in
FortiADC versio ...)
NOT-FOR-US: Fortiguard
CVE-2020-15934
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de5ad7f4bd94d850959a6184d41e95a574e91d01
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/de5ad7f4bd94d850959a6184d41e95a574e91d01
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
