Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ba766786 by Salvatore Bonaccorso at 2022-07-15T22:18:37+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -66,11 +66,11 @@ CVE-2022-XXXX [gsasl: Server out-of-bounds read with
authenticated GSS-API clien
NOTE: Reproducing issue:
https://lists.gnu.org/archive/html/help-gsasl/2022-07/msg00002.html
NOTE: Fixed by:
https://gitlab.com/gsasl/gsasl/-/commit/796e4197f696261c1f872d7576371232330bcc30
(v2.0.1)
CVE-2022-2420 (A vulnerability was found in URVE Web Manager. It has been
rated as cr ...)
- TODO: check
+ NOT-FOR-US: URVE Web Manager
CVE-2022-2419 (A vulnerability was found in URVE Web Manager. It has been
declared as ...)
- TODO: check
+ NOT-FOR-US: URVE Web Manager
CVE-2022-2418 (A vulnerability was found in URVE Web Manager. It has been
classified ...)
- TODO: check
+ NOT-FOR-US: URVE Web Manager
CVE-2022-2417
RESERVED
CVE-2022-2416
@@ -2609,7 +2609,7 @@ CVE-2022-34828
CVE-2022-34827
RESERVED
CVE-2022-34826 (In Couchbase Server 7.1.x before 7.1.1, an encrypted Private
Key passp ...)
- TODO: check
+ NOT-FOR-US: Couchbase Server
CVE-2022-34825
RESERVED
CVE-2022-34824
@@ -3084,13 +3084,13 @@ CVE-2022-2216 (Server-Side Request Forgery (SSRF) in
GitHub repository ionicabiz
CVE-2022-2215
RESERVED
CVE-2020-36553 (Cross Site Scripting (XSS) vulnerability in sourcecodester
Multi Resta ...)
- TODO: check
+ NOT-FOR-US: Multi Restaurant Table Reservation System
CVE-2020-36552 (Cross Site Scripting (XSS) vulnerability in sourcecodester
Multi Resta ...)
- TODO: check
+ NOT-FOR-US: Multi Restaurant Table Reservation System
CVE-2020-36551 (Cross Site Scripting (XSS) vulnerability in sourcecodester
Multi Resta ...)
- TODO: check
+ NOT-FOR-US: Multi Restaurant Table Reservation System
CVE-2020-36550 (Cross Site Scripting (XSS) vulnerability in sourcecodester
Multi Resta ...)
- TODO: check
+ NOT-FOR-US: Multi Restaurant Table Reservation System
CVE-2017-20121 (A vulnerability was found in Teradici Management Console
2.2.0. It has ...)
NOT-FOR-US: Teradici Management Console
CVE-2017-20120 (A vulnerability classified as problematic was found in
TrueConf Server ...)
@@ -4192,81 +4192,81 @@ CVE-2022-34254
CVE-2022-34253
RESERVED
CVE-2022-34252 (Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and
earlier) are ...)
- TODO: check
+ NOT-FOR-US: Adobe InCopy
CVE-2022-34251 (Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and
earlier) are ...)
- TODO: check
+ NOT-FOR-US: Adobe InCopy
CVE-2022-34250 (Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and
earlier) are ...)
- TODO: check
+ NOT-FOR-US: Adobe InCopy
CVE-2022-34249 (Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and
earlier) are ...)
