[Git][security-tracker-team/security-tracker][master] Process some NFUs
Neil Williams (@codehelp)
codehelp at debian.org
Wed Apr 6 14:19:05 BST 2022
Neil Williams pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ee7eaafb by Neil Williams at 2022-04-06T14:18:41+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1184,19 +1184,19 @@ CVE-2022-1172 (Null Pointer Dereference Caused Segmentation Fault in GitHub repo
CVE-2022-1171
RESERVED
CVE-2022-1170 (In the Noo JobMonster WordPress theme before 4.5.2.9 JobMonster there ...)
- TODO: check
+ NOT-FOR-US: Wordpress theme
CVE-2022-1169 (There is a XSS vulnerability in Careerfy. ...)
- TODO: check
+ NOT-FOR-US: Wordpress theme
CVE-2022-1168 (There is a Cross-Site Scripting vulnerability in the JobSearch WP JobS ...)
NOT-FOR-US: WordPress plugin
CVE-2022-1167 (There are unauthenticated reflected Cross-Site Scripting (XSS) vulnera ...)
TODO: check
CVE-2022-1166 (The JobMonster Theme was vulnerable to Directory Listing in the /wp-co ...)
- TODO: check
+ NOT-FOR-US: Wordpress theme
CVE-2022-1165 (The Blackhole for Bad Bots WordPress plugin before 3.3.2 uses headers ...)
NOT-FOR-US: WordPress plugin
CVE-2022-1164 (The Wyzi Theme was affected by reflected XSS vulnerabilities in the bu ...)
- TODO: check
+ NOT-FOR-US: Wordpress theme
CVE-2022-28219
RESERVED
CVE-2022-28218
@@ -12599,7 +12599,7 @@ CVE-2022-0407 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to
CVE-2022-24112 (An attacker can abuse the batch-requests plugin to send requests to by ...)
NOT-FOR-US: Apache APISIX
CVE-2022-0406 (Improper Authorization in GitHub repository janeczku/calibre-web prior ...)
- TODO: check
+ NOT-FOR-US: calibre-web
CVE-2022-0405 (Improper Access Control in GitHub repository janeczku/calibre-web prio ...)
NOT-FOR-US: calibre-web
CVE-2022-0404 (The Material Design for Contact Form 7 WordPress plugin through 2.6.4 ...)
@@ -42812,7 +42812,7 @@ CVE-2021-38836
CVE-2021-38835
RESERVED
CVE-2021-38834 (easy-mock v1.5.0-v1.6.0 allows remote attackers to bypass the vm2 sand ...)
- TODO: check
+ NOT-FOR-US: easy-mock
CVE-2021-38833 (SQL injection vulnerability in PHPGurukul Apartment Visitors Managemen ...)
NOT-FOR-US: PHPGurukul Apartment Visitors Management System (AVMS)
CVE-2021-38832
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee7eaafb5b78065b93d2baf1b91a9148387251a1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee7eaafb5b78065b93d2baf1b91a9148387251a1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220406/c0e40039/attachment.htm>
More information about the debian-security-tracker-commits
mailing list