Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2ef7229c by Salvatore Bonaccorso at 2022-09-30T20:57:17+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15,7 +15,7 @@ CVE-2022-41841 (An issue was discovered in Bento4 through
1.6.0-639. A NULL poin
CVE-2022-41829
RESERVED
CVE-2022-41828 (In Amazon AWS Redshift JDBC Driver (aka
amazon-redshift-jdbc-driver or ...)
- TODO: check
+ NOT-FOR-US: Amazon AWS Redshift JDBC Driver
CVE-2022-41827
RESERVED
CVE-2022-41826
@@ -172,7 +172,7 @@ CVE-2022-3357
CVE-2022-3356
RESERVED
CVE-2022-3355 (Cross-site Scripting (XSS) - Stored in GitHub repository
inventree/inv ...)
- TODO: check
+ NOT-FOR-US: inventree
CVE-2022-41768
RESERVED
CVE-2022-41767 [mediawiki: reassignEdits doesn't update results in an IP range
check on Special:Contributions]
@@ -2362,7 +2362,7 @@ CVE-2022-40881
CVE-2022-40880
RESERVED
CVE-2022-40879 (kkFileView v4.1.0 is vulnerable to Cross Site Scripting (XSS)
via the ...)
- TODO: check
+ NOT-FOR-US: kkFileView
CVE-2022-40878 (In Exam Reviewer Management System 1.0, an authenticated
attacker can ...)
NOT-FOR-US: Exam Reviewer Management System
CVE-2022-40877 (Exam Reviewer Management System 1.0 is vulnerable to SQL
Injection via ...)
@@ -2848,7 +2848,7 @@ CVE-2022-33978
CVE-2022-3216 (A vulnerability has been found in Nintendo Game Boy Color and
classifi ...)
NOT-FOR-US: Nintendo Game Boy Color
CVE-2022-3215 (NIOHTTP1 and projects using it for generating HTTP responses
can be su ...)
- TODO: check
+ NOT-FOR-US: swift-nio
CVE-2022-3214 (Delta Industrial Automation's DIAEnergy, an industrial energy
manageme ...)
NOT-FOR-US: Delta
CVE-2022-3213 (A heap buffer overflow issue was found in ImageMagick. When an
applica ...)
@@ -3604,7 +3604,7 @@ CVE-2022-40365 (Cross site scripting (XSS) vulnerability
in ouqiang gocron throu
CVE-2022-40364
RESERVED
CVE-2022-40363 (A buffer overflow in the component
nfc_device_load_mifare_ul_data of F ...)
- TODO: check
+ NOT-FOR-US: Flipper Devices
CVE-2022-40362
RESERVED
CVE-2022-40361
@@ -4199,7 +4199,7 @@ CVE-2022-3137
CVE-2022-3136
RESERVED
CVE-2022-40126 (A misconfiguration in the Service Mode profile directory of
Clash for ...)
- TODO: check
+ NOT-FOR-US: Clash for Windows
CVE-2022-40125
RESERVED
CVE-2022-40124
@@ -4287,7 +4287,7 @@ CVE-2022-40084
CVE-2022-40083 (Labstack Echo v4.8.0 was discovered to contain an open
redirect vulner ...)
NOT-FOR-US: Labstack Echo
CVE-2022-40082 (Hertz v0.3.0 ws discovered to contain a path traversal
vulnerability v ...)
- TODO: check
+ NOT-FOR-US: Hertz
CVE-2022-40081
RESERVED
CVE-2022-40080
@@ -4351,11 +4351,11 @@ CVE-2022-40052
CVE-2022-40051
RESERVED
CVE-2022-40050 (ZFile v4.1.1 was discovered to contain an arbitrary file
upload vulner ...)
- TODO: check
+ NOT-FOR-US: ZFile
CVE-2022-40049
RESERVED
CVE-2022-40048 (Flatpress v1.2.1 was discovered to contain a remote code
execution (RC ...)
- TODO: check
+ NOT-FOR-US: Flatpress
CVE-2022-40047
RESERVED
CVE-2022-40046
@@ -6035,7 +6035,7 @@ CVE-2022-39268
CVE-2022-39267
RESERVED
CVE-2022-39266 (isolated-vm is a library for nodejs which gives the user
access to v8' ...)
- TODO: check
+ NOT-FOR-US: isolated-vm
CVE-2022-39265
RESERVED
CVE-2022-39264 (nheko is a desktop client for the Matrix communication
application. Al ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ef7229c8f7fe60a7d06d5e7112bf12a8b53cd44
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ef7229c8f7fe60a7d06d5e7112bf12a8b53cd44
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