- TODO: check
+ NOT-FOR-US: Adobe InCopy
CVE-2022-34248 (Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and
earlier) ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34247 (Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and
earlier) ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34246 (Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and
earlier) ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34245 (Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and
earlier) ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34244 (Adobe Photoshop versions 22.5.7 (and earlier) and 23.3.2 (and
earlier) ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34243 (Adobe Photoshop versions 22.5.7 (and earlier) and 23.3.2 (and
earlier) ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34242 (Adobe Character Animator version 4.4.7 (and earlier) and 22.4
(and ear ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34241 (Adobe Character Animator version 4.4.7 (and earlier) and 22.4
(and ear ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34240
RESERVED
CVE-2022-34239 (Adobe Acrobat Reader versions 22.001.20142 (and earlier),
20.005.30334 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34238
RESERVED
CVE-2022-34237 (Adobe Acrobat Reader versions 22.001.20142 (and earlier),
20.005.30334 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34236 (Adobe Acrobat Reader versions 22.001.20142 (and earlier),
20.005.30334 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34235
RESERVED
CVE-2022-34234 (Adobe Acrobat Reader versions 22.001.20142 (and earlier),
20.005.30334 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34233 (Adobe Acrobat Reader versions 22.001.20142 (and earlier),
20.005.30334 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34232 (Adobe Acrobat Reader versions 22.001.20142 (and earlier),
20.005.30334 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34231
RESERVED
CVE-2022-34230 (Adobe Acrobat Reader versions 22.001.20142 (and earlier),
20.005.30334 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34229 (Adobe Acrobat Reader versions 22.001.20142 (and earlier),
20.005.30334 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34228 (Adobe Acrobat Reader versions 22.001.20142 (and earlier),
20.005.30334 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34227
RESERVED
CVE-2022-34226 (Adobe Acrobat Reader versions 22.001.20142 (and earlier),
20.005.30334 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34225 (Adobe Acrobat Reader versions 22.001.20142 (and earlier),
20.005.30334 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34224
RESERVED
CVE-2022-34223 (Adobe Acrobat Reader versions 22.001.20142 (and earlier),
20.005.30334 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34222 (Adobe Acrobat Reader versions 22.001.20142 (and earlier),
20.005.30334 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34221 (Adobe Acrobat Reader versions 22.001.20142 (and earlier),
20.005.30334 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34220 (Adobe Acrobat Reader versions 22.001.20142 (and earlier),
20.005.30334 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34219 (Adobe Acrobat Reader versions 22.001.20142 (and earlier),
20.005.30334 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34218
RESERVED
CVE-2022-34217 (Adobe Acrobat Reader versions 22.001.20142 (and earlier),
20.005.30334 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34216 (Adobe Acrobat Reader versions 22.001.20142 (and earlier),
20.005.30334 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34215 (Adobe Acrobat Reader versions 22.001.20142 (and earlier),
20.005.30334 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2022-34214
RESERVED
CVE-2022-34213 (Jenkins Squash TM Publisher (Squash4Jenkins) Plugin 1.0.0 and
earlier ...)
@@ -8571,7 +8571,7 @@ CVE-2022-30707 (Violation of secure design principles
exists in the communicatio
CVE-2022-30532
RESERVED
CVE-2022-29890 (In affected versions of Octopus Server the help sidebar can be
customi ...)
- TODO: check
+ NOT-FOR-US: Octopus Server
CVE-2022-2000 (Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
...)
- vim <unfixed>
[bullseye] - vim <no-dsa> (Minor issue)
@@ -9092,7 +9092,7 @@ CVE-2022-32276 (** DISPUTED ** Grafana 8.4.3 allows
unauthenticated access via (
CVE-2022-32275 (Grafana 8.4.3 allows reading files via (for example) a
/dashboard/snap ...)
- grafana <removed>
CVE-2022-31472 (Browse restriction bypass vulnerability in Cabinet of Cybozu
Garoon 4. ...)
- TODO: check
+ NOT-FOR-US: Cybozu
CVE-2022-29521
RESERVED
CVE-2022-29465
@@ -9609,9 +9609,9 @@ CVE-2022-32121
CVE-2022-32120
RESERVED
CVE-2022-32119 (Arox School ERP Pro v1.0 was discovered to contain multiple
arbitrary ...)
- TODO: check
+ NOT-FOR-US: Arox School ERP Pro
CVE-2022-32118 (Arox School ERP Pro v1.0 was discovered to contain a
cross-site script ...)
- TODO: check
+ NOT-FOR-US: Arox School ERP Pro
CVE-2022-32117 (Jerryscript v2.4.0 was discovered to contain a stack buffer
overflow v ...)
TODO: check
CVE-2022-32116
@@ -10855,9 +10855,9 @@ CVE-2022-31657
CVE-2022-31656
RESERVED
CVE-2022-31655 (VMware vRealize Log Insight in versions prior to 8.8.2 contain
a store ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2022-31654 (VMware vRealize Log Insight in versions prior to 8.8.2 contain
a store ...)
- TODO: check
+ NOT-FOR-US: VMware
CVE-2022-31653
RESERVED
CVE-2022-31652
@@ -11028,7 +11028,7 @@ CVE-2022-1882 (A use-after-free flaw was found in the
Linux kernel’s pipes
CVE-2022-27176 (Incomplete filtering of special elements vulnerability exists
in RevoW ...)
NOT-FOR-US: RevoWorks
CVE-2022-1881 (In affected versions of Octopus Server an Insecure Direct
Object Refer ...)
- TODO: check
+ NOT-FOR-US: Octopus Server
CVE-2022-1880
RESERVED
CVE-2022-1879
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ba766786b084d54255336957a3bb042ad509eb7d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ba766786b084d54255336957a3bb042ad509eb7d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
