Neil Williams pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8edab209 by Neil Williams at 2022-06-01T09:58:03+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -19639,7 +19639,7 @@ CVE-2022-25239
CVE-2022-25238
RESERVED
CVE-2022-25237 (Bonita Web 2021.2 is affected by a
authentication/authorization bypass ...)
- TODO: check
+ NOT-FOR-US: Bonita Web
CVE-2022-25236 (xmlparse.c in Expat (aka libexpat) before 2.4.5 allows
attackers to in ...)
{DSA-5085-1 DLA-2935-1}
- expat 2.4.5-1 (bug #1005895)
@@ -20442,7 +20442,7 @@ CVE-2022-24969
CVE-2022-24968 (In Mellium mellium.im/xmpp through 0.21.0, an attacker capable
of spoo ...)
NOT-FOR-US: Mellium
CVE-2022-24967 (Black Rainbow NIMBUS before 3.7.0 allows stored Cross-site
Scripting ( ...)
- TODO: check
+ NOT-FOR-US: Black Rainbow NIMBUS
CVE-2022-24966
RESERVED
CVE-2022-24965
@@ -21268,11 +21268,11 @@ CVE-2022-0557 (OS Command Injection in Packagist
microweber/microweber prior to
CVE-2022-24703
RESERVED
CVE-2022-24702 (** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in
WinAPRS 2.9 ...)
- TODO: check
+ NOT-FOR-US: WinAPRS
CVE-2022-24701 (** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in
WinAPRS 2.9 ...)
- TODO: check
+ NOT-FOR-US: WinAPRS
CVE-2022-24700 (** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in
WinAPRS 2.9 ...)
- TODO: check
+ NOT-FOR-US: WinAPRS
CVE-2022-0556 (A local privilege escalation vulnerability caused by incorrect
permiss ...)
NOT-FOR-US: Zyxel
CVE-2022-0555
@@ -22842,13 +22842,13 @@ CVE-2022-24243
CVE-2022-24242
RESERVED
CVE-2022-24241 (ACEweb Online Portal 3.5.065 was discovered to contain an
External Con ...)
- TODO: check
+ NOT-FOR-US: ACEweb Online Portal
CVE-2022-24240 (ACEweb Online Portal 3.5.065 was discovered to contain a SQL
injection ...)
- TODO: check
+ NOT-FOR-US: ACEweb Online Portal
CVE-2022-24239 (ACEweb Online Portal 3.5.065 was discovered to contain an
unrestricted ...)
- TODO: check
+ NOT-FOR-US: ACEweb Online Portal
CVE-2022-24238 (ACEweb Online Portal 3.5.065 was discovered to contain a
cross-site sc ...)
- TODO: check
+ NOT-FOR-US: ACEweb Online Portal
CVE-2022-24237 (The snaptPowered2 component of Snapt Aria v12.8 was discovered
to cont ...)
NOT-FOR-US: Snapt Aria
CVE-2022-24236 (An insecure permissions vulnerability in Snapt Aria v12.8
allows unaut ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8edab209fa6db8f7618a6bc3d1d81a6bdbf62da7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8edab209fa6db8f7618a6bc3d1d81a6bdbf62da7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
