[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Wed, 26 Oct 2022 01:23:07 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
378bfa24 by Salvatore Bonaccorso at 2022-10-26T10:22:31+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3922,15 +3922,15 @@ CVE-2022-3397 (OMRON CX-Programmer 9.78 and prior is 
vulnerable to an Out-of-Bou
 CVE-2022-3396 (OMRON CX-Programmer 9.78 and prior is vulnerable to an 
Out-of-Bounds W ...)
        NOT-FOR-US: OMRON CX-Programmer
 CVE-2022-3395 (The WP All Export Pro WordPress plugin before 1.7.9 uses the 
contents  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-3394 (The WP All Export Pro WordPress plugin before 1.7.9 does not 
limit som ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-3393 (The Post to CSV by BestWebSoft WordPress plugin through 1.4.0 
does not ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-3392 (The WP Humans.txt WordPress plugin through 1.0.6 does not 
sanitise and ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-3391 (The Retain Live Chat WordPress plugin through 0.1 does not 
sanitise an ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-42251
        RESERVED
 CVE-2022-42250 (Simple Cold Storage Management System v1.0 is vulnerable to 
SQL inject ...)
@@ -5215,7 +5215,7 @@ CVE-2022-3352 (Use After Free in GitHub repository 
vim/vim prior to 9.0.0614. ..
 CVE-2022-3351 (An issue has been discovered in GitLab EE affecting all 
versions start ...)
        - gitlab <not-affected> (Only affects Gitlab EE)
 CVE-2022-3350 (The Contact Bank WordPress plugin through 3.0.30 does not 
sanitise and ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-3349 (A vulnerability was found in Sony PS4 and PS5. It has been 
classified  ...)
        NOT-FOR-US: Sony
 CVE-2022-3348 (Just like in the previous report, an attacker could steal the 
account  ...)
@@ -5464,7 +5464,7 @@ CVE-2022-3337
 CVE-2022-3336
        RESERVED
 CVE-2022-3335 (The Kadence WooCommerce Email Designer WordPress plugin before 
1.5.7 u ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-3334
        RESERVED
 CVE-2022-3333 (A vulnerability, which was classified as problematic, was found 
in Zep ...)
@@ -5644,11 +5644,11 @@ CVE-2022-3303 (A race condition flaw was found in the 
Linux kernel sound subsyst
        - linux 5.19.11-1
        NOTE: 
https://git.kernel.org/linus/8423f0b6d513b259fdab9c9bf4aaa6188d054c2d (6.0-rc5)
 CVE-2022-3302 (The Spam protection, AntiSpam, FireWall by CleanTalk WordPress 
plugin  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-3301 (Improper Cleanup on Thrown Exception in GitHub repository 
ikus060/rdif ...)
        - rdiffweb <itp> (bug #969974)
 CVE-2022-3300 (The Form Maker by 10Web WordPress plugin before 1.15.6 does not 
proper ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-41553
        RESERVED
 CVE-2022-41552
@@ -6665,9 +6665,9 @@ CVE-2022-3249
 CVE-2022-3248
        RESERVED
 CVE-2022-3247 (The Blog2Social: Social Media Auto Post &amp; Scheduler 
WordPress plug ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-3246 (The Blog2Social: Social Media Auto Post &amp; Scheduler 
WordPress plug ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-3245 (HTML injection attack is closely related to Cross-site 
Scripting (XSS) ...)
        NOT-FOR-US: microweber
 CVE-2022-3244 (The Import all XML, CSV &amp; TXT WordPress plugin before 6.5.8 
does n ...)
@@ -11182,7 +11182,7 @@ CVE-2022-3099 (Use After Free in GitHub repository 
vim/vim prior to 9.0.0360. ..
 CVE-2022-3098 (The Login Block IPs WordPress plugin through 1.0.0 does not 
have CSRF  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-3097 (The LBStopAttack WordPress plugin through 1.1.2 does not use 
nonces wh ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-3096
        RESERVED
 CVE-2022-3095
@@ -14442,7 +14442,7 @@ CVE-2022-2764 (A flaw was found in Undertow. Denial of 
service can be achieved a
 CVE-2022-2763 (The WP Socializer WordPress plugin before 7.3 does not sanitise 
and es ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-2762 (The AdminPad WordPress plugin before 2.2 does not have CSRF 
check when ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-2761
        RESERVED
 CVE-2022-2760 (In affected versions of Octopus Deploy it is possible to reveal 
the Sp ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/378bfa24e2578b7bbcbb12ddfd3303c4ca4ae586

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/378bfa24e2578b7bbcbb12ddfd3303c4ca4ae586
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to