[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Thu, 15 Dec 2022 05:40:56 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
34e5c37f by Moritz Muehlenhoff at 2022-12-15T14:40:24+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -75,31 +75,31 @@ CVE-2022-47413
 CVE-2022-47412
        RESERVED
 CVE-2022-47411 (An issue was discovered in the fp_newsletter (aka Newsletter 
subscribe ...)
-       TODO: check
+       NOT-FOR-US: TYPO3 extension
 CVE-2022-47410 (An issue was discovered in the fp_newsletter (aka Newsletter 
subscribe ...)
-       TODO: check
+       NOT-FOR-US: TYPO3 extension
 CVE-2022-47409 (An issue was discovered in the fp_newsletter (aka Newsletter 
subscribe ...)
-       TODO: check
+       NOT-FOR-US: TYPO3 extension
 CVE-2022-47408 (An issue was discovered in the fp_newsletter (aka Newsletter 
subscribe ...)
-       TODO: check
+       NOT-FOR-US: TYPO3 extension
 CVE-2022-47407 (An issue was discovered in the fp_masterquiz (aka Master-Quiz) 
extensi ...)
-       TODO: check
+       NOT-FOR-US: TYPO3 extension
 CVE-2022-47406 (An issue was discovered in the fe_change_pwd (aka Change 
password for  ...)
-       TODO: check
+       NOT-FOR-US: TYPO3 extension
 CVE-2022-4508
        RESERVED
 CVE-2022-4507
        RESERVED
 CVE-2022-4506 (Unrestricted Upload of File with Dangerous Type in GitHub 
repository o ...)
-       TODO: check
+       NOT-FOR-US: OpenEMR
 CVE-2022-4505 (Improper Access Control in GitHub repository openemr/openemr 
prior to  ...)
-       TODO: check
+       NOT-FOR-US: OpenEMR
 CVE-2022-4504 (Improper Input Validation in GitHub repository openemr/openemr 
prior t ...)
-       TODO: check
+       NOT-FOR-US: OpenEMR
 CVE-2022-4503 (Cross-site Scripting (XSS) - Generic in GitHub repository 
openemr/open ...)
-       TODO: check
+       NOT-FOR-US: OpenEMR
 CVE-2022-4502 (Cross-site Scripting (XSS) - Reflected in GitHub repository 
openemr/op ...)
-       TODO: check
+       NOT-FOR-US: OpenEMR
 CVE-2022-4501 (The Mega Addons plugin for WordPress is vulnerable to 
authorization by ...)
        NOT-FOR-US: Mega Addons plugin for WordPress
 CVE-2022-47405
@@ -135,7 +135,7 @@ CVE-2022-4496
 CVE-2022-4495 (A vulnerability, which was classified as problematic, has been 
found i ...)
        NOT-FOR-US: collective.dms.basecontent
 CVE-2022-4494 (A vulnerability, which was classified as critical, has been 
found in b ...)
-       TODO: check
+       NOT-FOR-US: MCPMappingViewer
 CVE-2022-4493 (A vulnerability classified as critical was found in scifio. 
Affected b ...)
        NOT-FOR-US: SCIFIO (SCientific Image Format Input & Output)
 CVE-2022-4492
@@ -459,9 +459,9 @@ CVE-2022-47372
 CVE-2022-4457
        RESERVED
 CVE-2022-4456 (A vulnerability has been found in falling-fruit and classified 
as prob ...)
-       TODO: check
+       NOT-FOR-US: falling-fruit
 CVE-2022-4455 (A vulnerability, which was classified as problematic, was found 
in spr ...)
-       TODO: check
+       NOT-FOR-US: sproctor php-calendar
 CVE-2022-4454 (A vulnerability, which was classified as critical, has been 
found in m ...)
        NOT-FOR-US: m0ver bible-online
 CVE-2022-4453
@@ -479,7 +479,7 @@ CVE-2022-4448
 CVE-2022-4447
        RESERVED
 CVE-2022-4446 (PHP Remote File Inclusion in GitHub repository tsolucio/corebos 
prior  ...)
-       TODO: check
+       NOT-FOR-US: Corebos
 CVE-2022-4445
        RESERVED
 CVE-2022-4444 (A vulnerability was found in ipti br.tag. It has been declared 
as prob ...)
