Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4da1e1de by Salvatore Bonaccorso at 2022-10-04T21:59:54+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6063,7 +6063,7 @@ CVE-2022-39844 (Improper validation of integrity check
vulnerability in Smart Sw
CVE-2022-3133 (OS Command Injection in GitHub repository jgraph/drawio prior
to 20.3. ...)
NOT-FOR-US: jgraph/drawio
CVE-2022-3132 (The Goolytics WordPress plugin before 1.1.2 does not sanitise
and esca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3131
RESERVED
CVE-2022-3130 (A vulnerability classified as critical has been found in
codeprojects ...)
@@ -6071,15 +6071,15 @@ CVE-2022-3130 (A vulnerability classified as critical
has been found in codeproj
CVE-2022-3129 (A vulnerability was found in codeprojects Online Driving
School. It ha ...)
NOT-FOR-US: codeprojects Online Driving School
CVE-2022-3128 (The Donation Thermometer WordPress plugin before 2.1.3 does not
saniti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3127 (Cross-site Scripting (XSS) - Stored in GitHub repository
jgraph/drawio ...)
NOT-FOR-US: jgraph/drawio
CVE-2022-3126
RESERVED
CVE-2022-3125 (The Frontend File Manager Plugin WordPress plugin before 21.3
allows a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3124 (The Frontend File Manager Plugin WordPress plugin before 21.3
allows a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3123 (Cross-site Scripting (XSS) - Reflected in GitHub repository
splitbrain ...)
- dokuwiki <not-affected> (Vulnerable code introduced later)
NOTE: https://huntr.dev/bounties/d72a979b-57db-4201-9500-66b49a5c1345/
@@ -10110,7 +10110,7 @@ CVE-2022-2841 (A vulnerability was found in CrowdStrike
Falcon 6.31.14505.0/6.42
CVE-2022-2840 (The Zephyr Project Manager WordPress plugin before 3.2.5 does
not sani ...)
NOT-FOR-US: WordPress plugin
CVE-2022-2839 (The Zephyr Project Manager WordPress plugin before 3.2.55 does
not hav ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-2838 (In Eclipse Sphinx™ before version 0.13.1, Apache Xerces
XML Pars ...)
NOT-FOR-US: Eclipse Sphinx
CVE-2022-2837
@@ -10708,7 +10708,7 @@ CVE-2022-2764 (A flaw was found in Undertow. Denial of
service can be achieved a
- undertow <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2117506
CVE-2022-2763 (The WP Socializer WordPress plugin before 7.3 does not sanitise
and es ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-2762
RESERVED
CVE-2022-2761
@@ -12755,7 +12755,7 @@ CVE-2022-2630
CVE-2022-2629
RESERVED
CVE-2022-2628 (The DSGVO All in one for WP WordPress plugin before 4.2 does
not sanit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-2627
RESERVED
CVE-2022-2626 (Incorrect Privilege Assignment in GitHub repository
hestiacp/hestiacp ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4da1e1de68b02e127dd6b2b5a90e50bf3c26933a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4da1e1de68b02e127dd6b2b5a90e50bf3c26933a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
