[Git][security-tracker-team/security-tracker][master] Process some NFUs

Neil Williams (@codehelp) Tue, 05 Jul 2022 01:50:09 -0700


Neil Williams pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
44d5ee5e by Neil Williams at 2022-07-05T09:49:41+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -25721,7 +25721,7 @@ CVE-2022-25878 (The package protobufjs before 6.11.3 
are vulnerable to Prototype
 CVE-2022-25877
        RESERVED
 CVE-2022-25876 (The package link-preview-js before 2.1.16 are vulnerable to 
Server-sid ...)
-       TODO: check
+       NOT-FOR-US: Node link-preview-js
 CVE-2022-25875
        RESERVED
 CVE-2022-25874
@@ -25805,7 +25805,7 @@ CVE-2022-25760 (All versions of package accesslog are 
vulnerable to Arbitrary Co
 CVE-2022-25759
        RESERVED
 CVE-2022-25758 (All versions of package scss-tokenizer are vulnerable to 
Regular Expre ...)
-       TODO: check
+       - node-scss-tokenizer <itp> (bug #885456)
 CVE-2022-25648 (The package git before 1.11.0 are vulnerable to Command 
Injection via  ...)
        - ruby-git <unfixed> (bug #1009926)
        NOTE: https://github.com/ruby-git/ruby-git/pull/569
@@ -33065,7 +33065,7 @@ CVE-2022-23765
 CVE-2022-23764
        RESERVED
 CVE-2022-23763 (Origin validation error vulnerability in NeoRS&#8217;s ActiveX 
moudle  ...)
-       TODO: check
+       NOT-FOR-US: NeoRS for Windows
 CVE-2022-23762
        RESERVED
 CVE-2022-23761
@@ -33141,7 +33141,7 @@ CVE-2022-23727 (There is a privilege escalation 
vulnerability in some webOS TVs.
 CVE-2022-23726
        RESERVED
 CVE-2022-23725 (PingID Windows Login prior to 2.8 does not properly set 
permissions on ...)
-       TODO: check
+       NOT-FOR-US: pingidentity
 CVE-2022-23724 (Use of static encryption key material allows forging an 
authentication ...)
        NOT-FOR-US: pingidentity
 CVE-2022-23723 (An MFA bypass vulnerability exists in the PingFederate PingOne 
MFA Int ...)
@@ -54274,7 +54274,7 @@ CVE-2021-41997
 CVE-2021-41996
        RESERVED
 CVE-2021-41995 (A misconfiguration of RSA in PingID Mac Login prior to 1.1 is 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: pingidentity
 CVE-2021-41994 (A misconfiguration of RSA in PingID iOS app prior to 1.19 is 
vulnerabl ...)
        NOT-FOR-US: pingidentity
 CVE-2021-41993 (A misconfiguration of RSA in PingID Android app prior to 1.19 
is vulne ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44d5ee5e89f96291d24b5587a3a3b0f9b02ac42c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44d5ee5e89f96291d24b5587a3a3b0f9b02ac42c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to