Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
599f6864 by Salvatore Bonaccorso at 2022-06-28T22:28:31+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4295,15 +4295,15 @@ CVE-2022-33011
CVE-2022-33010
RESERVED
CVE-2022-33009 (A stored cross-site scripting (XSS) vulnerability in LightCMS
v1.3.11 ...)
- TODO: check
+ NOT-FOR-US: LightCMS
CVE-2022-33008
RESERVED
CVE-2022-33007 (TRENDnet Wi-Fi routers TEW751DR v1.03 and TEW-752DRU v1.03
were discov ...)
- TODO: check
+ NOT-FOR-US: TRENDnet Wi-Fi routers
CVE-2022-33006
RESERVED
CVE-2022-33005 (A cross-site scripting (XSS) vulnerability in the System
Settings/IOT ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2022-33004 (The Beginner package in PyPI v0.0.2 to v0.0.4 was discovered
to contai ...)
NOT-FOR-US: Beginner package in PyPI
CVE-2022-33003 (The watools package in PyPI v0.0.1 to v0.0.8 was discovered to
contain ...)
@@ -4323,9 +4323,9 @@ CVE-2022-32997 (The RootInteractive package in PyPI
v0.0.5 to v0.0.19b0 was disc
CVE-2022-32996 (The django-navbar-client package of v0.9.50 to v1.0.1 was
discovered t ...)
NOT-FOR-US: django-navbar-client
CVE-2022-32995 (Halo CMS v1.5.3 was discovered to contain a Server-Side
Request Forger ...)
- TODO: check
+ NOT-FOR-US: Halo CMS
CVE-2022-32994 (Halo CMS v1.5.3 was discovered to contain an arbitrary file
upload vul ...)
- TODO: check
+ NOT-FOR-US: Halo CMS
CVE-2022-32993
RESERVED
CVE-2022-32992 (Online Tours And Travels Management System v1.0 was discovered
to cont ...)
@@ -6743,7 +6743,7 @@ CVE-2022-32094
CVE-2022-32093
RESERVED
CVE-2022-32092 (D-Link DIR-645 v1.03 was discovered to contain a command
injection vul ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2022-32091
RESERVED
CVE-2022-32090
@@ -9421,7 +9421,7 @@ CVE-2022-31103 (lettersanitizer is a DOM-based HTML email
sanitizer for in-brows
CVE-2022-31102
RESERVED
CVE-2022-31101 (prestashop/blockwishlist is a prestashop extension which adds
a block ...)
- TODO: check
+ NOT-FOR-US: prestashop extension
CVE-2022-31100 (rulex is a new, portable, regular expression language. When
parsing un ...)
TODO: check
CVE-2022-31099 (rulex is a new, portable, regular expression language. When
parsing un ...)
@@ -9431,7 +9431,7 @@ CVE-2022-31098 (Weave GitOps is a simple open source
developer platform for peop
CVE-2022-31097
RESERVED
CVE-2022-31096 (Discourse is an open source discussion platform. Under certain
conditi ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2022-31095 (discourse-chat is a chat plugin for the Discourse application.
Version ...)
NOT-FOR-US: discourse-chat
CVE-2022-31094 (ScratchTools is a web extension designed to make interacting
with the ...)
@@ -9439,7 +9439,7 @@ CVE-2022-31094 (ScratchTools is a web extension designed
to make interacting wit
CVE-2022-31093 (NextAuth.js is a complete open source authentication solution
for Next ...)
TODO: check
CVE-2022-31092 (Pimcore is an Open Source Data & Experience Management
Platform. P ...)
- TODO: check
+ NOT-FOR-US: Pimcore
CVE-2022-31091 (Guzzle, an extensible PHP HTTP client. `Authorization` and
`Cookie` he ...)
TODO: check
CVE-2022-31090 (Guzzle, an extensible PHP HTTP client. `Authorization` headers
on requ ...)
@@ -9494,9 +9494,9 @@ CVE-2022-31067
CVE-2022-31066 (EdgeX Foundry is an open source project for building a common
open fra ...)
NOT-FOR-US: EdgeX Foundry
CVE-2022-31065 (BigBlueButton is an open source web conferencing system. In
affected v ...)
- TODO: check
+ NOT-FOR-US: BigBlueButton
CVE-2022-31064 (BigBlueButton is an open source web conferencing system. Users
in meet ...)
- TODO: check
+ NOT-FOR-US: BigBlueButton
CVE-2022-31063
RESERVED
CVE-2022-31062 (### Impact A plugin public script can be used to read content
of syste ...)
@@ -9510,7 +9510,7 @@ CVE-2022-31059 (Discourse Calendar is a calendar plugin
for Discourse, an open-s
CVE-2022-31058
RESERVED
CVE-2022-31057 (Shopware is an open source e-commerce software made in
Germany. Versio ...)
- TODO: check
+ NOT-FOR-US: Shopware
CVE-2022-31056 (GLPI is a Free Asset and IT Management Software package, Data
center m ...)
TODO: check
CVE-2022-31055 (kCTF is a Kubernetes-based infrastructure for capture the flag
(CTF) c ...)
@@ -9552,7 +9552,7 @@ CVE-2022-31041 (Open Forms is an application for creating
and publishing smart f
CVE-2022-31040 (Open Forms is an application for creating and publishing smart
forms. ...)
NOT-FOR-US: Open Forms
CVE-2022-31039 (Greenlight is a simple front-end interface for your
BigBlueButton serv ...)
- TODO: check
+ NOT-FOR-US: Greenlight (front-end interface for your BigBlueButton)
CVE-2022-31038 (Gogs is an open source self-hosted Git service. In versions of
gogs pr ...)
NOT-FOR-US: Go Git Service
CVE-2022-31037
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/599f6864741ff0474a83c0650c858a5811868f0e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/599f6864741ff0474a83c0650c858a5811868f0e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
