[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Mon, 05 Sep 2022 13:15:33 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
f887d2cc by Salvatore Bonaccorso at 2022-09-05T22:15:01+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4692,7 +4692,7 @@ CVE-2022-2777 (Cross-site Scripting (XSS) - Stored in 
GitHub repository microweb
 CVE-2022-2776 (A vulnerability classified as problematic has been found in 
SourceCode ...)
        NOT-FOR-US: SourceCodester Gym Management System
 CVE-2022-2775 (The Fast Flow WordPress plugin before 1.2.13 does not sanitise 
and esc ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-2774 (A vulnerability was found in SourceCodester Library Management 
System. ...)
        NOT-FOR-US: SourceCodester Library Management System
 CVE-2022-2773 (A vulnerability was found in SourceCodester Apartment Visitor 
Manageme ...)
@@ -6556,7 +6556,7 @@ CVE-2022-2659
 CVE-2022-2658
        RESERVED
 CVE-2022-2657 (The Multivendor Marketplace Solution for WooCommerce WordPress 
plugin  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-2656 (A vulnerability classified as critical has been found in 
SourceCodeste ...)
        NOT-FOR-US: SourceCodester Multi Language Hotel Management Software
 CVE-2022-2655
@@ -6940,7 +6940,7 @@ CVE-2022-2598 (Undefined Behavior for Input to API in 
GitHub repository vim/vim
        NOTE: https://huntr.dev/bounties/2f08363a-47a2-422d-a7de-ce96a89ad08e/
        NOTE: 
https://github.com/vim/vim/commit/4e677b9c40ccbc5f090971b31dc2fe07bf05541d 
(v9.0.0101)
 CVE-2022-2597 (The Visual Portfolio, Photo Gallery &amp; Post Grid WordPress 
plugin b ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-2596 (Denial of Service in GitHub repository node-fetch/node-fetch 
prior to  ...)
        - node-fetch <not-affected> (Vulnerable code not present)
        NOTE: https://huntr.dev/bounties/a7e6a136-0a4b-46c4-ad20-802f1dd60bf7/
@@ -7684,7 +7684,7 @@ CVE-2022-2567
 CVE-2022-2566
        RESERVED
 CVE-2022-2565 (The Simple Payment Donations &amp; Subscriptions WordPress 
plugin befo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-2564 (Prototype Pollution in GitHub repository automattic/mongoose 
prior to  ...)
        NOT-FOR-US: Mongoose
 CVE-2022-2563
@@ -8223,7 +8223,7 @@ CVE-2022-2545
 CVE-2022-2544 (The Ninja Job Board WordPress plugin before 1.3.3 does not 
protect the ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-2543 (The Visual Portfolio, Photo Gallery &amp; Post Grid WordPress 
plugin b ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-2542
        RESERVED
 CVE-2022-2541
@@ -11105,7 +11105,7 @@ CVE-2022-2378 (The Easy Student Results WordPress 
plugin through 2.2.8 does not
 CVE-2022-2377 (The Directorist WordPress plugin before 7.3.0 does not have 
authorisat ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-2376 (The Directorist WordPress plugin before 7.3.1 discloses the 
email addr ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-2375 (The WP Sticky Button WordPress plugin before 1.4.1 does not 
have autho ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-2374 (The Simply Schedule Appointments WordPress plugin before 
1.5.7.7 does  ...)
@@ -13193,7 +13193,7 @@ CVE-2022-2273 (The Simple Membership WordPress plugin 
before 4.1.3 does not prop
 CVE-2022-2272 (This vulnerability allows remote attackers to bypass 
authentication on ...)
        NOT-FOR-US: Sante PACS Server
 CVE-2022-2271 (The WP Database Backup WordPress plugin before 5.9 does not 
escape som ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-2270 (An issue has been discovered in GitLab affecting all versions 
starting ...)
        - gitlab <unfixed>
 CVE-2022-2269 (The Website File Changes Monitor WordPress plugin before 1.8.3 
does no ...)
@@ -17186,7 +17186,7 @@ CVE-2022-2084 [logged schema failures can include 
password hashes]
        NOTE: 
https://github.com/canonical/cloud-init/commit/4d467b14363d800b2185b89790d57871f11ea88c
        NOTE: https://bugs.launchpad.net/cloud-init/+bug/1978422
 CVE-2022-2083 (The Simple Single Sign On WordPress plugin through 4.1.0 leaks 
its OAu ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-33329 (Multiple command injection vulnerabilities exist in the 
web_server aja ...)
        NOT-FOR-US: Robustel R1510
 CVE-2022-33328 (Multiple command injection vulnerabilities exist in the 
web_server aja ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f887d2ccbb88072b254a73ca96ec7b041c4a7c5d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f887d2ccbb88072b254a73ca96ec7b041c4a7c5d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to