Neil Williams pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fd943003 by Neil Williams at 2022-03-24T15:27:03+00:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2110,7 +2110,7 @@ CVE-2022-0946 (Stored XSS viva cshtm file upload in
GitHub repository star7th/sh
CVE-2022-0945 (Stored XSS viva axd and cshtml file upload in star7th/showdoc
in GitHu ...)
NOT-FOR-US: ShowDoc
CVE-2022-0944 (Template injection in connection test endpoint leads to RCE in
GitHub ...)
- TODO: check
+ NOT-FOR-US: sqlpad
CVE-2022-0943 (Heap-based Buffer Overflow occurs in vim in GitHub repository
vim/vim ...)
- vim <unfixed>
[bullseye] - vim <no-dsa> (Minor issue)
@@ -5103,7 +5103,7 @@ CVE-2022-0750 (The Photoswipe Masonry Gallery WordPress
plugin is vulnerable to
CVE-2022-0749 (This affects all versions of package SinGooCMS.Utility. The
socket cli ...)
NOT-FOR-US: SinGooCMS
CVE-2022-0748 (The package post-loader from 0.0.0 are vulnerable to Arbitrary
Code Ex ...)
- TODO: check
+ NOT-FOR-US: Node post-loader
CVE-2022-0747 (The Infographic Maker WordPress plugin before 4.3.8 does not
validate ...)
NOT-FOR-US: WordPress plugin
CVE-2022-0746 (Business Logic Errors in GitHub repository dolibarr/dolibarr
prior to ...)
@@ -6628,7 +6628,7 @@ CVE-2022-0654 (Exposure of Sensitive Information to an
Unauthorized Actor in Git
CVE-2022-0653 (The Profile Builder – User Profile & User
Registration Forms ...)
NOT-FOR-US: WordPress plugin
CVE-2022-0652 (Confd log files contain local users', including root’s,
SHA512cr ...)
- TODO: check
+ NOT-FOR-US: Sophos UTM
CVE-2022-0651 (The WP Statistics WordPress plugin is vulnerable to SQL
Injection due ...)
NOT-FOR-US: WordPress plugin
CVE-2022-0650
@@ -6868,7 +6868,7 @@ CVE-2022-23986 (SQL injection vulnerability in the
phpUploader v1.2 and earlier
CVE-2022-21159
RESERVED
CVE-2022-0618 (A program using swift-nio-http2 is vulnerable to a denial of
service a ...)
- TODO: check
+ NOT-FOR-US: swift-nio-http2
CVE-2022-0617 (A flaw null pointer dereference in the Linux kernel UDF file
system fu ...)
{DSA-5096-1 DSA-5095-1 DLA-2941-1 DLA-2940-1}
- linux 5.16.7-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd9430030bb41fe404908b0f737522ed5cfa483c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd9430030bb41fe404908b0f737522ed5cfa483c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
