[Git][security-tracker-team/security-tracker][master] Process some NFUs

Neil Williams (@codehelp) codehelp at debian.org
Wed Apr 6 14:19:05 BST 2022



Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ee7eaafb by Neil Williams at 2022-04-06T14:18:41+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1184,19 +1184,19 @@ CVE-2022-1172 (Null Pointer Dereference Caused Segmentation Fault in GitHub repo
 CVE-2022-1171
 	RESERVED
 CVE-2022-1170 (In the Noo JobMonster WordPress theme before 4.5.2.9 JobMonster there  ...)
-	TODO: check
+	NOT-FOR-US: Wordpress theme
 CVE-2022-1169 (There is a XSS vulnerability in Careerfy. ...)
-	TODO: check
+	NOT-FOR-US: Wordpress theme
 CVE-2022-1168 (There is a Cross-Site Scripting vulnerability in the JobSearch WP JobS ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-1167 (There are unauthenticated reflected Cross-Site Scripting (XSS) vulnera ...)
 	TODO: check
 CVE-2022-1166 (The JobMonster Theme was vulnerable to Directory Listing in the /wp-co ...)
-	TODO: check
+	NOT-FOR-US: Wordpress theme
 CVE-2022-1165 (The Blackhole for Bad Bots WordPress plugin before 3.3.2 uses headers  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-1164 (The Wyzi Theme was affected by reflected XSS vulnerabilities in the bu ...)
-	TODO: check
+	NOT-FOR-US: Wordpress theme
 CVE-2022-28219
 	RESERVED
 CVE-2022-28218
@@ -12599,7 +12599,7 @@ CVE-2022-0407 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to
 CVE-2022-24112 (An attacker can abuse the batch-requests plugin to send requests to by ...)
 	NOT-FOR-US: Apache APISIX
 CVE-2022-0406 (Improper Authorization in GitHub repository janeczku/calibre-web prior ...)
-	TODO: check
+	NOT-FOR-US: calibre-web
 CVE-2022-0405 (Improper Access Control in GitHub repository janeczku/calibre-web prio ...)
 	NOT-FOR-US: calibre-web
 CVE-2022-0404 (The Material Design for Contact Form 7 WordPress plugin through 2.6.4  ...)
@@ -42812,7 +42812,7 @@ CVE-2021-38836
 CVE-2021-38835
 	RESERVED
 CVE-2021-38834 (easy-mock v1.5.0-v1.6.0 allows remote attackers to bypass the vm2 sand ...)
-	TODO: check
+	NOT-FOR-US: easy-mock
 CVE-2021-38833 (SQL injection vulnerability in PHPGurukul Apartment Visitors Managemen ...)
 	NOT-FOR-US: PHPGurukul Apartment Visitors Management System (AVMS)
 CVE-2021-38832



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee7eaafb5b78065b93d2baf1b91a9148387251a1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee7eaafb5b78065b93d2baf1b91a9148387251a1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220406/c0e40039/attachment.htm>


More information about the debian-security-tracker-commits mailing list