[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) Fri, 18 Mar 2022 13:15:20 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
3e6b7b7a by Salvatore Bonaccorso at 2022-03-18T21:14:46+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4393,17 +4393,17 @@ CVE-2022-25609
 CVE-2022-25608
        RESERVED
 CVE-2022-25607 (Authenticated (author or higher user role) SQL Injection 
(SQLi) vulner ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-25606
        RESERVED
 CVE-2022-25605 (Multiple Authenticated Stored Cross-Site Scripting (XSS) 
vulnerabiliti ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-25604 (Authenticated (contributor of higher user role) Stored 
Cross-Site Scri ...)
        TODO: check
 CVE-2022-25603 (Authenticated (author or higher user role) Stored Cross-Site 
Scripting ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-25602 (Nonce token leak vulnerability leading to arbitrary file 
upload, theme ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-25601 (Reflected Cross-Site Scripting (XSS) vulnerability affecting 
parameter ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-25600 (Cross-Site Request Forgery (CSRF) vulnerability affecting 
Delete Marke ...)
@@ -12329,7 +12329,7 @@ CVE-2021-44779 (Unauthenticated SQL Injection (SQLi) 
vulnerability discovered in
 CVE-2021-44777 (Cross-Site Request Forgery (CSRF) vulnerabilities leading to 
single or ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-44760 (Authenticated Reflected Cross-Site Scripting (XSS) 
vulnerability disco ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-4207
        RESERVED
 CVE-2021-4206
@@ -12343,11 +12343,11 @@ CVE-2021-26256 (Unauthenticated Stored Cross-Site 
Scripting (XSS) vulnerability
 CVE-2021-23227 (Cross-Site Request Forgery (CSRF) vulnerability discovered in 
PHP Ever ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-23209 (Multiple Authenticated (admin user role) Persistent Cross-Site 
Scripti ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2021-23174 (Authenticated (admin+) Persistent Cross-Site Scripting (XSS) 
vulnerabi ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-23150 (Authenticated (admin or higher user role) Stored Cross-Site 
Scripting  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-23206 (In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, 
an unpr ...)
        NOT-FOR-US: Apache Traffic Control
 CVE-2022-23205
@@ -38377,7 +38377,7 @@ CVE-2021-39048 (IBM Spectrum Protect Client 7.1 and 8.1 
is vulnerable to a stack
 CVE-2021-39047
        RESERVED
 CVE-2021-39046 (IBM Business Automation Workflow 18.0, 19.0, 20.0, and 21.0 
and IBM Bu ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-39045
        RESERVED
 CVE-2021-39044 (IBM Financial Transaction Manager 3.2.4 is vulnerable to 
cross-site re ...)
@@ -61555,7 +61555,7 @@ CVE-2021-29901
 CVE-2021-29900
        RESERVED
 CVE-2021-29899 (IBM Engineering Requirements Quality Assistant prior to 3.1.3 
could al ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-29898
        RESERVED
 CVE-2021-29897



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3e6b7b7a990f8382012d4cd9342e05e2e629912e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3e6b7b7a990f8382012d4cd9342e05e2e629912e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to