Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
949dc847 by Salvatore Bonaccorso at 2022-04-20T22:34:29+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2022-29527 (Amazon AWS amazon-ssm-agent before 3.1.1208.0 creates a
world-writable ...)
- TODO: check
+ NOT-FOR-US: Amazon AWS amazon-ssm-agent
CVE-2022-29526
RESERVED
CVE-2022-1417
@@ -617,7 +617,7 @@ CVE-2022-1380 (Stored Cross Site Scripting vulnerability in
Item name parameter
CVE-2022-1379
RESERVED
CVE-2022-29266 (In APache APISIX before 3.13.1, an attacker can obtain a
plugin-config ...)
- TODO: check
+ NOT-FOR-US: Apache APISIX
CVE-2022-1378
RESERVED
CVE-2022-1377
@@ -1177,7 +1177,7 @@ CVE-2022-29064
CVE-2022-1319
RESERVED
CVE-2022-1318 (Hills ComNav version 3002-19 suffers from a weak communication
channel ...)
- TODO: check
+ NOT-FOR-US: Hills ComNav
CVE-2022-1317
RESERVED
CVE-2022-1316 (ZeroTierOne for windows local privilege escalation because of
incorrec ...)
@@ -5430,7 +5430,7 @@ CVE-2022-25841
CVE-2022-1040 (An authentication bypass vulnerability in the User Portal and
Webadmin ...)
NOT-FOR-US: Sophos
CVE-2022-1039 (The weak password on the web user interface can be exploited
via HTTP ...)
- TODO: check
+ NOT-FOR-US: Red Lion
CVE-2022-1038
RESERVED
CVE-2022-27492
@@ -6009,11 +6009,11 @@ CVE-2022-27259
CVE-2022-27232
RESERVED
CVE-2022-27179 (A malicious actor having access to the exported configuration
file may ...)
- TODO: check
+ NOT-FOR-US: Red Lion
CVE-2022-26519 (There is no limit to the number of attempts to authenticate
for the lo ...)
- TODO: check
+ NOT-FOR-US: Hills ComNav
CVE-2022-26516 (Authorized users may install a maliciously modified package
file when ...)
- TODO: check
+ NOT-FOR-US: Red Lion
CVE-2022-26419 (Omron CX-Position (versions 2.5.3 and prior) is vulnerable to
multiple ...)
NOT-FOR-US: Omron CX-Position
CVE-2022-26417 (Omron CX-Position (versions 2.5.3 and prior) is vulnerable to
a use af ...)
@@ -7864,7 +7864,7 @@ CVE-2022-26626
CVE-2022-26625
RESERVED
CVE-2022-26624 (Bootstrap v3.1.11 and v3.3.7 was discovered to contain a
cross-site sc ...)
- TODO: check
+ NOT-FOR-US: Ecommerce-CodeIgniter-Bootstrap
CVE-2022-26623
RESERVED
CVE-2022-26622
@@ -9312,7 +9312,7 @@ CVE-2022-26135
CVE-2022-26134
RESERVED
CVE-2022-26133 (SharedSecretClusterAuthenticator in Atlassian Bitbucket Data
Center ve ...)
- TODO: check
+ NOT-FOR-US: Atlassian Bitbucket Data Center
CVE-2022-26132
RESERVED
CVE-2022-0767 (Server-Side Request Forgery (SSRF) in GitHub repository
janeczku/calib ...)
@@ -11200,11 +11200,11 @@ CVE-2022-25357
CVE-2022-25356 (Alt-N MDaemon Security Gateway through 8.5.0 allows
SecurityGateway.dl ...)
NOT-FOR-US: Alt-N Technologies Mdaemon
CVE-2022-25344 (An XSS issue was discovered on Kyocera d-COLOR MF3555
2XD_S000.002.271 ...)
- TODO: check
+ NOT-FOR-US: Kyocera
CVE-2022-25343 (An issue was discovered on Kyocera d-COLOR MF3555
2XD_S000.002.271 dev ...)
- TODO: check
+ NOT-FOR-US: Kyocera
CVE-2022-25342 (An issue was discovered on Kyocera d-COLOR MF3555
2XD_S000.002.271 dev ...)
- TODO: check
+ NOT-FOR-US: Kyocera
CVE-2022-25341
RESERVED
CVE-2022-25340
@@ -12701,7 +12701,7 @@ CVE-2022-24873
CVE-2022-24872
RESERVED
CVE-2022-24871 (Shopware is an open commerce platform based on Symfony
Framework and V ...)
- TODO: check
+ NOT-FOR-US: Shopware
CVE-2022-24870
RESERVED
CVE-2022-24869
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/949dc8479eff2bb64c854a21a63be408105a2632
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/949dc8479eff2bb64c854a21a63be408105a2632
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
