Neil Williams pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
70168e2d by Neil Williams at 2022-09-02T10:38:32+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -295,7 +295,7 @@ CVE-2022-3074
CVE-2022-3073
RESERVED
CVE-2022-3072 (Cross-site Scripting (XSS) - Stored in GitHub repository
francoisjacqu ...)
- TODO: check
+ NOT-FOR-US: francoisjacquet/rosariosis
CVE-2006-20001
RESERVED
CVE-2022-XXXX [wordpress 6.0.2]
@@ -36901,7 +36901,7 @@ CVE-2022-25233
CVE-2022-25232
RESERVED
CVE-2022-25231 (The package node-opcua before 2.74.0 are vulnerable to Denial
of Servi ...)
- TODO: check
+ NOT-FOR-US: node-opcua/node-opcua
CVE-2022-25171
RESERVED
CVE-2022-24913
@@ -36941,7 +36941,7 @@ CVE-2022-24377
CVE-2022-24376 (All versions of package git-promise are vulnerable to Command
Injectio ...)
NOT-FOR-US: Node git-promise
CVE-2022-24375 (The package node-opcua before 2.74.0 are vulnerable to Denial
of Servi ...)
- TODO: check
+ NOT-FOR-US: node-opcua/node-opcua
CVE-2022-24373
RESERVED
CVE-2022-24298 (All versions of package freeopcua/freeopcua are vulnerable to
Denial o ...)
@@ -37014,7 +37014,7 @@ CVE-2022-21213 (This affects all versions of package
mout. The deepFillIn functi
CVE-2022-21211 (This affects all versions of package posix. When invoking the
toString ...)
NOT-FOR-US: Node posix
CVE-2022-21208 (The package node-opcua before 2.74.0 are vulnerable to Denial
of Servi ...)
- TODO: check
+ NOT-FOR-US: node-opcua/node-opcua
CVE-2022-21195 (All versions of package url-regex are vulnerable to Regular
Expression ...)
NOT-FOR-US: AlexFlipnote/url_regex
CVE-2022-21192
@@ -37034,7 +37034,7 @@ CVE-2022-21169
CVE-2022-21167 (All versions of package masuit.tools.core are vulnerable to
Arbitrary ...)
NOT-FOR-US: masuit.tools
CVE-2022-21165 (All versions of package font-converter are vulnerable to
Arbitrary Com ...)
- TODO: check
+ NOT-FOR-US: zgec/node-js-font-converter
CVE-2022-21164 (The package node-lmdb before 0.9.7 are vulnerable to Denial of
Service ...)
NOT-FOR-US: Node lmdb
CVE-2022-21149 (The package s-cart/s-cart before 6.9; the package s-cart/core
before 6 ...)
@@ -63416,7 +63416,7 @@ CVE-2022-20361 (In btif_dm_auth_cmpl_evt of btif_dm.cc,
there is a possible vuln
CVE-2022-20360 (In setChecked of SecureNfcPreferenceController.java, there is
a missin ...)
NOT-FOR-US: Android
CVE-2022-20359 (In various methods of NotificationManagerService.java, there
is a poss ...)
- TODO: check
+ TODO: check - not listed in linked bulletin
CVE-2022-20358 (In startSync of AbstractThreadedSyncAdapter.java, there is a
possible ...)
NOT-FOR-US: Android
CVE-2022-20357 (In writeToParcel of SurfaceControl.cpp, there is a possible
informatio ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/70168e2dafe1db371a550c15d388342872e028bd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/70168e2dafe1db371a550c15d388342872e028bd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
