Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8dbf76de by Moritz Muehlenhoff at 2022-11-14T16:21:32+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -14,7 +14,7 @@ CVE-2022-3979 (A vulnerability was found in NagVis up to
1.9.33 and classified a
[bullseye] - nagvis <no-dsa> (Minor issue)
NOTE:
https://github.com/NagVis/nagvis/commit/7574fd8a2903282c2e0d1feef5c4876763db21d5
(nagvis-1.9.34)
CVE-2022-3978 (A vulnerability, which was classified as problematic, was found
in Nod ...)
- TODO: check
+ NOT-FOR-US: NodeBB
CVE-2022-3977
RESERVED
- linux 6.0.2-1
@@ -22,7 +22,7 @@ CVE-2022-3977
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/3a732b46736cd8a29092e4b0b1a9ba83e672bf89 (6.1-rc1)
CVE-2022-3976 (A vulnerability has been found in MZ Automation libiec61850 up
to 1.4 ...)
- TODO: check
+ NOT-FOR-US: libIEC61850
CVE-2022-3975 (A vulnerability, which was classified as problematic, has been
found i ...)
NOT-FOR-US: NukeViet CMS
CVE-2022-3974 (A vulnerability classified as critical was found in Axiomatic
Bento4. ...)
@@ -32,7 +32,7 @@ CVE-2022-3973 (A vulnerability classified as critical has
been found in Pingkon
CVE-2022-3972 (A vulnerability was found in Pingkon HMS-PHP. It has been rated
as cri ...)
NOT-FOR-US: Pingkon HMS-PHP
CVE-2022-3971 (A vulnerability was found in matrix-appservice-irc up to
0.35.1. It ha ...)
- TODO: check
+ NOT-FOR-US: matrix-appservice-irc
CVE-2022-3970 (A vulnerability was found in LibTIFF. It has been classified as
critic ...)
- tiff <unfixed>
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53137
@@ -53,11 +53,11 @@ CVE-2022-3964 (A vulnerability classified as problematic
has been found in ffmpe
CVE-2022-45197
RESERVED
CVE-2022-45196 (Hyperledger Fabric 2.3 allows attackers to cause a denial of
service ( ...)
- TODO: check
+ NOT-FOR-US: Hyperledger Fabric
CVE-2022-45195 (SimpleXMQ before 3.4.0, as used in SimpleX Chat before 4.2,
does not a ...)
- TODO: check
+ NOT-FOR-US: SimpleXMQ
CVE-2022-3963 (A vulnerability was found in gnuboard5. It has been classified
as prob ...)
- TODO: check
+ NOT-FOR-US: Gnuboard
CVE-2022-45194 (CBRN-Analysis before 22 allows XXE attacks via am mws XML
document, le ...)
NOT-FOR-US: CBRN-Analysis
CVE-2022-45193 (CBRN-Analysis before 22 has weak file permissions under Public
Profile ...)
@@ -82,7 +82,7 @@ CVE-2022-45185
CVE-2022-45184
RESERVED
CVE-2022-45183 (Escalation of privileges in the Web Server in Ironman Software
PowerSh ...)
- TODO: check
+ NOT-FOR-US: Ironman
CVE-2022-45182 (Pi-Star_DV_Dash (for Pi-Star DV) before 5aa194d mishandles the
module ...)
NOT-FOR-US: Pi-Star_DV_Dash (for Pi-Star DV)
CVE-2022-45181
@@ -162,7 +162,7 @@ CVE-2022-45148
CVE-2022-45147
RESERVED
CVE-2022-3959 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: Drogon
CVE-2022-3958
RESERVED
CVE-2022-3957 (A vulnerability classified as problematic was found in GPAC.
Affected ...)
@@ -196,7 +196,7 @@ CVE-2022-3947 (A vulnerability classified as critical has
been found in eolinker
CVE-2022-3946
RESERVED
CVE-2022-3945 (Improper Restriction of Excessive Authentication Attempts in
GitHub re ...)
- TODO: check
+ NOT-FOR-US: Kavita
CVE-2022-3944 (A vulnerability was found in jerryhanjj ERP. It has been
declared as c ...)
NOT-FOR-US: jerryhanjj ERP
CVE-2022-3943 (A vulnerability was found in ForU CMS. It has been classified
as probl ...)
@@ -210,11 +210,11 @@ CVE-2022-45145
CVE-2022-45144
RESERVED
CVE-2022-3941 (A vulnerability has been found in Activity Log Plugin and
classified a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2022-3940 (A vulnerability, which was classified as problematic, was found
in lan ...)
- TODO: check
+ NOT-FOR-US: lanyulei ferry
CVE-2022-3939 (A vulnerability, which was classified as critical, has been
found in l ...)
- TODO: check
+ NOT-FOR-US: lanyulei ferry
CVE-2022-3938
RESERVED
CVE-2022-3937
@@ -6646,7 +6646,7 @@ CVE-2022-43680 (In libexpat through 2.4.9, there is a
use-after free caused by o
NOTE: Fixed by:
https://github.com/libexpat/libexpat/commit/5290462a7ea1278a8d5c0d5b2860d4e244f997e4
(R_2_5_0)
NOTE: Testcase:
https://github.com/libexpat/libexpat/commit/43992e4ae25fc3dc0eec0cd3a29313555d56aee2
(R_2_5_0)
CVE-2022-43679 (The Docker image of ownCloud Server through 10.11 contains a
misconfig ...)
- TODO: check
+ NOT-FOR-US: Docker image of ownCloud Server
CVE-2022-43678
RESERVED
CVE-2022-43677 (In free5GC 3.2.1, a malformed NGAP message can crash the AMF
and NGAP ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8dbf76deb3f1a47f8a815a2c7bc805522889a844
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8dbf76deb3f1a47f8a815a2c7bc805522889a844
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