@@ -1783,11 +1783,11 @@ CVE-2022-4378
 CVE-2022-46835
        RESERVED
 CVE-2022-46834 (Use of a Broken or Risky Cryptographic Algorithm in SICK 
RFU65x firmwa ...)
-       TODO: check
+       NOT-FOR-US: SICK
 CVE-2022-46833 (Use of a Broken or Risky Cryptographic Algorithm in SICK 
RFU63x firmwa ...)
-       TODO: check
+       NOT-FOR-US: SICK
 CVE-2022-46832 (Use of a Broken or Risky Cryptographic Algorithm in SICK 
RFU62x firmwa ...)
-       TODO: check
+       NOT-FOR-US: SICK
 CVE-2022-4375 (A vulnerability was found in Mingsoft MCMS up to 5.2.9. It has 
been cl ...)
        NOT-FOR-US: Mingsoft MCMS
 CVE-2022-4374
@@ -3758,9 +3758,9 @@ CVE-2022-46258
 CVE-2022-46257
        RESERVED
 CVE-2022-46256 (A path traversal vulnerability was identified in GitHub 
Enterprise Ser ...)
-       TODO: check
+       NOT-FOR-US: GitHub Enterprise Server
 CVE-2022-46255 (An improper limitation of a pathname to a restricted directory 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: GitHub Enterprise Server
 CVE-2022-46254
        RESERVED
 CVE-2022-46253
@@ -4652,7 +4652,7 @@ CVE-2022-45873 (systemd 250 and 251 allows local users to 
achieve a systemd-core
 CVE-2022-45872 (iTerm2 before 3.4.18 mishandles a DECRQSS response. ...)
        NOT-FOR-US: iTerm2
 CVE-2022-45871 (A Denial-of-Service (DoS) vulnerability was discovered in the 
fsicapd  ...)
-       TODO: check
+       NOT-FOR-US: WithSecure
 CVE-2022-45870
        RESERVED
 CVE-2022-45869 (A race condition in the x86 KVM subsystem in the Linux kernel 
through  ...)
@@ -5115,11 +5115,11 @@ CVE-2022-45692
 CVE-2022-45691
        RESERVED
 CVE-2022-45690 (A stack overflow in the 
org.json.JSONTokener.nextValue::JSONTokener.ja ...)
-       TODO: check
+       NOT-FOR-US: hutool-json
 CVE-2022-45689 (hutool-json v5.8.10 was discovered to contain an out of memory 
error. ...)
-       TODO: check
+       NOT-FOR-US: hutool-json
 CVE-2022-45688 (A stack overflow in the XML.toJSONObject component of 
hutool-json v5.8 ...)
-       TODO: check
+       NOT-FOR-US: hutool-json
 CVE-2022-45687
        RESERVED
 CVE-2022-45686
@@ -6964,7 +6964,7 @@ CVE-2022-45136 (** UNSUPPORTED WHEN ASSIGNED ** Apache 
Jena SDB 3.17.0 and earli
 CVE-2022-45135
        RESERVED
 CVE-2022-43668 (Typora versions prior to 1.4.4 fails to properly neutralize 
JavaScript ...)
-       TODO: check
+       NOT-FOR-US: Typora
 CVE-2022-3932
        RESERVED
 CVE-2022-3931
@@ -7122,7 +7122,7 @@ CVE-2022-3919 (The Jetpack CRM WordPress plugin before 
5.4.3 does not sanitise a
 CVE-2022-3918
        RESERVED
 CVE-2022-3917 (Improper access control of bootloader function was discovered 
in Motor ...)
-       TODO: check
+       NOT-FOR-US: Motorola
 CVE-2022-3916
        RESERVED
        NOT-FOR-US: Keycloak
@@ -7329,7 +7329,7 @@ CVE-2022-45035
 CVE-2022-45034
        RESERVED
 CVE-2022-45033 (A cross-site scripting (XSS) vulnerability in Expense Tracker 
1.0 allo ...)
-       TODO: check
+       NOT-FOR-US: Expense Tracker
 CVE-2022-45032
        RESERVED
 CVE-2022-45031



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/34e5c37f46f12e374e15629fb53729ac5979cd20

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/34e5c37f46f12e374e15629fb53729ac5979cd20
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to