Neil Williams pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b5f6b420 by Neil Williams at 2022-04-21T09:35:54+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1186,7 +1186,7 @@ CVE-2022-1332 (One of the API in Mattermost version 6.4.1
and earlier fails to p
CVE-2022-1331
RESERVED
CVE-2022-1330 (stored xss due to unsantized anchor url in GitHub repository
alvarotri ...)
- TODO: check
+ NOT-FOR-US: fullpage.js
CVE-2022-1329 (The Elementor Website Builder plugin for WordPress is
vulnerable to un ...)
NOT-FOR-US: WordPress plugin
CVE-2022-1328 (Buffer Overflow in uudecoder in Mutt affecting all versions
starting f ...)
@@ -9957,7 +9957,7 @@ CVE-2022-24373
CVE-2022-24298
RESERVED
CVE-2022-24279 (The package madlib-object-utils before 0.1.8 are vulnerable to
Prototy ...)
- TODO: check
+ NOT-FOR-US: madlib-object-utils
CVE-2022-24278
RESERVED
CVE-2022-24068
@@ -9987,7 +9987,7 @@ CVE-2022-21811
CVE-2022-21810
RESERVED
CVE-2022-21803 (This affects the package nconf before 0.11.4. When using the
memory en ...)
- TODO: check
+ NOT-FOR-US: node nconf
CVE-2022-21802
RESERVED
CVE-2022-21797
@@ -12921,7 +12921,7 @@ CVE-2022-24817
CVE-2022-24816 (JAI-EXT is an open-source project which aims to extend the
Java Advanc ...)
TODO: check
CVE-2022-24815 (JHipster is a development platform to quickly generate,
develop, & ...)
- TODO: check
+ NOT-FOR-US: JHipster
CVE-2022-24814 (Directus is a real-time API and App dashboard for managing SQL
databas ...)
NOT-FOR-US: Directus
CVE-2022-24813 (CreateWiki is Miraheze's MediaWiki extension for requesting
& crea ...)
@@ -12960,7 +12960,7 @@ CVE-2022-24801 (Twisted is an event-based framework for
internet applications, s
CVE-2022-24800
RESERVED
CVE-2022-24799 (wire-webapp is the web application interface for the wire
messaging se ...)
- TODO: check
+ NOT-FOR-US: wire-webapp
CVE-2022-24798 (Internet Routing Registry daemon version 4 is an IRR database
server, ...)
NOT-FOR-US: Internet Routing Registry daemon (iird)
CVE-2022-24797 (Pomerium is an identity-aware access proxy. In distributed
service mod ...)
@@ -26482,7 +26482,7 @@ CVE-2022-21832
CVE-2022-21831
RESERVED
CVE-2022-21830 (A blind self XSS vulnerability exists in RocketChat LiveChat
<v1.9 ...)
- TODO: check
+ NOT-FOR-US: Rocket.Chat.Livechat
CVE-2022-21829
RESERVED
CVE-2022-21828 (A user with high privilege access to the Incapptic Connect web
console ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b5f6b42003332e7372ff2343a7e3cab12b27456e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b5f6b42003332e7372ff2343a7e3cab12b27456e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
