Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9189c0c1 by Salvatore Bonaccorso at 2022-03-08T09:25:43+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -394,7 +394,7 @@ CVE-2021-46704 (In GenieACS 1.2.x before 1.2.8, the UI
interface API is vulnerab
CVE-2021-46703 (** UNSUPPORTED WHEN ASSIGNED ** In the IsolatedRazorEngine
component o ...)
NOT-FOR-US: Antaris RazorEngine
CVE-2020-36517 (An information leak in Nabu Casa Home Assistant Operating
System and H ...)
- TODO: check
+ NOT-FOR-US: Nabu
CVE-2022-0868 (Open Redirect in GitHub repository medialize/uri.js prior to
1.19.10. ...)
NOT-FOR-US: Node urijs
CVE-2022-26490 (st21nfca_connectivity_event_received in
drivers/nfc/st21nfca/se.c in t ...)
@@ -803,7 +803,7 @@ CVE-2022-26334
CVE-2022-26304
RESERVED
CVE-2022-26131 (Power Line Communications PLC4TRUCKS J2497 trailer receivers
are susce ...)
- TODO: check
+ NOT-FOR-US: Power Line Communications PLC4TRUCKS J2497 trailer receivers
CVE-2022-26124
RESERVED
CVE-2022-26086
@@ -831,7 +831,7 @@ CVE-2022-25992
CVE-2022-25966
RESERVED
CVE-2022-25922 (Power Line Communications PLC4TRUCKS J2497 trailer brake
controllers i ...)
- TODO: check
+ NOT-FOR-US: Power Line Communications PLC4TRUCKS J2497 trailer brake
controllers
CVE-2022-25917
RESERVED
CVE-2022-25909
@@ -2083,11 +2083,11 @@ CVE-2022-0758
CVE-2022-0757
RESERVED
CVE-2022-0756 (Improper Authorization in GitHub repository
salesagility/suitecrm prio ...)
- TODO: check
+ NOT-FOR-US: suitecrm
CVE-2022-0755 (Improper Access Control in GitHub repository
salesagility/suitecrm pri ...)
- TODO: check
+ NOT-FOR-US: suitecrm
CVE-2022-0754 (SQL Injection in GitHub repository salesagility/suitecrm prior
to 7.12 ...)
- TODO: check
+ NOT-FOR-US: suitecrm
CVE-2022-0753 (Cross-site Scripting (XSS) - Reflected in GitHub repository
hestiacp/h ...)
NOT-FOR-US: Hestia Control Panel
CVE-2022-0752 (Cross-site Scripting (XSS) - Generic in GitHub repository
hestiacp/hes ...)
@@ -2620,15 +2620,15 @@ CVE-2022-25624
CVE-2022-25623 (The Symantec Management Agent is susceptible to a privilege
escalation ...)
NOT-FOR-US: Symantec
CVE-2022-25325 (Use after free vulnerability in CX-Programmer v9.76.1 and
earlier whic ...)
- TODO: check
+ NOT-FOR-US: CX-Programmer
CVE-2022-25234 (Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and
earlier ...)
- TODO: check
+ NOT-FOR-US: CX-Programmer
CVE-2022-25230 (Use after free vulnerability in CX-Programmer v9.76.1 and
earlier whic ...)
- TODO: check
+ NOT-FOR-US: CX-Programmer
CVE-2022-21219 (Out-of-bounds read vulnerability in CX-Programmer v9.76.1 and
earlier ...)
- TODO: check
+ NOT-FOR-US: CX-Programmer
CVE-2022-21124 (Out-of-bounds write vulnerability in CX-Programmer v9.76.1 and
earlier ...)
- TODO: check
+ NOT-FOR-US: CX-Programmer
CVE-2022-0717 (Out-of-bounds Read in GitHub repository mruby/mruby prior to
3.2. ...)
- mruby <not-affected> (Vulnerable code introduced later)
NOTE: https://huntr.dev/bounties/27a851a5-7ebf-409b-854f-b2614771e8f9
@@ -3494,7 +3494,7 @@ CVE-2022-25296
CVE-2022-25295
RESERVED
CVE-2022-25294 (Proofpoint Insider Threat Management Agent for Windows relies
on an in ...)
- TODO: check
+ NOT-FOR-US: Proofpoint Insider Threat Management Agent for Windows
CVE-2022-25293 (A systemd stack-based buffer overflow in WatchGuard Firebox
and XTM ap ...)
NOT-FOR-US: WatchGuard
CVE-2022-25292 (A wgagent stack-based buffer overflow in WatchGuard Firebox
and XTM ap ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9189c0c18f6e971beb93b9aa2856413b675be503
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9189c0c18f6e971beb93b9aa2856413b675be503
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
