[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue, 01 Nov 2022 14:31:21 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f94fe04f by Salvatore Bonaccorso at 2022-11-01T22:30:34+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11921,9 +11921,9 @@ CVE-2022-40490
 CVE-2022-40489
        RESERVED
 CVE-2022-40488 (ProcessWire v3.0.200 was discovered to contain a Cross-Site 
Request Fo ...)
-       TODO: check
+       NOT-FOR-US: ProcessWire
 CVE-2022-40487 (ProcessWire v3.0.200 was discovered to contain multiple 
cross-site scr ...)
-       TODO: check
+       NOT-FOR-US: ProcessWire
 CVE-2022-40486 (TP Link Archer AX10 V1 Firmware Version 1.3.1 Build 20220401 
Rel. 5745 ...)
        NOT-FOR-US: TP Link
 CVE-2022-40485 (Wedding Planner v1.0 was discovered to contain a SQL injection 
vulnera ...)
@@ -14454,7 +14454,7 @@ CVE-2022-39369
 CVE-2022-39368
        RESERVED
 CVE-2022-39367 (QTIWorks is a software suite for standards-based assessment 
delivery.  ...)
-       TODO: check
+       NOT-FOR-US: QTIWorks
 CVE-2022-39366 (DataHub is an open-source metadata platform. Prior to version 
0.8.45,  ...)
        TODO: check
 CVE-2022-39365 (Pimcore is an open source data and experience management 
platform. Pri ...)
@@ -14565,7 +14565,7 @@ CVE-2022-39315 (Kirby is a Content Management System. 
Prior to versions 3.5.8.2,
 CVE-2022-39314 (Kirby is a flat-file CMS. In versions prior to 3.5.8.2, 
3.6.6.2, 3.7.5 ...)
        NOT-FOR-US: Kirby CMS
 CVE-2022-39313 (Parse Server is an open source backend that can be deployed to 
any inf ...)
-       TODO: check
+       NOT-FOR-US: Node parse-server
 CVE-2022-39312 (Dataease is an open source data visualization analysis tool. 
Dataease  ...)
        TODO: check
 CVE-2022-39311 (GoCD is a continuous delivery server. GoCD helps you automate 
and stre ...)
@@ -14685,7 +14685,7 @@ CVE-2022-39269 (PJSIP is a free and open source 
multimedia communication library
 CVE-2022-39268 (### Impact In a CSRF attack, an innocent end user is tricked 
by an att ...)
        NOT-FOR-US: orchest/orchest
 CVE-2022-39267 (Bifrost is a heterogeneous middleware that synchronizes MySQL, 
MariaDB ...)
-       TODO: check
+       NOT-FOR-US: Bifrost
 CVE-2022-39266 (isolated-vm is a library for nodejs which gives the user 
access to v8' ...)
        NOT-FOR-US: isolated-vm
 CVE-2022-39265 (MyBB is a free and open source forum software. The _Mail 
Settings_ &#8 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f94fe04f4462b1352bcd9c20191140201140732d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f94fe04f4462b1352bcd9c20191140201140732d
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to