[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Fri, 16 Dec 2022 04:50:26 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2c230134 by Moritz Muehlenhoff at 2022-12-16T13:49:51+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -39,21 +39,21 @@ CVE-2022-4529
 CVE-2022-4528
        RESERVED
 CVE-2022-4527 (A vulnerability was found in collective.task up to 3.0.9. It 
has been  ...)
-       TODO: check
+       NOT-FOR-US: collective.task
 CVE-2022-4526 (A vulnerability was found in django-photologue up to 3.15.1 and 
classi ...)
-       TODO: check
+       NOT-FOR-US: django-photologue
 CVE-2022-4525 (A vulnerability has been found in National Sleep Research 
Resource sle ...)
-       TODO: check
+       NOT-FOR-US: National Sleep Research Resource
 CVE-2022-4524 (A vulnerability, which was classified as problematic, was found 
in Roo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-4523 (A vulnerability, which was classified as problematic, has been 
found i ...)
-       TODO: check
+       NOT-FOR-US: Virtual Exim 2
 CVE-2022-4522 (A vulnerability classified as problematic was found in 
CalendarXP up t ...)
-       TODO: check
+       NOT-FOR-US: CalenderXP
 CVE-2022-4521 (A vulnerability classified as problematic has been found in 
WSO2 carbo ...)
-       TODO: check
+       NOT-FOR-US: WSO carbon-registry
 CVE-2022-4520 (A vulnerability was found in WSO2 carbon-registry up to 4.8.11. 
It has ...)
-       TODO: check
+       NOT-FOR-US: WSO carbon-registry
 CVE-2022-4519 (The WP User plugin for WordPress is vulnerable to Stored 
Cross-Site Sc ...)
        NOT-FOR-US: WP User plugin for WordPress
 CVE-2022-4518
@@ -198,13 +198,13 @@ CVE-2022-4516
 CVE-2022-4515
        RESERVED
 CVE-2022-4514 (A vulnerability, which was classified as problematic, was found 
in Ope ...)
-       TODO: check
+       NOT-FOR-US: OpenCaching oc-server3
 CVE-2022-4513 (A vulnerability, which was classified as problematic, has been 
found i ...)
-       TODO: check
+       NOT-FOR-US: European Environment Agency eionet.contreg
 CVE-2022-4512
        RESERVED
 CVE-2022-4511 (A vulnerability has been found in RainyGao DocSys and 
classified as cr ...)
-       TODO: check
+       NOT-FOR-US: RainyGao DocSys
 CVE-2022-4510
        RESERVED
 CVE-2022-4509
@@ -214,7 +214,7 @@ CVE-2022-43494
 CVE-2022-38469
        RESERVED
 CVE-2021-4245 (A vulnerability classified as problematic has been found in 
chbrown rf ...)
-       TODO: check
+       NOT-FOR-US: rfc6902
 CVE-2022-47449
        RESERVED
 CVE-2022-47448
@@ -2458,33 +2458,33 @@ CVE-2022-46704
 CVE-2022-46703
        RESERVED
 CVE-2022-46702 (The issue was addressed with improved memory handling. This 
issue is f ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2022-46701 (The issue was addressed with improved bounds checks. This 
issue is fix ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2022-46700 (A memory corruption issue was addressed with improved input 
validation ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2022-46699 (A memory corruption issue was addressed with improved state 
management ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2022-46698 (A logic issue was addressed with improved checks. This issue 
is fixed  ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2022-46697 (An out-of-bounds access issue was addressed with improved 
bounds check ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2022-46696 (A memory corruption issue was addressed with improved input 
validation ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2022-46695 (A spoofing issue existed in the handling of URLs. This issue 
was addre ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2022-46694 (An out-of-bounds write issue was addressed with improved input 
validat ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2022-46693 (An out-of-bounds write issue was addressed with improved input 
validat ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2022-46692 (A logic issue was addressed with improved state management. 
This issue ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2022-46691 (A memory consumption issue was addressed with improved memory 
handling ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2022-46690 (An out-of-bounds write issue was addressed with improved input 
validat ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2022-46689 (A race condition was addressed with additional validation. 
This issue  ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2022-46688 (A cross-site request forgery (CSRF) vulnerability in Jenkins 
Sonar Ger ...)
        NOT-FOR-US: Jenkins plugin
 CVE-2022-46687 (Jenkins Spring Config Plugin 2.0.0 and earlier does not escape 
build d ...)
@@ -4626,7 +4626,7 @@ CVE-2022-45971
 CVE-2022-45970 (Alist v3.5.1 is vulnerable to Cross Site Scripting (XSS) via 
the bulle ...)
        NOT-FOR-US: Alist
 CVE-2022-45969 (Alist v3.4.0 is vulnerable to Directory Traversal, ...)
-       TODO: check
+       NOT-FOR-US: Alist
 CVE-2022-45968 (Alist v3.4.0 is vulnerable to File Upload. A user with only 
file uploa ...)
        NOT-FOR-US: Alist
 CVE-2022-45967
@@ -6601,7 +6601,7 @@ CVE-2022-45340
 CVE-2022-45339
        RESERVED
 CVE-2022-45338 (An arbitrary file upload vulnerability in the profile picture 
upload f ...)
-       TODO: check
+       NOT-FOR-US: Exact Synergy Enterprise
 CVE-2022-45337 (Tenda TX9 Pro v22.03.02.10 was discovered to contain a stack 
overflow  ...)
        NOT-FOR-US: Tenda
 CVE-2022-45336
@@ -7562,9 +7562,9 @@ CVE-2022-45028 (A cross-site scripting (XSS) 
vulnerability in Arris NVG443B 9.3.
 CVE-2022-45027
        RESERVED
 CVE-2022-45026 (An issue in Markdown Preview Enhanced v0.6.5 and v0.19.6 for 
VSCode an ...)
-       TODO: check
+       NOT-FOR-US: Markdown Preview Enhanced
 CVE-2022-45025 (Markdown Preview Enhanced v0.6.5 and v0.19.6 for VSCode and 
Atom was d ...)
-       TODO: check
+       NOT-FOR-US: Markdown Preview Enhanced
 CVE-2022-45024
        RESERVED
 CVE-2022-45023
@@ -9431,7 +9431,7 @@ CVE-2022-44645
 CVE-2022-44644
        RESERVED
 CVE-2022-3853 (Cross-site Scripting (XSS) is a client-side code injection 
attack. The ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2022-3852 (The VR Calendar plugin for WordPress is vulnerable to 
Cross-Site Reque ...)
        NOT-FOR-US: VR Calendar plugin for WordPress
 CVE-2022-3851



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c230134d8c1257561d2c549de0da96be225d817

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c230134d8c1257561d2c549de0da96be225d817
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to