[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Mon, 07 Nov 2022 12:14:37 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d3dfd7f9 by Salvatore Bonaccorso at 2022-11-07T21:13:23+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7920,7 +7920,7 @@ CVE-2022-3559 (A vulnerability was found in Exim and 
classified as problematic.
        [buster] - exim4 <no-dsa> (Minor issue)
        NOTE: 
https://git.exim.org/exim.git/commit/4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2
 CVE-2022-3558 (The Import and export users and customers WordPress plugin 
before 1.20 ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-3557
        RESERVED
 CVE-2022-3556
@@ -7980,9 +7980,9 @@ CVE-2022-3539
 CVE-2022-3538
        RESERVED
 CVE-2022-3537 (The Role Based Pricing for WooCommerce WordPress plugin before 
1.6.2 d ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-3536 (The Role Based Pricing for WooCommerce WordPress plugin before 
1.6.3 d ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-42986
        RESERVED
 CVE-2022-42985
@@ -8323,7 +8323,7 @@ CVE-2022-3496 (A vulnerability was found in 
SourceCodester Human Resource Manage
 CVE-2022-3495 (A vulnerability has been found in SourceCodester Simple Online 
Public  ...)
        NOT-FOR-US: SourceCodester
 CVE-2022-3494 (The Complianz WordPress plugin before 6.3.4, and Complianz 
Premium Wor ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-3493 (A vulnerability, which was classified as problematic, has been 
found i ...)
        NOT-FOR-US: SourceCodester Human Resource Management System
 CVE-2022-3492 (A vulnerability classified as critical was found in 
SourceCodester Hum ...)
@@ -8333,7 +8333,7 @@ CVE-2022-3491
 CVE-2022-3490
        RESERVED
 CVE-2022-3489 (The WP Hide WordPress plugin through 0.0.2 does not have 
authorisation ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-3488
        RESERVED
 CVE-2022-3487
@@ -8351,7 +8351,7 @@ CVE-2022-3483
 CVE-2022-3482
        RESERVED
 CVE-2022-3481 (The WooCommerce Dropshipping WordPress plugin before 4.4 does 
not prop ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-3480
        RESERVED
 CVE-2022-3479 (A vulnerability found in nss. By this security vulnerability, 
nss clie ...)
@@ -8443,9 +8443,9 @@ CVE-2022-3465 (A vulnerability classified as critical was 
found in Mediabridge M
 CVE-2022-3464 (A vulnerability classified as problematic has been found in 
puppyCMS u ...)
        NOT-FOR-US: puppyCMS
 CVE-2022-3463 (The Contact Form Plugin WordPress plugin before 4.3.13 does not 
valida ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-3462 (The Highlight Focus WordPress plugin through 1.1 does not 
sanitise and ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-42889 (Apache Commons Text performs variable interpolation, allowing 
properti ...)
        - commons-text 1.10.0-1 (bug #1021787)
        NOTE: https://www.openwall.com/lists/oss-security/2022/10/13/4
@@ -8784,7 +8784,7 @@ CVE-2022-42736
 CVE-2022-41797 (Improper authorization in handler for custom URL scheme 
vulnerability  ...)
        NOT-FOR-US: Lemon8 App
 CVE-2022-3451 (The Product Stock Manager WordPress plugin before 1.0.5 does 
not have  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-3450
        RESERVED
        {DSA-5253-1}
@@ -9470,7 +9470,7 @@ CVE-2022-41789
 CVE-2022-41611
        RESERVED
 CVE-2022-3418 (The Import any XML or CSV File to WordPress plugin before 3.6.9 
is not ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-3417
        RESERVED
 CVE-2022-3416
@@ -21323,7 +21323,7 @@ CVE-2022-2713 (Insufficient Session Expiration in 
GitHub repository cockpit-hq/c
 CVE-2022-2712
        RESERVED
 CVE-2022-2711 (The Import any XML or CSV File to WordPress plugin before 3.6.9 
is not ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-2710 (The Scroll To Top WordPress plugin before 1.4.1 does not escape 
some o ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-2709 (The Float to Top Button WordPress plugin through 2.3.6 does not 
escape ...)
@@ -27011,7 +27011,7 @@ CVE-2022-2389 (The Abandoned Cart Recovery for 
WooCommerce, Follow Up Emails, Ne
 CVE-2022-2388 (The WP Coder WordPress plugin before 2.5.3 does not have CSRF 
check in ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-2387 (The Easy Digital Downloads WordPress plugin before 3.0 does not 
have C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-2386 (The Crowdsignal Dashboard WordPress plugin before 3.0.8 does 
not sanit ...)
        NOT-FOR-US: WordPress plugin
 CVE-2022-35648 (Nautilus treadmills T616 S/N 100672PRO21140001 through 
100672PRO211719 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d3dfd7f9ee33363ddac6f363a16fabcf65b6a025

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d3dfd7f9ee33363ddac6f363a16fabcf65b6a025
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to